app and domain base class reintroduction

server/src/main/java/password/pwm/FileLocker.java

@@ -20,7 +20,7 @@
 
 package password.pwm;
 
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
@@ -128,7 +128,7 @@ class FileLocker
     public void waitForFileLock( )
             throws PwmUnrecoverableException
     {
-        final DomainConfig domainConfig = pwmEnvironment.getConfig();
+        final AppConfig domainConfig = pwmEnvironment.getConfig();
         final int maxWaitSeconds = pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance )
                 ? 1
                 : Integer.parseInt( domainConfig.readAppProperty( AppProperty.APPLICATION_FILELOCK_WAIT_SECONDS ) );

server/src/main/java/password/pwm/PwmAboutProperty.java

@@ -74,7 +74,7 @@ public enum PwmAboutProperty
     app_ldapProfileCount( null, pwmApplication -> Integer.toString( pwmApplication.getConfig().getLdapProfiles().size() ) ),
     app_ldapConnectionCount( null, pwmApplication -> Integer.toString( pwmApplication.getLdapConnectionService().connectionCount() ) ),
     app_activeSessionCount( "Active Session Count", pwmApplication -> Integer.toString( pwmApplication.getSessionTrackService().sessionCount() ) ),
-    app_activeRequestCount( "Active Request Count", pwmApplication -> Integer.toString( pwmApplication.getActiveServletRequests().get() ) ),
+    app_activeRequestCount( "Active Request Count", pwmApplication -> Integer.toString( pwmApplication.getPwmApplication().getActiveServletRequests().get() ) ),
 
     build_Time( "Build Time", pwmApplication -> PwmConstants.BUILD_TIME ),
     build_Number( "Build Number", pwmApplication -> PwmConstants.BUILD_NUMBER ),

server/src/main/java/password/pwm/PwmApplication.java

@@ -20,24 +20,358 @@
 
 package password.pwm;
 
+import com.novell.ldapchai.ChaiUser;
+import com.novell.ldapchai.exception.ChaiUnavailableException;
+import com.novell.ldapchai.provider.ChaiProvider;
+import password.pwm.bean.SessionLabel;
+import password.pwm.bean.SmsItemBean;
+import password.pwm.bean.UserIdentity;
+import password.pwm.config.AppConfig;
+import password.pwm.config.PwmSetting;
+import password.pwm.config.stored.StoredConfiguration;
+import password.pwm.config.stored.StoredConfigurationUtil;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmException;
 import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.health.HealthMonitor;
+import password.pwm.http.servlet.configeditor.data.SettingDataMaker;
+import password.pwm.http.servlet.peoplesearch.PeopleSearchService;
+import password.pwm.http.servlet.resource.ResourceServletService;
+import password.pwm.http.state.SessionStateService;
+import password.pwm.ldap.LdapConnectionService;
+import password.pwm.ldap.search.UserSearchEngine;
+import password.pwm.svc.PwmService;
+import password.pwm.svc.PwmServiceEnum;
+import password.pwm.svc.PwmServiceManager;
+import password.pwm.svc.cache.CacheService;
+import password.pwm.svc.email.EmailService;
+import password.pwm.svc.event.AuditEvent;
+import password.pwm.svc.event.AuditRecordFactory;
+import password.pwm.svc.event.AuditService;
+import password.pwm.svc.event.SystemAuditRecord;
+import password.pwm.svc.httpclient.HttpClientService;
+import password.pwm.svc.intruder.IntruderManager;
+import password.pwm.svc.intruder.RecordType;
+import password.pwm.svc.node.NodeService;
+import password.pwm.svc.pwnotify.PwNotifyService;
+import password.pwm.svc.report.ReportService;
+import password.pwm.svc.sessiontrack.SessionTrackService;
+import password.pwm.svc.sessiontrack.UserAgentUtils;
+import password.pwm.svc.shorturl.UrlShortenerService;
+import password.pwm.svc.stats.Statistic;
+import password.pwm.svc.stats.StatisticsManager;
+import password.pwm.svc.token.TokenService;
+import password.pwm.svc.wordlist.SeedlistService;
+import password.pwm.svc.wordlist.SharedHistoryManager;
+import password.pwm.svc.wordlist.WordlistService;
+import password.pwm.util.DailySummaryJob;
+import password.pwm.util.MBeanUtility;
+import password.pwm.util.PasswordData;
+import password.pwm.util.PwmScheduler;
+import password.pwm.util.cli.commands.ExportHttpsTomcatConfigCommand;
+import password.pwm.util.db.DatabaseAccessor;
+import password.pwm.util.db.DatabaseService;
+import password.pwm.util.java.FileSystemUtility;
+import password.pwm.util.java.JavaHelper;
+import password.pwm.util.java.JsonUtil;
+import password.pwm.util.java.StringUtil;
+import password.pwm.util.java.TimeDuration;
+import password.pwm.util.localdb.LocalDB;
+import password.pwm.util.localdb.LocalDBFactory;
+import password.pwm.util.logging.LocalDBLogger;
+import password.pwm.util.logging.PwmLogLevel;
+import password.pwm.util.logging.PwmLogManager;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroRequest;
+import password.pwm.util.operations.CrService;
+import password.pwm.util.operations.OtpService;
+import password.pwm.util.queue.SmsQueueManager;
+import password.pwm.util.secure.HttpsServerCertificateManager;
+import password.pwm.util.secure.PwmRandom;
+import password.pwm.util.secure.SecureService;
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.Serializable;
+import java.security.KeyStore;
+import java.time.Instant;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.function.Function;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
 
 public class PwmApplication
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmApplication.class );
     private static final String DEFAULT_INSTANCE_ID = "-1";
 
+    private final AtomicInteger activeServletRequests = new AtomicInteger( 0 );
+
+    private Map<String, PwmDomain> domains;
+    private String runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
+
+    private final PwmServiceManager pwmServiceManager = new PwmServiceManager();
 
+    private final Instant startupTime = Instant.now();
+    private Instant installTime = Instant.now();
+    private ErrorInformation lastLocalDBFailure;
     private PwmEnvironment pwmEnvironment;
+    private FileLocker fileLocker;
+    private PwmScheduler pwmScheduler;
+    private String instanceID = DEFAULT_INSTANCE_ID;
+    private LocalDB localDB;
+    private LocalDBLogger localDBLogger;
+
 
     public PwmApplication( final PwmEnvironment pwmEnvironment )
             throws PwmUnrecoverableException
     {
-        this.pwmEnvironment = pwmEnvironment;
+        this.pwmEnvironment = Objects.requireNonNull( pwmEnvironment );
+
+
         pwmEnvironment.verifyIfApplicationPathIsSetProperly();
 
 
+        try
+        {
+            initialize();
+        }
+        catch ( final PwmUnrecoverableException e )
+        {
+            LOGGER.fatal( e::getMessage );
+            throw e;
+        }
+    }
+
+    private void initialize( )
+            throws PwmUnrecoverableException
+    {
+        final Instant startTime = Instant.now();
+
+        runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
+
+        this.domains = this.pwmEnvironment.getConfig().getDomainIDs().stream()
+                .collect( Collectors.toUnmodifiableMap(
+                        ( domainID ) -> domainID,
+                        ( domainID ) -> new PwmDomain( this, domainID )
+                ) );
+
+
+        // initialize log4j
+        if ( !pwmEnvironment.isInternalRuntimeInstance() && !pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance ) )
+        {
+            final String log4jFileName = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE );
+            final File log4jFile = FileSystemUtility.figureFilepath( log4jFileName, pwmEnvironment.getApplicationPath() );
+            final String consoleLevel;
+            final String fileLevel;
+
+            switch ( getApplicationMode() )
+            {
+                case ERROR:
+                case NEW:
+                    consoleLevel = PwmLogLevel.TRACE.toString();
+                    fileLevel = PwmLogLevel.TRACE.toString();
+                    break;
+
+                default:
+                    consoleLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_STDOUT_LEVEL );
+                    fileLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_FILE_LEVEL );
+                    break;
+            }
+
+            PwmLogManager.initializeLogger( this.getDefaultDomain(), getDefaultDomain().getConfig(), log4jFile, consoleLevel, pwmEnvironment.getApplicationPath(), fileLevel );
+
+            switch ( getApplicationMode() )
+            {
+                case RUNNING:
+                    break;
+
+                case ERROR:
+                    LOGGER.fatal( () -> "starting up in ERROR mode! Check log or health check information for cause" );
+                    break;
+
+                default:
+                    LOGGER.trace( () -> "setting log level to TRACE because application mode is " + getApplicationMode() );
+                    break;
+            }
+        }
+
+        // get file lock
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            fileLocker = new FileLocker( pwmEnvironment );
+            fileLocker.waitForFileLock();
+        }
+
+        // clear temp dir
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            final File tempFileDirectory = getTempDirectory();
+            try
+            {
+                FileSystemUtility.deleteDirectoryContents( tempFileDirectory );
+            }
+            catch ( final Exception e )
+            {
+                throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_STARTUP_ERROR,
+                        "unable to clear temp file directory '" + tempFileDirectory.getAbsolutePath() + "', error: " + e.getMessage()
+                ) );
+            }
+        }
+
+        if ( getApplicationMode() != PwmApplicationMode.READ_ONLY )
+        {
+            LOGGER.info( () -> "initializing, application mode=" + getApplicationMode()
+                    + ", applicationPath=" + ( pwmEnvironment.getApplicationPath() == null ? "null" : pwmEnvironment.getApplicationPath().getAbsolutePath() )
+                    + ", configFile=" + ( pwmEnvironment.getConfigurationFile() == null ? "null" : pwmEnvironment.getConfigurationFile().getAbsolutePath() )
+            );
+        }
+
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            if ( getApplicationMode() == PwmApplicationMode.ERROR )
+            {
+                LOGGER.warn( () -> "skipping LocalDB open due to application mode " + getApplicationMode() );
+            }
+            else
+            {
+                if ( localDB == null )
+                {
+                    this.localDB = Initializer.initializeLocalDB( this, pwmEnvironment );
+                }
+            }
+        }
+
+        this.localDBLogger = PwmLogManager.initializeLocalDBLogger( this.getDefaultDomain() );
+
+        // log the loaded configuration
+        LOGGER.debug( () -> "configuration load completed" );
+
+        // read the pwm servlet instance id
+        instanceID = fetchInstanceID( localDB, this.getDefaultDomain() );
+        LOGGER.debug( () -> "using '" + getInstanceID() + "' for instance's ID (instanceID)" );
+
+        // read the pwm installation date
+        installTime = fetchInstallDate( startupTime );
+        LOGGER.debug( () -> "this application instance first installed on " + JavaHelper.toIsoDate( installTime ) );
+
+        LOGGER.debug( () -> "application environment flags: " + JsonUtil.serializeCollection( pwmEnvironment.getFlags() ) );
+        LOGGER.debug( () -> "application environment parameters: " + JsonUtil.serializeMap( pwmEnvironment.getParameters() ) );
+
+        pwmScheduler = new PwmScheduler( getInstanceID() );
+
+        pwmServiceManager.initAllServices( this.getDefaultDomain() );
+
+        final boolean skipPostInit = pwmEnvironment.isInternalRuntimeInstance()
+                || pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance );
+
+        if ( !skipPostInit )
+        {
+            final TimeDuration totalTime = TimeDuration.fromCurrent( startTime );
+            LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " open for bidness! (" + totalTime.asCompactString() + ")" );
+            StatisticsManager.incrementStat( this.getDefaultDomain(), Statistic.PWM_STARTUPS );
+            LOGGER.debug( () -> "buildTime=" + PwmConstants.BUILD_TIME + ", javaLocale=" + Locale.getDefault() + ", DefaultLocale=" + PwmConstants.DEFAULT_LOCALE );
+
+            pwmScheduler.immediateExecuteInNewThread( this::postInitTasks, this.getClass().getSimpleName() + " postInit tasks" );
+        }
+    }
+
+    public void reInit( final PwmEnvironment pwmEnvironment )
+            throws PwmException
+    {
+        final Instant startTime = Instant.now();
+        LOGGER.debug( () -> "beginning application restart" );
+        shutdown( true );
+        this.pwmEnvironment = pwmEnvironment;
+        initialize();
+        LOGGER.debug( () -> "completed application restart", () -> TimeDuration.fromCurrent( startTime ) );
+    }
+
+    private void postInitTasks( )
+    {
+        final Instant startTime = Instant.now();
+
+        getPwmScheduler().immediateExecuteInNewThread( UserAgentUtils::initializeCache, "initialize useragent cache" );
+        getPwmScheduler().immediateExecuteInNewThread( SettingDataMaker::initializeCache, "initialize PwmSetting metadata" );
+
+        outputConfigurationToLog( this );
+
+        outputNonDefaultPropertiesToLog( this );
+
+        // send system audit event
+        try
+        {
+            final SystemAuditRecord auditRecord = new AuditRecordFactory( this.getDefaultDomain() ).createSystemAuditRecord(
+                    AuditEvent.STARTUP,
+                    null
+            );
+            getAuditManager().submit( null, auditRecord );
+        }
+        catch ( final PwmException e )
+        {
+            LOGGER.warn( () -> "unable to submit start alert event " + e.getMessage() );
+        }
+
+        try
+        {
+            final Map<PwmAboutProperty, String> infoMap = PwmAboutProperty.makeInfoBean( this.getDefaultDomain() );
+            LOGGER.trace( () ->  "application info: " + JsonUtil.serializeMap( infoMap ) );
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.error( () -> "error generating about application bean: " + e.getMessage(), e );
+        }
+
+        try
+        {
+            this.getIntruderManager().clear( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME );
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.warn( () -> "error while clearing configmanager-intruder-username from intruder table: " + e.getMessage() );
+        }
+
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            try
+            {
+                outputKeystore( this );
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.debug( () -> "error while generating keystore output: " + e.getMessage() );
+            }
+
+            try
+            {
+                outputTomcatConf( this );
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.debug( () -> "error while generating tomcat conf output: " + e.getMessage() );
+            }
+        }
+
+        MBeanUtility.registerMBean( this );
+
+        {
+            final ExecutorService executorService = PwmScheduler.makeSingleThreadExecutorService( this.getDefaultDomain(), PwmDomain.class );
+            pwmScheduler.scheduleDailyZuluZeroStartJob( new DailySummaryJob( this.getDefaultDomain() ), executorService, TimeDuration.ZERO );
+        }
+
+        LOGGER.trace( () -> "completed post init tasks", () -> TimeDuration.fromCurrent( startTime ) );
     }
 
     public static PwmApplication createPwmApplication( final PwmEnvironment pwmEnvironment ) throws PwmUnrecoverableException
@@ -45,5 +379,696 @@ public class PwmApplication
         return new PwmApplication( pwmEnvironment );
     }
 
+    public Map<String, PwmDomain> getDomains()
+    {
+        return domains;
+    }
+
+    public AppConfig getConfig()
+    {
+        return pwmEnvironment.getConfig();
+    }
+
+    public PwmEnvironment getPwmEnvironment()
+    {
+        return pwmEnvironment;
+    }
+
+    public AtomicInteger getActiveServletRequests( )
+    {
+        return activeServletRequests;
+    }
+
+    public PwmApplicationMode getApplicationMode( )
+    {
+        return pwmEnvironment.getApplicationMode();
+    }
+
+    public String getRuntimeNonce( )
+    {
+        return runtimeNonce;
+    }
+
+    public PwmDomain getDefaultDomain()
+    {
+        return getDomains().get( PwmConstants.DOMAIN_ID_PLACEHOLDER );
+    }
+
+    public void shutdown( )
+    {
+        shutdown( false );
+    }
+
+    public void shutdown( final boolean keepServicesRunning )
+    {
+        pwmScheduler.shutdown();
+
+        LOGGER.warn( () -> "shutting down" );
+        {
+            // send system audit event
+            try
+            {
+                final SystemAuditRecord auditRecord = new AuditRecordFactory( this.getDefaultDomain() ).createSystemAuditRecord(
+                        AuditEvent.SHUTDOWN,
+                        null
+                );
+                if ( getAuditManager() != null )
+                {
+                    getAuditManager().submit( null, auditRecord );
+                }
+            }
+            catch ( final PwmException e )
+            {
+                LOGGER.warn( () -> "unable to submit shutdown alert event " + e.getMessage() );
+            }
+        }
+
+        MBeanUtility.unregisterMBean( this );
+
+        if ( !keepServicesRunning )
+        {
+            pwmServiceManager.shutdownAllServices();
+        }
+
+        if ( localDBLogger != null )
+        {
+            try
+            {
+                localDBLogger.close();
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.error( () -> "error closing localDBLogger: " + e.getMessage(), e );
+            }
+            localDBLogger = null;
+        }
+
+        if ( keepServicesRunning )
+        {
+            LOGGER.trace( () -> "skipping close of LocalDB (restart request)" );
+        }
+        else if ( localDB != null )
+        {
+            try
+            {
+                LOGGER.trace( () -> "beginning close of LocalDB" );
+                localDB.close();
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.fatal( () -> "error closing localDB: " + e, e );
+            }
+            localDB = null;
+        }
+
+        if ( fileLocker != null )
+        {
+            fileLocker.releaseFileLock();
+        }
+
+        LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " closed for bidness, cya!" );
+    }
+
+    private static void outputKeystore( final PwmApplication pwmApplication ) throws Exception
+    {
+        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmApplication.getPwmEnvironment().getParameters();
+        final String keystoreFileString = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreFile );
+        if ( keystoreFileString != null && !keystoreFileString.isEmpty() )
+        {
+            LOGGER.trace( () -> "attempting to output keystore as configured by environment parameters to " + keystoreFileString );
+            final File keyStoreFile = new File( keystoreFileString );
+            final String password = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStorePassword );
+            final String alias = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreAlias );
+            final KeyStore keyStore = HttpsServerCertificateManager.keyStoreForApplication( pwmApplication, new PasswordData( password ), alias );
+            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
+            keyStore.store( outputContents, password.toCharArray() );
+            if ( keyStoreFile.exists() )
+            {
+                LOGGER.trace( () -> "deleting existing keystore file " + keyStoreFile.getAbsolutePath() );
+                if ( keyStoreFile.delete() )
+                {
+                    LOGGER.trace( () -> "deleted existing keystore file: " + keyStoreFile.getAbsolutePath() );
+                }
+            }
+
+            try ( FileOutputStream fileOutputStream = new FileOutputStream( keyStoreFile ) )
+            {
+                fileOutputStream.write( outputContents.toByteArray() );
+            }
+
+            LOGGER.info( () -> "successfully exported application https key to keystore file " + keyStoreFile.getAbsolutePath() );
+        }
+    }
+
+    private static void outputTomcatConf( final PwmApplication pwmDomain ) throws IOException
+    {
+        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmDomain.getPwmEnvironment().getParameters();
+        final String tomcatOutputFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfOutputFile );
+        if ( tomcatOutputFileStr != null && !tomcatOutputFileStr.isEmpty() )
+        {
+            LOGGER.trace( () -> "attempting to output tomcat configuration file as configured by environment parameters to " + tomcatOutputFileStr );
+            final File tomcatOutputFile = new File( tomcatOutputFileStr );
+            final File tomcatSourceFile;
+            {
+                final String tomcatSourceFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile );
+                if ( tomcatSourceFileStr != null && !tomcatSourceFileStr.isEmpty() )
+                {
+                    tomcatSourceFile = new File( tomcatSourceFileStr );
+                    if ( !tomcatSourceFile.exists() )
+                    {
+                        LOGGER.error( () -> "can not output tomcat configuration file, source file does not exist: " + tomcatSourceFile.getAbsolutePath() );
+                        return;
+                    }
+                }
+                else
+                {
+                    LOGGER.error( () -> "can not output tomcat configuration file, source file parameter '"
+                            + PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile.toString() + "' is not specified." );
+                    return;
+                }
+            }
+
+            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
+            try ( FileInputStream fileInputStream = new FileInputStream( tomcatOutputFile ) )
+            {
+                ExportHttpsTomcatConfigCommand.TomcatConfigWriter.writeOutputFile(
+                        pwmDomain.getConfig(),
+                        fileInputStream,
+                        outputContents
+                );
+            }
+
+            if ( tomcatOutputFile.exists() )
+            {
+                LOGGER.trace( () -> "deleting existing tomcat configuration file " + tomcatOutputFile.getAbsolutePath() );
+                if ( tomcatOutputFile.delete() )
+                {
+                    LOGGER.trace( () -> "deleted existing tomcat configuration file: " + tomcatOutputFile.getAbsolutePath() );
+                }
+            }
+
+            try ( FileOutputStream fileOutputStream = new FileOutputStream( tomcatOutputFile ) )
+            {
+                fileOutputStream.write( outputContents.toByteArray() );
+            }
+
+            LOGGER.info( () -> "successfully wrote tomcat configuration to file " + tomcatOutputFile.getAbsolutePath() );
+        }
+    }
+
+    private static void outputConfigurationToLog( final PwmApplication pwmDomain )
+    {
+        final Instant startTime = Instant.now();
+
+        final Function<Map.Entry<String, String>, String> valueFormatter = entry ->
+        {
+            final String spacedValue = entry.getValue().replace( "\n", "\n   " );
+            return " " + entry.getKey() + "\n   " + spacedValue + "\n";
+        };
+
+        final StoredConfiguration storedConfiguration = pwmDomain.getConfig().getStoredConfiguration();
+        final Map<String, String> debugStrings = StoredConfigurationUtil.makeDebugMap( storedConfiguration, storedConfiguration.modifiedItems(), PwmConstants.DEFAULT_LOCALE );
+
+        LOGGER.trace( () -> "--begin current configuration output--" );
+        debugStrings.entrySet().stream()
+                .map( valueFormatter )
+                .map( s -> ( Supplier<CharSequence> ) () -> s )
+                .forEach( LOGGER::trace );
+        LOGGER.trace( () -> "--end current configuration output--", () -> TimeDuration.fromCurrent( startTime ) );
+    }
+
+    private static void outputNonDefaultPropertiesToLog( final PwmApplication pwmApplication )
+    {
+        final Instant startTime = Instant.now();
+
+        final Map<AppProperty, String> nonDefaultProperties = pwmApplication.getConfig().readAllNonDefaultAppProperties();
+        if ( !JavaHelper.isEmpty( nonDefaultProperties ) )
+        {
+            LOGGER.trace( () -> "--begin non-default app properties output--" );
+            nonDefaultProperties.entrySet().stream()
+                    .map( entry -> "AppProperty: " + entry.getKey().getKey() + " -> " + entry.getValue() )
+                    .map( s -> ( Supplier<CharSequence> ) () -> s )
+                    .forEach( LOGGER::trace );
+            LOGGER.trace( () -> "--end non-default app properties output--", () -> TimeDuration.fromCurrent( startTime ) );
+        }
+        else
+        {
+            LOGGER.trace( () -> "no non-default app properties in configuration" );
+        }
+    }
+
+    public String getInstanceID( )
+    {
+        return instanceID;
+    }
+
+
+    public <T extends Serializable> Optional<T> readAppAttribute( final AppAttribute appAttribute, final Class<T> returnClass )
+    {
+        final LocalDB localDB = getLocalDB();
+
+        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
+        {
+            LOGGER.debug( () -> "error retrieving key '" + appAttribute.getKey() + "', localDB unavailable: " );
+            return Optional.empty();
+        }
+
+        if ( appAttribute == null )
+        {
+            return Optional.empty();
+        }
+
+        try
+        {
+            final String strValue = localDB.get( LocalDB.DB.PWM_META, appAttribute.getKey() );
+            return Optional.of( JsonUtil.deserialize( strValue, returnClass ) );
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' value from localDB: " + e.getMessage() );
+        }
+        return Optional.empty();
+    }
+
+    public void writeAppAttribute( final AppAttribute appAttribute, final Serializable value )
+    {
+        final LocalDB localDB = getLocalDB();
+
+        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
+        {
+            LOGGER.error( () -> "error writing key '" + appAttribute.getKey() + "', localDB unavailable: " );
+            return;
+        }
+
+        if ( appAttribute == null )
+        {
+            return;
+        }
+
+        try
+        {
+            if ( value == null )
+            {
+                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
+            }
+            else
+            {
+                final String jsonValue = JsonUtil.serialize( value );
+                localDB.put( LocalDB.DB.PWM_META, appAttribute.getKey(), jsonValue );
+            }
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' installation date from localDB: " + e.getMessage() );
+            try
+            {
+                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
+            }
+            catch ( final Exception e2 )
+            {
+                LOGGER.error( () -> "error removing bogus appAttribute value for key " + appAttribute.getKey() + ", error: " + localDB );
+            }
+        }
+    }
+
+
+
+
+    private Instant fetchInstallDate( final Instant startupTime )
+    {
+        if ( localDB != null )
+        {
+            try
+            {
+                final Optional<String> storedDateStr = readAppAttribute( AppAttribute.INSTALL_DATE, String.class );
+                if ( !storedDateStr.isPresent() )
+                {
+                    writeAppAttribute( AppAttribute.INSTALL_DATE, String.valueOf( startupTime.toEpochMilli() ) );
+                }
+                else
+                {
+                    return Instant.ofEpochMilli( Long.parseLong( storedDateStr.get() ) );
+                }
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.error( () -> "error retrieving installation date from localDB: " + e.getMessage() );
+            }
+        }
+        return Instant.now();
+    }
+
+    private String fetchInstanceID( final LocalDB localDB, final PwmDomain pwmDomain )
+    {
+        {
+            final String newInstanceID = pwmDomain.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.InstanceID );
+
+            if ( !StringUtil.isTrimEmpty( newInstanceID ) )
+            {
+                return newInstanceID;
+            }
+        }
+
+        {
+            final Optional<String> optionalStoredInstanceID = readAppAttribute( AppAttribute.INSTANCE_ID, String.class );
+            if ( optionalStoredInstanceID.isPresent() )
+            {
+                final String instanceID = optionalStoredInstanceID.get();
+                if ( !StringUtil.isTrimEmpty( instanceID ) )
+                {
+                    LOGGER.trace( () -> "retrieved instanceID " + instanceID + "" + " from localDB" );
+                    return instanceID;
+                }
+            }
+        }
+
+        final PwmRandom pwmRandom = PwmRandom.getInstance();
+        final String newInstanceID = Long.toHexString( pwmRandom.nextLong() ).toUpperCase();
+        LOGGER.debug( () -> "generated new random instanceID " + newInstanceID );
+
+        if ( localDB != null )
+        {
+            writeAppAttribute( AppAttribute.INSTANCE_ID, newInstanceID );
+        }
 
