- fix url parameters

pwm/servlet/src/password/pwm/AppProperty.java

@@ -208,6 +208,7 @@ public enum AppProperty {
     SECURITY_DEFAULT_EPHEMERAL_BLOCK_ALG            ("security.defaultEphemeralBlockAlg"),
     SECURITY_DEFAULT_EPHEMERAL_HASH_ALG             ("security.defaultEphemeralHashAlg"),
     SEEDLIST_BUILTIN_PATH                           ("seedlist.builtin.path"),
+    SMTP_SUBJECT_ENCODING_CHARSET                   ("smtp.subjectEncodingCharset"),
     TOKEN_REMOVAL_DELAY_MS                          ("token.removalDelayMS"),
     TOKEN_PURGE_BATCH_SIZE                          ("token.purgeBatchSize"),
     TOKEN_MAX_UNIQUE_CREATE_ATTEMPTS                ("token.maxUniqueCreateAttempts"),

pwm/servlet/src/password/pwm/AppProperty.properties

@@ -196,6 +196,7 @@ security.defaultEphemeralBlockAlg=AES128_HMAC256
 security.defaultEphemeralHashAlg=SHA512
 security.config.minSecurityKeyLength=32
 seedlist.builtin.path=seedlist.zip
+smtp.subjectEncodingCharset=UTF8
 token.removalDelayMS=86400000
 token.purgeBatchSize=1000
 token.maxUniqueCreateAttempts=100

pwm/servlet/src/password/pwm/PwmConstants.java

@@ -166,6 +166,10 @@ public abstract class PwmConstants {
         ForgottenPasswordPrompts,
         ForgottenPasswordInstructions,
 
+        GuestCurrentExpirationDate,
+        GuestMaximumExpirationDate,
+        GuestMaximumValidDays,
+
         NewUser_FormShowBackButton,
     }
 

pwm/servlet/src/password/pwm/config/PwmSetting.xml

@@ -289,6 +289,11 @@
         <default>
             <value />
         </default>
+        <options>
+            <option value="types">[]</option>
+            <option value="required">hide</option>
+            <option value="hideOptions">true</option>
+        </options>
     </setting>
     <setting key="password.change.requireCurrent" level="1" required="true">
         <default>
@@ -2167,7 +2172,7 @@
     </setting>
     <setting key="guest.adminGroup" level="1" required="true">
         <default syntaxVersion="2">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=GuestAdministrators,ou=groups,o=example"}]]></value>
+            <value/>
         </default>
     </setting>
     <setting key="guest.form" level="1" required="true">
@@ -3018,13 +3023,7 @@
     </setting>
     <setting key="webservices.queryMatch" level="2">
         <default syntaxVersion="2">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=WebServiceUsers,ou=Groups,o=example"}]]></value>
-        </default>
-        <default syntaxVersion="2" template="AD">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=WebServiceUsers,cn=Users,DC=site,DC=example,DC=net"}]]></value>
-        </default>
-        <default syntaxVersion="2" template="ORACLE_DS">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=WebServiceUsers,cn=Users,DC=site,DC=example,DC=net"}]]></value>
+            <value/>
         </default>
         <default syntaxVersion="2" template="NOVL_IDM">
             <value><![CDATA[{"type":"ldapQuery","ldapProfileID":"all","ldapQuery":"(objectClass=*)"}]]></value>
@@ -3032,13 +3031,7 @@
     </setting>
     <setting key="webservices.thirdParty.queryMatch" level="2">
         <default syntaxVersion="2">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=ThirdPartyWebServiceUsers,ou=Groups,o=example"}]]></value>
-        </default>
-        <default syntaxVersion="2" template="AD">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=ThirdPartyWebServiceUsers,cn=Users,DC=site,DC=example,DC=net"}]]></value>
-        </default>
-        <default syntaxVersion="2" template="ORACLE_DS">
-            <value><![CDATA[{"type":"ldapGroup","ldapProfileID":"all","ldapBase":"cn=ThirdPartyWebServiceUsers,cn=Users,DC=site,DC=example,DC=net"}]]></value>
+            <value/>
         </default>
     </setting>
     <setting key="external.macros.urls" level="2">

pwm/servlet/src/password/pwm/http/PwmHttpRequestWrapper.java

@@ -185,9 +185,9 @@ public abstract class PwmHttpRequestWrapper {
         return null;
     }
 
-    public String readParameterAsString(final String name, final int maxLength)
+    public String readParameterAsString(final String name, final int maxLength, final Flag... flags)
             throws PwmUnrecoverableException {
-        final List<String> results = readParameterAsStrings(name, maxLength);
+        final List<String> results = readParameterAsStrings(name, maxLength, flags);
         if (results == null || results.isEmpty()) {
             return "";
         }
@@ -207,10 +207,10 @@ public abstract class PwmHttpRequestWrapper {
         return this.getHttpServletRequest().getParameterMap().containsKey(name);
     }
 
-    public String readParameterAsString(final String name)
+    public String readParameterAsString(final String name, final Flag... flags)
             throws PwmUnrecoverableException {
         final int maxLength = Integer.parseInt(configuration.readAppProperty(AppProperty.HTTP_PARAM_MAX_READ_LENGTH));
-        return readParameterAsString(name, maxLength);
+        return readParameterAsString(name, maxLength, flags);
     }
 
     public boolean readParameterAsBoolean(final String name)
@@ -231,10 +231,12 @@ public abstract class PwmHttpRequestWrapper {
 
     public List<String> readParameterAsStrings(
             final String name,
-            final int maxLength
+            final int maxLength,
+            final Flag... flags
     )
             throws PwmUnrecoverableException
     {
+        boolean bypassInputValidation = flags != null && Arrays.asList(flags).contains(Flag.BypassValidation);
         final HttpServletRequest req = this.getHttpServletRequest();
         final boolean trim = Boolean.parseBoolean(configuration.readAppProperty(AppProperty.SECURITY_INPUT_TRIM));
         final String[] rawValues = req.getParameterValues(name);
@@ -245,7 +247,9 @@ public abstract class PwmHttpRequestWrapper {
         final List<String> resultSet = new ArrayList<>();
         for (final String rawValue : rawValues) {
             final String decodedValue = decodeStringToDefaultCharSet(rawValue);
-            final String sanitizedValue = Validator.sanitizeInputValue(configuration, decodedValue, maxLength);
+            final String sanitizedValue = bypassInputValidation
+                    ? decodedValue
+                    : Validator.sanitizeInputValue(configuration, decodedValue, maxLength);
 
             if (sanitizedValue.length() > 0) {
                 resultSet.add(trim ? sanitizedValue.trim() : sanitizedValue);

pwm/servlet/src/password/pwm/http/PwmURL.java

@@ -27,6 +27,7 @@ import password.pwm.http.servlet.PwmServletDefinition;
 
 import javax.servlet.http.HttpServletRequest;
 import java.net.URI;
+import java.util.*;
 
 public class PwmURL {
     private URI uri;
@@ -166,4 +167,18 @@ public class PwmURL {
 
         return false;
     }
+
+    public static List<String> splitPathString(final String input) {
+        if (input == null) {
+            return Collections.emptyList();
+        }
+        final List<String> urlSegments = new ArrayList<>(Arrays.asList(input.split("/")));
+        for (Iterator<String> iterator = urlSegments.iterator(); iterator.hasNext(); ) {
+            final String segment = iterator.next();
+            if (segment == null || segment.isEmpty()) {
+                iterator.remove();
+            }
+        }
+        return urlSegments;
+    }
 }

pwm/servlet/src/password/pwm/http/filter/ApplicationStatusFilter.java

@@ -0,0 +1,51 @@
+package password.pwm.http.filter;
+
+import password.pwm.PwmApplication;
+import password.pwm.PwmConstants;
+import password.pwm.error.ErrorInformation;
+import password.pwm.http.ContextManager;
+import password.pwm.util.logging.PwmLogger;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class ApplicationStatusFilter implements Filter {
+    private static final PwmLogger LOGGER = PwmLogger.forClass(ApplicationStatusFilter.class);
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        ErrorInformation startupError = null;
+        try {
+            final ServletContext servletContext = servletRequest.getServletContext();
+            final ContextManager contextManager = (ContextManager) servletContext.getAttribute(PwmConstants.CONTEXT_ATTR_CONTEXT_MANAGER);
+            if (contextManager != null) {
+                startupError = contextManager.getStartupErrorInformation();
+
+                PwmApplication pwmApplication = contextManager.getPwmApplication();
+                if (pwmApplication != null) {
+                    filterChain.doFilter(servletRequest, servletResponse);
+                    return;
+                }
+            }
+        } catch (Exception e) {
+            LOGGER.error("error while trying to detect application status: " + e.getMessage());
+        }
+
+        LOGGER.error("unable to satisfy incoming request, application is not available");
+        servletRequest.setAttribute(PwmConstants.REQUEST_ATTR.PwmErrorInfo.toString(), startupError);
+        ((HttpServletResponse)servletResponse).setStatus(500);
+        final String url = PwmConstants.JSP_URL.APP_UNAVAILABLE.getPath();
+        servletRequest.getServletContext().getRequestDispatcher(url).forward(servletRequest, servletResponse);
+    }
+
+    @Override
+    public void destroy() {
+
+    }
+}

pwm/servlet/src/password/pwm/http/filter/AuthenticationFilter.java

@@ -74,6 +74,12 @@ public class AuthenticationFilter extends AbstractPwmFilter {
     )
             throws IOException, ServletException
     {
+        final PwmURL pwmURL = pwmRequest.getURL();
+        if (pwmURL.isPublicUrl() && !pwmURL.isLoginServlet()) {
+            chain.doFilter();
+            return;
+        }
+
 
         try {
             final PwmApplication pwmApplication = pwmRequest.getPwmApplication();

pwm/servlet/src/password/pwm/http/filter/SessionFilter.java

@@ -33,10 +33,7 @@ import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.http.PwmRequest;
-import password.pwm.http.PwmResponse;
-import password.pwm.http.PwmSession;
-import password.pwm.http.PwmURL;
+import password.pwm.http.*;
 import password.pwm.util.Helper;
 import password.pwm.util.ServletHelper;
 import password.pwm.util.StringUtil;
@@ -267,7 +264,7 @@ public class SessionFilter extends AbstractPwmFilter {
             return false;
         }
 
-        final String keyFromRequest = pwmRequest.readParameterAsString(PwmConstants.PARAM_VERIFICATION_KEY);
+        final String keyFromRequest = pwmRequest.readParameterAsString(PwmConstants.PARAM_VERIFICATION_KEY, PwmHttpRequestWrapper.Flag.BypassValidation);
 
         // request doesn't have key, so make a new one, store it in the session, and redirect back here with the new key.
         if (keyFromRequest == null || keyFromRequest.length() < 1) {

pwm/servlet/src/password/pwm/http/servlet/AbstractPwmServlet.java

@@ -255,7 +255,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
             throws PwmUnrecoverableException;
 
     public interface ProcessAction {
-        public Collection<HttpMethod> permittedMethods();
+        Collection<HttpMethod> permittedMethods();
     }
 
     public static final Collection<HttpMethod> GET_AND_POST_METHODS;
@@ -266,4 +266,27 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
         methods.add(HttpMethod.POST);
         GET_AND_POST_METHODS = Collections.unmodifiableSet(methods);
     }
+
+    public String servletUriRemainder(PwmRequest pwmRequest, String command) throws PwmUnrecoverableException {
+        String uri = pwmRequest.getURLwithoutQueryString();
+        if (uri.startsWith(pwmRequest.getContextPath())) {
+            uri = uri.substring(pwmRequest.getContextPath().length(), uri.length());
+        }
+        for (final String servletUri : getServletDefinition().urlPatterns()) {
+            if (uri.startsWith(servletUri)) {
+                uri = uri.substring(servletUri.length(), uri.length());
+            }
+        }
+        return uri;
+    }
+
+    protected PwmServletDefinition getServletDefinition() {
+        for (final PwmServletDefinition pwmServletDefinition : PwmServletDefinition.values()) {
+            final Class pwmServletClass = pwmServletDefinition.getPwmServletClass();
+            if (pwmServletClass.isInstance(this) ) {
+                return pwmServletDefinition;
+            }
+        }
+        throw new IllegalStateException("unable to determine PwmServletDefinition for class " + this.getClass().getTypeName());
+    }
 }

pwm/servlet/src/password/pwm/http/servlet/ActivateUserServlet.java

@@ -70,8 +70,8 @@ import java.util.*;
 @WebServlet(
         name="ActivateUserServlet",
         urlPatterns = {
-                PwmConstants.URL_PREFIX_PUBLIC + "/activateuser",
-                PwmConstants.URL_PREFIX_PUBLIC + "/activateuser/*",
+                PwmConstants.URL_PREFIX_PUBLIC + "/activate",
+                PwmConstants.URL_PREFIX_PUBLIC + "/activate/*",
                 PwmConstants.URL_PREFIX_PUBLIC + "/ActivateUser",
                 PwmConstants.URL_PREFIX_PUBLIC + "/ActivateUser/*",
         }
@@ -113,7 +113,6 @@ public class ActivateUserServlet extends AbstractPwmServlet {
     }
 
 
-
     protected void processAction(final PwmRequest pwmRequest)
             throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException
     {

pwm/servlet/src/password/pwm/http/servlet/GuestRegistrationServlet.java

@@ -75,19 +75,19 @@ import java.util.*;
 @WebServlet(
         name="GuestRegistrationServlet",
         urlPatterns = {
-                PwmConstants.URL_PREFIX_PRIVATE + "/guestregistration",
+                PwmConstants.URL_PREFIX_PRIVATE + "/guest-registration",
                 PwmConstants.URL_PREFIX_PRIVATE + "/GuestRegistration",
         }
 )
 public class GuestRegistrationServlet extends AbstractPwmServlet {
     private static final PwmLogger LOGGER = PwmLogger.forClass(GuestRegistrationServlet.class);
 
-    public static final String HTTP_PARAM_EXPIRATION_DATE = "expirationDateFormInput";
-    
+    public static final String HTTP_PARAM_EXPIRATION_DATE = "_expirationDateFormInput";
+
     public enum Page {
         create,
         search
-        
+
     }
 
     public enum GuestRegistrationAction implements AbstractPwmServlet.ProcessAction {
@@ -149,9 +149,9 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
                     return;
 
                 case update:
-                    handleUpdateRequest(pwmRequest);
+                    handleUpdateRequest(pwmRequest, guestRegistrationBean);
                     return;
-                
+
                 case selectPage:
                     handleSelectPageRequest(pwmRequest, guestRegistrationBean);
                     return;
@@ -160,32 +160,33 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
 
         this.forwardToJSP(pwmRequest, guestRegistrationBean);
     }
-    
+
     protected void handleSelectPageRequest(
             final PwmRequest pwmRequest,
             final GuestRegistrationBean guestRegistrationBean
     )
-            throws PwmUnrecoverableException, IOException, ServletException 
+            throws PwmUnrecoverableException, IOException, ServletException
     {
         final String requestedPage = pwmRequest.readParameterAsString("page");
         try {
             guestRegistrationBean.setCurrentPage(Page.valueOf(requestedPage));
         } catch (IllegalArgumentException e) {
-            LOGGER.error(pwmRequest,"unknown page select request: " + requestedPage);
+            LOGGER.error(pwmRequest, "unknown page select request: " + requestedPage);
         }
         this.forwardToJSP(pwmRequest, guestRegistrationBean);
     }
-    
-    
+
+
     protected void handleUpdateRequest(
-            final PwmRequest pwmRequest
+            final PwmRequest pwmRequest,
+            final GuestRegistrationBean guestRegistrationBean
+
     )
             throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException
     {
         //Fetch the session state bean.
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final SessionStateBean ssBean = pwmSession.getSessionStateBean();
-        final GuestRegistrationBean guBean = pwmSession.getGuestRegistrationBean();
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         final Configuration config = pwmApplication.getConfig();
 
