session logging refactoring

server/src/main/java/password/pwm/AppProperty.java

@@ -232,6 +232,7 @@ public enum AppProperty
     LDAP_SEARCH_PARALLEL_THREAD_MAX                 ( "ldap.search.parallel.threadMax" ),
     LDAP_ORACLE_POST_TEMPPW_USE_CURRENT_TIME        ( "ldap.oracle.postTempPasswordUseCurrentTime" ),
     LOGGING_PATTERN                                 ( "logging.pattern" ),
+    LOGGING_EXTRA_PERIODIC_THREAD_DUMP_INTERVAL     ( "logging.extra.periodicThreadDumpIntervalSeconds" ),
     LOGGING_FILE_MAX_SIZE                           ( "logging.file.maxSize" ),
     LOGGING_FILE_MAX_ROLLOVER                       ( "logging.file.maxRollover" ),
     LOGGING_FILE_PATH                               ( "logging.file.path" ),

server/src/main/java/password/pwm/Permission.java

@@ -21,7 +21,6 @@
 package password.pwm;
 
 import password.pwm.config.PwmSetting;
-import password.pwm.util.logging.PwmLogger;
 
 /**
  * @author Jason D. Rivard
@@ -39,10 +38,7 @@ public enum Permission
     WEBSERVICE( PwmSetting.WEBSERVICES_QUERY_MATCH ),
     WEBSERVICE_THIRDPARTY( PwmSetting.WEBSERVICES_THIRDPARTY_QUERY_MATCH ),;
 
-
-    private static final PwmLogger LOGGER = PwmLogger.forClass( Permission.class );
-
-    private PwmSetting pwmSetting;
+    private final PwmSetting pwmSetting;
 
     Permission( final PwmSetting pwmSetting )
     {

server/src/main/java/password/pwm/PwmConstants.java

@@ -97,6 +97,7 @@ public abstract class PwmConstants
     public static final int TRIAL_MAX_AUTHENTICATIONS = 100;
     public static final int TRIAL_MAX_TOTAL_AUTH = 10000;
 
+    public static final int XML_OUTPUT_LINE_WRAP_LENGTH = 120;
 
     public static final String LDAP_AD_PASSWORD_POLICY_CONTROL_ASN = "1.2.840.113556.1.4.2066";
     public static final String PROFILE_ID_ALL = "all";

server/src/main/java/password/pwm/bean/SessionLabel.java

@@ -20,42 +20,31 @@
 
 package password.pwm.bean;
 
-import lombok.AllArgsConstructor;
+import lombok.Builder;
 import lombok.Value;
 
 import java.io.Serializable;
 
 @Value
-@AllArgsConstructor
+@Builder( toBuilder = true )
 public class SessionLabel implements Serializable
 {
     public static final SessionLabel SYSTEM_LABEL = null;
     public static final String SESSION_LABEL_SESSION_ID = "#";
-    public static final SessionLabel PW_EXP_NOTICE_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "pwExpireNotice", null, null );
-    public static final SessionLabel TOKEN_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "token", null, null );
-    public static final SessionLabel CLI_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "cli", null, null );
-    public static final SessionLabel HEALTH_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "health", null, null );
-    public static final SessionLabel REPORTING_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "reporting", null, null );
-    public static final SessionLabel AUDITING_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "auditing", null, null );
-    public static final SessionLabel TELEMETRY_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "telemetry", null, null );
-    public static final SessionLabel PWNOTIFY_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "pwnotify", null, null );
-    public static final SessionLabel CONTEXT_SESSION_LABEL = new SessionLabel( SESSION_LABEL_SESSION_ID, null, "context", null, null );
+    public static final SessionLabel PW_EXP_NOTICE_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "pwExpireNotice" ).build();
+    public static final SessionLabel TOKEN_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "token" ).build();
+    public static final SessionLabel CLI_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "cli" ).build();
+    public static final SessionLabel HEALTH_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "health" ).build();
+    public static final SessionLabel REPORTING_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "reporting" ).build();
+    public static final SessionLabel AUDITING_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "auditing" ).build();
+    public static final SessionLabel TELEMETRY_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "telemetry" ).build();
+    public static final SessionLabel PWNOTIFY_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "pwnotify" ).build();
+    public static final SessionLabel CONTEXT_SESSION_LABEL = SessionLabel.builder().sessionID( SESSION_LABEL_SESSION_ID ).username( "context" ).build();
 
     private final String sessionID;
-    private final UserIdentity userIdentity;
+    private final String requestID;
+    private final String userID;
     private final String username;
-    private final String srcAddress;
-    private final String srcHostname;
-
-    public String toString( )
-    {
-        if ( this.getSessionID() == null || this.getSessionID().isEmpty() )
-        {
-            return "";
-        }
-        return "{" + this.getSessionID()
-                + ( this.getUsername() != null && !this.getUsername().isEmpty() ? "," + this.getUsername() : "" )
-                + "}";
-
-    }
+    private final String sourceAddress;
+    private final String sourceHostname;
 }

server/src/main/java/password/pwm/config/function/AbstractUriCertImportFunction.java

@@ -60,7 +60,7 @@ abstract class AbstractUriCertImportFunction implements SettingUIFunction
             final URI uri = URI.create( urlString );
             if ( "https".equalsIgnoreCase( uri.getScheme() ) )
             {
-                certs = X509Utils.readRemoteHttpCertificates( pwmRequest.getPwmApplication(), pwmSession.getLabel(), uri, new Configuration( modifier.newStoredConfiguration() ) );
+                certs = X509Utils.readRemoteHttpCertificates( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), uri, new Configuration( modifier.newStoredConfiguration() ) );
             }
             else
             {

server/src/main/java/password/pwm/config/value/FileValue.java

@@ -22,6 +22,7 @@ package password.pwm.config.value;
 
 import lombok.Builder;
 import lombok.Value;
+import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.StoredValue;
 import password.pwm.config.stored.StoredConfigXmlConstants;
@@ -52,7 +53,6 @@ public class FileValue extends AbstractValue implements StoredValue
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( FileValue.class );
 
-    private static final int ENCODING_LINE_LENGTH = 120;
     private static final String XML_ELEMENT_FILE_INFORMATION = "FileInformation";
     private static final String XML_ELEMENT_FILE_CONTENT = "FileContent";
 
@@ -164,7 +164,7 @@ public class FileValue extends AbstractValue implements StoredValue
             try
             {
                 final String encodedLineBreaks = StringUtil.insertRepeatedLineBreaks(
-                        fileContent.toEncodedString(), ENCODING_LINE_LENGTH );
+                        fileContent.toEncodedString(), PwmConstants.XML_OUTPUT_LINE_WRAP_LENGTH );
                 fileContentElement.addText( encodedLineBreaks );
             }
             catch ( final IOException e )

server/src/main/java/password/pwm/config/value/X509CertificateValue.java

@@ -20,6 +20,7 @@
 
 package password.pwm.config.value;
 
+import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.StoredValue;
 import password.pwm.config.stored.StoredConfigXmlConstants;
@@ -116,7 +117,7 @@ public class X509CertificateValue extends AbstractValue implements StoredValue
             try
             {
                 final String b64Value = X509Utils.certificateToBase64( value );
-                final String splitValue = StringUtil.insertRepeatedLineBreaks( b64Value, 80 );
+                final String splitValue = StringUtil.insertRepeatedLineBreaks( b64Value, PwmConstants.XML_OUTPUT_LINE_WRAP_LENGTH );
                 valueElement.addText( splitValue );
             }
             catch ( final CertificateEncodingException e )

server/src/main/java/password/pwm/health/CertificateChecker.java

@@ -54,8 +54,7 @@ public class CertificateChecker implements HealthChecker
     @Override
     public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
     {
-        final List<HealthRecord> records = new ArrayList<>();
-        records.addAll( doHealthCheck( pwmApplication.getConfig() ) );
+        final List<HealthRecord> records = new ArrayList<>( doHealthCheck( pwmApplication.getConfig() ) );
         try
         {
             records.addAll( doActionHealthCheck( pwmApplication.getConfig() ) );

server/src/main/java/password/pwm/health/HealthMonitor.java

@@ -29,20 +29,26 @@ import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.servlet.configmanager.DebugItemGenerator;
 import password.pwm.svc.PwmService;
 import password.pwm.util.PwmScheduler;
+import password.pwm.util.java.AtomicLoopIntIncrementer;
 import password.pwm.util.java.FileSystemUtility;
 import password.pwm.util.java.JavaHelper;
+import password.pwm.util.java.StringUtil;
 import password.pwm.util.java.TimeDuration;
+import password.pwm.util.logging.PwmLogLevel;
 import password.pwm.util.logging.PwmLogger;
 
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.Serializable;
+import java.lang.management.ManagementFactory;
+import java.lang.management.ThreadInfo;
 import java.nio.file.Files;
 import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -108,6 +114,16 @@ public class HealthMonitor implements PwmService
         supportZipWriterService = PwmScheduler.makeBackgroundExecutor( pwmApplication, this.getClass() );
         scheduleNextZipOutput();
 
+        {
+            final int threadDumpIntervalSeconds = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty(
+                    AppProperty.LOGGING_EXTRA_PERIODIC_THREAD_DUMP_INTERVAL ), 0 );
+            if ( threadDumpIntervalSeconds > 0 )
+            {
+                final TimeDuration interval =  TimeDuration.of( threadDumpIntervalSeconds, TimeDuration.Unit.SECONDS );
+                pwmApplication.getPwmScheduler().scheduleFixedRateJob( new ThreadDumpLogger(), executorService, TimeDuration.SECOND, interval );
+            }
+        }
+
         status = STATUS.OPEN;
     }
 
@@ -381,4 +397,44 @@ public class HealthMonitor implements PwmService
             Files.move( newSupportFile.toPath(), supportFile.toPath() );
         }
     }
+
+    private static class ThreadDumpLogger implements Runnable
+    {
+        private static final PwmLogger LOGGER = PwmLogger.forClass( ThreadDumpLogger.class );
+        private static final AtomicLoopIntIncrementer COUNTER = new AtomicLoopIntIncrementer();
+
+        @Override
+        public void run()
+        {
+            if ( !LOGGER.isEnabled( PwmLogLevel.TRACE ) )
+            {
+                return;
+            }
+
+            final int count = COUNTER.next();
+            output( "---BEGIN OUTPUT THREAD DUMP #" + count + "---" );
+
+            {
+                final Map<String, String> debugValues = new LinkedHashMap<>();
+                debugValues.put( "Memory Free", Long.toString( Runtime.getRuntime().freeMemory() ) );
+                debugValues.put( "Memory Allocated", Long.toString( Runtime.getRuntime().totalMemory() ) );
+                debugValues.put( "Memory Max", Long.toString( Runtime.getRuntime().maxMemory() ) );
+                debugValues.put( "Thread Count", Integer.toString( Thread.activeCount() ) );
+                output( "Thread Data #: " + StringUtil.mapToString( debugValues ) );
+            }
+
+            final ThreadInfo[] threads = ManagementFactory.getThreadMXBean().dumpAllThreads( true, true );
+            for ( final ThreadInfo threadInfo : threads )
+            {
+                output( JavaHelper.threadInfoToString( threadInfo ) );
+            }
+
+            output( "---END OUTPUT THREAD DUMP #" + count + "---" );
+        }
+
+        private void output( final CharSequence output )
+        {
+            LOGGER.trace( () -> output );
+        }
+    }
 }

server/src/main/java/password/pwm/http/HttpEventManager.java

@@ -100,7 +100,7 @@ public class HttpEventManager implements
                     pwmApplication.getSessionTrackService().removeSessionData( pwmSession );
                 }
                 final String outputMsg = debugMsg;
-                LOGGER.trace( pwmSession, () -> outputMsg );
+                LOGGER.trace( pwmSession.getLabel(), () -> outputMsg );
             }
             else
             {

server/src/main/java/password/pwm/http/IdleTimeoutCalculator.java

@@ -177,18 +177,13 @@ public class IdleTimeoutCalculator
         }
     }
 
-    public static TimeDuration idleTimeoutForRequest( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
-    {
-        return idleTimeoutForRequest( pwmRequest.getURL(), pwmRequest.getPwmApplication(), pwmRequest.getPwmSession() );
-    }
-
-    public static TimeDuration idleTimeoutForRequest(
-            final PwmURL pwmURL,
-            final PwmApplication pwmApplication,
-            final PwmSession pwmSession
-    )
+    public static TimeDuration idleTimeoutForRequest( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException
     {
+        final PwmURL pwmURL = pwmRequest.getURL();
+        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmSession pwmSession = pwmRequest.getPwmSession();
+
         if ( pwmURL.isResourceURL() )
         {
             return figureMaxSessionTimeout( pwmApplication, pwmSession ).getIdleTimeout();
@@ -245,7 +240,7 @@ public class IdleTimeoutCalculator
             }
             catch ( final PwmUnrecoverableException e )
             {
-                LOGGER.error( pwmSession, "error while figuring max idle timeout for session: " + e.getMessage() );
+                LOGGER.error( pwmRequest, "error while figuring max idle timeout for session: " + e.getMessage() );
             }
         }
 

server/src/main/java/password/pwm/http/PwmRequest.java

@@ -45,6 +45,7 @@ import password.pwm.http.servlet.PwmServletDefinition;
 import password.pwm.http.servlet.command.CommandServlet;
 import password.pwm.ldap.UserInfo;
 import password.pwm.util.Validator;
+import password.pwm.util.java.LazySupplier;
 import password.pwm.util.java.StringUtil;
 import password.pwm.util.logging.PwmLogLevel;
 import password.pwm.util.logging.PwmLogger;
@@ -66,18 +67,19 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
+import java.util.function.Supplier;
 
 public class PwmRequest extends PwmHttpRequestWrapper
 {
-
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmRequest.class );
 
     private final PwmResponse pwmResponse;
     private final PwmURL pwmURL;
     private final PwmRequestID pwmRequestID;
 
-    private transient PwmApplication pwmApplication;
-    private transient PwmSession pwmSession;
+    private final transient PwmApplication pwmApplication;
+    private final transient PwmSession pwmSession;
+    private final transient Supplier<SessionLabel> sessionLabelLazySupplier = new LazySupplier<>( this::makeSessionLabel );
 
     private final Set<PwmRequestFlag> flags = new HashSet<>();
 
@@ -124,9 +126,16 @@ public class PwmRequest extends PwmHttpRequestWrapper
         return pwmSession;
     }
 
-    public SessionLabel getSessionLabel( )
+    public SessionLabel getLabel( )
     {
-        return pwmSession.getLabel();
+        return sessionLabelLazySupplier.get();
+    }
+
+    private SessionLabel makeSessionLabel( )
+    {
+        return getPwmSession().getLabel().toBuilder()
+                .requestID( pwmRequestID.toString() )
+                .build();
     }
 
     public PwmResponse getPwmResponse( )
@@ -324,10 +333,10 @@ public class PwmRequest extends PwmHttpRequestWrapper
             return false;
         }
 
-        String aftPath = uri.substring( uri.indexOf( servletPath ) + servletPath.length(), uri.length() );
+        String aftPath = uri.substring( uri.indexOf( servletPath ) + servletPath.length() );
         if ( aftPath.startsWith( "/" ) )
         {
-            aftPath = aftPath.substring( 1, aftPath.length() );
+            aftPath = aftPath.substring( 1 );
         }
 
         if ( aftPath.contains( "?" ) )
@@ -356,7 +365,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
         redirectURL.append( "&" );
         redirectURL.append( PwmConstants.PARAM_TOKEN ).append( "=" ).append( tokenValue );
 
-        LOGGER.debug( pwmSession, () -> "detected long servlet url, redirecting user to " + redirectURL );
+        LOGGER.debug( this, () -> "detected long servlet url, redirecting user to " + redirectURL );
         sendRedirect( redirectURL.toString() );
         return true;
     }
@@ -382,7 +391,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
         if ( LOGGER.isEnabled( PwmLogLevel.TRACE ) )
         {
             final String debugTxt = debugHttpRequestToString( extraText, false );
-            LOGGER.trace( this.getSessionLabel(), () -> debugTxt );
+            LOGGER.trace( this.getLabel(), () -> debugTxt );
         }
     }
 
@@ -458,16 +467,21 @@ public class PwmRequest extends PwmHttpRequestWrapper
     {
         final LocalSessionStateBean ssBean = this.getPwmSession().getSessionStateBean();
         String redirectURL = ssBean.getForwardURL();
-        if ( redirectURL == null || redirectURL.length() < 1 )
+        if ( StringUtil.isEmpty( redirectURL ) )
         {
             redirectURL = this.getConfig().readSettingAsString( PwmSetting.URL_FORWARD );
         }
 
-        if ( redirectURL == null || redirectURL.length() < 1 )
+        if ( StringUtil.isEmpty( redirectURL ) )
         {
             redirectURL = this.getContextPath();
         }
 
+        if ( StringUtil.isEmpty( redirectURL ) )
+        {
+            redirectURL = "/";
+        }
+
         return redirectURL;
     }
 
@@ -507,7 +521,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
     public String toString( )
     {
         return this.getClass().getSimpleName() + " "
-                + ( this.getSessionLabel() == null ? "" : getSessionLabel().toString() )
+                + ( this.getLabel() == null ? "" : getLabel().toString() )
                 + " " + getURLwithoutQueryString();
 
     }
@@ -571,7 +585,11 @@ public class PwmRequest extends PwmHttpRequestWrapper
 
     public CommonValues commonValues()
     {
-        return new CommonValues( pwmApplication, this.getSessionLabel(), this.getLocale(), pwmRequestID );
+        return new CommonValues( pwmApplication, this.getLabel(), this.getLocale(), pwmRequestID );
     }
 
+    public String getPwmRequestID()
+    {
+        return pwmRequestID.toString();
+    }
 }

server/src/main/java/password/pwm/http/PwmResponse.java

@@ -129,7 +129,6 @@ public class PwmResponse extends PwmHttpResponseWrapper
 
     {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         this.pwmRequest.setAttribute( PwmRequestAttribute.SuccessMessage, message );
 
         final boolean showMessage = !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SUCCESS_PAGES )
@@ -137,7 +136,7 @@ public class PwmResponse extends PwmHttpResponseWrapper
 
         if ( showMessage )
         {
-            LOGGER.trace( pwmSession, () -> "skipping success page due to configuration setting" );
+            LOGGER.trace( pwmRequest, () -> "skipping success page due to configuration setting" );
             final String redirectUrl = pwmRequest.getContextPath()
                     + PwmServletDefinition.PublicCommand.servletUrl()
                     + "?processAction=next";
@@ -161,7 +160,7 @@ public class PwmResponse extends PwmHttpResponseWrapper
     )
             throws IOException, ServletException
     {
-        LOGGER.error( pwmRequest.getSessionLabel(), errorInformation );
+        LOGGER.error( pwmRequest.getLabel(), errorInformation );
 
         pwmRequest.setAttribute( PwmRequestAttribute.PwmErrorInfo, errorInformation );
 
@@ -180,7 +179,7 @@ public class PwmResponse extends PwmHttpResponseWrapper
         if ( isCommitted() )
         {
             final String msg = "cannot respond with error '" + errorInformation.toDebugStr() + "', response is already committed";
-            LOGGER.warn( pwmRequest.getSessionLabel(), ExceptionUtils.getStackTrace( new Throwable( msg ) ) );
+            LOGGER.warn( pwmRequest.getLabel(), ExceptionUtils.getStackTrace( new Throwable( msg ) ) );
             return;
         }
 

server/src/main/java/password/pwm/http/PwmSession.java

@@ -99,7 +99,7 @@ public class PwmSession implements Serializable
 
         pwmApplication.getSessionTrackService().addSessionData( this );
 
-        LOGGER.trace( this, () -> "created new session" );
+        LOGGER.trace( () -> "created new session" );
     }
 
 
@@ -135,17 +135,19 @@ public class PwmSession implements Serializable
         this.userInfo = userInfo;
     }
 
-    public void reloadUserInfoBean( final PwmApplication pwmApplication ) throws PwmUnrecoverableException
+    public void reloadUserInfoBean( final PwmRequest pwmRequest )
+            throws PwmUnrecoverableException
     {
-        LOGGER.trace( this, () -> "performing reloadUserInfoBean" );
+        LOGGER.trace( () -> "performing reloadUserInfoBean" );
         final UserInfo oldUserInfoBean = getUserInfo();
+        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
 
         final UserInfo userInfo;
         if ( getLoginInfoBean().getAuthFlags().contains( AuthenticationType.AUTH_BIND_INHIBIT ) )
         {
             userInfo = UserInfoFactory.newUserInfo(
                     pwmApplication,
-                    getLabel(),
+                    pwmRequest.getLabel(),
                     getSessionStateBean().getLocale(),
                     oldUserInfoBean.getUserIdentity(),
                     pwmApplication.getProxyChaiProvider( oldUserInfoBean.getUserIdentity().getLdapProfileID() )
@@ -155,7 +157,7 @@ public class PwmSession implements Serializable
         {
             userInfo = UserInfoFactory.newUserInfoUsingProxy(
                     pwmApplication,
-                    getLabel(),
+                    pwmRequest.getLabel(),
                     oldUserInfoBean.getUserIdentity(),
                     getSessionStateBean().getLocale(),
                     loginInfoBean.getUserCurrentPassword()
@@ -197,19 +199,30 @@ public class PwmSession implements Serializable
     {
         final LocalSessionStateBean ssBean = this.getSessionStateBean();
 
+        UserIdentity userIdentity = null;
         String userID = null;
-        try
-        {
-            userID = isAuthenticated()
-                    ? this.getUserInfo().getUsername()
-                    : null;
-        }
-        catch ( final PwmUnrecoverableException e )
+
+        if ( isAuthenticated() )
         {
-            LOGGER.error( "unexpected error reading username: " + e.getMessage(), e );
+            try
+            {
+                final UserInfo userInfo = getUserInfo();
+                userIdentity = userInfo.getUserIdentity();
+                userID = userInfo.getUsername();
+            }
+            catch ( final PwmUnrecoverableException e )
+            {
+                LOGGER.error( "unexpected error reading username: " + e.getMessage(), e );
+            }
         }
-        final UserIdentity userIdentity = isAuthenticated() ? this.getUserInfo().getUserIdentity() : null;
-        return new SessionLabel( ssBean.getSessionID(), userIdentity, userID, ssBean.getSrcAddress(), ssBean.getSrcAddress() );
+
+        return SessionLabel.builder()
+                .sessionID( ssBean.getSessionID() )
+                .userID( userIdentity == null ? null : userIdentity.toDelimitedKey() )
+                .username( userID )
+                .sourceAddress( ssBean.getSrcAddress() )
+                .sourceHostname( ssBean.getSrcHostname() )
+                .build();
     }
 
     /**
@@ -240,7 +253,7 @@ public class PwmSession implements Serializable
             // close out any outstanding connections
             getSessionManager().closeConnections();
 
-            LOGGER.debug( this, () -> sb.toString() );
+            LOGGER.debug( pwmRequest, () -> sb.toString() );
         }
 
         if ( pwmRequest != null )
@@ -303,9 +316,10 @@ public class PwmSession implements Serializable
         return "PwmSession instance: " + JsonUtil.serializeMap( debugData );
     }
 
-    public boolean setLocale( final PwmApplication pwmApplication, final String localeString )
+    public boolean setLocale( final PwmRequest pwmRequest, final String localeString )
             throws PwmUnrecoverableException
     {
+        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         if ( pwmApplication == null )
         {
             throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_APP_UNAVAILABLE, "unable to read context manager" ) );
@@ -316,19 +330,19 @@ public class PwmSession implements Serializable
         final Locale requestedLocale = LocaleHelper.parseLocaleString( localeString );
         if ( knownLocales.contains( requestedLocale ) || "default".equalsIgnoreCase( localeString ) )
         {
-            LOGGER.debug( this, () -> "setting session locale to '" + localeString + "'" );
+            LOGGER.debug( pwmRequest, () -> "setting session locale to '" + localeString + "'" );
             ssBean.setLocale( "default".equalsIgnoreCase( localeString )
                     ? PwmConstants.DEFAULT_LOCALE
                     : requestedLocale );
             if ( this.isAuthenticated() )
             {
-                this.reloadUserInfoBean( pwmApplication );
+                this.reloadUserInfoBean( pwmRequest );
             }
             return true;
         }
         else
         {
-            LOGGER.error( this, "ignoring unknown locale value set request for locale '" + localeString + "'" );
+            LOGGER.error( pwmRequest, "ignoring unknown locale value set request for locale '" + localeString + "'" );
             ssBean.setLocale( PwmConstants.DEFAULT_LOCALE );
             return false;
         }

server/src/main/java/password/pwm/http/PwmSessionWrapper.java

@@ -85,7 +85,7 @@ public class PwmSessionWrapper
         if ( httpSession.getMaxInactiveInterval() != result.getIdleTimeout().as( TimeDuration.Unit.SECONDS ) )
         {
             httpSession.setMaxInactiveInterval( ( int ) result.getIdleTimeout().as( TimeDuration.Unit.SECONDS ) );
-            LOGGER.trace( pwmSession, () -> "setting java servlet session timeout to " + result.getIdleTimeout().asCompactString()
+            LOGGER.trace( pwmSession.getLabel(), () -> "setting java servlet session timeout to " + result.getIdleTimeout().asCompactString()
                     + " due to " + result.getReason() );
         }
     }

server/src/main/java/password/pwm/http/SessionManager.java

@@ -130,13 +130,13 @@ public class SessionManager
         {
             try
             {
-                LOGGER.debug( pwmSession, () -> "closing user ldap connection" );
+                LOGGER.debug( pwmSession.getLabel(), () -> "closing user ldap connection" );
                 chaiProvider.close();
                 chaiProvider = null;
             }
             catch ( final Exception e )
             {
-                LOGGER.error( pwmSession, "error while closing user connection: " + e.getMessage() );
+                LOGGER.error( pwmSession.getLabel(), "error while closing user connection: " + e.getMessage() );
             }
         }
     }
@@ -195,7 +195,7 @@ public class SessionManager
             this.pwmSession.getLoginInfoBean().setReqCounter(
                     this.pwmSession.getLoginInfoBean().getReqCounter() + 1 );
 
-            LOGGER.trace( pwmSession, () -> "incremented request counter to " + this.pwmSession.getLoginInfoBean().getReqCounter() );
+            LOGGER.trace( pwmSession.getLabel(), () -> "incremented request counter to " + this.pwmSession.getLoginInfoBean().getReqCounter() );
         }
     }
 
@@ -205,14 +205,14 @@ public class SessionManager
         final boolean devDebugMode = pwmApplication.getConfig().isDevDebugMode();
         if ( devDebugMode )
         {
-            LOGGER.trace( pwmSession, () -> String.format( "entering checkPermission(%s, %s, %s)", permission, pwmSession, pwmApplication ) );
+            LOGGER.trace( pwmSession.getLabel(), () -> String.format( "entering checkPermission(%s, %s, %s)", permission, pwmSession, pwmApplication ) );
         }
 
         if ( !pwmSession.isAuthenticated() )
         {
             if ( devDebugMode )
             {
-                LOGGER.trace( pwmSession, () -> "user is not authenticated, returning false for permission check" );
+                LOGGER.trace( pwmSession.getLabel(), () -> "user is not authenticated, returning false for permission check" );
             }
             return false;
         }
@@ -222,7 +222,7 @@ public class SessionManager
         {
             if ( devDebugMode )
             {
-                LOGGER.debug( pwmSession,
+                LOGGER.debug( pwmSession.getLabel(),
                         () -> String.format( "checking permission %s for user %s", permission.toString(), pwmSession.getUserInfo().getUserIdentity().toDelimitedKey() ) );
             }
 
@@ -234,7 +234,7 @@ public class SessionManager
 
             {
                 final Permission.PermissionStatus finalStatus = status;
-                LOGGER.debug( pwmSession,
+                LOGGER.debug( pwmSession.getLabel(),
                         () -> String.format( "permission %s for user %s is %s",
                                 permission.toString(),
                                 pwmSession.isAuthenticated()

server/src/main/java/password/pwm/http/auth/BasicFilterAuthenticationProvider.java

@@ -68,14 +68,14 @@ public class BasicFilterAuthenticationProvider implements PwmHttpFilterAuthentic
             final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
 