+        return newInstanceID;
+    }
+
+    public SharedHistoryManager getSharedHistoryManager( )
+    {
+        return ( SharedHistoryManager ) pwmServiceManager.getService( PwmServiceEnum.SharedHistoryManager );
+    }
+
+    public IntruderManager getIntruderManager( )
+    {
+        return ( IntruderManager ) pwmServiceManager.getService( PwmServiceEnum.IntruderManager );
+    }
+
+    public ChaiUser getProxiedChaiUser( final UserIdentity userIdentity )
+            throws PwmUnrecoverableException
+    {
+        try
+        {
+            final ChaiProvider proxiedProvider = getProxyChaiProvider( userIdentity.getLdapProfileID() );
+            return proxiedProvider.getEntryFactory().newChaiUser( userIdentity.getUserDN() );
+        }
+        catch ( final ChaiUnavailableException e )
+        {
+            throw PwmUnrecoverableException.fromChaiException( e );
+        }
+    }
+
+    public ChaiProvider getProxyChaiProvider( final String identifier )
+            throws PwmUnrecoverableException
+    {
+        return getLdapConnectionService().getProxyChaiProvider( identifier );
+    }
+
+    public LocalDBLogger getLocalDBLogger( )
+    {
+        return localDBLogger;
+    }
+
+    public HealthMonitor getHealthMonitor( )
+    {
+        return ( HealthMonitor ) pwmServiceManager.getService( PwmServiceEnum.HealthMonitor );
+    }
+
+    public HttpClientService getHttpClientService()
+    {
+        return ( HttpClientService ) pwmServiceManager.getService( PwmServiceEnum.HttpClientService );
+    }
+
+    public List<PwmService> getPwmServices( )
+    {
+        final List<PwmService> pwmServices = new ArrayList<>();
+        pwmServices.add( this.localDBLogger );
+        pwmServices.addAll( this.pwmServiceManager.getRunningServices() );
+        pwmServices.remove( null );
+        return Collections.unmodifiableList( pwmServices );
+    }
+
+    public WordlistService getWordlistService( )
+    {
+        return ( WordlistService ) pwmServiceManager.getService( PwmServiceEnum.WordlistManager );
+    }
+
+    public SeedlistService getSeedlistManager( )
+    {
+        return ( SeedlistService ) pwmServiceManager.getService( PwmServiceEnum.SeedlistManager );
+    }
+
+    public ReportService getReportService( )
+    {
+        return ( ReportService ) pwmServiceManager.getService( PwmServiceEnum.ReportService );
+    }
+
+    public EmailService getEmailQueue( )
+    {
+        return ( EmailService ) pwmServiceManager.getService( PwmServiceEnum.EmailQueueManager );
+    }
+
+    public AuditService getAuditManager( )
+    {
+        return ( AuditService ) pwmServiceManager.getService( PwmServiceEnum.AuditService );
+    }
+
+    public SmsQueueManager getSmsQueue( )
+    {
+        return ( SmsQueueManager ) pwmServiceManager.getService( PwmServiceEnum.SmsQueueManager );
+    }
+
+    public PwNotifyService getPwNotifyService( )
+    {
+        return ( PwNotifyService ) pwmServiceManager.getService( PwmServiceEnum.PwExpiryNotifyService );
+    }
+
+    public UrlShortenerService getUrlShortener( )
+    {
+        return ( UrlShortenerService ) pwmServiceManager.getService( PwmServiceEnum.UrlShortenerService );
+    }
+
+    public UserSearchEngine getUserSearchEngine( )
+    {
+        return ( UserSearchEngine ) pwmServiceManager.getService( PwmServiceEnum.UserSearchEngine );
+    }
+
+    public NodeService getClusterService( )
+    {
+        return ( NodeService ) pwmServiceManager.getService( PwmServiceEnum.ClusterService );
+    }
+
+    public ErrorInformation getLastLocalDBFailure( )
+    {
+        return lastLocalDBFailure;
+    }
+
+    public TokenService getTokenService( )
+    {
+        return ( TokenService ) pwmServiceManager.getService( PwmServiceEnum.TokenService );
+    }
+
+    public LdapConnectionService getLdapConnectionService( )
+    {
+        return ( LdapConnectionService ) pwmServiceManager.getService( PwmServiceEnum.LdapConnectionService );
+    }
+
+    public SessionTrackService getSessionTrackService( )
+    {
+        return ( SessionTrackService ) pwmServiceManager.getService( PwmServiceEnum.SessionTrackService );
+    }
+
+    public ResourceServletService getResourceServletService( )
+    {
+        return ( ResourceServletService ) pwmServiceManager.getService( PwmServiceEnum.ResourceServletService );
+    }
+
+    public PeopleSearchService getPeopleSearchService( )
+    {
+        return ( PeopleSearchService ) pwmServiceManager.getService( PwmServiceEnum.PeopleSearchService );
+    }
+
+    public DatabaseAccessor getDatabaseAccessor( )
+
+            throws PwmUnrecoverableException
+    {
+        return getDatabaseService().getAccessor();
+    }
+
+    public DatabaseService getDatabaseService( )
+    {
+        return ( DatabaseService ) pwmServiceManager.getService( PwmServiceEnum.DatabaseService );
+    }
+
+    public StatisticsManager getStatisticsManager( )
+    {
+        return ( StatisticsManager ) pwmServiceManager.getService( PwmServiceEnum.StatisticsManager );
+    }
+
+    public OtpService getOtpService( )
+    {
+        return ( OtpService ) pwmServiceManager.getService( PwmServiceEnum.OtpService );
+    }
+
+    public CrService getCrService( )
+    {
+        return ( CrService ) pwmServiceManager.getService( PwmServiceEnum.CrService );
+    }
+
+    public SessionStateService getSessionStateService( )
+    {
+        return ( SessionStateService ) pwmServiceManager.getService( PwmServiceEnum.SessionStateSvc );
+    }
+
+
+    public CacheService getCacheService( )
+    {
+        return ( CacheService ) pwmServiceManager.getService( PwmServiceEnum.CacheService );
+    }
+
+    public SecureService getSecureService( )
+    {
+        return ( SecureService ) pwmServiceManager.getService( PwmServiceEnum.SecureService );
+    }
+
+
+    public Instant getStartupTime( )
+    {
+        return startupTime;
+    }
+
+    public Instant getInstallTime( )
+    {
+        return installTime;
+    }
+
+    public LocalDB getLocalDB( )
+    {
+        return localDB;
+    }
+
+    public void sendSmsUsingQueue(
+            final String to,
+            final String message,
+            final SessionLabel sessionLabel,
+            final MacroRequest macroRequest
+    )
+    {
+        final SmsQueueManager smsQueue = getSmsQueue();
+        if ( smsQueue == null )
+        {
+            LOGGER.error( sessionLabel, () -> "SMS queue is unavailable, unable to send SMS to: " + to );
+            return;
+        }
+
+        final SmsItemBean smsItemBean = new SmsItemBean(
+                macroRequest.expandMacros( to ),
+                macroRequest.expandMacros( message ),
+                sessionLabel
+        );
+
+        try
+        {
+            smsQueue.addSmsToQueue( smsItemBean );
+        }
+        catch ( final PwmUnrecoverableException e )
+        {
+            LOGGER.warn( () -> "unable to add sms to queue: " + e.getMessage() );
+        }
+    }
+
+    private static class Initializer
+    {
+        public static LocalDB initializeLocalDB( final PwmApplication pwmApplication, final PwmEnvironment pwmEnvironment )
+                throws PwmUnrecoverableException
+        {
+            final File databaseDirectory;
+
+            try
+            {
+                final String localDBLocationSetting = pwmApplication.getConfig().readAppProperty( AppProperty.LOCALDB_LOCATION );
+                databaseDirectory = FileSystemUtility.figureFilepath( localDBLocationSetting, pwmApplication.pwmEnvironment.getApplicationPath() );
+            }
+            catch ( final Exception e )
+            {
+                pwmApplication.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "error locating configured LocalDB directory: " + e.getMessage() );
+                LOGGER.warn( () -> pwmApplication.lastLocalDBFailure.toDebugStr() );
+                throw new PwmUnrecoverableException( pwmApplication.lastLocalDBFailure );
+            }
+
+            LOGGER.debug( () -> "using localDB path " + databaseDirectory );
+
+            // initialize the localDB
+            try
+            {
+                final boolean readOnly = pwmApplication.getApplicationMode() == PwmApplicationMode.READ_ONLY;
+                return LocalDBFactory.getInstance( databaseDirectory, readOnly, pwmEnvironment, pwmApplication.getConfig() );
+            }
+            catch ( final Exception e )
+            {
+                pwmApplication.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "unable to initialize LocalDB: " + e.getMessage() );
+                LOGGER.warn( () -> pwmApplication.lastLocalDBFailure.toDebugStr() );
+                throw new PwmUnrecoverableException( pwmApplication.lastLocalDBFailure );
+            }
+        }
+
+
+    }
+
+    public File getTempDirectory( ) throws PwmUnrecoverableException
+    {
+        if ( pwmEnvironment.getApplicationPath() == null )
+        {
+            final ErrorInformation errorInformation = new ErrorInformation(
+                    PwmError.ERROR_STARTUP_ERROR,
+                    "unable to establish temp work directory: application path unavailable"
+            );
+            throw new PwmUnrecoverableException( errorInformation );
+        }
+        final File tempDirectory = new File( pwmEnvironment.getApplicationPath() + File.separator + "temp" );
+        if ( !tempDirectory.exists() )
+        {
+            LOGGER.trace( () -> "preparing to create temporary directory " + tempDirectory.getAbsolutePath() );
+            if ( tempDirectory.mkdir() )
+            {
+                LOGGER.debug( () -> "created " + tempDirectory.getAbsolutePath() );
+            }
+            else
+            {
+                LOGGER.debug( () -> "unable to create temporary directory " + tempDirectory.getAbsolutePath() );
+                final ErrorInformation errorInformation = new ErrorInformation(
+                        PwmError.ERROR_STARTUP_ERROR,
+                        "unable to establish create temp work directory " + tempDirectory.getAbsolutePath()
+                );
+                throw new PwmUnrecoverableException( errorInformation );
+            }
+        }
+        return tempDirectory;
+    }
+
+
+    public PwmScheduler getPwmScheduler()
+    {
+        return pwmScheduler;
+    }
+
+    public boolean determineIfDetailErrorMsgShown( )
+    {
+        final PwmApplicationMode mode = this.getApplicationMode();
+        if ( mode == PwmApplicationMode.CONFIGURATION || mode == PwmApplicationMode.NEW )
+        {
+            return true;
+        }
+        if ( mode == PwmApplicationMode.RUNNING )
+        {
+            if ( this.getConfig() != null )
+            {
+                if ( this.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SHOW_DETAILED_ERRORS ) )
+                {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
 }

server/src/main/java/password/pwm/PwmApplicationMode.java

@@ -44,7 +44,7 @@ public enum PwmApplicationMode
             return ERROR;
         }
 
-        final PwmDomain pwmDomain;
+        final PwmApplication pwmDomain;
         try
         {
             pwmDomain = contextManager.getPwmApplication();

server/src/main/java/password/pwm/PwmDomain.java

@@ -21,94 +21,52 @@
 package password.pwm;
 
 import com.novell.ldapchai.ChaiUser;
-import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.provider.ChaiProvider;
 import password.pwm.bean.SessionLabel;
-import password.pwm.bean.SmsItemBean;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.DomainConfig;
-import password.pwm.config.PwmSetting;
-import password.pwm.config.stored.StoredConfiguration;
-import password.pwm.config.stored.StoredConfigurationUtil;
 import password.pwm.error.ErrorInformation;
-import password.pwm.error.PwmError;
-import password.pwm.error.PwmException;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.health.HealthMonitor;
-import password.pwm.http.servlet.configeditor.data.SettingDataMaker;
 import password.pwm.http.servlet.peoplesearch.PeopleSearchService;
 import password.pwm.http.servlet.resource.ResourceServletService;
 import password.pwm.http.state.SessionStateService;
 import password.pwm.ldap.LdapConnectionService;
 import password.pwm.ldap.search.UserSearchEngine;
 import password.pwm.svc.PwmService;
-import password.pwm.svc.PwmServiceEnum;
-import password.pwm.svc.PwmServiceManager;
 import password.pwm.svc.cache.CacheService;
 import password.pwm.svc.email.EmailService;
-import password.pwm.svc.event.AuditEvent;
-import password.pwm.svc.event.AuditRecordFactory;
 import password.pwm.svc.event.AuditService;
-import password.pwm.svc.event.SystemAuditRecord;
 import password.pwm.svc.httpclient.HttpClientService;
 import password.pwm.svc.intruder.IntruderManager;
-import password.pwm.svc.intruder.RecordType;
 import password.pwm.svc.node.NodeService;
 import password.pwm.svc.pwnotify.PwNotifyService;
 import password.pwm.svc.report.ReportService;
 import password.pwm.svc.sessiontrack.SessionTrackService;
-import password.pwm.svc.sessiontrack.UserAgentUtils;
 import password.pwm.svc.shorturl.UrlShortenerService;
-import password.pwm.svc.stats.Statistic;
 import password.pwm.svc.stats.StatisticsManager;
 import password.pwm.svc.token.TokenService;
 import password.pwm.svc.wordlist.SeedlistService;
 import password.pwm.svc.wordlist.SharedHistoryManager;
 import password.pwm.svc.wordlist.WordlistService;
-import password.pwm.util.DailySummaryJob;
-import password.pwm.util.MBeanUtility;
-import password.pwm.util.PasswordData;
 import password.pwm.util.PwmScheduler;
-import password.pwm.util.cli.commands.ExportHttpsTomcatConfigCommand;
 import password.pwm.util.db.DatabaseAccessor;
 import password.pwm.util.db.DatabaseService;
-import password.pwm.util.java.FileSystemUtility;
-import password.pwm.util.java.JavaHelper;
-import password.pwm.util.java.JsonUtil;
-import password.pwm.util.java.StringUtil;
-import password.pwm.util.java.TimeDuration;
 import password.pwm.util.localdb.LocalDB;
-import password.pwm.util.localdb.LocalDBFactory;
 import password.pwm.util.logging.LocalDBLogger;
-import password.pwm.util.logging.PwmLogLevel;
-import password.pwm.util.logging.PwmLogManager;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.macro.MacroRequest;
 import password.pwm.util.operations.CrService;
 import password.pwm.util.operations.OtpService;
 import password.pwm.util.queue.SmsQueueManager;
-import password.pwm.util.secure.HttpsServerCertificateManager;
-import password.pwm.util.secure.PwmRandom;
 import password.pwm.util.secure.SecureService;
 
-import java.io.ByteArrayOutputStream;
 import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
 import java.io.Serializable;
-import java.security.KeyStore;
 import java.time.Instant;
-import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
-import java.util.Locale;
-import java.util.Map;
+import java.util.Objects;
 import java.util.Optional;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.function.Function;
-import java.util.function.Supplier;
 
 /**
  * A repository for objects common to the servlet context.  A singleton
@@ -119,925 +77,262 @@ import java.util.function.Supplier;
 public class PwmDomain
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmDomain.class );
-    private static final String DEFAULT_INSTANCE_ID = "-1";
 
-    private final Instant startupTime = Instant.now();
-    private final AtomicInteger activeServletRequests = new AtomicInteger( 0 );
-    private final PwmServiceManager pwmServiceManager = new PwmServiceManager();
+    private final PwmApplication pwmApplication;
+    private final String domainID;
 
-    private Instant installTime = Instant.now();
-    private ErrorInformation lastLocalDBFailure;
-    private PwmEnvironment pwmEnvironment;
-    private FileLocker fileLocker;
-    private PwmScheduler pwmScheduler;
-    private String instanceID = DEFAULT_INSTANCE_ID;
-    private String runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
-    private LocalDB localDB;
-    private LocalDBLogger localDBLogger;
-
-    public PwmDomain( final PwmEnvironment pwmEnvironment )
-            throws PwmUnrecoverableException
-    {
-        this.pwmEnvironment = pwmEnvironment;
-        pwmEnvironment.verifyIfApplicationPathIsSetProperly();
-
-        try
-        {
-            initialize();
-        }
-        catch ( final PwmUnrecoverableException e )
-        {
-            LOGGER.fatal( e::getMessage );
-            throw e;
-        }
-    }
-
-    public static PwmDomain createPwmApplication( final PwmEnvironment pwmEnvironment ) throws PwmUnrecoverableException
-    {
-        return new PwmDomain( pwmEnvironment );
-    }
-
-    private void initialize( )
-            throws PwmUnrecoverableException
-    {
-        final Instant startTime = Instant.now();
-
-        // initialize log4j
-        if ( !pwmEnvironment.isInternalRuntimeInstance() && !pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance ) )
-        {
-            final String log4jFileName = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE );
-            final File log4jFile = FileSystemUtility.figureFilepath( log4jFileName, pwmEnvironment.getApplicationPath() );
-            final String consoleLevel;
-            final String fileLevel;
-
-            switch ( getApplicationMode() )
-            {
-                case ERROR:
-                case NEW:
-                    consoleLevel = PwmLogLevel.TRACE.toString();
-                    fileLevel = PwmLogLevel.TRACE.toString();
-                    break;
-
-                default:
-                    consoleLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_STDOUT_LEVEL );
-                    fileLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_FILE_LEVEL );
-                    break;
-            }
-
-            PwmLogManager.initializeLogger( this, pwmEnvironment.getConfig(), log4jFile, consoleLevel, pwmEnvironment.getApplicationPath(), fileLevel );
-
-            switch ( getApplicationMode() )
-            {
-                case RUNNING:
-                    break;
-
-                case ERROR:
-                    LOGGER.fatal( () -> "starting up in ERROR mode! Check log or health check information for cause" );
-                    break;
-
-                default:
-                    LOGGER.trace( () -> "setting log level to TRACE because application mode is " + getApplicationMode() );
-                    break;
-            }
-        }
-
-        // get file lock
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            fileLocker = new FileLocker( pwmEnvironment );
-            fileLocker.waitForFileLock();
-        }
-
-        // clear temp dir
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            final File tempFileDirectory = getTempDirectory();
-            try
-            {
-                FileSystemUtility.deleteDirectoryContents( tempFileDirectory );
-            }
-            catch ( final Exception e )
-            {
-                throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_STARTUP_ERROR,
-                        "unable to clear temp file directory '" + tempFileDirectory.getAbsolutePath() + "', error: " + e.getMessage()
-                ) );
-            }
-        }
-
-        if ( getApplicationMode() != PwmApplicationMode.READ_ONLY )
-        {
-            LOGGER.info( () -> "initializing, application mode=" + getApplicationMode()
-                    + ", applicationPath=" + ( pwmEnvironment.getApplicationPath() == null ? "null" : pwmEnvironment.getApplicationPath().getAbsolutePath() )
-                    + ", configFile=" + ( pwmEnvironment.getConfigurationFile() == null ? "null" : pwmEnvironment.getConfigurationFile().getAbsolutePath() )
-            );
-        }
-
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            if ( getApplicationMode() == PwmApplicationMode.ERROR )
-            {
-                LOGGER.warn( () -> "skipping LocalDB open due to application mode " + getApplicationMode() );
-            }
-            else
-            {
-                if ( localDB == null )
-                {
-                    this.localDB = Initializer.initializeLocalDB( this, pwmEnvironment );
-                }
-            }
-        }
-
-        this.localDBLogger = PwmLogManager.initializeLocalDBLogger( this );
-
-        // log the loaded configuration
-        LOGGER.debug( () -> "configuration load completed" );
-
-        // read the pwm servlet instance id
-        instanceID = fetchInstanceID( localDB, this );
-        LOGGER.debug( () -> "using '" + getInstanceID() + "' for instance's ID (instanceID)" );
-
-        // read the pwm installation date
-        installTime = fetchInstallDate( startupTime );
-        LOGGER.debug( () -> "this application instance first installed on " + JavaHelper.toIsoDate( installTime ) );
-
-        LOGGER.debug( () -> "application environment flags: " + JsonUtil.serializeCollection( pwmEnvironment.getFlags() ) );
-        LOGGER.debug( () -> "application environment parameters: " + JsonUtil.serializeMap( pwmEnvironment.getParameters() ) );
-
-        pwmScheduler = new PwmScheduler( getInstanceID() );
-
-        pwmServiceManager.initAllServices( this );
-
-        final boolean skipPostInit = pwmEnvironment.isInternalRuntimeInstance()
-                || pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance );
-
-        if ( !skipPostInit )
-        {
-            final TimeDuration totalTime = TimeDuration.fromCurrent( startTime );
-            LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " open for bidness! (" + totalTime.asCompactString() + ")" );
-            StatisticsManager.incrementStat( this, Statistic.PWM_STARTUPS );
-            LOGGER.debug( () -> "buildTime=" + PwmConstants.BUILD_TIME + ", javaLocale=" + Locale.getDefault() + ", DefaultLocale=" + PwmConstants.DEFAULT_LOCALE );
-
-            pwmScheduler.immediateExecuteInNewThread( this::postInitTasks, this.getClass().getSimpleName() + " postInit tasks" );
-        }
-    }
-
-    public void reInit( final PwmEnvironment pwmEnvironment )
-            throws PwmException
+    public PwmDomain( final PwmApplication pwmApplication, final String domainID )
     {
-        final Instant startTime = Instant.now();
-        LOGGER.debug( () -> "beginning application restart" );
-        shutdown( true );
-        this.pwmEnvironment = pwmEnvironment;
-        initialize();
-        runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
-        LOGGER.debug( () -> "completed application restart", () -> TimeDuration.fromCurrent( startTime ) );
+        this.pwmApplication = Objects.requireNonNull( pwmApplication );
+        this.domainID = Objects.requireNonNull( domainID );
     }
 
-    private void postInitTasks( )
-    {
-        final Instant startTime = Instant.now();
-
-        getPwmScheduler().immediateExecuteInNewThread( UserAgentUtils::initializeCache, "initialize useragent cache" );
-        getPwmScheduler().immediateExecuteInNewThread( SettingDataMaker::initializeCache, "initialize PwmSetting metadata" );
-
-        outputConfigurationToLog( this );
-
-        outputNonDefaultPropertiesToLog( this );
-
-        // send system audit event
-        try
-        {
-            final SystemAuditRecord auditRecord = new AuditRecordFactory( this ).createSystemAuditRecord(
-                    AuditEvent.STARTUP,
-                    null
-            );
-            getAuditManager().submit( null, auditRecord );
-        }
-        catch ( final PwmException e )
-        {
-            LOGGER.warn( () -> "unable to submit start alert event " + e.getMessage() );
-        }
-
-        try
-        {
-            final Map<PwmAboutProperty, String> infoMap = PwmAboutProperty.makeInfoBean( this );
-            LOGGER.trace( () ->  "application info: " + JsonUtil.serializeMap( infoMap ) );
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.error( () -> "error generating about application bean: " + e.getMessage(), e );
-        }
-
-        try
-        {
-            this.getIntruderManager().clear( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME );
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.warn( () -> "error while clearing configmanager-intruder-username from intruder table: " + e.getMessage() );
-        }
-
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            try
-            {
-                outputKeystore( this );
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.debug( () -> "error while generating keystore output: " + e.getMessage() );
-            }
-
-            try
-            {
-                outputTomcatConf( this );
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.debug( () -> "error while generating tomcat conf output: " + e.getMessage() );
-            }
-        }
-
-        MBeanUtility.registerMBean( this );
-
-        {
-            final ExecutorService executorService = PwmScheduler.makeSingleThreadExecutorService( this, PwmDomain.class );
-            pwmScheduler.scheduleDailyZuluZeroStartJob( new DailySummaryJob( this ), executorService, TimeDuration.ZERO );
-        }
-
-        LOGGER.trace( () -> "completed post init tasks", () -> TimeDuration.fromCurrent( startTime ) );
-    }
-
-    private static void outputKeystore( final PwmDomain pwmDomain ) throws Exception
+    public DomainConfig getConfig( )
     {
-        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmDomain.getPwmEnvironment().getParameters();
-        final String keystoreFileString = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreFile );
-        if ( keystoreFileString != null && !keystoreFileString.isEmpty() )
-        {
-            LOGGER.trace( () -> "attempting to output keystore as configured by environment parameters to " + keystoreFileString );
-            final File keyStoreFile = new File( keystoreFileString );
-            final String password = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStorePassword );
-            final String alias = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreAlias );
-            final KeyStore keyStore = HttpsServerCertificateManager.keyStoreForApplication( pwmDomain, new PasswordData( password ), alias );
-            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
-            keyStore.store( outputContents, password.toCharArray() );
-            if ( keyStoreFile.exists() )
-            {
-                LOGGER.trace( () -> "deleting existing keystore file " + keyStoreFile.getAbsolutePath() );
-                if ( keyStoreFile.delete() )
-                {
-                    LOGGER.trace( () -> "deleted existing keystore file: " + keyStoreFile.getAbsolutePath() );
-                }
-            }
-
-            try ( FileOutputStream fileOutputStream = new FileOutputStream( keyStoreFile ) )
-            {
-                fileOutputStream.write( outputContents.toByteArray() );
-            }
-
-            LOGGER.info( () -> "successfully exported application https key to keystore file " + keyStoreFile.getAbsolutePath() );
-        }
+        return pwmApplication.getConfig().getDomainConfigs().get( domainID );
     }
 
-    private static void outputTomcatConf( final PwmDomain pwmDomain ) throws IOException
+    public PwmApplicationMode getApplicationMode( )
     {
-        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmDomain.getPwmEnvironment().getParameters();
-        final String tomcatOutputFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfOutputFile );
-        if ( tomcatOutputFileStr != null && !tomcatOutputFileStr.isEmpty() )
-        {
-            LOGGER.trace( () -> "attempting to output tomcat configuration file as configured by environment parameters to " + tomcatOutputFileStr );
-            final File tomcatOutputFile = new File( tomcatOutputFileStr );
-            final File tomcatSourceFile;
-            {
-                final String tomcatSourceFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile );
-                if ( tomcatSourceFileStr != null && !tomcatSourceFileStr.isEmpty() )
-                {
-                    tomcatSourceFile = new File( tomcatSourceFileStr );
-                    if ( !tomcatSourceFile.exists() )
-                    {
-                        LOGGER.error( () -> "can not output tomcat configuration file, source file does not exist: " + tomcatSourceFile.getAbsolutePath() );
-                        return;
-                    }
-                }
-                else
-                {
-                    LOGGER.error( () -> "can not output tomcat configuration file, source file parameter '"
-                            + PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile.toString() + "' is not specified." );
-                    return;
-                }
-            }
-
-            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
-            try ( FileInputStream fileInputStream = new FileInputStream( tomcatOutputFile ) )
-            {
-                ExportHttpsTomcatConfigCommand.TomcatConfigWriter.writeOutputFile(
-                        pwmDomain.getConfig(),
-                        fileInputStream,
-                        outputContents
-                );
-            }
-
-            if ( tomcatOutputFile.exists() )
-            {
-                LOGGER.trace( () -> "deleting existing tomcat configuration file " + tomcatOutputFile.getAbsolutePath() );
-                if ( tomcatOutputFile.delete() )
-                {
-                    LOGGER.trace( () -> "deleted existing tomcat configuration file: " + tomcatOutputFile.getAbsolutePath() );
-                }
-            }
-
-            try ( FileOutputStream fileOutputStream = new FileOutputStream( tomcatOutputFile ) )
-            {
-                fileOutputStream.write( outputContents.toByteArray() );
-            }
-
-            LOGGER.info( () -> "successfully wrote tomcat configuration to file " + tomcatOutputFile.getAbsolutePath() );
-        }
+        return pwmApplication.getApplicationMode();
     }
 
-    private static void outputConfigurationToLog( final PwmDomain pwmDomain )
-    {
-        final Instant startTime = Instant.now();
-
-        final Function<Map.Entry<String, String>, String> valueFormatter = entry ->
-        {
-            final String spacedValue = entry.getValue().replace( "\n", "\n   " );
-            return " " + entry.getKey() + "\n   " + spacedValue + "\n";
-        };
-
-        final StoredConfiguration storedConfiguration = pwmDomain.getConfig().getStoredConfiguration();
-        final Map<String, String> debugStrings = StoredConfigurationUtil.makeDebugMap( storedConfiguration, storedConfiguration.modifiedItems(), PwmConstants.DEFAULT_LOCALE );
-
-        LOGGER.trace( () -> "--begin current configuration output--" );
-        debugStrings.entrySet().stream()
-                .map( valueFormatter )
-                .map( s -> ( Supplier<CharSequence> ) () -> s )
-                .forEach( LOGGER::trace );
-        LOGGER.trace( () -> "--end current configuration output--", () -> TimeDuration.fromCurrent( startTime ) );
-    }
+    public DatabaseAccessor getDatabaseAccessor( )
 