@@ -201,14 +202,14 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
             FormUtility.validateFormValues(config, formValues, ssBean.getLocale());
 
             //read current values from user.
-            final ChaiUser theGuest = pwmSession.getSessionManager().getActor(pwmApplication, guBean.getUpdateUserIdentity());
+            final ChaiUser theGuest = pwmSession.getSessionManager().getActor(pwmApplication, guestRegistrationBean.getUpdateUserIdentity());
 
             // check unique fields against ldap
             FormUtility.validateFormValueUniqueness(
                     pwmApplication,
                     formValues,
                     ssBean.getLocale(),
-                    Collections.singletonList(guBean.getUpdateUserIdentity()),
+                    Collections.singletonList(guestRegistrationBean.getUpdateUserIdentity()),
                     false
             );
 
@@ -228,7 +229,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
             userStatusReader.populateUserInfoBean(
                     guestUserInfoBean,
                     pwmSession.getSessionStateBean().getLocale(),
-                    guBean.getUpdateUserIdentity(),
+                    guestRegistrationBean.getUpdateUserIdentity(),
                     theGuest.getChaiProvider()
             );
             this.sendUpdateGuestEmailConfirmation(pwmRequest, guestUserInfoBean);
@@ -246,7 +247,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
             LOGGER.error(pwmSession, info);
             pwmRequest.setResponseError(info);
         }
-        pwmRequest.forwardToJsp(PwmConstants.JSP_URL.GUEST_UPDATE);
+        this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
     }
 
     private void sendUpdateGuestEmailConfirmation(
@@ -335,7 +336,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
 
                 guBean.setUpdateUserIdentity(theGuest);
 
-                pwmRequest.forwardToJsp(PwmConstants.JSP_URL.GUEST_UPDATE);
+                this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
                 return;
             } catch (ChaiOperationException e) {
                 LOGGER.warn(pwmSession, "error reading current attributes for user: " + e.getMessage());
@@ -544,7 +545,9 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
             final PwmRequest pwmRequest,
             final GuestRegistrationBean guestRegistrationBean
     )
-            throws IOException, ServletException, PwmUnrecoverableException {
+            throws IOException, ServletException, PwmUnrecoverableException
+    {
+        calculateFutureDateFlags(pwmRequest, guestRegistrationBean);
         if (Page.search == guestRegistrationBean.getCurrentPage()) {
             pwmRequest.addFormInfoToRequestAttr(PwmSetting.GUEST_UPDATE_FORM, false, false);
             pwmRequest.forwardToJsp(PwmConstants.JSP_URL.GUEST_UPDATE_SEARCH);
@@ -554,6 +557,24 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
         }
     }
 
+    private void forwardToUpdateJSP(
+            final PwmRequest pwmRequest,
+            final GuestRegistrationBean guestRegistrationBean
+    )
+            throws IOException, ServletException, PwmUnrecoverableException
+    {
+        calculateFutureDateFlags(pwmRequest, guestRegistrationBean);
+        final List<FormConfiguration> guestUpdateForm = pwmRequest.getConfig().readSettingAsForm(PwmSetting.GUEST_UPDATE_FORM);
+        final Map<FormConfiguration, String> formValueMap = new LinkedHashMap<>();
+        for (final FormConfiguration formConfiguration : guestUpdateForm) {
+            final String value = guestRegistrationBean.getFormValues().get(formConfiguration.getName());
+            formValueMap.put(formConfiguration, value);
+        }
+
+        pwmRequest.addFormInfoToRequestAttr(guestUpdateForm, formValueMap, false, false);
+        pwmRequest.forwardToJsp(PwmConstants.JSP_URL.GUEST_UPDATE);
+    }
+
     private static void checkConfiguration(final Configuration configuration)
             throws PwmUnrecoverableException
     {
@@ -575,6 +596,44 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
             }
         }
     }
+
+    private void calculateFutureDateFlags(final PwmRequest pwmRequest, GuestRegistrationBean guestRegistrationBean) {
+        final SimpleDateFormat DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd");
+
+        final long maxValidDays = pwmRequest.getConfig().readSettingAsLong(PwmSetting.GUEST_MAX_VALID_DAYS);
+        pwmRequest.setAttribute(PwmConstants.REQUEST_ATTR.GuestMaximumValidDays, String.valueOf(maxValidDays));
+
+
+        final String maxExpirationDate;
+        {
+            if (maxValidDays > 0) {
+                long futureMS = maxValidDays * 24 * 60 * 60 * 1000;
+                Date maxValidDate = new Date(new Date().getTime() + (futureMS));
+                maxExpirationDate = DATE_FORMAT.format(maxValidDate);
+            } else {
+                maxExpirationDate = "";
+            }
+
+        }
+        final String currentExpirationDate;
+        {
+            String selectedDate = guestRegistrationBean.getFormValues().get(HTTP_PARAM_EXPIRATION_DATE);
+            if (selectedDate == null || selectedDate.isEmpty()) {
+                Date currentDate = guestRegistrationBean.getUpdateUserExpirationDate();
+
+                if (currentDate == null) {
+                    currentExpirationDate = maxExpirationDate;
+                } else {
+                    currentExpirationDate = DATE_FORMAT.format(currentDate);
+                }
+            } else {
+                currentExpirationDate = DATE_FORMAT.format(new Date());
+            }
+        }
+
+        pwmRequest.setAttribute(PwmConstants.REQUEST_ATTR.GuestCurrentExpirationDate, currentExpirationDate);
+        pwmRequest.setAttribute(PwmConstants.REQUEST_ATTR.GuestMaximumExpirationDate, maxExpirationDate);
+    }
 }
 
 

pwm/servlet/src/password/pwm/http/servlet/NewUserServlet.java

@@ -46,6 +46,7 @@ import password.pwm.event.AuditEvent;
 import password.pwm.http.HttpMethod;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmSession;
+import password.pwm.http.PwmURL;
 import password.pwm.http.bean.LoginInfoBean;
 import password.pwm.http.bean.NewUserBean;
 import password.pwm.i18n.Message;
@@ -310,22 +311,25 @@ public class NewUserServlet extends AbstractPwmServlet {
     }
 
     protected boolean readProfileFromUrl(final PwmRequest pwmRequest, final NewUserBean newUserBean) throws ChaiUnavailableException, PwmUnrecoverableException, ServletException, IOException {
-        final String PROFILE_URL_SEGMENT = "/profile/";
-        final String uriRemainder = PwmServletDefinition.NewUser.uriRemainder(pwmRequest);
-
-        if (uriRemainder.startsWith(PROFILE_URL_SEGMENT)) {
-            final String requestedProfile = uriRemainder.substring(PROFILE_URL_SEGMENT.length(), uriRemainder.length());
-            final Collection<String> profileIDs = pwmRequest.getConfig().getNewUserProfiles().keySet();
-            if (profileIDs.contains(requestedProfile)) {
-                LOGGER.debug(pwmRequest, "detected profile on request uri: " + requestedProfile);
-                newUserBean.setProfileID(requestedProfile);
-                newUserBean.setUrlSpecifiedProfile(true);
-                pwmRequest.sendRedirect(PwmServletDefinition.NewUser);
-                return true;
-            } else {
-                final String errorMsg = "unknown requested new user profile";
-                LOGGER.debug(pwmRequest, errorMsg + ": " + requestedProfile);
-                throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE));
+        final String PROFILE_URL_SEGMENT = "profile";
+        final String urlRemainder = servletUriRemainder(pwmRequest, PROFILE_URL_SEGMENT);
+
+        if (urlRemainder != null && !urlRemainder.isEmpty()) {
+            final List<String> urlSegments = PwmURL.splitPathString(urlRemainder);
+            if (urlSegments.size() == 2 && PROFILE_URL_SEGMENT.equals(urlSegments.get(0))) {
+                final String requestedProfile = urlSegments.get(1);
+                final Collection<String> profileIDs = pwmRequest.getConfig().getNewUserProfiles().keySet();
+                if (profileIDs.contains(requestedProfile)) {
+                    LOGGER.debug(pwmRequest, "detected profile on request uri: " + requestedProfile);
+                    newUserBean.setProfileID(requestedProfile);
+                    newUserBean.setUrlSpecifiedProfile(true);
+                    pwmRequest.sendRedirect(PwmServletDefinition.NewUser);
+                    return true;
+                } else {
+                    final String errorMsg = "unknown requested new user profile";
+                    LOGGER.debug(pwmRequest, errorMsg + ": " + requestedProfile);
+                    throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE));
+                }
             }
         }
         return false;

pwm/servlet/src/password/pwm/http/servlet/PwmServletDefinition.java

@@ -25,7 +25,6 @@ package password.pwm.http.servlet;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.http.PwmRequest;
 import password.pwm.http.servlet.configmanager.ConfigManagerServlet;
 import password.pwm.http.servlet.configmanager.ConfigManagerWordlistServlet;
 
@@ -48,6 +47,7 @@ public enum PwmServletDefinition {
     Helpdesk(password.pwm.http.servlet.helpdesk.HelpdeskServlet.class),
     Shortcuts(password.pwm.http.servlet.ShortcutServlet.class),
     PeopleSearch(password.pwm.http.servlet.peoplesearch.PeopleSearchServlet.class),
+    GuestRegistration(password.pwm.http.servlet.GuestRegistrationServlet.class),
 
     Admin(password.pwm.http.servlet.AdminServlet.class),
     ConfigGuide(password.pwm.http.servlet.ConfigGuideServlet.class),
@@ -64,8 +64,11 @@ public enum PwmServletDefinition {
 
     private final String[] patterns;
     private final String servletUrl;
+    private final Class<? extends PwmServlet> pwmServletClass;
 
     PwmServletDefinition(final Class<? extends PwmServlet> pwmServletClass) {
+        this.pwmServletClass = pwmServletClass;
+
         try {
             this.patterns = getWebServletAnnotation(pwmServletClass).urlPatterns();
         } catch (Exception e) {
@@ -89,6 +92,10 @@ public enum PwmServletDefinition {
         return patterns[0];
     }
 
+    public Class<? extends PwmServlet> getPwmServletClass() {
+        return pwmServletClass;
+    }
+
     private WebServlet getWebServletAnnotation(Class<? extends PwmServlet> pwmServletClass) throws PwmUnrecoverableException {
         for (Annotation annotation : pwmServletClass.getDeclaredAnnotations()) {
             if (annotation instanceof WebServlet) {
@@ -99,17 +106,5 @@ public enum PwmServletDefinition {
         throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN,"missing WebServlet annotation for class " + this.getClass().getName()));
     }
 
-    public String uriRemainder(PwmRequest pwmRequest) throws PwmUnrecoverableException {
-        String uri = pwmRequest.getURLwithoutQueryString();
-        if (uri.startsWith(pwmRequest.getContextPath())) {
-            uri = uri.substring(pwmRequest.getContextPath().length(), uri.length());
-        }
-        for (final String servletUri : urlPatterns()) {
-            if (uri.startsWith(servletUri)) {
-                uri = uri.substring(servletUri.length(), uri.length());
-            }
-        }
-        return uri;
-    }
 
 }

pwm/servlet/src/password/pwm/http/tag/CurrentUrlTag.java

@@ -0,0 +1,32 @@
+package password.pwm.http.tag;
+
+import password.pwm.http.JspUtility;
+import password.pwm.http.PwmRequest;
+import password.pwm.util.StringUtil;
+import password.pwm.util.logging.PwmLogger;
+
+import javax.servlet.jsp.tagext.TagSupport;
+import java.io.IOException;
+
+public class CurrentUrlTag extends TagSupport {
+    private static final PwmLogger LOGGER = PwmLogger.forClass(CurrentUrlTag.class);
+
+    @Override
+    public int doEndTag()
+            throws javax.servlet.jsp.JspTagException
+    {
+        try {
+            final PwmRequest pwmRequest = JspUtility.getPwmRequest(pageContext);
+            final String currentUrl = pwmRequest.getURLwithoutQueryString();
+            pageContext.getOut().write(StringUtil.escapeHtml(currentUrl));
+        } catch (Exception e) {
+            try {
+                pageContext.getOut().write("errorGeneratingPwmFormID");
+            } catch (IOException e1) {
+                /* ignore */
+            }
+            LOGGER.error("error during pwmFormIDTag output of pwmFormID: " + e.getMessage());
+        }
+        return EVAL_PAGE;
+    }
+}

pwm/servlet/src/password/pwm/i18n/ConfigEditor.properties

@@ -168,7 +168,7 @@ Setting_Description_captcha.protectedPages=Pages protected by CAPTCHA.  CAPTCHA
 Setting_Description_captcha.recaptcha.privateKey=Private reCAPTCHA key.  If blank no captcha verification will be performed.
 Setting_Description_captcha.recaptcha.publicKey=Public reCAPTCHA key.  If blank no captcha verification will be performed.
 Setting_Description_captcha.skip.cookie=Allows for skipping the captcha request if a known browser cookie value is held by the browser the cookie is stored in a cookie named 'captcha-key'.  If the value is correct,then the captcha check is skipped.  The cookie value is stored in the browser after a successful captcha check.<br/><br/>If blank, then no cookie will be read/stored.  If set to 'INSTANCEID', then the instanceID is used.  If set to any other value, then the literal value will be used.
-Setting_Description_captcha.skip.param=Allows for skipping the captcha request if a known parameter is passed as a request parameter with a key of "skipCaptcha".   This is useful for "internal" clients / links where the captcha is unneccessary.<br/><br/>For example, if the value is 'okay', a request to\:<br/><br/><i>/public/ForgottenPassword?skipCaptcha\=okay</i><br/><br/>would cause captcha to be bypassed.
+Setting_Description_captcha.skip.param=Allows for skipping the captcha request if a known parameter is passed as a request parameter with a key of "skipCaptcha".   This is useful for "internal" clients / links where the captcha is unneccessary.<br/><br/>For example, if the value is 'okay', a request to\:<br/><br/><i>/public/forgottenpassword?skipCaptcha\=okay</i><br/><br/>would cause captcha to be bypassed.
 Setting_Description_cas.clearPassUrl=For <a href\="http\://www.jasig.org/cas">CAS</a> authentication integration, enter the ClearPass url here.  If blank, CAS authentication integration will be disabled.<br/><br/>You will also need to edit the <i>WEB-INF/web.xml</i> file to enable CAS integration.  Uncomment the section for the CAS servlet filters, and modify the CAS servlet parameters as appropriate for your configuration.
 Setting_Description_challenge.allowDuplicateResponses=Control if each response is required to be unique
 Setting_Description_challenge.allowSetup.queryMatch=Permission used to determine if a user is a permitted to configure challenges.  The user must be returned during this ldap query or else the user will not be permitted to configure challenges.
@@ -306,7 +306,7 @@ Setting_Description_helpdesk.result.form=Field(s) to be shown as a result to sea
 Setting_Description_helpdesk.result.limit=result limit
 Setting_Description_helpdesk.search.filters=.
 Setting_Description_helpdesk.searchBase=If empty, the default ldap search base(s) will be used.
-Setting_Description_helpdesk.sendPassword=If true, send the password to the user using the method selected under Forgotten Password -> New Password Send Method.
+Setting_Description_helpdesk.sendPassword=If set to true, send the password to the user using the method selected under <code>@PwmSettingReference\:recovery.sendNewPassword.sendMethod@</code>
 Setting_Description_helpdesk.setPassword.maskValue=When entering the password for a user, should the value be masked by default.
 Setting_Description_helpdesk.setPassword.mode=Mode to allow helpdesk administrators to set passwords.  (Note the logged-in user must have proper ldap permissions.)
 Setting_Description_helpdesk.setPassword.writeAttributes=Actions to execute after a helpdesk actor modifies the user's password.  Macros may be used.
@@ -714,7 +714,7 @@ Setting_Label_forgottenUsername.searchFilter=Forgotten Username Search Filter
 Setting_Label_forgottenUsername.sendUsername.sendMethod=Username Send Method
 Setting_Label_forgottenUsername.usernameAttribute=Username LDAP Attribute
 Setting_Label_guest.adminAttribute=Administrator DN Attribute
-Setting_Label_guest.adminGroup=Guest Admin Query String
+Setting_Label_guest.adminGroup=Guest Admin Permission
 Setting_Label_guest.createContext=Creation Context
 Setting_Label_guest.editOriginalAdminOnly=Edit Guest By Original Administrator Only
 Setting_Label_guest.enable=Enable Guest Registration
@@ -722,7 +722,7 @@ Setting_Label_guest.expirationAttribute=Attribute Used To Store Account Expirati
 Setting_Label_guest.form=New Guest Form
 Setting_Label_guest.maxValidDays=Maximum Duration of Account Validity
 Setting_Label_guest.update.form=Update Guest Form
-Setting_Label_guest.writeAttributes=Write Attributes
+Setting_Label_guest.writeAttributes=Guest Creation Actions
 Setting_Label_helpdesk.actions=Helpdesk Actor Actions
 Setting_Label_helpdesk.clearOtp.button=Enable Clear One Time Password Settings Button
 Setting_Label_helpdesk.clearResponses=Clear Responses on Password Set

