Compare revisions

f55cc773 · f55cc773 · f55cc773 · f55cc773 · f55cc773 · f55cc773
--- a/src/main/java/de/thm/arsnova/config/properties/AuthenticationProviderProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/AuthenticationProviderProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.core.style.ToStringCreator;
+
+@ConfigurationProperties(AuthenticationProviderProperties.PREFIX)
+public class AuthenticationProviderProperties {
+	public static final String PREFIX = SecurityProperties.PREFIX + ".authentication-providers";
+
+	public abstract static class Provider {
+		public enum Role {
+			MODERATOR,
+			PARTICIPANT
+		}
+
+		private boolean enabled;
+		private String title;
+		private int order;
+		private Set<Role> allowedRoles;
+
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+
+		public String getTitle() {
+			return title;
+		}
+
+		public void setTitle(final String title) {
+			this.title = title;
+		}
+
+		public int getOrder() {
+			return order;
+		}
+
+		public void setOrder(final int order) {
+			this.order = order;
+		}
+
+		public Set<Role> getAllowedRoles() {
+			return allowedRoles;
+		}
+
+		public void setAllowedRoles(final Set<Role> allowedRoles) {
+			this.allowedRoles = allowedRoles;
+		}
+	}
+
+	public static class Registered extends Provider {
+		private List<String> allowedEmailDomains;
+		private String registrationMailSubject;
+		private String registrationMailBody;
+		private String resetPasswordMailSubject;
+		private String resetPasswordMailBody;
+
+		public List<String> getAllowedEmailDomains() {
+			return allowedEmailDomains;
+		}
+
+		public void setAllowedEmailDomains(final List<String> allowedEmailDomains) {
+			this.allowedEmailDomains = allowedEmailDomains;
+		}
+
+		public String getRegistrationMailSubject() {
+			return registrationMailSubject;
+		}
+
+		public void setRegistrationMailSubject(final String registrationMailSubject) {
+			this.registrationMailSubject = registrationMailSubject;
+		}
+
+		public String getRegistrationMailBody() {
+			return registrationMailBody;
+		}
+
+		public void setRegistrationMailBody(final String registrationMailBody) {
+			this.registrationMailBody = registrationMailBody;
+		}
+
+		public String getResetPasswordMailSubject() {
+			return resetPasswordMailSubject;
+		}
+
+		public void setResetPasswordMailSubject(final String resetPasswordMailSubject) {
+			this.resetPasswordMailSubject = resetPasswordMailSubject;
+		}
+
+		public String getResetPasswordMailBody() {
+			return resetPasswordMailBody;
+		}
+
+		public void setResetPasswordMailBody(final String resetPasswordMailBody) {
+			this.resetPasswordMailBody = resetPasswordMailBody;
+		}
+	}
+
+	public static class Guest extends Provider {
+
+	}
+
+	public static class Ldap extends Provider {
+		private String hostUrl;
+		private String userDnPattern;
+		private String userIdAttribute;
+		private String userSearchFilter;
+		private String userSearchBase;
+		private String managerUserDn;
+		private String managerPassword;
+		private int connectTimeout;
+
+		public String getHostUrl() {
+			return hostUrl;
+		}
+
+		public void setHostUrl(final String hostUrl) {
+			this.hostUrl = hostUrl;
+		}
+
+		public String getUserDnPattern() {
+			return userDnPattern;
+		}
+
+		public void setUserDnPattern(final String userDnPattern) {
+			this.userDnPattern = userDnPattern;
+		}
+
+		public String getUserIdAttribute() {
+			return userIdAttribute;
+		}
+
+		public void setUserIdAttribute(final String userIdAttribute) {
+			this.userIdAttribute = userIdAttribute;
+		}
+
+		public String getUserSearchFilter() {
+			return userSearchFilter;
+		}
+
+		public void setUserSearchFilter(final String userSearchFilter) {
+			this.userSearchFilter = userSearchFilter;
+		}
+
+		public String getUserSearchBase() {
+			return userSearchBase;
+		}
+
+		public void setUserSearchBase(final String userSearchBase) {
+			this.userSearchBase = userSearchBase;
+		}
+
+		public String getManagerUserDn() {
+			return managerUserDn;
+		}
+
+		public void setManagerUserDn(final String managerUserDn) {
+			this.managerUserDn = managerUserDn;
+		}
+
+		public String getManagerPassword() {
+			return managerPassword;
+		}
+
+		public void setManagerPassword(final String managerPassword) {
+			this.managerPassword = managerPassword;
+		}
+
+		public int getConnectTimeout() {
+			return connectTimeout;
+		}
+
+		public void setConnectTimeout(final int connectTimeout) {
+			this.connectTimeout = connectTimeout;
+		}
+	}
+
+	public static class Oidc extends Provider {
+		private String issuer;
+		private String clientId;
+		private String secret;
+
+		public String getIssuer() {
+			return issuer;
+		}
+
+		public void setIssuer(final String issuer) {
+			this.issuer = issuer;
+		}
+
+		public String getClientId() {
+			return clientId;
+		}
+
+		public void setClientId(final String clientId) {
+			this.clientId = clientId;
+		}
+
+		public String getSecret() {
+			return secret;
+		}
+
+		public void setSecret(final String secret) {
+			this.secret = secret;
+		}
+	}
+
+	public static class Saml extends Provider {
+		public static class Idp {
+			private String metaFile;
+
+			public String getMetaFile() {
+				return metaFile;
+			}
+
+			public void setMetaFile(final String metaFile) {
+				this.metaFile = metaFile;
+			}
+		}
+
+		public static class Sp {
+			private String metaFile;
+			private String entityId;
+
+			public String getMetaFile() {
+				return metaFile;
+			}
+
+			public void setMetaFile(final String metaFile) {
+				this.metaFile = metaFile;
+			}
+
+			public String getEntityId() {
+				return entityId;
+			}
+
+			public void setEntityId(final String entityId) {
+				this.entityId = entityId;
+			}
+		}
+
+		public static class Keystore {
+			private String file;
+			private String storePassword;
+			private String keyAlias;
+			private String keyPassword;
+
+			public String getFile() {
+				return file;
+			}
+
+			public void setFile(final String file) {
+				this.file = file;
+			}
+
+			public String getStorePassword() {
+				return storePassword;
+			}
+
+			public void setStorePassword(final String storePassword) {
+				this.storePassword = storePassword;
+			}
+
+			public String getKeyAlias() {
+				return keyAlias;
+			}
+
+			public void setKeyAlias(final String keyAlias) {
+				this.keyAlias = keyAlias;
+			}
+
+			public String getKeyPassword() {
+				return keyPassword;
+			}
+
+			public void setKeyPassword(final String keyPassword) {
+				this.keyPassword = keyPassword;
+			}
+		}
+
+		private boolean enabled;
+		private Idp idp;
+		private Sp sp;
+		private Keystore keystore;
+		private String userIdAttribute;
+		private int assertionConsumerServiceIndex;
+		private int maxAuthenticationLifetime;
+
+		@Override
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		@Override
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+
+		public Idp getIdp() {
+			return idp;
+		}
+
+		public void setIdp(final Idp idp) {
+			this.idp = idp;
+		}
+
+		public Sp getSp() {
+			return sp;
+		}
+
+		public void setSp(final Sp sp) {
