diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
index 8f2616fc6..a695aa54a 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
@@ -183,7 +183,12 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 	}
 
 	@Override
-	public li.strolch.privilege.handler.PrivilegeHandler getPrivilegeHandler() throws PrivilegeException {
+	public <V extends SystemUserAction> V runPrivileged(V action) throws PrivilegeException {
+		return super.runPrivileged(action);
+	}
+
+	@Override
+	public li.strolch.privilege.handler.PrivilegeHandler getPrivilegeHandler() {
 		return this.privilegeHandler;
 	}
 }
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
index 675a7f84b..dc7d331b8 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
@@ -19,65 +19,116 @@ import li.strolch.privilege.base.PrivilegeException;
 import li.strolch.privilege.handler.SystemUserAction;
 import li.strolch.privilege.model.Certificate;
 import li.strolch.privilege.model.PrivilegeContext;
+import li.strolch.runtime.StrolchConstants;
 
 /**
+ * The privilege handler for authenticating users and performing actions as a system user
+ * 
  * @author Robert von Burg <eitch@eitchnet.ch>
  */
 public interface PrivilegeHandler {
 
 	/**
+	 * Authenticate a user
+	 * 
 	 * @param username
+	 *            the username
 	 * @param password
-	 * @return
+	 *            the password
+	 * 
+	 * @return the certificate
 	 * 
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#authenticate(String, byte[])
 	 */
-	public abstract Certificate authenticate(String username, byte[] password);
+	public Certificate authenticate(String username, byte[] password);
 
 	/**
+	 * Validate that the certificate is still valid
+	 * 
 	 * @param certificate
+	 *            the certificate
+	 * 
 	 * @throws PrivilegeException
+	 *             if the certificate is not valid
+	 * 
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#isCertificateValid(Certificate)
 	 */
-	public abstract void isCertificateValid(Certificate certificate) throws PrivilegeException;
+	public void isCertificateValid(Certificate certificate) throws PrivilegeException;
 
 	/**
+	 * Invalidates the given certificate
+	 * 
 	 * @param certificate
-	 * @return
+	 *            the certificate
+	 * 
+	 * @return true if the certificate was invalidated, or false if it was already invalidated
+	 * 
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#invalidateSession(li.strolch.privilege.model.Certificate)
 	 */
-	public abstract boolean invalidateSession(Certificate certificate);
+	public boolean invalidateSession(Certificate certificate);
 
 	/**
+	 * Notifies that the session has timed out, i.e. the certificate must be invalidated
+	 * 
 	 * @param certificate
-	 * @return
+	 *            the certificate that has timed out
+	 * @return true if the certificate was invalidated, or false it was already invalidated
+	 * 
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#invalidateSession(li.strolch.privilege.model.Certificate)
 	 */
-	public abstract boolean sessionTimeout(Certificate certificate);
+	public boolean sessionTimeout(Certificate certificate);
 
 	/**
+	 * Returns the {@link PrivilegeContext} for the given certificate
+	 * 
 	 * @param certificate
-	 * @return
+	 *            the certificate
+	 * 
+	 * @return the {@link PrivilegeContext} for the given certificate
+	 * 
 	 * @throws PrivilegeException
+	 *             if the certificate is not valid anymore
+	 * 
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#getPrivilegeContext(li.strolch.privilege.model.Certificate)
 	 */
-	public abstract PrivilegeContext getPrivilegeContext(Certificate certificate) throws PrivilegeException;
+	public PrivilegeContext getPrivilegeContext(Certificate certificate) throws PrivilegeException;
 
 	/**
+	 * Run the given {@link SystemUserAction} as the given system user
+	 * 
 	 * @param systemUsername
+	 *            the system username
 	 * @param action
+	 *            the action to perform
+	 * 
+	 * @return the action after performing the action
+	 * 
 	 * @throws PrivilegeException
+	 *             if there is something wrong
+	 * 
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#runAsSystem(java.lang.String,
 	 *      li.strolch.privilege.handler.SystemUserAction)
 	 */
-	public abstract <T extends SystemUserAction> T runAsSystem(String systemUsername, T action)
-			throws PrivilegeException;
+	public <T extends SystemUserAction> T runAsSystem(String systemUsername, T action) throws PrivilegeException;
 