             //user isn't already authenticated and has an auth header, so try to auth them.
-            LOGGER.debug( pwmSession, () -> "attempting to authenticate user using basic auth header (username=" + basicAuthInfo.getUsername() + ")" );
+            LOGGER.debug( pwmRequest, () -> "attempting to authenticate user using basic auth header (username=" + basicAuthInfo.getUsername() + ")" );
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
                     pwmApplication,
-                    pwmSession,
+                    pwmRequest,
                     PwmAuthenticationSource.BASIC_AUTH
             );
             final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
-            final UserIdentity userIdentity = userSearchEngine.resolveUsername( basicAuthInfo.getUsername(), null, null, pwmSession.getLabel() );
+            final UserIdentity userIdentity = userSearchEngine.resolveUsername( basicAuthInfo.getUsername(), null, null, pwmRequest.getLabel() );
             sessionAuthenticator.authenticateUser( userIdentity, basicAuthInfo.getPassword() );
             pwmSession.getLoginInfoBean().setBasicAuth( basicAuthInfo );
 

server/src/main/java/password/pwm/http/auth/CASFilterAuthenticationProvider.java

@@ -143,7 +143,7 @@ public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticat
         final Assertion assertion = ( Assertion ) session.getAttribute( AbstractCasFilter.CONST_CAS_ASSERTION );
         if ( assertion == null )
         {
-            LOGGER.trace( pwmSession, () -> "no CAS assertion header present, skipping CAS authentication attempt" );
+            LOGGER.trace( pwmRequest, () -> "no CAS assertion header present, skipping CAS authentication attempt" );
             return false;
         }
 
@@ -169,12 +169,12 @@ public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticat
         final String clearPassUrl = pwmRequest.getConfig().readSettingAsString( PwmSetting.CAS_CLEAR_PASS_URL );
         if ( ( clearPassUrl != null && clearPassUrl.length() > 0 ) && ( password == null || password.getStringValue().length() < 1 ) )
         {
-            LOGGER.trace( pwmSession, () -> "using CAS clearpass via proxy" );
+            LOGGER.trace( pwmRequest, () -> "using CAS clearpass via proxy" );
             // read cas proxy ticket
             final String proxyTicket = assertion.getPrincipal().getProxyTicketFor( clearPassUrl );
             if ( proxyTicket == null )
             {
-                LOGGER.trace( pwmSession, () -> "no CAS proxy ticket available, skipping CAS authentication attempt" );
+                LOGGER.trace( pwmRequest, () -> "no CAS proxy ticket available, skipping CAS authentication attempt" );
                 return false;
             }
 
@@ -190,21 +190,21 @@ public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticat
             }
             catch ( final MalformedURLException e )
             {
-                LOGGER.error( pwmSession, "Invalid CAS clearPassUrl" );
+                LOGGER.error( pwmRequest, "Invalid CAS clearPassUrl" );
             }
 
         }
         if ( password == null || password.getStringValue().length() < 1 )
         {
             final String errorMsg = "CAS server did not return credentials for user '" + username + "'";
-            LOGGER.trace( pwmSession, () -> errorMsg );
+            LOGGER.trace( pwmRequest, () -> errorMsg );
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_WRONGPASSWORD, errorMsg );
             throw new PwmOperationalException( errorInformation );
         }
 
         //user isn't already authenticated and has CAS assertion and password, so try to auth them.
-        LOGGER.debug( pwmSession, () -> "attempting to authenticate user '" + username + "' using CAS assertion and password" );
-        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmSession, PwmAuthenticationSource.CAS );
+        LOGGER.debug( pwmRequest, () -> "attempting to authenticate user '" + username + "' using CAS assertion and password" );
+        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmRequest, PwmAuthenticationSource.CAS );
         sessionAuthenticator.searchAndAuthenticateUser( username, password, null, null );
         return true;
     }

server/src/main/java/password/pwm/http/auth/OAuthFilterAuthenticationProvider.java

@@ -44,7 +44,7 @@ public class OAuthFilterAuthenticationProvider implements PwmHttpFilterAuthentic
         }
 
         final String originalURL = pwmRequest.getURLwithQueryString();
-        final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getSessionLabel(), oauthSettings );
+        final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getLabel(), oauthSettings );
         oAuthMachine.redirectUserToOAuthServer( pwmRequest, originalURL, null, null );
         redirected = true;
     }

server/src/main/java/password/pwm/http/auth/SSOHeaderFilterAuthenticationProvider.java

@@ -25,7 +25,6 @@ import password.pwm.config.PwmSetting;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
-import password.pwm.http.PwmSession;
 import password.pwm.ldap.auth.AuthenticationType;
 import password.pwm.ldap.auth.PwmAuthenticationSource;
 import password.pwm.ldap.auth.SessionAuthenticator;
@@ -43,7 +42,6 @@ public class SSOHeaderFilterAuthenticationProvider implements PwmHttpFilterAuthe
     {
         {
             final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-            final PwmSession pwmSession = pwmRequest.getPwmSession();
 
             final String headerName = pwmApplication.getConfig().readSettingAsString( PwmSetting.SSO_AUTH_HEADER_NAME );
             if ( headerName == null || headerName.length() < 1 )
@@ -61,7 +59,7 @@ public class SSOHeaderFilterAuthenticationProvider implements PwmHttpFilterAuthe
             LOGGER.debug( pwmRequest, () -> "SSO Authentication header present in request, will search for user value of '" + headerValue + "'" );
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
                     pwmApplication,
-                    pwmSession,
+                    pwmRequest,
                     PwmAuthenticationSource.SSO_HEADER
             );
 

server/src/main/java/password/pwm/http/filter/AuthenticationFilter.java

@@ -169,7 +169,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
         if ( pwmSession.getLoginInfoBean().getOauthExp() != null )
         {
             final OAuthSettings oauthSettings = OAuthSettings.forSSOAuthentication( pwmRequest.getConfig() );
-            final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getSessionLabel(), oauthSettings );
+            final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getLabel(), oauthSettings );
             if ( oAuthMachine.checkOAuthExpiration( pwmRequest ) )
             {
                 pwmRequest.respondWithError( new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, "oauth access token has expired" ) );
@@ -192,7 +192,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
             {
                 try
                 {
-                    LOGGER.debug( pwmSession, () -> "user is authenticated without a password, but module " + pwmServletDefinition.name()
+                    LOGGER.debug( pwmRequest, () -> "user is authenticated without a password, but module " + pwmServletDefinition.name()
                             +  " requires user connection, redirecting to login page" );
                     LoginServlet.redirectToLoginServlet( pwmRequest );
                     return;
@@ -243,7 +243,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
         if ( pwmSession.isAuthenticated() )
         {
             pwmSession.getSessionStateBean().setSessionIdRecycleNeeded( true );
-            LOGGER.debug( pwmSession, () -> "session authenticated during request, issuing redirect to originally requested url: " + originalRequestedUrl );
+            LOGGER.debug( pwmRequest, () -> "session authenticated during request, issuing redirect to originally requested url: " + originalRequestedUrl );
             pwmRequest.sendRedirect( originalRequestedUrl );
             return;
         }
@@ -269,7 +269,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
         }
 
         //user is not authenticated so forward to LoginPage.
-        LOGGER.trace( pwmSession, () -> "user requested resource requiring authentication (" + req.getRequestURI()
+        LOGGER.trace( pwmRequest, () -> "user requested resource requiring authentication (" + req.getRequestURI()
                         + "), but is not authenticated; redirecting to LoginServlet" );
 
         LoginServlet.redirectToLoginServlet( pwmRequest );

server/src/main/java/password/pwm/http/filter/RequestInitializationFilter.java

@@ -548,7 +548,7 @@ public class RequestInitializationFilter implements Filter
         if ( localeCookieName.length() > 0 && localeCookie != null )
         {
             LOGGER.debug( pwmRequest, () -> "detected locale cookie in request, setting locale to " + localeCookie );
-            pwmRequest.getPwmSession().setLocale( pwmRequest.getPwmApplication(), localeCookie );
+            pwmRequest.getPwmSession().setLocale( pwmRequest, localeCookie );
         }
         else
         {

server/src/main/java/password/pwm/http/filter/SessionFilter.java

@@ -59,7 +59,6 @@ import java.time.Instant;
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.List;
-import java.util.concurrent.atomic.AtomicInteger;
 
 /**
  * <p>This session filter (invoked by the container through the web.xml descriptor) wraps all calls to the
@@ -81,8 +80,6 @@ public class SessionFilter extends AbstractPwmFilter
         return !pwmURL.isRestService();
     }
 
-    private static final AtomicInteger REQUEST_COUNTER = new AtomicInteger( 0 );
-
     public void processFilter(
             final PwmApplicationMode mode,
             final PwmRequest pwmRequest,
@@ -90,13 +87,17 @@ public class SessionFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final int requestID = REQUEST_COUNTER.incrementAndGet();
+        final String requestID = pwmRequest.getPwmRequestID();
 
         // output request information to debug log
         final Instant startTime = Instant.now();
-        pwmRequest.debugHttpRequestToLog( "requestID=" + requestID );
-
         final PwmURL pwmURL = pwmRequest.getURL();
+
+        if ( !pwmURL.isResourceURL() )
+        {
+            pwmRequest.debugHttpRequestToLog( "" );
+        }
+
         if ( !pwmURL.isRestService() && !pwmURL.isResourceURL() )
         {
             if ( handleStandardRequestOperations( pwmRequest ) == ProcessStatus.Halt )
@@ -157,7 +158,7 @@ public class SessionFilter extends AbstractPwmFilter
         // debug the http session headers
         if ( !pwmSession.getSessionStateBean().isDebugInitialized() )
         {
-            LOGGER.trace( pwmSession, pwmRequest::debugHttpHeaders );
+            LOGGER.trace( pwmRequest, pwmRequest::debugHttpHeaders );
             pwmSession.getSessionStateBean().setDebugInitialized( true );
         }
 
@@ -223,7 +224,7 @@ public class SessionFilter extends AbstractPwmFilter
             {
                 try
                 {
-                    checkUrlAgainstWhitelist( pwmApplication, pwmRequest.getSessionLabel(), forwardURL );
+                    checkUrlAgainstWhitelist( pwmApplication, pwmRequest.getLabel(), forwardURL );
                 }
                 catch ( final PwmOperationalException e )
                 {
@@ -243,7 +244,7 @@ public class SessionFilter extends AbstractPwmFilter
             {
                 try
                 {
-                    checkUrlAgainstWhitelist( pwmApplication, pwmRequest.getSessionLabel(), logoutURL );
+                    checkUrlAgainstWhitelist( pwmApplication, pwmRequest.getLabel(), logoutURL );
                 }
                 catch ( final PwmOperationalException e )
                 {
@@ -260,7 +261,7 @@ public class SessionFilter extends AbstractPwmFilter
             final String expireParamName = pwmRequest.getConfig().readAppProperty( AppProperty.HTTP_PARAM_NAME_PASSWORD_EXPIRED );
             if ( "true".equalsIgnoreCase( pwmRequest.readParameterAsString( expireParamName ) ) )
             {
-                LOGGER.debug( pwmSession, () -> "detected param '" + expireParamName + "'=true in request, will force pw change" );
+                LOGGER.debug( pwmRequest, () -> "detected param '" + expireParamName + "'=true in request, will force pw change" );
                 pwmSession.getLoginInfoBean().getLoginFlags().add( LoginInfoBean.LoginFlag.forcePwChange );
             }
         }
@@ -452,7 +453,7 @@ public class SessionFilter extends AbstractPwmFilter
         if ( requestedLocale != null && requestedLocale.length() > 0 )
         {
             LOGGER.debug( pwmRequest, () -> "detected locale request parameter " + localeParamName + " with value " + requestedLocale );
-            if ( pwmRequest.getPwmSession().setLocale( pwmRequest.getPwmApplication(), requestedLocale ) )
+            if ( pwmRequest.getPwmSession().setLocale( pwmRequest, requestedLocale ) )
             {
                 if ( cookieAgeSeconds > 0 )
                 {

server/src/main/java/password/pwm/http/servlet/AbstractPwmServlet.java

@@ -98,7 +98,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
                     {
                         final ErrorInformation errorInformation = e.getErrorInformation();
                         final PwmSession pwmSession = PwmSessionWrapper.readPwmSession( req );
-                        LOGGER.error( pwmSession, errorInformation.toDebugStr() );
+                        LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
                         pwmRequest.respondWithError( errorInformation, false );
                         return;
                     }
@@ -114,7 +114,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
                 {
                     final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_SERVICE_NOT_AVAILABLE,
                             "incorrect request method " + method.toString() + " on request to " + pwmRequest.getURLwithQueryString() );
-                    LOGGER.error( pwmRequest.getPwmSession(), errorInformation.toDebugStr() );
+                    LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
                     pwmRequest.respondWithError( errorInformation, false );
                     return;
                 }
@@ -146,7 +146,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
 
             final PwmUnrecoverableException pue = convertToPwmUnrecoverableException( e, pwmRequest );
 
-            if ( processUnrecoverableException( req, resp, pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), pue ) )
+            if ( processUnrecoverableException( req, resp, pwmRequest.getPwmApplication(), pwmRequest, pue ) )
             {
                 return;
             }
@@ -220,7 +220,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
             final HttpServletRequest req,
             final HttpServletResponse resp,
             final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final PwmUnrecoverableException e
     )
             throws IOException
@@ -228,7 +228,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
         switch ( e.getError() )
         {
             case ERROR_DIRECTORY_UNAVAILABLE:
-                LOGGER.fatal( pwmSession, e.getErrorInformation().toDebugStr() );
+                LOGGER.fatal( pwmRequest.getLabel(), e.getErrorInformation().toDebugStr() );
                 try
                 {
                     pwmApplication.getStatisticsManager().incrementValue( Statistic.LDAP_UNAVAILABLE_COUNT );
@@ -246,7 +246,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
                 //store the original requested url
                 try
                 {
-                    LOGGER.debug( pwmSession, () -> "user is authenticated without a password, redirecting to login page" );
+                    LOGGER.debug( pwmRequest, () -> "user is authenticated without a password, redirecting to login page" );
                     LoginServlet.redirectToLoginServlet( PwmRequest.forRequest( req, resp ) );
                     return true;
                 }
@@ -259,11 +259,11 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
 
             case ERROR_INTERNAL:
             default:
-                LOGGER.fatal( pwmSession, "unexpected error: " + e.getErrorInformation().toDebugStr() );
+                LOGGER.fatal( pwmRequest.getLabel(), "unexpected error: " + e.getErrorInformation().toDebugStr() );
                 try
                 {
                     // try to update stats
-                    if ( pwmSession != null )
+                    if ( pwmApplication != null )
                     {
                         pwmApplication.getStatisticsManager().incrementValue( Statistic.PWM_UNKNOWN_ERRORS );
                     }

server/src/main/java/password/pwm/http/servlet/ClientApiServlet.java

@@ -167,7 +167,7 @@ public class ClientApiServlet extends ControlledPwmServlet
 
         final AppData appData = makeAppData(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getPwmSession(),
+                pwmRequest,
                 pwmRequest.getHttpServletRequest(),
                 pwmRequest.getPwmResponse().getHttpServletResponse(),
                 pageUrl
@@ -194,7 +194,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         try
         {
             final LinkedHashMap<String, String> displayData = new LinkedHashMap<>( makeDisplayData( pwmRequest.getPwmApplication(),
-                    pwmRequest.getPwmSession(), bundleName ) );
+                    pwmRequest, bundleName ) );
             final RestResultBean restResultBean = RestResultBean.withData( displayData );
             pwmRequest.outputJsonResult( restResultBean );
         }
@@ -279,7 +279,7 @@ public class ClientApiServlet extends ControlledPwmServlet
 
     private AppData makeAppData(
             final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmSession,
             final HttpServletRequest request,
             final HttpServletResponse response,
             final String pageUrl
@@ -293,13 +293,14 @@ public class ClientApiServlet extends ControlledPwmServlet
 
     private static Map<String, Object> makeClientData(
             final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final HttpServletRequest request,
             final HttpServletResponse response,
             final String pageUrl
     )
             throws ChaiUnavailableException, PwmUnrecoverableException
     {
+        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final Locale userLocale = pwmSession.getSessionStateBean().getLocale();
 
         final Configuration config = pwmApplication.getConfig();
@@ -321,19 +322,19 @@ public class ClientApiServlet extends ControlledPwmServlet
             long idleSeconds = config.readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
             if ( pageUrl == null || pageUrl.isEmpty() )
             {
-                LOGGER.warn( pwmSession, "request to /client data did not include pageUrl" );
+                LOGGER.warn( pwmRequest, "request to /client data did not include pageUrl" );
             }
             else
             {
                 try
                 {
                     final PwmURL pwmURL = new PwmURL( new URI( pageUrl ), request.getContextPath() );
-                    final TimeDuration maxIdleTime = IdleTimeoutCalculator.idleTimeoutForRequest( pwmURL, pwmApplication, pwmSession );
+                    final TimeDuration maxIdleTime = IdleTimeoutCalculator.idleTimeoutForRequest( pwmRequest );
                     idleSeconds = maxIdleTime.as( TimeDuration.Unit.SECONDS );
                 }
                 catch ( final Exception e )
                 {
-                    LOGGER.error( pwmSession, "error determining idle timeout time for request: " + e.getMessage() );
+                    LOGGER.error( pwmRequest, "error determining idle timeout time for request: " + e.getMessage() );
                 }
             }
             settingMap.put( "MaxInactiveInterval", idleSeconds );
@@ -416,10 +417,11 @@ public class ClientApiServlet extends ControlledPwmServlet
 
     private Map<String, String> makeDisplayData(
             final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final String bundleName
     )
     {
+        final PwmSession pwmSession = pwmRequest.getPwmSession();
         Class displayClass = LocaleHelper.classForShortName( bundleName );
         displayClass = displayClass == null ? Display.class : displayClass;
 
@@ -439,7 +441,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         }
         catch ( final Exception e )
         {
-            LOGGER.error( pwmSession, "error expanding macro display value: " + e.getMessage() );
+            LOGGER.error( pwmRequest, "error expanding macro display value: " + e.getMessage() );
         }
         return displayStrings;
     }

server/src/main/java/password/pwm/http/servlet/DeleteAccountServlet.java

@@ -180,7 +180,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
             final AuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createUserAuditRecord(
                     AuditEvent.AGREEMENT_PASSED,
                     pwmRequest.getUserInfoIfLoggedIn(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     ProfileDefinition.DeleteAccount.toString()
             );
             pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
@@ -215,7 +215,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
 
                 try
                 {
-                    actionExecutor.executeActions( actions, pwmRequest.getSessionLabel() );
+                    actionExecutor.executeActions( actions, pwmRequest.getLabel() );
                 }
                 catch ( final PwmOperationalException e )
                 {

server/src/main/java/password/pwm/http/servlet/ForgottenUsernameServlet.java

@@ -170,7 +170,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
                 if ( configuredSearchFilter == null || configuredSearchFilter.isEmpty() )
                 {
                     searchFilter = FormUtility.ldapSearchFilterForForm( pwmApplication, forgottenUsernameForm );
-                    LOGGER.trace( pwmSession, () -> "auto generated ldap search filter: " + searchFilter );
+                    LOGGER.trace( pwmRequest, () -> "auto generated ldap search filter: " + searchFilter );
                 }
                 else
                 {
@@ -187,12 +187,12 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
                         .ldapProfile( ldapProfile )
                         .contexts( Collections.singletonList( contextParam ) )
                         .build();
-                userIdentity = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmSession.getLabel() );
+                userIdentity = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmRequest.getLabel() );
             }
 
             if ( userIdentity == null )
             {
-                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmSession );
+                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
                 pwmApplication.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_FAILURES );
                 setLastError( pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo() );
                 forwardToFormJsp( pwmRequest );
@@ -204,12 +204,12 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
             final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(
                     pwmApplication,
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity, pwmRequest.getLocale()
             );
 
             // send username
-            sendUsername( pwmApplication, pwmSession, forgottenUserInfo );
+            sendUsername( pwmApplication, pwmRequest, forgottenUserInfo );
 
             pwmApplication.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
             pwmApplication.getIntruderManager().convenience().clearAttributes( formValues );
@@ -229,8 +229,8 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
                     e.getErrorInformation().getFieldValues() )
                     : e.getErrorInformation();
             setLastError( pwmRequest, errorInfo );
-            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmSession );
-            pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getSessionLabel() );
+            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+            pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
         }
 
         pwmApplication.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_FAILURES );
@@ -240,12 +240,12 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
     private void sendUsername(
             final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserInfo forgottenUserInfo
     )
             throws PwmOperationalException, PwmUnrecoverableException
     {
-        final Locale userLocale = pwmSession.getSessionStateBean().getLocale();
+        final Locale userLocale = pwmRequest.getLocale();
         final Configuration configuration = pwmApplication.getConfig();
         final MessageSendMethod messageSendMethod = configuration.readSettingAsEnum( PwmSetting.FORGOTTEN_USERNAME_SEND_USERNAME_METHOD, MessageSendMethod.class );
         final EmailItemBean emailItemBean = configuration.readSettingAsEmail( PwmSetting.EMAIL_SEND_USERNAME, userLocale );
@@ -258,7 +258,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
         sendMessageViaMethod(
                 pwmApplication,
-                pwmSession.getLabel(),
+                pwmRequest.getLabel(),
                 forgottenUserInfo,
                 messageSendMethod,
                 emailItemBean,
@@ -363,7 +363,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     {
         final Locale locale = pwmRequest.getLocale();
         final String completeMessage = pwmRequest.getConfig().readSettingAsLocalizedString( PwmSetting.FORGOTTEN_USERNAME_MESSAGE, locale );
-        final MacroMachine macroMachine = MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getSessionLabel(), userIdentity );
+        final MacroMachine macroMachine = MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getLabel(), userIdentity );
         final String expandedText = macroMachine.expandMacros( completeMessage );
         pwmRequest.setAttribute( PwmRequestAttribute.CompleteText, expandedText );
         pwmRequest.forwardToJsp( JspUrl.FORGOTTEN_USERNAME_COMPLETE );

server/src/main/java/password/pwm/http/servlet/GuestRegistrationServlet.java

@@ -255,7 +255,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             // send email.
             final UserInfo guestUserInfoBean = UserInfoFactory.newUserInfo(
                     pwmApplication,
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     guestRegistrationBean.getUpdateUserIdentity(),
                     theGuest.getChaiProvider()
@@ -270,13 +270,13 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
         }
         catch ( final PwmOperationalException e )
         {
-            LOGGER.error( pwmSession, e.getErrorInformation().toDebugStr() );
+            LOGGER.error( pwmRequest, e.getErrorInformation().toDebugStr() );
             setLastError( pwmRequest, e.getErrorInformation() );
         }
         catch ( final ChaiOperationException e )
         {
             final ErrorInformation info = new ErrorInformation( PwmError.ERROR_INTERNAL, "unexpected error writing to ldap: " + e.getMessage() );
-            LOGGER.error( pwmSession, info );
+            LOGGER.error( pwmRequest, info );
             setLastError( pwmRequest, info );
         }
         this.forwardToUpdateJSP( pwmRequest, guestRegistrationBean );
@@ -330,7 +330,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
 
         try
         {
-            final UserIdentity theGuest = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmSession.getLabel() );
+            final UserIdentity theGuest = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmRequest.getLabel() );
             final FormMap formProps = guBean.getFormValues();
             try
             {
@@ -345,7 +345,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
                 }
                 final UserInfo guestUserInfo = UserInfoFactory.newUserInfo(
                         pwmApplication,
-                        pwmSession.getLabel(),
+                        pwmRequest.getLabel(),
                         pwmRequest.getLocale(),
                         theGuest,
                         pwmSession.getSessionManager().getChaiProvider()
@@ -360,7 +360,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
                         {
                             final ErrorInformation info = new ErrorInformation( PwmError.ERROR_ORIG_ADMIN_ONLY );
                             setLastError( pwmRequest, info );
-                            LOGGER.warn( pwmSession, info );
+                            LOGGER.error( pwmRequest, info );
                             this.forwardToJSP( pwmRequest, guestRegistrationBean );
                         }
                     }
@@ -392,7 +392,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             }
             catch ( final PwmUnrecoverableException e )
             {
-                LOGGER.warn( pwmSession, "error reading current attributes for user: " + e.getMessage() );
+                LOGGER.warn( pwmRequest, "error reading current attributes for user: " + e.getMessage() );
             }
         }
         catch ( final PwmOperationalException e )
@@ -444,7 +444,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             {
                 final FormConfiguration formItem = entry.getKey();
                 final String value = entry.getValue();
-                LOGGER.debug( pwmSession, () -> "Attribute from form: " + formItem.getName() + " = " + value );
+                LOGGER.debug( pwmRequest, () -> "Attribute from form: " + formItem.getName() + " = " + value );
                 final String n = formItem.getName();
                 final String v = formValues.get( formItem );
                 if ( n != null && n.length() > 0 && v != null && v.length() > 0 )
@@ -460,7 +460,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             final Set<String> createObjectClasses = new HashSet<>( config.readSettingAsStringArray( PwmSetting.DEFAULT_OBJECT_CLASSES ) );
 
             provider.createEntry( guestUserDN, createObjectClasses, createAttributes );
-            LOGGER.info( pwmSession, () -> "created user object: " + guestUserDN );
+            LOGGER.info( pwmRequest, () -> "created user object: " + guestUserDN );
 
             final ChaiUser theUser = provider.getEntryFactory().newChaiUser( guestUserDN );
             final UserIdentity userIdentity = new UserIdentity( guestUserDN, pwmSession.getUserInfo().getUserIdentity().getLdapProfileID() );
@@ -474,19 +474,19 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
 
             final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(
                     pwmApplication,
-                    pwmSession.getLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity,
                     theUser,
                     locale
             );
 
-            final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword( pwmSession.getLabel(), passwordPolicy, pwmApplication );
+            final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), passwordPolicy, pwmApplication );
             theUser.setPassword( newPassword.getStringValue() );
 
 
             {
                 // execute configured actions
-                LOGGER.debug( pwmSession, () -> "executing configured actions to user " + theUser.getEntryDN() );
+                LOGGER.debug( pwmRequest, () -> "executing configured actions to user " + theUser.getEntryDN() );
                 final List<ActionConfiguration> actions = pwmApplication.getConfig().readSettingAsAction( PwmSetting.GUEST_WRITE_ATTRIBUTES );
                 if ( actions != null && !actions.isEmpty() )
                 {
@@ -498,7 +498,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
                             .setMacroMachine( macroMachine )
                             .createActionExecutor();
 
-                    actionExecutor.executeActions( actions, pwmRequest.getSessionLabel() );
+                    actionExecutor.executeActions( actions, pwmRequest.getLabel() );
                 }
             }
 
@@ -513,12 +513,12 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
         {
             final ErrorInformation info = new ErrorInformation( PwmError.ERROR_NEW_USER_FAILURE, "error creating user: " + e.getMessage() );
             setLastError( pwmRequest, info );
-            LOGGER.warn( pwmSession, info );
+            LOGGER.error( pwmRequest, info );
             this.forwardToJSP( pwmRequest, guestRegistrationBean );
         }
         catch ( final PwmOperationalException e )
         {
-            LOGGER.error( pwmSession, e.getErrorInformation().toDebugStr() );
+            LOGGER.error( pwmRequest, e.getErrorInformation().toDebugStr() );
             setLastError( pwmRequest, e.getErrorInformation() );
             this.forwardToJSP( pwmRequest, guestRegistrationBean );
         }
@@ -609,7 +609,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
 
         if ( configuredEmailSetting == null )
         {
-            LOGGER.debug( pwmSession, () -> "unable to send guest registration email for '" + userIdentity + "' no email configured" );
+            LOGGER.debug( pwmRequest, () -> "unable to send guest registration email for '" + userIdentity + "' no email configured" );
             return;
         }
 

server/src/main/java/password/pwm/http/servlet/LoginServlet.java

@@ -240,7 +240,7 @@ public class LoginServlet extends ControlledPwmServlet
 
         final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getPwmSession(),
+                pwmRequest,
                 PwmAuthenticationSource.LOGIN_FORM
         );
 

server/src/main/java/password/pwm/http/servlet/LogoutServlet.java

@@ -140,7 +140,7 @@ public class LogoutServlet extends ControlledPwmServlet
             final String sessionLogoutURL = pwmSession.getSessionStateBean().getLogoutURL();
             if ( sessionLogoutURL != null && sessionLogoutURL.length() > 0 )
             {
-                LOGGER.trace( pwmSession, () -> "redirecting user to session parameter set logout url: " + sessionLogoutURL );
+                LOGGER.trace( pwmRequest, () -> "redirecting user to session parameter set logout url: " + sessionLogoutURL );
                 pwmRequest.sendRedirect( sessionLogoutURL );
                 pwmRequest.invalidateSession();
                 return;
@@ -172,7 +172,7 @@ public class LogoutServlet extends ControlledPwmServlet
 
                 final String logoutURL = PwmURL.appendAndEncodeUrlParameters( configuredLogoutURL, logoutUrlParameters );
 
-                LOGGER.trace( pwmSession, () -> "redirecting user to configured logout url:" + logoutURL );
+                LOGGER.trace( pwmRequest, () -> "redirecting user to configured logout url:" + logoutURL );
                 pwmRequest.sendRedirect( logoutURL );
                 pwmRequest.invalidateSession();
                 return;

server/src/main/java/password/pwm/http/servlet/PwmRequestID.java

@@ -20,21 +20,21 @@
 
 package password.pwm.http.servlet;
 