-    private static void outputNonDefaultPropertiesToLog( final PwmDomain pwmDomain )
+            throws PwmUnrecoverableException
     {
-        final Instant startTime = Instant.now();
-
-        final Map<AppProperty, String> nonDefaultProperties = pwmDomain.getConfig().readAllNonDefaultAppProperties();
-        if ( !JavaHelper.isEmpty( nonDefaultProperties ) )
-        {
-            LOGGER.trace( () -> "--begin non-default app properties output--" );
-            nonDefaultProperties.entrySet().stream()
-                    .map( entry -> "AppProperty: " + entry.getKey().getKey() + " -> " + entry.getValue() )
-                    .map( s -> ( Supplier<CharSequence> ) () -> s )
-                    .forEach( LOGGER::trace );
-            LOGGER.trace( () -> "--end non-default app properties output--", () -> TimeDuration.fromCurrent( startTime ) );
-        }
-        else
-        {
-            LOGGER.trace( () -> "no non-default app properties in configuration" );
-        }
+        return pwmApplication.getDatabaseAccessor();
     }
 
-    public String getInstanceID( )
+    public DatabaseService getDatabaseService( )
     {
-        return instanceID;
+        return pwmApplication.getDatabaseService();
     }
 
-    public SharedHistoryManager getSharedHistoryManager( )
+    public StatisticsManager getStatisticsManager( )
     {
-        return ( SharedHistoryManager ) pwmServiceManager.getService( PwmServiceEnum.SharedHistoryManager );
+        return pwmApplication.getStatisticsManager();
     }
 
-    public IntruderManager getIntruderManager( )
+    public OtpService getOtpService( )
     {
-        return ( IntruderManager ) pwmServiceManager.getService( PwmServiceEnum.IntruderManager );
+        return pwmApplication.getOtpService();
     }
 
-    public ChaiUser getProxiedChaiUser( final UserIdentity userIdentity )
-            throws PwmUnrecoverableException
+    public CrService getCrService( )
     {
-        try
-        {
-            final ChaiProvider proxiedProvider = getProxyChaiProvider( userIdentity.getLdapProfileID() );
-            return proxiedProvider.getEntryFactory().newChaiUser( userIdentity.getUserDN() );
-        }
-        catch ( final ChaiUnavailableException e )
-        {
-            throw PwmUnrecoverableException.fromChaiException( e );
-        }
+        return pwmApplication.getCrService();
     }
 
-    public ChaiProvider getProxyChaiProvider( final String identifier )
-            throws PwmUnrecoverableException
+    public SessionStateService getSessionStateService( )
     {
-        return getLdapConnectionService().getProxyChaiProvider( identifier );
+        return pwmApplication.getSessionStateService();
     }
 
-    public LocalDBLogger getLocalDBLogger( )
+    public CacheService getCacheService( )
     {
-        return localDBLogger;
+        return pwmApplication.getCacheService();
     }
 
-    public HealthMonitor getHealthMonitor( )
+    public SecureService getSecureService( )
     {
-        return ( HealthMonitor ) pwmServiceManager.getService( PwmServiceEnum.HealthMonitor );
+        return pwmApplication.getSecureService();
     }
 
-    public HttpClientService getHttpClientService()
-    {
-        return ( HttpClientService ) pwmServiceManager.getService( PwmServiceEnum.HttpClientService );
-    }
 
-    public List<PwmService> getPwmServices( )
-    {
-        final List<PwmService> pwmServices = new ArrayList<>();
-        pwmServices.add( this.localDBLogger );
-        pwmServices.addAll( this.pwmServiceManager.getRunningServices() );
-        pwmServices.remove( null );
-        return Collections.unmodifiableList( pwmServices );
-    }
 
-    public WordlistService getWordlistService( )
-    {
-        return ( WordlistService ) pwmServiceManager.getService( PwmServiceEnum.WordlistManager );
-    }
 
-    public SeedlistService getSeedlistManager( )
+    public Instant getStartupTime( )
     {
-        return ( SeedlistService ) pwmServiceManager.getService( PwmServiceEnum.SeedlistManager );
+        return pwmApplication.getStartupTime();
     }
 
-    public ReportService getReportService( )
+    public Instant getInstallTime( )
     {
-        return ( ReportService ) pwmServiceManager.getService( PwmServiceEnum.ReportService );
+        return pwmApplication.getInstallTime();
     }
 
-    public EmailService getEmailQueue( )
+    public LocalDB getLocalDB( )
     {
-        return ( EmailService ) pwmServiceManager.getService( PwmServiceEnum.EmailQueueManager );
+        return pwmApplication.getLocalDB();
     }
 
-    public AuditService getAuditManager( )
+    public PwmApplication getPwmApplication()
     {
-        return ( AuditService ) pwmServiceManager.getService( PwmServiceEnum.AuditService );
+        return pwmApplication;
     }
 
-    public SmsQueueManager getSmsQueue( )
-    {
-        return ( SmsQueueManager ) pwmServiceManager.getService( PwmServiceEnum.SmsQueueManager );
-    }
 
-    public PwNotifyService getPwNotifyService( )
+    public PwmEnvironment getPwmEnvironment( )
     {
-        return ( PwNotifyService ) pwmServiceManager.getService( PwmServiceEnum.PwExpiryNotifyService );
+        return pwmApplication.getPwmEnvironment();
     }
 
-    public UrlShortenerService getUrlShortener( )
+    public String getRuntimeNonce( )
     {
-        return ( UrlShortenerService ) pwmServiceManager.getService( PwmServiceEnum.UrlShortenerService );
+        return pwmApplication.getRuntimeNonce();
     }
 
-    public UserSearchEngine getUserSearchEngine( )
+    public <T extends Serializable> Optional<T> readAppAttribute( final AppAttribute appAttribute, final Class<T> returnClass )
     {
-        return ( UserSearchEngine ) pwmServiceManager.getService( PwmServiceEnum.UserSearchEngine );
+       return getPwmApplication().readAppAttribute( appAttribute, returnClass );
     }
 
-    public NodeService getClusterService( )
+    public void writeAppAttribute( final AppAttribute appAttribute, final Serializable value )
     {
-        return ( NodeService ) pwmServiceManager.getService( PwmServiceEnum.ClusterService );
+        getPwmApplication().writeAppAttribute( appAttribute, value );
     }
 
-    public ErrorInformation getLastLocalDBFailure( )
+    public File getTempDirectory( ) throws PwmUnrecoverableException
     {
-        return lastLocalDBFailure;
+       return pwmApplication.getTempDirectory();
     }
 
-    public TokenService getTokenService( )
+    public boolean determineIfDetailErrorMsgShown( )
     {
-        return ( TokenService ) pwmServiceManager.getService( PwmServiceEnum.TokenService );
+        return pwmApplication.determineIfDetailErrorMsgShown();
     }
 
-    public LdapConnectionService getLdapConnectionService( )
+    public PwmScheduler getPwmScheduler()
     {
-        return ( LdapConnectionService ) pwmServiceManager.getService( PwmServiceEnum.LdapConnectionService );
+        return pwmApplication.getPwmScheduler();
     }
 
-    public SessionTrackService getSessionTrackService( )
+    public LdapConnectionService getLdapConnectionService()
     {
-        return ( SessionTrackService ) pwmServiceManager.getService( PwmServiceEnum.SessionTrackService );
+        return pwmApplication.getLdapConnectionService();
     }
 
-    public ResourceServletService getResourceServletService( )
+    public AuditService getAuditManager()
     {
-        return ( ResourceServletService ) pwmServiceManager.getService( PwmServiceEnum.ResourceServletService );
+        return pwmApplication.getAuditManager();
     }
 
-    public PeopleSearchService getPeopleSearchService( )
+    public String getInstanceID()
     {
-        return ( PeopleSearchService ) pwmServiceManager.getService( PwmServiceEnum.PeopleSearchService );
+        return pwmApplication.getInstanceID();
     }
 
-    public DomainConfig getConfig( )
+    public EmailService getEmailQueue()
     {
-        return pwmEnvironment.getConfig();
+        return pwmApplication.getEmailQueue();
     }
 
-    public PwmApplicationMode getApplicationMode( )
+    public SessionTrackService getSessionTrackService()
     {
-        return pwmEnvironment.getApplicationMode();
+        return pwmApplication.getSessionTrackService();
     }
 
-    public DatabaseAccessor getDatabaseAccessor( )
-
+    public ChaiProvider getProxyChaiProvider( final String ldapProfileID )
             throws PwmUnrecoverableException
     {
-        return getDatabaseService().getAccessor();
-    }
-
-    public DatabaseService getDatabaseService( )
-    {
-        return ( DatabaseService ) pwmServiceManager.getService( PwmServiceEnum.DatabaseService );
+        return pwmApplication.getProxyChaiProvider( ldapProfileID );
     }
 
-
-    private Instant fetchInstallDate( final Instant startupTime )
-    {
-        if ( localDB != null )
-        {
-            try
-            {
-                final Optional<String> storedDateStr = readAppAttribute( AppAttribute.INSTALL_DATE, String.class );
-                if ( !storedDateStr.isPresent() )
-                {
-                    writeAppAttribute( AppAttribute.INSTALL_DATE, String.valueOf( startupTime.toEpochMilli() ) );
-                }
-                else
-                {
-                    return Instant.ofEpochMilli( Long.parseLong( storedDateStr.get() ) );
-                }
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.error( () -> "error retrieving installation date from localDB: " + e.getMessage() );
-            }
-        }
-        return Instant.now();
-    }
-
-    private String fetchInstanceID( final LocalDB localDB, final PwmDomain pwmDomain )
+    public ChaiUser getProxiedChaiUser( final UserIdentity userIdentity )
+            throws PwmUnrecoverableException
     {
-        {
-            final String newInstanceID = pwmDomain.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.InstanceID );
-
-            if ( !StringUtil.isTrimEmpty( newInstanceID ) )
-            {
-                return newInstanceID;
-            }
-        }
-
-        {
-            final Optional<String> optionalStoredInstanceID = readAppAttribute( AppAttribute.INSTANCE_ID, String.class );
-            if ( optionalStoredInstanceID.isPresent() )
-            {
-                final String instanceID = optionalStoredInstanceID.get();
-                if ( !StringUtil.isTrimEmpty( instanceID ) )
-                {
-                    LOGGER.trace( () -> "retrieved instanceID " + instanceID + "" + " from localDB" );
-                    return instanceID;
-                }
-            }
-        }
-
-        final PwmRandom pwmRandom = PwmRandom.getInstance();
-        final String newInstanceID = Long.toHexString( pwmRandom.nextLong() ).toUpperCase();
-        LOGGER.debug( () -> "generated new random instanceID " + newInstanceID );
-
-        if ( localDB != null )
-        {
-            writeAppAttribute( AppAttribute.INSTANCE_ID, newInstanceID );
-        }
-
-        return newInstanceID;
+        return pwmApplication.getProxiedChaiUser( userIdentity );
     }
 
-    public StatisticsManager getStatisticsManager( )
+    public List<PwmService> getPwmServices( )
     {
-        return ( StatisticsManager ) pwmServiceManager.getService( PwmServiceEnum.StatisticsManager );
+        return pwmApplication.getPwmServices();
     }
 
-    public OtpService getOtpService( )
+    public UserSearchEngine getUserSearchEngine()
     {
-        return ( OtpService ) pwmServiceManager.getService( PwmServiceEnum.OtpService );
+        return pwmApplication.getUserSearchEngine();
     }
 
-    public CrService getCrService( )
+    public UrlShortenerService getUrlShortener()
     {
-        return ( CrService ) pwmServiceManager.getService( PwmServiceEnum.CrService );
+        return pwmApplication.getUrlShortener();
     }
 
-    public SessionStateService getSessionStateService( )
+    public HttpClientService getHttpClientService()
     {
-        return ( SessionStateService ) pwmServiceManager.getService( PwmServiceEnum.SessionStateSvc );
+        return pwmApplication.getHttpClientService();
     }
 
-
-    public CacheService getCacheService( )
+    public NodeService getClusterService()
     {
-        return ( CacheService ) pwmServiceManager.getService( PwmServiceEnum.CacheService );
+        return pwmApplication.getClusterService();
     }
 
-    public SecureService getSecureService( )
+    public IntruderManager getIntruderManager()
     {
-        return ( SecureService ) pwmServiceManager.getService( PwmServiceEnum.SecureService );
+        return pwmApplication.getIntruderManager();
     }
 
-    public void sendSmsUsingQueue(
-            final String to,
-            final String message,
-            final SessionLabel sessionLabel,
-            final MacroRequest macroRequest
-    )
+    public TokenService getTokenService()
     {
-        final SmsQueueManager smsQueue = getSmsQueue();
-        if ( smsQueue == null )
-        {
-            LOGGER.error( sessionLabel, () -> "SMS queue is unavailable, unable to send SMS to: " + to );
-            return;
-        }
-
-        final SmsItemBean smsItemBean = new SmsItemBean(
-                macroRequest.expandMacros( to ),
-                macroRequest.expandMacros( message ),
-                sessionLabel
-        );
-
-        try
-        {
-            smsQueue.addSmsToQueue( smsItemBean );
-        }
-        catch ( final PwmUnrecoverableException e )
-        {
-            LOGGER.warn( () -> "unable to add sms to queue: " + e.getMessage() );
-        }
+        return pwmApplication.getTokenService();
     }
 
-    public void shutdown( )
+    public void sendSmsUsingQueue( final String smsNumber, final String modifiedMessage, final SessionLabel sessionLabel, final MacroRequest macroRequest )
     {
-        shutdown( false );
+        pwmApplication.sendSmsUsingQueue( smsNumber, modifiedMessage, sessionLabel, macroRequest );
     }
 
-    public void shutdown( final boolean keepServicesRunning )
+    public WordlistService getWordlistService()
     {
-        pwmScheduler.shutdown();
-
-        LOGGER.warn( () -> "shutting down" );
-        {
-            // send system audit event
-            try
-            {
-                final SystemAuditRecord auditRecord = new AuditRecordFactory( this ).createSystemAuditRecord(
-                        AuditEvent.SHUTDOWN,
-                        null
-                );
-                if ( getAuditManager() != null )
-                {
-                    getAuditManager().submit( null, auditRecord );
-                }
-            }
-            catch ( final PwmException e )
-            {
-                LOGGER.warn( () -> "unable to submit shutdown alert event " + e.getMessage() );
-            }
-        }
-
-        MBeanUtility.unregisterMBean( this );
-
-        if ( !keepServicesRunning )
-        {
-            pwmServiceManager.shutdownAllServices();
-        }
-
-        if ( localDBLogger != null )
-        {
-            try
-            {
-                localDBLogger.close();
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.error( () -> "error closing localDBLogger: " + e.getMessage(), e );
-            }
-            localDBLogger = null;
-        }
-
-        if ( keepServicesRunning )
-        {
-            LOGGER.trace( () -> "skipping close of LocalDB (restart request)" );
-        }
-        else if ( localDB != null )
-        {
-            try
-            {
-                LOGGER.trace( () -> "beginning close of LocalDB" );
-                localDB.close();
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.fatal( () -> "error closing localDB: " + e, e );
-            }
-            localDB = null;
-        }
-
-        if ( fileLocker != null )
-        {
-            fileLocker.releaseFileLock();
-        }
-
-        LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " closed for bidness, cya!" );
+        return pwmApplication.getWordlistService();
     }
 
-    public Instant getStartupTime( )
+    public LocalDBLogger getLocalDBLogger()
     {
-        return startupTime;
+        return pwmApplication.getLocalDBLogger();
     }
 
-    public Instant getInstallTime( )
+    public SharedHistoryManager getSharedHistoryManager()
     {
-        return installTime;
+        return pwmApplication.getSharedHistoryManager();
     }
 
-    public LocalDB getLocalDB( )
+    public SeedlistService getSeedlistManager()
     {
-        return localDB;
+        return pwmApplication.getSeedlistManager();
     }
 
-    private static class Initializer
+    public SmsQueueManager getSmsQueue()
     {
-        public static LocalDB initializeLocalDB( final PwmDomain pwmDomain, final PwmEnvironment pwmEnvironment )
-                throws PwmUnrecoverableException
-        {
-            final File databaseDirectory;
-
-            try
-            {
-                final String localDBLocationSetting = pwmDomain.getConfig().readAppProperty( AppProperty.LOCALDB_LOCATION );
-                databaseDirectory = FileSystemUtility.figureFilepath( localDBLocationSetting, pwmDomain.pwmEnvironment.getApplicationPath() );
-            }
-            catch ( final Exception e )
-            {
-                pwmDomain.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "error locating configured LocalDB directory: " + e.getMessage() );
-                LOGGER.warn( () -> pwmDomain.lastLocalDBFailure.toDebugStr() );
-                throw new PwmUnrecoverableException( pwmDomain.lastLocalDBFailure );
-            }
-
-            LOGGER.debug( () -> "using localDB path " + databaseDirectory );
-
-            // initialize the localDB
-            try
-            {
-                final boolean readOnly = pwmDomain.getApplicationMode() == PwmApplicationMode.READ_ONLY;
-                return LocalDBFactory.getInstance( databaseDirectory, readOnly, pwmEnvironment, pwmDomain.getConfig() );
-            }
-            catch ( final Exception e )
-            {
-                pwmDomain.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "unable to initialize LocalDB: " + e.getMessage() );
-                LOGGER.warn( () -> pwmDomain.lastLocalDBFailure.toDebugStr() );
-                throw new PwmUnrecoverableException( pwmDomain.lastLocalDBFailure );
-            }
-        }
+        return pwmApplication.getSmsQueue();
     }
 
-    public PwmEnvironment getPwmEnvironment( )
+    public ErrorInformation getLastLocalDBFailure()
     {
-        return pwmEnvironment;
+        return pwmApplication.getLastLocalDBFailure();
     }
 
-    public String getRuntimeNonce( )
+    public HealthMonitor getHealthMonitor()
     {
-        return runtimeNonce;
+        return pwmApplication.getHealthMonitor();
     }
 
-    public <T extends Serializable> Optional<T> readAppAttribute( final AppAttribute appAttribute, final Class<T> returnClass )
+    public ReportService getReportService()
     {
-        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
-        {
-            LOGGER.debug( () -> "error retrieving key '" + appAttribute.getKey() + "', localDB unavailable: " );
-            return Optional.empty();
-        }
-
-        if ( appAttribute == null )
-        {
-            return Optional.empty();
-        }
-
-        try
-        {
-            final String strValue = localDB.get( LocalDB.DB.PWM_META, appAttribute.getKey() );
-            return Optional.of( JsonUtil.deserialize( strValue, returnClass ) );
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' value from localDB: " + e.getMessage() );
-        }
-        return Optional.empty();
+        return pwmApplication.getReportService();
     }
 
-    public void writeAppAttribute( final AppAttribute appAttribute, final Serializable value )
+    public PeopleSearchService getPeopleSearchService()
     {
-        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
-        {
-            LOGGER.error( () -> "error writing key '" + appAttribute.getKey() + "', localDB unavailable: " );
-            return;
-        }
-
-        if ( appAttribute == null )
-        {
-            return;
-        }
-
-        try
-        {
-            if ( value == null )
-            {
-                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
-            }
-            else
-            {
-                final String jsonValue = JsonUtil.serialize( value );
-                localDB.put( LocalDB.DB.PWM_META, appAttribute.getKey(), jsonValue );
-            }
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' installation date from localDB: " + e.getMessage() );
-            try
-            {
-                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
-            }
-            catch ( final Exception e2 )
-            {
-                LOGGER.error( () -> "error removing bogus appAttribute value for key " + appAttribute.getKey() + ", error: " + localDB );
-            }
-        }
+        return pwmApplication.getPeopleSearchService();
     }
 
-    public File getTempDirectory( ) throws PwmUnrecoverableException
+    public PwNotifyService getPwNotifyService()
     {
-        if ( pwmEnvironment.getApplicationPath() == null )
-        {
-            final ErrorInformation errorInformation = new ErrorInformation(
-                    PwmError.ERROR_STARTUP_ERROR,
-                    "unable to establish temp work directory: application path unavailable"
-            );
-            throw new PwmUnrecoverableException( errorInformation );
-        }
-        final File tempDirectory = new File( pwmEnvironment.getApplicationPath() + File.separator + "temp" );
-        if ( !tempDirectory.exists() )
-        {
-            LOGGER.trace( () -> "preparing to create temporary directory " + tempDirectory.getAbsolutePath() );
-            if ( tempDirectory.mkdir() )
-            {
-                LOGGER.debug( () -> "created " + tempDirectory.getAbsolutePath() );
-            }
-            else
-            {
-                LOGGER.debug( () -> "unable to create temporary directory " + tempDirectory.getAbsolutePath() );
-                final ErrorInformation errorInformation = new ErrorInformation(
-                        PwmError.ERROR_STARTUP_ERROR,
-                        "unable to establish create temp work directory " + tempDirectory.getAbsolutePath()
-                );
-                throw new PwmUnrecoverableException( errorInformation );
-            }
-        }
-        return tempDirectory;
+        return pwmApplication.getPwNotifyService();
     }
 
-    public boolean determineIfDetailErrorMsgShown( )
+    public ResourceServletService getResourceServletService()
     {
-        final PwmApplicationMode mode = this.getApplicationMode();
-        if ( mode == PwmApplicationMode.CONFIGURATION || mode == PwmApplicationMode.NEW )
-        {
-            return true;
-        }
-        if ( mode == PwmApplicationMode.RUNNING )
-        {
-            if ( this.getConfig() != null )
-            {
-                if ( this.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SHOW_DETAILED_ERRORS ) )
-                {
-                    return true;
-                }
-            }
-        }
-        return false;
+        return pwmApplication.getResourceServletService();
     }
 
-    public AtomicInteger getActiveServletRequests( )
+    public void shutdown()
     {
-        return activeServletRequests;
-    }
 
-    public PwmScheduler getPwmScheduler()
-    {
-        return pwmScheduler;
     }
 }
 

server/src/main/java/password/pwm/PwmEnvironment.java

@@ -23,7 +23,7 @@ package password.pwm;
 import lombok.Builder;
 import lombok.Singular;
 import lombok.Value;
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
@@ -52,7 +52,7 @@ public class PwmEnvironment
     @lombok.Builder.Default
     private PwmApplicationMode applicationMode = PwmApplicationMode.ERROR;
 
-    private DomainConfig config;
+    private AppConfig config;
     private File applicationPath;
     private boolean internalRuntimeInstance;
     private File configurationFile;
@@ -168,7 +168,7 @@ public class PwmEnvironment
     }
 
     public PwmEnvironment makeRuntimeInstance(
-            final DomainConfig domainConfig
+            final AppConfig domainConfig
     )
             throws PwmUnrecoverableException
     {

server/src/main/java/password/pwm/bean/UserIdentity.java

@@ -57,23 +57,23 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
 
     private final String userDN;
     private final String ldapProfile;
-    private final String domain;
+    private final String domainID;
 
     public enum Flag
     {
         PreCanonicalized,
     }
 
-    private UserIdentity( final String userDN, final String ldapProfile, final String domain )
+    private UserIdentity( final String userDN, final String ldapProfile, final String domainID )
     {
         this.userDN = JavaHelper.requireNonEmpty( userDN, "UserIdentity: userDN value cannot be empty" );
         this.ldapProfile = JavaHelper.requireNonEmpty( ldapProfile, "UserIdentity: ldapProfile value cannot be empty" );
-        this.domain = JavaHelper.requireNonEmpty( domain, "UserIdentity: domain value cannot be empty" );
+        this.domainID = JavaHelper.requireNonEmpty( domainID, "UserIdentity: domain value cannot be empty" );
     }
 
-    public UserIdentity( final String userDN, final String ldapProfile, final String domain, final boolean canonical )
+    public UserIdentity( final String userDN, final String ldapProfile, final String domainID, final boolean canonical )
     {
-        this( userDN, ldapProfile, domain );
+        this( userDN, ldapProfile, domainID );
         this.canonical = canonical;
     }
 
@@ -88,9 +88,9 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         return userDN;
     }
 
-    public String getDomain()
+    public String getDomainID()
     {
-        return domain;
+        return domainID;
     }
 
     public String getLdapProfileID( )
@@ -239,7 +239,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
             return false;
         }
         final UserIdentity that = ( UserIdentity ) o;
-        return Objects.equals( domain, that.domain )
+        return Objects.equals( domainID, that.domainID )
                 && Objects.equals( ldapProfile, that.ldapProfile )
                 && Objects.equals( userDN, that.userDN );
     }
@@ -247,7 +247,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
     @Override
     public int hashCode()
     {
-        return Objects.hash( domain, ldapProfile, userDN );
+        return Objects.hash( domainID, ldapProfile, userDN );
     }
 
     @Override
@@ -259,7 +259,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
     private static Comparator<UserIdentity> comparator( )
     {
         final Comparator<UserIdentity> domainComparator = Comparator.comparing(
-                UserIdentity::getDomain,
+                UserIdentity::getDomainID,
                 Comparator.nullsLast( Comparator.naturalOrder() ) );
 
         final Comparator<UserIdentity> profileComparator = Comparator.comparing(
@@ -267,7 +267,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
                 Comparator.nullsLast( Comparator.naturalOrder() ) );
 
         final Comparator<UserIdentity> userComparator = Comparator.comparing(
-                UserIdentity::getDomain,
+                UserIdentity::getDomainID,
                 Comparator.nullsLast( Comparator.naturalOrder() ) );
 
         return domainComparator

server/src/main/java/password/pwm/config/AppConfig.java

@@ -21,21 +21,29 @@
 package password.pwm.config;
 
 import password.pwm.AppProperty;
+import password.pwm.PwmConstants;
+import password.pwm.bean.PrivateKeyCertificate;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.util.PasswordData;
+import password.pwm.util.i18n.LocaleHelper;
 import password.pwm.util.java.LazySupplier;
 import password.pwm.util.java.StringUtil;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.secure.PwmRandom;
 import password.pwm.util.secure.PwmSecurityKey;
+import password.pwm.util.secure.SecureService;
 
+import java.util.ArrayList;
+import java.util.Collections;
 import java.util.LinkedHashMap;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
+import java.util.TreeMap;
 import java.util.function.Supplier;
 import java.util.stream.Collectors;
 
@@ -56,7 +64,7 @@ public class AppConfig
         this.settingReader = new SettingReader( storedConfiguration, null, null );
         domainConfigMap = getDomainIDs().stream().collect( Collectors.toUnmodifiableMap(
                 ( domainID ) -> domainID,
-                ( domainID ) -> new DomainConfig( storedConfiguration ) ) );
+                ( domainID ) -> new DomainConfig( this, domainID ) ) );
     }
 
     public List<String> getDomainIDs()
@@ -64,11 +72,16 @@ public class AppConfig
         return settingReader.readSettingAsStringArray( PwmSetting.DOMAIN_LIST );
     }
 
-    public Map<String, DomainConfig> domainConfigMap()
+    public Map<String, DomainConfig> getDomainConfigs()
     {
         return domainConfigMap;
     }
 
+    public DomainConfig getDefaultDomainConfig()
+    {
+        return domainConfigMap.get( PwmConstants.DOMAIN_ID_PLACEHOLDER );
+    }
+
     public String readSettingAsString( final PwmSetting pwmSetting )
     {
         return settingReader.readSettingAsString( pwmSetting );
@@ -129,6 +142,27 @@ public class AppConfig
         return settingReader.readSettingAsLong( pwmSetting );
     }
 
+    public Map<Locale, String> getKnownLocaleFlagMap( )
+    {
+        return configurationSuppliers.localeFlagMap.get();
+    }
+
+    public List<Locale> getKnownLocales( )
+    {
+        return List.copyOf( configurationSuppliers.localeFlagMap.get().keySet() );
+    }
+
+    public PrivateKeyCertificate readSettingAsPrivateKey( final PwmSetting setting )
+    {
+        return settingReader.readSettingAsPrivateKey( setting );
+    }
+
+    public String configurationHash( final SecureService secureService )
+            throws PwmUnrecoverableException
+    {
+        return storedConfiguration.valueHash();
+    }
+
     private class ConfigurationSuppliers
     {
         private final Supplier<Map<String, String>> appPropertyOverrides = new LazySupplier<>( () ->
@@ -175,5 +209,47 @@ public class AppConfig
             }
         } );
 