 	/**
-	 * @param certificate
-	 * @return
+	 * Run the given {@link SystemUserAction} as the system user {@link StrolchConstants#PRIVILEGED_SYSTEM_USER}
+	 * 
+	 * @param action
+	 *            the action to perform
+	 * 
+	 * @return the action after performing the action
+	 * 
 	 * @throws PrivilegeException
+	 *             if there is something wrong
 	 */
-	public abstract li.strolch.privilege.handler.PrivilegeHandler getPrivilegeHandler() throws PrivilegeException;
+	public <V extends SystemUserAction> V runPrivileged(V action) throws PrivilegeException;
+
+	/**
+	 * Returns the {@link li.strolch.privilege.handler.PrivilegeHandler}
+	 * 
+	 * @return the {@link li.strolch.privilege.handler.PrivilegeHandler}
+	 */
+	public abstract li.strolch.privilege.handler.PrivilegeHandler getPrivilegeHandler();
 
 }
\ No newline at end of file
diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
index b91546e8d..9ed3cedd3 100644
--- a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
+++ b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
@@ -33,6 +33,7 @@ import li.strolch.runtime.StrolchConstants;
 import li.strolch.runtime.configuration.RuntimeConfiguration;
 import li.strolch.runtime.privilege.PrivilegeHandler;
 import li.strolch.utils.dbc.DBC;
+import li.strolch.utils.helper.StringHelper;
 
 /**
  * @author Robert von Burg <eitch@eitchnet.ch>
@@ -149,7 +150,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	 * @param realm
 	 *            the name of the realm to return
 	 * 
-	 * @return the realm with the given name
+	 * @return the open {@link StrolchTransaction}
 	 * 
 	 * @throws StrolchException
 	 *             if the {@link StrolchRealm} does not exist with the given name
@@ -158,16 +159,56 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 		return this.container.getRealm(realm).openTx(getCertificate(), getClass());
 	}
 
+	/**
+	 * Opens a {@link StrolchTransaction} by evaluating if the given argument has a realm defined, if not, then the
+	 * realm from the user certificate is used. The action for the TX is this implementation's class name. This
+	 * transaction should be used in a try-with-resource clause so it is properly closed
+	 * 
+	 * @param arg
+	 *            the {@link ServiceArgument}
+	 * 
+	 * @return the open {@link StrolchTransaction}
+	 * 
+	 * @throws StrolchException
+	 *             if the {@link StrolchRealm} does not exist with the given name
+	 */
+	protected StrolchTransaction openArgOrUserTx(ServiceArgument arg) throws StrolchException {
+		if (StringHelper.isEmpty(arg.realm))
+			return openUserTx();
+		return openTx(arg.realm);
+	}
+
+	/**
+	 * Opens a {@link StrolchTransaction} by evaluating if the given argument has a realm defined, if not, then the
+	 * realm from the user certificate is used. The action for the TX is this implementation's class name. This
+	 * transaction should be used in a try-with-resource clause so it is properly closed
+	 * 
+	 * @param arg
+	 *            the {@link ServiceArgument}
+	 * @param action
+	 *            the action to use for the opened TX
+	 * 
+	 * @return the open {@link StrolchTransaction}
+	 * 
+	 * @throws StrolchException
+	 *             if the {@link StrolchRealm} does not exist with the given name
+	 */
+	protected StrolchTransaction openArgOrUserTx(ServiceArgument arg, String action) throws StrolchException {
+		if (StringHelper.isEmpty(arg.realm))
+			return openUserTx();
+		return openTx(arg.realm, action);
+	}
+
 	/**
 	 * Opens a {@link StrolchTransaction} for the given realm. This transaction should be used in a try-with-resource
 	 * clause so it is properly closed
 	 * 
 	 * @param realm
-	 *            the name of the realm to return
+	 *            the name of the realm
 	 * @param action
 	 *            the action to use for the opened TX
 	 * 
-	 * @return the realm with the given name
+	 * @return the open {@link StrolchTransaction}
 	 * 
 	 * @throws StrolchException
 	 *             if the {@link StrolchRealm} does not exist with the given name
@@ -181,7 +222,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	 * {@link ComponentContainer#getRealm(Certificate)}, the action for the TX is this implementation's class name. This
 	 * transaction should be used in a try-with-resource clause so it is properly closed
 	 * 
-	 * @return the realm with the given name
+	 * @return the open {@link StrolchTransaction}
 	 * 
 	 * @throws StrolchException
 	 *             if the {@link StrolchRealm} does not exist with the given name
@@ -195,12 +236,10 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	 * {@link ComponentContainer#getRealm(Certificate)}. This transaction should be used in a try-with-resource clause
 	 * so it is properly closed
 	 * 
-	 * @param realm
-	 *            the name of the realm to return
 	 * @param action
 	 *            the action to use for the opened TX
 	 * 
-	 * @return the realm with the given name
+	 * @return the open {@link StrolchTransaction}
 	 * 
 	 * @throws StrolchException
 	 *             if the {@link StrolchRealm} does not exist with the given name
diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceArgument.java b/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceArgument.java
index b2e1703ce..5bdfcb8ba 100644
--- a/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceArgument.java
+++ b/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceArgument.java
@@ -17,12 +17,9 @@ package li.strolch.service.api;
 