-import password.pwm.util.java.AtomicLoopIntIncrementer;
+import password.pwm.util.java.AtomicLoopLongIncrementer;
 
 public class PwmRequestID
 {
-    private final int value;
-    private static final AtomicLoopIntIncrementer INCREMENTER = new AtomicLoopIntIncrementer( Integer.MAX_VALUE );
+    private final long value;
+    private static final AtomicLoopLongIncrementer INCREMENTER = new AtomicLoopLongIncrementer();
 
-    private PwmRequestID( final int value )
+    private PwmRequestID( final long value )
     {
         this.value = value;
     }
 
     private String value()
     {
-        return String.valueOf( value );
+        return Long.toString( value, 36 );
     }
 
     public String toString()

server/src/main/java/password/pwm/http/servlet/SetupOtpServlet.java

@@ -142,14 +142,14 @@ public class SetupOtpServlet extends ControlledPwmServlet
         // check whether the setup can be stored
         if ( !canSetupOtpSecret( config ) )
         {
-            LOGGER.error( pwmSession, "OTP Secret cannot be setup" );
+            LOGGER.error( pwmRequest, "OTP Secret cannot be setup" );
             pwmRequest.respondWithError( PwmError.ERROR_INVALID_CONFIG.toInfo() );
             return ProcessStatus.Halt;
         }
 
         if ( pwmSession.getLoginInfoBean().getType() == AuthenticationType.AUTH_WITHOUT_PASSWORD )
         {
-            LOGGER.error( pwmSession, "OTP Secret requires a password login" );
+            LOGGER.error( pwmRequest, "OTP Secret requires a password login" );
             throw new PwmUnrecoverableException( PwmError.ERROR_PASSWORD_REQUIRED );
         }
 
@@ -179,14 +179,14 @@ public class SetupOtpServlet extends ControlledPwmServlet
             try
             {
                 otpService.writeOTPUserConfiguration(
-                        pwmSession,
+                        pwmRequest,
                         theUser,
                         otpBean.getOtpUserRecord()
                 );
                 otpBean.setWritten( true );
 
                 // Update the current user info bean, so the user can check the code right away
-                pwmSession.reloadUserInfoBean( pwmApplication );
+                pwmSession.reloadUserInfoBean( pwmRequest );
 
                 // mark the event log
                 final UserAuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createUserAuditRecord(
@@ -213,7 +213,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
                 {
                     errorInformation = new ErrorInformation( PwmError.ERROR_WRITING_OTP_SECRET, "unexpected error saving otp secret: " + e.getMessage() );
                 }
-                LOGGER.error( pwmSession, errorInformation.toDebugStr() );
+                LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
                 setLastError( pwmRequest, errorInformation );
             }
         }
@@ -292,7 +292,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
         try
         {
             final boolean passed = otpService.validateToken(
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmSession.getUserInfo().getUserIdentity(),
                     otpUserRecord,
                     code,
@@ -300,14 +300,14 @@ public class SetupOtpServlet extends ControlledPwmServlet
             );
             final RestResultBean restResultBean = RestResultBean.withData( passed );
 
-            LOGGER.trace( pwmSession, () -> "returning result for restValidateCode: " + JsonUtil.serialize( restResultBean ) );
+            LOGGER.trace( pwmRequest, () -> "returning result for restValidateCode: " + JsonUtil.serialize( restResultBean ) );
             pwmRequest.outputJsonResult( restResultBean );
         }
         catch ( final PwmOperationalException e )
         {
 
             final String errorMsg = "error during otp code validation: " + e.getMessage();
-            LOGGER.error( pwmSession, errorMsg );
+            LOGGER.error( pwmRequest, errorMsg );
             pwmRequest.outputJsonResult( RestResultBean.fromError( new ErrorInformation( PwmError.ERROR_INTERNAL, errorMsg ), pwmRequest ) );
         }
 
@@ -328,7 +328,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
         final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
         try
         {
-            service.clearOTPUserConfiguration( pwmSession, theUser, pwmSession.getSessionManager().getActor( pwmApplication ) );
+            service.clearOTPUserConfiguration( pwmRequest, theUser, pwmSession.getSessionManager().getActor( pwmApplication ) );
         }
         catch ( final PwmOperationalException e )
         {
@@ -365,7 +365,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
                 }
 
                 if ( otpService.validateToken(
-                        pwmRequest.getSessionLabel(),
+                        pwmRequest.getLabel(),
                         pwmSession.getUserInfo().getUserIdentity(),
                         otpBean.getOtpUserRecord(),
                         otpToken,
@@ -417,7 +417,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
             final OTPUserRecord existingUserRecord;
             try
             {
-                existingUserRecord = service.readOTPUserConfiguration( pwmRequest.getSessionLabel(), theUser );
+                existingUserRecord = service.readOTPUserConfiguration( pwmRequest.getLabel(), theUser );
             }
             catch ( final ChaiUnavailableException e )
             {
@@ -427,7 +427,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
             if ( existingUserRecord != null )
             {
                 otpBean.setHasPreExistingOtp( true );
-                LOGGER.trace( pwmSession, () -> "user has existing otp record" );
+                LOGGER.trace( pwmRequest, () -> "user has existing otp record" );
                 return;
             }
         }
@@ -445,12 +445,12 @@ public class SetupOtpServlet extends ControlledPwmServlet
                 final List<String> rawRecoveryCodes = pwmApplication.getOtpService().initializeUserRecord(
                         setupOtpProfile,
                         otpUserRecord,
-                        pwmRequest.getSessionLabel(),
+                        pwmRequest.getLabel(),
                         identifier
                 );
                 otpBean.setOtpUserRecord( otpUserRecord );
                 otpBean.setRecoveryCodes( rawRecoveryCodes );
-                LOGGER.trace( pwmSession, () -> "generated new otp record" );
+                LOGGER.trace( pwmRequest, () -> "generated new otp record" );
                 if ( config.isDevDebugMode() )
                 {
                     LOGGER.trace( pwmRequest, () -> "newly generated otp record: " + JsonUtil.serialize( otpUserRecord ) );
@@ -459,7 +459,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
             catch ( final Exception e )
             {
                 final String errorMsg = "error setting up new OTP secret: " + e.getMessage();
-                LOGGER.error( pwmSession, errorMsg );
+                LOGGER.error( pwmRequest, errorMsg );
                 throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_INTERNAL, errorMsg ) );
             }
         }

server/src/main/java/password/pwm/http/servlet/SetupResponsesServlet.java

@@ -172,7 +172,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         {
             final String errorMsg = "no challenge sets configured for user " + uiBean.getUserIdentity();
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_NO_CHALLENGES, errorMsg );
-            LOGGER.debug( pwmSession, errorInformation );
+            LOGGER.debug( pwmRequest, errorInformation );
             throw new PwmUnrecoverableException( errorInformation );
         }
 
@@ -211,8 +211,8 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         {
             final String userGUID = pwmSession.getUserInfo().getUserGuid();
             final ChaiUser theUser = pwmSession.getSessionManager().getActor( pwmApplication );
-            pwmApplication.getCrService().clearResponses( pwmSession.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID );
-            pwmSession.reloadUserInfoBean( pwmApplication );
+            pwmApplication.getCrService().clearResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID );
+            pwmSession.reloadUserInfoBean( pwmRequest );
             pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
 
             // mark the event log
@@ -227,7 +227,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         }
         catch ( final PwmOperationalException e )
         {
-            LOGGER.debug( pwmSession, e.getErrorInformation() );
+            LOGGER.debug( pwmRequest, e.getErrorInformation() );
             setLastError( pwmRequest, e.getErrorInformation() );
         }
         return ProcessStatus.Continue;
@@ -374,13 +374,13 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         }
         catch ( final PwmOperationalException e )
         {
-            LOGGER.error( pwmRequest.getSessionLabel(), e.getErrorInformation() );
+            LOGGER.error( pwmRequest.getLabel(), e.getErrorInformation() );
             pwmRequest.respondWithError( e.getErrorInformation() );
         }
         catch ( final ChaiValidationException e )
         {
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_MISSING_RANDOM_RESPONSE, e.getMessage() );
-            LOGGER.error( pwmRequest.getSessionLabel(), errorInformation );
+            LOGGER.error( pwmRequest.getLabel(), errorInformation );
             pwmRequest.respondWithError( errorInformation );
         }
     }
@@ -434,7 +434,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         final ChaiUser theUser = pwmSession.getSessionManager().getActor( pwmApplication );
         final String userGUID = pwmSession.getUserInfo().getUserGuid();
         pwmApplication.getCrService().writeResponses( pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID, responseInfoBean );
-        pwmSession.reloadUserInfoBean( pwmApplication );
+        pwmSession.reloadUserInfoBean( pwmRequest );
         pwmApplication.getStatisticsManager().incrementValue( Statistic.SETUP_RESPONSES );
         pwmApplication.getAuditManager().submit( AuditEvent.SET_RESPONSES, pwmSession.getUserInfo(), pwmSession );
     }

server/src/main/java/password/pwm/http/servlet/ShortcutServlet.java

@@ -89,7 +89,6 @@ public class ShortcutServlet extends AbstractPwmServlet
     protected void processAction( final PwmRequest pwmRequest )
             throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException
     {
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
 
         if ( !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.SHORTCUT_ENABLE ) )
@@ -101,13 +100,13 @@ public class ShortcutServlet extends AbstractPwmServlet
         final ShortcutsBean shortcutsBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ShortcutsBean.class );
         if ( shortcutsBean.getVisibleItems() == null )
         {
-            LOGGER.debug( pwmSession, () -> "building visible shortcut list for user" );
+            LOGGER.debug( pwmRequest, () -> "building visible shortcut list for user" );
             final Map<String, ShortcutItem> visibleItems = figureVisibleShortcuts( pwmRequest );
             shortcutsBean.setVisibleItems( visibleItems );
         }
         else
         {
-            LOGGER.trace( pwmSession, () -> "using cashed shortcut values" );
+            LOGGER.trace( pwmRequest, () -> "using cashed shortcut values" );
         }
 
         final ShortcutAction action = readProcessAction( pwmRequest );
@@ -185,7 +184,7 @@ public class ShortcutServlet extends AbstractPwmServlet
             {
                 final boolean queryMatch = LdapPermissionTester.testQueryMatch(
                         pwmRequest.getPwmApplication(),
-                        pwmRequest.getSessionLabel(),
+                        pwmRequest.getLabel(),
                         pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                         item.getLdapQuery()
                 );
@@ -217,14 +216,14 @@ public class ShortcutServlet extends AbstractPwmServlet
             final ShortcutItem item = visibleItems.get( link );
 
             pwmApplication.getStatisticsManager().incrementValue( Statistic.SHORTCUTS_SELECTED );
-            LOGGER.trace( pwmSession, () -> "shortcut link selected: " + link + ", setting link for 'forwardURL' to " + item.getShortcutURI() );
+            LOGGER.trace( pwmRequest, () -> "shortcut link selected: " + link + ", setting link for 'forwardURL' to " + item.getShortcutURI() );
             pwmSession.getSessionStateBean().setForwardURL( item.getShortcutURI().toString() );
 
             pwmRequest.sendRedirectToContinue();
             return;
         }
 
-        LOGGER.error( pwmSession, "unknown/unexpected link requested to " + link );
+        LOGGER.error( pwmRequest, "unknown/unexpected link requested to " + link );
         pwmRequest.forwardToJsp( JspUrl.SHORTCUT );
     }
 }

server/src/main/java/password/pwm/http/servlet/accountinfo/AccountInformationBean.java

@@ -88,7 +88,7 @@ public class AccountInformationBean implements Serializable
         builder.formData( makeFormInfo( pwmRequest, locale ) );
         builder.auditData( makeAuditInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 userInfo,
                 pwmRequest.getLocale()
         ) );
@@ -156,7 +156,7 @@ public class AccountInformationBean implements Serializable
         {
             final Map<FormConfiguration, List<String>> ldapValues = FormUtility.populateFormMapFromLdap(
                     formConfiguration,
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getPwmSession().getUserInfo(),
                     FormUtility.Flag.ReturnEmptyValues
             );

server/src/main/java/password/pwm/http/servlet/activation/ActivateUserServlet.java

@@ -164,7 +164,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
         final ActivateUserBean activateUserBean = activateUserBean( pwmRequest );
         return UserInfoFactory.newUserInfoUsingProxy(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 activateUserBean.getUserIdentity(),
                 pwmRequest.getLocale() );
 
@@ -266,7 +266,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
                         .ldapProfile( ldapProfile )
                         .build();
 
-                userIdentity = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmRequest.getSessionLabel() );
+                userIdentity = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmRequest.getLabel() );
             }
 
             ActivateUserUtils.validateParamsAgainstLDAP( pwmRequest, formValues, userIdentity );
@@ -277,10 +277,10 @@ public class ActivateUserServlet extends ControlledPwmServlet
         }
         catch ( final PwmOperationalException e )
         {
-            pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getSessionLabel() );
-            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmSession );
+            pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
+            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
             setLastError( pwmRequest, e.getErrorInformation() );
-            LOGGER.debug( pwmSession, e.getErrorInformation() );
+            LOGGER.debug( pwmRequest, e.getErrorInformation() );
         }
 
         return ProcessStatus.Continue;
@@ -296,7 +296,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
 
         final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userInfo,
                 tokenSendMethod
@@ -322,7 +322,6 @@ public class ActivateUserServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
         final String userEnteredCode = pwmRequest.readParameterAsString( PwmConstants.PARAM_TOKEN );
 
@@ -364,7 +363,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
             {
                 errorInformation = new ErrorInformation( PwmError.ERROR_TOKEN_INCORRECT );
             }
-            LOGGER.debug( pwmSession, errorInformation );
+            LOGGER.debug( pwmRequest, errorInformation );
             setLastError( pwmRequest, errorInformation );
         }
 
@@ -387,7 +386,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
             final AuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createUserAuditRecord(
                     AuditEvent.AGREEMENT_PASSED,
                     pwmRequest.getUserInfoIfLoggedIn(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     "ActivateUser"
             );
             pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
@@ -417,7 +416,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
         {
             final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(
                     pwmApplication,
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     userInfo,
                     tokenSendMethod
@@ -477,8 +476,8 @@ public class ActivateUserServlet extends ControlledPwmServlet
         catch ( final PwmOperationalException e )
         {
             LOGGER.debug( pwmRequest, e.getErrorInformation() );
-            pwmApplication.getIntruderManager().convenience().markUserIdentity( activateUserBean.getUserIdentity(), pwmSession );
-            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmSession );
+            pwmApplication.getIntruderManager().convenience().markUserIdentity( activateUserBean.getUserIdentity(), pwmRequest );
+            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
             pwmRequest.respondWithError( e.getErrorInformation() );
         }
     }

server/src/main/java/password/pwm/http/servlet/activation/ActivateUserUtils.java

@@ -105,7 +105,7 @@ class ActivateUserUtils
         {
             {
                 // execute configured actions
-                LOGGER.debug( pwmSession.getLabel(), () -> "executing configured pre-actions to user " + theUser.getEntryDN() );
+                LOGGER.debug( pwmRequest, () -> "executing configured pre-actions to user " + theUser.getEntryDN() );
                 final List<ActionConfiguration> configValues = activateUserProfile.readSettingAsAction( PwmSetting.ACTIVATE_USER_PRE_WRITE_ATTRIBUTES );
                 if ( !JavaHelper.isEmpty( configValues ) )
                 {
@@ -116,12 +116,12 @@ class ActivateUserUtils
                             .setMacroMachine( macroMachine )
                             .createActionExecutor();
 
-                    actionExecutor.executeActions( configValues, pwmRequest.getSessionLabel() );
+                    actionExecutor.executeActions( configValues, pwmRequest.getLabel() );
                 }
             }
 
             //authenticate the pwm session
-            final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmSession, PwmAuthenticationSource.USER_ACTIVATION );
+            final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmRequest, PwmAuthenticationSource.USER_ACTIVATION );
             sessionAuthenticator.authUserWithUnknownPassword( userIdentity, AuthenticationType.AUTH_FROM_PUBLIC_MODULE );
 
             //ensure a change password is triggered
@@ -142,7 +142,7 @@ class ActivateUserUtils
         catch ( final ImpossiblePasswordPolicyException e )
         {
             final ErrorInformation info = new ErrorInformation( PwmError.ERROR_INTERNAL, "unexpected ImpossiblePasswordPolicyException error while activating user" );
-            LOGGER.warn( pwmSession, info, e );
+            LOGGER.warn( pwmRequest.getLabel(), info, e );
             throw new PwmOperationalException( info );
         }
     }
@@ -155,7 +155,6 @@ class ActivateUserUtils
             throws ChaiUnavailableException, PwmDataValidationException, PwmUnrecoverableException
     {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final String searchFilter = figureLdapSearchFilter( pwmRequest );
         final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider( userIdentity.getLdapProfileID() );
         final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser( userIdentity.getUserDN() );
@@ -167,7 +166,7 @@ class ActivateUserUtils
             final String tokenizedAttrName = "%" + attrName + "%";
             if ( searchFilter.contains( tokenizedAttrName ) )
             {
-                LOGGER.trace( pwmSession, () -> "skipping validation of ldap value for '" + attrName + "' because it is in search filter" );
+                LOGGER.trace( pwmRequest, () -> "skipping validation of ldap value for '" + attrName + "' because it is in search filter" );
             }
             else
             {
@@ -182,14 +181,14 @@ class ActivateUserUtils
                                         attrName,
                                 }
                         );
-                        LOGGER.debug( pwmSession, errorInfo );
+                        LOGGER.debug( pwmRequest, errorInfo );
                         throw new PwmDataValidationException( errorInfo );
                     }
-                    LOGGER.trace( pwmSession, () -> "successful validation of ldap value for '" + attrName + "'" );
+                    LOGGER.trace( pwmRequest, () -> "successful validation of ldap value for '" + attrName + "'" );
                 }
                 catch ( final ChaiOperationException e )
                 {
-                    LOGGER.error( pwmSession.getLabel(), "error during param validation of '" + attrName + "', error: " + e.getMessage() );
+                    LOGGER.error( pwmRequest, "error during param validation of '" + attrName + "', error: " + e.getMessage() );
                     throw new PwmDataValidationException( new ErrorInformation(
                             PwmError.ERROR_ACTIVATION_VALIDATIONFAIL,
                             "ldap error testing value for '" + attrName + "'", new String[]
@@ -227,7 +226,7 @@ class ActivateUserUtils
         }
         if ( !success )
         {
-            LOGGER.warn( pwmSession, "skipping send activation message for '" + userInfo.getUserIdentity() + "' no email or SMS number configured" );
+            LOGGER.warn( pwmRequest, "skipping send activation message for '" + userInfo.getUserIdentity() + "' no email or SMS number configured" );
         }
     }
 
@@ -245,7 +244,7 @@ class ActivateUserUtils
 
         if ( configuredEmailSetting == null )
         {
-            LOGGER.debug( pwmSession, () -> "skipping send activation email for '" + userInfo.getUserIdentity() + "' no email configured" );
+            LOGGER.debug( pwmRequest, () -> "skipping send activation email for '" + userInfo.getUserIdentity() + "' no email configured" );
             return false;
         }
 
@@ -276,20 +275,20 @@ class ActivateUserUtils
         }
         catch ( final Exception e )
         {
-            LOGGER.debug( pwmSession, () -> "error reading SMS attribute from user '" + pwmSession.getUserInfo().getUserIdentity() + "': " + e.getMessage() );
+            LOGGER.debug( pwmRequest, () -> "error reading SMS attribute from user '" + pwmSession.getUserInfo().getUserIdentity() + "': " + e.getMessage() );
             return false;
         }
 
         if ( toSmsNumber == null || toSmsNumber.length() < 1 )
         {
-            LOGGER.debug( pwmSession, () -> "skipping send activation SMS for '" + pwmSession.getUserInfo().getUserIdentity() + "' no SMS number configured" );
+            LOGGER.debug( pwmRequest, () -> "skipping send activation SMS for '" + pwmSession.getUserInfo().getUserIdentity() + "' no SMS number configured" );
             return false;
         }
 
         pwmApplication.sendSmsUsingQueue(
                 toSmsNumber,
                 message,
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmSession.getSessionManager().getMacroMachine( pwmApplication )
         );
         return true;

server/src/main/java/password/pwm/http/servlet/admin/AdminServlet.java

@@ -450,7 +450,7 @@ public class AdminServlet extends ControlledPwmServlet
             final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(
                     pwmRequest.getPwmApplication(),
                     pwmRequest.getLocale(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity
             );
             final String output = JsonUtil.serialize( userDebugData, JsonUtil.Flag.PrettyPrint );
@@ -554,7 +554,7 @@ public class AdminServlet extends ControlledPwmServlet
         final UserIdentity userIdentity;
         try
         {
-            userIdentity = userSearchEngine.resolveUsername( username, null, null, pwmRequest.getSessionLabel() );
+            userIdentity = userSearchEngine.resolveUsername( username, null, null, pwmRequest.getLabel() );
             final AdminBean adminBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, AdminBean.class );
             adminBean.setLastUserDebug( userIdentity );
         }
@@ -567,7 +567,7 @@ public class AdminServlet extends ControlledPwmServlet
         final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(
                 pwmRequest.getPwmApplication(),
                 pwmRequest.getLocale(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 userIdentity
         );
         pwmRequest.setAttribute( PwmRequestAttribute.UserDebugData, userDebugData );

server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServlet.java

@@ -237,7 +237,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             final AuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createUserAuditRecord(
                     AuditEvent.AGREEMENT_PASSED,
                     pwmRequest.getUserInfoIfLoggedIn(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     "ChangePassword"
             );
             pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
@@ -278,7 +278,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             if ( !passed )
             {
                 pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity(
-                        userInfo.getUserIdentity(), pwmRequest.getSessionLabel() );
+                        userInfo.getUserIdentity(), pwmRequest.getLabel() );
                 LOGGER.debug( pwmRequest, () -> "failed password validation check: currentPassword value is incorrect" );
                 setLastError( pwmRequest, new ErrorInformation( PwmError.ERROR_BAD_CURRENT_PASSWORD ) );
                 return ProcessStatus.Continue;
@@ -294,15 +294,15 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             final Map<FormConfiguration, String> formValues = FormUtility.readFormValuesFromRequest(
                     pwmRequest, formItem, ssBean.getLocale() );
 
-            ChangePasswordServletUtil.validateParamsAgainstLDAP( formValues, pwmRequest.getPwmSession(),
+            ChangePasswordServletUtil.validateParamsAgainstLDAP( formValues, pwmRequest,
                     pwmRequest.getPwmSession().getSessionManager().getActor( pwmRequest.getPwmApplication() ) );
 
             cpb.setFormPassed( true );
         }
         catch ( final PwmOperationalException e )
         {
-            pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession( pwmRequest.getPwmSession() );
-            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity( userInfo.getUserIdentity(), pwmRequest.getSessionLabel() );
+            pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity( userInfo.getUserIdentity(), pwmRequest.getLabel() );
             LOGGER.debug( pwmRequest, e.getErrorInformation() );
             setLastError( pwmRequest, e.getErrorInformation() );
             return ProcessStatus.Continue;
@@ -326,7 +326,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             final PasswordChangeProgressChecker checker = new PasswordChangeProgressChecker(
                     pwmRequest.getPwmApplication(),
                     pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getLocale()
             );
             passwordChangeProgress = checker.figureProgress( progressTracker );
@@ -349,7 +349,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             final PasswordChangeProgressChecker checker = new PasswordChangeProgressChecker(
                     pwmRequest.getPwmApplication(),
                     pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getLocale()
             );
             final PasswordChangeProgressChecker.PasswordChangeProgress passwordChangeProgress = checker.figureProgress( progressTracker );
@@ -427,7 +427,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     private ProcessStatus processRandomPasswordAction( final PwmRequest pwmRequest ) throws IOException, PwmUnrecoverableException, ChaiUnavailableException
     {
         final PasswordData passwordData = RandomPasswordGenerator.createRandomPassword(
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getPwmSession().getUserInfo().getPasswordPolicy(),
                 pwmRequest.getPwmApplication() );
 
@@ -472,7 +472,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             return;
         }
 
-        if ( ChangePasswordServletUtil.determineIfCurrentPasswordRequired( pwmApplication, pwmSession ) && !changePasswordBean.isCurrentPasswordPassed() )
+        if ( ChangePasswordServletUtil.determineIfCurrentPasswordRequired( pwmRequest ) && !changePasswordBean.isCurrentPasswordPassed() )
         {
             forwardToFormPage( pwmRequest );
             return;
@@ -516,7 +516,8 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     }
 
     @Override
-    public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
+    public ProcessStatus preProcessCheck( final PwmRequest pwmRequest )
+            throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
@@ -535,7 +536,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
 
         }
 
-        if ( ChangePasswordServletUtil.determineIfCurrentPasswordRequired( pwmApplication, pwmSession ) )
+        if ( ChangePasswordServletUtil.determineIfCurrentPasswordRequired( pwmRequest ) )
         {
             changePasswordBean.setCurrentPasswordRequired( true );
         }
@@ -546,7 +547,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             return ProcessStatus.Halt;
         }
 
-        ChangePasswordServletUtil.checkMinimumLifetime( pwmApplication, pwmSession, changePasswordBean, pwmSession.getUserInfo() );
+        ChangePasswordServletUtil.checkMinimumLifetime( pwmRequest, changePasswordBean, pwmSession.getUserInfo() );
 
         return ProcessStatus.Continue;
     }

server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServletUtil.java

@@ -57,29 +57,29 @@ public class ChangePasswordServletUtil
     private static final PwmLogger LOGGER = PwmLogger.forClass( ChangePasswordServletUtil.class );
 
     static boolean determineIfCurrentPasswordRequired(
-            final PwmApplication pwmApplication,
-            final PwmSession pwmSession
+            final PwmRequest pwmRequest
     )
             throws PwmUnrecoverableException
     {
-        final RequireCurrentPasswordMode currentSetting = pwmApplication.getConfig().readSettingAsEnum( PwmSetting.PASSWORD_REQUIRE_CURRENT, RequireCurrentPasswordMode.class );
+        final RequireCurrentPasswordMode currentSetting = pwmRequest.getConfig().readSettingAsEnum( PwmSetting.PASSWORD_REQUIRE_CURRENT, RequireCurrentPasswordMode.class );
 
         if ( currentSetting == RequireCurrentPasswordMode.FALSE )
         {
             return false;
         }
 
-        if ( pwmSession.getLoginInfoBean().getType() == AuthenticationType.AUTH_FROM_PUBLIC_MODULE )
+        final LoginInfoBean loginInfoBean = pwmRequest.getPwmSession().getLoginInfoBean();
+        if ( loginInfoBean.getType() == AuthenticationType.AUTH_FROM_PUBLIC_MODULE )
         {
-            LOGGER.debug( pwmSession, () -> "skipping user current password requirement, authentication type is " + AuthenticationType.AUTH_FROM_PUBLIC_MODULE );
+            LOGGER.debug( pwmRequest, () -> "skipping user current password requirement, authentication type is " + AuthenticationType.AUTH_FROM_PUBLIC_MODULE );
             return false;
         }
 
         {
-            final PasswordData currentPassword = pwmSession.getLoginInfoBean().getUserCurrentPassword();
+            final PasswordData currentPassword = loginInfoBean.getUserCurrentPassword();
             if ( currentPassword == null )
             {
-                LOGGER.debug( pwmSession, () -> "skipping user current password requirement, current password is not known to application" );
+                LOGGER.debug( pwmRequest, () -> "skipping user current password requirement, current password is not known to application" );
                 return false;
             }
         }
@@ -89,18 +89,19 @@ public class ChangePasswordServletUtil
             return true;
         }
 
-        final PasswordStatus passwordStatus = pwmSession.getUserInfo().getPasswordStatus();
+        final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
+        final PasswordStatus passwordStatus = userInfo.getPasswordStatus();
         return currentSetting == RequireCurrentPasswordMode.NOTEXPIRED
                 && !passwordStatus.isExpired()
                 && !passwordStatus.isPreExpired()
                 && !passwordStatus.isViolatesPolicy()
-                && !pwmSession.getUserInfo().isRequiresNewPassword();
+                && !userInfo.isRequiresNewPassword();
 
