diff --git a/src/main/java/org/olat/admin/UserAdminMainController.java b/src/main/java/org/olat/admin/UserAdminMainController.java
index 4486f9d8ac3cbe30c1db51540dd17acf791517e1..a3095c5b3917db42520c3b9da469d3f677f29d28 100644
--- a/src/main/java/org/olat/admin/UserAdminMainController.java
+++ b/src/main/java/org/olat/admin/UserAdminMainController.java
@@ -216,13 +216,14 @@ public class UserAdminMainController extends MainLayoutBasicController implement
 			}
 		} else if (source == userAdminCtr) {
 			if (event == Event.BACK_EVENT) {
+				Identity editedIdentity = userAdminCtr.getEditedIdentity();
 				removeAsListenerAndDispose(userAdminCtr);
 				userAdminCtr = null;
 				// update data model of content controller when of type user search
 				// to display correct values of identity
 				if (contentCtr instanceof UsermanagerUserSearchController) {
 					UsermanagerUserSearchController userSearchCtr = (UsermanagerUserSearchController) contentCtr;
-					userSearchCtr.reloadFoundIdentity();
+					userSearchCtr.reloadFoundIdentity(editedIdentity);
 					addToHistory(ureq, userSearchCtr);
 				}
 				content.setContent(contentCtr.getInitialComponent());
diff --git a/src/main/java/org/olat/admin/user/UserAdminController.java b/src/main/java/org/olat/admin/user/UserAdminController.java
index 0060118d97176d24f26621c529a74b03342b4bbc..1011bc34c2382538050e42a5ea9162b8964047ff 100644
--- a/src/main/java/org/olat/admin/user/UserAdminController.java
+++ b/src/main/java/org/olat/admin/user/UserAdminController.java
@@ -172,6 +172,10 @@ public class UserAdminController extends BasicController implements Activateable
 			putInitialPanel(new Panel("empty"));
 		}
 	}
+	
+	public Identity getEditedIdentity() {
+		return myIdentity;
+	}
 
