diff -rupN original/univention-management-console/src/univention/management/console/auth.py changed/univention-management-console/src/univention/management/console/auth.py
--- original/univention-management-console/src/univention/management/console/auth.py	2013-07-01 14:10:32.847889800 +0200
+++ changed/univention-management-console/src/univention/management/console/auth.py	2013-07-01 14:24:20.519870700 +0200
@@ -247,22 +247,32 @@ class AuthHandler( signals.Provider ):
 		self.signal_new( 'authenticated' )
 		self.__credentials = None
 
-	def _create_modules( self, username, password ):
+	def _create_modules( self, **kwargs ):
 		global _all_modules
 		self._modules = []
 		for mod in _all_modules:
-			instance = mod( username, password )
-			instance.signal_connect( 'auth_return', self._auth_return )
-			instance.signal_connect( 'password_changed', self._password_changed )
-			self._modules.append( instance )
+			try:
+				instance = mod( kwargs['username'] , kwargs['password'] )
+				instance.signal_connect( 'auth_return', self._auth_return )
+				instance.signal_connect( 'password_changed', self._password_changed )
+				self._modules.append( instance )
+			except Exception, e:
+				AUTH.warn( "AuthHandler - _create_modules error: %s" % str( e ) )
 		self._modules.reverse()
+	  
+	def authenticate( self, **kwargs ):
+		try:
+			if kwargs['auth_type'] == "saml":
+				AUTH.warn('__starting SAML Authenticate __')
+								
+			self._create_modules( **kwargs )
+			self._current = self._modules.pop()
+			self.__new_password = kwargs['new_password']
+			self._current.authenticate()
+			self.__credentials = ( kwargs['username'], kwargs['password'] )
+		except Exception, e:
+			AUTH.warn( "authenticate.... error: %s" % str( e ) )
 
-	def authenticate( self, username, password, new_password=None ):
-		self._create_modules( username, password )
-		self._current = self._modules.pop()
-		self.__new_password = new_password
-		self._current.authenticate()
-		self.__credentials = ( username, password )
 
 	def credentials( self ):
 		return self.__credentials
diff -rupN original/univention-management-console/src/univention/management/console/protocol/client.py changed/univention-management-console/src/univention/management/console/protocol/client.py
--- original/univention-management-console/src/univention/management/console/protocol/client.py	2013-07-01 14:10:32.851889800 +0200
+++ changed/univention-management-console/src/univention/management/console/protocol/client.py	2013-07-01 14:27:26.275866400 +0200
@@ -31,7 +31,6 @@
 # <http://www.gnu.org/licenses/>.
 
 """Provides a class :class:`.Client` that implements an UMCP client"""
-
 import errno, os, socket, sys, fcntl
 
 from univention.lib.i18n import Translation
@@ -340,12 +339,12 @@ class Client( signals.Provider, Translat
 		else:
 			self.signal_emit( 'error', UnknownRequestError() )
 
-	def authenticate( self, username, password, new_password=None ):
+	def authenticate( self, **kwargs ):
 		"""Authenticate against the UMC server"""
 		authRequest = Request ('AUTH' )
-		authRequest.body['username'] = username
-		authRequest.body['password'] = password
-		authRequest.body['new_password'] = new_password
+		
+		for opt in kwargs:
+			authRequest.body[opt] = kwargs[opt]
 
 		self.request( authRequest )
 
diff -rupN original/univention-management-console/src/univention/management/console/protocol/server.py changed/univention-management-console/src/univention/management/console/protocol/server.py
--- original/univention-management-console/src/univention/management/console/protocol/server.py	2013-07-01 14:10:32.859889800 +0200
+++ changed/univention-management-console/src/univention/management/console/protocol/server.py	2013-07-01 14:28:40.335864600 +0200
@@ -35,6 +35,7 @@
 Defines the basic class for an UMC server.
 """
 
+
 # python packages
 import fcntl
 import gzip
@@ -213,7 +214,7 @@ class MagicBucket( object ):
 		elif msg.command == 'AUTH':
 			state.authResponse = Response( msg )
 			try:
-				state.authenticate( msg.body[ 'username' ], msg.body[ 'password' ], msg.body.get( 'new_password' ) )
+				state.authenticate( **{'auth_type':msg.body[ 'auth_type' ],'username':msg.body[ 'username' ], 'password':msg.body[ 'password' ], 'new_password':msg.body.get( 'new_password' )} )
 			except ( TypeError, KeyError ), e:
 				state.authResponse.status = BAD_REQUEST_INVALID_OPTS
 				state.authResponse.message = 'insufficient authentification information'
@@ -500,6 +501,7 @@ class Server( signals.Provider ):
 
 	def _connection( self, socket ):
 		'''Signal callback: Invoked on incoming connections.'''
+
 		socket, addr = socket.accept()
 		socket.setblocking( 0 )
 		if addr:
diff -rupN original/univention-management-console/src/univention/management/console/protocol/session.py changed/univention-management-console/src/univention/management/console/protocol/session.py
--- original/univention-management-console/src/univention/management/console/protocol/session.py	2013-07-01 14:10:32.863889800 +0200
+++ changed/univention-management-console/src/univention/management/console/protocol/session.py	2013-05-28 10:12:09.632265000 +0200
@@ -99,10 +99,10 @@ class State( signals.Provider ):
 	def _authenticated( self, success ):
 		self.signal_emit( 'authenticated', success, self )
 
-	def authenticate( self, username, password, new_password=None ):
+	def authenticate( self,  **kwargs  ):
 		"""Initiates an authentication process"""
-		self.username = username
-		self.__auth.authenticate( username, password, new_password )
+		self.username = kwargs['username']
+		self.__auth.authenticate( **kwargs )
 
 	def credentials( self ):
 		"""Returns the credentials"""
diff -rupN original/univention-management-console-frontend/univention-management-console-web-server changed/univention-management-console-frontend/univention-management-console-web-server
--- original/univention-management-console-frontend/univention-management-console-web-server	2013-07-01 14:10:32.871889800 +0200
+++ changed/univention-management-console-frontend/univention-management-console-web-server	2013-07-01 14:31:56.027860100 +0200
@@ -133,7 +133,7 @@ class SessionClient(object):
 		self._auth_response = umcp.Response( request )
 		self._auth_response.body['sessionid'] = request.body.get('sessionid','')
 		self._auth_response_queue = response_queue
-		self.client.authenticate( request.body[ 'username' ], request.body[ 'password' ], request.body[ 'new_password' ] )
+		self.client.authenticate( **request.body )
 
 	def _response(self, response):
 		"""Queue response from UMC server."""
@@ -553,16 +553,15 @@ class CPAuth(CPgeneric):
 			body = cherrypy.request.body.read()
 
 		json = self.load_json(body)
-
 		CORE.info('CPRoot/command: request: command=%s' % cherrypy.request.path_info )
 
 		# create new UMCP request
 		req = umcp.Request( 'AUTH' )
-		req.body[ 'username' ] = json[ 'options' ].get('username','')
-		req.body[ 'password' ] = json[ 'options' ].get('password','')
-		req.body[ 'new_password' ] = json[ 'options' ].get('new_password')
+		for opt in json['options']:
+			req.body[opt] = json['options'][opt]
+		req.body[ 'new_password' ] = json[ 'options' ].get('new_password')	
 
-		# create new response queue
+		# create new response queue		
 		response_queue = Queue.Queue()
 
 		# send request to UMC server