     }
 
     static void validateParamsAgainstLDAP(
             final Map<FormConfiguration, String> formValues,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final ChaiUser theUser
     )
             throws ChaiUnavailableException, PwmDataValidationException
@@ -120,14 +121,14 @@ public class ChangePasswordServletUtil
                                     attrName,
                             }
                     );
-                    LOGGER.debug( pwmSession, errorInfo );
+                    LOGGER.debug( pwmRequest, errorInfo );
                     throw new PwmDataValidationException( errorInfo );
                 }
-                LOGGER.trace( pwmSession, () -> "successful validation of ldap value for '" + attrName + "'" );
+                LOGGER.trace( pwmRequest, () -> "successful validation of ldap value for '" + attrName + "'" );
             }
             catch ( final ChaiOperationException e )
             {
-                LOGGER.error( pwmSession, "error during param validation of '" + attrName + "', error: " + e.getMessage() );
+                LOGGER.error( pwmRequest, "error during param validation of '" + attrName + "', error: " + e.getMessage() );
                 throw new PwmDataValidationException( new ErrorInformation(
                         PwmError.ERROR_INCORRECT_RESPONSE,
                         "ldap error testing value for '" + attrName + "'",
@@ -141,31 +142,30 @@ public class ChangePasswordServletUtil
     }
 
     static void sendChangePasswordEmailNotice(
-            final PwmSession pwmSession,
-            final PwmApplication pwmApplication
+            final PwmRequest pwmRequest
     )
             throws PwmUnrecoverableException
     {
-        final Configuration config = pwmApplication.getConfig();
-        final Locale locale = pwmSession.getSessionStateBean().getLocale();
+        final Configuration config = pwmRequest.getConfig();
+        final Locale locale = pwmRequest.getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_CHANGEPASSWORD, locale );
 
         if ( configuredEmailSetting == null )
         {
-            LOGGER.debug( pwmSession, () -> "skipping change password email for '" + pwmSession.getUserInfo().getUserIdentity() + "' no email configured" );
+            LOGGER.debug( pwmRequest, () -> "skipping change password email for '" + pwmRequest.getUserInfoIfLoggedIn() + "' no email configured" );
             return;
         }
 
+        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         pwmApplication.getEmailQueue().submitEmail(
                 configuredEmailSetting,
-                pwmSession.getUserInfo(),
+                pwmRequest.getPwmSession().getUserInfo(),
 
-                pwmSession.getSessionManager().getMacroMachine( pwmApplication ) );
+                pwmRequest.getPwmSession().getSessionManager().getMacroMachine( pwmApplication ) );
     }
 
     static void checkMinimumLifetime(
-            final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final ChangePasswordBean changePasswordBean,
             final UserInfo userInfo
     )
@@ -179,11 +179,11 @@ public class ChangePasswordServletUtil
         if ( userInfo.isWithinPasswordMinimumLifetime() )
         {
             boolean allowChange = false;
-            if ( pwmSession.getLoginInfoBean().getAuthFlags().contains( AuthenticationType.AUTH_FROM_PUBLIC_MODULE ) )
+            if ( pwmRequest.getPwmSession().getLoginInfoBean().getAuthFlags().contains( AuthenticationType.AUTH_FROM_PUBLIC_MODULE ) )
             {
                 allowChange = ForgottenPasswordUtil.permitPwChangeDuringMinLifetime(
-                        pwmApplication,
-                        pwmSession.getLabel(),
+                        pwmRequest.getPwmApplication(),
+                        pwmRequest.getLabel(),
                         userInfo.getUserIdentity()
                 );
 
@@ -191,12 +191,12 @@ public class ChangePasswordServletUtil
 
             if ( allowChange )
             {
-                LOGGER.debug( pwmSession, () -> "current password is too young, but skipping enforcement of minimum lifetime check due to setting "
-                        + PwmSetting.RECOVERY_MINIMUM_PASSWORD_LIFETIME_OPTIONS.toMenuLocationDebug( null, pwmSession.getSessionStateBean().getLocale() ) );
+                LOGGER.debug( pwmRequest, () -> "current password is too young, but skipping enforcement of minimum lifetime check due to setting "
+                        + PwmSetting.RECOVERY_MINIMUM_PASSWORD_LIFETIME_OPTIONS.toMenuLocationDebug( null, pwmRequest.getLocale() ) );
             }
             else
             {
-                PasswordUtility.throwPasswordTooSoonException( userInfo, pwmSession.getLabel() );
+                PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getLabel() );
             }
         }
 
@@ -222,16 +222,16 @@ public class ChangePasswordServletUtil
             final PasswordChangeProgressChecker.ProgressTracker tracker = new PasswordChangeProgressChecker.ProgressTracker();
             final PasswordChangeProgressChecker checker = new PasswordChangeProgressChecker(
                     pwmApplication,
-                    pwmSession.getUserInfo().getUserIdentity(),
-                    pwmSession.getLabel(),
-                    pwmSession.getSessionStateBean().getLocale()
+                    pwmRequest.getUserInfoIfLoggedIn(),
+                    pwmRequest.getLabel(),
+                    pwmRequest.getLocale()
             );
             cpb.setChangeProgressTracker( tracker );
             cpb.setChangePasswordMaxCompletion( checker.maxCompletionTime( tracker ) );
         }
 
         // send user an email confirmation
-        ChangePasswordServletUtil.sendChangePasswordEmailNotice( pwmSession, pwmApplication );
+        ChangePasswordServletUtil.sendChangePasswordEmailNotice( pwmRequest );
 
         // send audit event
         pwmApplication.getAuditManager().submit( AuditEvent.CHANGE_PASSWORD, pwmSession.getUserInfo(), pwmSession );

server/src/main/java/password/pwm/http/servlet/command/CommandServlet.java

@@ -150,7 +150,7 @@ public abstract class CommandServlet extends ControlledPwmServlet
             final boolean forceLogoutOnChange = config.readSettingAsBoolean( PwmSetting.LOGOUT_AFTER_PASSWORD_CHANGE );
             if ( forceLogoutOnChange && pwmSession.getSessionStateBean().isPasswordModified() )
             {
-                LOGGER.trace( pwmSession, () -> "logging out user; password has been modified" );
+                LOGGER.trace( pwmRequest, () -> "logging out user; password has been modified" );
                 pwmRequest.sendRedirect( PwmServletDefinition.Logout );
                 return ProcessStatus.Halt;
             }
@@ -304,12 +304,10 @@ public abstract class CommandServlet extends ControlledPwmServlet
     )
             throws ChaiUnavailableException, IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
-
         if ( !pwmRequest.isAuthenticated() )
         {
             final String action = pwmRequest.readParameterAsString( PwmConstants.PARAM_ACTION_REQUEST );
-            LOGGER.info( pwmSession, () -> "authentication required for " + action );
+            LOGGER.info( pwmRequest, () -> "authentication required for " + action );
             pwmRequest.respondWithError( PwmError.ERROR_AUTHENTICATION_REQUIRED.toInfo() );
             return false;
         }

server/src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServlet.java

@@ -64,7 +64,6 @@ import password.pwm.http.JspUrl;
 import password.pwm.http.ProcessStatus;
 import password.pwm.http.PwmHttpRequestWrapper;
 import password.pwm.http.PwmRequest;
-import password.pwm.http.PwmSession;
 import password.pwm.http.bean.ConfigManagerBean;
 import password.pwm.http.servlet.AbstractPwmServlet;
 import password.pwm.http.servlet.ControlledPwmServlet;
@@ -484,10 +483,9 @@ public class ConfigEditorServlet extends ControlledPwmServlet
 
     @ActionHandler( action = "finishEditing" )
     private ProcessStatus restFinishEditing( final PwmRequest pwmRequest )
-            throws IOException, ServletException, PwmUnrecoverableException
+            throws IOException, PwmUnrecoverableException
     {
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final List<String> validationErrors = StoredConfigurationUtil.validateValues( configManagerBean.getStoredConfiguration() );
         if ( !validationErrors.isEmpty() )
         {
@@ -498,7 +496,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
                     }
             );
             pwmRequest.outputJsonResult( RestResultBean.fromError( errorInfo, pwmRequest ) );
-            LOGGER.error( pwmSession, errorInfo );
+            LOGGER.error( pwmRequest, errorInfo );
             return ProcessStatus.Halt;
         }
         else
@@ -508,14 +506,14 @@ public class ConfigEditorServlet extends ControlledPwmServlet
                 ConfigManagerServlet.saveConfiguration( pwmRequest, configManagerBean.getStoredConfiguration() );
                 configManagerBean.setStoredConfiguration( null );
                 configManagerBean.setStoredConfiguration( null );
-                LOGGER.debug( pwmSession, () -> "save configuration operation completed" );
+                LOGGER.debug( pwmRequest, () -> "save configuration operation completed" );
                 pwmRequest.outputJsonResult( RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown ) );
             }
             catch ( final PwmUnrecoverableException e )
             {
                 final ErrorInformation errorInfo = e.getErrorInformation();
                 pwmRequest.outputJsonResult( RestResultBean.fromError( errorInfo, pwmRequest ) );
-                LOGGER.error( pwmSession, errorInfo );
+                LOGGER.error( pwmRequest, errorInfo );
             }
         }
 
@@ -720,13 +718,13 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         else
         {
             final Map<String, String> testParams = pwmRequest.readBodyAsJsonStringMap();
-            final SmsItemBean testSmsItem = new SmsItemBean( testParams.get( "to" ), testParams.get( "message" ), pwmRequest.getSessionLabel() );
+            final SmsItemBean testSmsItem = new SmsItemBean( testParams.get( "to" ), testParams.get( "message" ), pwmRequest.getLabel() );
             try
             {
                 final String responseBody = SmsQueueManager.sendDirectMessage(
                         pwmRequest.getPwmApplication(),
                         config,
-                        pwmRequest.getSessionLabel(),
+                        pwmRequest.getLabel(),
                         testSmsItem
                 );
                 returnRecords.add( new HealthRecord( HealthStatus.INFO, HealthTopic.SMS, "message sent" ) );
@@ -905,7 +903,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final LinkedHashMap<String, Object> returnMap = new LinkedHashMap<>( generateSettingData(
                 pwmRequest.getPwmApplication(),
                 configManagerBean.getStoredConfiguration(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale()
         )
         );
@@ -995,7 +993,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
             }
             else
             {
-                macroMachine = MacroMachine.forNonUserSpecific( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel() );
+                macroMachine = MacroMachine.forNonUserSpecific( pwmRequest.getPwmApplication(), pwmRequest.getLabel() );
             }
             final String input = inputMap.get( "input" );
             final String output = macroMachine.expandMacros( input );
@@ -1092,7 +1090,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
     {
         final RestRandomPasswordServer.JsonInput jsonInput = JsonUtil.deserialize( pwmRequest.readRequestBodyAsString(), RestRandomPasswordServer.JsonInput.class );
         final RandomPasswordGenerator.RandomGeneratorConfig randomConfig = RestRandomPasswordServer.jsonInputToRandomConfig( jsonInput, PwmPasswordPolicy.defaultPolicy() );
-        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getSessionLabel(), randomConfig, pwmRequest.getPwmApplication() );
+        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomConfig, pwmRequest.getPwmApplication() );
         final RestRandomPasswordServer.JsonOutput outputMap = new RestRandomPasswordServer.JsonOutput();
         outputMap.setPassword( randomPassword.getStringValue() );
 

server/src/main/java/password/pwm/http/servlet/configguide/ConfigGuideServlet.java

@@ -670,7 +670,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
         final LinkedHashMap<String, Object> returnMap = new LinkedHashMap<>( ConfigEditorServlet.generateSettingData(
                 pwmRequest.getPwmApplication(),
                 storedConfiguration,
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale()
         )
         );

server/src/main/java/password/pwm/http/servlet/configguide/ConfigGuideUtils.java

@@ -42,12 +42,12 @@ import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.ContextManager;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmRequestAttribute;
-import password.pwm.http.PwmSession;
 import password.pwm.http.bean.ConfigGuideBean;
 import password.pwm.i18n.Message;
 import password.pwm.ldap.schema.SchemaManager;
 import password.pwm.ldap.schema.SchemaOperationResult;
 import password.pwm.util.LDAPPermissionCalculator;
+import password.pwm.util.java.JavaHelper;
 import password.pwm.util.java.Percent;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.secure.X509Utils;
@@ -217,7 +217,6 @@ public class ConfigGuideUtils
             throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
         if ( pwmApplication.getApplicationMode() == PwmApplicationMode.RUNNING )
@@ -240,12 +239,12 @@ public class ConfigGuideUtils
                 {
                     final StoredConfiguration storedConfig = StoredConfigurationFactory.fromXml( uploadedFile );
                     final List<String> configErrors = StoredConfigurationUtil.validateValues( storedConfig );
-                    if ( configErrors != null && !configErrors.isEmpty() )
+                    if ( !JavaHelper.isEmpty( configErrors ) )
                     {
                         throw new PwmOperationalException( new ErrorInformation( PwmError.CONFIG_FORMAT_ERROR, configErrors.get( 0 ) ) );
                     }
                     ConfigGuideUtils.writeConfig( ContextManager.getContextManager( req.getSession() ), storedConfig );
-                    LOGGER.trace( pwmSession, () -> "read config from file: " + storedConfig.toString() );
+                    LOGGER.trace( pwmRequest, () -> "read config from file: " + storedConfig.toString() );
                     final RestResultBean restResultBean = RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown );
                     pwmRequest.getPwmResponse().outputJsonResult( restResultBean );
                     req.getSession().invalidate();
@@ -254,7 +253,7 @@ public class ConfigGuideUtils
                 {
                     final RestResultBean restResultBean = RestResultBean.fromError( e.getErrorInformation(), pwmRequest );
                     pwmRequest.getPwmResponse().outputJsonResult( restResultBean );
-                    LOGGER.error( pwmSession, e.getErrorInformation().toDebugStr() );
+                    LOGGER.error( pwmRequest, e.getErrorInformation().toDebugStr() );
                 }
             }
             else
@@ -262,7 +261,7 @@ public class ConfigGuideUtils
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.CONFIG_UPLOAD_FAILURE, "error reading config file: no file present in upload" );
                 final RestResultBean restResultBean = RestResultBean.fromError( errorInformation, pwmRequest );
                 pwmRequest.getPwmResponse().outputJsonResult( restResultBean );
-                LOGGER.error( pwmSession, errorInformation.toDebugStr() );
+                LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
             }
         }
     }

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerLocalDBServlet.java

@@ -143,7 +143,7 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
         {
             final int bufferSize = Integer.parseInt( pwmRequest.getConfig().readAppProperty( AppProperty.HTTP_DOWNLOAD_BUFFER_SIZE ) );
             final OutputStream bos = new BufferedOutputStream( resp.getOutputStream(), bufferSize );
-            localDBUtility.exportLocalDB( bos, LOGGER.asAppendable( PwmLogLevel.DEBUG, pwmRequest.getSessionLabel() ) );
+            localDBUtility.exportLocalDB( bos, LOGGER.asAppendable( PwmLogLevel.DEBUG, pwmRequest.getLabel() ) );
             LOGGER.debug( pwmRequest, () -> "completed localDBExport process in " + TimeDuration.fromCurrent( startTime ).asCompactString() );
         }
         catch ( final Exception e )
@@ -193,7 +193,7 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
             final LocalDBUtility localDBUtility = new LocalDBUtility( localDB );
             LOGGER.info( pwmRequest, () -> "beginning LocalDB import" );
             localDBUtility.importLocalDB( inputStream,
-                    LOGGER.asAppendable( PwmLogLevel.DEBUG, pwmRequest.getSessionLabel() ) );
+                    LOGGER.asAppendable( PwmLogLevel.DEBUG, pwmRequest.getLabel() ) );
             LOGGER.info( pwmRequest, () -> "completed LocalDB import" );
         }
         catch ( final Exception e )

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerLoginServlet.java

@@ -150,8 +150,8 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
             else
             {
                 LOGGER.trace( pwmRequest, () -> "configuration password is not correct" );
-                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest.getPwmSession() );
-                pwmApplication.getIntruderManager().mark( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME, pwmRequest.getSessionLabel() );
+                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+                pwmApplication.getIntruderManager().mark( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME, pwmRequest.getLabel() );
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_PASSWORD_ONLY_BAD );
                 updateLoginHistory( pwmRequest, pwmRequest.getUserInfoIfLoggedIn(), false );
                 setLastError( pwmRequest, errorInformation );

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerServlet.java

@@ -231,7 +231,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
             final String msg = LocaleHelper.getLocalizedMessage( Admin.Notice_TrialRestrictConfig, pwmRequest );
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_TRIAL_VIOLATION, msg );
             final RestResultBean restResultBean = RestResultBean.fromError( errorInfo, pwmRequest );
-            LOGGER.debug( pwmSession, errorInfo );
+            LOGGER.debug( pwmRequest, errorInfo );
             pwmRequest.outputJsonResult( restResultBean );
             return;
         }
@@ -244,7 +244,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
                     "You must be authenticated with admin privileges before restricting the configuration"
             );
             final RestResultBean restResultBean = RestResultBean.fromError( errorInfo, pwmRequest );
-            LOGGER.debug( pwmSession, errorInfo );
+            LOGGER.debug( pwmRequest, errorInfo );
             pwmRequest.outputJsonResult( restResultBean );
             return;
         }
@@ -260,7 +260,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
                         }
                 );
                 final RestResultBean restResultBean = RestResultBean.fromError( errorInfo, pwmRequest );
-                LOGGER.debug( pwmSession, errorInfo );
+                LOGGER.debug( pwmRequest, errorInfo );
                 pwmRequest.outputJsonResult( restResultBean );
                 return;
             }
@@ -275,7 +275,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
         {
             final ErrorInformation errorInfo = e.getErrorInformation();
             final RestResultBean restResultBean = RestResultBean.fromError( errorInfo, pwmRequest );
-            LOGGER.debug( pwmSession, errorInfo );
+            LOGGER.debug( pwmRequest, errorInfo );
             pwmRequest.outputJsonResult( restResultBean );
             return;
         }
@@ -283,12 +283,12 @@ public class ConfigManagerServlet extends AbstractPwmServlet
         {
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_INTERNAL, e.getMessage() );
             final RestResultBean restResultBean = RestResultBean.fromError( errorInfo, pwmRequest );
-            LOGGER.debug( pwmSession, errorInfo );
+            LOGGER.debug( pwmRequest, errorInfo );
             pwmRequest.outputJsonResult( restResultBean );
             return;
         }
         final HashMap<String, String> resultData = new HashMap<>();
-        LOGGER.info( pwmSession, () -> "Configuration Locked" );
+        LOGGER.info( pwmRequest, () -> "Configuration Locked" );
         pwmRequest.outputJsonResult( RestResultBean.withData( resultData ) );
     }
 
@@ -317,7 +317,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
             contextManager.getConfigReader().saveConfiguration(
                     storedConfiguration,
                     contextManager.getPwmApplication(),
-                    pwmRequest.getSessionLabel()
+                    pwmRequest.getLabel()
             );
 
             contextManager.requestPwmApplicationRestart();
@@ -344,7 +344,6 @@ public class ConfigManagerServlet extends AbstractPwmServlet
     private void doDownloadConfig( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final PwmResponse resp = pwmRequest.getPwmResponse();
 
         try
@@ -358,14 +357,14 @@ public class ConfigManagerServlet extends AbstractPwmServlet
         }
         catch ( final Exception e )
         {
-            LOGGER.error( pwmSession, "unable to download configuration: " + e.getMessage() );
+            LOGGER.error( pwmRequest, "unable to download configuration: " + e.getMessage() );
         }
     }
 
     private void doGenerateSupportZip( final PwmRequest pwmRequest )
             throws IOException, PwmUnrecoverableException
     {
-        final DebugItemGenerator debugItemGenerator = new DebugItemGenerator( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel() );
+        final DebugItemGenerator debugItemGenerator = new DebugItemGenerator( pwmRequest.getPwmApplication(), pwmRequest.getLabel() );
         final PwmResponse resp = pwmRequest.getPwmResponse();
         resp.setHeader( HttpHeader.ContentDisposition, "attachment;filename=" + PwmConstants.PWM_APP_NAME + "-Support.zip" );
         resp.setContentType( HttpContentType.zip );

server/src/main/java/password/pwm/http/servlet/configmanager/DebugItemGenerator.java

@@ -88,6 +88,7 @@ import java.util.Map;
 import java.util.Properties;
 import java.util.Set;
 import java.util.TreeMap;
+import java.util.function.Function;
 import java.util.stream.Collectors;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
@@ -109,6 +110,7 @@ public class DebugItemGenerator
             ThreadDumpDebugItemGenerator.class,
             FileInfoDebugItemGenerator.class,
             LogDebugItemGenerator.class,
+            LogJsonItemGenerator.class,
             LdapDebugItemGenerator.class,
             LDAPPermissionItemGenerator.class,
             LocalDBDebugGenerator.class,
@@ -554,35 +556,65 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final long maxByteCount = JavaHelper.silentParseLong( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGBYTES ), 10_000_000 );
-            final int maxSeconds = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGSECONDS ), 60 );
-            final LocalDBSearchQuery searchParameters = LocalDBSearchQuery.builder()
-                    .minimumLevel( PwmLogLevel.TRACE )
-                    .maxEvents( Integer.MAX_VALUE )
-                    .maxQueryTime( TimeDuration.of( maxSeconds, TimeDuration.Unit.SECONDS ) )
-                    .build();
+            final Instant startTime = Instant.now();
+            final Function<PwmLogEvent, String> logEventFormatter = PwmLogEvent::toLogString;
 
-            final LocalDBSearchResults searchResults = pwmApplication.getLocalDBLogger().readStoredEvents( searchParameters );
-            final CountingOutputStream countingOutputStream = new CountingOutputStream( outputStream );
+            outputLogs( debugItemInput.getPwmApplication(), outputStream, logEventFormatter );
+            LOGGER.trace( () ->  "debug log output completed in " + TimeDuration.compactFromCurrent( startTime ) );
+        }
+    }
 
-            final Writer writer = new OutputStreamWriter( countingOutputStream, PwmConstants.DEFAULT_CHARSET );
-            {
-                while ( searchResults.hasNext() && countingOutputStream.getByteCount() < maxByteCount )
-                {
-                    final PwmLogEvent event = searchResults.next();
-                    writer.write( event.toLogString() );
-                    writer.write( "\n" );
-                }
+    static class LogJsonItemGenerator implements Generator
+    {
+        @Override
+        public String getFilename( )
+        {
+            return "debug.json";
+        }
 
-                final String outputMsg = "debug output " + searchResults.getReturnedEvents() + " lines in " + searchResults.getSearchTime().asCompactString();
-                writer.write( "\n#" + outputMsg + "\n" );
-                LOGGER.trace( () ->  outputMsg );
+        @Override
+        public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
+        {
+            final Instant startTime = Instant.now();
+            final Function<PwmLogEvent, String> logEventFormatter = pwmLogEvent -> JsonUtil.serialize( pwmLogEvent );
+
+            outputLogs( debugItemInput.getPwmApplication(), outputStream, logEventFormatter );
+            LOGGER.trace( () ->  "debug json output completed in " + TimeDuration.compactFromCurrent( startTime ) );
+        }
+    }
+
+    private static void outputLogs(
+            final PwmApplication pwmApplication,
+            final OutputStream outputStream,
+            final Function<PwmLogEvent, String> logEventFormatter
+    )
+            throws Exception
+    {
+        final long maxByteCount = JavaHelper.silentParseLong( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGBYTES ), 10_000_000 );
+        final int maxSeconds = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGSECONDS ), 60 );
+        final LocalDBSearchQuery searchParameters = LocalDBSearchQuery.builder()
+                .minimumLevel( PwmLogLevel.TRACE )
+                .maxEvents( Integer.MAX_VALUE )
+                .maxQueryTime( TimeDuration.of( maxSeconds, TimeDuration.Unit.SECONDS ) )
+                .build();
+
+        final LocalDBSearchResults searchResults = pwmApplication.getLocalDBLogger().readStoredEvents( searchParameters );
+        final CountingOutputStream countingOutputStream = new CountingOutputStream( outputStream );
+
+        final Writer writer = new OutputStreamWriter( countingOutputStream, PwmConstants.DEFAULT_CHARSET );
+        {
+            while ( searchResults.hasNext() && countingOutputStream.getByteCount() < maxByteCount )
+            {
+                final PwmLogEvent event = searchResults.next();
+                final String output = logEventFormatter.apply( event );
+                writer.write( output );
+                writer.write( "\n" );
             }
 
-            // do not close writer because underlying stream should not be closed.
-            writer.flush();
         }
+
+        // do not close writer because underlying stream should not be closed.
+        writer.flush();
     }
 
     static class LDAPPermissionItemGenerator implements Generator

server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordServlet.java

@@ -266,7 +266,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                         if ( disallowAllButUnlock )
                         {
                             final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo( pwmRequest.commonValues(), forgottenPasswordBean );
-                            PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getSessionLabel() );
+                            PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getLabel() );
                         }
                         this.executeResetPassword( pwmRequest );
                         break;
@@ -385,7 +385,6 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     private ProcessStatus processSearch( final PwmRequest pwmRequest )
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final Locale userLocale = pwmRequest.getLocale();
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
 
@@ -430,7 +429,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                 if ( configuredSearchFilter == null || configuredSearchFilter.isEmpty() )
                 {
                     searchFilter = FormUtility.ldapSearchFilterForForm( pwmApplication, forgottenPasswordForm );
-                    LOGGER.trace( pwmSession, () -> "auto generated ldap search filter: " + searchFilter );
+                    LOGGER.trace( pwmRequest, () -> "auto generated ldap search filter: " + searchFilter );
                 }
                 else
                 {
@@ -449,7 +448,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                         .ldapProfile( ldapProfile )
                         .build();
 
-                userIdentity = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmRequest.getSessionLabel() );
+                userIdentity = userSearchEngine.performSingleUserSearch( searchConfiguration, pwmRequest.getLabel() );
             }
 
             if ( userIdentity == null )
@@ -477,10 +476,10 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                 );
                 pwmApplication.getStatisticsManager().incrementValue( Statistic.RECOVERY_FAILURES );
 
-                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmSession );
-                pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getSessionLabel() );
+                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+                pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
 
-                LOGGER.debug( pwmSession, errorInfo );
+                LOGGER.debug( pwmRequest, errorInfo );
                 setLastError( pwmRequest, errorInfo );
                 return ProcessStatus.Continue;
             }
@@ -693,7 +692,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
             try
             {
-                oauthUserIdentity = userSearchEngine.resolveUsername( userDNfromOAuth, null, null, pwmRequest.getSessionLabel() );
+                oauthUserIdentity = userSearchEngine.resolveUsername( userDNfromOAuth, null, null, pwmRequest.getLabel() );
             }
             catch ( final PwmOperationalException e )
             {
@@ -854,7 +853,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             {
                 final List<FormConfiguration> formConfigurations = pwmRequest.getConfig().readSettingAsForm( PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FORM );
                 final Map<FormConfiguration, String> formMap = FormUtility.asFormConfigurationMap( formConfigurations, forgottenPasswordBean.getUserSearchValues() );
-                pwmRequest.getPwmApplication().getIntruderManager().convenience().markAttributes( formMap, pwmRequest.getSessionLabel() );
+                pwmRequest.getPwmApplication().getIntruderManager().convenience().markAttributes( formMap, pwmRequest.getLabel() );
             }
 
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_INCORRECT_RESPONSE,
@@ -979,7 +978,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             if ( !progress.getSatisfiedMethods().contains( IdentityVerificationMethod.PREVIOUS_AUTH ) )
             {
                 final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
-                final String userGuid = LdapOperationsHelper.readLdapGuidValue( pwmApplication, pwmRequest.getSessionLabel(), userIdentity, true );
+                final String userGuid = LdapOperationsHelper.readLdapGuidValue( pwmApplication, pwmRequest.getLabel(), userIdentity, true );
                 if ( ForgottenPasswordUtil.checkAuthRecord( pwmRequest, userGuid ) )
                 {
                     LOGGER.debug( pwmRequest, () -> "marking " + IdentityVerificationMethod.PREVIOUS_AUTH + " method as satisfied" );
@@ -1095,7 +1094,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         {
             if ( userInfo.isWithinPasswordMinimumLifetime() )
             {
-                PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getSessionLabel() );
+                PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getLabel() );
             }
         }
 
@@ -1109,7 +1108,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         {
             if ( disallowAllButUnlock )
             {
-                PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getSessionLabel() );
+                PasswordUtility.throwPasswordTooSoonException( userInfo, pwmRequest.getLabel() );
             }
             ForgottenPasswordUtil.doActionSendNewPassword( pwmRequest );
             return;
@@ -1162,7 +1161,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         {
             final String errorMsg = "unable to unlock user " + userIdentity + " error: " + e.getMessage();
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNLOCK_FAILURE, errorMsg );
-            LOGGER.error( pwmSession, errorInformation.toDebugStr() );
+            LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
             pwmRequest.respondWithError( errorInformation, true );
         }
         finally
@@ -1191,26 +1190,26 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         {
             // try unlocking user
             theUser.unlockPassword();
-            LOGGER.trace( pwmSession, () -> "unlock account succeeded" );
+            LOGGER.trace( pwmRequest, () -> "unlock account succeeded" );
         }
         catch ( final ChaiOperationException e )
         {
             final String errorMsg = "unable to unlock user " + theUser.getEntryDN() + " error: " + e.getMessage();
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNLOCK_FAILURE, errorMsg );
-            LOGGER.error( pwmSession, errorInformation.toDebugStr() );
+            LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
         }
 
         try
         {
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
                     pwmApplication,
-                    pwmSession,
+                    pwmRequest,
                     PwmAuthenticationSource.FORGOTTEN_PASSWORD
             );
             sessionAuthenticator.authUserWithUnknownPassword( userIdentity, AuthenticationType.AUTH_FROM_PUBLIC_MODULE );
             pwmSession.getLoginInfoBean().getAuthFlags().add( AuthenticationType.AUTH_FROM_PUBLIC_MODULE );
 