pwm/servlet/src/password/pwm/util/Helper.java

@@ -52,6 +52,8 @@ import java.net.URI;
 import java.net.UnknownHostException;
 import java.text.NumberFormat;
 import java.util.*;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ThreadFactory;
 import java.util.regex.Pattern;
 
 /**
@@ -671,4 +673,21 @@ public class
             }
         };
     }
+
+    public static ThreadFactory makePwmThreadFactory(final String namePrefix, final boolean daemon) {
+        return new ThreadFactory() {
+            private final ThreadFactory realThreadFactory = Executors.defaultThreadFactory();
+
+            @Override
+            public Thread newThread(final Runnable r) {
+                final Thread t = realThreadFactory.newThread(r);
+                t.setDaemon(daemon);
+                if (namePrefix != null) {
+                    final String newName = namePrefix + t.getName();
+                    t.setName(newName);
+                }
+                return t;
+            }
+        };
+    }
 }

pwm/servlet/src/password/pwm/util/TimeDuration.java

@@ -30,6 +30,7 @@ import java.io.Serializable;
 import java.math.BigDecimal;
 import java.util.Date;
 import java.util.Locale;
+import java.util.concurrent.TimeUnit;
 
 /**
  * An immutable class representing a time period.  The internal value of the time period is
@@ -261,6 +262,10 @@ public class TimeDuration implements Comparable, Serializable {
         return this.isLongerThan(new TimeDuration(durationMS));
     }
 
+    public boolean isLongerThan(final long duration, final TimeUnit timeUnit) {
+        return this.isLongerThan(timeUnit.toMillis(duration));
+    }
+
     public long getSeconds() {
         return getTimeDetail().seconds;
     }

pwm/servlet/src/password/pwm/util/localdb/Berkeley_LocalDB.java

@@ -141,8 +141,12 @@ public class Berkeley_LocalDB implements LocalDBProvider {
             status = LocalDB.Status.CLOSED;
 
             for (final BerkeleyDbIterator localDBIterator : dbIterators) {
-                LOGGER.trace("closing outstanding iterator for db " + localDBIterator.getDb() + " due to truncate command");
-                localDBIterator.close();
+                LOGGER.trace("closing outstanding iterator for db " + localDBIterator.getDb() + " due to LocalDB.close command");
+                try {
+                    localDBIterator.close();
+                } catch (Throwable e) {
+                    LOGGER.error("error closing outstanding iterator for db " + localDBIterator.getDb() + " during close, error: " + e.getMessage());
+                }
             }
 
 

pwm/servlet/src/password/pwm/util/localdb/LocalDB.java

@@ -116,9 +116,9 @@ public interface LocalDB {
         PWM_META(true),
         SHAREDHISTORY_META(true),
         SHAREDHISTORY_WORDS(true),
-        WORDLIST_META(true),
+        // WORDLIST_META(true), // @deprecated
         WORDLIST_WORDS(true),
-        SEEDLIST_META(true),
+        // SEEDLIST_META(true), // @deprecated
         SEEDLIST_WORDS(true),
         PWM_STATS(true),
         EVENTLOG_EVENTS(true),

pwm/servlet/src/password/pwm/util/operations/PasswordUtility.java

@@ -44,10 +44,7 @@ import password.pwm.config.PwmSetting;
 import password.pwm.config.UserPermission;
 import password.pwm.config.option.HelpdeskClearResponseMode;
 import password.pwm.config.option.MessageSendMethod;
-import password.pwm.config.profile.HelpdeskProfile;
-import password.pwm.config.profile.LdapProfile;
-import password.pwm.config.profile.PwmPasswordPolicy;
-import password.pwm.config.profile.PwmPasswordRule;
+import password.pwm.config.profile.*;
 import password.pwm.error.*;
 import password.pwm.event.AuditEvent;
 import password.pwm.event.HelpdeskAuditRecord;
@@ -502,6 +499,13 @@ public class PasswordUtility {
         // send password
         final boolean sendPassword = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_SEND_PASSWORD);
         if (sendPassword) {
+            final MessageSendMethod messageSendMethod;
+            {
+                final String profileID = ProfileUtility.discoverProfileIDforUser(pwmApplication, sessionLabel, userIdentity, ProfileType.ForgottenPassword);
+                final ForgottenPasswordProfile forgottenPasswordProfile = pwmApplication.getConfig().getForgottenPasswordProfiles().get(profileID);
+                messageSendMethod = forgottenPasswordProfile.readSettingAsEnum(PwmSetting.RECOVERY_TOKEN_SEND_METHOD, MessageSendMethod.class);
+
+            }
             final UserDataReader userDataReader = new LdapUserDataReader(userIdentity, chaiUser);
             final LoginInfoBean loginInfoBean = new LoginInfoBean();
             loginInfoBean.setUserCurrentPassword(newPassword);
@@ -512,7 +516,7 @@ public class PasswordUtility {
                     macroMachine,
                     newPassword,
                     pwmSession.getSessionStateBean().getLocale(),
-                    MessageSendMethod.EMAILONLY
+                    messageSendMethod
             );
         }
     }

pwm/servlet/src/password/pwm/util/queue/EmailQueueManager.java

@@ -222,11 +222,18 @@ public class
         // create a new Session object for the message
         final javax.mail.Session session = javax.mail.Session.getInstance(javaMailProps, null);
 
-        final Message message = new MimeMessage(session);
+        final MimeMessage message = new MimeMessage(session);
         message.setFrom();
         message.setFrom(makeInternetAddress(emailItemBean.getFrom()));
         message.setRecipients(Message.RecipientType.TO, new InternetAddress[]{makeInternetAddress(emailItemBean.getTo())});
-        message.setSubject(emailItemBean.getSubject());
+        {
+            final String subjectEncodingCharset = pwmApplication.getConfig().readAppProperty(AppProperty.SMTP_SUBJECT_ENCODING_CHARSET);
+            if (subjectEncodingCharset != null && !subjectEncodingCharset.isEmpty()) {
+                message.setSubject(emailItemBean.getSubject(), subjectEncodingCharset);
+            } else {
+                message.setSubject(emailItemBean.getSubject());
+            }
+        }
         message.setSentDate(new Date());
 
         if (hasPlainText && hasHtml) {

pwm/servlet/src/password/pwm/util/report/ReportService.java

@@ -55,6 +55,9 @@ import java.math.BigDecimal;
 import java.math.BigInteger;
 import java.math.MathContext;
 import java.util.*;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.TimeUnit;
 
 public class ReportService implements PwmService {
     private static final PwmLogger LOGGER = PwmLogger.forClass(ReportService.class);
@@ -66,7 +69,7 @@ public class ReportService implements PwmService {
     private boolean cancelFlag = false;
     private ReportStatusInfo reportStatus = new ReportStatusInfo("");
     private ReportSummaryData summaryData = ReportSummaryData.newSummaryData(null);
-    private Timer timer;
+    private ScheduledExecutorService executor;
 
     private UserCacheService userCacheService;
     private ReportSettings settings = new ReportSettings();
@@ -134,21 +137,23 @@ public class ReportService implements PwmService {
 
         reportStatus.setInProgress(false);
 
-        timer = new Timer();
+        executor = Executors.newSingleThreadScheduledExecutor(
+                Helper.makePwmThreadFactory(
+                        Helper.makeThreadName(pwmApplication,this.getClass()) + "-",
+                        true
+                ));
 
-        final Date nextZuluZeroTime = Helper.nextZuluZeroTime();
-        if (settings.getJobOffsetSeconds() >= 0) {
-            final long nextScheduleTime = nextZuluZeroTime.getTime() + (settings.getJobOffsetSeconds() * 1000);
-            timer.scheduleAtFixedRate(new DredgeTask(),new Date(nextScheduleTime), TimeDuration.DAY.getTotalMilliseconds());
-        }
+        final long secondsUntilNextEvent = settings.getJobOffsetSeconds() + TimeDuration.fromCurrent(Helper.nextZuluZeroTime()).getTotalSeconds();
+        executor.scheduleAtFixedRate(new DredgeTask(), secondsUntilNextEvent, TimeDuration.DAY.getTotalSeconds(), TimeUnit.SECONDS);
 
         String startupMsg = "report service started with " + this.userCacheService.size() + " cached records";
         if (summaryData != null && summaryData.getMeanCacheTime() != null) {
             startupMsg += ", mean record timestamp " + PwmConstants.DEFAULT_DATETIME_FORMAT.format(this.summaryData.getMeanCacheTime());
         }
         LOGGER.debug(startupMsg);
-        timer.schedule(new RolloverTask(), 1);
-        timer.scheduleAtFixedRate(new RolloverTask(), nextZuluZeroTime, TimeDuration.DAY.getTotalMilliseconds());
+
+        executor.schedule(new RolloverTask(), 10, TimeUnit.SECONDS);
+        executor.scheduleAtFixedRate(new RolloverTask(), secondsUntilNextEvent, TimeDuration.DAY.getTotalSeconds(), TimeUnit.SECONDS);
 
         status = STATUS.OPEN;
     }
@@ -156,12 +161,13 @@ public class ReportService implements PwmService {
     @Override
     public void close()
     {
+        status = STATUS.CLOSED;
         saveTempData();
         pwmApplication.writeAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG, "true");
         if (userCacheService != null) {
             userCacheService.close();
         }
-        status = STATUS.CLOSED;
+        executor.shutdown();
     }
 
     private void saveTempData() {
@@ -178,9 +184,7 @@ public class ReportService implements PwmService {
     {
         final String cleanFlag = pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG);
         if (!"true".equals(cleanFlag)) {
-            LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL,"did not shut down cleanly, will clear cached report data");
-            clear();
-            return;
+            LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, "did not shut down cleanly");
         }
 
         try {
@@ -216,7 +220,8 @@ public class ReportService implements PwmService {
 
     public void scheduleImmediateUpdate() {
         if (!reportStatus.isInProgress()) {
-            timer.schedule(new DredgeTask(),1);
+            executor.submit(new DredgeTask());
+            LOGGER.trace("submitted new ldap dredge task to executor");
         }
     }
 
@@ -276,23 +281,13 @@ public class ReportService implements PwmService {
 
     private void updateRestingCacheData() {
         final long startTime = System.currentTimeMillis();
-        final Timer timer = new Timer(Helper.makeThreadName(this.pwmApplication,ReportService.class) + " - cache review process");
-        final Map<Integer,Integer> examinedRecordHolder = new HashMap<>(); // needed for inner class access, its just for debug log so concurrency not required
-        examinedRecordHolder.put(0, 0);
         int examinedRecords = 0;
         ClosableIterator<UserCacheRecord> iterator = null;
         try {
             iterator = iterator();
-            timer.schedule(new TimerTask() {
-                @Override
-                public void run() {
-                    final TimeDuration progressDuration = TimeDuration.fromCurrent(startTime);
-                    final int count = examinedRecordHolder.get(0);
-                    LOGGER.trace(PwmConstants.REPORTING_SESSION_LABEL,"cache review process in progress, examined "
-                            + count + " records in " + progressDuration.asCompactString());
-                }
-            }, 30 * 1000, 30 * 1000);
             LOGGER.debug(PwmConstants.REPORTING_SESSION_LABEL, "beginning cache review process");
+
+            Date lastLogOutputTime = new Date();
             while (iterator.hasNext() && status == STATUS.OPEN) {
                 final UserCacheRecord record = iterator.next(); // (purge routine is embedded in next();
 
@@ -301,13 +296,18 @@ public class ReportService implements PwmService {
                 }
 
                 examinedRecords++;
-                examinedRecordHolder.put(0, examinedRecords);
+
+                if (TimeDuration.fromCurrent(lastLogOutputTime).isLongerThan(30, TimeUnit.SECONDS)) {
+                    final TimeDuration progressDuration = TimeDuration.fromCurrent(startTime);
+                    LOGGER.trace(PwmConstants.REPORTING_SESSION_LABEL,"cache review process in progress, examined "
+                            + examinedRecords + " records in " + progressDuration.asCompactString());
+                    lastLogOutputTime = new Date();
+                }
             }
             final TimeDuration totalTime = TimeDuration.fromCurrent(startTime);
             LOGGER.debug(PwmConstants.REPORTING_SESSION_LABEL,
                     "completed cache review process of " + examinedRecords + " cached report records in " + totalTime.asCompactString());
         } finally {
-            timer.cancel();
             if (iterator != null) {
                 iterator.close();
             }
@@ -599,7 +599,7 @@ public class ReportService implements PwmService {
         return summaryData;
     }
 