+			this.sp = sp;
+		}
+
+		public Keystore getKeystore() {
+			return keystore;
+		}
+
+		public void setKeystore(final Keystore keystore) {
+			this.keystore = keystore;
+		}
+
+		public String getUserIdAttribute() {
+			return userIdAttribute;
+		}
+
+		public void setUserIdAttribute(final String userIdAttribute) {
+			this.userIdAttribute = userIdAttribute;
+		}
+
+		public int getAssertionConsumerServiceIndex() {
+			return assertionConsumerServiceIndex;
+		}
+
+		public void setAssertionConsumerServiceIndex(final int assertionConsumerServiceIndex) {
+			this.assertionConsumerServiceIndex = assertionConsumerServiceIndex;
+		}
+
+		public int getMaxAuthenticationLifetime() {
+			return maxAuthenticationLifetime;
+		}
+
+		public void setMaxAuthenticationLifetime(final int maxAuthenticationLifetime) {
+			this.maxAuthenticationLifetime = maxAuthenticationLifetime;
+		}
+	}
+
+	public static class Cas extends Provider {
+		private String hostUrl;
+
+		public String getHostUrl() {
+			return hostUrl;
+		}
+
+		public void setHostUrl(final String hostUrl) {
+			this.hostUrl = hostUrl;
+		}
+	}
+
+	public static class Oauth extends Provider {
+		private String key;
+		private String secret;
+
+		public String getKey() {
+			return key;
+		}
+
+		public void setKey(final String key) {
+			this.key = key;
+		}
+
+		public String getSecret() {
+			return secret;
+		}
+
+		public void setSecret(final String secret) {
+			this.secret = secret;
+		}
+
+		@Override
+		public String toString() {
+			return new ToStringCreator(this).append("enabled", isEnabled()).append("key", key).toString();
+		}
+	}
+
+	private Registered registered;
+	private Guest guest;
+	private List<Ldap> ldap;
+	private List<Oidc> oidc;
+	private Saml saml;
+	private Cas cas;
+	private Map<String, Oauth> oauth;
+
+	public Registered getRegistered() {
+		return registered;
+	}
+
+	public void setRegistered(final Registered registered) {
+		this.registered = registered;
+	}
+
+	public Guest getGuest() {
+		return guest;
+	}
+
+	public void setGuest(final Guest guest) {
+		this.guest = guest;
+	}
+
+	public List<Ldap> getLdap() {
+		return ldap;
+	}
+
+	public void setLdap(final List<Ldap> ldap) {
+		this.ldap = ldap;
+	}
+
+	public List<Oidc> getOidc() {
+		return oidc;
+	}
+
+	public void setOidc(final List<Oidc> oidc) {
+		this.oidc = oidc;
+	}
+
+	public Saml getSaml() {
+		return saml;
+	}
+
+	public void setSaml(final Saml saml) {
+		this.saml = saml;
+	}
+
+	public Cas getCas() {
+		return cas;
+	}
+
+	public void setCas(final Cas cas) {
+		this.cas = cas;
+	}
+
+	public Map<String, Oauth> getOauth() {
+		return oauth;
+	}
+
+	public void setOauth(final Map<String, Oauth> oauth) {
+		this.oauth = oauth;
+	}
+}
--- a/src/main/java/de/thm/arsnova/config/properties/CouchDbProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/CouchDbProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(CouchDbProperties.PREFIX)
+public class CouchDbProperties {
+	public static final String PREFIX = SystemProperties.PREFIX + ".couchdb";
+	private String host;
+	private int port;
+	private String dbName;
+	private String username;
+	private String password;
+	private String migrateFrom;
+
+	public String getHost() {
+		return host;
+	}
+
+	public void setHost(final String host) {
+		this.host = host;
+	}
+
+	public int getPort() {
+		return port;
+	}
+
+	public void setPort(final int port) {
+		this.port = port;
+	}
+
+	public String getDbName() {
+		return dbName;
+	}
+
+	public void setDbName(final String dbName) {
+		this.dbName = dbName;
+	}
+
+	public String getUsername() {
+		return username;
+	}
+
+	public void setUsername(final String username) {
+		this.username = username;
+	}
+
+	public String getPassword() {
+		return password;
+	}
+
+	public void setPassword(final String password) {
+		this.password = password;
+	}
+
+	public String getMigrateFrom() {
+		return migrateFrom;
+	}
+
+	public void setMigrateFrom(final String migrateFrom) {
+		this.migrateFrom = migrateFrom;
+	}
+}
--- a/src/main/java/de/thm/arsnova/config/properties/FeatureProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/FeatureProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import com.fasterxml.jackson.annotation.JsonView;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+import de.thm.arsnova.model.serialization.View;
+
+@ConfigurationProperties(FeatureProperties.PREFIX)
+public class FeatureProperties {
+	public static final String PREFIX = "features";
+
+	public static class Contents {
+		private boolean enabled;
+		private int answerOptionLimit;
+
+		@JsonView(View.Public.class)
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+
+		@JsonView(View.Public.class)
+		public int getAnswerOptionLimit() {
+			return answerOptionLimit;
+		}
+
+		public void setAnswerOptionLimit(final int answerOptionLimit) {
+			this.answerOptionLimit = answerOptionLimit;
+		}
+	}
+
+	public static class Comments {
+		private boolean enabled;
+
+		@JsonView(View.Public.class)
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+	}
+
+	public static class LiveFeedback {
+		private boolean enabled;
+		private int resetInterval;
+
+		@JsonView(View.Public.class)
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+
+		public int getResetInterval() {
+			return resetInterval;
+		}
+
+		public void setResetInterval(final int resetInterval) {
+			this.resetInterval = resetInterval;
+		}
+	}
+
+	public static class ContentPool {
+		private boolean enabled;
+
+		@JsonView(View.Public.class)
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+	}
+
+	private Contents contents;
+	private Comments comments;
+	private LiveFeedback liveFeedback;
+	private ContentPool contentPool;
+
+	@JsonView(View.Public.class)
+	public Contents getContents() {
+		return contents;
+	}
+
+	public void setContents(final Contents contents) {
+		this.contents = contents;
+	}
+
+	@JsonView(View.Public.class)
+	public Comments getComments() {
+		return comments;
+	}
+
+	public void setComments(final Comments comments) {
+		this.comments = comments;
+	}
+
+	@JsonView(View.Public.class)
+	public LiveFeedback getLiveFeedback() {
+		return liveFeedback;
+	}
+
+	public void setLiveFeedback(final LiveFeedback liveFeedback) {
+		this.liveFeedback = liveFeedback;
+	}
+
+	@JsonView(View.Public.class)
+	public ContentPool getContentPool() {
+		return contentPool;
+	}
+
+	public void setContentPool(final ContentPool contentPool) {
+		this.contentPool = contentPool;
+	}
+}
--- a/src/main/java/de/thm/arsnova/config/properties/MessageBrokerProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/MessageBrokerProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(MessageBrokerProperties.PREFIX)
+public class MessageBrokerProperties {
+	public static final String PREFIX = SystemProperties.PREFIX + ".message-broker";
+
+	public static class Relay {
+		private boolean enabled;
+		private String host;
+		private int port;
+		private String username;
+		private String password;
+
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+
+		public String getHost() {
+			return host;