-            LOGGER.info( pwmSession, () -> "user successfully supplied password recovery responses, forward to change password page: " + theUser.getEntryDN() );
+            LOGGER.info( pwmRequest, () -> "user successfully supplied password recovery responses, forward to change password page: " + theUser.getEntryDN() );
 
             // mark the event log
             pwmApplication.getAuditManager().submit( AuditEvent.RECOVER_PASSWORD, pwmSession.getUserInfo(),
@@ -1224,7 +1223,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         }
         catch ( final PwmUnrecoverableException e )
         {
-            LOGGER.warn( pwmSession,
+            LOGGER.warn( pwmRequest,
                     "unexpected error authenticating during forgotten password recovery process user: " + e.getMessage() );
             pwmRequest.respondWithError( e.getErrorInformation() );
         }
@@ -1252,16 +1251,14 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         {
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
                     pwmRequest.getPwmApplication(),
-                    pwmRequest.getPwmSession(),
+                    pwmRequest,
                     PwmAuthenticationSource.FORGOTTEN_PASSWORD
             );
             sessionAuthenticator.simulateBadPassword( userIdentity );
-            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity( userIdentity,
-                    pwmRequest.getPwmSession() );
+            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity( userIdentity, pwmRequest );
         }
 
-        pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession(
-                pwmRequest.getPwmSession() );
+        pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession( pwmRequest );
 
         StatisticsManager.incrementStat( pwmRequest, Statistic.RECOVERY_FAILURES );
     }
@@ -1392,7 +1389,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                     remoteMethod.init(
                             pwmRequest.getPwmApplication(),
                             userInfo,
-                            pwmRequest.getSessionLabel(),
+                            pwmRequest.getLabel(),
                             pwmRequest.getLocale()
                     );
                     forgottenPasswordBean.getProgress().setRemoteRecoveryMethod( remoteMethod );
@@ -1415,7 +1412,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                 forgottenPasswordBean.getProgress().setInProgressVerificationMethod( IdentityVerificationMethod.OAUTH );
                 final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmApplication(), forgottenPasswordBean );
                 final OAuthSettings oAuthSettings = OAuthSettings.forForgottenPassword( forgottenPasswordProfile );
-                final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getSessionLabel(), oAuthSettings );
+                final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getLabel(), oAuthSettings );
                 pwmRequest.getPwmApplication().getSessionStateService().saveSessionBeans( pwmRequest );
                 final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
                 oAuthMachine.redirectUserToOAuthServer( pwmRequest, null, userIdentity, forgottenPasswordProfile.getIdentifier() );

server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordUtil.java

@@ -444,7 +444,7 @@ public class ForgottenPasswordUtil
         {
             final String errorMsg = "unable to unlock user " + theUser.getEntryDN() + " error: " + e.getMessage();
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNLOCK_FAILURE, errorMsg );
-            LOGGER.error( pwmRequest.getPwmSession(), errorInformation.toDebugStr() );
+            LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
             pwmRequest.respondWithError( errorInformation );
             return;
         }
@@ -453,7 +453,7 @@ public class ForgottenPasswordUtil
         {
             final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(
                     pwmApplication,
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity,
                     pwmRequest.getLocale()
             );
@@ -463,7 +463,7 @@ public class ForgottenPasswordUtil
 
             // create new password
             final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword(
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userInfo.getPasswordPolicy(),
                     pwmApplication
             );
@@ -494,7 +494,7 @@ public class ForgottenPasswordUtil
                 final AuditRecord auditRecord = new AuditRecordFactory( pwmApplication ).createUserAuditRecord(
                         AuditEvent.RECOVER_PASSWORD,
                         userIdentity,
-                        pwmRequest.getSessionLabel()
+                        pwmRequest.getLabel()
                 );
                 pwmApplication.getAuditManager().submit( auditRecord );
             }

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskCardInfoBean.java

@@ -75,7 +75,7 @@ public class HelpdeskCardInfoBean implements Serializable
 
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 actorLocale,
                 userIdentity,
                 theUser.getChaiProvider()
@@ -86,7 +86,7 @@ public class HelpdeskCardInfoBean implements Serializable
         final PhotoDataReader photoDataReader = HelpdeskServlet.photoDataReader( pwmRequest, helpdeskProfile, userIdentity );
         builder.photoURL( photoDataReader.figurePhotoURL( ) );
 
-        builder.displayNames( figureDisplayNames( pwmRequest.getPwmApplication(), helpdeskProfile, pwmRequest.getSessionLabel(), userInfo ) );
+        builder.displayNames( figureDisplayNames( pwmRequest.getPwmApplication(), helpdeskProfile, pwmRequest.getLabel(), userInfo ) );
 
         final TimeDuration timeDuration = TimeDuration.fromCurrent( startTime );
         final HelpdeskCardInfoBean helpdeskCardInfoBean = builder.build();

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskDetailInfoBean.java

@@ -122,18 +122,18 @@ public class HelpdeskDetailInfoBean implements Serializable
 
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 actorLocale,
                 userIdentity,
                 theUser.getChaiProvider()
         );
-        final MacroMachine macroMachine = MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null );
+        final MacroMachine macroMachine = MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userInfo, null );
 
         try
         {
             final List<AccountInformationBean.ActivityRecord> userHistory = AccountInformationBean.makeAuditInfo(
                     pwmRequest.getPwmApplication(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userInfo,
                     pwmRequest.getLocale() );
             builder.userHistory( userHistory );
@@ -145,7 +145,7 @@ public class HelpdeskDetailInfoBean implements Serializable
 
         builder.userKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
 
-        builder.profileData( getProfileData( helpdeskProfile, userInfo, pwmRequest.getSessionLabel(), pwmRequest.getLocale() ) );
+        builder.profileData( getProfileData( helpdeskProfile, userInfo, pwmRequest.getLabel(), pwmRequest.getLocale() ) );
 
         builder.passwordPolicyRules( makePasswordPolicyRules( userInfo, pwmRequest.getLocale(), pwmRequest.getConfig() ) );
 

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServlet.java

@@ -280,7 +280,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     .setMacroMachine( macroMachine )
                     .createActionExecutor();
 
-            actionExecutor.executeAction( action, pwmRequest.getSessionLabel() );
+            actionExecutor.executeAction( action, pwmRequest.getLabel() );
 
             // mark the event log
             {
@@ -328,7 +328,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         }
 
         final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmApplication );
-        LOGGER.info( pwmSession, () -> "received deleteUser request by " + pwmSession.getUserInfo().getUserIdentity().toString() + " for user " + userIdentity.toString() );
+        LOGGER.info( pwmRequest, () -> "received deleteUser request by " + pwmSession.getUserInfo().getUserIdentity().toString() + " for user " + userIdentity.toString() );
 
         // check if user should be seen by actor
         HelpdeskServletUtil.checkIfUserIdentityViewable( pwmRequest, helpdeskProfile, userIdentity );
@@ -339,14 +339,14 @@ public class HelpdeskServlet extends ControlledPwmServlet
         {
             final UserInfo deletedUserInfo = UserInfoFactory.newUserInfoUsingProxy(
                     pwmApplication,
-                    pwmSession.getLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity,
                     pwmRequest.getLocale() );
             userID = deletedUserInfo.getUsername();
         }
         catch ( final PwmUnrecoverableException e )
         {
-            LOGGER.warn( pwmSession, "unable to read username of deleted user while creating audit record" );
+            LOGGER.warn( pwmRequest, "unable to read username of deleted user while creating audit record" );
         }
 
         // execute user delete operation
@@ -388,7 +388,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             pwmApplication.getAuditManager().submit( auditRecord );
         }
 
-        LOGGER.info( pwmSession, () -> "user " + userIdentity + " has been deleted" );
+        LOGGER.info( pwmRequest, () -> "user " + userIdentity + " has been deleted" );
 
         final RestResultBean restResultBean = RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown );
         pwmRequest.outputJsonResult( restResultBean );
@@ -555,7 +555,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final boolean sizeExceeded;
         {
             final Locale locale = pwmRequest.getLocale();
-            results = userSearchEngine.performMultiUserSearchFromForm( locale, searchConfiguration, maxResults, searchForm, pwmRequest.getSessionLabel() );
+            results = userSearchEngine.performMultiUserSearchFromForm( locale, searchConfiguration, maxResults, searchForm, pwmRequest.getLabel() );
             sizeExceeded = results.isSizeExceeded();
         }
 
@@ -611,8 +611,8 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                         null,
                         userIdentity,
-                        pwmRequest.getSessionLabel().getSrcAddress(),
-                        pwmRequest.getSessionLabel().getSrcHostname()
+                        pwmRequest.getLabel().getSourceAddress(),
+                        pwmRequest.getLabel().getSourceHostname()
                 );
                 pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
             }
@@ -669,11 +669,11 @@ public class HelpdeskServlet extends ControlledPwmServlet
         }
 
         final String code = helpdeskVerificationRequestBean.getCode();
-        final OTPUserRecord otpUserRecord = pwmRequest.getPwmApplication().getOtpService().readOTPUserConfiguration( pwmRequest.getSessionLabel(), userIdentity );
+        final OTPUserRecord otpUserRecord = pwmRequest.getPwmApplication().getOtpService().readOTPUserConfiguration( pwmRequest.getLabel(), userIdentity );
         try
         {
             final boolean passed = pwmRequest.getPwmApplication().getOtpService().validateToken(
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity,
                     otpUserRecord,
                     code,
@@ -739,7 +739,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final UserIdentity userIdentity = UserIdentity.fromKey( bodyParams.get( PwmConstants.PARAM_USERKEY ), pwmRequest.getPwmApplication() );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
                 getChaiUser( pwmRequest, helpdeskProfile, userIdentity ).getChaiProvider()
@@ -751,7 +751,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         {
             final List<TokenDestinationItem> items = TokenUtil.figureAvailableTokenDestinations(
                     pwmRequest.getPwmApplication(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     userInfo,
                     MessageSendMethod.CHOICE_SMS_EMAIL  );
@@ -776,7 +776,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             pwmRequest.outputJsonResult( RestResultBean.fromError( errorInformation, pwmRequest ) );
             return ProcessStatus.Halt;
         }
-        final MacroMachine macroMachine = MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null );
+        final MacroMachine macroMachine = MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userInfo, null );
         final String configuredTokenString = config.readAppProperty( AppProperty.HELPDESK_TOKEN_VALUE );
         final String tokenKey = macroMachine.expandMacros( configuredTokenString );
         final EmailItemBean emailItemBean = config.readSettingAsEmail( PwmSetting.EMAIL_HELPDESK_TOKEN, pwmRequest.getLocale() );
@@ -796,7 +796,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                             .tokenDestinationItem( tokenDestinationItem )
                             .smsMessage( smsMessage )
                             .tokenKey( tokenKey )
-                            .sessionLabel( pwmRequest.getSessionLabel() )
+                            .sessionLabel( pwmRequest.getLabel() )
                             .build()
             );
         }
@@ -934,7 +934,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
             final OtpService service = pwmRequest.getPwmApplication().getOtpService();
             final ChaiUser chaiUser = getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
-            service.clearOTPUserConfiguration( pwmRequest.getPwmSession(), userIdentity, chaiUser );
+            service.clearOTPUserConfiguration( pwmRequest, userIdentity, chaiUser );
             {
                 // mark the event log
                 final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createHelpdeskAuditRecord(
@@ -942,8 +942,8 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                         null,
                         userIdentity,
-                        pwmRequest.getSessionLabel().getSrcAddress(),
-                        pwmRequest.getSessionLabel().getSrcHostname()
+                        pwmRequest.getLabel().getSourceAddress(),
+                        pwmRequest.getLabel().getSourceHostname()
                 );
                 pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
             }
@@ -1163,13 +1163,13 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final ChaiUser chaiUser = getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
         final String userGUID = LdapOperationsHelper.readLdapGuidValue(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getPwmSession().getLabel(),
+                pwmRequest.getLabel(),
                 userIdentity,
                 true );
 
         final CrService crService = pwmRequest.getPwmApplication().getCrService();
         crService.clearResponses(
-                pwmRequest.getPwmSession().getLabel(),
+                pwmRequest.getLabel(),
                 userIdentity,
                 chaiUser,
                 userGUID
@@ -1177,7 +1177,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
         // mark the event log
         {
-            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmRequest.getPwmApplication(), pwmRequest.getPwmSession() ).createHelpdeskAuditRecord(
+            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmRequest.getPwmApplication(), pwmRequest ).createHelpdeskAuditRecord(
                     AuditEvent.HELPDESK_CLEAR_RESPONSES,
                     pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                     null,
@@ -1209,7 +1209,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final ChaiUser chaiUser = getChaiUser( pwmRequest, getHelpdeskProfile( pwmRequest ), userIdentity );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
                 chaiUser.getChaiProvider()
@@ -1257,7 +1257,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final ChaiUser chaiUser = getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
                 chaiUser.getChaiProvider()
@@ -1285,13 +1285,13 @@ public class HelpdeskServlet extends ControlledPwmServlet
             }
             final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(
                     pwmRequest.getPwmApplication(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     userIdentity,
                     chaiUser,
                     pwmRequest.getLocale()
             );
             newPassword = RandomPasswordGenerator.createRandomPassword(
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     passwordPolicy,
                     pwmRequest.getPwmApplication()
             );
@@ -1312,7 +1312,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         try
         {
             PasswordUtility.helpdeskSetUserPassword(
-                    pwmRequest.getPwmSession(),
+                    pwmRequest,
                     chaiUser,
                     userInfo,
                     pwmRequest.getPwmApplication(),
@@ -1343,7 +1343,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final ChaiUser chaiUser = getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
                 chaiUser.getChaiProvider()
@@ -1355,7 +1355,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         randomConfigBuilder.passwordPolicy( userInfo.getPasswordPolicy() );
 
         final RandomPasswordGenerator.RandomGeneratorConfig randomConfig = randomConfigBuilder.build();
-        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getPwmSession().getLabel(), randomConfig, pwmRequest.getPwmApplication() );
+        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomConfig, pwmRequest.getPwmApplication() );
         final RestRandomPasswordServer.JsonOutput jsonOutput = new RestRandomPasswordServer.JsonOutput();
         jsonOutput.setPassword( randomPassword.getStringValue() );
 

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServletUtil.java

@@ -181,7 +181,7 @@ public class HelpdeskServletUtil
 
         final boolean match = LdapPermissionTester.testQueryMatch(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 userIdentity,
                 filterString
         );
@@ -230,8 +230,8 @@ public class HelpdeskServletUtil
                 pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                 null,
                 userIdentity,
-                pwmRequest.getSessionLabel().getSrcAddress(),
-                pwmRequest.getSessionLabel().getSrcHostname()
+                pwmRequest.getLabel().getSourceAddress(),
+                pwmRequest.getLabel().getSourceHostname()
         );
         pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
 
@@ -295,7 +295,7 @@ public class HelpdeskServletUtil
 
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
                 chaiUser.getChaiProvider()
@@ -303,7 +303,7 @@ public class HelpdeskServletUtil
 
         final MacroMachine macroMachine = MacroMachine.forUser(
                 pwmApplication,
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 userInfo,
                 null
         );

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskVerificationOptionsBean.java

@@ -74,7 +74,7 @@ public class HelpdeskVerificationOptionsBean implements Serializable
         final ChaiUser theUser = HelpdeskServlet.getChaiUser( pwmRequest, helpdeskProfile, targetUser );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 targetUser,
                 theUser.getChaiProvider() );
@@ -110,7 +110,7 @@ public class HelpdeskVerificationOptionsBean implements Serializable
                 {
                     returnList.addAll( TokenUtil.figureAvailableTokenDestinations(
                             pwmRequest.getPwmApplication(),
-                            pwmRequest.getSessionLabel(),
+                            pwmRequest.getLabel(),
                             pwmRequest.getLocale(),
                             userInfo,
                             testSetting

server/src/main/java/password/pwm/http/servlet/newuser/NewUserServlet.java

@@ -273,7 +273,7 @@ public class NewUserServlet extends ControlledPwmServlet
             {
                 final MacroMachine macroMachine = NewUserUtils.createMacroMachineForNewUser(
                         pwmApplication,
-                        pwmRequest.getSessionLabel(),
+                        pwmRequest.getLabel(),
                         newUserBean.getNewUserForm(),
                         null
                 );
@@ -300,7 +300,7 @@ public class NewUserServlet extends ControlledPwmServlet
             {
                 NewUserUtils.deleteUserAccount( newUserDN, pwmRequest );
             }
-            LOGGER.error( pwmSession, e.getErrorInformation().toDebugStr() );
+            LOGGER.error( pwmRequest, e.getErrorInformation().toDebugStr() );
             pwmRequest.respondWithError( e.getErrorInformation() );
         }
     }
@@ -450,7 +450,6 @@ public class NewUserServlet extends ControlledPwmServlet
     private ProcessStatus handleEnterCodeRequest( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException
     {
-        final PwmSession pwmSession = pwmRequest.getPwmSession();
         final NewUserBean newUserBean = getNewUserBean( pwmRequest );
         final NewUserProfile newUserProfile = getNewUserProfile( pwmRequest );
         final String userEnteredCode = pwmRequest.readParameterAsString( PwmConstants.PARAM_TOKEN );
@@ -527,7 +526,7 @@ public class NewUserServlet extends ControlledPwmServlet
 
         if ( errorInformation != null )
         {
-            LOGGER.debug( pwmSession, errorInformation );
+            LOGGER.debug( pwmRequest, errorInformation );
             setLastError( pwmRequest, errorInformation );
             return ProcessStatus.Continue;
         }
@@ -719,7 +718,7 @@ public class NewUserServlet extends ControlledPwmServlet
             final boolean forceLogoutOnChange = newUserProfile.readSettingAsBoolean( PwmSetting.NEWUSER_LOGOUT_AFTER_CREATION );
             if ( forceLogoutOnChange )
             {
-                LOGGER.trace( pwmSession, () -> "logging out user; account created" );
+                LOGGER.trace( pwmRequest, () -> "logging out user; account created" );
                 pwmRequest.sendRedirect( PwmServletDefinition.Logout );
                 return ProcessStatus.Halt;
             }

server/src/main/java/password/pwm/http/servlet/newuser/NewUserUtils.java

@@ -137,7 +137,7 @@ class NewUserUtils
             passwordCheckInfoToException( passwordCheckInfo );
         }
 
-        NewUserUtils.LOGGER.debug( pwmSession, () -> "beginning createUser process for " + newUserDN );
+        NewUserUtils.LOGGER.debug( pwmRequest, () -> "beginning createUser process for " + newUserDN );
 
         final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile( pwmRequest );
         final boolean promptForPassword = newUserProfile.readSettingAsBoolean( PwmSetting.NEWUSER_PROMPT_FOR_PASSWORD );
@@ -150,7 +150,7 @@ class NewUserUtils
         else
         {
             final PwmPasswordPolicy pwmPasswordPolicy = newUserProfile.getNewUserPasswordPolicy( pwmRequest.getPwmApplication(), pwmRequest.getLocale() );
-            userPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getSessionLabel(), pwmPasswordPolicy, pwmRequest.getPwmApplication() );
+            userPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), pwmPasswordPolicy, pwmRequest.getPwmApplication() );
         }
 
         // set up the user creation attributes
@@ -172,7 +172,7 @@ class NewUserUtils
             // create the ldap entry
             chaiProvider.createEntry( newUserDN, createObjectClasses, createAttributes );
 
-            NewUserUtils.LOGGER.info( pwmSession, () -> "created user entry: " + newUserDN );
+            NewUserUtils.LOGGER.info( pwmRequest, () -> "created user entry: " + newUserDN );
         }
         catch ( final ChaiOperationException e )
         {
@@ -199,20 +199,20 @@ class NewUserUtils
 
         if ( useTempPw )
         {
-            NewUserUtils.LOGGER.trace( pwmSession, () -> "will use temporary password process for new user entry: " + newUserDN );
+            NewUserUtils.LOGGER.trace( pwmRequest, () -> "will use temporary password process for new user entry: " + newUserDN );
             final PasswordData temporaryPassword;
             {
                 final RandomPasswordGenerator.RandomGeneratorConfig randomGeneratorConfig = RandomPasswordGenerator.RandomGeneratorConfig.builder()
                         .passwordPolicy( newUserProfile.getNewUserPasswordPolicy( pwmApplication, pwmRequest.getLocale() ) )
                         .build();
-                temporaryPassword = RandomPasswordGenerator.createRandomPassword( pwmSession.getLabel(), randomGeneratorConfig, pwmApplication );
+                temporaryPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomGeneratorConfig, pwmApplication );
             }
             final ChaiUser proxiedUser = chaiProvider.getEntryFactory().newChaiUser( newUserDN );
             try
             {
                 //set password as admin
                 proxiedUser.setPassword( temporaryPassword.getStringValue() );
-                NewUserUtils.LOGGER.debug( pwmSession, () -> "set temporary password for new user entry: " + newUserDN );
+                NewUserUtils.LOGGER.debug( pwmRequest, () -> "set temporary password for new user entry: " + newUserDN );
             }
             catch ( final ChaiOperationException e )
             {
@@ -227,7 +227,7 @@ class NewUserUtils
             {
                 try
                 {
-                    NewUserUtils.LOGGER.debug( pwmSession, () ->
+                    NewUserUtils.LOGGER.debug( pwmRequest, () ->
                             "setting userAccountControl attribute to enable account " + theUser.getEntryDN() );
                     theUser.writeStringAttribute( "userAccountControl", "512" );
                 }
@@ -243,7 +243,7 @@ class NewUserUtils
             try
             {
                 // bind as user
-                NewUserUtils.LOGGER.debug( pwmSession, () ->
+                NewUserUtils.LOGGER.debug( pwmRequest, () ->
                         "attempting bind as user to then allow changing to requested password for new user entry: " + newUserDN );
                 final ChaiConfiguration chaiConfiguration = ChaiConfiguration.builder( chaiProvider.getChaiConfiguration() )
                         .setSetting( ChaiSetting.BIND_DN, newUserDN )
@@ -252,7 +252,7 @@ class NewUserUtils
                 final ChaiProvider bindAsProvider = pwmApplication.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
                 final ChaiUser bindAsUser = bindAsProvider.getEntryFactory().newChaiUser( newUserDN );
                 bindAsUser.changePassword( temporaryPassword.getStringValue(), userPassword.getStringValue() );
-                NewUserUtils.LOGGER.debug( pwmSession, () -> "changed to user requested password for new user entry: " + newUserDN );
+                NewUserUtils.LOGGER.debug( pwmRequest, () -> "changed to user requested password for new user entry: " + newUserDN );
                 bindAsProvider.close();
             }
             catch ( final ChaiOperationException e )
@@ -269,7 +269,7 @@ class NewUserUtils
             {
                 //set password
                 theUser.setPassword( userPassword.getStringValue() );
-                NewUserUtils.LOGGER.debug( pwmSession, () -> "set user requested password for new user entry: " + newUserDN );
+                NewUserUtils.LOGGER.debug( pwmRequest, () -> "set user requested password for new user entry: " + newUserDN );
             }
             catch ( final ChaiOperationException e )
             {
@@ -296,14 +296,14 @@ class NewUserUtils
             }
         }
 
-        NewUserUtils.LOGGER.trace( pwmSession, () -> "new user ldap creation process complete, now authenticating user" );
+        NewUserUtils.LOGGER.trace( pwmRequest, () -> "new user ldap creation process complete, now authenticating user" );
 
         // write data to remote web service
         remoteWriteFormData( pwmRequest, newUserForm );
 
         // authenticate the user to pwm
         final UserIdentity userIdentity = new UserIdentity( newUserDN, pwmApplication.getConfig().getDefaultLdapProfile().getIdentifier() );
-        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmSession, PwmAuthenticationSource.NEW_USER_REGISTRATION );
+        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmRequest, PwmAuthenticationSource.NEW_USER_REGISTRATION );
         sessionAuthenticator.authenticateUser( userIdentity, userPassword );
 
         {
@@ -312,14 +312,14 @@ class NewUserUtils
                     PwmSetting.NEWUSER_WRITE_ATTRIBUTES );
             if ( actions != null && !actions.isEmpty() )
             {
-                NewUserUtils.LOGGER.debug( pwmSession, () -> "executing configured actions to user " + theUser.getEntryDN() );
+                NewUserUtils.LOGGER.debug( pwmRequest, () -> "executing configured actions to user " + theUser.getEntryDN() );
 
                 final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmApplication, userIdentity )
                         .setExpandPwmMacros( true )
                         .setMacroMachine( pwmSession.getSessionManager().getMacroMachine( pwmApplication ) )
                         .createActionExecutor();
 
-                actionExecutor.executeActions( actions, pwmSession.getLabel() );
+                actionExecutor.executeActions( actions, pwmRequest.getLabel() );
             }
         }
 
@@ -333,7 +333,7 @@ class NewUserUtils
         // increment the new user creation statistics
         pwmApplication.getStatisticsManager().incrementValue( Statistic.NEW_USERS );
 
-        NewUserUtils.LOGGER.debug( pwmSession, () -> "completed createUser process for " + newUserDN + " (" + TimeDuration.fromCurrent(
+        NewUserUtils.LOGGER.debug( pwmRequest, () -> "completed createUser process for " + newUserDN + " (" + TimeDuration.fromCurrent(
                 startTime ).asCompactString() + ")" );
     }
 
@@ -363,7 +363,7 @@ class NewUserUtils
     )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final MacroMachine macroMachine = createMacroMachineForNewUser( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), formValues, null );
+        final MacroMachine macroMachine = createMacroMachineForNewUser( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), formValues, null );
         final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile( pwmRequest );
         final List<String> configuredNames = newUserProfile.readSettingAsStringArray( PwmSetting.NEWUSER_USERNAME_DEFINITION );
         final List<String> failedValues = new ArrayList<>();
@@ -444,7 +444,7 @@ class NewUserUtils
         try
         {
             final Map<UserIdentity, Map<String, String>> results = userSearchEngine.performMultiUserSearch(
-                    searchConfiguration, 2, Collections.emptyList(), pwmRequest.getSessionLabel() );
+                    searchConfiguration, 2, Collections.emptyList(), pwmRequest.getLabel() );
             return results != null && !results.isEmpty();
         }
         catch ( final PwmOperationalException e )
@@ -468,7 +468,7 @@ class NewUserUtils
 
         if ( configuredEmailSetting == null )
         {
-            NewUserUtils.LOGGER.debug( pwmSession, () ->
+            NewUserUtils.LOGGER.debug( pwmRequest, () ->
                     "skipping send of new user email for '" + userInfo.getUserIdentity().getUserDN() + "' no email configured" );
             return;
         }
@@ -561,7 +561,7 @@ class NewUserUtils
     )
             throws PwmUnrecoverableException, PwmDataValidationException
     {
-        final RestFormDataClient restFormDataClient = new RestFormDataClient( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel() );
+        final RestFormDataClient restFormDataClient = new RestFormDataClient( pwmRequest.getPwmApplication(), pwmRequest.getLabel() );
         if ( !restFormDataClient.isEnabled() )
         {
             return;
@@ -687,7 +687,7 @@ class NewUserUtils
                     final Map<String, String> tokenPayloadMap = NewUserFormUtils.toTokenPayload( pwmRequest, newUserBean );
                     final MacroMachine macroMachine = createMacroMachineForNewUser(
                             pwmRequest.getPwmApplication(),
-                            pwmRequest.getSessionLabel(),
+                            pwmRequest.getLabel(),
                             newUserBean.getNewUserForm(),
                             tokenDestinationItem );
 

server/src/main/java/password/pwm/http/servlet/oauth/OAuthConsumerServlet.java

@@ -100,14 +100,14 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
                 if ( oAuthRequestState.isPresent() )
                 {
                     final String nextUrl = oAuthRequestState.get().getOAuthState().getNextUrl();
-                    LOGGER.debug( pwmSession, () -> "received unrecognized oauth response, ignoring authcode and redirecting to embedded next url: " + nextUrl );
+                    LOGGER.debug( pwmRequest, () -> "received unrecognized oauth response, ignoring authcode and redirecting to embedded next url: " + nextUrl );
                     pwmRequest.sendRedirect( nextUrl );
                     return;
                 }
                 final String errorMsg = "oauth consumer reached, but oauth authentication has not yet been initiated.";
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, errorMsg );
                 pwmRequest.respondWithError( errorInformation );
-                LOGGER.error( pwmSession, errorMsg );
+                LOGGER.error( pwmRequest, errorMsg );
                 return;
             }
         }
@@ -119,7 +119,7 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
             {
                 final String errorMsg = "incoming request from remote oauth server is indicating an error: " + oauthRequestError;
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, errorMsg, "Remote Error: " + oauthRequestError, null );
-                LOGGER.error( pwmSession, errorMsg );
+                LOGGER.error( pwmRequest, errorMsg );
                 pwmRequest.respondWithError( errorInformation );
                 return;
             }
@@ -131,14 +131,14 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
             switch ( oAuthUseCaseCase )
             {
                 case Authentication:
-                    LOGGER.debug( pwmSession, () -> "oauth consumer reached, but user is already authenticated; will proceed and verify authcode matches current user identity." );
+                    LOGGER.debug( pwmRequest, () -> "oauth consumer reached, but user is already authenticated; will proceed and verify authcode matches current user identity." );
                     break;
 
                 case ForgottenPassword:
                     final String errorMsg = "oauth consumer reached via " + OAuthUseCase.ForgottenPassword + ", but user is already authenticated";
                     final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, errorMsg );
                     pwmRequest.respondWithError( errorInformation );
-                    LOGGER.error( pwmSession, errorMsg );
+                    LOGGER.error( pwmRequest, errorMsg );
                     return;
 
                 default:
@@ -154,14 +154,14 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
         {
             final String errorMsg = "state parameter is missing from oauth request";
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, errorMsg );
-            LOGGER.error( pwmSession, errorMsg );
+            LOGGER.error( pwmRequest, errorMsg );
             pwmRequest.respondWithError( errorInformation );
             return;
         }
 
         final OAuthState oauthState = oAuthRequestState.get().getOAuthState();
         final OAuthSettings oAuthSettings = makeOAuthSettings( pwmRequest, oauthState );
-        final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getSessionLabel(), oAuthSettings );
+        final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getLabel(), oAuthSettings );
 