 import java.io.Serializable;
 
-import li.strolch.runtime.StrolchConstants;
-
 /**
- * Base argument to be used when performing {@link Service Services}. The realm parameter is set to
- * {@link StrolchConstants#DEFAULT_REALM} and can be overridden when the caller of the service wants to perform the
- * service in a different realm
+ * Base argument to be used when performing {@link Service Services}. The realm parameter is null and can be overridden
+ * when the caller of the service wants to perform the service in a different realm
  * 
  * @author Robert von Burg <eitch@eitchnet.ch>
  */
@@ -33,10 +30,6 @@ public class ServiceArgument implements Serializable {
 	 * <p>
 	 * Set this to the realm in which the service should operate
 	 * </p>
-	 * 
-	 * <p>
-	 * realm = StrolchConstants.DEFAULT_REALM
-	 * </p>
 	 */
-	public String realm = StrolchConstants.DEFAULT_REALM;
+	public String realm;
 }
diff --git a/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTestService.java b/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTestService.java
index 3126c48aa..fee089e10 100644
--- a/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTestService.java
+++ b/li.strolch.performancetest/src/test/java/li/strolch/performance/PerformanceTestService.java
@@ -25,6 +25,7 @@ import li.strolch.model.Resource;
 import li.strolch.persistence.api.StrolchTransaction;
 import li.strolch.service.api.AbstractService;
 import li.strolch.service.api.ServiceResult;
+import li.strolch.service.api.ServiceResultState;
 import li.strolch.utils.helper.SystemHelper;
 
 public class PerformanceTestService extends AbstractService<PerformanceTestArgument, ServiceResult> {
@@ -35,7 +36,7 @@ public class PerformanceTestService extends AbstractService<PerformanceTestArgum
 
 	@Override
 	protected ServiceResult getResultInstance() {
-		return new ServiceResult();
+		return new ServiceResult(ServiceResultState.FAILED);
 	}
 
 	@Override
diff --git a/li.strolch.service/src/main/java/li/strolch/service/AddActivityService.java b/li.strolch.service/src/main/java/li/strolch/service/AddActivityService.java
index ccc0b6f07..7a046fd26 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/AddActivityService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/AddActivityService.java
@@ -38,7 +38,7 @@ public class AddActivityService extends AbstractService<AddActivityService.AddAc
 	@Override
 	protected ServiceResult internalDoService(AddActivityArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			AddActivityCommand command = new AddActivityCommand(getContainer(), tx);
 			command.setActivity(arg.activity);
 			tx.addCommand(command);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/AddOrderCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/AddOrderCollectionService.java
index 6135d451e..9e46b27a0 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/AddOrderCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/AddOrderCollectionService.java
@@ -40,7 +40,7 @@ public class AddOrderCollectionService extends
 	@Override
 	protected ServiceResult internalDoService(AddOrderCollectionArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			AddOrderCollectionCommand command = new AddOrderCollectionCommand(getContainer(), tx);
 			command.setOrders(arg.orders);
 			tx.addCommand(command);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/AddOrderService.java b/li.strolch.service/src/main/java/li/strolch/service/AddOrderService.java
index edd2cb4d9..2c0c074c7 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/AddOrderService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/AddOrderService.java
@@ -38,7 +38,7 @@ public class AddOrderService extends AbstractService<AddOrderService.AddOrderArg
 	@Override
 	protected ServiceResult internalDoService(AddOrderArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			AddOrderCommand command = new AddOrderCommand(getContainer(), tx);
 			command.setOrder(arg.order);
 			tx.addCommand(command);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/AddResourceCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/AddResourceCollectionService.java
index 8a1fbb430..c97fe3e3a 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/AddResourceCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/AddResourceCollectionService.java
@@ -40,7 +40,7 @@ public class AddResourceCollectionService extends
 	@Override
 	protected ServiceResult internalDoService(AddResourceCollectionArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			AddResourceCollectionCommand command = new AddResourceCollectionCommand(getContainer(), tx);
 			command.setResources(arg.resources);
 			tx.addCommand(command);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/AddResourceService.java b/li.strolch.service/src/main/java/li/strolch/service/AddResourceService.java
index c8e229b61..62ed2e566 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/AddResourceService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/AddResourceService.java
@@ -38,7 +38,7 @@ public class AddResourceService extends AbstractService<AddResourceService.AddRe
 	@Override
 	protected ServiceResult internalDoService(AddResourceArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			AddResourceCommand command = new AddResourceCommand(getContainer(), tx);
 			command.setResource(arg.resource);
 			tx.addCommand(command);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/ClearModelService.java b/li.strolch.service/src/main/java/li/strolch/service/ClearModelService.java
index 74474b061..023c6a87a 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/ClearModelService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/ClearModelService.java
@@ -41,7 +41,7 @@ public class ClearModelService extends AbstractService<ClearModelArgument, Servi
 	protected ServiceResult internalDoService(ClearModelArgument arg) {
 