-    private class DredgeTask extends TimerTask {
+    private class DredgeTask implements Runnable {
         @Override
         public void run()
         {
@@ -608,12 +608,14 @@ public class ReportService implements PwmService {
             } catch (Exception e) {
                 if (e instanceof PwmException) {
                     if (((PwmException) e).getErrorInformation().getError() == PwmError.ERROR_DIRECTORY_UNAVAILABLE) {
-                        if (timer != null) {
-                            timer.schedule(new DredgeTask(),10 * 60 * 1000);
+                        if (executor != null) {
+                            LOGGER.error("directory unavailable error during background DredgeTask, will retry; error: " + e.getMessage());
+                            executor.schedule(new DredgeTask(), 10, TimeUnit.MINUTES);
                         }
+                    } else {
+                        LOGGER.error("error during background DredgeTask: " + e.getMessage());
                     }
                 }
-                LOGGER.warn(PwmConstants.REPORTING_SESSION_LABEL,"unable to dredge ldap due to error: " + e.getMessage());
             }
         }
     }
@@ -670,5 +672,4 @@ public class ReportService implements PwmService {
         }
         return 0;
     }
-
 }

pwm/servlet/web/WEB-INF/jsp/activateuser-agreement.jsp

@@ -39,7 +39,7 @@
         <br/><br/>
         <div id="agreementText" class="agreementText"><%= expandedText %></div>
         <div class="buttonbar">
-            <form action="<pwm:url url='ActivateUser'/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" style="display: inline;">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" style="display: inline;">
                 <%-- remove the next line to remove the "I Agree" checkbox --%>
                 <label class="checkboxWrapper">
                     <input type="checkbox" id="agreeCheckBox"/>
@@ -53,8 +53,7 @@
                 </button>
                 <input type="hidden" name="pwmFormID" id="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form action="<pwm:context/>/public/<pwm:url url='ActivateUser'/>" method="post"
-                  enctype="application/x-www-form-urlencoded" style="display: inline;">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" style="display: inline;">
                 <input type="hidden" name="processAction" value="reset"/>
                 <%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
                 <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>

pwm/servlet/web/WEB-INF/jsp/activateuser-entercode.jsp

@@ -41,7 +41,7 @@
         <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
         <h2><label for="<%=PwmConstants.PARAM_TOKEN%>"><pwm:display key="Field_Code"/></label></h2>
         <div class="buttonbar">
-            <form action="<pwm:url url='ActivateUser'/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form" style="display: inline;">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form" style="display: inline;">
                 <textarea id="<%=PwmConstants.PARAM_TOKEN%>" name="<%=PwmConstants.PARAM_TOKEN%>" class="tokenInput"></textarea>
                 <button type="submit" class="btn" name="search" id="submitBtn">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-check"></span>&nbsp</pwm:if>
@@ -51,9 +51,7 @@
                 <input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>
             </form>
             <pwm:if test="showCancel">
-                <form action="<pwm:context/>/public/<pwm:url url='ActivateUser'/>" method="post"
-                      enctype="application/x-www-form-urlencoded"
-                      style="display: inline;">
+                <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" style="display: inline;">
                     <input type="hidden" name="processAction" value="reset"/>
                     <button type="submit" name="button" class="btn" id="buttonCancel">
                         <pwm:if test="showIcons"><span class="btn-icon fa fa-times"></span>&nbsp</pwm:if>

pwm/servlet/web/WEB-INF/jsp/activateuser.jsp

@@ -21,8 +21,7 @@
   --%>
 
 <!DOCTYPE html>
-<%@ page language="java" session="true" isThreadSafe="true"
-         contentType="text/html" %>
+<%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
 <html dir="<pwm:LocaleOrientation/>">
 <%@ include file="fragment/header.jsp" %>
@@ -33,7 +32,7 @@
     </jsp:include>
     <div id="centerbody">
         <p><pwm:display key="Display_ActivateUser"/></p>
-        <form action="<pwm:url url='ActivateUser'/>" method="post" name="activateUser" enctype="application/x-www-form-urlencoded" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" name="activateUser" enctype="application/x-www-form-urlencoded" class="pwm-form">
             <%@ include file="fragment/message.jsp" %>
             <%@ include file="/WEB-INF/jsp/fragment/ldap-selector.jsp" %>
             <jsp:include page="fragment/form.jsp"/>
@@ -50,13 +49,6 @@
     </div>
     <div class="push"></div>
 </div>
-<pwm:script>
-<script type="text/javascript">
-    PWM_GLOBAL['startupFunctions'].push(function(){
-        document.forms.activateUser.elements[0].focus();
-    });
-</script>
-</pwm:script>
 <%@ include file="/WEB-INF/jsp/fragment/cancel-form.jsp" %>
 <%@ include file="fragment/footer.jsp" %>
 </body>

pwm/servlet/web/WEB-INF/jsp/admin-activity.jsp

@@ -100,7 +100,7 @@
                         <pwm:if test="showIcons"><span class="btn-icon fa fa-refresh">&nbsp;</span></pwm:if>
                         <pwm:display key="Button_Refresh" bundle="Admin"/>
                     </button>
-                    <form action="Administration" method="post" enctype="application/x-www-form-urlencoded">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded">
                         <button type="submit" class="btn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-download"></span></pwm:if>
                             <pwm:display key="Button_DownloadCSV" bundle="Admin"/>
@@ -121,7 +121,7 @@
                         <pwm:if test="showIcons"><span class="btn-icon fa fa-refresh">&nbsp;</span></pwm:if>
                         <pwm:display key="Button_Refresh" bundle="Admin"/>
                     </button>
-                    <form action="Administration" method="post" enctype="application/x-www-form-urlencoded">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded">
                         <button type="submit" class="btn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-download"></span></pwm:if>
                             <pwm:display key="Button_DownloadCSV" bundle="Admin"/>
@@ -142,7 +142,7 @@
                         <pwm:if test="showIcons"><span class="btn-icon fa fa-refresh">&nbsp;</span></pwm:if>
                         <pwm:display key="Button_Refresh" bundle="Admin"/>
                     </button>
-                    <form action="Administration" method="post" enctype="application/x-www-form-urlencoded">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded">
                         <button type="submit" class="btn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-download"></span></pwm:if>
                             <pwm:display key="Button_DownloadCSV" bundle="Admin"/>

pwm/servlet/web/WEB-INF/jsp/admin-analysis.jsp

@@ -74,7 +74,7 @@
                         <pwm:display key="Notice_ReportSummary" bundle="Admin"/>
                     </div>
                     <div style="text-align: center">
-                        <form action="<pwm:url url="Administration"/>" method="post">
+                        <form action="<pwm:current-url/>" method="post">
                             <button type="submit" class="btn" id="button-downloadUserSummaryCsv">
                                 <pwm:if test="showIcons"><span class="btn-icon fa fa-download">&nbsp;</span></pwm:if>
                                 <pwm:display key="Button_DownloadCSV" bundle="Admin"/>
@@ -95,7 +95,7 @@
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-refresh">&nbsp;</span></pwm:if>
                             <pwm:display key="Button_Refresh" bundle="Admin"/>
                         </button>
-                        <form action="<pwm:url url="Administration"/>" method="post">
+                        <form action="<pwm:current-url/>" method="post">
                             <button type="submit" class="btn" id="button-downloadUserReportCsv">
                                 <pwm:if test="showIcons"><span class="btn-icon fa fa-download">&nbsp;</span></pwm:if>
                                 <pwm:display key="Button_DownloadCSV" bundle="Admin"/>
@@ -159,7 +159,7 @@
                         <table>
                             <tr>
                                 <td colspan="10" style="text-align: center">
-                                    <form action="<pwm:url url='Administration'/>" method="GET" enctype="application/x-www-form-urlencoded"
+                                    <form action="<pwm:current-url/>" method="GET" enctype="application/x-www-form-urlencoded"
                                           name="statsUpdateForm" id="statsUpdateForm">
                                         <select name="statsPeriodSelect"
                                                 style="width: 500px;" data-dojo-props="maxHeight: -1">
@@ -199,7 +199,7 @@
                         <pwm:display key="Notice_EventStatistics" bundle="Admin"/>
                     </div>
                     <div style="text-align: center">
-                        <form action="Administration" method="post" enctype="application/x-www-form-urlencoded">
+                        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded">
                             <button type="submit" class="btn" id="button-downloadStatisticsLogCsv">
                                 <pwm:if test="showIcons"><span class="btn-icon fa fa-download"></span></pwm:if>
                                 <pwm:display key="Button_DownloadCSV" bundle="Admin"/>

pwm/servlet/web/WEB-INF/jsp/admin-logview.jsp

@@ -44,7 +44,7 @@
     </jsp:include>
     <div id="centerbody" style="width: 96%; margin-left: 2%; margin-right: 2%; background: white">
         <%@ include file="fragment/admin-nav.jsp" %>
-        <form action="Administration" method="post" enctype="application/x-www-form-urlencoded"
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded"
               name="searchForm" id="searchForm" class="pwm-form">
             <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
             <table style="">

pwm/servlet/web/WEB-INF/jsp/admin-tokenlookup.jsp

@@ -1,7 +1,6 @@
 <%@ page import="password.pwm.error.PwmError" %>
 <%@ page import="password.pwm.error.PwmException" %>
 <%@ page import="password.pwm.error.PwmOperationalException" %>
-<%@ page import="password.pwm.http.JspUtility" %>
 <%@ page import="password.pwm.token.TokenPayload" %>
 <%@ page import="java.util.Iterator" %>
 <%--
@@ -160,7 +159,7 @@
         </table>
         <br/>
         <% } %>
-        <form id="tokenForm" action="Administration" method="post">
+        <form id="tokenForm" action="<pwm:current-url/>" method="post">
             <textarea name="token" id="token" style="width: 580px; height: 150px"></textarea>
             <div class="buttonbar">
                 <button type="submit" name="submitBtn" class="btn" type="submit">

pwm/servlet/web/private/debug.jsp → pwm/servlet/web/WEB-INF/jsp/admin-user-debug.jsp

@@ -1,86 +1,87 @@
-<%--
-  ~ Password Management Servlets (PWM)
-  ~ http://code.google.com/p/pwm/
-  ~
-  ~ Copyright (c) 2006-2009 Novell, Inc.
-  ~ Copyright (c) 2009-2015 The PWM Project
-  ~
-  ~ This program is free software; you can redistribute it and/or modify
-  ~ it under the terms of the GNU General Public License as published by
-  ~ the Free Software Foundation; either version 2 of the License, or
-  ~ (at your option) any later version.
-  ~
-  ~ This program is distributed in the hope that it will be useful,
-  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
-  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-  ~ GNU General Public License for more details.
-  ~
-  ~ You should have received a copy of the GNU General Public License
-  ~ along with this program; if not, write to the Free Software
-  ~ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-  --%>
-
-<%@ page import="password.pwm.Permission" %>
-<% final PwmRequest debug_pwmRequest = PwmRequest.forRequest(request,response); %>
-<% final PwmSession debug_pwmSession = debug_pwmRequest.getPwmSession(); %>
-<!DOCTYPE html>
-<%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
-<%@ taglib uri="pwm" prefix="pwm" %>
-<html dir="<pwm:LocaleOrientation/>">
-<%@ include file="/WEB-INF/jsp/fragment/header.jsp" %>
-<body class="nihilo">
-<div id="wrapper">
-    <jsp:include page="/WEB-INF/jsp/fragment/header-body.jsp">
-        <jsp:param name="pwm.PageName" value="Debug"/>
-    </jsp:include>
-    <div id="centerbody">
-        <table>
-            <tr>
-                <td class="key">UserDN</td>
-                <td><pwm:macro value="@LDAP:dn@"/></td>
-            </tr>
-            <tr>
-                <td class="key">Ldap Profile</td>
-                <td><%="".equals(debug_pwmSession.getUserInfoBean().getUserIdentity().getLdapProfileID()) ? "default" : debug_pwmSession.getUserInfoBean().getUserIdentity().getLdapProfileID()%></td>
-            </tr>
-            <tr>
-                <td class="key">AuthType</td>
-                <td><%=debug_pwmSession.getLoginInfoBean().getAuthenticationType()%></td>
-            </tr>
-            <tr>
-                <td class="key">Session Creation Time</td>
-                <td><%=PwmConstants.DEFAULT_DATETIME_FORMAT.format(debug_pwmSession.getSessionStateBean().getSessionCreationTime())%></td>
-            </tr>
-            <tr>
-                <td class="key">Session ForwardURL</td>
-                <td><%=debug_pwmSession.getSessionStateBean().getForwardURL()%></td>
-            </tr>
-            <tr>
-                <td class="key">Session LogoutURL</td>
-                <td><%=debug_pwmSession.getSessionStateBean().getLogoutURL()%></td>
-            </tr>
-        </table>
-        <table>
-            <% for (final Permission permission : Permission.values()) { %>
-            <tr>
-                <td class="key"><%=permission.toString()%></td>
-                <td><%=debug_pwmSession.getSessionManager().checkPermission(debug_pwmRequest.getPwmApplication(), permission)%></td>
-            </tr>
-            <% } %>
-        </table>
-        <div class="buttonbar">
-            <form action="<pwm:context/>/public/<pwm:url url='CommandServlet'/>" method="post"
-                  enctype="application/x-www-form-urlencoded">
-                <input tabindex="2" type="submit" name="continue_btn" class="btn"
-                       value="    <pwm:display key="Button_Continue"/>    "/>
-                <input type="hidden"
-                       name="processAction"
-                       value="continue"/>
-            </form>
-        </div>
-    </div>
-    <div class="push"></div>
-</div>
-<jsp:include page="/WEB-INF/jsp/fragment/footer.jsp"/>
-</body>
-</html>
+<%--
+  ~ Password Management Servlets (PWM)
+  ~ http://code.google.com/p/pwm/
+  ~
+  ~ Copyright (c) 2006-2009 Novell, Inc.
+  ~ Copyright (c) 2009-2015 The PWM Project
+  ~
+  ~ This program is free software; you can redistribute it and/or modify
+  ~ it under the terms of the GNU General Public License as published by
+  ~ the Free Software Foundation; either version 2 of the License, or
+  ~ (at your option) any later version.
+  ~
+  ~ This program is distributed in the hope that it will be useful,
+  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  ~ GNU General Public License for more details.
+  ~
+  ~ You should have received a copy of the GNU General Public License
+  ~ along with this program; if not, write to the Free Software
+  ~ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+  --%>
+
+<%@ page import="password.pwm.Permission" %>
+<%@ page import="password.pwm.http.JspUtility" %>
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
+<% final PwmRequest debug_pwmRequest = JspUtility.getPwmRequest(pageContext); %>
+<% final PwmSession debug_pwmSession = debug_pwmRequest.getPwmSession(); %>
+<!DOCTYPE html>
+<%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
+<%@ taglib uri="pwm" prefix="pwm" %>
+<html dir="<pwm:LocaleOrientation/>">
+<%@ include file="/WEB-INF/jsp/fragment/header.jsp" %>
+<body class="nihilo">
+<div id="wrapper">
+    <jsp:include page="/WEB-INF/jsp/fragment/header-body.jsp">
+        <jsp:param name="pwm.PageName" value="Debug"/>
+    </jsp:include>
+    <div id="centerbody">
+        <table>
+            <tr>
+                <td class="key">UserDN</td>
+                <td><pwm:macro value="@LDAP:dn@"/></td>
+            </tr>
+            <tr>
+                <td class="key">Ldap Profile</td>
+                <td><%="".equals(debug_pwmSession.getUserInfoBean().getUserIdentity().getLdapProfileID()) ? "default" : debug_pwmSession.getUserInfoBean().getUserIdentity().getLdapProfileID()%></td>
+            </tr>
+            <tr>
+                <td class="key">AuthType</td>
+                <td><%=debug_pwmSession.getLoginInfoBean().getAuthenticationType()%></td>
+            </tr>
+            <tr>
+                <td class="key">Session Creation Time</td>
+                <td><%=PwmConstants.DEFAULT_DATETIME_FORMAT.format(debug_pwmSession.getSessionStateBean().getSessionCreationTime())%></td>
+            </tr>
+            <tr>
+                <td class="key">Session ForwardURL</td>
+                <td><%=debug_pwmSession.getSessionStateBean().getForwardURL()%></td>
+            </tr>
+            <tr>
+                <td class="key">Session LogoutURL</td>
+                <td><%=debug_pwmSession.getSessionStateBean().getLogoutURL()%></td>
+            </tr>
+        </table>
+        <table>
+            <% for (final Permission permission : Permission.values()) { %>
+            <tr>
+                <td class="key"><%=permission.toString()%></td>
+                <td><%=debug_pwmSession.getSessionManager().checkPermission(debug_pwmRequest.getPwmApplication(), permission)%></td>
+            </tr>
+            <% } %>
+        </table>
+        <div class="buttonbar">
+            <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
+                <input tabindex="2" type="submit" name="continue_btn" class="btn"
+                       value="    <pwm:display key="Button_Continue"/>    "/>
+                <input type="hidden"
+                       name="processAction"
+                       value="continue"/>
+            </form>
+        </div>
+    </div>
+    <div class="push"></div>
+</div>
+<jsp:include page="/WEB-INF/jsp/fragment/footer.jsp"/>
+</body>
+</html>