         // make sure request was initiated in users current session
         if ( !oAuthRequestState.get().isSessionMatch() )
@@ -171,14 +171,14 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
                 switch ( oAuthUseCaseCase )
                 {
                     case Authentication:
-                        LOGGER.debug( pwmSession, () -> "oauth consumer reached but response is not for a request issued during the current session,"
+                        LOGGER.debug( pwmRequest, () -> "oauth consumer reached but response is not for a request issued during the current session,"
                                 + " will redirect back to oauth server for verification update" );
                         final String nextURL = oauthState.getNextUrl();
                         oAuthMachine.redirectUserToOAuthServer( pwmRequest, nextURL, null, null );
                         return;
 
                     case ForgottenPassword:
-                        LOGGER.debug( pwmSession, () -> "oauth consumer reached but response is not for a request issued during the current session,"
+                        LOGGER.debug( pwmRequest, () -> "oauth consumer reached but response is not for a request issued during the current session,"
                                 + " will redirect back to forgotten password servlet" );
                         pwmRequest.sendRedirect( PwmServletDefinition.ForgottenPassword );
                         return;
@@ -197,7 +197,7 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
         }
 
         final String requestCodeStr = pwmRequest.readParameterAsString( config.readAppProperty( AppProperty.HTTP_PARAM_OAUTH_CODE ) );
-        LOGGER.trace( pwmSession, () -> "received code from oauth server: " + requestCodeStr );
+        LOGGER.trace( pwmRequest, () -> "received code from oauth server: " + requestCodeStr );
 
         final OAuthResolveResults resolveResults;
         try
@@ -253,17 +253,17 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
                         oauthSuppliedUsername,
                         null,
                         null,
-                        pwmSession.getLabel()
+                        pwmRequest.getLabel()
                 );
                 if ( resolvedIdentity != null && resolvedIdentity.canonicalEquals( pwmSession.getUserInfo().getUserIdentity(), pwmApplication ) )
                 {
-                    LOGGER.debug( pwmSession, () -> "verified incoming oauth code for already authenticated session does resolve to same as logged in user" );
+                    LOGGER.debug( pwmRequest, () -> "verified incoming oauth code for already authenticated session does resolve to same as logged in user" );
                 }
                 else
                 {
                     final String errorMsg = "incoming oauth code for already authenticated session does not resolve to same as logged in user ";
                     final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, errorMsg );
-                    LOGGER.error( pwmSession, errorMsg );
+                    LOGGER.error( pwmRequest, errorMsg );
                     pwmRequest.respondWithError( errorInformation );
                     pwmSession.unauthenticateUser( pwmRequest );
                     return;
@@ -273,7 +273,7 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
             {
                 final String errorMsg = "error while examining incoming oauth code for already authenticated session: " + e.getMessage();
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, errorMsg );
-                LOGGER.error( pwmSession, errorMsg );
+                LOGGER.error( pwmRequest, errorMsg );
                 pwmRequest.respondWithError( errorInformation );
                 return;
             }
@@ -283,7 +283,7 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
         {
             if ( !userIsAuthenticated )
             {
-                final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmSession, PwmAuthenticationSource.OAUTH );
+                final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmRequest, PwmAuthenticationSource.OAUTH );
                 sessionAuthenticator.authUserWithUnknownPassword( oauthSuppliedUsername, AuthenticationType.AUTH_WITHOUT_PASSWORD );
             }
 
@@ -292,18 +292,18 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
 
             // forward to nextUrl
             final String nextUrl = oauthState.getNextUrl();
-            LOGGER.debug( pwmSession, () -> "oauth authentication completed, redirecting to originally requested URL: " + nextUrl );
+            LOGGER.debug( pwmRequest, () -> "oauth authentication completed, redirecting to originally requested URL: " + nextUrl );
             pwmRequest.sendRedirect( nextUrl );
         }
         catch ( final PwmException e )
         {
-            LOGGER.error( pwmSession, "error during OAuth authentication attempt: " + e.getMessage() );
+            LOGGER.error( pwmRequest, "error during OAuth authentication attempt: " + e.getMessage() );
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_OAUTH_ERROR, e.getMessage() );
             pwmRequest.respondWithError( errorInformation );
             return;
         }
 
-        LOGGER.trace( pwmSession, () -> "OAuth login sequence successfully completed" );
+        LOGGER.trace( pwmRequest, () -> "OAuth login sequence successfully completed" );
     }
 
     private static OAuthSettings makeOAuthSettings( final PwmRequest pwmRequest, final OAuthState oAuthState ) throws IOException, ServletException, PwmUnrecoverableException

server/src/main/java/password/pwm/http/servlet/oauth/OAuthMachine.java

@@ -300,7 +300,7 @@ public class OAuthMachine
                     .maskBodyDebugOutput( true )
                     .build();
             final PwmHttpClient pwmHttpClient = pwmRequest.getPwmApplication().getHttpClientService().getPwmHttpClient( config );
-            pwmHttpClientResponse = pwmHttpClient.makeRequest( pwmHttpClientRequest, pwmRequest.getSessionLabel() );
+            pwmHttpClientResponse = pwmHttpClient.makeRequest( pwmHttpClientRequest, pwmRequest.getLabel() );
         }
         catch ( final PwmException e )
         {

server/src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchDataReader.java

@@ -571,7 +571,7 @@ class PeopleSearchDataReader
                         }
                         else
                         {
-                            bean.setValues( Collections.<String>emptyList() );
+                            bean.setValues( Collections.emptyList() );
                         }
                     }
                 }
@@ -592,12 +592,12 @@ class PeopleSearchDataReader
         final ChaiProvider chaiProvider = pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity ).getChaiProvider();
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
                 pwmRequest.getPwmApplication(),
-                pwmRequest.getSessionLabel(),
+                pwmRequest.getLabel(),
                 locale,
                 userIdentity,
                 chaiProvider
         );
-        return MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null );
+        return MacroMachine.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userInfo, null );
     }
 
     void checkIfUserIdentityViewable(
@@ -615,7 +615,7 @@ class PeopleSearchDataReader
                 filterString = filterString.replace( "**", "*" );
             }
 
-            return LdapPermissionTester.testQueryMatch( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userIdentity, filterString );
+            return LdapPermissionTester.testQueryMatch( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userIdentity, filterString );
         };
 
         final boolean result = storeDataInCache( CacheIdentifier.checkIfViewable, userIdentity.toDelimitedKey(), Boolean.class, cacheLoader );
@@ -817,13 +817,13 @@ class PeopleSearchDataReader
             final List<FormConfiguration> searchForm = peopleSearchConfiguration.getResultForm();
             final int maxResults = peopleSearchConfiguration.getResultLimit();
             final Locale locale = pwmRequest.getLocale();
-            results = userSearchEngine.performMultiUserSearchFromForm( locale, searchConfiguration, maxResults, searchForm, pwmRequest.getSessionLabel() );
+            results = userSearchEngine.performMultiUserSearchFromForm( locale, searchConfiguration, maxResults, searchForm, pwmRequest.getLabel() );
             sizeExceeded = results.isSizeExceeded();
         }
         catch ( final PwmOperationalException e )
         {
             final ErrorInformation errorInformation = e.getErrorInformation();
-            LOGGER.error( pwmRequest.getSessionLabel(), errorInformation.toDebugStr() );
+            LOGGER.error( pwmRequest.getLabel(), errorInformation.toDebugStr() );
             throw new PwmUnrecoverableException( errorInformation );
         }
 

server/src/main/java/password/pwm/http/servlet/peoplesearch/PhotoDataReader.java

@@ -123,7 +123,7 @@ public class PhotoDataReader
             return true;
         }
 
-        final boolean hasPermission = LdapPermissionTester.testUserPermissions( pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userIdentity, permissions );
+        final boolean hasPermission = LdapPermissionTester.testUserPermissions( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userIdentity, permissions );
         if ( !hasPermission )
         {
             LOGGER.debug( pwmRequest, () -> "user " + userIdentity + " failed photo query filter, denying photo view ("
@@ -240,7 +240,7 @@ public class PhotoDataReader
                     .method( HttpMethod.GET )
                     .url( overrideURL.get() )
                     .build();
-            final PwmHttpClientResponse response = pwmHttpClient.makeRequest( clientRequest, pwmRequest.getSessionLabel() );
+            final PwmHttpClientResponse response = pwmHttpClient.makeRequest( clientRequest, pwmRequest.getLabel() );
             if ( response != null )
             {
                 final ImmutableByteArray bodyContents = response.getBinaryBody();

server/src/main/java/password/pwm/http/servlet/updateprofile/UpdateProfileServlet.java

@@ -286,7 +286,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
             final AuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createUserAuditRecord(
                     AuditEvent.AGREEMENT_PASSED,
                     pwmRequest.getUserInfoIfLoggedIn(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     "UpdateProfile"
             );
             pwmRequest.getPwmApplication().getAuditManager().submit( auditRecord );
@@ -383,7 +383,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
         }
         catch ( final PwmException e )
         {
-            LOGGER.error( pwmSession, e.getMessage() );
+            LOGGER.error( pwmRequest, e.getMessage() );
             setLastError( pwmRequest, e.getErrorInformation() );
             UpdateProfileUtil.forwardToForm( pwmRequest, updateProfileProfile, updateProfileBean );
             return;
@@ -409,7 +409,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
             final ChaiUser theUser = pwmSession.getSessionManager().getActor( pwmApplication );
             UpdateProfileUtil.doProfileUpdate(
                     pwmRequest.getPwmApplication(),
-                    pwmRequest.getSessionLabel(),
+                    pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     pwmSession.getUserInfo(),
                     pwmSession.getSessionManager().getMacroMachine( pwmApplication ),
@@ -419,10 +419,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
             );
 
             // re-populate the uiBean because we have changed some values.
-            pwmSession.reloadUserInfoBean( pwmApplication );
-
-            // clear cached read attributes.
-            pwmRequest.getPwmSession().reloadUserInfoBean( pwmApplication );
+            pwmSession.reloadUserInfoBean( pwmRequest );
 
             // mark the event log
             pwmApplication.getAuditManager().submit( AuditEvent.UPDATE_PROFILE, pwmSession.getUserInfo(), pwmSession );
@@ -435,13 +432,13 @@ public class UpdateProfileServlet extends ControlledPwmServlet
         }
         catch ( final PwmException e )
         {
-            LOGGER.error( pwmSession, e.getMessage() );
+            LOGGER.error( pwmRequest, e.getMessage() );
             setLastError( pwmRequest, e.getErrorInformation() );
         }
         catch ( final ChaiException e )
         {
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UPDATE_ATTRS_FAILURE, e.toString() );
-            LOGGER.error( pwmSession, errorInformation.toDebugStr() );
+            LOGGER.error( pwmRequest, errorInformation.toDebugStr() );
             setLastError( pwmRequest, errorInformation );
         }
 

server/src/main/java/password/pwm/http/servlet/updateprofile/UpdateProfileUtil.java

@@ -228,7 +228,7 @@ public class UpdateProfileUtil
         final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
         final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm( PwmSetting.UPDATE_PROFILE_FORM );
         final Map<FormConfiguration, String> formMap = new LinkedHashMap<>();
-        FormUtility.populateFormMapFromLdap( formFields, pwmRequest.getSessionLabel(), formMap, userInfo );
+        FormUtility.populateFormMapFromLdap( formFields, pwmRequest.getLabel(), formMap, userInfo );
         return FormUtility.asStringMap( formMap );
     }
 

server/src/main/java/password/pwm/http/state/CryptoCookieLoginImpl.java

@@ -179,7 +179,7 @@ class CryptoCookieLoginImpl implements SessionLoginProvider
                 LOGGER.debug( pwmRequest, () -> "triggering authentication because request contains an authenticated session but local session is unauthenticated" );
                 final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
                         pwmRequest.getPwmApplication(),
-                        pwmRequest.getPwmSession(),
+                        pwmRequest,
                         remoteLoginCookie.getAuthSource()
                 );
                 try

server/src/main/java/password/pwm/http/tag/conditional/PwmIfTag.java

@@ -27,7 +27,6 @@ import password.pwm.config.PwmSetting;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmRequestFlag;
-import password.pwm.http.PwmSession;
 import password.pwm.util.logging.PwmLogger;
 
 import javax.servlet.http.HttpServletRequest;
@@ -85,7 +84,6 @@ public class PwmIfTag extends BodyTagSupport
 
                     final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(),
                             ( HttpServletResponse ) pageContext.getResponse() );
-                    final PwmSession pwmSession = pwmRequest.getPwmSession();
 
                     final PwmIfTest testEnum = test;
                     if ( testEnum != null )
@@ -103,7 +101,7 @@ public class PwmIfTag extends BodyTagSupport
                     else
                     {
                         final String errorMsg = "unknown test name '" + test + "' in pwm:If jsp tag!";
-                        LOGGER.warn( pwmSession, errorMsg );
+                        LOGGER.warn( pwmRequest, errorMsg );
                     }
                 }
                 catch ( final PwmUnrecoverableException e )

server/src/main/java/password/pwm/ldap/LdapConnectionService.java

@@ -78,7 +78,7 @@ public class LdapConnectionService implements PwmService
 
         final int connectionsPerProfile = maxSlotsPerProfile( pwmApplication );
         LOGGER.trace( () -> "allocating " + connectionsPerProfile + " ldap proxy connections per profile" );
-        slotIncrementer = new AtomicLoopIntIncrementer( connectionsPerProfile );
+        slotIncrementer = AtomicLoopIntIncrementer.builder().ceiling( connectionsPerProfile ).build();
 
         for ( final LdapProfile ldapProfile : pwmApplication.getConfig().getLdapProfiles().values() )
         {

server/src/main/java/password/pwm/ldap/auth/LDAPAuthenticationRequest.java

@@ -211,7 +211,7 @@ class LDAPAuthenticationRequest implements AuthenticationRequest
 
         final IntruderManager intruderManager = pwmApplication.getIntruderManager();
         intruderManager.convenience().checkUserIdentity( userIdentity );
-        intruderManager.check( RecordType.ADDRESS, sessionLabel.getSrcAddress() );
+        intruderManager.check( RecordType.ADDRESS, sessionLabel.getSourceAddress() );
 
         // verify user is not account disabled
         AuthenticationUtility.checkIfUserEligibleToAuthentication( pwmApplication, userIdentity );
@@ -366,8 +366,8 @@ class LDAPAuthenticationRequest implements AuthenticationRequest
                 AuditEvent.AUTHENTICATE,
                 this.userIdentity,
                 makeAuditLogMessage( authenticationResult.getAuthenticationType() ),
-                sessionLabel.getSrcAddress(),
-                sessionLabel.getSrcHostname()
+                sessionLabel.getSourceAddress(),
+                sessionLabel.getSourceHostname()
         );
         pwmApplication.getAuditManager().submit( auditRecord );
         pwmApplication.getSessionTrackService().addRecentLogin( userIdentity );

server/src/main/java/password/pwm/ldap/auth/SessionAuthenticator.java

@@ -40,6 +40,7 @@ import password.pwm.error.PwmError;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.CommonValues;
+import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmSession;
 import password.pwm.ldap.LdapOperationsHelper;
 import password.pwm.ldap.UserInfo;
@@ -65,18 +66,18 @@ public class SessionAuthenticator
 
     private final PwmApplication pwmApplication;
     private final SessionLabel sessionLabel;
-    private final PwmSession pwmSession;
+    private final PwmRequest pwmRequest;
     private final PwmAuthenticationSource authenticationSource;
 
     public SessionAuthenticator(
             final PwmApplication pwmApplication,
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final PwmAuthenticationSource authenticationSource
     )
     {
         this.pwmApplication = pwmApplication;
-        this.pwmSession = pwmSession;
-        this.sessionLabel = pwmSession.getLabel();
+        this.pwmRequest = pwmRequest;
+        this.sessionLabel = pwmRequest.getLabel();
         this.authenticationSource = authenticationSource;
     }
 
@@ -113,13 +114,13 @@ public class SessionAuthenticator
             {
                 if ( pwmApplication.determineIfDetailErrorMsgShown() )
                 {
-                    LOGGER.debug( pwmSession, () -> "allowing error " + e.getError() + " to be returned though it is configured as a hidden type; "
+                    LOGGER.debug( pwmRequest, () -> "allowing error " + e.getError() + " to be returned though it is configured as a hidden type; "
                             + "app is currently permitting detailed error messages" );
                 }
                 else
                 {
                     final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_WRONGPASSWORD );
-                    LOGGER.debug( pwmSession, () -> "converting error from ldap " + e.getError() + " to " + PwmError.ERROR_WRONGPASSWORD
+                    LOGGER.debug( pwmRequest, () -> "converting error from ldap " + e.getError() + " to " + PwmError.ERROR_WRONGPASSWORD
                             + " due to app property " + AppProperty.SECURITY_LOGIN_HIDDEN_ERROR_TYPES.getKey() );
                     throw new PwmOperationalException( errorInformation );
                 }
@@ -148,7 +149,7 @@ public class SessionAuthenticator
             }
             catch ( final Exception e )
             {
-                LOGGER.error( pwmSession, "error parsing app property " + AppProperty.SECURITY_LOGIN_HIDDEN_ERROR_TYPES.getKey()
+                LOGGER.error( pwmRequest, "error parsing app property " + AppProperty.SECURITY_LOGIN_HIDDEN_ERROR_TYPES.getKey()
                         + ", error: " + e.getMessage() );
             }
         }
@@ -342,11 +343,11 @@ public class SessionAuthenticator
         final IntruderManager intruderManager = pwmApplication.getIntruderManager();
         if ( intruderManager != null )
         {
-            intruderManager.convenience().markAddressAndSession( pwmSession );
+            intruderManager.convenience().markAddressAndSession( pwmRequest );
 
             if ( username != null )
             {
-                intruderManager.mark( RecordType.USERNAME, username, pwmSession.getLabel() );
+                intruderManager.mark( RecordType.USERNAME, username, pwmRequest.getLabel() );
             }
 
             if ( userIdentity != null )
@@ -363,8 +364,9 @@ public class SessionAuthenticator
             throws PwmUnrecoverableException
     {
         final IntruderManager intruderManager = pwmApplication.getIntruderManager();
-        final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
-        final LoginInfoBean loginInfoBean = pwmSession.getLoginInfoBean();
+        final PwmSession pwmSession = pwmRequest.getPwmSession();
+        final LocalSessionStateBean ssBean = pwmRequest.getPwmSession().getSessionStateBean();
+        final LoginInfoBean loginInfoBean = pwmRequest.getPwmSession().getLoginInfoBean();
 
         // auth succeed
         loginInfoBean.setAuthenticated( true );
@@ -380,7 +382,7 @@ public class SessionAuthenticator
             {
                 userInfoBean = UserInfoFactory.newUserInfo(
                         pwmApplication,
-                        pwmSession.getLabel(),
+                        pwmRequest.getLabel(),
                         ssBean.getLocale(),
                         userIdentity,
                         pwmApplication.getProxyChaiProvider( userIdentity.getLdapProfileID() )
@@ -390,7 +392,7 @@ public class SessionAuthenticator
             {
                 userInfoBean = UserInfoFactory.newUserInfoUsingProxy(
                         pwmApplication,
-                        pwmSession.getLabel(),
+                        pwmRequest.getLabel(),
                         userIdentity,
                         ssBean.getLocale(),
                         authenticationResult.getUserPassword()
@@ -434,7 +436,7 @@ public class SessionAuthenticator
         }
 
         //clear permission cache - needs rechecking after login
-        LOGGER.debug( pwmSession, () -> "clearing permission cache" );
+        LOGGER.debug( pwmRequest, () -> "clearing permission cache" );
         pwmSession.getUserSessionDataCacheBean().clearPermissions();
 
         // update the users ldap attribute.

server/src/main/java/password/pwm/svc/email/EmailService.java

@@ -107,7 +107,7 @@ public class EmailService implements PwmService
             return;
         }
 
-        serverIncrementer = new AtomicLoopIntIncrementer( servers.size() - 1 );
+        serverIncrementer = AtomicLoopIntIncrementer.builder().ceiling( servers.size() - 1 ).build();
 
         if ( pwmApplication.getLocalDB() == null || pwmApplication.getLocalDB().status() != LocalDB.Status.OPEN )
         {

server/src/main/java/password/pwm/svc/event/AuditRecordFactory.java

@@ -57,10 +57,10 @@ public class AuditRecordFactory
         this.macroMachine = macroMachine;
     }
 
-    public AuditRecordFactory( final PwmApplication pwmApplication, final PwmSession pwmSession ) throws PwmUnrecoverableException
+    public AuditRecordFactory( final PwmApplication pwmApplication, final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
         this.pwmApplication = pwmApplication;
-        this.macroMachine = pwmSession.getSessionManager().getMacroMachine( pwmApplication );
+        this.macroMachine = pwmRequest.getPwmSession().getSessionManager().getMacroMachine( pwmApplication );
     }
 
     public AuditRecordFactory( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
@@ -177,8 +177,8 @@ public class AuditRecordFactory
                 eventCode,
                 perpetrator,
                 message,
-                sessionLabel != null ? sessionLabel.getSrcAddress() : null,
-                sessionLabel != null ? sessionLabel.getSrcHostname() : null
+                sessionLabel != null ? sessionLabel.getSourceAddress() : null,
+                sessionLabel != null ? sessionLabel.getSourceHostname() : null
         );
     }
 

server/src/main/java/password/pwm/svc/intruder/IntruderManager.java

@@ -547,14 +547,14 @@ public class IntruderManager implements PwmService
         {
         }
 
-        public void markAddressAndSession( final PwmSession pwmSession )
+        public void markAddressAndSession( final PwmRequest pwmRequest )
                 throws PwmUnrecoverableException
         {
-            if ( pwmSession != null )
+            if ( pwmRequest != null )
             {
-                final String subject = pwmSession.getSessionStateBean().getSrcAddress();
-                pwmSession.getSessionStateBean().incrementIntruderAttempts();
-                mark( RecordType.ADDRESS, subject, pwmSession.getLabel() );
+                final String subject = pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress();
+                pwmRequest.getPwmSession().getSessionStateBean().incrementIntruderAttempts();
+                mark( RecordType.ADDRESS, subject, pwmRequest.getLabel() );
             }
         }
 
@@ -595,13 +595,13 @@ public class IntruderManager implements PwmService
             }
         }
 
-        public void markUserIdentity( final UserIdentity userIdentity, final PwmSession pwmSession )
+        public void markUserIdentity( final UserIdentity userIdentity, final PwmRequest pwmRequest )
                 throws PwmUnrecoverableException
         {
             if ( userIdentity != null )
             {
                 final String subject = userIdentity.toDelimitedKey();
-                mark( RecordType.USER_ID, subject, pwmSession.getLabel() );
+                mark( RecordType.USER_ID, subject, pwmRequest.getLabel() );
             }
         }
 

server/src/main/java/password/pwm/svc/stats/StatisticsBundle.java

@@ -40,7 +40,7 @@ public class StatisticsBundle
     {
         for ( final Statistic statistic : Statistic.values() )
         {
-            incrementerMap.put( statistic, new AtomicLoopLongIncrementer( 0, Long.MAX_VALUE ) );
+            incrementerMap.put( statistic, new AtomicLoopLongIncrementer() );
         }
         for ( final AvgStatistic avgStatistic : AvgStatistic.values() )
         {
@@ -83,7 +83,7 @@ public class StatisticsBundle
             if ( !StringUtil.isEmpty( value ) )
             {
                 final long longValue = JavaHelper.silentParseLong( value, 0 );
-                final AtomicLoopLongIncrementer incrementer = new AtomicLoopLongIncrementer( longValue, Long.MAX_VALUE );
+                final AtomicLoopLongIncrementer incrementer = AtomicLoopLongIncrementer.builder().initial( longValue ).build();
                 bundle.incrementerMap.put( loopStat, incrementer );
             }
         }
@@ -103,7 +103,7 @@ public class StatisticsBundle
 
     void incrementValue( final Statistic statistic )
     {
-        incrementerMap.get( statistic ).incrementAndGet();
+        incrementerMap.get( statistic ).next();
     }
 
     void updateAverageValue( final AvgStatistic statistic, final long timeDuration )

server/src/main/java/password/pwm/svc/wordlist/AbstractWordlist.java

@@ -193,7 +193,7 @@ abstract class AbstractWordlist implements Wordlist, PwmService
     private boolean realBucketCheck( final String word, final WordType wordType )
             throws PwmUnrecoverableException
     {
-        getStatistics().getWordChecks().incrementAndGet();
+        getStatistics().getWordChecks().next();
 
         final Instant startTime = Instant.now();
         final boolean isContainsWord = wordlistBucket.containsWord( word );
@@ -208,11 +208,11 @@ abstract class AbstractWordlist implements Wordlist, PwmService
 
         if ( isContainsWord )
         {
-            getStatistics().getWordTypeHits().get( wordType ).incrementAndGet();
+            getStatistics().getWordTypeHits().get( wordType ).next();
         }
         else
         {
-            getStatistics().getMisses().incrementAndGet();
+            getStatistics().getMisses().next();
         }
 
         return isContainsWord;

server/src/main/java/password/pwm/svc/wordlist/AbstractWordlistBucket.java

@@ -64,7 +64,7 @@ public abstract class AbstractWordlistBucket implements WordlistBucket
                 {
                     if ( !StringUtil.isEmpty( word ) )
                     {
-                        final long nextLong = valueIncrementer.incrementAndGet();
+                        final long nextLong = valueIncrementer.next();
                         final String nextKey = seedlistLongToKey( nextLong );
                         returnSet.put( nextKey, word );
                     }
@@ -79,7 +79,7 @@ public abstract class AbstractWordlistBucket implements WordlistBucket
                 {
                     if ( !StringUtil.isEmpty( word ) )
                     {
-                        valueIncrementer.incrementAndGet();
+                        valueIncrementer.next();
                         returnSet.put( word, "" );
                     }
                 }
@@ -98,7 +98,7 @@ public abstract class AbstractWordlistBucket implements WordlistBucket
             throws PwmUnrecoverableException
     {
         final WordlistStatus initialStatus = abstractWordlist.readWordlistStatus();
-        final AtomicLoopLongIncrementer valueIncrementer = new AtomicLoopLongIncrementer( initialStatus.getValueCount(), Long.MAX_VALUE );
+        final AtomicLoopLongIncrementer valueIncrementer = AtomicLoopLongIncrementer.builder().initial( initialStatus.getValueCount() ).build();
         this.putValues( getWriteTxnForValue( words, valueIncrementer ) );
 
         if ( initialStatus.getValueCount() != valueIncrementer.get() )

server/src/main/java/password/pwm/svc/wordlist/WordlistStatistics.java

@@ -35,15 +35,15 @@ class WordlistStatistics
 {
     private MovingAverage wordCheckTimeMS = new MovingAverage( TimeDuration.of( 5, TimeDuration.Unit.MINUTES ) );
     private MovingAverage chunksPerWordCheck = new MovingAverage( TimeDuration.of( 1, TimeDuration.Unit.DAYS ) );
-    private AtomicLoopLongIncrementer wordChecks = new AtomicLoopLongIncrementer( 0, Long.MAX_VALUE );
+    private AtomicLoopLongIncrementer wordChecks = new AtomicLoopLongIncrementer();
     private Map<WordType, AtomicLoopLongIncrementer> wordTypeHits = new HashMap<>(  );
-    private AtomicLoopLongIncrementer misses = new AtomicLoopLongIncrementer( 0, Long.MAX_VALUE );
+    private AtomicLoopLongIncrementer misses = new AtomicLoopLongIncrementer();
 