 	@Override
 	public void activate(UserRequest ureq, List<ContextEntry> entries, StateEntry state) {
diff --git a/src/main/java/org/olat/admin/user/UsermanagerUserSearchController.java b/src/main/java/org/olat/admin/user/UsermanagerUserSearchController.java
index c83957ea1b2acb8a99b7a537027dacc5725dae9f..19e89a10a8f3b92db9ac74fcf395064dead12371 100644
--- a/src/main/java/org/olat/admin/user/UsermanagerUserSearchController.java
+++ b/src/main/java/org/olat/admin/user/UsermanagerUserSearchController.java
@@ -38,7 +38,6 @@ import java.util.Set;
 import org.olat.admin.user.bulkChange.UserBulkChangeManager;
 import org.olat.admin.user.bulkChange.UserBulkChangeStep00;
 import org.olat.basesecurity.BaseSecurity;
-import org.olat.basesecurity.BaseSecurityManager;
 import org.olat.basesecurity.BaseSecurityModule;
 import org.olat.basesecurity.Constants;
 import org.olat.basesecurity.PermissionOnResourceable;
@@ -46,7 +45,6 @@ import org.olat.basesecurity.SecurityGroup;
 import org.olat.basesecurity.events.SingleIdentityChosenEvent;
 import org.olat.core.CoreSpringFactory;
 import org.olat.core.commons.fullWebApp.popup.BaseFullWebappPopupLayoutFactory;
-import org.olat.core.commons.persistence.DBFactory;
 import org.olat.core.commons.persistence.PersistenceHelper;
 import org.olat.core.commons.services.webdav.WebDAVModule;
 import org.olat.core.commons.services.webdav.manager.WebDAVAuthManager;
@@ -87,7 +85,6 @@ import org.olat.core.id.OLATResourceable;
 import org.olat.core.id.context.ContextEntry;
 import org.olat.core.id.context.StateEntry;
 import org.olat.core.id.context.StateMapped;
-import org.olat.core.logging.AssertException;
 import org.olat.core.logging.activity.ThreadLocalUserActivityLogger;
 import org.olat.core.util.StringHelper;
 import org.olat.core.util.mail.ContactList;
@@ -131,7 +128,6 @@ public class UsermanagerUserSearchController extends BasicController implements
 	private List<Identity> identitiesList, selectedIdentities;
 	private List<String> notUpdatedIdentities = new ArrayList<String>();
 	private ExtendedIdentitiesTableDataModel tdm;
-	private Identity foundIdentity = null;
 	private ContactFormController contactCtr;
 	private Link backFromMail;
 	private Link backFromList;
@@ -330,7 +326,6 @@ public class UsermanagerUserSearchController extends BasicController implements
 					foundIdentites.add(found);
 					initUserListCtr(ureq, foundIdentites, 0);
 				}
-				foundIdentity = found;
 				fireEvent(ureq, new SingleIdentityChosenEvent(found));
 			}
 		}
@@ -431,7 +426,6 @@ public class UsermanagerUserSearchController extends BasicController implements
 	 * @return List of identities that match the criterias from the search form
 	 */
 	private List<Identity> findIdentitiesFromSearchForm() {
-		BaseSecurity secMgr = BaseSecurityManager.getInstance();
 		// get user attributes from form
 		String login = searchform.getStringValue("login");
 		// when searching for deleted users, add wildcard to match with backup prefix
@@ -465,27 +459,27 @@ public class UsermanagerUserSearchController extends BasicController implements
 		// get group memberships from form
 		List<SecurityGroup> groupsList = new ArrayList<SecurityGroup>();
 		if (searchform.getRole("admin")) {
-			SecurityGroup group = secMgr.findSecurityGroupByName(Constants.GROUP_ADMIN);
+			SecurityGroup group = securityManager.findSecurityGroupByName(Constants.GROUP_ADMIN);
 			groupsList.add(group);
 		}
 		if (searchform.getRole("author")) {
-			SecurityGroup group = secMgr.findSecurityGroupByName(Constants.GROUP_AUTHORS);
+			SecurityGroup group = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS);
 			groupsList.add(group);
 		}
 		if (searchform.getRole("groupmanager")) {
-			SecurityGroup group = secMgr.findSecurityGroupByName(Constants.GROUP_GROUPMANAGERS);
+			SecurityGroup group = securityManager.findSecurityGroupByName(Constants.GROUP_GROUPMANAGERS);
 			groupsList.add(group);
 		}
 		if (searchform.getRole("usermanager")) {
-			SecurityGroup group = secMgr.findSecurityGroupByName(Constants.GROUP_USERMANAGERS);
+			SecurityGroup group = securityManager.findSecurityGroupByName(Constants.GROUP_USERMANAGERS);
 			groupsList.add(group);
 		}
 		if (searchform.getRole("oresmanager")) {
-			SecurityGroup group = secMgr.findSecurityGroupByName(Constants.GROUP_INST_ORES_MANAGER);
+			SecurityGroup group = securityManager.findSecurityGroupByName(Constants.GROUP_INST_ORES_MANAGER);
 			groupsList.add(group);
 		}
 		if (searchform.getRole("poolmanager")) {
-			SecurityGroup group = secMgr.findSecurityGroupByName(Constants.GROUP_POOL_MANAGER);
+			SecurityGroup group = securityManager.findSecurityGroupByName(Constants.GROUP_POOL_MANAGER);
 			groupsList.add(group);
 		}
 		
@@ -507,7 +501,7 @@ public class UsermanagerUserSearchController extends BasicController implements
 		Date userLoginAfter = searchform.getUserLoginAfter();
 