+        private final Supplier<Map<Locale, String>> localeFlagMap = new LazySupplier<>( () ->
+        {
+            final String defaultLocaleAsString = PwmConstants.DEFAULT_LOCALE.toString();
+
+            final List<String> inputList = readSettingAsStringArray( PwmSetting.KNOWN_LOCALES );
+            final Map<String, String> inputMap = StringUtil.convertStringListToNameValuePair( inputList, "::" );
+
+            // Sort the map by display name
+            final Map<String, String> sortedMap = new TreeMap<>();
+            for ( final String localeString : inputMap.keySet() )
+            {
+                final Locale theLocale = LocaleHelper.parseLocaleString( localeString );
+                if ( theLocale != null )
+                {
+                    sortedMap.put( theLocale.getDisplayName(), localeString );
+                }
+            }
+
+            final List<String> returnList = new ArrayList<>();
+
+            //ensure default is first.
+            returnList.add( defaultLocaleAsString );
+            for ( final String localeString : sortedMap.values() )
+            {
+                if ( !defaultLocaleAsString.equals( localeString ) )
+                {
+                    returnList.add( localeString );
+                }
+            }
+
+            final Map<Locale, String> localeFlagMap = new LinkedHashMap<>();
+            for ( final String localeString : returnList )
+            {
+                final Locale loopLocale = LocaleHelper.parseLocaleString( localeString );
+                if ( loopLocale != null )
+                {
+                    final String flagCode = inputMap.containsKey( localeString ) ? inputMap.get( localeString ) : loopLocale.getCountry();
+                    localeFlagMap.put( loopLocale, flagCode );
+                }
+            }
+            return Collections.unmodifiableMap( localeFlagMap );
+        } );
     }
 }

server/src/main/java/password/pwm/config/DomainConfig.java

@@ -84,7 +84,6 @@ import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;
 import java.util.Set;
-import java.util.TreeMap;
 import java.util.function.Supplier;
 import java.util.stream.Collectors;
 
@@ -96,18 +95,27 @@ public class DomainConfig
     private static final PwmLogger LOGGER = PwmLogger.forClass( DomainConfig.class );
 
     private final StoredConfiguration storedConfiguration;
+    private final AppConfig appConfig;
+    private final String domainID;
 
     private final ConfigurationSuppliers configurationSuppliers = new ConfigurationSuppliers();
 
     private final DataCache dataCache = new DataCache();
     private final SettingReader settingReader;
 
-    public DomainConfig( final StoredConfiguration storedConfiguration )
+    public DomainConfig( final AppConfig appConfig, final String domainID )
     {
-        this.storedConfiguration = storedConfiguration;
+        this.appConfig = Objects.requireNonNull( appConfig );
+        this.storedConfiguration = appConfig.getStoredConfiguration();
+        this.domainID = Objects.requireNonNull( domainID );
         this.settingReader = new SettingReader( storedConfiguration, null, PwmConstants.DOMAIN_ID_PLACEHOLDER );
     }
 
+    public AppConfig getAppConfig()
+    {
+        return appConfig;
+    }
+
     public static void deprecatedSettingException( final PwmSetting pwmSetting, final String profile, final MessageSendMethod value )
     {
         if ( value != null && value.isDeprecated() )
@@ -352,15 +360,7 @@ public class DomainConfig
 
     public PrivateKeyCertificate readSettingAsPrivateKey( final PwmSetting setting )
     {
-        if ( PwmSettingSyntax.PRIVATE_KEY != setting.getSyntax() )
-        {
-            throw new IllegalArgumentException( "may not read PRIVATE_KEY value for setting: " + setting.toString() );
-        }
-        if ( readStoredValue( setting ) == null )
-        {
-            return null;
-        }
-        return ( PrivateKeyCertificate ) readStoredValue( setting ).toNativeObject();
+        return settingReader.readSettingAsPrivateKey( setting );
     }
 
     private PwmSecurityKey tempInstanceKey = null;
@@ -406,12 +406,12 @@ public class DomainConfig
 
     public List<Locale> getKnownLocales( )
     {
-        return Collections.unmodifiableList( new ArrayList<>( configurationSuppliers.localeFlagMap.get().keySet() ) );
+        return getAppConfig().getKnownLocales();
     }
 
     public Map<Locale, String> getKnownLocaleFlagMap( )
     {
-        return Collections.unmodifiableMap( configurationSuppliers.localeFlagMap.get() );
+        return getAppConfig().getKnownLocaleFlagMap();
     }
 
 
@@ -445,7 +445,7 @@ public class DomainConfig
 
     public String readAppProperty( final AppProperty property )
     {
-        return configurationSuppliers.appPropertyOverrides.get().getOrDefault( property.getKey(), property.getDefaultValue() );
+        return appConfig.readAppProperty( property );
     }
 
     private StoredValue readStoredValue( final PwmSetting setting )
@@ -467,59 +467,12 @@ public class DomainConfig
 
             return Collections.unmodifiableMap(
                     sourceMap.entrySet()
-                    .stream()
-                    .filter( entry -> entry.getValue().isEnabled() )
-                    .collect( Collectors.toMap( Map.Entry::getKey, Map.Entry::getValue ) )
+                            .stream()
+                            .filter( entry -> entry.getValue().isEnabled() )
+                            .collect( Collectors.toMap( Map.Entry::getKey, Map.Entry::getValue ) )
             );
         } );
 
-        private final Supplier<Map<String, String>> appPropertyOverrides = new LazySupplier<>( () ->
-                StringUtil.convertStringListToNameValuePair(
-                        readSettingAsStringArray( PwmSetting.APP_PROPERTY_OVERRIDES ), "=" ) );
-
-        private final Supplier<Map<Locale, String>> localeFlagMap = new LazySupplier<>( () ->
-        {
-            final String defaultLocaleAsString = PwmConstants.DEFAULT_LOCALE.toString();
-
-            final List<String> inputList = readSettingAsStringArray( PwmSetting.KNOWN_LOCALES );
-            final Map<String, String> inputMap = StringUtil.convertStringListToNameValuePair( inputList, "::" );
-
-            // Sort the map by display name
-            final Map<String, String> sortedMap = new TreeMap<>();
-            for ( final String localeString : inputMap.keySet() )
-            {
-                final Locale theLocale = LocaleHelper.parseLocaleString( localeString );
-                if ( theLocale != null )
-                {
-                    sortedMap.put( theLocale.getDisplayName(), localeString );
-                }
-            }
-
-            final List<String> returnList = new ArrayList<>();
-
-            //ensure default is first.
-            returnList.add( defaultLocaleAsString );
-            for ( final String localeString : sortedMap.values() )
-            {
-                if ( !defaultLocaleAsString.equals( localeString ) )
-                {
-                    returnList.add( localeString );
-                }
-            }
-
-            final Map<Locale, String> localeFlagMap = new LinkedHashMap<>();
-            for ( final String localeString : returnList )
-            {
-                final Locale loopLocale = LocaleHelper.parseLocaleString( localeString );
-                if ( loopLocale != null )
-                {
-                    final String flagCode = inputMap.containsKey( localeString ) ? inputMap.get( localeString ) : loopLocale.getCountry();
-                    localeFlagMap.put( loopLocale, flagCode );
-                }
-            }
-            return Collections.unmodifiableMap( localeFlagMap );
-        } );
-
         private final LazySupplier.CheckedSupplier<PwmSecurityKey, PwmUnrecoverableException> pwmSecurityKey
                 = LazySupplier.checked( () ->
         {
@@ -689,13 +642,13 @@ public class DomainConfig
 
     public boolean isDevDebugMode( )
     {
-        return Boolean.parseBoolean( readAppProperty( AppProperty.LOGGING_DEV_OUTPUT ) );
+        return appConfig.isDevDebugMode();
     }
 
     public String configurationHash( final SecureService secureService )
             throws PwmUnrecoverableException
     {
-        return storedConfiguration.valueHash();
+        return appConfig.configurationHash( secureService );
     }
 
     public Set<PwmSetting> nonDefaultSettings( )

server/src/main/java/password/pwm/config/PwmSetting.java

@@ -59,7 +59,7 @@ public enum PwmSetting
 
     // domains
     DOMAIN_LIST(
-            "domain.list", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.DOMAINS ),
+            "domain.list", PwmSettingSyntax.PROFILE, PwmSettingCategory.DOMAINS ),
 
     // application settings
     PWM_SITE_URL(
@@ -84,10 +84,6 @@ public enum PwmSetting
             "knownLocales", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.LOCALIZATION ),
     LOCALE_COOKIE_MAX_AGE(
             "locale.cookie.age", PwmSettingSyntax.DURATION, PwmSettingCategory.LOCALIZATION ),
-    HTTP_PROXY_URL(
-            "http.proxy.url", PwmSettingSyntax.STRING, PwmSettingCategory.GENERAL ),
-    HTTP_PROXY_EXCEPTIONS(
-            "http.proxy.exceptions", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.GENERAL ),
     APP_PROPERTY_OVERRIDES(
             "pwm.appProperty.overrides", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.GENERAL ),
 
@@ -1238,7 +1234,13 @@ public enum PwmSetting
             "external.remoteData.url", PwmSettingSyntax.REMOTE_WEB_SERVICE, PwmSettingCategory.REST_CLIENT ),
 
 
-    //appliance
+    // http client
+    HTTP_PROXY_URL(
+            "http.proxy.url", PwmSettingSyntax.STRING, PwmSettingCategory.HTTP_CLIENT ),
+    HTTP_PROXY_EXCEPTIONS(
+            "http.proxy.exceptions", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.HTTP_CLIENT ),
+
+    // https server
     HTTPS_CERT(
             "https.server.cert", PwmSettingSyntax.PRIVATE_KEY, PwmSettingCategory.HTTPS_SERVER ),
     HTTPS_PROTOCOLS(

server/src/main/java/password/pwm/config/PwmSettingCategory.java

@@ -133,6 +133,7 @@ public enum PwmSettingCategory
     PASSWORD_POLICY( PROFILES ),
     CHALLENGE_POLICY( PROFILES ),
 
+    HTTP_CLIENT( SETTINGS ),
     HTTPS_SERVER( SETTINGS ),
 
     ADMINISTRATION( MODULES_PRIVATE ),

server/src/main/java/password/pwm/config/SettingReader.java

@@ -20,6 +20,7 @@
 
 package password.pwm.config;
 
+import password.pwm.bean.PrivateKeyCertificate;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.config.value.StoredValue;
 import password.pwm.config.value.ValueTypeConverter;
@@ -126,6 +127,19 @@ public class SettingReader
         return ValueTypeConverter.valueToNamedPassword( readSetting( setting ) );
     }
 
+    public PrivateKeyCertificate readSettingAsPrivateKey( final PwmSetting setting )
+    {
+        if ( PwmSettingSyntax.PRIVATE_KEY != setting.getSyntax() )
+        {
+            throw new IllegalArgumentException( "may not read PRIVATE_KEY value for setting: " + setting.toString() );
+        }
+        if ( readSetting( setting ) == null )
+        {
+            return null;
+        }
+        return ( PrivateKeyCertificate ) readSetting( setting ).toNativeObject();
+    }
+
     private StoredValue readSetting( final PwmSetting setting )
     {
         if ( StringUtil.isEmpty( profileID ) )

server/src/main/java/password/pwm/config/function/AbstractUriCertImportFunction.java

@@ -21,6 +21,7 @@
 package password.pwm.config.function;
 
 import password.pwm.bean.UserIdentity;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
@@ -60,11 +61,11 @@ abstract class AbstractUriCertImportFunction implements SettingUIFunction
             final URI uri = URI.create( urlString );
             if ( "https".equalsIgnoreCase( uri.getScheme() ) )
             {
-                certs = X509Utils.readRemoteHttpCertificates( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), uri );
+                certs = X509Utils.readRemoteHttpCertificates( pwmRequest.getPwmDomain(), pwmRequest.getLabel(), uri );
             }
             else
             {
-                final DomainConfig domainConfig = new DomainConfig( modifier.newStoredConfiguration() );
+                final DomainConfig domainConfig = new AppConfig( modifier.newStoredConfiguration() ).getDefaultDomainConfig();
                 certs = X509Utils.readRemoteCertificates( URI.create( urlString ), domainConfig );
             }
         }

server/src/main/java/password/pwm/config/function/LdapCertImportFunction.java

@@ -50,7 +50,7 @@ public class LdapCertImportFunction implements SettingUIFunction
     )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final StringArrayValue ldapUrlsValue = ( StringArrayValue ) modifier.newStoredConfiguration().readSetting( PwmSetting.LDAP_SERVER_URLS, profile );

server/src/main/java/password/pwm/config/function/SmtpCertImportFunction.java

@@ -50,7 +50,7 @@ public class SmtpCertImportFunction implements SettingUIFunction
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
-        final DomainConfig domainConfig = new DomainConfig( modifier.newStoredConfiguration() );
+        final DomainConfig domainConfig = pwmRequest.getConfig();
         final List<X509Certificate> certs = EmailServerUtil.readCertificates( domainConfig, profile );
         if ( !JavaHelper.isEmpty( certs ) )
         {

server/src/main/java/password/pwm/config/function/SyslogCertImportFunction.java

@@ -22,7 +22,7 @@ package password.pwm.config.function;
 
 import password.pwm.PwmDomain;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationModifier;
@@ -52,12 +52,13 @@ public class SyslogCertImportFunction implements SettingUIFunction
             final StoredConfigurationModifier modifier,
             final PwmSetting setting,
             final String profile,
-            final String extraData )
+            final String extraData
+    )
             throws PwmOperationalException, PwmUnrecoverableException
     {
         boolean error = false;
         Exception exeception = null;
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final Set<X509Certificate> resultCertificates = new LinkedHashSet<>();
@@ -77,7 +78,7 @@ public class SyslogCertImportFunction implements SettingUIFunction
                             final List<X509Certificate> certs = X509Utils.readRemoteCertificates(
                                     syslogConfig.getHost(),
                                     syslogConfig.getPort(),
-                                    new DomainConfig( modifier.newStoredConfiguration() )
+                                    new AppConfig( modifier.newStoredConfiguration() ).getDefaultDomainConfig()
                             );
                             if ( certs != null )
                             {

server/src/main/java/password/pwm/config/function/UserMatchViewerFunction.java

@@ -26,10 +26,11 @@ import com.novell.ldapchai.provider.ChaiProvider;
 import lombok.Builder;
 import lombok.Value;
 import password.pwm.AppProperty;
+import password.pwm.PwmApplication;
 import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfiguration;
@@ -69,7 +70,7 @@ public class UserMatchViewerFunction implements SettingUIFunction
             final String extraData )
             throws Exception
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         final Instant startSearchTime = Instant.now();
         final int maxResultSize = Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_MATCH_LIMIT ) );
@@ -99,16 +100,16 @@ public class UserMatchViewerFunction implements SettingUIFunction
     )
             throws Exception
     {
-        final DomainConfig config = new DomainConfig( storedConfiguration );
-        final PwmDomain tempApplication = PwmDomain.createPwmApplication( pwmDomain.getPwmEnvironment().makeRuntimeInstance( config ) );
+        final AppConfig config = new AppConfig( storedConfiguration );
+        final PwmApplication tempApplication = PwmApplication.createPwmApplication( pwmDomain.getPwmEnvironment().makeRuntimeInstance( config ) );
         final StoredValue storedValue = storedConfiguration.readSetting( setting, profile );
         final List<UserPermission> permissions = ValueTypeConverter.valueToUserPermissions( storedValue );
 
-        validateUserPermissionLdapValues( tempApplication, permissions );
+        validateUserPermissionLdapValues( tempApplication.getDefaultDomain(), permissions );
 
         final int maxSearchSeconds = Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_TIMEOUT_SECONDS ) );
         final TimeDuration maxSearchTime = TimeDuration.of( maxSearchSeconds, TimeDuration.Unit.SECONDS );
-        return UserPermissionUtility.discoverMatchingUsers( tempApplication, permissions, SessionLabel.SYSTEM_LABEL, maxResultSize, maxSearchTime );
+        return UserPermissionUtility.discoverMatchingUsers( tempApplication.getDefaultDomain(), permissions, SessionLabel.SYSTEM_LABEL, maxResultSize, maxSearchTime );
     }
 
     private static void validateUserPermissionLdapValues(

server/src/main/java/password/pwm/config/profile/NewUserProfile.java

@@ -27,6 +27,7 @@ import password.pwm.AppProperty;
 import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.stored.StoredConfiguration;
@@ -178,7 +179,7 @@ public class NewUserProfile extends AbstractProfile implements Profile
     public LdapProfile getLdapProfile()
             throws PwmUnrecoverableException
     {
-        final DomainConfig domainConfig = new DomainConfig( getStoredConfiguration() );
+        final DomainConfig domainConfig = new AppConfig( getStoredConfiguration() ).getDefaultDomainConfig();
         final String configuredProfile = readSettingAsString( PwmSetting.NEWUSER_LDAP_PROFILE );
         if ( !StringUtil.isEmpty( configuredProfile ) )
         {

server/src/main/java/password/pwm/config/stored/ConfigurationCleaner.java

@@ -22,7 +22,7 @@ package password.pwm.config.stored;
 
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.config.option.RecoveryMinLifetimeOption;
@@ -69,8 +69,8 @@ class ConfigurationCleaner
                 throws PwmUnrecoverableException
         {
             final StoredConfiguration oldConfig = modifier.newStoredConfiguration();
-            final DomainConfig domainConfig = new DomainConfig( oldConfig );
-            for ( final String profileID : domainConfig.getPasswordProfileIDs() )
+            final AppConfig appConfig = new AppConfig( oldConfig );
+            for ( final String profileID : appConfig.getDefaultDomainConfig().getPasswordProfileIDs() )
             {
                 if ( !oldConfig.isDefaultValue( PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY, profileID ) )
                 {

server/src/main/java/password/pwm/config/stored/ConfigurationReader.java

@@ -22,12 +22,12 @@ package password.pwm.config.stored;
 
 import password.pwm.AppAttribute;
 import password.pwm.AppProperty;
-import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.config.value.StoredValue;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -65,7 +65,7 @@ public class ConfigurationReader
 
     private final File configFile;
     private final String configFileChecksum;
-    private DomainConfig domainConfig;
+    private AppConfig domainConfig;
     private StoredConfiguration storedConfiguration;
     private ErrorInformation configFileError;
 
@@ -107,14 +107,14 @@ public class ConfigurationReader
         return storedConfiguration;
     }
 
-    public DomainConfig getConfiguration( ) throws PwmUnrecoverableException
+    public AppConfig getConfiguration( ) throws PwmUnrecoverableException
     {
         if ( domainConfig == null )
         {
             final StoredConfiguration newStoredConfig = this.storedConfiguration == null
                     ? StoredConfigurationFactory.newConfig()
                     : this.storedConfiguration;
-            domainConfig = new DomainConfig( newStoredConfig );
+            domainConfig = new AppConfig( newStoredConfig );
         }
         return domainConfig;
     }
@@ -204,7 +204,7 @@ public class ConfigurationReader
         int backupRotations = 0;
         if ( pwmDomain != null )
         {
-            final DomainConfig domainConfig = new DomainConfig( storedConfiguration );
+            final AppConfig domainConfig = new AppConfig( storedConfiguration );
             final String backupDirSetting = domainConfig.readAppProperty( AppProperty.BACKUP_LOCATION );
             if ( backupDirSetting != null && backupDirSetting.length() > 0 )
             {

server/src/main/java/password/pwm/config/stored/StoredConfigItemKey.java

@@ -20,6 +20,7 @@
 
 package password.pwm.config.stored;
 
+import org.jetbrains.annotations.NotNull;
 import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
@@ -37,7 +38,7 @@ import java.util.Objects;
 import java.util.Set;
 import java.util.stream.Collectors;
 
-public class StoredConfigItemKey implements Serializable
+public class StoredConfigItemKey implements Serializable, Comparable<StoredConfigItemKey>
 {
     private static final Comparator<StoredConfigItemKey> COMPARATOR = makeComparator();
 
@@ -228,6 +229,12 @@ public class StoredConfigItemKey implements Serializable
         return ConfigurationProperty.valueOf( recordID );
     }
 
+    @Override
+    public int compareTo( @NotNull final StoredConfigItemKey o )
+    {
+        return COMPARATOR.compare( this, o );
+    }
+
     @Override
     public boolean equals( final Object o )
     {

server/src/main/java/password/pwm/config/stored/StoredConfigXmlSerializer.java

@@ -483,7 +483,7 @@ public class StoredConfigXmlSerializer implements StoredConfigSerializer
             };
 
             StoredConfigurationUtil.allPossibleSettingKeysForConfiguration( storedConfiguration )
-                    .parallelStream()
+                    .stream()
                     .filter( ( key ) -> StoredConfigItemKey.RecordType.SETTING.equals( key.getRecordType() ) )
                     .filter( ( key ) -> !key.toPwmSetting().getFlags().contains( PwmSettingFlag.Deprecated ) )
                     .sorted()

server/src/main/java/password/pwm/config/stored/StoredConfigurationImpl.java

@@ -69,11 +69,11 @@ public class StoredConfigurationImpl implements StoredConfiguration
     {
         this.createTime = storedConfigData.getCreateTime();
         this.modifyTime = storedConfigData.getModifyTime();
-        this.metaValues = Collections.unmodifiableMap( storedConfigData.getMetaDatas() );
+        this.metaValues = Map.copyOf( storedConfigData.getMetaDatas() );
         this.templateSet = readTemplateSet( storedConfigData.getStoredValues() );
 
         final Map<StoredConfigItemKey, StoredValue> tempMap = removeDefaultSettingValues( storedConfigData.getStoredValues(), templateSet );
-        this.storedValues = Collections.unmodifiableMap( tempMap );
+        this.storedValues = Map.copyOf( tempMap );
     }
 
     StoredConfigurationImpl()

server/src/main/java/password/pwm/config/stored/StoredConfigurationUtil.java

@@ -22,7 +22,7 @@ package password.pwm.config.stored;
 
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.DomainConfig;
+import password.pwm.config.AppConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
 import password.pwm.config.PwmSettingSyntax;
@@ -317,7 +317,7 @@ public abstract class StoredConfigurationUtil
             return false;
         }
         final Optional<String> passwordHash = storedConfiguration.readConfigProperty( ConfigurationProperty.PASSWORD_HASH );
-        return passwordHash.isPresent() && BCrypt.testAnswer( password, passwordHash.get(), new DomainConfig( storedConfiguration ) );
+        return passwordHash.isPresent() && BCrypt.testAnswer( password, passwordHash.get(), new AppConfig( storedConfiguration ).getDefaultDomainConfig() );
     }
 
     public static boolean hasPassword( final StoredConfiguration storedConfiguration )

server/src/main/java/password/pwm/health/DatabaseStatusChecker.java

@@ -20,6 +20,7 @@
 
 package password.pwm.health;
 
+import password.pwm.PwmApplication;
 import password.pwm.PwmDomain;
 import password.pwm.PwmEnvironment;
 import password.pwm.config.DomainConfig;
@@ -54,20 +55,20 @@ public class DatabaseStatusChecker implements HealthChecker
                             "Database not configured" ) );
         }
 
-        PwmDomain runtimeInstance = null;
+        PwmApplication runtimeInstance = null;
         try
         {
-            final PwmEnvironment runtimeEnvironment = pwmDomain.getPwmEnvironment().makeRuntimeInstance( config );
-            runtimeInstance = PwmDomain.createPwmApplication( runtimeEnvironment );
-            final DatabaseAccessor accessor = runtimeInstance.getDatabaseService().getAccessor();
+            final PwmEnvironment runtimeEnvironment = pwmDomain.getPwmEnvironment().makeRuntimeInstance( config.getAppConfig() );
+            runtimeInstance = PwmApplication.createPwmApplication( runtimeEnvironment );
+            final DatabaseAccessor accessor = runtimeInstance.getDefaultDomain().getDatabaseService().getAccessor();
             accessor.get( DatabaseTable.PWM_META, "test" );
-            return runtimeInstance.getDatabaseService().healthCheck();
+            return runtimeInstance.getDefaultDomain().getDatabaseService().healthCheck();
         }
         catch ( final PwmException e )
         {
             LOGGER.error( () -> "error during healthcheck: " + e.getMessage() );
             e.printStackTrace();
-            return runtimeInstance.getDatabaseService().healthCheck();
+            return runtimeInstance.getDefaultDomain().getDatabaseService().healthCheck();
         }
         finally
         {

server/src/main/java/password/pwm/health/LDAPHealthChecker.java

@@ -32,6 +32,7 @@ import com.novell.ldapchai.provider.ChaiSetting;
 import com.novell.ldapchai.provider.DirectoryVendor;
 import com.novell.ldapchai.util.ChaiUtility;
 import password.pwm.AppProperty;
+import password.pwm.PwmApplication;
 import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.PasswordStatus;
@@ -1169,12 +1170,12 @@ public class LDAPHealthChecker implements HealthChecker
     )
             throws PwmUnrecoverableException
     {
-        final PwmDomain tempApplication = PwmDomain.createPwmApplication( pwmDomain.getPwmEnvironment().makeRuntimeInstance( config ) );
+        final PwmApplication tempApplication = PwmApplication.createPwmApplication( pwmDomain.getPwmEnvironment().makeRuntimeInstance( config.getAppConfig() ) );
         final LDAPHealthChecker ldapHealthChecker = new LDAPHealthChecker();
         final List<HealthRecord> profileRecords = new ArrayList<>();
 
         final LdapProfile ldapProfile = config.getLdapProfiles().get( profileID );
-        profileRecords.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, config, ldapProfile,
+        profileRecords.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication.getDefaultDomain(), config, ldapProfile,
                 testContextless ) );
         if ( fullTest )
         {
@@ -1188,7 +1189,7 @@ public class LDAPHealthChecker implements HealthChecker
 
         if ( fullTest )
         {
-            profileRecords.addAll( ldapHealthChecker.doLdapTestUserCheck( config, ldapProfile, tempApplication ) );
+            profileRecords.addAll( ldapHealthChecker.doLdapTestUserCheck( config, ldapProfile, tempApplication.getDefaultDomain() ) );
         }
 
         return HealthRecord.asHealthDataBean( config, locale, profileRecords );

server/src/main/java/password/pwm/http/ContextManager.java

@@ -21,11 +21,12 @@
 package password.pwm.http;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmDomain;
+import password.pwm.PwmApplication;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.PwmEnvironment;
 import password.pwm.bean.SessionLabel;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.LdapProfile;
@@ -87,7 +88,7 @@ public class ContextManager implements Serializable
 
     private transient ScheduledExecutorService taskMaster;
 
-    private transient volatile PwmDomain pwmDomain;
+    private transient volatile PwmApplication pwmApplication;
     private transient ConfigurationReader configReader;
     private ErrorInformation startupErrorInformation;
 
@@ -105,25 +106,25 @@ public class ContextManager implements Serializable
         this.contextPath = servletContext.getContextPath();
     }
 
-    public static PwmDomain getPwmApplication( final ServletRequest request ) throws PwmUnrecoverableException
+    public static PwmApplication getPwmApplication( final ServletRequest request ) throws PwmUnrecoverableException
     {
-        final PwmDomain appInRequest = ( PwmDomain ) request.getAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION );
+        final PwmApplication appInRequest = ( PwmApplication ) request.getAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION );
         if ( appInRequest != null )
         {
             return appInRequest;
         }
 