 		ClearModelCommand command;
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			command = new ClearModelCommand(getContainer(), tx);
 			command.setClearOrders(arg.clearOrders);
 			command.setClearResources(arg.clearResources);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityCollectionService.java
index 64d4dcd94..84baf789e 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityCollectionService.java
@@ -40,7 +40,7 @@ public class RemoveActivityCollectionService extends AbstractService<LocatorList
 	@Override
 	protected ServiceResult internalDoService(LocatorListArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			List<Activity> activities = new ArrayList<>(arg.locators.size());
 			for (Locator locator : arg.locators) {
diff --git a/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityService.java b/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityService.java
index 623a9364f..bdaaa43bb 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/RemoveActivityService.java
@@ -37,7 +37,7 @@ public class RemoveActivityService extends AbstractService<LocatorArgument, Serv
 	@Override
 	protected ServiceResult internalDoService(LocatorArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			Activity activity = tx.findElement(arg.locator);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderCollectionService.java
index 70bb3dc5c..77fc19d0e 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderCollectionService.java
@@ -40,7 +40,7 @@ public class RemoveOrderCollectionService extends AbstractService<LocatorListArg
 	@Override
 	protected ServiceResult internalDoService(LocatorListArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			List<Order> orders = new ArrayList<>(arg.locators.size());
 			for (Locator locator : arg.locators) {
diff --git a/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderService.java b/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderService.java
index f26263f06..a3f429a4e 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/RemoveOrderService.java
@@ -37,7 +37,7 @@ public class RemoveOrderService extends AbstractService<LocatorArgument, Service
 	@Override
 	protected ServiceResult internalDoService(LocatorArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			Order order = tx.findElement(arg.locator);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceCollectionService.java
index 781c800b9..eec8cafc5 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceCollectionService.java
@@ -40,7 +40,7 @@ public class RemoveResourceCollectionService extends AbstractService<LocatorList
 	@Override
 	protected ServiceResult internalDoService(LocatorListArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			List<Resource> resources = new ArrayList<>(arg.locators.size());
 			for (Locator locator : arg.locators) {
diff --git a/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceService.java b/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceService.java
index 865d5e28d..aec150281 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/RemoveResourceService.java
@@ -37,7 +37,7 @@ public class RemoveResourceService extends AbstractService<LocatorArgument, Serv
 	@Override
 	protected ServiceResult internalDoService(LocatorArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			Resource resource = tx.findElement(arg.locator);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/UpdateActivityService.java b/li.strolch.service/src/main/java/li/strolch/service/UpdateActivityService.java
index 072904bee..dc9be38d1 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/UpdateActivityService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/UpdateActivityService.java
@@ -38,7 +38,7 @@ public class UpdateActivityService extends AbstractService<UpdateActivityService
 	@Override
 	protected ServiceResult internalDoService(UpdateActivityArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			UpdateActivityCommand command = new UpdateActivityCommand(getContainer(), tx);
 			command.setActivity(arg.activity);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderCollectionService.java
index 8aa4e7cae..606fc2b6d 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderCollectionService.java
@@ -40,7 +40,7 @@ public class UpdateOrderCollectionService extends
 	@Override
 	protected ServiceResult internalDoService(UpdateOrderCollectionArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			UpdateOrderCollectionCommand command = new UpdateOrderCollectionCommand(getContainer(), tx);
 			command.setOrders(arg.orders);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderService.java b/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderService.java
index 3ba85affd..954f63f81 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/UpdateOrderService.java
@@ -38,7 +38,7 @@ public class UpdateOrderService extends AbstractService<UpdateOrderService.Updat
 	@Override
 	protected ServiceResult internalDoService(UpdateOrderArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			UpdateOrderCommand command = new UpdateOrderCommand(getContainer(), tx);
 			command.setOrder(arg.order);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceCollectionService.java b/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceCollectionService.java
index efeadede6..3ffa9fa07 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceCollectionService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceCollectionService.java
@@ -40,7 +40,7 @@ public class UpdateResourceCollectionService extends
 	@Override
 	protected ServiceResult internalDoService(UpdateResourceCollectionArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			UpdateResourceCollectionCommand command = new UpdateResourceCollectionCommand(getContainer(), tx);
 			command.setResources(arg.resources);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceService.java b/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceService.java
index 650aa5509..acbb96d63 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/UpdateResourceService.java
@@ -38,7 +38,7 @@ public class UpdateResourceService extends AbstractService<UpdateResourceService
 	@Override
 	protected ServiceResult internalDoService(UpdateResourceArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 			UpdateResourceCommand command = new UpdateResourceCommand(getContainer(), tx);
 			command.setResource(arg.resource);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/XmlExportModelService.java b/li.strolch.service/src/main/java/li/strolch/service/XmlExportModelService.java
index 0ad4ef660..393294368 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/XmlExportModelService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/XmlExportModelService.java
@@ -76,7 +76,7 @@ public class XmlExportModelService extends AbstractService<XmlExportModelArgumen
 		logger.info("Exporting model to real path: " + modelFile.getAbsolutePath());
 