+		}
+
+		public void setHost(final String host) {
+			this.host = host;
+		}
+
+		public int getPort() {
+			return port;
+		}
+
+		public void setPort(final int port) {
+			this.port = port;
+		}
+
+		public String getUsername() {
+			return username;
+		}
+
+		public void setUsername(final String username) {
+			this.username = username;
+		}
+
+		public String getPassword() {
+			return password;
+		}
+
+		public void setPassword(final String password) {
+			this.password = password;
+		}
+	}
+
+	private Relay relay;
+
+	public Relay getRelay() {
+		return relay;
+	}
+
+	public void setRelay(final Relay relay) {
+		this.relay = relay;
+	}
+}
--- a/src/main/java/de/thm/arsnova/config/properties/SecurityProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/SecurityProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import java.time.Duration;
+import java.time.temporal.ChronoUnit;
+import java.util.List;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.convert.DurationUnit;
+
+@ConfigurationProperties(SecurityProperties.PREFIX)
+public class SecurityProperties {
+	public static final String PREFIX = "security";
+
+	public static class Jwt {
+		private String serverId;
+		private String secret;
+
+		@DurationUnit(ChronoUnit.MINUTES)
+		private Duration validityPeriod;
+
+		public String getServerId() {
+			return serverId;
+		}
+
+		public void setServerId(final String serverId) {
+			this.serverId = serverId;
+		}
+
+		public String getSecret() {
+			return secret;
+		}
+
+		public void setSecret(final String secret) {
+			this.secret = secret;
+		}
+
+		public Duration getValidityPeriod() {
+			return validityPeriod;
+		}
+
+		public void setValidityPeriod(final Duration validityPeriod) {
+			this.validityPeriod = validityPeriod;
+		}
+	}
+
+	private Jwt jwt;
+	private List<String> adminAccounts;
+	private int loginTryLimit;
+	private List<String> corsOrigins;
+
+	public Jwt getJwt() {
+		return jwt;
+	}
+
+	public void setJwt(final Jwt jwt) {
+		this.jwt = jwt;
+	}
+
+	public List<String> getAdminAccounts() {
+		return adminAccounts;
+	}
+
+	public void setAdminAccounts(final List<String> adminAccounts) {
+		this.adminAccounts = adminAccounts;
+	}
+
+	public int getLoginTryLimit() {
+		return loginTryLimit;
+	}
+
+	public void setLoginTryLimit(final int loginTryLimit) {
+		this.loginTryLimit = loginTryLimit;
+	}
+
+	public List<String> getCorsOrigins() {
+		return corsOrigins;
+	}
+
+	public void setCorsOrigins(final List<String> corsOrigins) {
+		this.corsOrigins = corsOrigins;
+	}
+}
--- a/src/main/java/de/thm/arsnova/config/properties/SystemProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/SystemProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties(SystemProperties.PREFIX)
+public class SystemProperties {
+	public static final String PREFIX = "system";
+
+	public static class Api {
+		private String proxyPath;
+		private boolean indentResponseBody;
+		private boolean exposeErrorMessages;
+
+		public String getProxyPath() {
+			return proxyPath;
+		}
+
+		public void setProxyPath(final String proxyPath) {
+			this.proxyPath = proxyPath;
+		}
+
+		public boolean isIndentResponseBody() {
+			return indentResponseBody;
+		}
+
+		public void setIndentResponseBody(final boolean indentResponseBody) {
+			this.indentResponseBody = indentResponseBody;
+		}
+
+		public boolean isExposeErrorMessages() {
+			return exposeErrorMessages;
+		}
+
+		public void setExposeErrorMessages(final boolean exposeErrorMessages) {
+			this.exposeErrorMessages = exposeErrorMessages;
+		}
+	}
+
+	public static class Mail {
+		private String senderName;
+		private String senderAddress;
+		private String host;
+
+		public String getSenderName() {
+			return senderName;
+		}
+
+		public void setSenderName(final String senderName) {
+			this.senderName = senderName;
+		}
+
+		public String getSenderAddress() {
+			return senderAddress;
+		}
+
+		public void setSenderAddress(final String senderAddress) {
+			this.senderAddress = senderAddress;
+		}
+
+		public String getHost() {
+			return host;
+		}
+
+		public void setHost(final String host) {
+			this.host = host;
+		}
+	}
+
+	public static class LmsConnector {
+		private boolean enabled;
+		private String hostUrl;
+		private String username;
+		private String password;
+
+		public boolean isEnabled() {
+			return enabled;
+		}
+
+		public void setEnabled(final boolean enabled) {
+			this.enabled = enabled;
+		}
+
+		public String getHostUrl() {
+			return hostUrl;
+		}
+
+		public void setHostUrl(final String hostUrl) {
+			this.hostUrl = hostUrl;
+		}
+
+		public String getUsername() {
+			return username;
+		}
+
+		public void setUsername(final String username) {
+			this.username = username;
+		}
+
+		public String getPassword() {
+			return password;
+		}
+
+		public void setPassword(final String password) {
+			this.password = password;
+		}
+	}
+
+	public static class Socketio {
+		private String bindAddress;
+		private int port;
+		private String proxyPath;
+
+		public String getBindAddress() {
+			return bindAddress;
+		}
+
+		public void setBindAddress(final String bindAddress) {
+			this.bindAddress = bindAddress;
+		}
+
+		public int getPort() {
+			return port;
+		}
+
+		public void setPort(final int port) {
+			this.port = port;
+		}
+
+		public String getProxyPath() {
+			return proxyPath;
+		}
+
+		public void setProxyPath(final String proxyPath) {
+			this.proxyPath = proxyPath;
+		}
+	}
+
+	private String rootUrl;
+	private Api api;
+	private Mail mail;
+	private LmsConnector lmsConnector;
+	private Socketio socketio;
+
+	public String getRootUrl() {
+		return rootUrl;
+	}
+
+	public void setRootUrl(final String rootUrl) {
+		this.rootUrl = rootUrl;
+	}
+
+	public Api getApi() {
+		return api;
+	}
+
+	public void setApi(final Api api) {
+		this.api = api;
+	}
+
+	public Mail getMail() {
+		return mail;
+	}
+
+	public void setMail(final Mail mail) {
+		this.mail = mail;
+	}
+
+	public LmsConnector getLmsConnector() {
+		return lmsConnector;
+	}
+
+	public void setLmsConnector(final LmsConnector lmsConnector) {
+		this.lmsConnector = lmsConnector;
+	}
+
+	public Socketio getSocketio() {
+		return socketio;
+	}
+
+	public void setSocketio(final Socketio socketio) {
+		this.socketio = socketio;
+	}
+}
--- a/src/main/java/de/thm/arsnova/config/properties/UiProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/UiProperties.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.config.properties;
+
+import java.util.Map;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties
+public class UiProperties {
+	private Map<String, Object> ui;
+
+	public Map<String, Object> getUi() {
+		return ui;
+	}
+
+	public void setUi(final Map<String, Object> ui) {
+		this.ui = ui;
+	}
+}
--- a/src/main/java/de/thm/arsnova/controller/AbstractController.java
+++ b/src/main/java/de/thm/arsnova/controller/AbstractController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team and Contributors
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,6 +15,7 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