-        final PwmDomain pwmDomain = getPwmApplication( request.getServletContext() );
+        final PwmApplication pwmDomain = getPwmApplication( request.getServletContext() );
         request.setAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION, pwmDomain );
         return pwmDomain;
     }
 
-    public static PwmDomain getPwmApplication( final HttpSession session ) throws PwmUnrecoverableException
+    public static PwmApplication getPwmApplication( final HttpSession session ) throws PwmUnrecoverableException
     {
         return getContextManager( session.getServletContext() ).getPwmApplication();
     }
 
-    public static PwmDomain getPwmApplication( final ServletContext theContext ) throws PwmUnrecoverableException
+    public static PwmApplication getPwmApplication( final ServletContext theContext ) throws PwmUnrecoverableException
     {
         return getContextManager( theContext ).getPwmApplication();
     }
@@ -152,19 +153,19 @@ public class ContextManager implements Serializable
         return ( ContextManager ) theManager;
     }
 
-    public PwmDomain getPwmApplication( )
+    public PwmApplication getPwmApplication( )
             throws PwmUnrecoverableException
     {
         final Instant startTime = Instant.now();
-        PwmDomain localApplication = pwmDomain;
+        PwmApplication localApplication = pwmApplication;
 
         while (
-                ( restartInProgressFlag.get() || pwmDomain == null )
+                ( restartInProgressFlag.get() || pwmApplication == null )
                         &&  TimeDuration.fromCurrent( startTime ).isShorterThan( readApplicationLockMaxWait )
         )
         {
             TimeDuration.SECOND.pause();
-            localApplication = pwmDomain;
+            localApplication = pwmApplication;
         }
 
         if ( localApplication != null )
@@ -208,7 +209,7 @@ public class ContextManager implements Serializable
             outputError( "unable to set default locale as Java machine default locale: " + e.getMessage() );
         }
 
-        DomainConfig domainConfig = null;
+        AppConfig appConfig = null;
         PwmApplicationMode mode = PwmApplicationMode.ERROR;
 
         final ParameterReader parameterReader = new ParameterReader( servletContext );
@@ -231,7 +232,7 @@ public class ContextManager implements Serializable
             configurationFile = locateConfigurationFile( applicationPath, PwmConstants.DEFAULT_CONFIG_FILE_FILENAME );
 
             configReader = new ConfigurationReader( configurationFile );
-            domainConfig = configReader.getConfiguration();
+            appConfig = configReader.getConfiguration();
 
             mode = startupErrorInformation == null ? configReader.getConfigMode() : PwmApplicationMode.ERROR;
 
@@ -263,7 +264,7 @@ public class ContextManager implements Serializable
         try
         {
             final PwmEnvironment pwmEnvironment = PwmEnvironment.builder()
-                    .config( domainConfig )
+                    .config( appConfig )
                     .applicationPath( applicationPath )
                     .applicationMode( mode )
                     .configurationFile( configurationFile )
@@ -272,13 +273,13 @@ public class ContextManager implements Serializable
                     .parameters( applicationParams )
                     .build();
 
-            if ( pwmDomain == null )
+            if ( pwmApplication == null )
             {
-                pwmDomain = PwmDomain.createPwmApplication( pwmEnvironment );
+                pwmApplication = PwmApplication.createPwmApplication( pwmEnvironment );
             }
             else
             {
-                pwmDomain.reInit( pwmEnvironment );
+                pwmApplication.reInit( pwmEnvironment );
             }
         }
         catch ( final Exception e )
@@ -288,20 +289,20 @@ public class ContextManager implements Serializable
 
         taskMaster = Executors.newSingleThreadScheduledExecutor(
                 PwmScheduler.makePwmThreadFactory(
-                        PwmScheduler.makeThreadName( pwmDomain, this.getClass() ) + "-",
+                        PwmScheduler.makeThreadName( pwmApplication.getDomains().get( PwmConstants.DOMAIN_ID_PLACEHOLDER ), this.getClass() ) + "-",
                         true
                 ) );
 
         boolean reloadOnChange = true;
         long fileScanFrequencyMs = 5000;
         {
-            if ( pwmDomain != null )
+            if ( pwmApplication != null )
             {
-                reloadOnChange = Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_RELOAD_ON_CHANGE ) );
-                fileScanFrequencyMs = Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_FILE_SCAN_FREQUENCY ) );
+                reloadOnChange = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_RELOAD_ON_CHANGE ) );
+                fileScanFrequencyMs = Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_FILE_SCAN_FREQUENCY ) );
 
                 this.readApplicationLockMaxWait = TimeDuration.of(
-                        Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.APPLICATION_READ_APP_LOCK_MAX_WAIT_MS ) ),
+                        Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.APPLICATION_READ_APP_LOCK_MAX_WAIT_MS ) ),
                         TimeDuration.Unit.MILLISECONDS
                 );
             }
@@ -313,7 +314,7 @@ public class ContextManager implements Serializable
             checkConfigForAutoImportLdapCerts( configReader );
         }
 
-        if ( pwmDomain == null || pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
+        if ( pwmApplication == null || pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
         {
             taskMaster.scheduleWithFixedDelay( new SilentPropertiesFileWatcher(), fileScanFrequencyMs, fileScanFrequencyMs, TimeUnit.MILLISECONDS );
         }
@@ -378,11 +379,11 @@ public class ContextManager implements Serializable
     {
         startupErrorInformation = new ErrorInformation( PwmError.ERROR_APP_UNAVAILABLE, "shutting down" );
 
-        if ( pwmDomain != null )
+        if ( pwmApplication != null )
         {
             try
             {
-                pwmDomain.shutdown();
+                pwmApplication.shutdown();
             }
             catch ( final Exception e )
             {
@@ -392,7 +393,7 @@ public class ContextManager implements Serializable
         taskMaster.shutdown();
 
 
-        this.pwmDomain = null;
+        this.pwmApplication = null;
         startupErrorInformation = null;
     }
 
@@ -435,7 +436,7 @@ public class ContextManager implements Serializable
         @Override
         public void run()
         {
-            if ( pwmDomain == null || pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
+            if ( pwmApplication == null || pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
             {
                 if ( silentPropertiesFile.exists() )
                 {
@@ -451,7 +452,7 @@ public class ContextManager implements Serializable
                             storedConfiguration = importer.readConfiguration( fileInputStream );
                         }
 
-                        configReader.saveConfiguration( storedConfiguration, pwmDomain, SESSION_LABEL );
+                        configReader.saveConfiguration( storedConfiguration, pwmApplication.getDefaultDomain(), SESSION_LABEL );
                         LOGGER.info( SESSION_LABEL, () -> "file " + silentPropertiesFile.getAbsolutePath() + " has been successfully imported and saved as configuration file" );
                         requestPwmApplicationRestart();
                         success = true;
@@ -508,7 +509,7 @@ public class ContextManager implements Serializable
             try
             {
                 restartInProgressFlag.set( true );
-                waitForRequestsToComplete( pwmDomain );
+                waitForRequestsToComplete( pwmApplication );
 
                 {
                     final TimeDuration timeDuration = TimeDuration.fromCurrent( startTime );
@@ -536,13 +537,13 @@ public class ContextManager implements Serializable
             }
         }
 
-        private void waitForRequestsToComplete( final PwmDomain pwmDomain )
+        private void waitForRequestsToComplete( final PwmApplication pwmApplication )
         {
             final Instant startTime = Instant.now();
             final TimeDuration maxRequestWaitTime = TimeDuration.of(
-                    Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.APPLICATION_RESTART_MAX_REQUEST_WAIT_MS ) ),
+                    Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.APPLICATION_RESTART_MAX_REQUEST_WAIT_MS ) ),
                     TimeDuration.Unit.MILLISECONDS );
-            final int startingRequestInProgress = pwmDomain.getActiveServletRequests().get();
+            final int startingRequestInProgress = pwmApplication.getActiveServletRequests().get();
 
             if ( startingRequestInProgress == 0 )
             {
@@ -551,10 +552,10 @@ public class ContextManager implements Serializable
 
             LOGGER.trace( SESSION_LABEL, () -> "waiting up to " + maxRequestWaitTime.asCompactString()
                     + " for " + startingRequestInProgress  + " requests to complete." );
-            maxRequestWaitTime.pause( TimeDuration.of( 10, TimeDuration.Unit.MILLISECONDS ), () -> pwmDomain.getActiveServletRequests().get() == 0
+            maxRequestWaitTime.pause( TimeDuration.of( 10, TimeDuration.Unit.MILLISECONDS ), () -> pwmApplication.getActiveServletRequests().get() == 0
             );
 
-            final int requestsInProgress = pwmDomain.getActiveServletRequests().get();
+            final int requestsInProgress = pwmApplication.getActiveServletRequests().get();
             final TimeDuration waitTime = TimeDuration.fromCurrent( startTime  );
             LOGGER.trace( SESSION_LABEL, () -> "after " + waitTime.asCompactString() + ", " + requestsInProgress
                     + " requests in progress, proceeding with restart" );
@@ -724,7 +725,7 @@ public class ContextManager implements Serializable
         {
             LOGGER.trace( SESSION_LABEL, () -> "beginning auto-import ldap cert due to config property '"
                     + ConfigurationProperty.IMPORT_LDAP_CERTIFICATES.getKey() + "'" );
-            final DomainConfig domainConfig = new DomainConfig( configReader.getStoredConfiguration() );
+            final DomainConfig domainConfig = new AppConfig( configReader.getStoredConfiguration() ).getDefaultDomainConfig();
             final StoredConfigurationModifier modifiedConfig = StoredConfigurationModifier.newModifier( configReader.getStoredConfiguration() );
 
             int importedCerts = 0;
@@ -756,7 +757,7 @@ public class ContextManager implements Serializable
                         + ConfigurationProperty.IMPORT_LDAP_CERTIFICATES.getKey() + "'"
                         + ", imported " + totalImportedCerts + " certificates" );
                 modifiedConfig.writeConfigProperty( ConfigurationProperty.IMPORT_LDAP_CERTIFICATES, "false" );
-                configReader.saveConfiguration( modifiedConfig.newStoredConfiguration(), pwmDomain, SESSION_LABEL );
+                configReader.saveConfiguration( modifiedConfig.newStoredConfiguration(), pwmApplication.getDefaultDomain(), SESSION_LABEL );
                 requestPwmApplicationRestart();
             }
             else

server/src/main/java/password/pwm/http/HttpContentType.java

@@ -23,34 +23,35 @@ package password.pwm.http;
 import password.pwm.PwmConstants;
 import password.pwm.util.java.StringUtil;
 
-import java.nio.charset.Charset;
+import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 
 public enum HttpContentType
 {
-    json( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "application/json", "application/javascript" ),
+    json( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "application/json", "application/javascript" ),
     zip( HttpEntityDataType.ByteArray, null, "application/zip" ),
     gzip( HttpEntityDataType.ByteArray, null, "application/gzip" ),
-    xml( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "text/xml" ),
-    csv( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "text/csv" ),
-    javascript( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "text/javascript" ),
-    plain( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "text/plain" ),
-    html( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "text/html" ),
-    form( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET, "application/x-www-form-urlencoded" ),
+    xml( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "text/xml" ),
+    csv( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "text/csv" ),
+    javascript( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "text/javascript" ),
+    plain( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "text/plain" ),
+    html( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "text/html" ),
+    form( HttpEntityDataType.String, PwmConstants.DEFAULT_CHARSET.displayName(), "application/x-www-form-urlencoded" ),
     png( HttpEntityDataType.ByteArray, null, "image/png" ),
     jpg( HttpEntityDataType.ByteArray, null, "image/jpg", "image/jpeg" ),
     bmp( HttpEntityDataType.ByteArray, null, "image/bmp" ),
     webp( HttpEntityDataType.ByteArray, null, "image/webp" ),
     octetstream( HttpEntityDataType.ByteArray, null, "application/octet-stream" ),;
 
-    private final String[] mimeType;
-    private final Charset charset;
+    private final List<String> mimeType;
+    private final String charset;
     private final HttpEntityDataType dataType;
 
-    HttpContentType( final HttpEntityDataType dataType, final Charset charset, final String... mimeType )
+    HttpContentType( final HttpEntityDataType dataType, final String charset, final String... mimeType )
     {
-        this.mimeType = mimeType;
+        this.mimeType = mimeType == null ? Collections.emptyList() : List.copyOf( Arrays.asList( mimeType ) );
         this.dataType = dataType;
         this.charset = charset;
     }
@@ -60,7 +61,7 @@ public enum HttpContentType
         String output = getMimeType();
         if ( charset != null )
         {
-            output += "; charset=" + charset.name();
+            output += "; charset=" + charset;
         }
 
         return output;
@@ -68,7 +69,7 @@ public enum HttpContentType
 
     public String getMimeType( )
     {
-        return this.mimeType[0];
+        return this.mimeType.get( 0 );
     }
 
     public HttpEntityDataType getDataType()

server/src/main/java/password/pwm/http/HttpEventManager.java

@@ -64,7 +64,7 @@ public class HttpEventManager implements
         try
         {
             final ContextManager contextManager = ContextManager.getContextManager( httpSession );
-            final PwmDomain pwmDomain = contextManager.getPwmApplication();
+            final PwmDomain pwmDomain = contextManager.getPwmApplication().getDomains().get( PwmConstants.DOMAIN_ID_PLACEHOLDER );
             httpSession.setAttribute( PwmConstants.SESSION_ATTR_PWM_APP_NONCE, pwmDomain.getRuntimeNonce() );
 
             if ( pwmDomain.getStatisticsManager() != null )
@@ -96,7 +96,8 @@ public class HttpEventManager implements
                     pwmSession.unauthenticateUser( null );
                 }
 
-                final PwmDomain pwmDomain = ContextManager.getPwmApplication( httpSession.getServletContext() );
+                final PwmDomain pwmDomain = ContextManager.getPwmApplication( httpSession.getServletContext() )
+                        .getDomains().get( PwmConstants.DOMAIN_ID_PLACEHOLDER );
                 if ( pwmDomain != null )
                 {
                     pwmDomain.getSessionTrackService().removeSessionData( pwmSession );
@@ -183,7 +184,8 @@ public class HttpEventManager implements
             final HttpSession httpSession = event.getSession();
             final PwmSession pwmSession = PwmSessionWrapper.readPwmSession( httpSession );
             LOGGER.trace( pwmSession.getLabel(), () -> "activating (de-passivating) session" );
-            final PwmDomain pwmDomain = ContextManager.getPwmApplication( httpSession.getServletContext() );
+            final PwmDomain pwmDomain = ContextManager.getPwmApplication( httpSession.getServletContext() )
+                    .getDomains().get( PwmConstants.DOMAIN_ID_PLACEHOLDER );
             if ( pwmDomain != null )
             {
                 pwmDomain.getSessionTrackService().addSessionData( pwmSession );

server/src/main/java/password/pwm/http/IdleTimeoutCalculator.java

@@ -181,7 +181,7 @@ public class IdleTimeoutCalculator
             throws PwmUnrecoverableException
     {
         final PwmURL pwmURL = pwmRequest.getURL();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( pwmURL.isResourceURL() )

server/src/main/java/password/pwm/http/JspUtility.java

@@ -60,7 +60,7 @@ public abstract class JspUtility
         final PwmRequest pwmRequest = forRequest( pageContext.getRequest() );
         try
         {
-            return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, theClass );
+            return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, theClass );
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/java/password/pwm/http/PwmHttpResponseWrapper.java

@@ -218,7 +218,7 @@ public class PwmHttpResponseWrapper
         final PwmDomain pwmDomain;
         try
         {
-            pwmDomain = ContextManager.getPwmApplication( this.httpServletRequest );
+            pwmDomain = ContextManager.getPwmApplication( this.httpServletRequest ).getDefaultDomain();
             final String value = pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
             CookieManagementFilter.addSameSiteCookieAttribute( httpServletResponse, value );
         }

server/src/main/java/password/pwm/http/PwmRequest.java

@@ -26,6 +26,7 @@ import org.apache.commons.fileupload.FileItemStream;
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
 import org.apache.commons.io.IOUtils;
 import password.pwm.AppProperty;
+import password.pwm.PwmApplication;
 import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
@@ -81,7 +82,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
     private final PwmURL pwmURL;
     private final PwmRequestID pwmRequestID;
 
-    private final transient PwmDomain pwmDomain;
+    private final transient PwmApplication pwmApplication;
     private final transient PwmSession pwmSession;
     private final transient Supplier<SessionLabel> sessionLabelLazySupplier = new LazySupplier<>( this::makeSessionLabel );
 
@@ -99,8 +100,8 @@ public class PwmRequest extends PwmHttpRequestWrapper
         if ( pwmRequest == null )
         {
             final PwmSession pwmSession = PwmSessionWrapper.readPwmSession( request );
-            final PwmDomain pwmDomain = ContextManager.getPwmApplication( request );
-            pwmRequest = new PwmRequest( request, response, pwmDomain, pwmSession );
+            final PwmApplication pwmDomain = ContextManager.getPwmApplication( request );
+            pwmRequest = new PwmRequest( request, response, pwmDomain.getDomains().get( PwmConstants.DOMAIN_ID_PLACEHOLDER ), pwmSession );
             request.setAttribute( PwmRequestAttribute.PwmRequest.toString(), pwmRequest );
         }
         return pwmRequest;
@@ -118,13 +119,13 @@ public class PwmRequest extends PwmHttpRequestWrapper
         this.pwmRequestID = PwmRequestID.next();
         this.pwmResponse = new PwmResponse( httpServletResponse, this, pwmDomain.getConfig() );
         this.pwmSession = pwmSession;
-        this.pwmDomain = pwmDomain;
+        this.pwmApplication = pwmDomain.getPwmApplication();
         this.pwmURL = new PwmURL( this.getHttpServletRequest() );
     }
 
-    public PwmDomain getPwmApplication( )
+    public PwmDomain getPwmDomain( )
     {
-        return pwmDomain;
+        return pwmApplication.getDomains().get( getDomainID() );
     }
 
     public PwmSession getPwmSession( )
@@ -495,7 +496,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
     )
     {
         final LocalSessionStateBean ssBean = this.getPwmSession().getSessionStateBean();
-        return ssBean.getLogoutURL() == null ? pwmDomain.getConfig().readSettingAsString( PwmSetting.URL_LOGOUT ) : ssBean.getLogoutURL();
+        return ssBean.getLogoutURL() == null ? pwmApplication.getConfig().readSettingAsString( PwmSetting.URL_LOGOUT ) : ssBean.getLogoutURL();
     }
 
     public String getCspNonce( )
@@ -506,7 +507,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
             if ( getAttribute( PwmRequestAttribute.CspNonce ) == null )
             {
                 final int nonceLength = Integer.parseInt( getConfig().readAppProperty( AppProperty.HTTP_HEADER_CSP_NONCE_BYTES ) );
-                final byte[] cspNonce = pwmDomain.getSecureService().pwmRandom().newBytes( nonceLength );
+                final byte[] cspNonce = getPwmDomain().getSecureService().pwmRandom().newBytes( nonceLength );
                 final String cspString = StringUtil.base64Encode( cspNonce );
                 setAttribute( PwmRequestAttribute.CspNonce, cspString );
             }
@@ -526,7 +527,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
         if ( strValue != null && !strValue.isEmpty() )
         {
             final PwmSecurityKey pwmSecurityKey = pwmSession.getSecurityKey( this );
-            return pwmDomain.getSecureService().decryptObject( strValue, pwmSecurityKey, returnClass );
+            return getPwmDomain().getSecureService().decryptObject( strValue, pwmSecurityKey, returnClass );
         }
 
         return null;
@@ -582,7 +583,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
 
     public boolean endUserFunctionalityAvailable( )
     {
-        final PwmApplicationMode mode = pwmDomain.getApplicationMode();
+        final PwmApplicationMode mode = pwmApplication.getApplicationMode();
         if ( mode == PwmApplicationMode.NEW )
         {
             return false;
@@ -600,7 +601,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
 
     public PwmRequestContext getPwmRequestContext()
     {
-        return new PwmRequestContext( pwmDomain, this.getLabel(), this.getLocale(), pwmRequestID );
+        return new PwmRequestContext( getPwmDomain(), this.getLabel(), this.getLocale(), pwmRequestID );
     }
 
     public String getPwmRequestID()
@@ -617,4 +618,9 @@ public class PwmRequest extends PwmHttpRequestWrapper
     {
         return PwmConstants.DOMAIN_ID_DEFAULT;
     }
+
+    public PwmApplication getPwmApplication()
+    {
+        return pwmApplication;
+    }
 }

server/src/main/java/password/pwm/http/PwmResponse.java

@@ -128,7 +128,7 @@ public class PwmResponse extends PwmHttpResponseWrapper
             throws ServletException, PwmUnrecoverableException, IOException
 
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         this.pwmRequest.setAttribute( PwmRequestAttribute.SuccessMessage, message );
 
         final boolean showMessage = !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SUCCESS_PAGES )
@@ -200,10 +200,10 @@ public class PwmResponse extends PwmHttpResponseWrapper
         }
         else
         {
-            final boolean showDetail = pwmRequest.getPwmApplication().determineIfDetailErrorMsgShown();
+            final boolean showDetail = pwmRequest.getPwmDomain().determineIfDetailErrorMsgShown();
             final String errorStatusText = showDetail
                     ? errorInformation.toDebugStr()
-                    : errorInformation.toUserStr( pwmRequest.getPwmSession(), pwmRequest.getPwmApplication() );
+                    : errorInformation.toUserStr( pwmRequest.getPwmSession(), pwmRequest.getPwmDomain() );
             getHttpServletResponse().sendError( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, errorStatusText );
         }
 
@@ -236,7 +236,7 @@ public class PwmResponse extends PwmHttpResponseWrapper
     {
         final String jsonValue = JsonUtil.serialize( cookieValue );
         final PwmSecurityKey pwmSecurityKey = pwmRequest.getPwmSession().getSecurityKey( pwmRequest );
-        final String encryptedValue = pwmRequest.getPwmApplication().getSecureService().encryptToString( jsonValue, pwmSecurityKey );
+        final String encryptedValue = pwmRequest.getPwmDomain().getSecureService().encryptToString( jsonValue, pwmSecurityKey );
         writeCookie( cookieName, encryptedValue, seconds, path, PwmHttpResponseWrapper.Flag.BypassSanitation );
     }
 
@@ -273,8 +273,8 @@ public class PwmResponse extends PwmHttpResponseWrapper
             return;
         }
 
-        pwmRequest.getPwmApplication().getSessionStateService().saveLoginSessionState( pwmRequest );
-        pwmRequest.getPwmApplication().getSessionStateService().saveSessionBeans( pwmRequest );
+        pwmRequest.getPwmDomain().getSessionStateService().saveLoginSessionState( pwmRequest );
+        pwmRequest.getPwmDomain().getSessionStateService().saveSessionBeans( pwmRequest );
     }
 
     private final Set<PwmResponseFlag> pwmResponseFlags = EnumSet.noneOf( PwmResponseFlag.class );

server/src/main/java/password/pwm/http/PwmSession.java

@@ -152,7 +152,7 @@ public class PwmSession implements Serializable
     {
         LOGGER.trace( () -> "performing reloadUserInfoBean" );
         final UserInfo oldUserInfoBean = getUserInfo();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         final UserInfo userInfo;
         if ( getLoginInfoBean().getAuthFlags().contains( AuthenticationType.AUTH_BIND_INHIBIT ) )
@@ -273,7 +273,7 @@ public class PwmSession implements Serializable
 
             try
             {
-                pwmRequest.getPwmApplication().getSessionStateService().clearLoginSession( pwmRequest );
+                pwmRequest.getPwmDomain().getSessionStateService().clearLoginSession( pwmRequest );
             }
             catch ( final PwmUnrecoverableException e )
             {
@@ -327,7 +327,7 @@ public class PwmSession implements Serializable
     public boolean setLocale( final PwmRequest pwmRequest, final String localeString )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         if ( pwmDomain == null )
         {
             throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_APP_UNAVAILABLE, "unable to read context manager" ) );
@@ -385,7 +385,7 @@ public class PwmSession implements Serializable
             if ( nonce == null || nonce.length() < length )
             {
                 // random value
-                final String random = pwmRequest.getPwmApplication().getSecureService().pwmRandom().alphaNumericString( length );
+                final String random = pwmRequest.getPwmDomain().getSecureService().pwmRandom().alphaNumericString( length );
 
                 // timestamp component for uniqueness
                 final String prefix = Long.toString( System.currentTimeMillis(), Character.MAX_RADIX );
@@ -395,8 +395,8 @@ public class PwmSession implements Serializable
             }
 
             final PwmSecurityKey securityKey = pwmRequest.getConfig().getSecurityKey();
-            final String concatValue = securityKey.keyHash( pwmRequest.getPwmApplication().getSecureService() ) + nonce;
-            final String hashValue = pwmRequest.getPwmApplication().getSecureService().hash( concatValue );
+            final String concatValue = securityKey.keyHash( pwmRequest.getPwmDomain().getSecureService() ) + nonce;
+            final String hashValue = pwmRequest.getPwmDomain().getSecureService().hash( concatValue );
             final PwmSecurityKey pwmSecurityKey = new PwmSecurityKey( hashValue );
 
             if ( newNonce )

server/src/main/java/password/pwm/http/auth/BasicFilterAuthenticationProvider.java

@@ -56,7 +56,7 @@ public class BasicFilterAuthenticationProvider implements PwmHttpFilterAuthentic
             return;
         }
 
-        final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader( pwmRequest.getPwmApplication(), pwmRequest );
+        final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader( pwmRequest.getPwmDomain(), pwmRequest );
         if ( basicAuthInfo == null )
         {
             return;
@@ -65,7 +65,7 @@ public class BasicFilterAuthenticationProvider implements PwmHttpFilterAuthentic
         try
         {
             final PwmSession pwmSession = pwmRequest.getPwmSession();
-            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
             //user isn't already authenticated and has an auth header, so try to auth them.
             LOGGER.debug( pwmRequest, () -> "attempting to authenticate user using basic auth header (username=" + basicAuthInfo.getUsername() + ")" );

server/src/main/java/password/pwm/http/auth/CASFilterAuthenticationProvider.java

@@ -130,7 +130,7 @@ public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticat
             throws UnsupportedEncodingException, PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final HttpSession session = pwmRequest.getHttpServletRequest().getSession();
 
         //make sure user session isn't already authenticated

server/src/main/java/password/pwm/http/auth/SSOHeaderFilterAuthenticationProvider.java

@@ -41,7 +41,7 @@ public class SSOHeaderFilterAuthenticationProvider implements PwmHttpFilterAuthe
             throws PwmUnrecoverableException
     {
         {
-            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
             final String headerName = pwmDomain.getConfig().readSettingAsString( PwmSetting.SSO_AUTH_HEADER_NAME );
             if ( headerName == null || headerName.length() < 1 )

server/src/main/java/password/pwm/http/filter/ApplicationModeFilter.java

@@ -93,7 +93,7 @@ public class ApplicationModeFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmApplicationMode mode = pwmDomain.getApplicationMode();
 
         final PwmURL pwmURL = pwmRequest.getURL();

server/src/main/java/password/pwm/http/filter/AuthenticationFilter.java

@@ -81,7 +81,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
 
         try
         {
-            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
             final PwmSession pwmSession = pwmRequest.getPwmSession();
 
             if ( pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
@@ -131,7 +131,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         // read the basic auth info out of the header (if it exists);
@@ -218,12 +218,12 @@ public class AuthenticationFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
         final boolean bypassSso = pwmRequest.getPwmSession().getLoginInfoBean().isLoginFlag( LoginInfoBean.LoginFlag.noSso );
-        if ( !bypassSso && pwmRequest.getPwmApplication().getApplicationMode() == PwmApplicationMode.RUNNING )
+        if ( !bypassSso && pwmRequest.getPwmDomain().getApplicationMode() == PwmApplicationMode.RUNNING )
         {
             final ProcessStatus authenticationProcessStatus = HttpAuthenticationUtilities.attemptAuthenticationMethods( pwmRequest );
             if ( authenticationProcessStatus == ProcessStatus.Halt )
@@ -294,7 +294,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
             return ProcessStatus.Continue;
         }
 