 		XmlExportModelCommand command;
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			command = new XmlExportModelCommand(getContainer(), tx);
 			command.setModelFile(modelFile);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/XmlImportModelService.java b/li.strolch.service/src/main/java/li/strolch/service/XmlImportModelService.java
index 24d52e349..ab19a2638 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/XmlImportModelService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/XmlImportModelService.java
@@ -69,7 +69,7 @@ public class XmlImportModelService extends AbstractService<XmlImportModelArgumen
 		}
 
 		XmlImportModelCommand command;
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			command = new XmlImportModelCommand(getContainer(), tx);
 			command.setModelFile(modelFile);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/parameter/AddParameterService.java b/li.strolch.service/src/main/java/li/strolch/service/parameter/AddParameterService.java
index 50aaa8556..4a33a60d6 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/parameter/AddParameterService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/parameter/AddParameterService.java
@@ -40,7 +40,7 @@ public class AddParameterService extends AbstractService<AddParameterService.Add
 	@Override
 	protected ServiceResult internalDoService(AddParameterArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			ParameterizedElement element = tx.findElement(arg.locator);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/parameter/RemoveParameterService.java b/li.strolch.service/src/main/java/li/strolch/service/parameter/RemoveParameterService.java
index cc6ab2982..8914cf008 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/parameter/RemoveParameterService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/parameter/RemoveParameterService.java
@@ -38,7 +38,7 @@ public class RemoveParameterService extends AbstractService<LocatorArgument, Ser
 	@Override
 	protected ServiceResult internalDoService(LocatorArgument arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			Parameter<?> parameter = tx.findElement(arg.locator);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/parameter/SetParameterService.java b/li.strolch.service/src/main/java/li/strolch/service/parameter/SetParameterService.java
index c2cb937c6..8c6629788 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/parameter/SetParameterService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/parameter/SetParameterService.java
@@ -39,7 +39,7 @@ public class SetParameterService extends AbstractService<SetParameterService.Set
 	@Override
 	protected ServiceResult internalDoService(SetParameterArg arg) {
 
-		try (StrolchTransaction tx = openTx(arg.realm)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg)) {
 