 /**

--- a/src/main/java/de/thm/arsnova/controller/AbstractEntityController.java
+++ b/src/main/java/de/thm/arsnova/controller/AbstractEntityController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,29 +15,39 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.model.Entity;
-import de.thm.arsnova.model.FindQuery;
-import de.thm.arsnova.service.EntityService;
-import de.thm.arsnova.service.FindQueryService;
-import de.thm.arsnova.web.exceptions.NotFoundException;
+import java.io.IOException;
+import java.util.Collection;
+import java.util.Map;
+import java.util.Set;
+import javax.naming.OperationNotSupportedException;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PatchMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.util.UriComponentsBuilder;

-import javax.naming.OperationNotSupportedException;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Collection;
-import java.util.Map;
-import java.util.Set;
+import de.thm.arsnova.model.Entity;
+import de.thm.arsnova.model.FindQuery;
+import de.thm.arsnova.service.EntityService;
+import de.thm.arsnova.service.FindQueryService;
+import de.thm.arsnova.web.exceptions.NotFoundException;

 /**
 * Base type for Entity controllers which provides basic CRUD operations and supports Entity patching.
@@ -51,7 +61,7 @@ public abstract class AbstractEntityController<E extends Entity> {
 	protected static final String ENTITY_ID_HEADER = "Arsnova-Entity-Id";
 	protected static final String ENTITY_REVISION_HEADER = "Arsnova-Entity-Revision";
 	protected static final String DEFAULT_ROOT_MAPPING = "/";
-	protected static final String DEFAULT_ID_MAPPING = "/{id:[^~].+}";
+	protected static final String DEFAULT_ID_MAPPING = "/{id:[^~].*}";
 	protected static final String DEFAULT_ALIAS_MAPPING = "/~{alias}";
 	protected static final String DEFAULT_FIND_MAPPING = "/find";
 	protected static final String ALIAS_SUBPATH = "/{subPath:.+}";
@@ -88,7 +98,7 @@ public abstract class AbstractEntityController<E extends Entity> {

 	@PutMapping(PUT_MAPPING)
 	public E put(@RequestBody final E entity, final HttpServletResponse httpServletResponse) {
-		E oldEntity = entityService.get(entity.getId());
+		final E oldEntity = entityService.get(entity.getId());
 		entityService.update(oldEntity, entity);
 		httpServletResponse.setHeader(ENTITY_ID_HEADER, entity.getId());
 		httpServletResponse.setHeader(ENTITY_REVISION_HEADER, entity.getRevision());
@@ -123,8 +133,8 @@ public abstract class AbstractEntityController<E extends Entity> {

 	@PatchMapping(PATCH_MAPPING)
 	public E patch(@PathVariable final String id, @RequestBody final Map<String, Object> changes,
-					  final HttpServletResponse httpServletResponse) throws IOException {
-		E entity = entityService.get(id);
+			final HttpServletResponse httpServletResponse) throws IOException {
+		final E entity = entityService.get(id);
 		entityService.patch(entity, changes);
 		httpServletResponse.setHeader(ENTITY_ID_HEADER, entity.getId());
 		httpServletResponse.setHeader(ENTITY_REVISION_HEADER, entity.getRevision());
@@ -134,7 +144,7 @@ public abstract class AbstractEntityController<E extends Entity> {

 	@DeleteMapping(DELETE_MAPPING)
 	public void delete(@PathVariable final String id) {
-		E entity = entityService.get(id);
+		final E entity = entityService.get(id);
 		entityService.delete(entity);
 	}

@@ -142,7 +152,7 @@ public abstract class AbstractEntityController<E extends Entity> {
 	public Iterable<E> find(@RequestBody final FindQuery<E> findQuery) throws OperationNotSupportedException {
 		if (findQueryService != null) {
 			logger.debug("Resolving find query: {}", findQuery);
-			Set<String> ids = findQueryService.resolveQuery(findQuery);
+			final Set<String> ids = findQueryService.resolveQuery(findQuery);
 			logger.debug("Resolved find query to IDs: {}", ids);

 			return entityService.get(ids);
@@ -152,13 +162,13 @@ public abstract class AbstractEntityController<E extends Entity> {
 	}

 	@RequestMapping(value = {DEFAULT_ALIAS_MAPPING, DEFAULT_ALIAS_MAPPING + ALIAS_SUBPATH})
-	public void forwardAlias(@PathVariable final String alias, @PathVariable(required = false) String subPath,
-			HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse)
+	public void forwardAlias(@PathVariable final String alias, @PathVariable(required = false) final String subPath,
+			final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse)
 			throws ServletException, IOException {
 		final String targetPath = String.format(
 				"%s/%s%s", getMapping(), resolveAlias(alias), subPath != null ? "/" + subPath : "");
 		logger.debug("Forwarding alias request to {}", targetPath);
-		httpServletRequest.getRequestDispatcher( targetPath)
+		httpServletRequest.getRequestDispatcher(targetPath)
 				.forward(httpServletRequest, httpServletResponse);
 	}


--- a/src/main/java/de/thm/arsnova/controller/AnswerController.java
+++ b/src/main/java/de/thm/arsnova/controller/AnswerController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,13 +15,15 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.model.Answer;
-import de.thm.arsnova.service.AnswerService;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+import de.thm.arsnova.model.Answer;
+import de.thm.arsnova.service.AnswerService;
+
 @RestController
 @RequestMapping(AnswerController.REQUEST_MAPPING)
 public class AnswerController extends AbstractEntityController<Answer> {

--- a/src/main/java/de/thm/arsnova/controller/AuthenticationController.java
+++ b/src/main/java/de/thm/arsnova/controller/AuthenticationController.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.model.ClientAuthentication;
-import de.thm.arsnova.model.LoginCredentials;
-import de.thm.arsnova.model.UserProfile;
-import de.thm.arsnova.service.UserService;
+import java.io.IOException;
+import java.util.Arrays;
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.pac4j.core.context.J2EContext;
+import org.pac4j.oidc.client.OidcClient;
+import org.pac4j.saml.client.SAML2Client;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.servlet.View;
+import org.springframework.web.servlet.view.RedirectView;
+
+import de.thm.arsnova.config.SecurityConfig;
+import de.thm.arsnova.model.ClientAuthentication;
+import de.thm.arsnova.model.LoginCredentials;
+import de.thm.arsnova.model.UserProfile;
+import de.thm.arsnova.security.LoginAuthenticationSucessHandler;
+import de.thm.arsnova.service.UserService;
+import de.thm.arsnova.web.exceptions.NotImplementedException;

 @RestController
 @RequestMapping("/auth")
 public class AuthenticationController {
 	private UserService userService;
+	private OidcClient oidcClient;
+	private SAML2Client saml2Client;
+	private CasAuthenticationEntryPoint casEntryPoint;

 	public AuthenticationController(final UserService userService) {
 		this.userService = userService;
 	}

-	@PostMapping("/login")
-	public ClientAuthentication login() {
-		return userService.getCurrentClientAuthentication();
+	@Autowired(required = false)
+	public void setOidcClient(final OidcClient oidcClient) {
+		this.oidcClient = oidcClient;
+	}
+
+	@Autowired(required = false)
+	public void setSaml2Client(final SAML2Client saml2Client) {
+		this.saml2Client = saml2Client;
+	}
+
+	@Autowired(required = false)
+	public void setCasEntryPoint(final CasAuthenticationEntryPoint casEntryPoint) {
+		this.casEntryPoint = casEntryPoint;
 	}