-        if ( pwmRequest.getPwmApplication().getApplicationMode() != PwmApplicationMode.RUNNING )
+        if ( pwmRequest.getPwmDomain().getApplicationMode() != PwmApplicationMode.RUNNING )
         {
             return ProcessStatus.Continue;
         }
@@ -321,7 +321,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
         // if change password in progress and req is for ChangePassword servlet, then allow request as is
         if ( pwmURL.isChangePasswordURL() )
         {
-            final ChangePasswordBean cpb = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+            final ChangePasswordBean cpb = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
             final PasswordChangeProgressChecker.ProgressTracker progressTracker = cpb.getChangeProgressTracker();
             if ( progressTracker != null && progressTracker.getBeginTime() != null )
             {

server/src/main/java/password/pwm/http/filter/AuthorizationFilter.java

@@ -66,7 +66,7 @@ public class AuthorizationFilter extends AbstractPwmFilter
     {
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         // if the user is not authenticated as a PWM Admin, redirect to error page.
         boolean hasPermission = false;

server/src/main/java/password/pwm/http/filter/ConfigAccessFilter.java

@@ -50,14 +50,14 @@ public class ConfigAccessFilter extends AbstractPwmFilter
     void processFilter( final PwmApplicationMode mode, final PwmRequest pwmRequest, final PwmFilterChain filterChain )
             throws PwmException, IOException, ServletException
     {
-        final PwmApplicationMode appMode = pwmRequest.getPwmApplication().getApplicationMode();
+        final PwmApplicationMode appMode = pwmRequest.getPwmDomain().getApplicationMode();
         if ( appMode == PwmApplicationMode.NEW )
         {
             filterChain.doFilter();
             return;
         }
 
-        final boolean blockOldIE = Boolean.parseBoolean( pwmRequest.getPwmApplication().getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_BLOCK_OLD_IE ) );
+        final boolean blockOldIE = Boolean.parseBoolean( pwmRequest.getPwmDomain().getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_BLOCK_OLD_IE ) );
         if ( blockOldIE )
         {
             try
@@ -73,7 +73,7 @@ public class ConfigAccessFilter extends AbstractPwmFilter
 
         try
         {
-            final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+            final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
             if ( checkAuthentication( pwmRequest, configManagerBean ) == ProcessStatus.Continue )
             {
                 filterChain.doFilter();
@@ -134,14 +134,14 @@ public class ConfigAccessFilter extends AbstractPwmFilter
             throw new PwmUnrecoverableException( errorInformation );
         }
 
-        if ( PwmApplicationMode.RUNNING == pwmRequest.getPwmApplication().getApplicationMode() )
+        if ( PwmApplicationMode.RUNNING == pwmRequest.getPwmDomain().getApplicationMode() )
         {
             if ( !pwmRequest.isAuthenticated() )
             {
                 throw new PwmUnrecoverableException( PwmError.ERROR_AUTHENTICATION_REQUIRED );
             }
 
-            if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN ) )
+            if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN ) )
             {
                 throw new PwmUnrecoverableException( PwmError.ERROR_UNAUTHORIZED );
             }

server/src/main/java/password/pwm/http/filter/CookieManagementFilter.java

@@ -21,7 +21,7 @@
 package password.pwm.http.filter;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmDomain;
+import password.pwm.PwmApplication;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.ContextManager;
 import password.pwm.http.HttpHeader;
@@ -52,11 +52,11 @@ public class CookieManagementFilter implements Filter
     public void init( final FilterConfig filterConfig )
             throws ServletException
     {
-        final PwmDomain pwmDomain;
+        final PwmApplication pwmApplication;
         try
         {
-            pwmDomain = ContextManager.getPwmApplication( filterConfig.getServletContext() );
-            value = pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
+            pwmApplication = ContextManager.getPwmApplication( filterConfig.getServletContext() );
+            value = pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/java/password/pwm/http/filter/GZIPFilter.java

@@ -22,7 +22,7 @@ package password.pwm.http.filter;
 
 import com.github.ziplet.filter.compression.CompressingFilter;
 import password.pwm.AppProperty;
-import password.pwm.PwmDomain;
+import password.pwm.PwmApplication;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.ContextManager;
 import password.pwm.http.PwmURL;
@@ -52,11 +52,11 @@ public class GZIPFilter implements Filter
     public void init( final FilterConfig filterConfig )
             throws ServletException
     {
-        final PwmDomain pwmDomain;
+        final PwmApplication pwmApplication;
         try
         {
-            pwmDomain = ContextManager.getPwmApplication( filterConfig.getServletContext() );
-            enabled = Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_ENABLE_GZIP ) );
+            pwmApplication = ContextManager.getPwmApplication( filterConfig.getServletContext() );
+            enabled = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_ENABLE_GZIP ) );
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/java/password/pwm/http/filter/RequestInitializationFilter.java

@@ -22,6 +22,7 @@ package password.pwm.http.filter;
 
 import org.apache.commons.validator.routines.InetAddressValidator;
 import password.pwm.AppProperty;
+import password.pwm.PwmApplication;
 import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
@@ -102,25 +103,25 @@ public class RequestInitializationFilter implements Filter
         final PwmApplicationMode mode = PwmApplicationMode.determineMode( req );
         final PwmURL pwmURL = new PwmURL( req );
 
-        PwmDomain localPwmDomain = null;
+        PwmApplication localPwmApplication = null;
         try
         {
-            localPwmDomain = ContextManager.getPwmApplication( req );
+            localPwmApplication = ContextManager.getPwmApplication( req );
         }
         catch ( final PwmException e )
         {
             LOGGER.trace( () -> "unable to load pwmApplication: " + e.getMessage() );
         }
 
-        if ( localPwmDomain != null && mode == PwmApplicationMode.RUNNING )
+        if ( localPwmApplication != null && mode == PwmApplicationMode.RUNNING )
         {
-            if ( localPwmDomain.getStatisticsManager() != null )
+            if ( localPwmApplication.getDefaultDomain().getStatisticsManager() != null )
             {
-                localPwmDomain.getStatisticsManager().updateEps( EpsStatistic.REQUESTS, 1 );
+                localPwmApplication.getDefaultDomain().getStatisticsManager().updateEps( EpsStatistic.REQUESTS, 1 );
             }
         }
 
-        if ( localPwmDomain == null && pwmURL.isResourceURL() )
+        if ( localPwmApplication == null && pwmURL.isResourceURL() )
         {
             filterChain.doFilter( req, resp );
             return;
@@ -132,7 +133,7 @@ public class RequestInitializationFilter implements Filter
             return;
         }
 
-        if ( mode == PwmApplicationMode.ERROR || localPwmDomain == null )
+        if ( mode == PwmApplicationMode.ERROR || localPwmApplication == null )
         {
             try
             {
@@ -163,12 +164,12 @@ public class RequestInitializationFilter implements Filter
 
         try
         {
-            localPwmDomain.getActiveServletRequests().incrementAndGet();
+            localPwmApplication.getActiveServletRequests().incrementAndGet();
             initializeServletRequest( req, resp, filterChain );
         }
         finally
         {
-            localPwmDomain.getActiveServletRequests().decrementAndGet();
+            localPwmApplication.getActiveServletRequests().decrementAndGet();
         }
     }
 
@@ -271,7 +272,7 @@ public class RequestInitializationFilter implements Filter
             throws PwmUnrecoverableException
     {
         final ContextManager contextManager = ContextManager.getContextManager( request.getSession() );
-        final PwmDomain pwmDomain = contextManager.getPwmApplication();
+        final PwmApplication pwmApplication = contextManager.getPwmApplication();
 
         {
             // destroy any outdated sessions
@@ -279,7 +280,7 @@ public class RequestInitializationFilter implements Filter
             if ( httpSession != null )
             {
                 final String sessionPwmAppNonce = ( String ) httpSession.getAttribute( PwmConstants.SESSION_ATTR_PWM_APP_NONCE );
-                if ( sessionPwmAppNonce == null || !sessionPwmAppNonce.equals( pwmDomain.getRuntimeNonce() ) )
+                if ( sessionPwmAppNonce == null || !sessionPwmAppNonce.equals( pwmApplication.getRuntimeNonce() ) )
                 {
                     LOGGER.debug( () -> "invalidating http session created with non-current servlet context" );
                     httpSession.invalidate();
@@ -292,8 +293,8 @@ public class RequestInitializationFilter implements Filter
             final HttpSession httpSession = request.getSession();
             if ( httpSession.getAttribute( PwmConstants.SESSION_ATTR_PWM_SESSION ) == null )
             {
-                final PwmSession pwmSession = PwmSession.createPwmSession( pwmDomain );
-                PwmSessionWrapper.sessionMerge( pwmDomain, pwmSession, httpSession );
+                final PwmSession pwmSession = PwmSession.createPwmSession( pwmApplication.getDefaultDomain() );
+                PwmSessionWrapper.sessionMerge( pwmApplication.getDefaultDomain(), pwmSession, httpSession );
             }
         }
 
@@ -318,7 +319,7 @@ public class RequestInitializationFilter implements Filter
         {
             return;
         }
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final DomainConfig config = pwmDomain.getConfig();
         final PwmResponse resp = pwmRequest.getPwmResponse();
@@ -359,7 +360,7 @@ public class RequestInitializationFilter implements Filter
             {
                 final String nonce = pwmRequest.getCspNonce();
                 final String replacedPolicy = contentPolicy.replace( "%NONCE%", nonce );
-                final String expandedPolicy = MacroRequest.forNonUserSpecific( pwmRequest.getPwmApplication(), null ).expandMacros( replacedPolicy );
+                final String expandedPolicy = MacroRequest.forNonUserSpecific( pwmRequest.getPwmDomain(), null ).expandMacros( replacedPolicy );
                 resp.setHeader( HttpHeader.ContentSecurityPolicy, expandedPolicy );
             }
         }
@@ -537,7 +538,7 @@ public class RequestInitializationFilter implements Filter
         }
 
         // set idle timeout
-        PwmSessionWrapper.setHttpSessionIdleTimeout( pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest().getSession() );
+        PwmSessionWrapper.setHttpSessionIdleTimeout( pwmRequest.getPwmDomain(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest().getSession() );
     }
 
     private static void initializeLocaleAndTheme(
@@ -564,7 +565,7 @@ public class RequestInitializationFilter implements Filter
         final String themeCookie = pwmRequest.readCookie( themeCookieName );
         if ( localeCookieName.length() > 0 && themeCookie != null && themeCookie.length() > 0 )
         {
-            if ( pwmRequest.getPwmApplication().getResourceServletService().checkIfThemeExists( pwmRequest, themeCookie ) )
+            if ( pwmRequest.getPwmDomain().getResourceServletService().checkIfThemeExists( pwmRequest, themeCookie ) )
             {
                 LOGGER.debug( pwmRequest, () -> "detected theme cookie in request, setting theme to " + themeCookie );
                 pwmRequest.getPwmSession().getSessionStateBean().setTheme( themeCookie );
@@ -594,7 +595,7 @@ public class RequestInitializationFilter implements Filter
         checkTrial( pwmRequest );
 
         // check intruder
-        pwmRequest.getPwmApplication().getIntruderManager().convenience().checkAddressAndSession( pwmRequest.getPwmSession() );
+        pwmRequest.getPwmDomain().getIntruderManager().convenience().checkAddressAndSession( pwmRequest.getPwmSession() );
     }
 
     private static void checkIfSourceAddressChanged( final PwmRequest pwmRequest )
@@ -724,7 +725,7 @@ public class RequestInitializationFilter implements Filter
         {
             final String originValue = pwmRequest.readHeaderValueAsString( HttpHeader.Origin );
             final String referrerValue = pwmRequest.readHeaderValueAsString( HttpHeader.Referer );
-            final String siteUrl = pwmRequest.getPwmApplication().getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL );
+            final String siteUrl = pwmRequest.getPwmDomain().getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL );
 
             final String targetValue = pwmRequest.getHttpServletRequest().getRequestURL().toString();
             if ( StringUtil.isEmpty( targetValue ) )
@@ -786,7 +787,7 @@ public class RequestInitializationFilter implements Filter
     {
         if ( PwmConstants.TRIAL_MODE )
         {
-            final StatisticsManager statisticsManager = pwmRequest.getPwmApplication().getStatisticsManager();
+            final StatisticsManager statisticsManager = pwmRequest.getPwmDomain().getStatisticsManager();
             final String currentAuthString = statisticsManager.getStatBundleForKey( StatisticsManager.KEY_CURRENT ).getStatistic( Statistic.AUTHENTICATIONS );
             if ( new BigInteger( currentAuthString ).compareTo( BigInteger.valueOf( PwmConstants.TRIAL_MAX_AUTHENTICATIONS ) ) > 0 )
             {
@@ -826,7 +827,7 @@ public class RequestInitializationFilter implements Filter
             values.put( header.getHttpName(), pwmRequest.readHeaderValueAsString( header ) );
         }
         values.put( "target", pwmRequest.getHttpServletRequest().getRequestURL().toString() );
-        values.put( "siteUrl", pwmRequest.getPwmApplication().getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL ) );
+        values.put( "siteUrl", pwmRequest.getPwmDomain().getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL ) );
         return StringUtil.mapToString( values );
     }
 

server/src/main/java/password/pwm/http/filter/SessionFilter.java

@@ -137,7 +137,7 @@ public class SessionFilter extends AbstractPwmFilter
 
         final TimeDuration requestExecuteTime = TimeDuration.fromCurrent( startTime );
         pwmRequest.debugHttpRequestToLog( "completed requestID=" + requestID, () -> requestExecuteTime );
-        pwmRequest.getPwmApplication().getStatisticsManager().updateAverageValue( AvgStatistic.AVG_REQUEST_PROCESS_TIME, requestExecuteTime.asMillis() );
+        pwmRequest.getPwmDomain().getStatisticsManager().updateAverageValue( AvgStatistic.AVG_REQUEST_PROCESS_TIME, requestExecuteTime.asMillis() );
         pwmRequest.getPwmSession().getSessionStateBean().getRequestCount().incrementAndGet();
         pwmRequest.getPwmSession().getSessionStateBean().getAvgRequestDuration().update( requestExecuteTime.asMillis() );
     }
@@ -147,7 +147,7 @@ public class SessionFilter extends AbstractPwmFilter
     )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmRequest.getConfig();
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
@@ -330,7 +330,7 @@ public class SessionFilter extends AbstractPwmFilter
         {
             if ( StringUtil.isEmpty( ssBean.getSessionVerificationKey() ) )
             {
-                ssBean.setSessionVerificationKey( pwmRequest.getPwmApplication().getSecureService().pwmRandom().randomUUID().toString() );
+                ssBean.setSessionVerificationKey( pwmRequest.getPwmDomain().getSecureService().pwmRandom().randomUUID().toString() );
             }
 
             final String returnURL = figureValidationURL( pwmRequest, ssBean.getSessionVerificationKey() );
@@ -478,7 +478,7 @@ public class SessionFilter extends AbstractPwmFilter
 
         if ( themeReqParameter != null && !themeReqParameter.isEmpty() )
         {
-            if ( pwmRequest.getPwmApplication().getResourceServletService().checkIfThemeExists( pwmRequest, themeReqParameter ) )
+            if ( pwmRequest.getPwmDomain().getResourceServletService().checkIfThemeExists( pwmRequest, themeReqParameter ) )
             {
                 pwmRequest.getPwmSession().getSessionStateBean().setTheme( themeReqParameter );
                 final String themeCookieName = config.readAppProperty( AppProperty.HTTP_COOKIE_THEME_NAME );

server/src/main/java/password/pwm/http/servlet/AbstractPwmServlet.java

@@ -148,7 +148,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
 
             final PwmUnrecoverableException pue = convertToPwmUnrecoverableException( e, pwmRequest );
 
-            if ( processUnrecoverableException( req, resp, pwmRequest.getPwmApplication(), pwmRequest, pue ) )
+            if ( processUnrecoverableException( req, resp, pwmRequest.getPwmDomain(), pwmRequest, pue ) )
             {
                 return;
             }
@@ -165,7 +165,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
         {
             try
             {
-                pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, theClass );
+                pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, theClass );
             }
             catch ( final PwmUnrecoverableException e )
             {
@@ -343,7 +343,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
         final Class<? extends PwmSessionBean> beanClass = this.getServletDefinition().getPwmSessionBeanClass();
         if ( beanClass != null )
         {
-            final PwmSessionBean pwmSessionBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, beanClass );
+            final PwmSessionBean pwmSessionBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, beanClass );
             pwmSessionBean.setLastError( errorInformation );
         }
 
@@ -353,7 +353,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
     protected void examineLastError( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
         final Class<? extends PwmSessionBean> beanClass = this.getServletDefinition().getPwmSessionBeanClass();
-        final PwmSessionBean pwmSessionBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, beanClass );
+        final PwmSessionBean pwmSessionBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, beanClass );
         if ( pwmSessionBean != null && pwmSessionBean.getLastError() != null )
         {
             pwmRequest.setAttribute( PwmRequestAttribute.PwmErrorInfo, pwmSessionBean.getLastError() );

server/src/main/java/password/pwm/http/servlet/ClientApiServlet.java

@@ -155,7 +155,7 @@ public class ClientApiServlet extends ControlledPwmServlet
 
         final int maxCacheAgeSeconds = 60 * 5;
 
-        final String eTagValue = makeClientEtag( pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest() );
+        final String eTagValue = makeClientEtag( pwmRequest.getPwmDomain(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest() );
 
         // check the incoming header;
         final String ifNoneMatchValue = pwmRequest.readHeaderValueAsString( "If-None-Match" );
@@ -171,7 +171,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         pwmRequest.getPwmResponse().setHeader( HttpHeader.CacheControl, "public, max-age=" + maxCacheAgeSeconds );
 
         final AppData appData = makeAppData(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest,
                 pwmRequest.getHttpServletRequest(),
                 pwmRequest.getPwmResponse().getHttpServletResponse(),
@@ -190,7 +190,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         final String bundleName = pwmRequest.readParameterAsString( "bundle" );
         final int maxCacheAgeSeconds = 60 * 5;
 
-        final String eTagValue = makeClientEtag( pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest() );
+        final String eTagValue = makeClientEtag( pwmRequest.getPwmDomain(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest() );
 
         pwmRequest.getPwmResponse().setHeader( HttpHeader.ETag, eTagValue );
         pwmRequest.getPwmResponse().setHeader( HttpHeader.Expires, String.valueOf( System.currentTimeMillis() + ( maxCacheAgeSeconds * 1000 ) ) );
@@ -198,7 +198,7 @@ public class ClientApiServlet extends ControlledPwmServlet
 
         try
         {
-            final LinkedHashMap<String, String> displayData = new LinkedHashMap<>( makeDisplayData( pwmRequest.getPwmApplication(),
+            final LinkedHashMap<String, String> displayData = new LinkedHashMap<>( makeDisplayData( pwmRequest.getPwmDomain(),
                     pwmRequest, bundleName ) );
             final RestResultBean restResultBean = RestResultBean.withData( displayData );
             pwmRequest.outputJsonResult( restResultBean );
@@ -222,7 +222,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         try
         {
             final HealthData jsonOutput = RestHealthServer.processGetHealthCheckData(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getLocale() );
             final RestResultBean restResultBean = RestResultBean.withData( jsonOutput );
             pwmRequest.outputJsonResult( restResultBean );
@@ -243,7 +243,7 @@ public class ClientApiServlet extends ControlledPwmServlet
     {
         final PingResponse pingResponse = new PingResponse();
         pingResponse.setTime( Instant.now() );
-        pingResponse.setRuntimeNonce( pwmRequest.getPwmApplication().getRuntimeNonce() );
+        pingResponse.setRuntimeNonce( pwmRequest.getPwmDomain().getRuntimeNonce() );
         pwmRequest.outputJsonResult( RestResultBean.withData( pingResponse ) );
         return ProcessStatus.Halt;
     }
@@ -251,7 +251,7 @@ public class ClientApiServlet extends ControlledPwmServlet
     public static String makeClientEtag( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException
     {
-        return makeClientEtag( pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest() );
+        return makeClientEtag( pwmRequest.getPwmDomain(), pwmRequest.getPwmSession(), pwmRequest.getHttpServletRequest() );
     }
 
     public static String makeClientEtag(
@@ -476,7 +476,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         final String statName = pwmRequest.readParameterAsString( "statName" );
         final String days = pwmRequest.readParameterAsString( "days" );
 
-        final StatisticsManager statisticsManager = pwmRequest.getPwmApplication().getStatisticsManager();
+        final StatisticsManager statisticsManager = pwmRequest.getPwmDomain().getStatisticsManager();
         final RestStatisticsServer.OutputVersion1.JsonOutput jsonOutput = new RestStatisticsServer.OutputVersion1.JsonOutput();
         jsonOutput.EPS = RestStatisticsServer.OutputVersion1.addEpsStats( statisticsManager );
 
@@ -511,12 +511,12 @@ public class ClientApiServlet extends ControlledPwmServlet
     private void precheckPublicHealthAndStats( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException
     {
-        if ( pwmRequest.getPwmApplication().getApplicationMode() == PwmApplicationMode.CONFIGURATION )
+        if ( pwmRequest.getPwmDomain().getApplicationMode() == PwmApplicationMode.CONFIGURATION )
         {
             return;
         }
 
-        if ( pwmRequest.getPwmApplication().getApplicationMode() != PwmApplicationMode.RUNNING )
+        if ( pwmRequest.getPwmDomain().getApplicationMode() != PwmApplicationMode.RUNNING )
         {
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_SERVICE_NOT_AVAILABLE );
             throw new PwmUnrecoverableException( errorInformation );
@@ -530,7 +530,7 @@ public class ClientApiServlet extends ControlledPwmServlet
                 throw new PwmUnrecoverableException( errorInformation );
             }
 
-            if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN ) )
+            if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN ) )
             {
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNAUTHORIZED, "admin privileges required" );
                 throw new PwmUnrecoverableException( errorInformation );

server/src/main/java/password/pwm/http/servlet/DeleteAccountServlet.java

@@ -102,13 +102,13 @@ public class DeleteAccountServlet extends ControlledPwmServlet
 
     private DeleteAccountBean getBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, DeleteAccountBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, DeleteAccountBean.class );
     }
 
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DeleteAccountProfile deleteAccountProfile = getProfile( pwmRequest );
 
         if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.DELETE_ACCOUNT_ENABLE ) )
@@ -161,7 +161,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
     )
             throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, DeleteAccountBean.class );
+        pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, DeleteAccountBean.class );
         pwmRequest.sendRedirectToContinue();
         return ProcessStatus.Halt;
     }
@@ -184,7 +184,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
                     pwmRequest.getLabel(),
                     ProfileDefinition.DeleteAccount.toString()
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return ProcessStatus.Continue;
@@ -196,7 +196,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
     )
             throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DeleteAccountProfile deleteAccountProfile = getProfile( pwmRequest );
         final UserIdentity userIdentity = pwmRequest.getUserInfoIfLoggedIn();
 
@@ -281,7 +281,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
             return;
         }
 
-        pwmRequest.getPwmApplication().getEmailQueue().submitEmail(
+        pwmRequest.getPwmDomain().getEmailQueue().submitEmail(
                 configuredEmailSetting,
                 pwmRequest.getPwmSession().getUserInfo(),
                 pwmRequest.getPwmSession().getSessionManager().getMacroMachine( )

server/src/main/java/password/pwm/http/servlet/ForgottenUsernameServlet.java

@@ -133,7 +133,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
 
@@ -366,7 +366,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     {
         final Locale locale = pwmRequest.getLocale();
         final String completeMessage = pwmRequest.getConfig().readSettingAsLocalizedString( PwmSetting.FORGOTTEN_USERNAME_MESSAGE, locale );
-        final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getLabel(), userIdentity );
+        final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest.getPwmDomain(), pwmRequest.getLocale(), pwmRequest.getLabel(), userIdentity );
         final String expandedText = macroRequest.expandMacros( completeMessage );
         pwmRequest.setAttribute( PwmRequestAttribute.CompleteText, expandedText );
         pwmRequest.forwardToJsp( JspUrl.FORGOTTEN_USERNAME_COMPLETE );

server/src/main/java/password/pwm/http/servlet/GuestRegistrationServlet.java

@@ -139,7 +139,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     {
         //Fetch the session state bean.
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final GuestRegistrationBean guestRegistrationBean = pwmDomain.getSessionStateService().getBean( pwmRequest, GuestRegistrationBean.class );
 
         final DomainConfig config = pwmDomain.getConfig();
@@ -217,7 +217,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
         //Fetch the session state bean.
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmDomain.getConfig();
 
         final List<FormConfiguration> formItems = pwmDomain.getConfig().readSettingAsForm( PwmSetting.GUEST_UPDATE_FORM );
@@ -300,7 +300,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             return;
         }
 
-        pwmRequest.getPwmApplication().getEmailQueue().submitEmail( configuredEmailSetting, guestUserInfo, null );
+        pwmRequest.getPwmDomain().getEmailQueue().submitEmail( configuredEmailSetting, guestUserInfo, null );
     }
 
     protected void handleSearchRequest(
@@ -311,7 +311,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     {
         LOGGER.trace( pwmRequest, () -> "Enter: handleSearchRequest(...)" );
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ChaiProvider chaiProvider = pwmSession.getSessionManager().getChaiProvider();
         final DomainConfig config = pwmDomain.getConfig();
 
@@ -415,7 +415,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
         final DomainConfig config = pwmDomain.getConfig();
         final Locale locale = ssBean.getLocale();
@@ -531,7 +531,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     )
             throws PwmOperationalException, ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmDomain.getConfig();
         final long durationValueDays = config.readSettingAsLong( PwmSetting.GUEST_MAX_VALID_DAYS );
         final String expirationAttribute = config.readSettingAsString( PwmSetting.GUEST_EXPIRATION_ATTRIBUTE );
@@ -604,7 +604,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmDomain.getConfig();
         final Locale locale = pwmSession.getSessionStateBean().getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_GUEST, locale );

server/src/main/java/password/pwm/http/servlet/LoginServlet.java

@@ -191,10 +191,10 @@ public class LoginServlet extends ControlledPwmServlet
         final String encryptedNextUrl = pwmRequest.readParameterAsString( PwmConstants.PARAM_POST_LOGIN_URL );
         if ( !StringUtil.isEmpty( encryptedNextUrl ) )
         {
-            final String nextUrl = pwmRequest.getPwmApplication().getSecureService().decryptStringValue( encryptedNextUrl );
+            final String nextUrl = pwmRequest.getPwmDomain().getSecureService().decryptStringValue( encryptedNextUrl );
             if ( !StringUtil.isEmpty( nextUrl ) )
             {
-                final LoginServletBean loginServletBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, LoginServletBean.class );
+                final LoginServletBean loginServletBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, LoginServletBean.class );
                 LOGGER.trace( pwmRequest, () -> "received nextUrl and storing in module bean, value: " + nextUrl );
                 loginServletBean.setNextUrl( nextUrl );
             }
@@ -240,7 +240,7 @@ public class LoginServlet extends ControlledPwmServlet
         }
 
         final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest,
                 PwmAuthenticationSource.LOGIN_FORM
         );
@@ -274,7 +274,7 @@ public class LoginServlet extends ControlledPwmServlet
     private static String determinePostLoginUrl( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException
     {
-        final LoginServletBean loginServletBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, LoginServletBean.class );
+        final LoginServletBean loginServletBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, LoginServletBean.class );
         final String decryptedValue = loginServletBean.getNextUrl();
 
         if ( !StringUtil.isEmpty( decryptedValue ) )
@@ -295,7 +295,7 @@ public class LoginServlet extends ControlledPwmServlet
         //store the original requested url
         final String originalRequestedUrl = pwmRequest.getURLwithQueryString();
 