     WordlistStatistics()
     {
         for ( final WordType wordType : WordType.values() )
         {
-            wordTypeHits.put( wordType, new AtomicLoopLongIncrementer( 0, Long.MAX_VALUE ) );
+            wordTypeHits.put( wordType, new AtomicLoopLongIncrementer() );
         }
     }
 

server/src/main/java/password/pwm/util/CaptchaUtility.java

@@ -119,7 +119,7 @@ public class CaptchaUtility
 
         final String bodyText = "secret=" + StringUtil.urlEncode( privateKey.getStringValue() )
                 + "&"
-                + "remoteip=" + StringUtil.urlEncode( pwmRequest.getSessionLabel().getSrcAddress() )
+                + "remoteip=" + StringUtil.urlEncode( pwmRequest.getLabel().getSourceAddress() )
                 + "&"
                 + "response=" + StringUtil.urlEncode( recaptchaResponse );
 
@@ -134,7 +134,7 @@ public class CaptchaUtility
 
             LOGGER.debug( pwmRequest, () -> "sending reCaptcha verification request" );
             final PwmHttpClient client = pwmRequest.getPwmApplication().getHttpClientService().getPwmHttpClient();
-            final PwmHttpClientResponse clientResponse = client.makeRequest( clientRequest, pwmRequest.getSessionLabel()  );
+            final PwmHttpClientResponse clientResponse = client.makeRequest( clientRequest, pwmRequest.getLabel()  );
 
             if ( clientResponse.getStatusCode() != HttpServletResponse.SC_OK )
             {

server/src/main/java/password/pwm/util/db/DatabaseService.java

@@ -141,7 +141,7 @@ public class DatabaseService implements PwmService
             }
 
             LOGGER.debug( () -> "opening connection to database " + this.dbConfiguration.getConnectionString() );
-            slotIncrementer = new AtomicLoopIntIncrementer( dbConfiguration.getMaxConnections() );
+            slotIncrementer = AtomicLoopIntIncrementer.builder().ceiling( dbConfiguration.getMaxConnections() ).build();
 
             {
                 // make initial connection and establish schema

server/src/main/java/password/pwm/util/java/AtomicLoopIntIncrementer.java

@@ -22,25 +22,33 @@ package password.pwm.util.java;
 
 import java.util.concurrent.atomic.AtomicInteger;
 
+
 /**
  * Thread safe rotating int incrementer with configurable floor and ceiling values.
  */
 public class AtomicLoopIntIncrementer
 {
-    private final AtomicInteger incrementer = new AtomicInteger( 0 );
+    private final AtomicInteger incrementer;
     private final int ceiling;
     private final int floor;
 
     public AtomicLoopIntIncrementer()
     {
-        this.ceiling = Integer.MAX_VALUE;
-        this.floor = 0;
+        this( 0, 0, Integer.MAX_VALUE );
     }
 
-    public AtomicLoopIntIncrementer( final int ceiling )
+    private AtomicLoopIntIncrementer( final int initial, final int floor, final int ceiling )
     {
+        if ( floor > ceiling )
+        {
+            throw new IllegalArgumentException( "floor must be less than ceiling" );
+        }
+
+        JavaHelper.rangeCheck( initial, ceiling, floor );
+
         this.ceiling = ceiling;
-        this.floor = 0;
+        this.floor = floor;
+        this.incrementer = new AtomicInteger( initial );
     }
 
     public int next( )
@@ -55,4 +63,34 @@ public class AtomicLoopIntIncrementer
             return operand;
         } );
     }
+
+
+    public static AtomicLoopIntIncrementerBuilder builder()
+    {
+        return new AtomicLoopIntIncrementerBuilder();
+    }
+
+    public static class AtomicLoopIntIncrementerBuilder
+    {
+        private int initial = 0;
+        private int floor = 0;
+        private int ceiling = Integer.MAX_VALUE;
+
+        public AtomicLoopIntIncrementerBuilder initial( final int initial )
+        {
+            this.initial = initial;
+            return this;
+        }
+
+        public AtomicLoopIntIncrementerBuilder ceiling( final int ceiling )
+        {
+            this.ceiling = ceiling;
+            return this;
+        }
+
+        public AtomicLoopIntIncrementer build()
+        {
+            return new AtomicLoopIntIncrementer( initial, floor, ceiling );
+        }
+    }
 }

server/src/main/java/password/pwm/util/java/AtomicLoopLongIncrementer.java

@@ -20,22 +20,37 @@
 
 package password.pwm.util.java;
 
+import lombok.Value;
+
 import java.util.concurrent.atomic.AtomicLong;
 
 /**
  * Thread safe rotating int incrementer with configurable floor and ceiling values.
  */
+@Value
 public class AtomicLoopLongIncrementer
 {
     private final AtomicLong incrementer;
     private final long ceiling;
     private final long floor;
 
-    public AtomicLoopLongIncrementer( final long initialValue, final long ceiling )
+    public AtomicLoopLongIncrementer()
     {
+        this( 0, 0, Long.MAX_VALUE );
+    }
+
+    private AtomicLoopLongIncrementer( final long initial, final long floor, final long ceiling )
+    {
+        if ( floor > ceiling )
+        {
+            throw new IllegalArgumentException( "floor must be less than ceiling" );
+        }
+
+        JavaHelper.rangeCheck( initial, ceiling, floor );
+
         this.ceiling = ceiling;
-        this.floor = 0;
-        incrementer = new AtomicLong( JavaHelper.rangeCheck( floor, ceiling, initialValue ) );
+        this.floor = floor;
+        this.incrementer = new AtomicLong( initial );
     }
 
     public long get()
@@ -43,7 +58,7 @@ public class AtomicLoopLongIncrementer
         return incrementer.get();
     }
 
-    public long incrementAndGet( )
+    public long next( )
     {
         return incrementer.getAndUpdate( operand ->
         {
@@ -55,4 +70,27 @@ public class AtomicLoopLongIncrementer
             return operand;
         } );
     }
+
+    public static AtomicLoopLongIncrementerBuilder builder()
+    {
+        return new AtomicLoopLongIncrementerBuilder();
+    }
+
+    public static class AtomicLoopLongIncrementerBuilder
+    {
+        private long initial = 0;
+        private long floor = 0;
+        private long ceiling = Long.MAX_VALUE;
+
+        public AtomicLoopLongIncrementerBuilder initial( final long initial )
+        {
+            this.initial = initial;
+            return this;
+        }
+
+        public AtomicLoopLongIncrementer build()
+        {
+            return new AtomicLoopLongIncrementer( initial, floor, ceiling );
+        }
+    }
 }

server/src/main/java/password/pwm/util/java/StringUtil.java

@@ -505,15 +505,23 @@ public abstract class StringUtil
     }
 
     public static String truncate( final String input, final int length )
+    {
+        return truncate( input, length, null );
+    }
+
+    public static String truncate( final String input, final int length, final String appendIfTruncated )
     {
         if ( input == null )
         {
             return "";
         }
 
-        return input.length() > length
-                ? input.substring( 0, length )
-                : input;
+        if ( input.length() > length )
+        {
+            return input.substring( 0, length ) + ( appendIfTruncated == null ? "" : appendIfTruncated );
+        }
+
+        return input;
     }
 
     public static int convertStrToInt( final String string, final int defaultValue )

server/src/main/java/password/pwm/util/logging/LocalDBLog4jAppender.java

@@ -53,8 +53,6 @@ public class LocalDBLog4jAppender extends AppenderSkeleton
                     sourceLogger,
                     message.toString(),
                     null,
-                    null,
-                    null,
                     throwableInformation == null ? null : throwableInformation.getThrowable(),
                     PwmLogLevel.fromLog4jLevel( level )
             );

server/src/main/java/password/pwm/util/logging/LocalDBLogger.java

@@ -73,7 +73,7 @@ public class LocalDBLogger implements PwmService
     private volatile STATUS status = STATUS.NEW;
     private boolean hasShownReadError = false;
 
-    private static final String STORAGE_FORMAT_VERSION = "3";
+    private static final String STORAGE_FORMAT_VERSION = "4";
 
     public LocalDBLogger(
             final PwmApplication pwmApplication,
@@ -156,7 +156,7 @@ public class LocalDBLogger implements PwmService
             loopEvent = readEvent( localDBListQueue.getLast() );
             if ( loopEvent != null )
             {
-                final Instant tailDate = loopEvent.getDate();
+                final Instant tailDate = loopEvent.getTimestamp();
                 if ( tailDate != null )
                 {
                     return tailDate;
@@ -312,7 +312,7 @@ public class LocalDBLogger implements PwmService
         }
         if ( pattern != null )
         {
-            final Matcher matcher = pattern.matcher( event.getActor() == null ? "" : event.getActor() );
+            final Matcher matcher = pattern.matcher( event.getUsername() == null ? "" : event.getUsername() );
             if ( !matcher.find() )
             {
                 eventMatchesParams = false;
@@ -320,7 +320,7 @@ public class LocalDBLogger implements PwmService
         }
         else if ( eventMatchesParams && ( searchParameters.getUsername() != null && searchParameters.getUsername().length() > 1 ) )
         {
-            final String eventUsername = event.getActor();
+            final String eventUsername = event.getUsername();
             if ( eventUsername == null || !eventUsername.equalsIgnoreCase( searchParameters.getUsername() ) )
             {
                 eventMatchesParams = false;
@@ -356,14 +356,14 @@ public class LocalDBLogger implements PwmService
         {
             if ( searchParameters.getEventType() == EventType.System )
             {
-                if ( event.getActor() != null && event.getActor().length() > 0 )
+                if ( event.getUsername() != null && event.getUsername().length() > 0 )
                 {
                     eventMatchesParams = false;
                 }
             }
             else if ( searchParameters.getEventType() == EventType.User )
             {
-                if ( event.getActor() == null || event.getActor().length() < 1 )
+                if ( event.getUsername() == null || event.getUsername().length() < 1 )
                 {
                     eventMatchesParams = false;
                 }

server/src/main/java/password/pwm/util/logging/PwmLogEvent.java

@@ -20,7 +20,6 @@
 
 package password.pwm.util.logging;
 
-import com.google.gson.annotations.SerializedName;
 import lombok.Value;
 import org.apache.commons.csv.CSVPrinter;
 import password.pwm.PwmConstants;
@@ -41,35 +40,18 @@ import java.util.List;
 @Value
 public class PwmLogEvent implements Serializable, Comparable
 {
-
     private static final int MAX_MESSAGE_LENGTH = 50_000;
 
-    @SerializedName( "l" )
+    private final Instant timestamp;
+    private final String sessionID;
+    private final String requestID;
     private final PwmLogLevel level;
-
-    @SerializedName( "t" )
     private final String topic;
-
-    @SerializedName( "m" )
     private final String message;
-
-    //aka network address/host
-    @SerializedName( "s" )
-    private final String source;
-
-    //aka principal
-    @SerializedName( "a" )
-    private final String actor;
-
-    //aka session id
-    @SerializedName( "b" )
-    private final String label;
-
-    @SerializedName( "e" )
     private final Throwable throwable;
+    private final String username;
+    private final String sourceAddress;
 
-    @SerializedName( "d" )
-    private final Instant date;
 
     public static PwmLogEvent fromEncodedString( final String encodedString )
             throws ClassNotFoundException, IOException
@@ -78,19 +60,16 @@ public class PwmLogEvent implements Serializable, Comparable
     }
 
 
-    @SuppressWarnings( "checkstyle:ParameterNumber" )
     private PwmLogEvent(
-            final Instant date,
+            final Instant timestamp,
             final String topic,
             final String message,
-            final String source,
-            final String actor,
-            final String label,
+            final SessionLabel sessionLabel,
             final Throwable throwable,
             final PwmLogLevel level
     )
     {
-        if ( date == null )
+        if ( timestamp == null )
         {
             throw new IllegalArgumentException( "date may not be null" );
         }
@@ -100,77 +79,19 @@ public class PwmLogEvent implements Serializable, Comparable
             throw new IllegalArgumentException( "level may not be null" );
         }
 
-        final String retainedMessage = message != null && message.length() > MAX_MESSAGE_LENGTH
-                ? message.substring( 0, MAX_MESSAGE_LENGTH ) + " [truncated message]"
-                : message;
+        // safety truncate
+        final int maxFieldLength = 256;
 
-        this.date = date;
-        this.topic = topic;
-        this.message = retainedMessage;
-        this.source = source;
-        this.actor = actor;
-        this.label = label;
+        this.timestamp = timestamp;
+        this.topic = StringUtil.truncate( topic, maxFieldLength );
+        this.message = StringUtil.truncate( message, MAX_MESSAGE_LENGTH, " [truncated message]" );
         this.throwable = throwable;
         this.level = level;
-    }
-
-    private static String makeSrcString( final SessionLabel sessionLabel )
-    {
-        try
-        {
-            final StringBuilder from = new StringBuilder();
-            {
-                final String srcAddress = sessionLabel.getSrcAddress();
-                final String srcHostname = sessionLabel.getSrcHostname();
-
-                if ( srcAddress != null )
-                {
-                    from.append( srcAddress );
-                    if ( !srcAddress.equals( srcHostname ) )
-                    {
-                        from.append( "/" );
-                        from.append( srcHostname );
-                    }
-                }
-            }
-            return from.toString();
-        }
-        catch ( final NullPointerException e )
-        {
-            return "";
-        }
-    }
 
-    private static String makeActorString( final SessionLabel sessionLabel )
-    {
-        final StringBuilder sb = new StringBuilder();
-        if ( sessionLabel != null )
-        {
-            if ( sessionLabel.getUsername() != null )
-            {
-                sb.append( sessionLabel.getUsername() );
-            }
-            else if ( sessionLabel.getUserIdentity() != null )
-            {
-                sb.append( sessionLabel.getUserIdentity().toDelimitedKey() );
-            }
-        }
-        return sb.toString();
-    }
-
-    @SuppressWarnings( "checkstyle:ParameterNumber" )
-    public static PwmLogEvent createPwmLogEvent(
-            final Instant date,
-            final String topic,
-            final String message,
-            final String source,
-            final String actor,
-            final String label,
-            final Throwable throwable,
-            final PwmLogLevel level
-    )
-    {
-        return new PwmLogEvent( date, topic, message, source, actor, label, throwable, level );
+        this.sessionID = sessionLabel == null ? "" : StringUtil.truncate( sessionLabel.getSessionID(), 256 );
+        this.requestID = sessionLabel == null ? "" : StringUtil.truncate( sessionLabel.getRequestID(), 256 );
+        this.username = sessionLabel == null ? "" : StringUtil.truncate( sessionLabel.getUsername(), 256 );
+        this.sourceAddress = sessionLabel == null ? "" : StringUtil.truncate( sessionLabel.getSourceAddress(), 256 );
     }
 
     public static PwmLogEvent createPwmLogEvent(
@@ -182,22 +103,7 @@ public class PwmLogEvent implements Serializable, Comparable
             final PwmLogLevel level
     )
     {
-        final String source = makeSrcString( sessionLabel );
-        final String actor = makeActorString( sessionLabel );
-        final String label = sessionLabel != null ? sessionLabel.getSessionID() : null;
-        return new PwmLogEvent( date, topic, message, source, actor, label, throwable, level );
-    }
-
-
-    public String getTopTopic( )
-    {
-        if ( topic == null )
-        {
-            return null;
-        }
-
-        final int lastDot = topic.lastIndexOf( "." );
-        return lastDot != -1 ? topic.substring( lastDot + 1, topic.length() ) : topic;
+        return new PwmLogEvent( date, topic, message, sessionLabel, throwable, level );
     }
 
     String getEnhancedMessage( )
@@ -206,8 +112,8 @@ public class PwmLogEvent implements Serializable, Comparable
         output.append( getDebugLabel() );
         output.append( message );
 
-        final String srcAddrString = this.getSource();
-        if ( srcAddrString != null && !srcAddrString.isEmpty() )
+        final String srcAddrString = getSourceAddress();
+        if ( !StringUtil.isEmpty( srcAddrString ) )
         {
             final String srcStr = " [" + srcAddrString + "]";
 
@@ -241,7 +147,7 @@ public class PwmLogEvent implements Serializable, Comparable
         {
             throw new IllegalArgumentException( "cannot compare with non PwmLogEvent" );
         }
-        return this.getDate().compareTo( ( ( PwmLogEvent ) o ).getDate() );
+        return this.getTimestamp().compareTo( ( ( PwmLogEvent ) o ).getTimestamp() );
     }
 
     String toEncodedString( )
@@ -253,23 +159,28 @@ public class PwmLogEvent implements Serializable, Comparable
     private String getDebugLabel( )
     {
         final StringBuilder sb = new StringBuilder();
-        if ( ( getActor() != null && !getActor().isEmpty() ) || ( ( getLabel() != null && !getLabel().isEmpty() ) ) )
+        final String sessionID = getSessionID();
+        final String username = getUsername();
+
+        if ( !StringUtil.isEmpty( sessionID ) )
         {
-            sb.append( "{" );
-            if ( getLabel() != null && !getLabel().isEmpty() )
-            {
-                sb.append( this.getLabel() );
-            }
-            if ( getActor() != null && !getActor().isEmpty() )
+            sb.append( sessionID );
+        }
+        if ( !StringUtil.isEmpty( username ) )
+        {
+            if ( sb.length() > 0 )
             {
-                if ( sb.length() > 0 )
-                {
-                    sb.append( "," );
-                }
-                sb.append( this.getActor() );
+                sb.append( "," );
             }
+            sb.append( username );
+        }
+
+        if ( sb.length() > 0 )
+        {
+            sb.insert( 0, "{" );
             sb.append( "} " );
         }
+
         return sb.toString();
     }
 
@@ -283,11 +194,11 @@ public class PwmLogEvent implements Serializable, Comparable
         final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
         final CSVPrinter csvPrinter = JavaHelper.makeCsvPrinter( byteArrayOutputStream );
         final List<String> dataRow = new ArrayList<>();
-        dataRow.add( JavaHelper.toIsoDate( getDate() ) );
+        dataRow.add( JavaHelper.toIsoDate( getTimestamp() ) );
         dataRow.add( getLevel().name() );
-        dataRow.add( getSource() );
-        dataRow.add( getLabel() );
-        dataRow.add( getActor() );
+        dataRow.add( getSourceAddress( ) == null ? "" : getSourceAddress() );
+        dataRow.add( getSessionID() == null ? "" : getSessionID() );
+        dataRow.add( getUsername( ) );
         dataRow.add( getTopic() );
         dataRow.add( getMessage() );
         dataRow.add( getThrowable() == null ? "" : JavaHelper.readHostileExceptionMessage( getThrowable() ) );
@@ -302,7 +213,7 @@ public class PwmLogEvent implements Serializable, Comparable
         final StringBuilder sb = new StringBuilder();
         if ( includeTimeStamp )
         {
-            sb.append( this.getDate().toString() );
+            sb.append( this.getTimestamp().toString() );
             sb.append( ", " );
         }
         sb.append( StringUtil.padEndToLength( getLevel().toString(), 5, ' ' ) );
@@ -343,4 +254,5 @@ public class PwmLogEvent implements Serializable, Comparable
         }
         return output.toString();
     }
+
 }

server/src/main/java/password/pwm/util/logging/PwmLogger.java

@@ -30,7 +30,6 @@ import password.pwm.bean.SessionLabel;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
-import password.pwm.http.PwmSession;
 import password.pwm.svc.event.AuditEvent;
 import password.pwm.svc.event.AuditRecord;
 import password.pwm.svc.event.AuditRecordFactory;
@@ -119,27 +118,21 @@ public class PwmLogger
     }
 
     private void doPwmRequestLogEvent( final PwmLogLevel level, final PwmRequest pwmRequest, final Supplier<CharSequence> message, final Throwable e )
-    {
-        final PwmSession pwmSession = pwmRequest != null ? pwmRequest.getPwmSession() : null;
-        doPwmSessionLogEvent( level, pwmSession, message, e );
-    }
-
-    private void doPwmSessionLogEvent( final PwmLogLevel level, final PwmSession pwmSession, final Supplier<CharSequence> message, final Throwable e )
     {
         if ( !isEnabled( level ) )
         {
             return;
         }
 
-        final SessionLabel sessionLabel = pwmSession != null ? pwmSession.getLabel() : null;
+        final SessionLabel sessionLabel = pwmRequest != null ? pwmRequest.getLabel() : null;
 
         Supplier<CharSequence> cleanedMessage = message;
 
-        if ( pwmSession != null && message != null )
+        if ( pwmRequest != null && message != null )
         {
             try
             {
-                final CharSequence cleanedString = PwmLogger.removeUserDataFromString( pwmSession.getLoginInfoBean(), message.get() );
+                final CharSequence cleanedString = PwmLogger.removeUserDataFromString( pwmRequest.getPwmSession().getLoginInfoBean(), message.get() );
                 cleanedMessage = () -> cleanedString;
             }
             catch ( final PwmUnrecoverableException e1 )
@@ -192,8 +185,8 @@ public class PwmLogger
                 {
                     final Map<String, String> messageInfo = new HashMap<>();
                     messageInfo.put( "level", logEvent.getLevel() == null ? "null" : logEvent.getLevel().toString() );
-                    messageInfo.put( "actor", logEvent.getActor() );
-                    messageInfo.put( "source", logEvent.getSource() );
+                    messageInfo.put( "actor", logEvent.getUsername() );
+                    messageInfo.put( "source", logEvent.getSourceAddress() );
                     messageInfo.put( "topic", logEvent.getTopic() );
                     messageInfo.put( "errorMessage", logEvent.getMessage() );
 
@@ -272,11 +265,6 @@ public class PwmLogger
         doLogEvent( PwmLogLevel.TRACE, null, message, null );
     }
 
-    public void trace( final PwmSession pwmSession, final Supplier<CharSequence> message )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.TRACE, pwmSession, message, null );
-    }
-
     public void trace( final PwmRequest pwmRequest, final Supplier<CharSequence> message )
     {
         doPwmRequestLogEvent( PwmLogLevel.TRACE, pwmRequest, message, null );
@@ -297,16 +285,6 @@ public class PwmLogger
         doLogEvent( PwmLogLevel.DEBUG, null, message, null );
     }
 
-    public void debug( final PwmSession pwmSession, final Supplier<CharSequence> message )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.DEBUG, pwmSession, message, null );
-    }
-
-    public void debug( final PwmSession pwmSession, final ErrorInformation errorInformation )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.DEBUG, pwmSession, () -> convertErrorInformation( errorInformation ), null );
-    }
-
     public void debug( final PwmRequest pwmRequest, final Supplier<CharSequence> message )
     {
         doPwmRequestLogEvent( PwmLogLevel.DEBUG, pwmRequest, message, null );
@@ -329,12 +307,7 @@ public class PwmLogger
 
     public void debug( final Supplier<CharSequence> message, final Throwable exception )
     {
-        doPwmSessionLogEvent( PwmLogLevel.DEBUG, null, message, exception );
-    }
-
-    public void debug( final PwmSession pwmSession, final Supplier<CharSequence> message, final Throwable e )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.DEBUG, pwmSession, message, e );
+        doPwmRequestLogEvent( PwmLogLevel.DEBUG, null, message, exception );
     }
 
     public void info( final Supplier<CharSequence> message )
@@ -342,11 +315,6 @@ public class PwmLogger
         doLogEvent( PwmLogLevel.INFO, null, message, null );
     }
 
-    public void info( final PwmSession pwmSession, final Supplier<CharSequence> message )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.INFO, pwmSession, message, null );
-    }
-
     public void info( final PwmRequest pwmRequest, final Supplier<CharSequence> message )
     {
         doPwmRequestLogEvent( PwmLogLevel.INFO, pwmRequest, message, null );
@@ -372,16 +340,6 @@ public class PwmLogger
         doLogEvent( PwmLogLevel.ERROR, null, message, null );
     }
 
-    public void error( final PwmSession pwmSession, final CharSequence message )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.ERROR, pwmSession, () -> message, null );
-    }
-
-    public void error( final PwmSession pwmSession, final ErrorInformation errorInformation )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.ERROR, pwmSession, () -> convertErrorInformation( errorInformation ), null );
-    }
-
     public void error( final PwmRequest pwmRequest, final CharSequence message, final Throwable exception )
     {
         doPwmRequestLogEvent( PwmLogLevel.ERROR, pwmRequest, () -> message, exception );
@@ -427,49 +385,34 @@ public class PwmLogger
         doLogEvent( PwmLogLevel.ERROR, sessionLabel, message, exception );
     }
 
-    public void error( final PwmSession pwmSession, final CharSequence message, final Throwable exception )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.ERROR, pwmSession, () -> message, exception );
-    }
-
     public void warn( final CharSequence message )
     {
         doLogEvent( PwmLogLevel.WARN, null, message, null );
     }
 
-    public void warn( final PwmSession pwmSession, final CharSequence message )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.WARN, pwmSession, () -> message, null );
-    }
-
     public void warn( final PwmRequest pwmRequest, final CharSequence message )
     {
         doPwmRequestLogEvent( PwmLogLevel.WARN, pwmRequest, () -> message, null );
     }
 
-    public void warn( final SessionLabel sessionLabel, final CharSequence message )
-    {
-        doLogEvent( PwmLogLevel.WARN, sessionLabel, message, null );
-    }
-
-    public void warn( final PwmSession pwmSession, final ErrorInformation message )
+    public void warn( final PwmRequest pwmRequest, final CharSequence message, final Throwable exception )
     {
-        doPwmSessionLogEvent( PwmLogLevel.WARN, pwmSession, () -> convertErrorInformation( message ), null );
+        doPwmRequestLogEvent( PwmLogLevel.WARN, pwmRequest, () -> message, exception );
     }
 
-    public void warn( final CharSequence message, final Throwable exception )
+    public void warn( final SessionLabel sessionLabel, final ErrorInformation errorInformation, final Throwable exception )
     {
-        doLogEvent( PwmLogLevel.WARN, null, message, exception );
+        doLogEvent( PwmLogLevel.ERROR, sessionLabel, convertErrorInformation( errorInformation ), exception );
     }
 
-    public void warn( final PwmSession pwmSession, final CharSequence message, final Throwable exception )
+    public void warn( final SessionLabel sessionLabel, final CharSequence message )
     {
-        doPwmSessionLogEvent( PwmLogLevel.WARN, pwmSession, () -> message, exception );
+        doLogEvent( PwmLogLevel.WARN, sessionLabel, message, null );
     }
 
-    public void warn( final PwmSession pwmSession, final ErrorInformation errorInformation, final Throwable exception )
+    public void warn( final CharSequence message, final Throwable exception )
     {
-        doPwmSessionLogEvent( PwmLogLevel.WARN, pwmSession, () -> convertErrorInformation( errorInformation ), exception );
+        doLogEvent( PwmLogLevel.WARN, null, message, exception );
     }
 
     public void fatal( final CharSequence message )
@@ -477,11 +420,6 @@ public class PwmLogger
         doLogEvent( PwmLogLevel.FATAL, null, message, null );
     }
 