 			Parameter<?> parameter = tx.findElement(arg.locator);
 
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java
index 8eb63d106..05b420122 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java
@@ -45,7 +45,7 @@ public class PrivilegeAddOrReplacePrivilegeOnRoleService
 
 		RoleRep role = privilegeHandler.addOrReplacePrivilegeOnRole(getCertificate(), arg.roleName, arg.privilegeRep);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.ROLE, role.getName());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java
index d283d7810..a9d9a684c 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java
@@ -43,7 +43,7 @@ public class PrivilegeAddRoleService extends AbstractService<PrivilegeRoleArgume
 
 		RoleRep role = privilegeHandler.addRole(getCertificate(), arg.role);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_ADD_ROLE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.ROLE, role.getName());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java
index 5aa812c11..23f10e43c 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java
@@ -45,7 +45,7 @@ public class PrivilegeRemovePrivilegeFromRoleService
 
 		RoleRep role = privilegeHandler.removePrivilegeFromRole(getCertificate(), arg.roleName, arg.privilegeName);
 
-		try (StrolchTransaction tx = openUserTx(StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.ROLE, role.getName());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java
index 3b9c878c6..0074f81ea 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java
@@ -44,7 +44,7 @@ public class PrivilegeRemoveRoleService extends AbstractService<PrivilegeRoleNam
 
 		RoleRep role = privilegeHandler.removeRole(getCertificate(), arg.roleName);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_REMOVE_ROLE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_ROLE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.ROLE, role.getName());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java
index 71f9e0e16..2acb3174f 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java
@@ -44,7 +44,7 @@ public class PrivilegeUpdateRoleService extends AbstractService<PrivilegeRoleArg
 
 		RoleRep role = privilegeHandler.replaceRole(getCertificate(), arg.role);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.ROLE, role.getName());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java
index 4e8deea0d..22c9eac2b 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java
@@ -45,7 +45,7 @@ public class PrivilegeAddRoleToUserService
 
 		UserRep user = privilegeHandler.addRoleToUser(getCertificate(), arg.username, arg.rolename);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java
index ec111c911..21cb3525c 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java
@@ -44,7 +44,7 @@ public class PrivilegeAddUserService extends AbstractService<PrivilegeUserArgume
 
 		UserRep user = privilegeHandler.addUser(getCertificate(), arg.user, null);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_ADD_USER)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_USER)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java
index be9d3011e..6f7a2c6d8 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java
@@ -44,7 +44,7 @@ public class PrivilegeRemoveRoleFromUserService
 
 		UserRep user = privilegeHandler.removeRoleFromUser(getCertificate(), arg.username, arg.rolename);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_REMOVE_ROLE_FROM_USER)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_ROLE_FROM_USER)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java
index 4921c2be2..451603883 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java
@@ -44,7 +44,7 @@ public class PrivilegeRemoveUserService extends AbstractService<PrivilegeUserNam
 
 		UserRep user = privilegeHandler.removeUser(getCertificate(), arg.username);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_REMOVE_USER)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_USER)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java
index a64a3360e..3423a2b92 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java
@@ -45,7 +45,7 @@ public class PrivilegeSetUserLocaleService
 
 		UserRep user = privilegeHandler.setUserLocale(getCertificate(), arg.username, arg.locale);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_SET_USER_LOCALE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_LOCALE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java
index 6d32edff9..ac1f66cfa 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java
@@ -44,7 +44,7 @@ public class PrivilegeSetUserPasswordService extends AbstractService<PrivilegeSe
 
 		privilegeHandler.setUserPassword(getCertificate(), arg.username, arg.password);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, arg.username);
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java
index e1604545c..c9b2011a7 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java
@@ -44,7 +44,7 @@ public class PrivilegeSetUserStateService extends AbstractService<PrivilegeSetUs
 
 		UserRep user = privilegeHandler.setUserState(getCertificate(), arg.username, arg.userState);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_SET_USER_STATE)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_STATE)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());
diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java
index 883925faa..6ab5042cd 100644
--- a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java
+++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java
@@ -44,7 +44,7 @@ public class PrivilegeUpdateUserService extends AbstractService<PrivilegeUserArg
 
 		UserRep user = privilegeHandler.updateUser(getCertificate(), arg.user);
 
-		try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_USER)) {
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_USER)) {
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 					StrolchPrivilegeConstants.USER, user.getUsername());