-        final String encryptedRedirUrl = pwmRequest.getPwmApplication().getSecureService().encryptToString( originalRequestedUrl );
+        final String encryptedRedirUrl = pwmRequest.getPwmDomain().getSecureService().encryptToString( originalRequestedUrl );
 
         final Map<String, String> paramMap = new HashMap<>();
         paramMap.put( PwmConstants.PARAM_POST_LOGIN_URL, encryptedRedirUrl );

server/src/main/java/password/pwm/http/servlet/LogoutServlet.java

@@ -132,7 +132,7 @@ public class LogoutServlet extends ControlledPwmServlet
                 + ( logoutDueToIdle ? " due to client idle timeout" : "" ) );
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         pwmSession.unauthenticateUser( pwmRequest );
 

server/src/main/java/password/pwm/http/servlet/SetupOtpServlet.java

@@ -114,7 +114,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
 
     private SetupOtpBean getSetupOtpBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, SetupOtpBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, SetupOtpBean.class );
     }
 
     public static SetupOtpProfile getSetupOtpProfile( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
@@ -127,7 +127,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, IOException, ServletException
     {
         // fetch the required beans / managers
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final DomainConfig config = pwmDomain.getConfig();
 
@@ -171,7 +171,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
             return;
         }
 
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( otpBean.isConfirmed() )
@@ -269,7 +269,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         pwmSession.getLoginInfoBean().setFlag( LoginInfoBean.LoginFlag.skipOtp );
-        pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupOtpBean.class );
+        pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, SetupOtpBean.class );
 
         pwmRequest.sendRedirectToContinue();
         return ProcessStatus.Halt;
@@ -281,7 +281,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final OTPUserRecord otpUserRecord = pwmSession.getUserInfo().getOtpUserRecord();
@@ -324,7 +324,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
     {
         final SetupOtpBean otpBean = getSetupOtpBean( pwmRequest );
 
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final OtpService service = pwmDomain.getOtpService();
         final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
@@ -352,7 +352,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
     {
         final SetupOtpBean otpBean = getSetupOtpBean( pwmRequest );
 
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final String otpToken = pwmRequest.readParameterAsString( PwmConstants.PARAM_OTP_TOKEN );
@@ -400,7 +400,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         // has pre-existing, nothing to do.
@@ -532,7 +532,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
                 return true;
             }
 
-            final boolean admin = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN );
+            final boolean admin = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN );
             if ( admin )
             {
                 if ( pwmRequest.getConfig().readSettingAsBoolean( PwmSetting.ADMIN_ALLOW_SKIP_FORCED_ACTIVITIES ) )

server/src/main/java/password/pwm/http/servlet/SetupResponsesServlet.java

@@ -122,7 +122,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
 
     private SetupResponsesBean getSetupResponseBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        final SetupResponsesBean setupResponsesBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class );
+        final SetupResponsesBean setupResponsesBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class );
         if ( !setupResponsesBean.isInitialized() )
         {
             initializeBean( pwmRequest, setupResponsesBean );
@@ -135,7 +135,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         if ( !pwmSession.isAuthenticated() )
         {
@@ -162,7 +162,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         // check if the locale has changed since first seen.
         if ( pwmSession.getSessionStateBean().getLocale() != pwmDomain.getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class ).getUserLocale() )
         {
-            pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
+            pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
             pwmDomain.getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class ).setUserLocale( pwmSession.getSessionStateBean().getLocale() );
         }
 
@@ -193,7 +193,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     private ProcessStatus processChangeResponses( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
         final SetupResponsesBean setupResponsesBean = getSetupResponseBean( pwmRequest );
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         pwmDomain.getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
         this.initializeBean( pwmRequest, setupResponsesBean );
         setupResponsesBean.setUserLocale( pwmRequest.getLocale() );
@@ -207,7 +207,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, ChaiUnavailableException, IOException
     {
         LOGGER.trace( pwmRequest, () -> "request for response clear received" );
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         try
         {
@@ -215,7 +215,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
             final ChaiUser theUser = pwmSession.getSessionManager().getActor( );
             pwmDomain.getCrService().clearResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID );
             pwmSession.reloadUserInfoBean( pwmRequest );
-            pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
+            pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
 
             // mark the event log
             final UserAuditRecord auditRecord = new AuditRecordFactory( pwmRequest ).createUserAuditRecord(
@@ -264,7 +264,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         final SetupResponsesBean setupResponsesBean = getSetupResponseBean( pwmRequest );
         final Instant startTime = Instant.now();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final String responseModeParam = pwmRequest.readParameterAsString( "responseMode" );
         final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase( responseModeParam )
                 ? setupResponsesBean.getHelpdeskResponseData()
@@ -321,7 +321,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         initializeBean( pwmRequest, setupResponsesBean );
 
         pwmRequest.setAttribute( PwmRequestAttribute.ModuleBean, setupResponsesBean );
-        pwmRequest.setAttribute( PwmRequestAttribute.ModuleBean_String, pwmRequest.getPwmApplication().getSecureService().encryptObjectToString( setupResponsesBean ) );
+        pwmRequest.setAttribute( PwmRequestAttribute.ModuleBean_String, pwmRequest.getPwmDomain().getSecureService().encryptObjectToString( setupResponsesBean ) );
         pwmRequest.setAttribute( PwmRequestAttribute.SetupResponses_ResponseInfo, pwmRequest.getPwmSession().getUserInfo().getResponseInfoBean() );
 
         if ( setupResponsesBean.isHasExistingResponses() && !pwmRequest.getPwmSession().getUserInfo().isRequiresResponseConfig() )
@@ -371,7 +371,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
                     setupResponsesBean.getHelpdeskResponseData().getResponseMap()
             );
             saveResponses( pwmRequest, responses );
-            pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
+            pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
             pwmRequest.getPwmResponse().forwardToSuccessPage( Message.Success_SetupResponse );
         }
         catch ( final PwmOperationalException e )
@@ -406,7 +406,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
 
             // test the responses.
             final int minRandomRequiredSetup = setupData.getMinRandomSetup();
-            pwmRequest.getPwmApplication().getCrService().validateResponses( challengeSet, responseMap, minRandomRequiredSetup );
+            pwmRequest.getPwmDomain().getCrService().validateResponses( challengeSet, responseMap, minRandomRequiredSetup );
         }
         catch ( final PwmDataValidationException e )
         {
@@ -431,7 +431,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     private void saveResponses( final PwmRequest pwmRequest, final ResponseInfoBean responseInfoBean )
             throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException, ChaiValidationException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ChaiUser theUser = pwmSession.getSessionManager().getActor( );
         final String userGUID = pwmSession.getUserInfo().getUserGuid();
@@ -567,7 +567,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
 
             responseSet.meetsChallengeSetRequirements( challengeSet );
 
-            final SetupResponsesBean setupResponsesBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class );
+            final SetupResponsesBean setupResponsesBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class );
             final int minRandomRequiredSetup = setupResponsesBean.getResponseData().getMinRandomSetup();
             if ( minRandomRequiredSetup == 0 )
             {
@@ -732,7 +732,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     {
         if ( pwmRequest.isForcedPageView() )
         {
-            final boolean admin = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN );
+            final boolean admin = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN );
             if ( admin )
             {
                 if ( pwmRequest.getConfig().readSettingAsBoolean( PwmSetting.ADMIN_ALLOW_SKIP_FORCED_ACTIVITIES ) )

server/src/main/java/password/pwm/http/servlet/ShortcutServlet.java

@@ -95,7 +95,7 @@ public class ShortcutServlet extends AbstractPwmServlet
     protected void processAction( final PwmRequest pwmRequest )
             throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.SHORTCUT_ENABLE ) )
         {
@@ -219,7 +219,7 @@ public class ShortcutServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException,  IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         final String link = pwmRequest.readParameterAsString( "link" );
         final Map<String, ShortcutItem> visibleItems = shortcutsBean.getVisibleItems();

server/src/main/java/password/pwm/http/servlet/accountinfo/AccountInformationBean.java

@@ -89,7 +89,7 @@ public class AccountInformationBean implements Serializable
         ) );
         builder.formData( makeFormInfo( pwmRequest, accountInformationProfile, locale ) );
         builder.auditData( makeAuditInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 accountInformationProfile,
                 pwmRequest.getLabel(),
                 userInfo,

server/src/main/java/password/pwm/http/servlet/activation/ActivateUserServlet.java

@@ -164,7 +164,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
     {
         final ActivateUserBean activateUserBean = activateUserBean( pwmRequest );
         return UserInfoFactory.newUserInfoUsingProxy(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 activateUserBean.getUserIdentity(),
                 pwmRequest.getLocale() );
@@ -173,7 +173,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
 
     static ActivateUserBean activateUserBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
     }
 
     static ActivateUserProfile activateUserProfile( final PwmRequest pwmRequest )
@@ -198,7 +198,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
         switch ( resetType )
         {
             case exitActivation:
-                pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, ActivateUserBean.class );
+                pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, ActivateUserBean.class );
                 ActivateUserUtils.forwardToSearchUserForm( pwmRequest );
                 return ProcessStatus.Halt;
 
@@ -218,7 +218,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
     public ProcessStatus handleSearchRequest( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final DomainConfig config = pwmDomain.getConfig();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
@@ -296,7 +296,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
         final MessageSendMethod tokenSendMethod = activateUserProfile.readSettingAsEnum( PwmSetting.ACTIVATE_TOKEN_SEND_METHOD, MessageSendMethod.class );
 
         final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userInfo,
@@ -322,7 +322,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ActivateUserBean activateUserBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
         final String userEnteredCode = pwmRequest.readParameterAsString( PwmConstants.PARAM_TOKEN );
 
@@ -390,7 +390,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
                     pwmRequest.getLabel(),
                     "ActivateUser"
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return ProcessStatus.Continue;
@@ -399,7 +399,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
     @Override
     protected void nextStep( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ActivateUserBean activateUserBean = activateUserBean( pwmRequest );
 

server/src/main/java/password/pwm/http/servlet/activation/ActivateUserUtils.java

@@ -81,7 +81,7 @@ class ActivateUserUtils
     )
             throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ChaiUser theUser = pwmDomain.getProxiedChaiUser( userIdentity );
 
@@ -155,7 +155,7 @@ class ActivateUserUtils
             throws ChaiUnavailableException, PwmDataValidationException, PwmUnrecoverableException
     {
         final String searchFilter = figureLdapSearchFilter( pwmRequest );
-        final ChaiProvider chaiProvider = pwmRequest.getPwmApplication().getProxyChaiProvider( userIdentity.getLdapProfileID() );
+        final ChaiProvider chaiProvider = pwmRequest.getPwmDomain().getProxyChaiProvider( userIdentity.getLdapProfileID() );
         final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser( userIdentity.getUserDN() );
 
         for ( final Map.Entry<FormConfiguration, String> entry : formValues.entrySet() )
@@ -234,7 +234,7 @@ class ActivateUserUtils
     )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final UserInfo userInfo = pwmSession.getUserInfo();
         final DomainConfig config = pwmDomain.getConfig();
@@ -258,7 +258,7 @@ class ActivateUserUtils
     static boolean sendPostActivationSms( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final DomainConfig config = pwmDomain.getConfig();
         final UserInfo userInfo = pwmSession.getUserInfo();
@@ -296,7 +296,7 @@ class ActivateUserUtils
     static String figureLdapSearchFilter( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmDomain.getConfig();
         final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm( PwmSetting.ACTIVATE_USER_FORM );
 
@@ -339,7 +339,7 @@ class ActivateUserUtils
     static void initUserActivationBean( final PwmRequest pwmRequest, final UserIdentity userIdentity )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ActivateUserBean activateUserBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
 
         final Optional<String> profileID = ProfileUtility.discoverProfileIDForUser( pwmRequest.getPwmRequestContext(), userIdentity, ProfileDefinition.ActivateUser );

server/src/main/java/password/pwm/http/servlet/admin/AdminServlet.java

@@ -171,7 +171,7 @@ public class AdminServlet extends ControlledPwmServlet
             return ProcessStatus.Halt;
         }
 
-        if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN ) )
+        if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN ) )
         {
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNAUTHORIZED );
             pwmRequest.respondWithError( errorInformation );
@@ -196,7 +196,7 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
@@ -226,7 +226,7 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
@@ -257,7 +257,7 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
@@ -286,11 +286,11 @@ public class AdminServlet extends ControlledPwmServlet
     private ProcessStatus downloadStatisticsLogCsv( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
-                pwmRequest.getPwmApplication().getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_STATISTICS_CSV )
+                pwmRequest.getPwmDomain().getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_STATISTICS_CSV )
         );
 
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
@@ -315,11 +315,11 @@ public class AdminServlet extends ControlledPwmServlet
     private ProcessStatus downloadSessionsCsv( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
-                pwmRequest.getPwmApplication().getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_SESSIONS_CSV )
+                pwmRequest.getPwmDomain().getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_SESSIONS_CSV )
         );
 
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
@@ -345,7 +345,7 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
-        if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN ) )
+        if ( !pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN ) )
         {
             LOGGER.info( pwmRequest, () -> "unable to execute clear intruder records" );
             return ProcessStatus.Halt;
@@ -368,7 +368,7 @@ public class AdminServlet extends ControlledPwmServlet
         );
 
         LOGGER.trace( pwmRequest, () -> "issuing command '" + reportCommand + "' to report engine" );
-        pwmRequest.getPwmApplication().getReportService().executeCommand( reportCommand );
+        pwmRequest.getPwmDomain().getReportService().executeCommand( reportCommand );
 
         final RestResultBean restResultBean = RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown );
         pwmRequest.outputJsonResult( restResultBean );
@@ -380,7 +380,7 @@ public class AdminServlet extends ControlledPwmServlet
             throws IOException
     {
         final ReportStatusBean returnMap = ReportStatusBean.makeReportStatusData(
-                pwmRequest.getPwmApplication().getReportService(),
+                pwmRequest.getPwmDomain().getReportService(),
                 pwmRequest.getPwmSession().getSessionStateBean().getLocale()
         );
         final RestResultBean restResultBean = RestResultBean.withData( returnMap );
@@ -392,7 +392,7 @@ public class AdminServlet extends ControlledPwmServlet
     private ProcessStatus processReportSummary( final PwmRequest pwmRequest )
             throws IOException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final LinkedHashMap<String, Object> returnMap = new LinkedHashMap<>();
         returnMap.put( "raw", pwmDomain.getReportService().getSummaryData() );
         returnMap.put( "presentable", pwmDomain.getReportService().getSummaryData().asPresentableCollection(
@@ -411,7 +411,7 @@ public class AdminServlet extends ControlledPwmServlet
     {
         final int maximum = Math.min( pwmRequest.readParameterAsInt( "maximum", 1000 ), 10 * 1000 );
 
-        final ReportService reportService = pwmRequest.getPwmApplication().getReportService();
+        final ReportService reportService = pwmRequest.getPwmDomain().getReportService();
         final ArrayList<UserCacheRecord> reportData = new ArrayList<>();
 
         try ( ClosableIterator<UserCacheRecord> cacheBeanIterator = reportService.iterator() )
@@ -439,8 +439,8 @@ public class AdminServlet extends ControlledPwmServlet
 
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
-        final AdminBean adminBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, AdminBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
+        final AdminBean adminBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, AdminBean.class );
         final UserIdentity userIdentity = adminBean.getLastUserDebug();
         if ( userIdentity != null )
         {
@@ -449,7 +449,7 @@ public class AdminServlet extends ControlledPwmServlet
                     pwmDomain.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_DEBUG_JSON )
             );
             final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getLocale(),
                     pwmRequest.getLabel(),
                     userIdentity
@@ -474,7 +474,7 @@ public class AdminServlet extends ControlledPwmServlet
         final int max = readMaxParameter( pwmRequest, 100, 10 * 1000 );
         final AuditEvent.Type auditDataType = AuditEvent.Type.valueOf( pwmRequest.readParameterAsString( "type", AuditEvent.Type.USER.name() ) );
         final ArrayList<AuditRecord> records = new ArrayList<>();
-        final Iterator<AuditRecord> iterator = pwmRequest.getPwmApplication().getAuditManager().readVault();
+        final Iterator<AuditRecord> iterator = pwmRequest.getPwmDomain().getAuditManager().readVault();
 
         while (
                 iterator.hasNext()
@@ -505,7 +505,7 @@ public class AdminServlet extends ControlledPwmServlet
 
         final ArrayList<SessionStateInfoBean> gridData = new ArrayList<>();
         int counter = 0;
-        final Iterator<SessionStateInfoBean> infos = pwmRequest.getPwmApplication().getSessionTrackService().getSessionInfoIterator();
+        final Iterator<SessionStateInfoBean> infos = pwmRequest.getPwmDomain().getSessionTrackService().getSessionInfoIterator();
         while ( counter < max && infos.hasNext() )
         {
             gridData.add( infos.next() );
@@ -527,7 +527,7 @@ public class AdminServlet extends ControlledPwmServlet
         {
             for ( final RecordType recordType : RecordType.values() )
             {
-                returnData.put( recordType.toString(), pwmRequest.getPwmApplication().getIntruderManager().getRecords( recordType, max ) );
+                returnData.put( recordType.toString(), pwmRequest.getPwmDomain().getIntruderManager().getRecords( recordType, max ) );
             }
         }
         catch ( final PwmException e )
@@ -551,12 +551,12 @@ public class AdminServlet extends ControlledPwmServlet
             return;
         }
 
-        final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
+        final UserSearchEngine userSearchEngine = pwmRequest.getPwmDomain().getUserSearchEngine();
         final UserIdentity userIdentity;
         try
         {
             userIdentity = userSearchEngine.resolveUsername( username, null, null, pwmRequest.getLabel() );
-            final AdminBean adminBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, AdminBean.class );
+            final AdminBean adminBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, AdminBean.class );
             adminBean.setLastUserDebug( userIdentity );
         }
         catch ( final PwmUnrecoverableException | PwmOperationalException e )
@@ -566,7 +566,7 @@ public class AdminServlet extends ControlledPwmServlet
         }
 
         final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLocale(),
                 pwmRequest.getLabel(),
                 userIdentity
@@ -613,7 +613,7 @@ public class AdminServlet extends ControlledPwmServlet
             }
 
             final AppDashboardData appDashboardData = AppDashboardData.makeDashboardData(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getContextManager(),
                     pwmRequest.getLocale(),
                     flags.toArray( new AppDashboardData.Flag[0] )
@@ -696,7 +696,7 @@ public class AdminServlet extends ControlledPwmServlet
         final List<DisplayElement> statusData = new ArrayList<>( );
         final DomainConfig config = pwmRequest.getConfig();
         final Locale locale = pwmRequest.getLocale();
-        final PwNotifyService pwNotifyService = pwmRequest.getPwmApplication().getPwNotifyService();
+        final PwNotifyService pwNotifyService = pwmRequest.getPwmDomain().getPwNotifyService();
         final PwNotifyStoredJobState pwNotifyStoredJobState = pwNotifyService.getJobState();
         final boolean canRunOnthisServer = pwNotifyService.canRunOnThisServer();
 
@@ -748,7 +748,7 @@ public class AdminServlet extends ControlledPwmServlet
     @ActionHandler( action = "readPwNotifyLog" )
     public ProcessStatus restreadPwNotifyLog( final PwmRequest pwmRequest ) throws IOException, DatabaseException, PwmUnrecoverableException
     {
-        final PwNotifyService pwNotifyService = pwmRequest.getPwmApplication().getPwNotifyService();
+        final PwNotifyService pwNotifyService = pwmRequest.getPwmDomain().getPwNotifyService();
 
         pwmRequest.outputJsonResult( RestResultBean.withData( pwNotifyService.debugLog() ) );
         return ProcessStatus.Halt;
@@ -757,7 +757,7 @@ public class AdminServlet extends ControlledPwmServlet
     @ActionHandler( action = "startPwNotifyJob" )
     public ProcessStatus restStartPwNotifyJob( final PwmRequest pwmRequest ) throws IOException
     {
-        pwmRequest.getPwmApplication().getPwNotifyService().executeJob();
+        pwmRequest.getPwmDomain().getPwNotifyService().executeJob();
         pwmRequest.outputJsonResult( RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown ) );
         return ProcessStatus.Halt;
     }
@@ -771,7 +771,7 @@ public class AdminServlet extends ControlledPwmServlet
     @ActionHandler( action = "readLogData" )
     public ProcessStatus readLogData( final PwmRequest pwmRequest ) throws IOException, PwmUnrecoverableException
     {
-        final LocalDBLogger localDBLogger = pwmRequest.getPwmApplication().getLocalDBLogger();
+        final LocalDBLogger localDBLogger = pwmRequest.getPwmDomain().getLocalDBLogger();
 
         final LogDisplayType logDisplayType;
         final LocalDBSearchQuery searchParameters;
@@ -840,7 +840,7 @@ public class AdminServlet extends ControlledPwmServlet
     @ActionHandler( action = "downloadLogData" )
     public ProcessStatus downloadLogData( final PwmRequest pwmRequest ) throws IOException, PwmUnrecoverableException
     {
-        final LocalDBLogger localDBLogger = pwmRequest.getPwmApplication().getLocalDBLogger();
+        final LocalDBLogger localDBLogger = pwmRequest.getPwmDomain().getLocalDBLogger();
 
         final LogDownloadType logDownloadType = JavaHelper.readEnumFromString( LogDownloadType.class, LogDownloadType.plain, pwmRequest.readParameterAsString( "downloadType" ) );
 

server/src/main/java/password/pwm/http/servlet/admin/AppDashboardData.java

@@ -165,7 +165,7 @@ public class AppDashboardData implements Serializable
 
         builder.ldapConnectionCount( ldapConnectionCount( pwmDomain ) );
         builder.sessionCount( pwmDomain.getSessionTrackService().sessionCount() );
-        builder.requestsInProgress( pwmDomain.getActiveServletRequests().get() );
+        builder.requestsInProgress( pwmDomain.getPwmApplication().getActiveServletRequests().get() );
 
         LOGGER.trace( () -> "AppDashboardData bean created in ", () -> TimeDuration.fromCurrent( startTime ) );
         return builder.build();

server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServlet.java

@@ -140,7 +140,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             pwmRequest.getPwmSession().unauthenticateUser( pwmRequest );
         }
 
-        pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, ChangePasswordBean.class );
+        pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, ChangePasswordBean.class );
         pwmRequest.sendRedirectToContinue();
 
         return ProcessStatus.Halt;
@@ -149,7 +149,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     @ActionHandler( action = "warnResponse" )
     public ProcessStatus processWarnResponse( final PwmRequest pwmRequest ) throws ServletException, PwmUnrecoverableException, IOException
     {
-        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
         if ( pwmRequest.getPwmSession().getUserInfo().getPasswordStatus().isWarnPeriod() )
         {
@@ -180,7 +180,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     @ActionHandler( action = "change" )
     ProcessStatus processChangeAction( final PwmRequest pwmRequest ) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException
     {
-        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
         final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
 
@@ -196,7 +196,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
         try
         {
             final ChaiUser theUser = pwmRequest.getPwmSession().getSessionManager().getActor( );
-            final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmRequest.getPwmApplication(), userInfo.getPasswordPolicy() );
+            final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmRequest.getPwmDomain(), userInfo.getPasswordPolicy() );
             final PasswordData oldPassword = pwmRequest.getPwmSession().getLoginInfoBean().getUserCurrentPassword();
             pwmPasswordRuleValidator.testPassword( password1, oldPassword, userInfo, theUser );
         }
@@ -234,7 +234,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     @ActionHandler( action = "agree" )
     ProcessStatus processAgreeAction( final PwmRequest pwmRequest ) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException
     {
-        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
         LOGGER.debug( pwmRequest, () -> "user accepted password change agreement" );
         if ( !changePasswordBean.isAgreementPassed() )
@@ -246,7 +246,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
                     pwmRequest.getLabel(),
                     "ChangePassword"
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return ProcessStatus.Continue;
@@ -256,7 +256,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     ProcessStatus processFormAction( final PwmRequest pwmRequest )
             throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException
     {
-        final ChangePasswordBean cpb = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean cpb = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
         final LocalSessionStateBean ssBean = pwmRequest.getPwmSession().getSessionStateBean();
         final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
         final LoginInfoBean loginBean = pwmRequest.getPwmSession().getLoginInfoBean();
@@ -283,7 +283,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
 
             if ( !passed )
             {
-                pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity(
+                pwmRequest.getPwmDomain().getIntruderManager().convenience().markUserIdentity(
                         userInfo.getUserIdentity(), pwmRequest.getLabel() );
                 LOGGER.debug( pwmRequest, () -> "failed password validation check: currentPassword value is incorrect" );
                 setLastError( pwmRequest, new ErrorInformation( PwmError.ERROR_BAD_CURRENT_PASSWORD ) );
@@ -307,8 +307,8 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
         }
         catch ( final PwmOperationalException e )
         {
-            pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession( pwmRequest );
-            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity( userInfo.getUserIdentity(), pwmRequest.getLabel() );
+            pwmRequest.getPwmDomain().getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+            pwmRequest.getPwmDomain().getIntruderManager().convenience().markUserIdentity( userInfo.getUserIdentity(), pwmRequest.getLabel() );
             LOGGER.debug( pwmRequest, e.getErrorInformation() );
             setLastError( pwmRequest, e.getErrorInformation() );
             return ProcessStatus.Continue;
@@ -320,7 +320,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     @ActionHandler( action = "checkProgress" )
     ProcessStatus processCheckProgressAction( final PwmRequest pwmRequest ) throws ServletException, PwmUnrecoverableException, IOException
     {
-        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
         final PasswordChangeProgressChecker.ProgressTracker progressTracker = changePasswordBean.getChangeProgressTracker();
         final PasswordChangeProgressChecker.PasswordChangeProgress passwordChangeProgress;
         if ( progressTracker == null )
@@ -330,7 +330,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
         else
         {
             final PasswordChangeProgressChecker checker = new PasswordChangeProgressChecker(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     getProfile( pwmRequest ),
                     pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                     pwmRequest.getLabel(),
@@ -348,13 +348,13 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     @ActionHandler( action = "complete" )
     public ProcessStatus processCompleteAction( final PwmRequest pwmRequest ) throws ServletException, PwmUnrecoverableException, IOException
     {
-        final ChangePasswordBean cpb = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean cpb = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
         final PasswordChangeProgressChecker.ProgressTracker progressTracker = cpb.getChangeProgressTracker();
         boolean isComplete = true;
         if ( progressTracker != null )
         {
             final PasswordChangeProgressChecker checker = new PasswordChangeProgressChecker(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     getProfile( pwmRequest ),
                     pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                     pwmRequest.getLabel(),
@@ -371,7 +371,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
                 final TimeDuration totalTime = TimeDuration.fromCurrent( progressTracker.getBeginTime() );
                 try
                 {
-                    pwmRequest.getPwmApplication().getStatisticsManager().updateAverageValue( AvgStatistic.AVG_PASSWORD_SYNC_TIME, totalTime.asMillis() );
+                    pwmRequest.getPwmDomain().getStatisticsManager().updateAverageValue( AvgStatistic.AVG_PASSWORD_SYNC_TIME, totalTime.asMillis() );
                     LOGGER.trace( pwmRequest, () -> "password sync process marked completed (" + totalTime.asCompactString() + ")" );
                 }
                 catch ( final Exception e )
@@ -383,7 +383,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             final Locale locale = pwmRequest.getLocale();
             final String completeMessage = getProfile( pwmRequest ).readSettingAsLocalizedString( PwmSetting.PASSWORD_COMPLETE_MESSAGE, locale );
 