 		// now perform power search
-		List<Identity> myIdentities = secMgr.getIdentitiesByPowerSearch((login.equals("") ? null : login), userPropertiesSearch, true, groups,
+		List<Identity> myIdentities = securityManager.getIdentitiesByPowerSearch((login.equals("") ? null : login), userPropertiesSearch, true, groups,
 				permissionOnResources, authProviders, createdAfter, createdBefore, userLoginAfter, userLoginBefore, status);
 
 		return myIdentities;
@@ -542,7 +536,7 @@ public class UsermanagerUserSearchController extends BasicController implements
 				String actionid = te.getActionId();
 				if (actionid.equals(ExtendedIdentitiesTableDataModel.COMMAND_SELECTUSER)) {
 					int rowid = te.getRowId();
-					foundIdentity = tdm.getObject(rowid);
+					Identity foundIdentity = tdm.getObject(rowid);
 					// Tell parentController that a subject has been found
 					fireEvent(ureq, new SingleIdentityChosenEvent(foundIdentity));
 				} else if (actionid.equals(ExtendedIdentitiesTableDataModel.COMMAND_VCARD)) {
@@ -671,10 +665,9 @@ public class UsermanagerUserSearchController extends BasicController implements
 	 */
 	private void reloadDataModel(UserRequest ureq) {
 		if (identitiesList == null) return;
-		BaseSecurity secMgr = BaseSecurityManager.getInstance();
 		for (int i = 0; i < identitiesList.size(); i++) {
 			Identity ident = identitiesList.get(i);
-			Identity refrshed = secMgr.loadIdentityByKey(ident.getKey());
+			Identity refrshed = securityManager.loadIdentityByKey(ident.getKey());
 			identitiesList.set(i, refrshed);
 		}
 		initUserListCtr(ureq, identitiesList, null);
@@ -686,20 +679,24 @@ public class UsermanagerUserSearchController extends BasicController implements
 	 * activated user table list model. The identity will be reloaded from the
 	 * database to have accurate values.
 	 */
-	public void reloadFoundIdentity() {
-		if (foundIdentity == null) throw new AssertException("reloadFoundIdentity called but foundIdentity is null");
-		// reload the found identity
-		foundIdentity = (Identity) DBFactory.getInstance().loadObject(foundIdentity);
-		// replace the found identity in the table list model to display changed
-		// values
-		List identities = tdm.getObjects();
-		PersistenceHelper.replaceObjectInListByKey(identities, foundIdentity);
+	public void reloadFoundIdentity(Identity editedIdentity) {
+		if(editedIdentity == null) return;//nothing to replace
+		
+		List<Identity> identities = tdm.getObjects();
+		int index = identities.indexOf(editedIdentity);
+		if(index >= 0) {
+			// reload the found identity
+			Identity reloadedIdentity = securityManager.loadIdentityByKey(editedIdentity.getKey());
+			// replace the found identity in the table list model to display changed
+			identities.set(index, reloadedIdentity);
+		}
 	}
 
 	/**
 	 * 
 	 * @see org.olat.core.gui.control.DefaultController#doDispose(boolean)
 	 */
+	@Override
 	protected void doDispose() {
 		//
 	}
diff --git a/src/main/java/org/olat/course/certificate/ui/UploadCertificateController.java b/src/main/java/org/olat/course/certificate/ui/UploadCertificateController.java
index 337649b998445f5384b300bf769ea7a89ba9ad6f..490f75ec5977f927ccdd128f317fd2eab6bbe059 100644
--- a/src/main/java/org/olat/course/certificate/ui/UploadCertificateController.java
+++ b/src/main/java/org/olat/course/certificate/ui/UploadCertificateController.java
@@ -154,9 +154,9 @@ public class UploadCertificateController extends FormBasicController {
 