pwm/servlet/web/WEB-INF/jsp/application-unavailable.jsp

@@ -25,9 +25,7 @@
 
 <!DOCTYPE html>
 <%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
-<%
-    final ErrorInformation startupError = (ErrorInformation)request.getAttribute(PwmConstants.REQUEST_ATTR.PwmErrorInfo.toString());
-%>
+<% final ErrorInformation startupError = (ErrorInformation)request.getAttribute(PwmConstants.REQUEST_ATTR.PwmErrorInfo.toString()); %>
 <html>
 <head>
     <title><%=PwmConstants.PWM_APP_NAME%></title>
@@ -35,7 +33,7 @@
     <meta name="viewport" content="width=device-width, initial-scale = 1.0, user-scalable=no"/>
     <meta http-equiv="X-UA-Compatible" content="IE=10; IE=9; IE=8; IE=7" />
     <link rel="icon" type="image/x-icon" href="<pwm:context/>/public/resources/favicon.ico"/>
-    <link href="<pwm:context/>/public/resources/style.css" rel="stylesheet" type="text/css" media="screen"/>
+    <link href="<%=request.getContextPath()%>/public/resources/style.css" rel="stylesheet" type="text/css" media="screen"/>
         <script type="text/javascript">
         </script>
 </head>

pwm/servlet/web/WEB-INF/jsp/captcha.jsp

@@ -51,7 +51,7 @@
         <%@ include file="fragment/message.jsp" %>
         <br/>
         <div id="captcha-loading" class="WaitDialogBlank"></div>
-        <form action="<pwm:url url='Captcha'/>" method="post" enctype="application/x-www-form-urlencoded" id="verifyCaptcha" name="verifyCaptcha" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" id="verifyCaptcha" name="verifyCaptcha" class="pwm-form">
             <input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>
 
             <center>

pwm/servlet/web/WEB-INF/jsp/changepassword-agreement.jsp

@@ -1,4 +1,5 @@
 <%@ page import="password.pwm.bean.PasswordStatus" %>
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -41,8 +42,7 @@
         <br/>
         <div id="agreementText" class="agreementText"><%= (String)JspUtility.getAttribute(pageContext,PwmConstants.REQUEST_ATTR.AgreementText) %></div>
         <div class="buttonbar">
-            <form action="<pwm:url url='ChangePassword'/>" method="post"
-                  enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" autocomplete="off">
                 <%-- remove the next line to remove the "I Agree" checkbox --%>
                 <label class="checkboxWrapper">
                     <input type="checkbox" id="agreeCheckBox"/>
@@ -57,7 +57,7 @@
                 </button>
                 <input type="hidden" name="pwmFormID" id="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form action="<pwm:url url='/public/Logout' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:url url='<%=PwmServletDefinition.Logout.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
                 <button type="submit" name="button" class="btn" id="button_logout">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-sign-out"></span></pwm:if>
                     <pwm:display key="Button_Logout"/>

pwm/servlet/web/WEB-INF/jsp/changepassword-complete.jsp

@@ -1,3 +1,4 @@
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -36,7 +37,7 @@
         <br/>
         <div id="agreementText" class="agreementText"><%= expandedText %></div>
         <div class="buttonbar">
-            <form action="<pwm:url url='/public/CommandServlet' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form">
+            <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form">
                     <input type="hidden" name="processAction" value="continue"/>
                     <button type="submit" name="button" class="btn" id="submitBtn">
                         <pwm:if test="showIcons"><span class="btn-icon fa fa-forward"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/changepassword-form.jsp

@@ -39,7 +39,7 @@
         <p><pwm:display key="Display_ChangePasswordForm"/></p>
         <%@ include file="fragment/message.jsp" %>
         <br/>
-        <form action="<pwm:url url='ChangePassword'/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" name="changePasswordForm" id="changePasswordForm">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" name="changePasswordForm" id="changePasswordForm" autocomplete="off">
             <% if (JspUtility.getPwmSession(pageContext).getChangePasswordBean().isCurrentPasswordRequired()) { %>
             <h1>
                 <label for="currentPassword"><pwm:display key="Field_CurrentPassword"/></label>

pwm/servlet/web/WEB-INF/jsp/changepassword-warn.jsp

@@ -50,7 +50,7 @@
         </p>
 
         <div class="buttonbar">
-            <form action="<pwm:url url='ChangePassword'/>" method="post"
+            <form action="<pwm:current-url/>" method="post"
                   enctype="application/x-www-form-urlencoded">
                 <input type="hidden" name="processAction" value="warnResponse"/>
                 <input type="hidden" name="warnResponse" value="change"/>
@@ -61,7 +61,7 @@
                 </button>
                 <input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form action="<pwm:url url='ChangePassword'/>" method="post" name="setupOtpSecret-skip"
+            <form action="<pwm:current-url/>" method="post" name="setupOtpSecret-skip"
                   enctype="application/x-www-form-urlencoded" id="setupOtpSecret-skip" class="pwm-form">
                 <input type="hidden" name="processAction" value="warnResponse"/>
                 <input type="hidden" name="warnResponse" value="skip"/>
@@ -69,7 +69,7 @@
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-fighter-jet"></span></pwm:if>
                     <pwm:display key="Button_Skip"/>
                 </button>
-                <input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>
+                <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
             </form>
         </div>
     </div>

pwm/servlet/web/WEB-INF/jsp/changepassword.jsp

@@ -49,7 +49,7 @@
         <% } %>
         <br/>
         <%@ include file="fragment/message.jsp" %>
-        <form action="<pwm:url url='ChangePassword'/>" method="post" enctype="application/x-www-form-urlencoded" id="changePasswordForm">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" id="changePasswordForm" autocomplete="off">
             <table style="border:0">
                 <tr>
                     <td style="border:0;">

pwm/servlet/web/WEB-INF/jsp/configmanager-login.jsp

@@ -43,7 +43,7 @@
     </jsp:include>
     <div id="centerbody">
         <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
-        <form action="<pwm:url url='ConfigManager'/>" method="post" id="configLogin" name="configLogin" enctype="application/x-www-form-urlencoded"
+        <form action="<pwm:current-url/>" method="post" id="configLogin" name="configLogin" enctype="application/x-www-form-urlencoded"
               class="pwm-form">
             <h1>Configuration Password</h1>
             <br class="clear"/>

pwm/servlet/web/WEB-INF/jsp/error-http.jsp

@@ -1,5 +1,6 @@
 <%@ page import="password.pwm.error.PwmError" %>
 <%@ page import="password.pwm.http.JspUtility" %>
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%@ page import="password.pwm.util.StringUtil" %>
 <%--
   ~ Password Management Servlets (PWM)
@@ -62,8 +63,7 @@
         <br/>
         <br/>
         <div class="buttonbar">
-            <form action="<pwm:context/>/public/<pwm:url url='CommandServlet'/>" method="post"
-                  enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
                 <input type="hidden"
                        name="processAction"
                        value="continue"/>

pwm/servlet/web/WEB-INF/jsp/error.jsp

@@ -1,5 +1,6 @@
 <%@ page import="password.pwm.error.ErrorInformation" %>
 <%@ page import="password.pwm.http.JspUtility" %>
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -49,8 +50,7 @@
         <pwm:if test="showErrorDetail">
         <% if (errorInformation != null && !errorInformation.getError().isErrorIsPermanent()) { %>
         <div class="buttonbar">
-            <form action="<pwm:context/>/public/<pwm:url url='CommandServlet'/>" method="post"
-                  enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
                 <input type="hidden" name="processAction" value="continue"/>
                 <button type="submit" name="button" class="btn" id="button_continue" autofocus="autofocus">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-forward"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-actionchoice.jsp

@@ -1,4 +1,3 @@
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -37,8 +36,7 @@
         <table class="noborder">
             <tr>
                 <td>
-                    <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-                          enctype="application/x-www-form-urlencoded" name="search">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search">
                         <button class="btn" type="submit" name="submitBtn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-unlock"></span></pwm:if>
                             <pwm:display key="Button_UnlockPassword"/>
@@ -59,8 +57,7 @@
             </tr>
             <tr>
                 <td>
-                    <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-                          enctype="application/x-www-form-urlencoded" name="search">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search">
                         <button class="btn" type="submit" name="submitBtn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-key"></span></pwm:if>
                             <pwm:display key="Button_ChangePassword"/>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-attributes.jsp

@@ -46,8 +46,7 @@ this is handled this way so on browsers where hiding fields is not possible, the
     <div id="centerbody">
         <p><pwm:display key="Display_RecoverPassword"/></p>
 
-        <form name="responseForm" action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-              enctype="application/x-www-form-urlencoded" class="pwm-form">
+        <form name="responseForm" action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
 
             <% // loop through required attributes (challenge.requiredAttributes), if any are configured

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-enterotp.jsp

@@ -45,7 +45,7 @@
         <% } else { %>
         <p><pwm:display key="Display_RecoverOTP" /></p>
         <% } %>
-        <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <h2><label for="<%=PwmConstants.PARAM_TOKEN%>"><pwm:display key="Field_Code"/></label></h2>
             <input type="text" pattern="[0-9]*" id="<%=PwmConstants.PARAM_TOKEN%>" name="<%=PwmConstants.PARAM_TOKEN%>" class="inputfield" required="required" autofocus/>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-entertoken.jsp

@@ -23,7 +23,6 @@
 <!DOCTYPE html>
 <%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
 <%@ page import="password.pwm.http.bean.ForgottenPasswordBean" %>
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%@ page import="password.pwm.http.servlet.forgottenpw.ForgottenPasswordServlet" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
 <%@ include file="fragment/header.jsp" %>
@@ -39,8 +38,7 @@
             String destination = fpb.getProgress().getTokenSentAddress();
         %>
         <p><pwm:display key="Display_RecoverEnterCode" value1="<%=destination%>"/></p>
-        <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-              enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <h2><label for="<%=PwmConstants.PARAM_TOKEN%>"><pwm:display key="Field_Code"/></label></h2>
             <textarea id="<%=PwmConstants.PARAM_TOKEN%>" name="<%=PwmConstants.PARAM_TOKEN%>" class="tokenInput" required="required" <pwm:autofocus/> ></textarea>
@@ -69,11 +67,11 @@
     </div>
     <div class="push"></div>
 </div>
-<form id="form-goBack" action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post">
+<form id="form-goBack" action="<pwm:current-url/>" method="post">
     <input type="hidden" name="processAction" value="<%=ForgottenPasswordServlet.ForgottenPasswordAction.verificationChoice%>"/>
     <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
 </form>
-<form id="form-cancel" action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post">
+<form id="form-cancel" action="<pwm:current-url/>" method="post">
     <input type="hidden" name="processAction" value="<%=ForgottenPasswordServlet.ForgottenPasswordAction.reset%>"/>
     <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
 </form>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-method.jsp

@@ -1,5 +1,4 @@
 <%@ page import="password.pwm.config.option.RecoveryVerificationMethods" %>
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%@ page import="java.util.HashSet" %>
 <%@ page import="java.util.Set" %>
 <%--
@@ -51,8 +50,7 @@
             <% if (method.isUserSelectable()) { %>
             <tr>
                 <td>
-                    <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-                          enctype="application/x-www-form-urlencoded" class="pwm-form" id="form-<%=method.toString()%>">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" id="form-<%=method.toString()%>">
                         <button class="btn" type="submit" name="submitBtn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-forward"></span></pwm:if>
                             <%=method.getLabel(pwmRequest.getConfig(),pwmRequest.getLocale())%>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-naaf.jsp

@@ -39,7 +39,7 @@
             final String instructions = (String)JspUtility.getAttribute(pageContext,PwmConstants.REQUEST_ATTR.ForgottenPasswordInstructions);
         %>
         <p><%=instructions%></p>
-        <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <br/>
             <% for (final RecoveryVerificationMethod.UserPrompt userPrompt : prompts) { %>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-remote.jsp

@@ -39,7 +39,7 @@
             final String instructions = (String)JspUtility.getAttribute(pageContext,PwmConstants.REQUEST_ATTR.ForgottenPasswordInstructions);
         %>
         <p><%=instructions%></p>
-        <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <br/>
             <% for (final RecoveryVerificationMethod.UserPrompt userPrompt : prompts) { %>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-responses.jsp

@@ -41,8 +41,7 @@ this is handled this way so on browsers where hiding fields is not possible, the
     <div id="centerbody">
         <p><pwm:display key="Display_RecoverPassword"/></p>
 
-        <form name="responseForm" action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-              enctype="application/x-www-form-urlencoded" class="pwm-form">
+        <form name="responseForm" action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
 