-	@PostMapping("/login/registered")
-	public ClientAuthentication loginRegistered(@RequestBody LoginCredentials loginCredentials) {
-		final String loginId = loginCredentials.getLoginId().toLowerCase();
-		userService.authenticate(new UsernamePasswordAuthenticationToken(loginId, loginCredentials.getPassword()),
-				UserProfile.AuthProvider.ARSNOVA);
-		return userService.getCurrentClientAuthentication();
+	@PostMapping("/login")
+	public ClientAuthentication login(@RequestParam(defaultValue = "false") final boolean refresh,
+			final HttpServletRequest request, final HttpServletResponse response) {
+		if (request.getCookies() != null && Arrays.stream(request.getCookies())
+				.anyMatch(c -> c.getName().equalsIgnoreCase(LoginAuthenticationSucessHandler.AUTH_COOKIE_NAME))) {
+			/* Delete cookie */
+			final Cookie cookie = new Cookie(LoginAuthenticationSucessHandler.AUTH_COOKIE_NAME, null);
+			cookie.setPath(request.getContextPath());
+			cookie.setMaxAge(0);
+			response.addCookie(cookie);
+		}
+
+		return userService.getCurrentClientAuthentication(refresh);
 	}

 	@PostMapping("/login/guest")
-	public ClientAuthentication loginGuest() {
-		final ClientAuthentication currentAuthentication = userService.getCurrentClientAuthentication();
+	public ClientAuthentication loginGuest(final HttpServletRequest request) {
+		final ClientAuthentication currentAuthentication = userService.getCurrentClientAuthentication(false);
 		if (currentAuthentication != null
 				&& currentAuthentication.getAuthProvider() == UserProfile.AuthProvider.ARSNOVA_GUEST) {
 			return currentAuthentication;
 		}
 		userService.authenticate(new UsernamePasswordAuthenticationToken(null, null),
-				UserProfile.AuthProvider.ARSNOVA_GUEST);
+				UserProfile.AuthProvider.ARSNOVA_GUEST, request.getRemoteAddr());
+
+		return userService.getCurrentClientAuthentication(false);
+	}
+
+	@PostMapping("/login/{providerId}")
+	public ClientAuthentication loginViaProvider(
+			@PathVariable final String providerId,
+			@RequestBody final LoginCredentials loginCredentials,
+			final HttpServletRequest request) {
+		switch (providerId) {
+			case "registered":
+				final String loginId = loginCredentials.getLoginId().toLowerCase();
+				userService.authenticate(new UsernamePasswordAuthenticationToken(
+						loginId, loginCredentials.getPassword()),
+						UserProfile.AuthProvider.ARSNOVA, request.getRemoteAddr());
+
+				return userService.getCurrentClientAuthentication(false);
+			case SecurityConfig.LDAP_PROVIDER_ID:
+				userService.authenticate(new UsernamePasswordAuthenticationToken(
+						loginCredentials.getLoginId(), loginCredentials.getPassword()),
+						UserProfile.AuthProvider.LDAP, request.getRemoteAddr());
+
+				return userService.getCurrentClientAuthentication(false);
+			default:
+				throw new IllegalArgumentException("Invalid provider ID.");
+		}
+	}
+
+	@GetMapping("/sso/{providerId}")
+	public View redirectToSso(@PathVariable final String providerId,
+			final HttpServletRequest request, final HttpServletResponse response) throws IOException, ServletException {
+		switch (providerId) {
+			case SecurityConfig.OIDC_PROVIDER_ID:
+				if (oidcClient == null) {
+					throw new IllegalArgumentException("Invalid provider ID.");
+				}
+				return new RedirectView(
+						oidcClient.getRedirectAction(new J2EContext(request, response)).getLocation());
+			case SecurityConfig.SAML_PROVIDER_ID:
+				if (saml2Client == null) {
+					throw new IllegalArgumentException("Invalid provider ID.");
+				}
+				return new RedirectView(
+					saml2Client.getRedirectAction(new J2EContext(request, response)).getLocation());
+			case SecurityConfig.CAS_PROVIDER_ID:
+				if (casEntryPoint == null) {
+					throw new IllegalArgumentException("Invalid provider ID.");
+				}
+				casEntryPoint.commence(request, response, null);
+				return null;
+			default:
+				throw new IllegalArgumentException("Invalid provider ID.");
+		}
+	}
+
+	@GetMapping(value = "/config/saml/sp-metadata.xml", produces = MediaType.APPLICATION_XML_VALUE)
+	public String samlSpMetadata() throws IOException {
+		if (saml2Client == null) {
+			throw new NotImplementedException("SAML authentication is disabled.");
+		}

-		return userService.getCurrentClientAuthentication();
+		return saml2Client.getServiceProviderMetadataResolver().getMetadata();
 	}
 }
--- a/src/main/java/de/thm/arsnova/controller/CommentController.java
+++ b/src/main/java/de/thm/arsnova/controller/CommentController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,13 +15,15 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.model.Comment;
-import de.thm.arsnova.service.CommentService;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+import de.thm.arsnova.model.Comment;
+import de.thm.arsnova.service.CommentService;
+
 @RestController
 @RequestMapping(CommentController.REQUEST_MAPPING)
 public class CommentController extends AbstractEntityController<Comment> {

--- a/src/main/java/de/thm/arsnova/controller/ConfigurationController.java
+++ b/src/main/java/de/thm/arsnova/controller/ConfigurationController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team and Contributors
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,270 +15,90 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-package de.thm.arsnova.controller;

-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
+package de.thm.arsnova.controller;

-import javax.servlet.http.HttpServletRequest;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import de.thm.arsnova.config.SecurityConfig;
+import de.thm.arsnova.config.properties.AuthenticationProviderProperties;
+import de.thm.arsnova.config.properties.FeatureProperties;
+import de.thm.arsnova.config.properties.UiProperties;
+import de.thm.arsnova.model.AuthenticationProvider;
+import de.thm.arsnova.model.Configuration;
+
+@RestController
+@RequestMapping(ConfigurationController.REQUEST_MAPPING)
+@EnableConfigurationProperties(UiProperties.class)
+public class ConfigurationController {
+	protected static final String REQUEST_MAPPING = "/configuration";
+
+	private AuthenticationProviderProperties providerProperties;
+	private UiProperties uiProperties;
+	private FeatureProperties featureProperties;
+	private List<AuthenticationProvider> authenticationProviders;
+	private Map<String, Object> featureConfig;
+
+	public ConfigurationController(
+			final AuthenticationProviderProperties authenticationProviderProperties,
+			final UiProperties uiProperties,
+			final FeatureProperties featureProperties) {
+		this.providerProperties = authenticationProviderProperties;
+		this.uiProperties = uiProperties;
+		this.featureProperties = featureProperties;
+		buildAuthenticationProviderConfig();
+		buildFeatureConfig();
+	}