-    public void fatal( final PwmSession pwmSession, final CharSequence message )
-    {
-        doPwmSessionLogEvent( PwmLogLevel.FATAL, pwmSession, () -> message, null );
-    }
-
     public void fatal( final SessionLabel sessionLabel, final CharSequence message )
     {
         doLogEvent( PwmLogLevel.FATAL, sessionLabel, message, null );

server/src/main/java/password/pwm/util/macro/MacroMachine.java

@@ -33,8 +33,10 @@ import password.pwm.http.PwmRequest;
 import password.pwm.ldap.UserInfo;
 import password.pwm.ldap.UserInfoFactory;
 import password.pwm.util.java.JavaHelper;
+import password.pwm.util.java.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
+import java.time.Instant;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.LinkedHashMap;
@@ -235,6 +237,7 @@ public class MacroMachine
             final MacroImplementation.MacroRequestInfo macroRequestInfo
     )
     {
+        final Instant startTime = Instant.now();
         final String matchedStr = matcher.group();
         final int startPos = matcher.start();
         final int endPos = matcher.end();
@@ -285,7 +288,8 @@ public class MacroMachine
             {
                 final String finalReplaceStr = replaceStr;
                 LOGGER.trace( sessionLabel, () -> "replaced macro " + matchedStr + " with value: "
-                        + ( sensitive ? PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT : finalReplaceStr ) );
+                        + ( sensitive ? PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT : finalReplaceStr )
+                        + " (" + TimeDuration.compactFromCurrent( startTime ) + ")" );
             }
         }
         return new StringBuilder( input ).replace( startPos, endPos, replaceStr ).toString();
@@ -316,7 +320,7 @@ public class MacroMachine
     )
             throws PwmUnrecoverableException
     {
-        return forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getSessionLabel(), userIdentity );
+        return forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getLabel(), userIdentity );
     }
 
     public static MacroMachine forUser(
@@ -326,7 +330,7 @@ public class MacroMachine
     )
             throws PwmUnrecoverableException
     {
-        return forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getSessionLabel(), userIdentity, stringReplacer );
+        return forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getLabel(), userIdentity, stringReplacer );
     }
 
     public static MacroMachine forUser(

server/src/main/java/password/pwm/util/operations/OtpService.java

@@ -40,7 +40,7 @@ import password.pwm.error.PwmException;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.health.HealthRecord;
-import password.pwm.http.PwmSession;
+import password.pwm.http.PwmRequest;
 import password.pwm.ldap.LdapOperationsHelper;
 import password.pwm.svc.PwmService;
 import password.pwm.util.java.JavaHelper;
@@ -368,7 +368,7 @@ public class OtpService implements PwmService
     }
 
     public void writeOTPUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity userIdentity,
             final OTPUserRecord otp
     )
@@ -380,7 +380,7 @@ public class OtpService implements PwmService
         final Configuration config = pwmApplication.getConfig();
         final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(
                 PwmSetting.OTP_SECRET_READ_PREFERENCE );
-        final String userGUID = readGuidIfNeeded( pwmApplication, pwmSession == null ? null : pwmSession.getLabel(), otpSecretStorageLocations, userIdentity );
+        final String userGUID = readGuidIfNeeded( pwmApplication, pwmRequest == null ? null : pwmRequest.getLabel(), otpSecretStorageLocations, userIdentity );
 
         final StringBuilder errorMsgs = new StringBuilder();
         if ( otpSecretStorageLocations != null )
@@ -393,18 +393,18 @@ public class OtpService implements PwmService
                 {
                     try
                     {
-                        operator.writeOtpUserConfiguration( pwmSession, userIdentity, userGUID, otp );
+                        operator.writeOtpUserConfiguration( pwmRequest, userIdentity, userGUID, otp );
                         successes++;
                     }
                     catch ( final PwmUnrecoverableException e )
                     {
-                        LOGGER.error( pwmSession, "error writing to " + otpSecretStorageLocation + ", error: " + e.getMessage() );
+                        LOGGER.error( pwmRequest, "error writing to " + otpSecretStorageLocation + ", error: " + e.getMessage() );
                         errorMsgs.append( otpSecretStorageLocation ).append( " error: " ).append( e.getMessage() );
                     }
                 }
                 else
                 {
-                    LOGGER.warn( pwmSession, String.format( "storage location %s not implemented", otpSecretStorageLocation.toString() ) );
+                    LOGGER.warn( pwmRequest, String.format( "storage location %s not implemented", otpSecretStorageLocation.toString() ) );
                 }
             }
         }
@@ -426,13 +426,13 @@ public class OtpService implements PwmService
     }
 
     public void clearOTPUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity userIdentity,
             final ChaiUser chaiUser
     )
             throws PwmOperationalException, ChaiUnavailableException, PwmUnrecoverableException
     {
-        LOGGER.trace( pwmSession, () -> "beginning clear otp user configuration" );
+        LOGGER.trace( pwmRequest, () -> "beginning clear otp user configuration" );
 
         int attempts = 0;
         int successes = 0;
@@ -440,7 +440,7 @@ public class OtpService implements PwmService
         final Configuration config = pwmApplication.getConfig();
         final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations( PwmSetting.OTP_SECRET_READ_PREFERENCE );
 
-        final String userGUID = readGuidIfNeeded( pwmApplication, pwmSession.getLabel(), otpSecretStorageLocations, userIdentity );
+        final String userGUID = readGuidIfNeeded( pwmApplication, pwmRequest.getLabel(), otpSecretStorageLocations, userIdentity );
 
         final StringBuilder errorMsgs = new StringBuilder();
         if ( otpSecretStorageLocations != null )
@@ -453,18 +453,18 @@ public class OtpService implements PwmService
                 {
                     try
                     {
-                        operator.clearOtpUserConfiguration( pwmSession, userIdentity, chaiUser, userGUID );
+                        operator.clearOtpUserConfiguration( pwmRequest, userIdentity, chaiUser, userGUID );
                         successes++;
                     }
                     catch ( final PwmUnrecoverableException e )
                     {
-                        LOGGER.error( pwmSession, "error clearing " + otpSecretStorageLocation + ", error: " + e.getMessage() );
+                        LOGGER.error( pwmRequest, "error clearing " + otpSecretStorageLocation + ", error: " + e.getMessage() );
                         errorMsgs.append( otpSecretStorageLocation ).append( " error: " ).append( e.getMessage() );
                     }
                 }
                 else
                 {
-                    LOGGER.warn( pwmSession, String.format( "Storage location %s not implemented", otpSecretStorageLocation.toString() ) );
+                    LOGGER.warn( pwmRequest, String.format( "Storage location %s not implemented", otpSecretStorageLocation.toString() ) );
                 }
             }
         }

server/src/main/java/password/pwm/util/operations/otp/DbOtpOperator.java

@@ -35,7 +35,7 @@ import password.pwm.error.PwmError;
 import password.pwm.error.PwmException;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.http.PwmSession;
+import password.pwm.http.PwmRequest;
 import password.pwm.util.db.DatabaseAccessor;
 import password.pwm.util.db.DatabaseException;
 import password.pwm.util.db.DatabaseTable;
@@ -95,7 +95,7 @@ public class DbOtpOperator extends AbstractOtpOperator
 
     @Override
     public void writeOtpUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity theUser,
             final String userGUID,
             final OTPUserRecord otpConfig
@@ -109,19 +109,19 @@ public class DbOtpOperator extends AbstractOtpOperator
                     "cannot save OTP secret to remote database, user " + theUser + " does not have a guid" ) );
         }
 
-        LOGGER.trace( pwmSession, () -> "attempting to save OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
+        LOGGER.trace( pwmRequest, () -> "attempting to save OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
 
         try
         {
             String value = composeOtpAttribute( otpConfig );
             if ( getPwmApplication().getConfig().readSettingAsBoolean( PwmSetting.OTP_SECRET_ENCRYPT ) )
             {
-                LOGGER.debug( pwmSession, () -> "encrypting OTP secret for storage" );
+                LOGGER.debug( pwmRequest, () -> "encrypting OTP secret for storage" );
                 value = encryptAttributeValue( value );
             }
             final DatabaseAccessor databaseAccessor = pwmApplication.getDatabaseAccessor();
             databaseAccessor.put( DatabaseTable.OTP, userGUID, value );
-            LOGGER.debug( pwmSession, () -> "saved OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
+            LOGGER.debug( pwmRequest, () -> "saved OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
         }
         catch ( final PwmOperationalException ex )
         {
@@ -134,7 +134,7 @@ public class DbOtpOperator extends AbstractOtpOperator
 
     @Override
     public void clearOtpUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity theUser,
             final ChaiUser chaiUser,
             final String userGUID

server/src/main/java/password/pwm/util/operations/otp/LdapOtpOperator.java

@@ -33,7 +33,7 @@ import password.pwm.config.profile.LdapProfile;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.http.PwmSession;
+import password.pwm.http.PwmRequest;
 import password.pwm.util.logging.PwmLogger;
 
 /**
@@ -99,11 +99,12 @@ public class LdapOtpOperator extends AbstractOtpOperator
 
     @Override
     public void writeOtpUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity userIdentity,
             final String userGuid,
             final OTPUserRecord otpConfig
-    ) throws PwmUnrecoverableException
+    )
+            throws PwmUnrecoverableException
     {
         final Configuration config = pwmApplication.getConfig();
         final LdapProfile ldapProfile = config.getLdapProfiles().get( userIdentity.getLdapProfileID() );
@@ -127,9 +128,9 @@ public class LdapOtpOperator extends AbstractOtpOperator
             {
                 value = encryptAttributeValue( value );
             }
-            final ChaiUser theUser = pwmSession == null
+            final ChaiUser theUser = pwmRequest == null
                     ? pwmApplication.getProxiedChaiUser( userIdentity )
-                    : pwmSession.getSessionManager().getActor( pwmApplication, userIdentity );
+                    : pwmRequest.getPwmSession().getSessionManager().getActor( pwmApplication, userIdentity );
             theUser.writeStringAttribute( ldapStorageAttribute, value );
             LOGGER.info( () -> "saved OTP secret for user to chai-ldap format" );
         }
@@ -155,7 +156,7 @@ public class LdapOtpOperator extends AbstractOtpOperator
 
     @Override
     public void clearOtpUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity userIdentity,
             final ChaiUser chaiUser,
             final String userGuid

server/src/main/java/password/pwm/util/operations/otp/LocalDbOtpOperator.java

@@ -35,7 +35,7 @@ import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.http.PwmSession;
+import password.pwm.http.PwmRequest;
 import password.pwm.util.localdb.LocalDB;
 import password.pwm.util.localdb.LocalDBException;
 import password.pwm.util.logging.PwmLogger;
@@ -56,7 +56,11 @@ public class LocalDbOtpOperator extends AbstractOtpOperator
     }
 
     @Override
-    public OTPUserRecord readOtpUserConfiguration( final UserIdentity theUser, final String userGUID ) throws PwmUnrecoverableException
+    public OTPUserRecord readOtpUserConfiguration(
+            final UserIdentity theUser,
+            final String userGUID
+    )
+            throws PwmUnrecoverableException
     {
         LOGGER.trace( () -> String.format( "Enter: readOtpUserConfiguration(%s, %s)", theUser, userGUID ) );
         if ( userGUID == null || userGUID.length() < 1 )
@@ -110,14 +114,14 @@ public class LocalDbOtpOperator extends AbstractOtpOperator
 
     @Override
     public void writeOtpUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity theUser,
             final String userGUID,
             final OTPUserRecord otpConfig
     )
             throws PwmUnrecoverableException
     {
-        LOGGER.trace( pwmSession, () -> String.format( "Enter: writeOtpUserConfiguration(%s, %s, %s)", theUser, userGUID, otpConfig ) );
+        LOGGER.trace( pwmRequest, () -> String.format( "Enter: writeOtpUserConfiguration(%s, %s, %s)", theUser, userGUID, otpConfig ) );
         if ( userGUID == null || userGUID.length() < 1 )
         {
             throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_MISSING_GUID, "cannot save otp to localDB, user does not have a pwmGUID" ) );
@@ -136,12 +140,12 @@ public class LocalDbOtpOperator extends AbstractOtpOperator
             String value = composeOtpAttribute( otpConfig );
             if ( config.readSettingAsBoolean( PwmSetting.OTP_SECRET_ENCRYPT ) )
             {
-                LOGGER.debug( pwmSession, () -> "Encrypting OTP secret for storage" );
+                LOGGER.debug( pwmRequest, () -> "Encrypting OTP secret for storage" );
                 value = encryptAttributeValue( value );
             }
 
             localDB.put( LocalDB.DB.OTP_SECRET, userGUID, value );
-            LOGGER.info( pwmSession, () -> "saved OTP secret for user in LocalDB" );
+            LOGGER.info( pwmRequest, () -> "saved OTP secret for user in LocalDB" );
         }
         catch ( final LocalDBException ex )
         {
@@ -161,14 +165,14 @@ public class LocalDbOtpOperator extends AbstractOtpOperator
 
     @Override
     public void clearOtpUserConfiguration(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final UserIdentity theUser,
             final ChaiUser chaiUser,
             final String userGUID
     )
             throws PwmUnrecoverableException
     {
-        LOGGER.trace( pwmSession, () -> String.format( "Enter: clearOtpUserConfiguration(%s, %s)", theUser, userGUID ) );
+        LOGGER.trace( pwmRequest, () -> String.format( "Enter: clearOtpUserConfiguration(%s, %s)", theUser, userGUID ) );
         if ( userGUID == null || userGUID.length() < 1 )
         {
             throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_MISSING_GUID, "cannot save otp to localDB, user does not have a pwmGUID" ) );
@@ -184,7 +188,7 @@ public class LocalDbOtpOperator extends AbstractOtpOperator
         try
         {
             localDB.remove( LocalDB.DB.OTP_SECRET, userGUID );
-            LOGGER.info( pwmSession, () -> "cleared OTP secret for user in LocalDB" );
+            LOGGER.info( pwmRequest, () -> "cleared OTP secret for user in LocalDB" );
         }
         catch ( final LocalDBException ex )
         {

server/src/main/java/password/pwm/util/operations/otp/OtpOperator.java

@@ -28,7 +28,7 @@ package password.pwm.util.operations.otp;
 import com.novell.ldapchai.ChaiUser;
 import password.pwm.bean.UserIdentity;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.http.PwmSession;
+import password.pwm.http.PwmRequest;
 
 /**
  * @author mpieters
@@ -43,7 +43,7 @@ public interface OtpOperator
             throws PwmUnrecoverableException;
 
     void writeOtpUserConfiguration(
-            PwmSession pwmSession,
+            PwmRequest pwmRequest,
             UserIdentity theUser,
             String userGuid,
             OTPUserRecord otpConfig
@@ -51,7 +51,7 @@ public interface OtpOperator
             throws PwmUnrecoverableException;
 
     void clearOtpUserConfiguration(
-            PwmSession pwmSession,
+            PwmRequest pwmRequest,
             UserIdentity theUser,
             ChaiUser chaiUser,
             String userGuid

server/src/main/java/password/pwm/util/password/PasswordUtility.java

@@ -307,7 +307,7 @@ public class PasswordUtility
 
         final ChaiProvider provider = pwmSession.getSessionManager().getChaiProvider();
 
-        setPassword( pwmApplication, pwmSession.getLabel(), provider, userInfo, setPasswordWithoutOld ? null : oldPassword, newPassword );
+        setPassword( pwmApplication, pwmRequest.getLabel(), provider, userInfo, setPasswordWithoutOld ? null : oldPassword, newPassword );
 
         // update the session state bean's password modified flag
         pwmSession.getSessionStateBean().setPasswordModified( true );
@@ -325,7 +325,7 @@ public class PasswordUtility
         pwmSession.getLoginInfoBean().setType( AuthenticationType.AUTHENTICATED );
 
         // update the uibean's "password expired flag".
-        pwmSession.reloadUserInfoBean( pwmApplication );
+        pwmSession.reloadUserInfoBean( pwmRequest );
 
         // create a proxy user object for pwm to update/read the user.
         final ChaiUser proxiedUser = pwmSession.getSessionManager().getActor( pwmApplication );
@@ -337,7 +337,7 @@ public class PasswordUtility
 
         {
             // execute configured actions
-            LOGGER.debug( pwmSession, () -> "executing configured actions to user " + proxiedUser.getEntryDN() );
+            LOGGER.debug( pwmRequest, () -> "executing configured actions to user " + proxiedUser.getEntryDN() );
             final List<ActionConfiguration> configValues = pwmApplication.getConfig().readSettingAsAction( PwmSetting.CHANGE_PASSWORD_WRITE_ATTRIBUTES );
             if ( configValues != null && !configValues.isEmpty() )
             {
@@ -346,7 +346,7 @@ public class PasswordUtility
 
                 final MacroMachine macroMachine = MacroMachine.forUser(
                         pwmApplication,
-                        pwmSession.getLabel(),
+                        pwmRequest.getLabel(),
                         pwmSession.getUserInfo(),
                         clonedLoginInfoBean
                 );
@@ -355,7 +355,7 @@ public class PasswordUtility
                         .setMacroMachine( macroMachine )
                         .setExpandPwmMacros( true )
                         .createActionExecutor();
-                actionExecutor.executeActions( configValues, pwmSession.getLabel() );
+                actionExecutor.executeActions( configValues, pwmRequest.getLabel() );
             }
         }
 
@@ -363,7 +363,7 @@ public class PasswordUtility
         invokePostChangePasswordActions( pwmRequest );
 
         //update the current last password update field in ldap
-        LdapOperationsHelper.updateLastPasswordUpdateAttribute( pwmApplication, pwmSession.getLabel(), userInfo.getUserIdentity() );
+        LdapOperationsHelper.updateLastPasswordUpdateAttribute( pwmApplication, pwmRequest.getLabel(), userInfo.getUserIdentity() );
     }
 
     public static void setPassword(
@@ -480,7 +480,7 @@ public class PasswordUtility
     }
 
     public static void helpdeskSetUserPassword(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final ChaiUser chaiUser,
             final UserInfo userInfo,
             final PwmApplication pwmApplication,
@@ -488,17 +488,17 @@ public class PasswordUtility
     )
             throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException
     {
-        final SessionLabel sessionLabel = pwmSession.getLabel();
+        final SessionLabel sessionLabel = pwmRequest.getLabel();
         final UserIdentity userIdentity = userInfo.getUserIdentity();
 
-        if ( !pwmSession.isAuthenticated() )
+        if ( !pwmRequest.isAuthenticated() )
         {
             final String errorMsg = "attempt to helpdeskSetUserPassword, but user is not authenticated";
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNAUTHORIZED, errorMsg );
             throw new PwmOperationalException( errorInformation );
         }
 
-        final HelpdeskProfile helpdeskProfile = pwmSession.getSessionManager().getHelpdeskProfile( pwmApplication );
+        final HelpdeskProfile helpdeskProfile = pwmRequest.getPwmSession().getSessionManager().getHelpdeskProfile( pwmApplication );
         if ( helpdeskProfile == null )
         {
             final String errorMsg = "attempt to helpdeskSetUserPassword, but user does not have helpdesk permission";
@@ -506,20 +506,20 @@ public class PasswordUtility
             throw new PwmOperationalException( errorInformation );
         }
 
-        setPassword( pwmApplication, pwmSession.getLabel(), chaiUser.getChaiProvider(), userInfo, null, newPassword );
+        setPassword( pwmApplication, pwmRequest.getLabel(), chaiUser.getChaiProvider(), userInfo, null, newPassword );
 
         // create a proxy user object for pwm to update/read the user.
         final ChaiUser proxiedUser = pwmApplication.getProxiedChaiUser( userIdentity );
 
         // mark the event log
         {
-            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmApplication, pwmSession ).createHelpdeskAuditRecord(
+            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmApplication, pwmRequest ).createHelpdeskAuditRecord(
                     AuditEvent.HELPDESK_SET_PASSWORD,
-                    pwmSession.getUserInfo().getUserIdentity(),
+                    pwmRequest.getUserInfoIfLoggedIn(),
                     null,
                     userIdentity,
-                    pwmSession.getSessionStateBean().getSrcAddress(),
-                    pwmSession.getSessionStateBean().getSrcHostname()
+                    pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress(),
+                    pwmRequest.getPwmSession().getSessionStateBean().getSrcHostname()
             );
             pwmApplication.getAuditManager().submit( auditRecord );
         }
@@ -551,7 +551,7 @@ public class PasswordUtility
                         .setExpandPwmMacros( true )
                         .createActionExecutor();
 
-                actionExecutor.executeActions( actions, pwmSession.getLabel() );
+                actionExecutor.executeActions( actions, pwmRequest.getLabel() );
             }
         }
 
@@ -562,34 +562,34 @@ public class PasswordUtility
         if ( settingClearResponses == HelpdeskClearResponseMode.yes )
         {
             final String userGUID = LdapOperationsHelper.readLdapGuidValue( pwmApplication, sessionLabel, userIdentity, false );
-            pwmApplication.getCrService().clearResponses( pwmSession.getLabel(), userIdentity, proxiedUser, userGUID );
+            pwmApplication.getCrService().clearResponses( pwmRequest.getLabel(), userIdentity, proxiedUser, userGUID );
 
             // mark the event log
-            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmApplication, pwmSession ).createHelpdeskAuditRecord(
+            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmApplication, pwmRequest ).createHelpdeskAuditRecord(
                     AuditEvent.HELPDESK_CLEAR_RESPONSES,
-                    pwmSession.getUserInfo().getUserIdentity(),
+                    pwmRequest.getUserInfoIfLoggedIn(),
                     null,
                     userIdentity,
-                    pwmSession.getSessionStateBean().getSrcAddress(),
-                    pwmSession.getSessionStateBean().getSrcHostname()
+                    pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress(),
+                    pwmRequest.getPwmSession().getSessionStateBean().getSrcHostname()
             );
             pwmApplication.getAuditManager().submit( auditRecord );
         }
 
         // send email notification
-        sendChangePasswordHelpdeskEmailNotice( pwmSession, pwmApplication, userInfo );
+        sendChangePasswordHelpdeskEmailNotice( pwmRequest, pwmApplication, userInfo );
 
         // expire if so configured
         if ( helpdeskProfile.readSettingAsBoolean( PwmSetting.HELPDESK_FORCE_PW_EXPIRATION ) )
         {
-            LOGGER.trace( pwmSession, () -> "preparing to expire password for user " + userIdentity.toDisplayString() );
+            LOGGER.trace( pwmRequest, () -> "preparing to expire password for user " + userIdentity.toDisplayString() );
             try
             {
                 proxiedUser.expirePassword();
             }
             catch ( final ChaiOperationException e )
             {
-                LOGGER.warn( pwmSession, "error while forcing password expiration for user " + userIdentity.toDisplayString() + ", error: " + e.getMessage() );
+                LOGGER.warn( pwmRequest, "error while forcing password expiration for user " + userIdentity.toDisplayString() + ", error: " + e.getMessage() );
             }
         }
 
@@ -608,7 +608,7 @@ public class PasswordUtility
                     userInfo,
                     pwmApplication,
                     newPassword,
-                    pwmSession.getSessionStateBean().getLocale(),
+                    pwmRequest.getLocale(),
                     messageSendMethod
             );
         }
@@ -706,7 +706,7 @@ public class PasswordUtility
                         .setExpandPwmMacros( true )
                         .setMacroMachine( pwmRequest.getPwmSession().getSessionManager().getMacroMachine( pwmApplication ) )
                         .createActionExecutor();
-                actionExecutor.executeActions( configValues, pwmRequest.getSessionLabel() );
+                actionExecutor.executeActions( configValues, pwmRequest.getLabel() );
             }
         }
         catch ( final PwmException e )
@@ -1214,19 +1214,19 @@ public class PasswordUtility
     }
 
     private static void sendChangePasswordHelpdeskEmailNotice(
-            final PwmSession pwmSession,
+            final PwmRequest pwmRequest,
             final PwmApplication pwmApplication,
             final UserInfo userInfo
     )
             throws PwmUnrecoverableException
     {
         final Configuration config = pwmApplication.getConfig();
-        final Locale locale = pwmSession.getSessionStateBean().getLocale();
+        final Locale locale = pwmRequest.getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_CHANGEPASSWORD_HELPDESK, locale );
 
         if ( configuredEmailSetting == null )
         {
-            LOGGER.debug( pwmSession, () -> "skipping send change password email for '" + pwmSession.getUserInfo().getUserIdentity() + "' no email configured" );
+            LOGGER.debug( pwmRequest, () -> "skipping send change password email for '" + pwmRequest.getUserInfoIfLoggedIn() + "' no email configured" );
             return;
         }
 
@@ -1234,7 +1234,7 @@ public class PasswordUtility
                 ? null
                 : MacroMachine.forUser(
                 pwmApplication,
-                pwmSession.getLabel(),
+                pwmRequest.getLabel(),
                 userInfo,
                 null
         );

server/src/main/java/password/pwm/ws/server/RestServlet.java

@@ -98,13 +98,11 @@ public abstract class RestServlet extends HttpServlet
         final SessionLabel sessionLabel;
         try
         {
-            sessionLabel = new SessionLabel(
-                    "rest-" + REQUEST_COUNTER.next(),
-                    null,
-                    null,
-                    RequestInitializationFilter.readUserNetworkAddress( req, pwmApplication.getConfig() ),
-                    RequestInitializationFilter.readUserHostname( req, pwmApplication.getConfig() )
-            );
+            sessionLabel =  SessionLabel.builder()
+                    .sessionID( "rest-" + REQUEST_COUNTER.next() )
+                    .sourceAddress( RequestInitializationFilter.readUserNetworkAddress( req, pwmApplication.getConfig() ) )
+                    .sourceHostname( RequestInitializationFilter.readUserHostname( req, pwmApplication.getConfig() ) )
+                    .build();
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/resources/password/pwm/AppProperty.properties

@@ -219,6 +219,7 @@ localdb.logWriter.maxTrimSize=5001
 macro.randomChar.maxLength=100
 macro.ldapAttr.maxLength=100
 logging.devOutput.enable=false
+logging.extra.periodicThreadDumpIntervalSeconds=0
 logging.pattern=%d{yyyy-MM-dd'T'HH:mm:ss'Z'}, %-5p, %c{2}, %m%n
 logging.file.maxSize=10MB
 logging.file.maxRollover=50

server/src/test/java/password/pwm/svc/event/CEFAuditFormatterTest.java

@@ -24,6 +24,7 @@ import org.junit.Assert;
 import org.junit.Test;
 import org.mockito.Mockito;
 import password.pwm.PwmApplication;
+import password.pwm.PwmConstants;
 import password.pwm.config.Configuration;
 import password.pwm.config.stored.StoredConfigurationFactory;
 import password.pwm.error.PwmUnrecoverableException;
@@ -34,6 +35,7 @@ public class CEFAuditFormatterTest
     @Test
     public void testCEFFormatting() throws PwmUnrecoverableException
     {
+
         final String jsonInput = "{\"perpetratorID\":\"per|son\",\"perpetratorDN\":\"cn=per|son,o=org\","
                 + "\"perpetratorLdapProfile\":\"default\",\"sourceAddress\":\"2001:DB8:D:B8:35cc::/64\",\"sourceHost\":\"ws31222\","
                 + "\"type\":\"USER\",\"eventCode\":\"ACTIVATE_USER\",\"guid\":\"16ee0bf8-b0c9-41d7-8c24-b40110fc727e\","
@@ -42,7 +44,8 @@ public class CEFAuditFormatterTest
 
         final UserAuditRecord auditRecord = JsonUtil.deserialize( jsonInput, UserAuditRecord.class );
 
-        final String expectedOutput = "CEF:0|PWM|PWM|v b0 r0|ACTIVATE_USER|Activate Account|Medium| type=USER eventCode=ACTIVATE_USER timestamp="
+        final String appName = PwmConstants.PWM_APP_NAME;
+        final String expectedOutput = "CEF:0|" + appName + "|" + appName + "|v b0 r0|ACTIVATE_USER|Activate Account|Medium| type=USER eventCode=ACTIVATE_USER timestamp="
                 + "2000-01-01T00:00:00Z"
                 + " message=message pipe\\|Escape, slash\\\\Escape, equal\\=Escape, \\nsecondLine"
                 + " perpetratorID=per\\|son perpetratorDN=cn\\=per\\|son,o\\=org sourceAddress=2001:DB8:D:B8:35cc::/64 sourceHost=ws31222";

server/src/test/java/password/pwm/util/java/AtomicLoopIntIncrementerTest.java

@@ -29,7 +29,7 @@ public class AtomicLoopIntIncrementerTest
     @Test
     public void testIncrementer()
     {
-        final AtomicLoopIntIncrementer atomicLoopIntIncrementer = new AtomicLoopIntIncrementer( 5 );
+        final AtomicLoopIntIncrementer atomicLoopIntIncrementer = AtomicLoopIntIncrementer.builder().ceiling( 5 ).build();
         for ( int i = 0; i < 5; i++ )
         {
             final int next = atomicLoopIntIncrementer.next();

server/src/test/java/password/pwm/util/localdb/LocalDBLoggerExtendedTest.java

@@ -177,7 +177,10 @@ public class LocalDBLoggerExtendedTest
             final PwmLogEvent event = PwmLogEvent.createPwmLogEvent(
                     Instant.now(),
                     LocalDBLogger.class.getName(),
-                    description, "", "", null, null, PwmLogLevel.TRACE );
+                    description,
+                    null,
+                    null,
+                    PwmLogLevel.TRACE );
             events.add( event );
         }
 

webapp/src/main/webapp/WEB-INF/jsp/admin-tokenlookup.jsp

@@ -68,7 +68,7 @@
             {
                 try
                 {
-                    tokenPayload = tokenlookup_pwmRequest.getPwmApplication().getTokenService().retrieveTokenData(tokenlookup_pwmRequest.getSessionLabel(), tokenKey);
+                    tokenPayload = tokenlookup_pwmRequest.getPwmApplication().getTokenService().retrieveTokenData(tokenlookup_pwmRequest.getLabel(), tokenKey);
                 } catch ( PwmOperationalException e )
                 {
                     tokenExpired = e.getError() == PwmError.ERROR_TOKEN_EXPIRED;

webapp/src/main/webapp/public/reference/settings.jsp

@@ -49,7 +49,7 @@
     final PwmRequest pwmRequest = JspUtility.getPwmRequest(pageContext);
     final boolean advancedMode = false;
     final List<PwmSettingCategory> sortedCategories = PwmSettingCategory.valuesForReferenceDoc(userLocale);
-    final MacroMachine macroMachine = MacroMachine.forNonUserSpecific(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel());
+    final MacroMachine macroMachine = MacroMachine.forNonUserSpecific(pwmRequest.getPwmApplication(), pwmRequest.getLabel());
 %>
 <html lang="<pwm:value name="<%=PwmValue.localeCode%>"/>" dir="<pwm:value name="<%=PwmValue.localeDir%>"/>">
 <%@ include file="/WEB-INF/jsp/fragment/header.jsp" %>