             <% // loop through challenges

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-search.jsp

@@ -1,4 +1,3 @@
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%@ page import="password.pwm.http.servlet.forgottenpw.ForgottenPasswordServlet" %>
 <%--
   ~ Password Management Servlets (PWM)
@@ -34,7 +33,7 @@
     </jsp:include>
     <div id="centerbody">
         <p><pwm:display key="Display_ForgottenPassword"/></p>
-        <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post" enctype="application/x-www-form-urlencoded"
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" autocomplete="off"
               name="searchForm" class="pwm-form" id="searchForm">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <%@ include file="/WEB-INF/jsp/fragment/ldap-selector.jsp" %>
@@ -59,7 +58,7 @@
     </div>
     <div class="push"></div>
 </div>
-<form id="form-cancelButton" action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post">
+<form id="form-cancelButton" action="<pwm:current-url/>" method="post">
     <input type="hidden" name="processAction" value="<%=ForgottenPasswordServlet.ForgottenPasswordAction.reset%>"/>
     <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
 </form>

pwm/servlet/web/WEB-INF/jsp/forgottenpassword-tokenchoice.jsp

@@ -1,4 +1,3 @@
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -37,8 +36,7 @@
         <table class="noborder">
             <tr>
                 <td style="text-align: center">
-                    <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-                          enctype="application/x-www-form-urlencoded" name="search">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search">
                         <button class="btn" type="submit" name="submitBtn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-file-text"></span></pwm:if>
                             <pwm:display key="Button_Email"/>
@@ -59,8 +57,7 @@
             </tr>
             <tr>
                 <td style="text-align: center">
-                    <form action="<pwm:url url='<%=PwmServletDefinition.ForgottenPassword.servletUrlName()%>'/>" method="post"
-                          enctype="application/x-www-form-urlencoded" name="search">
+                    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="search">
                         <button class="btn" type="submit" name="submitBtn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-phone"></span></pwm:if>
                             <pwm:display key="Button_SMS"/>

pwm/servlet/web/WEB-INF/jsp/forgottenusername-search.jsp

@@ -34,8 +34,7 @@
         <p><pwm:display key="Display_ForgottenUsername"/></p>
         <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
         <br/>
-        <form action="<pwm:url url='ForgottenUsername'/>" method="post" enctype="application/x-www-form-urlencoded"
-              name="searchForm" class="pwm-form" id="searchForm">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="searchForm" class="pwm-form" id="searchForm" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/ldap-selector.jsp" %>
             <jsp:include page="fragment/form.jsp"/>
             <div class="buttonbar">

pwm/servlet/web/WEB-INF/jsp/fragment/guest-nav.jsp

@@ -32,7 +32,7 @@
 <br/>
 <div style="text-align: center">
     <% boolean selected = currentPage == GuestRegistrationServlet.Page.create; %>
-    <form action="GuestRegistration" method="post" enctype="application/x-www-form-urlencoded" id="dashboard" name="dashboard">
+    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" id="dashboard" name="dashboard">
         <button type="submit" class="navbutton<%=selected?" selected":""%>">
             <pwm:if test="showIcons"><span class="btn-icon fa fa-user-plus"></span></pwm:if>
             <pwm:display key="Title_GuestRegistration"/>
@@ -42,7 +42,7 @@
         <input type="hidden" name="page" value="create"/>
     </form>
     <% selected = currentPage == GuestRegistrationServlet.Page.search; %>
-    <form action="GuestRegistration" method="post" enctype="application/x-www-form-urlencoded" id="activity" name="activity">
+    <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" id="activity" name="activity">
         <button type="submit" class="navbutton<%=selected?" selected":""%>">
             <pwm:if test="showIcons"><span class="btn-icon fa fa-calendar"></span></pwm:if>
             <pwm:display key="Title_GuestUpdate"/>

pwm/servlet/web/WEB-INF/jsp/guest-create.jsp

@@ -1,4 +1,3 @@
-<%@ page import="java.util.Date" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -26,6 +25,9 @@
 <%@ page language="java" session="true" isThreadSafe="true"
          contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
+<% final String maxValidDate = (String)JspUtility.getAttribute(pageContext, PwmConstants.REQUEST_ATTR.GuestMaximumExpirationDate); %>
+<% final String selectedDate = (String)JspUtility.getAttribute(pageContext, PwmConstants.REQUEST_ATTR.GuestCurrentExpirationDate); %>
+<% final String maxValidDays = (String)JspUtility.getAttribute(pageContext, PwmConstants.REQUEST_ATTR.GuestMaximumValidDays); %>
 <html dir="<pwm:LocaleOrientation/>">
 <%@ include file="fragment/header.jsp" %>
 <body class="nihilo">
@@ -37,22 +39,9 @@
         <%@ include file="/WEB-INF/jsp/fragment/guest-nav.jsp" %>
         <p><pwm:display key="Display_GuestRegistration"/></p>
 
-        <form action="<pwm:url url='GuestRegistration'/>" method="post" name="newGuest" enctype="application/x-www-form-urlencoded" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" name="newGuest" enctype="application/x-www-form-urlencoded" class="pwm-form">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <jsp:include page="fragment/form.jsp"/>
-            <%
-                final PwmRequest guestPwmRequest = PwmRequest.forRequest(request,response);
-                final long maxValidDays = guestPwmRequest.getConfig().readSettingAsLong(PwmSetting.GUEST_MAX_VALID_DAYS);
-                final GuestRegistrationBean guestRegistrationBean = guestPwmRequest.getPwmSession().getGuestRegistrationBean();
-                if (maxValidDays > 0) {
-                    long futureMS = maxValidDays * 24 * 60 * 60 * 1000;
-                    Date maxValidDate = new Date(new Date().getTime() + (futureMS));
-                    String maxValidDateString = new SimpleDateFormat("yyyy-MM-dd").format(maxValidDate);
-                    String selectedDate = guestRegistrationBean.getFormValues().get(GuestRegistrationServlet.HTTP_PARAM_EXPIRATION_DATE.toString());
-                    if (selectedDate == null || selectedDate.length() <= 0) {
-                        selectedDate = maxValidDateString;
-                    }
-            %>
             <p>
                 <label>
                     <pwm:display key="Display_ExpirationDate" value1="<%=String.valueOf(maxValidDays)%>"/>
@@ -61,24 +50,7 @@
                 </label>
             </p>
             <pwm:script>
-            <script type="text/javascript">
-                PWM_GLOBAL['startupFunctions'].push(function(){
-                    require(["dijit/form/DateTextBox"],function(DateTextBox){
-                        new DateTextBox({
-                            constraints: {
-                                min: new Date(),
-                                max: '<%=maxValidDateString%>'
-                            },
-                            value: '<%=selectedDate%>',
-                            onChange: function(){
-                                PWM_MAIN.getObject('<%=GuestRegistrationServlet.HTTP_PARAM_EXPIRATION_DATE%>').value = this.value;
-                            }
-                        }, "expiredate-stub");
-                    });
-                });
-            </script>
             </pwm:script>
-            <% } %>
 
             <div class="buttonbar">
                 <input type="hidden" name="processAction" value="create"/>
@@ -94,11 +66,13 @@
     <div class="push"></div>
 </div>
 <pwm:script>
-<script type="text/javascript">
-    PWM_GLOBAL['startupFunctions'].push(function(){
-    });
-</script>
+    <script type="text/javascript">
+        PWM_GLOBAL['startupFunctions'].push(function(){
+            PWM_GUEST.initDatePicker('<%=maxValidDate%>','<%=selectedDate%>');
+        });
+    </script>
 </pwm:script>
+<pwm:script-ref url="/public/resources/js/guest.js"/>
 <%@ include file="/WEB-INF/jsp/fragment/cancel-form.jsp" %>
 <%@ include file="fragment/footer.jsp" %>
 </body>

pwm/servlet/web/WEB-INF/jsp/guest-search.jsp

@@ -34,7 +34,7 @@
         <%@ include file="fragment/guest-nav.jsp"%>
         <p><pwm:display key="Display_GuestUpdate"/></p>
                                                                                       
-        <form action="<pwm:url url='GuestRegistration'/>" method="post" enctype="application/x-www-form-urlencoded" name="searchForm" class="pwm-form" id="searchForm">
+        <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" name="searchForm" class="pwm-form" id="searchForm">
             <%@ include file="fragment/message.jsp" %>
             <h2><label for="username"><pwm:display key="Field_Username"/></label></h2>
             <input type="text" id="username" name="username" class="inputfield"/>

pwm/servlet/web/WEB-INF/jsp/guest-update.jsp

@@ -21,10 +21,12 @@
   --%>
 
 <!DOCTYPE html>
-<%@ page import="java.util.Date" %>
 <%@ page language="java" session="true" isThreadSafe="true"
          contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
+<% final String maxValidDate = (String)JspUtility.getAttribute(pageContext, PwmConstants.REQUEST_ATTR.GuestMaximumExpirationDate); %>
+<% final String selectedDate = (String)JspUtility.getAttribute(pageContext, PwmConstants.REQUEST_ATTR.GuestCurrentExpirationDate); %>
+<% final String maxValidDays = (String)JspUtility.getAttribute(pageContext, PwmConstants.REQUEST_ATTR.GuestMaximumValidDays); %>
 <html dir="<pwm:LocaleOrientation/>">
 <%@ include file="fragment/header.jsp" %>
 <body class="nihilo">
@@ -35,27 +37,9 @@
     <div id="centerbody">
         <%@ include file="fragment/guest-nav.jsp"%>
         <p><pwm:display key="Display_GuestUpdate"/></p>
-        <form action="<pwm:url url='GuestRegistration'/>" method="post" name="updateGuest" enctype="application/x-www-form-urlencoded" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" name="updateGuest" enctype="application/x-www-form-urlencoded" class="pwm-form">
             <%@ include file="fragment/message.jsp" %>
             <jsp:include page="fragment/form.jsp"/>
-            <%
-                final PwmRequest guestPwmRequest = PwmRequest.forRequest(request, response);
-                final long maxValidDays = guestPwmRequest.getConfig().readSettingAsLong(PwmSetting.GUEST_MAX_VALID_DAYS);
-                final GuestRegistrationBean guestRegistrationBean = guestPwmRequest.getPwmSession().getGuestRegistrationBean();
-                if (maxValidDays > 0) {
-                    long futureMS = maxValidDays * 24 * 60 * 60 * 1000;
-                    Date maxValidDate = new Date(new Date().getTime() + (futureMS));
-                    String maxValidDateString = new SimpleDateFormat("yyyy-MM-dd").format(maxValidDate);
-                    String selectedDate = guestRegistrationBean.getFormValues().get("__expirationDate__");
-                    if (selectedDate == null || selectedDate.length() <= 0) {
-                        Date currentDate = JspUtility.getPwmSession(pageContext).getGuestRegistrationBean().getUpdateUserExpirationDate();
-                        if (currentDate == null) {
-                            selectedDate = maxValidDateString;
-                        } else {
-                            selectedDate = new SimpleDateFormat("yyyy-MM-dd").format(currentDate);
-                        }
-                    }
-            %>
             <p>
                 <label>
                     <pwm:display key="Display_ExpirationDate" value1="<%=String.valueOf(maxValidDays)%>"/>
@@ -63,28 +47,12 @@
                     <input name="expiredate-stub" id="expiredate-stub" type="date" required="true" value="<%=selectedDate%>"/>
                 </label>
             </p>
-            <pwm:script>
-                <script type="text/javascript">
-                    PWM_GLOBAL['startupFunctions'].push(function(){
-                        require(["dijit/form/DateTextBox"],function(DateTextBox){
-                            new DateTextBox({
-                                constraints: {
-                                    min: new Date(),
-                                    max: '<%=maxValidDateString%>'
-                                },
-                                value: '<%=selectedDate%>',
-                                onChange: function(){
-                                    PWM_MAIN.getObject('<%=GuestRegistrationServlet.HTTP_PARAM_EXPIRATION_DATE%>').value = this.value;
-                                }
-                            }, "expiredate-stub");
-                        });
-                    });
-                </script>
-            </pwm:script>
-            <% } %>
             <div class="buttonbar">
                 <input type="hidden" name="processAction" value="update"/>
-                <input type="submit" name="Update" class="btn" value="<pwm:display key="Button_Update"/>" id="submitBtn"/>
+                <button type="submit" name="Update" class="btn" id="submitBtn">
+                    <pwm:if test="showIcons"><span class="btn-icon fa fa-check-square-o"></span></pwm:if>
+                    <pwm:display key="Button_Update"/>
+                </button>
                 <%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
                 <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
             </div>
@@ -93,12 +61,13 @@
     <div class="push"></div>
 </div>
 <pwm:script>
-<script type="text/javascript">
-    PWM_GLOBAL['startupFunctions'].push(function(){
-        document.forms.updateGuest.elements[0].focus();
-    });
-</script>
+    <script type="text/javascript">
+        PWM_GLOBAL['startupFunctions'].push(function(){
+            PWM_GUEST.initDatePicker('<%=maxValidDate%>','<%=selectedDate%>');
+        });
+    </script>
 </pwm:script>
+<pwm:script-ref url="/public/resources/js/guest.js"/>
 <%@ include file="/WEB-INF/jsp/fragment/cancel-form.jsp" %>
 <%@ include file="fragment/footer.jsp" %>
 </body>

pwm/servlet/web/WEB-INF/jsp/helpdesk.jsp

@@ -20,11 +20,9 @@
   ~ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   --%>
 
-<%@ page import="password.pwm.http.JspUtility" %>
 <!DOCTYPE html>
 <%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
-<% final PwmRequest pwmRequest = JspUtility.getPwmRequest(pageContext); %>
 <html dir="<pwm:LocaleOrientation/>">
 <%@ include file="/WEB-INF/jsp/fragment/header.jsp" %>
 <body class="nihilo">
@@ -40,7 +38,7 @@
                         <span class="fa fa-search"></span>
                     </td>
                     <td style="width:400px">
-                        <input type="search" id="username" name="username" class="helpdesk-input-username" style="width: 400px" <pwm:autofocus/> />
+                        <input type="search" id="username" name="username" class="helpdesk-input-username" style="width: 400px" <pwm:autofocus/> autocomplete="off"/>
                     </td>
                     <td style="width:20px">
                         <div id="searchIndicator" style="display:none">

pwm/servlet/web/WEB-INF/jsp/login-passwordonly.jsp

@@ -33,8 +33,7 @@
     </jsp:include>
     <div id="centerbody">
         <p><pwm:display key="Display_LoginPasswordOnly"/></p>
-        <form action="<pwm:url url='Login'/>" method="post" name="login-password" enctype="application/x-www-form-urlencoded" id="login-password"
-              class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" name="login-password" enctype="application/x-www-form-urlencoded" id="login-password" autocomplete="off" class="pwm-form">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <h2><label for="password"><pwm:display key="Field_Password"/></label></h2>
             <input type="<pwm:value name="passwordFieldType"/>" name="password" id="password" class="inputfield passwordfield" <pwm:autofocus/> />

pwm/servlet/web/WEB-INF/jsp/login.jsp

@@ -36,7 +36,7 @@
             <span class="panel-login-display-message"><pwm:display key="Display_Login"/></span>
         </p>
 
-        <form action="<pwm:url url='Login'/>" method="post" name="login" enctype="application/x-www-form-urlencoded" id="login" autocomplete="off">
+        <form action="<pwm:current-url/>" method="post" name="login" enctype="application/x-www-form-urlencoded" id="login" autocomplete="off">
             <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
             <%@ include file="/WEB-INF/jsp/fragment/ldap-selector.jsp" %>
             <h2><label for="username"><pwm:display key="Field_Username"/></label></h2>

pwm/servlet/web/WEB-INF/jsp/newuser-agreement.jsp

@@ -1,4 +1,3 @@
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -39,7 +38,7 @@
         <br/><br/>
         <div id="agreementText" class="agreementText"><%= expandedText %></div>
         <div class="buttonbar">
-            <form action="<pwm:url url='<%=PwmServletDefinition.NewUser.servletUrlName()%>'/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form">
                 <%-- remove the next line to remove the "I Agree" checkbox --%>
                 <label class="checkboxWrapper">
                     <input type="checkbox" id="agreeCheckBox"/>
@@ -54,8 +53,7 @@
             </form>
         </div>
         <div style="text-align: center">
-            <form action="<%=PwmServletDefinition.NewUser.servletUrlName()%>" method="post"
-                  enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded">
                 <input type="hidden" name="processAction" value="reset"/>
                 <button type="submit" name="button" class="btn" id="button_reset">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-backward"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/newuser-entercode.jsp