-/**
- * The ConfigurationController provides frontend clients with information necessary to correctly interact with the
- * backend and other frontends as well as settings for ARSnova. The the alternative /arsnova-config route is necessary
- * in case the backend application is deployed as root context.
- */
-@Controller
-@RequestMapping({"/configuration", "/arsnova-config"})
-public class ConfigurationController extends AbstractController {
-	private static final Logger logger = LoggerFactory
-			.getLogger(ConfigurationController.class);
-
-	@Value("${api.path:}")
-	private String apiPath;
-
-	@Value("${socketio.proxy-path:}")
-	private String socketioPath;
-
-	@Value("${customization.path}")
-	private String customizationPath;
-
-	@Value("${mobile.path}")
-	private String mobilePath;
-
-	@Value("${presenter.path}")
-	private String presenterPath;
-
-	@Value("${links.overlay.url}")
-	private String overlayUrl;
-
-	@Value("${links.organization.url}")
-	private String organizationUrl;
-
-	@Value("${links.imprint.url}")
-	private String imprintUrl;
-
-	@Value("${links.blog.url:}")
-	private String blogUrl;
-
-	@Value("${links.privacy-policy.url}")
-	private String privacyPolicyUrl;
-
-	@Value("${links.documentation.url}")
-	private String documentationUrl;
-
-	@Value("${links.presenter-documentation.url}")
-	private String presenterDocumentationUrl;
-
-	@Value("${feedback.warning:5}")
-	private String feedbackWarningOffset;
-
-	@Value("${features.mathjax.enabled:true}")
-	private String mathJaxEnabled;
-
-	@Value("${features.mathjax.src:}")
-	private String mathJaxSrc;
-
-	@Value("${features.freetext-imageanswer.enabled:false}")
-	private String imageAnswerEnabled;
-
-	@Value("${features.question-format.grid-square.enabled:false}")
-	private String gridSquareEnabled;
-
-	@Value("${features.session-import-export.enabled:false}")
-	private String roomImportExportEnabled;
-
-	@Value("${features.public-pool.enabled:false}")
-	private String publicPoolEnabled;
-
-	@Value("${features.export-to-click.enabled:false}")
-	private String exportToClickEnabled;
-
-	@Value("${question.answer-option-limit:8}")
-	private String answerOptionLimit;
-
-	@Value("${upload.filesize_b:}")
-	private String maxUploadFilesize;
-
-	@Value("${question.parse-answer-option-formatting:false}")
-	private String parseAnswerOptionFormatting;
-
-	@Value("${pp.subjects}")
-	private String ppSubjects;
-
-	@Value("${pp.licenses}")
-	private String ppLicenses;
-
-	@Value("${pp.logofilesize_b}")
-	private String ppLogoMaxFilesize;
-
-	@Value("${upload.filesize_b}")
-	private String gridImageMaxFileSize;
-
-	@Value("${tracking.provider}")
-	private String trackingProvider;
-
-	@Value("${tracking.tracker-url}")
-	private String trackingTrackerUrl;
-
-	@Value("${tracking.site-id}")
-	private String trackingSiteId;
-
-	@Value("${session.demo-id:}")
-	private String demoRoomShortId;
-
-	@Value("${ui.slogan:}")
-	private String arsnovaSlogan;
-
-	@Value("${ui.splashscreen.logo-path:}")
-	private String splashscreenLogo;
-
-	@Value("${ui.splashscreen.slogan:}")
-	private String splashscreenSlogan;
-
-	@Value("${ui.splashscreen.slogan-color:}")
-	private String splashscreenSloganColor;
-
-	@Value("${ui.splashscreen.background-color:}")
-	private String splashscreenBgColor;
-
-	@Value("${ui.splashscreen.loading-ind-color:}")
-	private String splashscreenLoadingIndColor;
-
-	@Value("${ui.splashscreen.min-delay:}")
-	private String splashscreenDelay;
-
-	@Value("${pp.session-levels.de}")
-	private String ppLevelsDe;
-
-	@Value("${pp.session-levels.en}")
-	private String ppLevelsEn;
-
-	@RequestMapping(method = RequestMethod.GET)
-	@ResponseBody
-	public Map<String, Object> getConfiguration(HttpServletRequest request) {
-		Map<String, Object> config = new HashMap<>();
-		Map<String, Boolean> features = new HashMap<>();
-		Map<String, String> publicPool = new HashMap<>();
-		Map<String, Object> splashscreen = new HashMap<>();
-
-		/* The API path could be unknown to the client in case the request was forwarded */
-		if ("".equals(apiPath)) {
-			apiPath = request.getContextPath();
-		}
-		config.put("apiPath", apiPath);
-
-
-		if (!"".equals(socketioPath)) {
-			config.put("socketioPath", socketioPath);
-		}
-		if (!"".equals(customizationPath)) {
-			config.put("customizationPath", customizationPath);
-		}
-		if (!"".equals(mobilePath)) {
-			config.put("mobilePath", mobilePath);
-		}
-		if (!"".equals(presenterPath)) {
-			config.put("presenterPath", presenterPath);
-		}
-
-		if (!"".equals(documentationUrl)) {
-			config.put("documentationUrl", documentationUrl);
-		}
-		if (!"".equals(blogUrl)) {
-			config.put("blogUrl", blogUrl);
-		}
-		if (!"".equals(presenterDocumentationUrl)) {
-			config.put("presenterDocumentationUrl", presenterDocumentationUrl);
-		}
-		if (!"".equals(overlayUrl)) {
-			config.put("overlayUrl", overlayUrl);
-		}
-		if (!"".equals(organizationUrl)) {
-			config.put("organizationUrl", organizationUrl);
-		}
-		if (!"".equals(imprintUrl)) {
-			config.put("imprintUrl", imprintUrl);
-		}
-		if (!"".equals(privacyPolicyUrl)) {
-			config.put("privacyPolicyUrl", privacyPolicyUrl);
-		}
-		if (!"".equals(demoRoomShortId)) {
-			config.put("demoRoomShortId", demoRoomShortId);
-		}
-		if (!"".equals(arsnovaSlogan)) {
-			config.put("arsnovaSlogan", arsnovaSlogan);
-		}
-		if (!"".equals(maxUploadFilesize)) {
-			config.put("maxUploadFilesize", maxUploadFilesize);
-		}
-		if (!"".equals(mathJaxSrc) && "true".equals(mathJaxEnabled)) {
-			config.put("mathJaxSrc", mathJaxSrc);
-		}
-
-		config.put("answerOptionLimit", Integer.valueOf(answerOptionLimit));
-		config.put("feedbackWarningOffset", Integer.valueOf(feedbackWarningOffset));
-		config.put("parseAnswerOptionFormatting", Boolean.valueOf(parseAnswerOptionFormatting));
-
-		config.put("features", features);
-
-		features.put("mathJax", "true".equals(mathJaxEnabled));
-		/* Keep the markdown property for now since the frontend still depends on it */
-		features.put("markdown", true);
-		features.put("imageAnswer", "true".equals(imageAnswerEnabled));
-		features.put("gridSquare", "true".equals(gridSquareEnabled));
-		features.put("sessionImportExport", "true".equals(roomImportExportEnabled));
-		features.put("publicPool", "true".equals(publicPoolEnabled));
-		features.put("exportToClick", "true".equals(exportToClickEnabled));
-
-		// add public pool configuration on demand
-		if (features.get("publicPool")) {
-			config.put("publicPool", publicPool);
-			publicPool.put("subjects", ppSubjects);
-			publicPool.put("licenses", ppLicenses);
-			publicPool.put("logoMaxFilesize", ppLogoMaxFilesize);
-			publicPool.put("levelsDe", ppLevelsDe);
-			publicPool.put("levelsEn", ppLevelsEn);
-		}
+	@GetMapping
+	public Configuration get() {
+		final Configuration configuration = new Configuration();
+		configuration.setAuthenticationProviders(authenticationProviders);
+		configuration.setUi(uiProperties.getUi());
+		configuration.setFeatures(featureConfig);