 	@Override
 	protected boolean validateFormLogic(UserRequest ureq) {
-		boolean allOk = true;
+		boolean allOk = super.validateFormLogic(ureq);
 		allOk &= validateTemplate();
-		return allOk & super.validateFormLogic(ureq);
+		return allOk;
 	}
 
 	protected boolean validateTemplate() {
@@ -188,17 +188,16 @@ public class UploadCertificateController extends FormBasicController {
 				Path path = FileResource.getResource(template, filename);
 				IndexVisitor visitor = new IndexVisitor(path);
 				Files.walkFileTree(path, visitor);
-				if(!visitor.hasFound()) {
+				if(!visitor.hasFound() || path.getNameCount() > 0) {
 					fileEl.setErrorKey("upload.error.noindex", null);
+					allOk &= false;
 				}
-				allOk = visitor.hasFound();
 				PathUtils.closeSubsequentFS(path);
-
 				formatEl.setVisible(allOk);
 				orientationEl.setVisible(allOk);
 			} else {
 				fileEl.setErrorKey("upload.error.no.phantomjs", null);
-				allOk = false;
+				allOk &= false;
 			}
 		} catch (IOException e) {
 			logError("", e);
diff --git a/src/main/java/org/olat/ims/qti21/ui/AssessmentTestDisplayController.java b/src/main/java/org/olat/ims/qti21/ui/AssessmentTestDisplayController.java
index e4b1f7be252d2fcb5f57ba80b2cfdf041176baec..c7d4992bef67bd9b443c8db1dfab3cf3240d874d 100644
--- a/src/main/java/org/olat/ims/qti21/ui/AssessmentTestDisplayController.java
+++ b/src/main/java/org/olat/ims/qti21/ui/AssessmentTestDisplayController.java
@@ -648,7 +648,9 @@ public class AssessmentTestDisplayController extends BasicController implements
 				break;
 			case response:
 				handleResponse(ureq, qe.getStringResponseMap(), qe.getFileResponseMap(), qe.getComment());
-				nextItemIfAllowed(ureq);
+				if(!nextItemIfAllowed(ureq)) {
+					logWarn("Cannot automatically go to the next question", null);
+				}
 				break;
 			case endTestPart:
 				confirmEndTestPart(ureq);
@@ -775,23 +777,30 @@ public class AssessmentTestDisplayController extends BasicController implements
 	 * 
 	 * @param ureq
 	 */
-	private void nextItemIfAllowed(UserRequest ureq) {
-        if(testSessionController.hasFollowingNonLinearItem()
-        		&& testSessionController.getTestSessionState() != null
-        		&& !testSessionController.getTestSessionState().isEnded()
-        		&& !testSessionController.getTestSessionState().isExited()) {
-            
-        	TestSessionState testSessionState = testSessionController.getTestSessionState();
-            TestPlanNodeKey itemNodeKey = testSessionState.getCurrentItemKey();
-            if(itemNodeKey != null) {
-				TestPlanNode currentItemNode = testSessionState.getTestPlan().getNode(itemNodeKey);
-	        	boolean hasFeedbacks = qtiWorksCtrl.willShowSomeAssessmentItemFeedbacks(currentItemNode);
-	        	//allow skipping
-	        	if(!hasFeedbacks) {
-	        		processNextItem(ureq);
-	        	}
-            }
-        }
+	private boolean nextItemIfAllowed(UserRequest ureq) {
+		if (testSessionController.hasFollowingNonLinearItem()
+				&& testSessionController.getTestSessionState() != null
+				&& !testSessionController.getTestSessionState().isEnded()
+				&& !testSessionController.getTestSessionState().isExited()) {
+
+			try {
+				TestSessionState testSessionState = testSessionController.getTestSessionState();
+				TestPlanNodeKey itemNodeKey = testSessionState.getCurrentItemKey();
+				if (itemNodeKey != null) {
+					TestPlanNode currentItemNode = testSessionState.getTestPlan().getNode(itemNodeKey);
+					boolean hasFeedbacks = qtiWorksCtrl.willShowSomeAssessmentItemFeedbacks(currentItemNode);
+					// allow skipping
+					if (!hasFeedbacks) {
+						processNextItem(ureq);
+						return true;
+					}
+				}
+			} catch (QtiCandidateStateException e) {
+				logError("", e);//log informations
+				ServletUtil.printOutRequestParameters(ureq.getHttpReq());
+			}
+		}
+		return false;
 	}
 	
 	private void processNextItem(UserRequest ureq) {