@@ -1,6 +1,5 @@
 <%@ page import="password.pwm.http.bean.NewUserBean" %>
 <%@ page import="password.pwm.http.servlet.NewUserServlet" %>
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 
 <%--
   ~ Password Management Servlets (PWM)
@@ -44,8 +43,7 @@
         <% } else if (newUserBean.getVerificationPhase() == NewUserBean.NewUserVerificationPhase.SMS) { %>
         <p><pwm:display key="Display_RecoverEnterCodeSMS" value1="<%=destination%>"/></p>
         <% } %>
-        <form action="<%=PwmServletDefinition.NewUser.servletUrlName()%>" method="post"
-              enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" autocomplete="off" enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
             <%@ include file="fragment/message.jsp" %>
             <h2><label for="<%=PwmConstants.PARAM_TOKEN%>"><pwm:display key="Field_Code"/></label></h2>
             <textarea id="<%=PwmConstants.PARAM_TOKEN%>" name="<%=PwmConstants.PARAM_TOKEN%>" <pwm:autofocus/> class="tokenInput"></textarea>

pwm/servlet/web/WEB-INF/jsp/newuser-profilechoice.jsp

@@ -50,7 +50,7 @@
             <% for (final NewUserProfile profile : newUserProfiles.values()) { %>
             <tr>
                 <td>
-                    <form action="<pwm:url url='<%=PwmServletDefinition.NewUser.servletUrlName()%>'/>" method="post" class="pwm-form"
+                    <form action="<pwm:current-url/>" method="post" class="pwm-form"
                           enctype="application/x-www-form-urlencoded" name="search">
                         <button class="btn" type="submit" name="submitBtn">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-forward"></span></pwm:if>
@@ -67,7 +67,7 @@
         <br/>
         <div class="buttonbar">
             <% if (ContextManager.getPwmApplication(session).getConfig().readSettingAsBoolean(password.pwm.config.PwmSetting.DISPLAY_CANCEL_BUTTON)) { %>
-            <form action="<pwm:url url='/public/CommandServlet' addContext="true"/>" method="get"
+            <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="get"
                   enctype="application/x-www-form-urlencoded" name="search" class="pwm-form">
                 <button class="btn" type="submit" name="submitBtn">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-times"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/newuser-wait.jsp

@@ -1,6 +1,5 @@
 <%@ page import="password.pwm.error.PwmException" %>
 <%@ page import="password.pwm.http.servlet.NewUserServlet" %>
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -43,7 +42,7 @@
         /* noop */
     }
 %>
-<meta http-equiv="refresh" content="<%=refreshSeconds%>;url=<%=PwmServletDefinition.NewUser.servletUrlName()%>?processAction=complete&pwmFormID=<pwm:FormID/>">
+<meta http-equiv="refresh" content="<%=refreshSeconds%>;url=<pwm:current-url/>?processAction=complete&pwmFormID=<pwm:FormID/>">
 <div id="wrapper">
 
     <jsp:include page="fragment/header-body.jsp">

pwm/servlet/web/WEB-INF/jsp/newuser.jsp

@@ -37,7 +37,7 @@
         <p><pwm:display key="Display_NewUser"/></p>
         <%@ include file="fragment/message.jsp" %>
         <br/>
-        <form action="<pwm:url url='<%=PwmServletDefinition.NewUser.servletUrlName()%>'/>" method="post" name="newUser" enctype="application/x-www-form-urlencoded"
+        <form action="<pwm:current-url/>" method="post" name="newUser" enctype="application/x-www-form-urlencoded" autocomplete="off"
               id="newUserForm" class="pwm-form">
             <jsp:include page="fragment/form.jsp"/>
             <div class="buttonbar">

pwm/servlet/web/WEB-INF/jsp/setupotpsecret-existing.jsp

@@ -1,4 +1,3 @@
-<%@ page import="password.pwm.http.bean.SetupOtpBean" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -22,10 +21,8 @@
   --%>
 
 <!DOCTYPE html>
-<%@ page language="java" session="true" isThreadSafe="true"
-         contentType="text/html" %>
+<%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
-<% final SetupOtpBean otpBean = JspUtility.getPwmSession(pageContext).getSetupOtpBean();%>
 <html dir="<pwm:LocaleOrientation/>">
 <%@ include file="fragment/header.jsp" %>
 <body class="nihilo">
@@ -52,7 +49,7 @@
                 <pwm:if test="showIcons"><span class="btn-icon fa fa-check"></span></pwm:if>
                 <pwm:display key="Button_CheckCode"/>
             </button>
-            <form action="<pwm:url url='SetupOtp'/>" method="post" name="setupOtpSecretForm" style="display: inline"
+            <form action="<pwm:current-url/>" method="post" name="setupOtpSecretForm" style="display: inline"
                   enctype="application/x-www-form-urlencoded" id="setupOtpSecretForm">
                 <input type="hidden" name="processAction" value="clearOtp"/>
                 <button type="submit" name="Button_Continue" class="btn" id="continue_button">

pwm/servlet/web/WEB-INF/jsp/setupotpsecret-success.jsp

@@ -63,7 +63,7 @@
             </tr>
         </table>
         <div class="buttonbar">
-            <form action="<pwm:url url='SetupOtp'/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded" class="pwm-form">
                 <% try { JspUtility.getPwmSession(pageContext).getSessionStateBean().setSessionSuccess(null,null); } catch (Exception e) {} %>
                 <div class="buttonbar">
                     <input type="hidden" name="processAction" value="complete"/>

pwm/servlet/web/WEB-INF/jsp/setupotpsecret-test.jsp

@@ -37,7 +37,7 @@
     <div id="centerbody">
         <p><pwm:display key="Display_PleaseVerifyOtp"/></p>
         <%@ include file="fragment/message.jsp" %>
-        <form action="<pwm:url url='SetupOtp'/>" method="post" name="setupOtpSecret"
+        <form action="<pwm:current-url/>" method="post" name="setupOtpSecret"
               enctype="application/x-www-form-urlencoded" id="setupOtpSecret" class="pwm-form">
             <div style="width:100%; text-align: center">
                 <input type="text" pattern="^[0-9]*$" name="<%= PwmConstants.PARAM_OTP_TOKEN%>" class="inputfield passwordfield" maxlength="<%=otpTokenLength%>" type="text"
@@ -58,7 +58,7 @@
             </div>
         </form>
     </div>
-    <form action="<pwm:url url='SetupOtp'/>" method="post" name="goBackForm"
+    <form action="<pwm:current-url/>" method="post" name="goBackForm"
           enctype="application/x-www-form-urlencoded" id="goBackForm">
         <input type="hidden" name="processAction" value="toggleSeen"/>
         <input type="hidden" id="pwmFormID_" name="pwmFormID" value="<pwm:FormID/>"/>

pwm/servlet/web/WEB-INF/jsp/setupotpsecret.jsp

@@ -81,8 +81,7 @@
             </div>
         </div>
         <div class="buttonbar">
-            <form action="<pwm:url url='SetupOtp'/>" method="post" name="setupOtpSecret"
-                  enctype="application/x-www-form-urlencoded" id="setupOtpSecret" class="pwm-form">
+            <form action="<pwm:current-url/>" method="post" name="setupOtpSecret" enctype="application/x-www-form-urlencoded" id="setupOtpSecret" class="pwm-form">
                 <input type="hidden" name="processAction" value="toggleSeen"/>
                 <button type="submit" name="continue" class="btn" id="continuebutton">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-forward"></span></pwm:if>
@@ -90,8 +89,7 @@
                 </button>
                 <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form action="<pwm:url url='SetupOtp'/>" method="post" name="setupOtpSecret-skip"
-                  enctype="application/x-www-form-urlencoded" id="setupOtpSecret-skip" class="pwm-form">
+            <form action="<pwm:current-url/>" method="post" name="setupOtpSecret-skip" enctype="application/x-www-form-urlencoded" id="setupOtpSecret-skip" class="pwm-form">
                 <input type="hidden" name="processAction" value="skip"/>
                 <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
                 <% if (forcedPageView) { %>

pwm/servlet/web/WEB-INF/jsp/setupresponses-confirm.jsp

@@ -67,7 +67,7 @@
         <% } %>
         <br/>
         <div class="buttonbar">
-            <form style="display: inline" action="<pwm:url url='<%=PwmServletDefinition.SetupResponses.servletUrlName()%>'/>" method="post" name="changeResponses"
+            <form style="display: inline" action="<pwm:current-url/>" method="post" name="changeResponses"
                   enctype="application/x-www-form-urlencoded" class="pwm-form">
                 <button type="submit" name="confirm_btn" class="btn" id="confirm_btn">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-check"></span></pwm:if>
@@ -76,7 +76,7 @@
                 <input type="hidden" name="processAction" value="confirmResponses"/>
                 <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form style="display: inline" action="<pwm:url url='<%=PwmServletDefinition.SetupResponses.servletUrlName()%>'/>" method="post" name="confirmResponses"
+            <form style="display: inline" action="<pwm:current-url/>" method="post" name="confirmResponses"
                   enctype="application/x-www-form-urlencoded" class="pwm-form">
                 <button type="submit" name="change_btn" class="btn" id="change_btn">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-backward"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/setupresponses-existing.jsp

@@ -61,7 +61,7 @@
         <% } %>
         <br/>
         <div class="buttonbar">
-            <form style="display: inline" action="<pwm:url url='<%=PwmServletDefinition.SetupResponses.servletUrlName()%>'/>" method="post" name="clearExistingForm" id="clearExistingForm"
+            <form style="display: inline" action="<pwm:current-url/>" method="post" name="clearExistingForm" id="clearExistingForm"
                   enctype="application/x-www-form-urlencoded" onsubmit="confirmContinue();return false">
                 <button type="submit" name="confirm_btn" class="btn" id="confirm_btn" value="">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-times"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/setupresponses-helpdesk.jsp

@@ -21,7 +21,6 @@
   --%>
 
 <%@ page import="password.pwm.http.bean.SetupResponsesBean" %>
-<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <!DOCTYPE html>
 
 <%@ page language="java" session="true" isThreadSafe="true"
@@ -39,8 +38,8 @@
     </jsp:include>
     <div id="centerbody">
         <p><pwm:display key="Display_SetupHelpdeskResponses"/></p>
-        <form action="<pwm:url url='<%=PwmServletDefinition.SetupResponses.servletUrlName()%>'/>" method="post" name="form-setupResponses"
-              enctype="application/x-www-form-urlencoded" id="form-setupResponses" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" name="form-setupResponses"
+              enctype="application/x-www-form-urlencoded" id="form-setupResponses" class="pwm-form" autocomplete="off">
             <%@ include file="fragment/message.jsp" %>
             <div id="pwm-setupResponsesDiv">
                 <% request.setAttribute("setupData",responseBean.getHelpdeskResponseData()); %>

pwm/servlet/web/WEB-INF/jsp/setupresponses.jsp

@@ -34,7 +34,7 @@
     </jsp:include>
     <div id="centerbody">
         <p><pwm:display key="Display_SetupResponses"/></p>
-        <form action="<pwm:url url='<%=PwmServletDefinition.SetupResponses.servletUrlName()%>'/>" method="post" name="form-setupResponses" enctype="application/x-www-form-urlencoded" id="form-setupResponses" class="pwm-form">
+        <form action="<pwm:current-url/>" method="post" name="form-setupResponses" enctype="application/x-www-form-urlencoded" id="form-setupResponses" class="pwm-form" autocomplete="off">
             <%@ include file="fragment/message.jsp" %>
             <div id="pwm-setupResponsesDiv">
             <% request.setAttribute("setupData",responseBean.getResponseData()); %>

pwm/servlet/web/WEB-INF/jsp/shortcut.jsp

@@ -56,7 +56,7 @@
             <% for (final ShortcutItem item : shortcutItems.values()) { %>
             <tr>
                 <td class="menubutton_key">
-                    <form action="<pwm:url url='Shortcuts'/>" method="post" name="form-shortcuts-<%=item%>" enctype="application/x-www-form-urlencoded" id="form-shortcuts-<%=item%>" <%=newWindow ? " target=\"_blank\"" : ""%>>
+                    <form action="<pwm:current-url/>" method="post" name="form-shortcuts-<%=item%>" enctype="application/x-www-form-urlencoded" id="form-shortcuts-<%=item%>" <%=newWindow ? " target=\"_blank\"" : ""%>>
                         <input type="hidden" name="processAction" value="selectShortcut">
                         <input type="hidden" name="link" value="<%=item.getLabel()%>">
                         <input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>

pwm/servlet/web/WEB-INF/jsp/success.jsp

@@ -1,4 +1,5 @@
 <%@ page import="password.pwm.http.JspUtility" %>
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -33,7 +34,7 @@
         <jsp:param name="pwm.PageName" value="Title_Success"/>
     </jsp:include>
     <div id="centerbody">
-        <form action="<pwm:context/>/public/<pwm:url url='CommandServlet'/>" method="post"
+        <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="post"
               enctype="application/x-www-form-urlencoded" class="pwm-form">
             <p><pwm:SuccessMessage/></p>
             <% try { JspUtility.getPwmSession(pageContext).getSessionStateBean().setSessionSuccess(null,null); } catch (Exception e) {} %>

pwm/servlet/web/WEB-INF/jsp/updateprofile-agreement.jsp

@@ -1,3 +1,4 @@
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%--
   ~ Password Management Servlets (PWM)
   ~ http://code.google.com/p/pwm/
@@ -36,7 +37,7 @@
         <% final String expandedText = (String)JspUtility.getAttribute(pageContext,PwmConstants.REQUEST_ATTR.AgreementText); %>
         <div class="agreementText"><%= expandedText %></div>
         <div class="buttonbar">
-            <form action="<pwm:url url='UpdateProfile'/>" method="post" enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:current-url/>" method="post" enctype="application/x-www-form-urlencoded">
                 <%-- remove the next line to remove the "I Agree" checkbox --%>
                 <label class="checkboxWrapper">
                     <input type="checkbox" id="agreeCheckBox"/>
@@ -51,8 +52,7 @@
                 </button>
                 <input type="hidden" name="pwmFormID" id="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form action="<pwm:context/>/public/<pwm:url url='Logout'/>" method="post"
-                  enctype="application/x-www-form-urlencoded">
+            <form action="<pwm:url url='<%=PwmServletDefinition.Logout.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
                 <button type="submit" name="button" class="btn" id="button_logout">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-sign-out"></span></pwm:if>
                     <pwm:display key="Button_Logout"/>

pwm/servlet/web/WEB-INF/jsp/updateprofile-confirm.jsp

@@ -62,7 +62,7 @@
 
         </table>
         <div class="buttonbar">
-            <form style="display: inline" action="<pwm:url url='UpdateProfile'/>" method="post" name="confirm" enctype="application/x-www-form-urlencoded" class="pwm-form">
+            <form style="display: inline" action="<pwm:current-url/>" method="post" name="confirm" enctype="application/x-www-form-urlencoded" class="pwm-form">
                 <button id="confirmBtn" type="submit" class="btn" name="button">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-check"></span></pwm:if>
                     <pwm:display key="Button_Confirm"/>
@@ -70,7 +70,7 @@
                 <input type="hidden" name="processAction" value="confirm"/>
                 <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
             </form>
-            <form style="display: inline" action="<pwm:url url='UpdateProfile'/>" method="post" name="confirm" enctype="application/x-www-form-urlencoded"
+            <form style="display: inline" action="<pwm:current-url/>" method="post" name="confirm" enctype="application/x-www-form-urlencoded"
                   class="pwm-form">
                 <button id="gobackBtn" type="submit" class="btn" name="button">
                     <pwm:if test="showIcons"><span class="btn-icon fa fa-backward"></span></pwm:if>

pwm/servlet/web/WEB-INF/jsp/updateprofile.jsp

@@ -35,7 +35,7 @@
         <p><pwm:display key="Display_UpdateProfile"/></p>
         <%@ include file="fragment/message.jsp" %>
         <br/>
-        <form action="<pwm:url url='UpdateProfile'/>" method="post" name="updateProfileForm" enctype="application/x-www-form-urlencoded"
+        <form action="<pwm:current-url/>" method="post" name="updateProfileForm" enctype="application/x-www-form-urlencoded" autocomplete="off"
               class="pwm-form" id="updateProfileForm">
 