-		config.put("splashscreen", splashscreen);
+		return configuration;
+	}

-		if (!"".equals(splashscreenLogo)) {
-			splashscreen.put("logo", splashscreenLogo);
+	private void buildAuthenticationProviderConfig() {
+		this.authenticationProviders = new ArrayList<>();
+		if (providerProperties.getGuest().isEnabled()) {
+			authenticationProviders.add(new AuthenticationProvider("guest", providerProperties.getGuest()));
 		}
-		if (!"".equals(splashscreenSlogan)) {
-			splashscreen.put("slogan", splashscreenSlogan);
+		if (providerProperties.getRegistered().isEnabled()) {
+			authenticationProviders.add(new AuthenticationProvider(
+					SecurityConfig.INTERNAL_PROVIDER_ID, providerProperties.getRegistered()));
 		}
-		if (!"".equals(splashscreenSloganColor)) {
-			splashscreen.put("sloganColor", splashscreenSloganColor);
+		if (!providerProperties.getLdap().isEmpty() && providerProperties.getLdap().get(0).isEnabled()) {
+			authenticationProviders.add(new AuthenticationProvider(
+					SecurityConfig.LDAP_PROVIDER_ID, providerProperties.getLdap().get(0)));
 		}
-		if (!"".equals(splashscreenBgColor)) {
-			splashscreen.put("bgcolor", splashscreenBgColor);
+		if (!providerProperties.getOidc().isEmpty() && providerProperties.getOidc().get(0).isEnabled()) {
+			authenticationProviders.add(new AuthenticationProvider(
+					SecurityConfig.OIDC_PROVIDER_ID, providerProperties.getOidc().get(0)));
 		}
-		if (!"".equals(splashscreenLoadingIndColor)) {
-			splashscreen.put("loadIndColor", splashscreenLoadingIndColor);
+		if (providerProperties.getSaml().isEnabled()) {
+			authenticationProviders.add(new AuthenticationProvider(
+					SecurityConfig.SAML_PROVIDER_ID, providerProperties.getSaml()));
 		}
-		if (!"".equals(splashscreenDelay)) {
-			splashscreen.put("minDelay", Integer.valueOf(splashscreenDelay));
+		if (providerProperties.getCas().isEnabled()) {
+			authenticationProviders.add(new AuthenticationProvider(
+					SecurityConfig.CAS_PROVIDER_ID, providerProperties.getCas()));
 		}
+	}

-		if (!"".equals(trackingTrackerUrl)) {
-			Map<String, String> tracking = new HashMap<>();
-			config.put("tracking", tracking);
-
-			tracking.put("provider", trackingProvider);
-			tracking.put("trackerUrl", trackingTrackerUrl);
-			tracking.put("siteId", trackingSiteId);
-		}
-
-		config.put("grid", gridImageMaxFileSize);
-
-		return config;
+	private void buildFeatureConfig() {
+		this.featureConfig = new HashMap<>();
+		featureConfig.put("contents", featureProperties.getContents());
+		featureConfig.put("comments", featureProperties.getComments());
+		featureConfig.put("liveFeedback", featureProperties.getLiveFeedback());
+		featureConfig.put("contentPool", featureProperties.getContentPool());
 	}
 }
--- a/src/main/java/de/thm/arsnova/controller/ContentController.java
+++ b/src/main/java/de/thm/arsnova/controller/ContentController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,17 +15,19 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.model.AnswerStatistics;
-import de.thm.arsnova.model.Content;
-import de.thm.arsnova.service.AnswerService;
-import de.thm.arsnova.service.ContentService;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+import de.thm.arsnova.model.AnswerStatistics;
+import de.thm.arsnova.model.Content;
+import de.thm.arsnova.service.AnswerService;
+import de.thm.arsnova.service.ContentService;
+
 @RestController
 @RequestMapping(ContentController.REQUEST_MAPPING)
 public class ContentController extends AbstractEntityController<Content> {

--- a/src/main/java/de/thm/arsnova/controller/ControllerExceptionHandler.java
+++ b/src/main/java/de/thm/arsnova/controller/ControllerExceptionHandler.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team and Contributors
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,16 +15,13 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.web.exceptions.BadRequestException;
-import de.thm.arsnova.web.exceptions.ForbiddenException;
-import de.thm.arsnova.web.exceptions.NoContentException;
-import de.thm.arsnova.web.exceptions.NotFoundException;
-import de.thm.arsnova.web.exceptions.NotImplementedException;
-import de.thm.arsnova.web.exceptions.PayloadTooLargeException;
-import de.thm.arsnova.web.exceptions.PreconditionFailedException;
-import de.thm.arsnova.web.exceptions.UnauthorizedException;
+import java.util.Map;
+import javax.naming.OperationNotSupportedException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import org.ektorp.DocumentNotFoundException;
 import org.slf4j.event.Level;
 import org.springframework.http.HttpHeaders;
@@ -32,8 +29,8 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
-import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -42,10 +39,15 @@ import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.context.request.WebRequest;
 import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;

-import javax.naming.OperationNotSupportedException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.Map;
+import de.thm.arsnova.model.EntityValidationException;
+import de.thm.arsnova.web.exceptions.BadRequestException;
+import de.thm.arsnova.web.exceptions.ForbiddenException;
+import de.thm.arsnova.web.exceptions.NoContentException;
+import de.thm.arsnova.web.exceptions.NotFoundException;
+import de.thm.arsnova.web.exceptions.NotImplementedException;
+import de.thm.arsnova.web.exceptions.PayloadTooLargeException;
+import de.thm.arsnova.web.exceptions.PreconditionFailedException;
+import de.thm.arsnova.web.exceptions.UnauthorizedException;

 /**
 * Translates exceptions into HTTP status codes.
@@ -79,10 +81,11 @@ public class ControllerExceptionHandler extends ResponseEntityExceptionHandler {
 		return helper.handleException(e, Level.TRACE);
 	}

-	@ExceptionHandler(AuthenticationCredentialsNotFoundException.class)
+	@ExceptionHandler(AuthenticationException.class)
 	@ResponseStatus(HttpStatus.UNAUTHORIZED)
 	@ResponseBody
-	public Map<String, Object> handleAuthenticationCredentialsNotFoundException(final Exception e, final HttpServletRequest request) {
+	public Map<String, Object> handleAuthenticationExceptionException(
+			final Exception e, final HttpServletRequest request) {
 		return helper.handleException(e, Level.DEBUG);
 	}

@@ -91,8 +94,7 @@ public class ControllerExceptionHandler extends ResponseEntityExceptionHandler {
 	public Map<String, Object> handleAccessDeniedException(
 			final Exception e,
 			final HttpServletRequest request,
-			final HttpServletResponse response
-			) {
+			final HttpServletResponse response) {
 		final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 		if (authentication == null
 				|| authentication.getPrincipal() == null
@@ -119,6 +121,14 @@ public class ControllerExceptionHandler extends ResponseEntityExceptionHandler {
 		return helper.handleException(e, Level.DEBUG);
 	}

+	@ExceptionHandler(EntityValidationException.class)
+	@ResponseBody
+	@ResponseStatus(HttpStatus.BAD_REQUEST)
+	public Map<String, Object> handleEntityValidationException(
+			final EntityValidationException e, final HttpServletRequest request) {
+		return helper.handleException(e, Level.DEBUG);
+	}
+
 	@ExceptionHandler(PreconditionFailedException.class)
 	@ResponseBody
 	@ResponseStatus(HttpStatus.PRECONDITION_FAILED)

--- a/src/main/java/de/thm/arsnova/controller/ControllerExceptionHelper.java
+++ b/src/main/java/de/thm/arsnova/controller/ControllerExceptionHelper.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
 package de.thm.arsnova.controller;

+import java.util.HashMap;
+import java.util.Map;
 import org.checkerframework.checker.nullness.qual.NonNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.event.Level;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;

-import java.util.HashMap;
-import java.util.Map;
+import de.thm.arsnova.config.properties.SystemProperties;

 @Component
 public class ControllerExceptionHelper {
 	private static final Logger logger = LoggerFactory.getLogger(ControllerExceptionHelper.class);

 	/* Since exception messages might contain sensitive data, they are not exposed by default. */
-	@Value("${api.expose-error-messages:false}") private boolean exposeMessages;
+	private boolean exposeMessages;
+
+	public ControllerExceptionHelper(final SystemProperties systemProperties) {
+		this.exposeMessages = systemProperties.getApi().isExposeErrorMessages();
+	}

-	protected Map<String, Object> handleException(@NonNull Throwable e, @NonNull Level level) {
+	public Map<String, Object> handleException(@NonNull final Throwable e, @NonNull final Level level) {
 		final String message = e.getMessage() != null ? e.getMessage() : "";
 		log(level, message, e);
 		final Map<String, Object> result = new HashMap<>();
@@ -29,7 +51,7 @@ public class ControllerExceptionHelper {
 		return result;
 	}

-	private void log(Level level, String message, Throwable e) {
+	private void log(final Level level, final String message, final Throwable e) {
 		switch (level) {
 			case ERROR:
 				logger.error(message, e);
@@ -46,6 +68,8 @@ public class ControllerExceptionHelper {
 			case TRACE:
 				logger.trace(message, e);
 				break;
+			default:
+				break;
 		}
 	}
 }
--- a/src/main/java/de/thm/arsnova/controller/DefaultControllerExceptionHandler.java
+++ b/src/main/java/de/thm/arsnova/controller/DefaultControllerExceptionHandler.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
 package de.thm.arsnova.controller;

+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
 import org.slf4j.event.Level;
 import org.springframework.core.annotation.AnnotationUtils;
 import org.springframework.http.HttpStatus;
@@ -8,9 +28,6 @@ import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.annotation.ResponseStatus;

-import javax.servlet.http.HttpServletRequest;
-import java.util.Map;
-
 @ControllerAdvice
 public class DefaultControllerExceptionHandler {
 	private ControllerExceptionHelper helper;

--- a/src/main/java/de/thm/arsnova/controller/JsonViewControllerAdvice.java
+++ b/src/main/java/de/thm/arsnova/controller/JsonViewControllerAdvice.java
+/*
+ * This file is part of ARSnova Backend.
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
+ *
+ * ARSnova Backend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ARSnova Backend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package de.thm.arsnova.controller;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.core.MethodParameter;
+import org.springframework.http.MediaType;
+import org.springframework.http.converter.json.MappingJacksonValue;
+import org.springframework.http.server.ServerHttpRequest;
+import org.springframework.http.server.ServerHttpResponse;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.AbstractMappingJacksonResponseBodyAdvice;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import de.thm.arsnova.model.serialization.View;
+
+/**
+ * This {@link ControllerAdvice} applies a {@link View} based on the
+ * <code>view</code> query parameter which is used by
+ * {@link com.fasterxml.jackson.annotation.JsonView} for serialization and makes
+ * sure that the user is authorized.
+ *
+ * @author Daniel Gerhardt
+ */
+@ControllerAdvice
+public class JsonViewControllerAdvice extends AbstractMappingJacksonResponseBodyAdvice {
+	private static final String VIEW_PARAMETER = "view";
+
+	private static final Logger logger = LoggerFactory.getLogger(JsonViewControllerAdvice.class);
+
+	@Override
+	protected void beforeBodyWriteInternal(final MappingJacksonValue bodyContainer,
+			final MediaType contentType, final MethodParameter returnType,
+			final ServerHttpRequest request, final ServerHttpResponse response) {
+		/* TODO: Why does @ControllerAdvice(assignableTypes = AbstractEntityController.class) not work? */
+		if (!AbstractEntityController.class.isAssignableFrom(returnType.getContainingClass())) {
+			return;
+		}
+
+		final List<String> viewList = UriComponentsBuilder.fromUri(request.getURI()).build()
+				.getQueryParams().getOrDefault(VIEW_PARAMETER, Collections.emptyList());
+		if (viewList.isEmpty()) {
+			return;
+		}
+		final String view = viewList.get(0);
+		logger.debug("'{}' parameter found in request URI: {}", VIEW_PARAMETER, view);
+		if (bodyContainer.getValue() instanceof Collection) {
+			logger.warn("'{}' parameter is currently not supported for listing endpoints.", VIEW_PARAMETER);
+		}
+		tryAccess(bodyContainer.getValue(), view);
+		switch (view) {
+			case "owner":
+				bodyContainer.setSerializationView(View.Owner.class);
+				break;
+			case "admin":
+				bodyContainer.setSerializationView(View.Admin.class);
+				break;
+			default:
+				return;
+		}
+	}
+
+	@PreAuthorize("hasPermission(#targetDomainObject, #permission)")
+	protected void tryAccess(final Object targetDomainObject, final Object permission) {
+		/* Access check is done by aspect. No additional implementation needed. */
+	}
+}
--- a/src/main/java/de/thm/arsnova/controller/MotdController.java
+++ b/src/main/java/de/thm/arsnova/controller/MotdController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,13 +15,15 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

-import de.thm.arsnova.model.Motd;
-import de.thm.arsnova.service.MotdService;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+import de.thm.arsnova.model.Motd;
+import de.thm.arsnova.service.MotdService;
+
 @RestController
 @RequestMapping(MotdController.REQUEST_MAPPING)
 public class MotdController extends AbstractEntityController<Motd> {

--- a/src/main/java/de/thm/arsnova/controller/PaginationController.java
+++ b/src/main/java/de/thm/arsnova/controller/PaginationController.java
 /*
 * This file is part of ARSnova Backend.
- * Copyright (C) 2012-2018 The ARSnova Team and Contributors
+ * Copyright (C) 2012-2019 The ARSnova Team and Contributors
 *
 * ARSnova Backend is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -15,6 +15,7 @@
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
 package de.thm.arsnova.controller;

 /**
@@ -24,7 +25,7 @@ public abstract class PaginationController extends AbstractController {
 	protected int offset = -1;
 	protected int limit = -1;

-	public void setRange(int start, int end) {
+	public void setRange(final int start, final int end) {
 		this.offset = start;
 		this.limit = end != -1 && start <= end ? end - start + 1 : -1;
 	}
No results found