             <jsp:include page="fragment/form.jsp"/>

pwm/servlet/web/WEB-INF/jsp/userinfo.jsp

@@ -26,6 +26,7 @@
 <%@ page import="password.pwm.config.PwmSetting" %>
 <%@ page import="password.pwm.config.option.ViewStatusFields" %>
 <%@ page import="password.pwm.event.UserAuditRecord" %>
+<%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%@ page import="password.pwm.i18n.Display" %>
 <%@ page import="password.pwm.i18n.LocaleHelper" %>
 <%@ page import="password.pwm.util.StringUtil" %>
@@ -371,7 +372,7 @@
 <% } %>
 </div>
 <div class="buttonbar">
-    <form action="<pwm:context/>/public/<pwm:url url='CommandServlet'/>" method="post" enctype="application/x-www-form-urlencoded">
+    <form action="<pwm:url url='<%=PwmServletDefinition.Command.servletUrl()%>' addContext="true"/>" method="post" enctype="application/x-www-form-urlencoded">
         <input type="hidden" name="processAction" value="continue"/>
         <input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>
         <button type="submit" name="button" class="btn" id="button_continue">

pwm/servlet/web/WEB-INF/pwm-taglib.tld

@@ -229,6 +229,12 @@
             <rtexprvalue>true</rtexprvalue>
         </attribute>
     </tag>
+    <tag>
+        <name>current-url</name>
+        <tag-class>password.pwm.http.tag.CurrentUrlTag</tag-class>
+        <body-content>empty</body-content>
+        <description>External Script Reference</description>
+    </tag>
 </taglib>
 
 

pwm/servlet/web/WEB-INF/web.xml

@@ -137,6 +137,10 @@
         <url-pattern>/proxyCallback</url-pattern>
     </filter-mapping>
     -->
+    <filter>
+        <filter-name>ApplicationStatusFilter</filter-name>
+        <filter-class>password.pwm.http.filter.ApplicationStatusFilter</filter-class>
+    </filter>
     <filter>
         <filter-name>GZIPFilter</filter-name>
         <filter-class>password.pwm.http.filter.GZIPFilter</filter-class>
@@ -162,13 +166,17 @@
         <filter-class>password.pwm.http.filter.AuthenticationFilter</filter-class>
     </filter>
     <filter>
-        <filter-name>AuthorizationFilter</filter-name>
+        <filter-name>AdminAuthorizationFilter</filter-name>
         <filter-class>password.pwm.http.filter.AuthorizationFilter</filter-class>
     </filter>
     <filter>
-        <filter-name>ConfigAccessFilter</filter-name>
+        <filter-name>ConfigAuthorizationFilter</filter-name>
         <filter-class>password.pwm.http.filter.ConfigAccessFilter</filter-class>
     </filter>
+    <filter-mapping>
+        <filter-name>ApplicationStatusFilter</filter-name>
+        <url-pattern>*</url-pattern>
+    </filter-mapping>
     <filter-mapping>
         <filter-name>GZIPFilter</filter-name>
         <url-pattern>*</url-pattern>
@@ -187,11 +195,7 @@
     </filter-mapping>
     <filter-mapping>
         <filter-name>CaptchaFilter</filter-name>
-        <url-pattern>/private/Login</url-pattern>
-        <url-pattern>/public/NewUser</url-pattern>
-        <url-pattern>/public/ActivateUser</url-pattern>
-        <url-pattern>/public/ForgottenPassword</url-pattern>
-        <url-pattern>/public/ForgottenUsername</url-pattern>
+        <url-pattern>*</url-pattern>
     </filter-mapping>
     <filter-mapping>
         <filter-name>AuthenticationFilter</filter-name>
@@ -199,11 +203,11 @@
         <url-pattern>/public/ChangePassword</url-pattern>
     </filter-mapping>
     <filter-mapping>
-        <filter-name>AuthorizationFilter</filter-name>
+        <filter-name>AdminAuthorizationFilter</filter-name>
         <url-pattern>/private/admin/*</url-pattern>
     </filter-mapping>
     <filter-mapping>
-        <filter-name>ConfigAccessFilter</filter-name>
+        <filter-name>ConfigAuthorizationFilter</filter-name>
         <url-pattern>/private/config</url-pattern>
         <url-pattern>/private/config/*</url-pattern>
     </filter-mapping>

pwm/servlet/web/private/history.jsp

@@ -1,84 +0,0 @@
-<%--
-  ~ Password Management Servlets (PWM)
-  ~ http://code.google.com/p/pwm/
-  ~
-  ~ Copyright (c) 2006-2009 Novell, Inc.
-  ~ Copyright (c) 2009-2015 The PWM Project
-  ~
-  ~ This program is free software; you can redistribute it and/or modify
-  ~ it under the terms of the GNU General Public License as published by
-  ~ the Free Software Foundation; either version 2 of the License, or
-  ~ (at your option) any later version.
-  ~
-  ~ This program is distributed in the hope that it will be useful,
-  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
-  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-  ~ GNU General Public License for more details.
-  ~
-  ~ You should have received a copy of the GNU General Public License
-  ~ along with this program; if not, write to the Free Software
-  ~ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-  --%>
-
-<%@ page import="password.pwm.event.UserAuditRecord" %>
-<%@ page import="java.text.DateFormat" %>
-<%@ page import="java.util.Collections" %>
-<%@ page import="java.util.List" %>
-<!DOCTYPE html>
-<%@ page language="java" session="true" isThreadSafe="true"
-         contentType="text/html" %>
-<%@ taglib uri="pwm" prefix="pwm" %>
-<html dir="<pwm:LocaleOrientation/>">
-<%@ include file="/WEB-INF/jsp/fragment/header.jsp" %>
-<body class="nihilo">
-<%
-    List<UserAuditRecord> auditRecords = Collections.emptyList();
-    Locale userLocale = PwmConstants.DEFAULT_LOCALE;
-    try {
-        final PwmRequest pwmRequest = PwmRequest.forRequest(request,response);
-        auditRecords = pwmRequest.getPwmApplication().getAuditManager().readUserHistory(pwmRequest.getPwmSession());
-        userLocale = pwmRequest.getLocale();
-    } catch (Exception e) {
-    }
-
-%>
-<div id="wrapper">
-    <jsp:include page="/WEB-INF/jsp/fragment/header-body.jsp">
-        <jsp:param name="pwm.PageName" value="Title_UserEventHistory"/>
-    </jsp:include>
-    <div id="centerbody">
-        <% final String timeZone = (java.text.DateFormat.getDateTimeInstance()).getTimeZone().getDisplayName(); %>
-        <p><pwm:display key="Display_UserEventHistory" value1="<%= timeZone %>"/></p>
-        <%@ include file="/WEB-INF/jsp/fragment/message.jsp" %>
-
-        <table style="border-collapse:collapse;  border: 2px solid #D4D4D4; width:100%">
-            <% for (final UserAuditRecord record : auditRecords) { %>
-            <tr>
-                <td class="key" style="width: 200px">
-                    <%= (DateFormat.getDateTimeInstance(DateFormat.DEFAULT, DateFormat.DEFAULT, userLocale)).format(record.getTimestamp()) %>
-                </td>
-                <td>
-                    <%= record.getEventCode().getLocalizedString(ContextManager.getPwmApplication(session).getConfig(),userLocale) %>
-                </td>
-            </tr>
-            <% } %>
-        </table>
-        <br class="clear"/>
-
-        <div class="buttonbar">
-            <form action="<pwm:context/>/public/<pwm:url url='CommandServlet'/>" method="post"
-                  enctype="application/x-www-form-urlencoded">
-                <input type="hidden"
-                       name="processAction"
-                       value="continue"/>
-                <input type="submit" name="button" class="btn"
-                       value="    <pwm:display key="Button_Continue"/>    "
-                       id="button_logout"/>
-            </form>
-        </div>
-    </div>
-    <div class="push"></div>
-</div>
-<%@ include file="/WEB-INF/jsp/fragment/footer.jsp" %>
-</body>
-</html>

pwm/servlet/web/private/index.jsp

@@ -1,4 +1,3 @@
-<%@ page import="password.pwm.error.PwmException" %>
 <%@ page import="password.pwm.http.JspUtility" %>
 <%@ page import="password.pwm.http.servlet.PwmServletDefinition" %>
 <%@ page import="password.pwm.http.tag.PwmIfTag" %>
@@ -152,7 +151,7 @@
             <pwm:if test="permission" arg1="GUEST_REGISTRATION">
                 <tr>
                     <td class="menubutton_key">
-                        <a class="menubutton" href="<pwm:url url='GuestRegistration'/>">
+                        <a class="menubutton" href="<pwm:url url='<%=PwmServletDefinition.GuestRegistration.servletUrl()%>' addContext="true"/>">
                             <pwm:if test="showIcons"><span class="btn-icon fa fa-group"></span></pwm:if>
                             <pwm:display key="Title_GuestRegistration"/>
                         </a>

pwm/servlet/web/public/resources/js/guest.js

@@ -0,0 +1,48 @@
+/*
+ * Password Management Servlets (PWM)
+ * http://code.google.com/p/pwm/
+ *
+ * Copyright (c) 2006-2009 Novell, Inc.
+ * Copyright (c) 2009-2015 The PWM Project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+
+"use strict";
+
+var PWM_GUEST = PWM_GUEST || {};
+var PWM_VAR = PWM_VAR || {};
+
+
+PWM_GUEST.initDatePicker = function(maxValidDate,selectedDate) {
+    require(["dijit/form/DateTextBox"],function(DateTextBox){
+        new DateTextBox({
+            constraints: {
+                min: new Date(),
+                max: maxValidDate
+            },
+            value: selectedDate,
+            onChange: function(){
+                var selectedDate = new Date(Date.parse(this.value));
+                var isoDate = selectedDate.toISOString();
+                PWM_MAIN.getObject('_expirationDateFormInput').value = isoDate;
+            }
+        }, "expiredate-stub");
+    });
+
+};
+
+

pwm/servlet/web/public/resources/js/peoplesearch.js

@@ -240,7 +240,7 @@ PWM_PS.convertOrgChartDataToOrgChartHtml = function(data) {
         }
         if (PWM_VAR['peoplesearch_enablePhoto']) {
             var blankSrc = PWM_MAIN.addPwmFormIDtoURL(PWM_GLOBAL['url-resources'] + '/UserPhoto.png');
-            output += '<div id="panel-userPhoto-' + userKey + '">';
+            output += '<div class="panel-orgChart-userPhoto" id="panel-userPhoto-' + userKey + '">';
             output += '<img class="img-orgChart-userPhoto" src="' + blankSrc + '">';
             output += '</div>';
         }

pwm/servlet/web/public/resources/style.css

@@ -279,11 +279,11 @@ input[type=password]::-ms-reveal{display: none;}
     cursor: pointer;
 }.btn:disabled {
      color: #9e9e9e;
-}
+ }
 
 .helpdesk-detail-btn {
-    margin-bottom: 15px;
-    width: 150px;
+    margin-bottom: 10px;
+    width: 175px;
 }
 
 
@@ -694,7 +694,6 @@ progress[value] {
 .dialogBody { width: 500px; max-width: 500px; }
 .dialogBody.narrow { width: 350px; max-width: 350px; }
 .dialogBody.wide { width: 95%; max-width: 100%; min-width: 800px; }
-.dialogBody.auto { width: auto }
 .WaitDialogBlank { height: 46px; width: 46px; margin-left: auto; margin-right: auto; background-image: url('wait.gif');}
 #dialogPopup_underlay { background-color: #222222; }
 #idleDialog_underlay { background-color: #111111; }
@@ -709,8 +708,8 @@ dialog .closeIcon { float: right; cursor: pointer; margin-right: 3px; }
 /* begin peoplesearch section */
 
 .icon-peoplesearch-orgChart { background-image: url("orgChart.png"); position: absolute; top:5px; right:5px; height:30px; width:30px; cursor: pointer; }
-.panel-peoplesearch-userDetailPhoto { display: inline  }
-.img-peoplesearch-userDetailPhoto { width: 80px; height: 80px; border-radius: 2px; border: 1px solid #d8e2e2; }
+.panel-peoplesearch-userDetailPhoto { display: inline;  }
+.img-peoplesearch-userDetailPhoto { width: auto; height: 80px; border-radius: 2px; border: 1px solid #d8e2e2; }
 .panel-peoplesearch-person { margin-left:5px; background: #eaeaea; position: relative; padding: 6px; width: auto; height: 83px; margin-right: 5px; margin-bottom: 10px; border:  1px solid transparent; }
 .panel-peoplesearch-displayNames { margin-left: 10px; vertical-align: top; display: inline-block; position: relative }
 
@@ -734,7 +733,8 @@ dialog .closeIcon { float: right; cursor: pointer; margin-right: 3px; }
 .panel-orgChart-person { position: relative; background: #eaeaea; padding: 6px; width: 220px; height: 70px; margin-right: 10px; margin-bottom: 10px; border: 1px solid transparent; cursor:pointer; }
 .panel-orgChart-sibling { float: left; display: block; }
 .panel-orgChart-siblings { margin-left: 40px; }
-.img-orgChart-userPhoto { width: 40px; height: 40px; float: left; border-radius: 2px; margin-right: 6px; margin-bottom: 35px; border: 1px solid #D4D4D4; }
+.panel-orgChart-userPhoto { width: 40px;  height: 40px; float: left; border-radius: 2px; margin-right: 6px; margin-bottom: 35px;  }
+.img-orgChart-userPhoto { display: block; width: auto; height:auto; max-height: 100%; margin: auto; max-width: 100%; border: 1px solid #D4D4D4; border-radius: 2px; }
 .icon-orgChart-up { position: absolute; left: 12px; top: 54px; padding: 4px 8px; border: 1px solid #b6b6b6; }
 .icon-orgChart-down {position: absolute; left: 12px; top: 54px; padding: 4px 8px; border: 1px solid #b6b6b6;}
 .panel-orgChart-displayNames { }
@@ -744,8 +744,9 @@ dialog .closeIcon { float: right; cursor: pointer; margin-right: 3px; }
 .panel-orgChart-displayName-4 { color: #697374; white-space: nowrap; overflow: hidden; text-overflow: ellipsis; font-size: 10px; }
 .panel-orgChart-displayName-5 { color: #697374; white-space: nowrap; overflow: hidden; text-overflow: ellipsis; font-size: 10px; }
 .panel-orgChart-person:hover { border:  1px solid #d8e2e2; }
-.panel-orgChart { max-height: 600px; overflow-y: auto }
+.panel-orgChart { max-height: 80vh; overflow-y: auto }
 .panel-orgChart-footer {clear: both; margin-bottom: 10px; }
 /* end peoplesearch org chart section */
 
 
+