-            pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, ChangePasswordBean.class );
+            pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, ChangePasswordBean.class );
             if ( completeMessage != null && !completeMessage.isEmpty() )
             {
                 final MacroRequest macroRequest = pwmRequest.getPwmSession().getSessionManager().getMacroMachine( );
@@ -413,7 +413,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
 
         final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
         final PasswordUtility.PasswordCheckInfo passwordCheckInfo = PasswordUtility.checkEnteredPassword(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLocale(),
                 pwmRequest.getPwmSession().getSessionManager().getActor(),
                 userInfo,
@@ -437,7 +437,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
         final PasswordData passwordData = RandomPasswordGenerator.createRandomPassword(
                 pwmRequest.getLabel(),
                 pwmRequest.getPwmSession().getUserInfo().getPasswordPolicy(),
-                pwmRequest.getPwmApplication() );
+                pwmRequest.getPwmDomain() );
 
         final RestRandomPasswordServer.JsonOutput jsonOutput = new RestRandomPasswordServer.JsonOutput();
         jsonOutput.setPassword( passwordData.getStringValue() );
@@ -452,7 +452,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     )
             throws IOException, PwmUnrecoverableException, ServletException
     {
-        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean changePasswordBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ChangePasswordProfile changePasswordProfile = getProfile( pwmRequest );
@@ -508,7 +508,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     private void forwardToWaitPage( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, ServletException, IOException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ChangePasswordBean changePasswordBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
         final Instant maxCompleteTime = changePasswordBean.getChangePasswordMaxCompletion();
         pwmRequest.setAttribute(
@@ -529,7 +529,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ChangePasswordBean changePasswordBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
         if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.CHANGE_PASSWORD_ENABLE ) )

server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServletUtil.java

@@ -158,7 +158,7 @@ public class ChangePasswordServletUtil
             return;
         }
 
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         pwmDomain.getEmailQueue().submitEmail(
                 configuredEmailSetting,
                 pwmRequest.getPwmSession().getUserInfo(),
@@ -184,7 +184,7 @@ public class ChangePasswordServletUtil
             if ( pwmRequest.getPwmSession().getLoginInfoBean().getAuthFlags().contains( AuthenticationType.AUTH_FROM_PUBLIC_MODULE ) )
             {
                 allowChange = ForgottenPasswordUtil.permitPwChangeDuringMinLifetime(
-                        pwmRequest.getPwmApplication(),
+                        pwmRequest.getPwmDomain(),
                         pwmRequest.getLabel(),
                         userInfo.getUserIdentity()
                 );
@@ -211,7 +211,7 @@ public class ChangePasswordServletUtil
     )
             throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         // password accepted, setup change password
         final ChangePasswordBean cpb = pwmDomain.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );

server/src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServlet.java

@@ -27,6 +27,7 @@ import password.pwm.PwmConstants;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.SmsItemBean;
 import password.pwm.bean.UserIdentity;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
@@ -191,7 +192,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
 
     private ConfigManagerBean getBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
     }
 
     @ActionHandler( action = "executeSettingFunction" )
@@ -567,8 +568,8 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
         LOGGER.debug( pwmRequest, () -> "beginning restLdapHealthCheck" );
         final String profileID = pwmRequest.readParameterAsString( "profile" );
-        final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
-        final HealthData healthData = LDAPHealthChecker.healthForNewConfiguration( pwmRequest.getPwmApplication(), config, pwmRequest.getLocale(), profileID, true, true );
+        final DomainConfig config = new AppConfig( configManagerBean.getStoredConfiguration() ).getDefaultDomainConfig();
+        final HealthData healthData = LDAPHealthChecker.healthForNewConfiguration( pwmRequest.getPwmDomain(), config, pwmRequest.getLocale(), profileID, true, true );
         final RestResultBean restResultBean = RestResultBean.withData( healthData );
 
         pwmRequest.outputJsonResult( restResultBean );
@@ -585,8 +586,8 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final Instant startTime = Instant.now();
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
         LOGGER.debug( pwmRequest, () -> "beginning restDatabaseHealthCheck" );
-        final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
-        final List<HealthRecord> healthRecords = DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmApplication(), config );
+        final DomainConfig config = new AppConfig( configManagerBean.getStoredConfiguration() ).getDefaultDomainConfig();
+        final List<HealthRecord> healthRecords = DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmDomain(), config );
         final HealthData healthData = HealthRecord.asHealthDataBean( config, pwmRequest.getLocale(), healthRecords );
         final RestResultBean restResultBean = RestResultBean.withData( healthData );
         pwmRequest.outputJsonResult( restResultBean );
@@ -604,7 +605,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
         LOGGER.debug( pwmRequest, () -> "beginning restSmsHealthCheck" );
 
-        final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
+        final DomainConfig config = new AppConfig( configManagerBean.getStoredConfiguration() ).getDefaultDomainConfig();
         final StringBuilder output = new StringBuilder();
         output.append( "beginning SMS send process:\n" );
 
@@ -619,7 +620,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
             try
             {
                 final String responseBody = SmsQueueManager.sendDirectMessage(
-                        pwmRequest.getPwmApplication(),
+                        pwmRequest.getPwmDomain(),
                         config,
                         pwmRequest.getLabel(),
                         testSmsItem
@@ -657,7 +658,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final StringBuilder output = new StringBuilder();
         output.append( "beginning EMail send process:\n" );
 
-        final DomainConfig testDomainConfig = new DomainConfig( configManagerBean.getStoredConfiguration() );
+        final DomainConfig testDomainConfig = new AppConfig( configManagerBean.getStoredConfiguration() ).getDefaultDomainConfig();
 
         final EmailServerProfile emailServerProfile = testDomainConfig.getEmailServerProfiles().get( profileID );
         if ( emailServerProfile != null )
@@ -665,7 +666,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
             final Optional<EmailServer> emailServer = EmailServerUtil.makeEmailServer( testDomainConfig, emailServerProfile, null );
             if ( emailServer.isPresent() )
             {
-                final MacroRequest macroRequest = SampleDataGenerator.sampleMacroRequest( pwmRequest.getPwmApplication() );
+                final MacroRequest macroRequest = SampleDataGenerator.sampleMacroRequest( pwmRequest.getPwmDomain() );
 
                 try
                 {
@@ -748,7 +749,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final StoredConfiguration storedConfiguration = configManagerBean.getStoredConfiguration();
 
         final List<NavTreeItem> navigationData = NavTreeDataMaker.makeNavTreeItems(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 storedConfiguration,
                 navTreeSettings );
 
@@ -785,7 +786,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
                 return ProcessStatus.Halt;
             }
 
-            final MacroRequest macroRequest = SampleDataGenerator.sampleMacroRequest( pwmRequest.getPwmApplication() );
+            final MacroRequest macroRequest = SampleDataGenerator.sampleMacroRequest( pwmRequest.getPwmDomain() );
             final String input = inputMap.get( "input" );
             final String output = macroRequest.expandMacros( input );
             pwmRequest.outputJsonResult( RestResultBean.withData( output ) );
@@ -809,7 +810,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final String dn = inputMap.getOrDefault( "dn", "" );
 
         final LdapBrowser ldapBrowser = new LdapBrowser(
-                pwmRequest.getPwmApplication().getLdapConnectionService().getChaiProviderFactory(),
+                pwmRequest.getPwmDomain().getLdapConnectionService().getChaiProviderFactory(),
                 configManagerBean.getStoredConfiguration()
         );
 
@@ -875,7 +876,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
     {
         final RestRandomPasswordServer.JsonInput jsonInput = JsonUtil.deserialize( pwmRequest.readRequestBodyAsString(), RestRandomPasswordServer.JsonInput.class );
         final RandomPasswordGenerator.RandomGeneratorConfig randomConfig = RestRandomPasswordServer.jsonInputToRandomConfig( jsonInput, PwmPasswordPolicy.defaultPolicy() );
-        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomConfig, pwmRequest.getPwmApplication() );
+        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomConfig, pwmRequest.getPwmDomain() );
         final RestRandomPasswordServer.JsonOutput outputMap = new RestRandomPasswordServer.JsonOutput();
         outputMap.setPassword( randomPassword.getStringValue() );
 

server/src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServletUtils.java

@@ -22,6 +22,7 @@ package password.pwm.http.servlet.configeditor;
 
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
@@ -123,7 +124,7 @@ public class ConfigEditorServletUtils
             final Locale locale = pwmRequest.getLocale();
 
             final Set<StoredConfigItemKey> changeLog = StoredConfigurationUtil.changedValues(
-                    pwmRequest.getPwmApplication().getConfig().getStoredConfiguration(),
+                    pwmRequest.getPwmDomain().getConfig().getStoredConfiguration(),
                     configManagerBean.getStoredConfiguration() );
 
             final Map<String, String> changeLogMap = StoredConfigurationUtil.makeDebugMap(
@@ -162,7 +163,7 @@ public class ConfigEditorServletUtils
         {
             final Locale locale = pwmRequest.getLocale();
             final ConfigurationChecker configurationChecker = new ConfigurationChecker();
-            final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
+            final DomainConfig config = new AppConfig( configManagerBean.getStoredConfiguration() ).getDefaultDomainConfig();
             final List<HealthRecord> healthRecords = configurationChecker.doHealthCheck(
                     config,
                     pwmRequest.getLocale()

server/src/main/java/password/pwm/http/servlet/configguide/ConfigGuideServlet.java

@@ -23,9 +23,11 @@ package password.pwm.http.servlet.configguide;
 import com.google.gson.reflect.TypeToken;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.AppProperty;
-import password.pwm.PwmDomain;
+import password.pwm.PwmApplication;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
+import password.pwm.PwmDomain;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.LdapProfile;
@@ -137,7 +139,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
     static ConfigGuideBean getBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class );
     }
 
     @Override
@@ -149,7 +151,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         if ( pwmDomain.getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class ).getStep() == GuideStep.START )
         {
@@ -181,7 +183,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
                 final URI ldapServerUri = new URI( ldapServerString );
                 if ( "ldaps".equalsIgnoreCase( ldapServerUri.getScheme() ) )
                 {
-                    final DomainConfig tempConfig = new DomainConfig( ConfigGuideForm.generateStoredConfig( configGuideBean ) );
+                    final DomainConfig tempConfig = new AppConfig( ConfigGuideForm.generateStoredConfig( configGuideBean ) ).getDefaultDomainConfig();
                     configGuideBean.setLdapCertificates( X509Utils.readRemoteCertificates( ldapServerUri, tempConfig ) );
                     configGuideBean.setCertsTrustedbyKeystore( X509Utils.testIfLdapServerCertsInDefaultKeystore( ldapServerUri ) );
                 }
@@ -231,10 +233,12 @@ public class ConfigGuideServlet extends ControlledPwmServlet
         final ConfigGuideBean configGuideBean = getBean( pwmRequest );
 
         final StoredConfiguration storedConfiguration = ConfigGuideForm.generateStoredConfig( configGuideBean );
-        final DomainConfig tempDomainConfig = new DomainConfig( storedConfiguration );
-        final PwmDomain tempApplication = PwmDomain.createPwmApplication( pwmRequest.getPwmApplication()
+        final AppConfig tempAppConfig = new AppConfig( storedConfiguration );
+        final PwmApplication tempApplication = PwmApplication.createPwmApplication( pwmRequest.getPwmApplication()
                 .getPwmEnvironment()
-                .makeRuntimeInstance( tempDomainConfig ) );
+                .makeRuntimeInstance( tempAppConfig ) );
+        final PwmDomain tempDomain = tempApplication.getDefaultDomain();
+        final DomainConfig tempDomainConfig = tempDomain.getConfig();
 
         final LDAPHealthChecker ldapHealthChecker = new LDAPHealthChecker();
         final List<HealthRecord> records = new ArrayList<>();
@@ -264,7 +268,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
             case LDAP_PROXY:
             {
-                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempDomainConfig, ldapProfile, false ) );
+                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempDomain, tempDomainConfig, ldapProfile, false ) );
                 if ( records.isEmpty() )
                 {
                     records.add( password.pwm.health.HealthRecord.forMessage( HealthMessage.LDAP_OK ) );
@@ -274,7 +278,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
             case LDAP_CONTEXT:
             {
-                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempDomainConfig, ldapProfile, true ) );
+                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempDomain, tempDomainConfig, ldapProfile, true ) );
                 if ( records.isEmpty() )
                 {
                     records.add( HealthRecord.forMessage( HealthMessage.Config_SettingOk,
@@ -294,8 +298,8 @@ public class ConfigGuideServlet extends ControlledPwmServlet
                 final String testUserValue = configGuideBean.getFormData().get( ConfigGuideFormField.PARAM_LDAP_TEST_USER );
                 if ( testUserValue != null && !testUserValue.isEmpty() )
                 {
-                    records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempDomainConfig, ldapProfile, false ) );
-                    records.addAll( ldapHealthChecker.doLdapTestUserCheck( tempDomainConfig, ldapProfile, tempApplication ) );
+                    records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempDomain, tempDomainConfig, ldapProfile, false ) );
+                    records.addAll( ldapHealthChecker.doLdapTestUserCheck( tempDomainConfig, ldapProfile, tempDomain ) );
                 }
                 else
                 {
@@ -309,7 +313,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
             case DATABASE:
             {
-                records.addAll( DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmApplication(), tempDomainConfig ) );
+                records.addAll( DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmDomain(), tempDomainConfig ) );
             }
             break;
 
@@ -350,7 +354,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
         final String dn = inputMap.getOrDefault( "dn", "" );
 
         final LdapBrowser ldapBrowser = new LdapBrowser(
-                pwmRequest.getPwmApplication().getLdapConnectionService().getChaiProviderFactory(),
+                pwmRequest.getPwmDomain().getLdapConnectionService().getChaiProviderFactory(),
                 storedConfiguration
         );
         final LdapBrowser.LdapBrowseResult result = ldapBrowser.doBrowse( profile, dn );
@@ -482,7 +486,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
         try
         {
-            final SchemaOperationResult schemaOperationResult = ConfigGuideUtils.extendSchema( pwmRequest.getPwmApplication(), configGuideBean, true );
+            final SchemaOperationResult schemaOperationResult = ConfigGuideUtils.extendSchema( pwmRequest.getPwmDomain(), configGuideBean, true );
             pwmRequest.outputJsonResult( RestResultBean.withData( schemaOperationResult.getOperationLog() ) );
         }
         catch ( final Exception e )

server/src/main/java/password/pwm/http/servlet/configguide/ConfigGuideUtils.java

@@ -24,10 +24,12 @@ import com.novell.ldapchai.provider.ChaiConfiguration;
 import com.novell.ldapchai.provider.ChaiProvider;
 import com.novell.ldapchai.provider.ChaiSetting;
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import password.pwm.PwmApplication;
 import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.function.UserMatchViewerFunction;
@@ -105,7 +107,7 @@ public class ConfigGuideUtils
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final ConfigurationReader configReader = contextManager.getConfigReader();
-        final PwmDomain pwmDomain = contextManager.getPwmApplication();
+        final PwmApplication pwmApplication = contextManager.getPwmApplication();
 
         try
         {
@@ -113,7 +115,7 @@ public class ConfigGuideUtils
             // add a random security key
             StoredConfigurationUtil.initNewRandomSecurityKey( modifier );
 
-            configReader.saveConfiguration( modifier.newStoredConfiguration(), pwmDomain, null );
+            configReader.saveConfiguration( modifier.newStoredConfiguration(), pwmApplication.getDefaultDomain(), null );
 
             contextManager.requestPwmApplicationRestart();
         }
@@ -173,7 +175,7 @@ public class ConfigGuideUtils
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final ConfigGuideBean configGuideBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class );
+        final ConfigGuideBean configGuideBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class );
 
         if ( configGuideBean.getStep() == GuideStep.LDAP_PERMISSIONS )
         {
@@ -214,7 +216,7 @@ public class ConfigGuideUtils
 
         if ( Boolean.parseBoolean( formData.get( ConfigGuideFormField.PARAM_LDAP_SECURE ) ) )
         {
-            final DomainConfig tempConfig = new DomainConfig( ConfigGuideForm.generateStoredConfig( configGuideBean ) );
+            final DomainConfig tempConfig = new AppConfig( ConfigGuideForm.generateStoredConfig( configGuideBean ) ).getDefaultDomainConfig();
             X509Utils.readRemoteCertificates( host, port, tempConfig );
         }
     }
@@ -223,7 +225,7 @@ public class ConfigGuideUtils
     public static void restUploadConfig( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
         if ( pwmDomain.getApplicationMode() == PwmApplicationMode.RUNNING )
@@ -281,15 +283,15 @@ public class ConfigGuideUtils
         {
             final ConfigGuideBean configGuideBean = ConfigGuideServlet.getBean( pwmRequest );
             final Map<ConfigGuideFormField, String> form = configGuideBean.getFormData();
-            final PwmDomain tempApplication = PwmDomain.createPwmApplication(
-                    pwmRequest.getPwmApplication().getPwmEnvironment().makeRuntimeInstance( new DomainConfig( storedConfiguration ) ) );
+            final PwmApplication tempApplication = PwmApplication.createPwmApplication(
+                    pwmRequest.getPwmDomain().getPwmEnvironment().makeRuntimeInstance( new AppConfig( storedConfiguration ) ) );
 
             final String adminDN = form.get( ConfigGuideFormField.PARAM_LDAP_ADMIN_USER );
             final UserIdentity adminIdentity = UserIdentity.createUserIdentity( adminDN, PwmConstants.PROFILE_ID_DEFAULT );
 
             final UserMatchViewerFunction userMatchViewerFunction = new UserMatchViewerFunction();
             final Collection<UserIdentity> results = userMatchViewerFunction.discoverMatchingUsers(
-                    tempApplication,
+                    tempApplication.getDefaultDomain(),
                     1,
                     storedConfiguration,
                     PwmSetting.QUERY_MATCH_PWM_ADMIN,
@@ -299,7 +301,7 @@ public class ConfigGuideUtils
             if ( !results.isEmpty() )
             {
                 final UserIdentity foundIdentity = results.iterator().next();
-                if ( foundIdentity.canonicalEquals( adminIdentity, tempApplication ) )
+                if ( foundIdentity.canonicalEquals( adminIdentity, tempApplication.getDefaultDomain() ) )
                 {
                     records.add( HealthRecord.forMessage( HealthMessage.LDAP_AdminUserOk ) );
                 }

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerLocalDBServlet.java

@@ -141,7 +141,7 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
         resp.setHeader( HttpHeader.ContentDisposition, "attachment;filename=" + PwmConstants.PWM_APP_NAME + "-LocalDB.bak" );
         resp.setContentType( HttpContentType.octetstream );
         resp.setHeader( HttpHeader.ContentTransferEncoding, "binary" );
-        final LocalDBUtility localDBUtility = new LocalDBUtility( pwmRequest.getPwmApplication().getLocalDB() );
+        final LocalDBUtility localDBUtility = new LocalDBUtility( pwmRequest.getPwmDomain().getLocalDB() );
         try
         {
             final int bufferSize = Integer.parseInt( pwmRequest.getConfig().readAppProperty( AppProperty.HTTP_DOWNLOAD_BUFFER_SIZE ) );
@@ -159,7 +159,7 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
             throws IOException, ServletException, PwmUnrecoverableException
 
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
         if ( pwmDomain.getApplicationMode() == PwmApplicationMode.RUNNING )
@@ -194,7 +194,7 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
             contextManager.shutdown();
 
             localDB.close();
-            localDB = LocalDBFactory.getInstance( localDBLocation, false, null, domainConfig );
+            localDB = LocalDBFactory.getInstance( localDBLocation, false, null, domainConfig.getAppConfig() );
 
             final LocalDBUtility localDBUtility = new LocalDBUtility( localDB );
             LOGGER.info( pwmRequest, () -> "beginning LocalDB import" );

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerLoginServlet.java

@@ -122,7 +122,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
         }
 
 
-        final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+        final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
         if ( configManagerBean.isPasswordVerified() )
         {
             forwardToNextUrl( pwmRequest );
@@ -135,7 +135,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
     protected void processLoginRequest( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ConfigurationReader runningConfigReader = ContextManager.getContextManager( pwmRequest.getHttpServletRequest().getSession() ).getConfigReader();
         final StoredConfiguration storedConfig = runningConfigReader.getStoredConfiguration();
 
@@ -197,7 +197,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
 
     private static ConfigLoginHistory readConfigLoginHistory( final PwmRequest pwmRequest )
     {
-       return pwmRequest.getPwmApplication().readAppAttribute( AppAttribute.CONFIG_LOGIN_HISTORY, ConfigLoginHistory.class )
+       return pwmRequest.getPwmDomain().readAppAttribute( AppAttribute.CONFIG_LOGIN_HISTORY, ConfigLoginHistory.class )
                .orElseGet( ConfigLoginHistory::new );
     }
 
@@ -209,9 +209,9 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
                 Instant.now(),
                 pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress()
         );
-        final int maxEvents = Integer.parseInt( pwmRequest.getPwmApplication().getConfig().readAppProperty( AppProperty.CONFIG_HISTORY_MAX_ITEMS ) );
+        final int maxEvents = Integer.parseInt( pwmRequest.getPwmDomain().getConfig().readAppProperty( AppProperty.CONFIG_HISTORY_MAX_ITEMS ) );
         configLoginHistory.addEvent( event, maxEvents, successful );
-        pwmRequest.getPwmApplication().writeAppAttribute( AppAttribute.CONFIG_LOGIN_HISTORY, configLoginHistory );
+        pwmRequest.getPwmDomain().writeAppAttribute( AppAttribute.CONFIG_LOGIN_HISTORY, configLoginHistory );
     }
 
     @Value
@@ -255,8 +255,8 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
     private static ProcessStatus processLoginSuccess( final PwmRequest pwmRequest, final boolean persistentLoginEnabled )
             throws PwmUnrecoverableException, IOException
     {
-        final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         configManagerBean.setPasswordVerified( true );
@@ -283,7 +283,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
     private static void forwardToNextUrl( final PwmRequest pwmRequest )
             throws IOException, PwmUnrecoverableException
     {
-        final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+        final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
 
         if ( configManagerBean.getPrePasswordEntryUrl() != null )
         {
@@ -307,7 +307,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
             final StoredConfiguration storedConfig = pwmRequest.getConfig().getStoredConfiguration();
             final String persistentLoginValue = makePersistentLoginPassword( pwmRequest, storedConfig );
             final PersistentLoginInfo persistentLoginInfo = new PersistentLoginInfo( Instant.now(), persistentLoginValue );
-            final String cookieValue = pwmRequest.getPwmApplication().getSecureService().encryptObjectToString( persistentLoginInfo );
+            final String cookieValue = pwmRequest.getPwmDomain().getSecureService().encryptObjectToString( persistentLoginInfo );
             pwmRequest.getPwmResponse().writeCookie(
                     COOKIE_NAME,
                     cookieValue,
@@ -336,7 +336,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
             final String cookieValue = pwmRequest.readCookie( COOKIE_NAME );
             if ( !StringUtil.isEmpty( cookieValue ) )
             {
-                final PersistentLoginInfo persistentLoginInfo = pwmRequest.getPwmApplication().getSecureService().decryptObject( cookieValue, PersistentLoginInfo.class );
+                final PersistentLoginInfo persistentLoginInfo = pwmRequest.getPwmDomain().getSecureService().decryptObject( cookieValue, PersistentLoginInfo.class );
                 if ( persistentLoginInfo != null && persistentLoginInfo.getIssueTimestamp() != null )
                 {
                     final int maxLoginSeconds = figureMaxLoginSeconds( pwmRequest );
@@ -353,7 +353,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
                                     + ")"
                             );
 
-                            final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+                            final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
                             configManagerBean.setPasswordVerified( true );
                         }
                         else
@@ -429,7 +429,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
     )
             throws PwmUnrecoverableException
     {
-        if ( PwmApplicationMode.RUNNING != pwmRequest.getPwmApplication().getApplicationMode() )
+        if ( PwmApplicationMode.RUNNING != pwmRequest.getPwmDomain().getApplicationMode() )
         {
             LOGGER.debug( pwmRequest, () -> "app not in running mode, persistent login not possible." );
             return false;

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerServlet.java

@@ -128,7 +128,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
     public static void verifyConfigAccess( final PwmRequest pwmRequest )
             throws ServletException, PwmUnrecoverableException, IOException
     {
-        final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+        final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
         final ProcessStatus processStatus = ConfigAccessFilter.checkAuthentication( pwmRequest, configManagerBean );
         if ( processStatus != ProcessStatus.Continue )
         {
@@ -195,7 +195,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
     {
         final ConfigurationReader configurationReader = pwmRequest.getContextManager().getConfigReader();
         pwmRequest.setAttribute( PwmRequestAttribute.PageTitle, LocaleHelper.getLocalizedMessage( Config.Title_ConfigManager, pwmRequest ) );
-        pwmRequest.setAttribute( PwmRequestAttribute.ApplicationPath, pwmRequest.getPwmApplication().getPwmEnvironment().getApplicationPath().getAbsolutePath() );
+        pwmRequest.setAttribute( PwmRequestAttribute.ApplicationPath, pwmRequest.getPwmDomain().getPwmEnvironment().getApplicationPath().getAbsolutePath() );
         pwmRequest.setAttribute( PwmRequestAttribute.ConfigFilename, configurationReader.getConfigFile().getAbsolutePath() );
         {
             final Instant lastModifyTime = configurationReader.getStoredConfiguration().modifyTime();
@@ -226,7 +226,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
     private void restLockConfiguration( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( PwmConstants.TRIAL_MODE )
@@ -271,7 +271,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
             final StoredConfigurationModifier modifiedConfig = StoredConfigurationModifier.newModifier( storedConfiguration );
             modifiedConfig.writeConfigProperty( ConfigurationProperty.CONFIG_IS_EDITABLE, "false" );
             saveConfiguration( pwmRequest, modifiedConfig.newStoredConfiguration() );
-            final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
+            final ConfigManagerBean configManagerBean = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
             configManagerBean.setStoredConfiguration( null );
         }
         catch ( final PwmException e )
@@ -319,7 +319,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
             final ContextManager contextManager = ContextManager.getContextManager( pwmRequest.getHttpServletRequest().getSession().getServletContext() );
             contextManager.getConfigReader().saveConfiguration(
                     storedConfiguration,
-                    contextManager.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getLabel()
             );
 
@@ -367,7 +367,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
     private void doGenerateSupportZip( final PwmRequest pwmRequest )
             throws IOException, PwmUnrecoverableException
     {
-        final DebugItemGenerator debugItemGenerator = new DebugItemGenerator( pwmRequest.getPwmApplication(), pwmRequest.getLabel() );
+        final DebugItemGenerator debugItemGenerator = new DebugItemGenerator( pwmRequest.getPwmDomain(), pwmRequest.getLabel() );
         final PwmResponse resp = pwmRequest.getPwmResponse();
         resp.setHeader( HttpHeader.ContentDisposition, "attachment;filename=" + PwmConstants.PWM_APP_NAME + "-Support.zip" );
         resp.setContentType( HttpContentType.zip );

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerWordlistServlet.java

@@ -138,7 +138,7 @@ public class ConfigManagerWordlistServlet extends AbstractPwmServlet
             throws IOException, ServletException, PwmUnrecoverableException
 
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
         final String wordlistTypeParam = pwmRequest.readParameterAsString( "wordlist" );
         final WordlistType wordlistType = WordlistType.valueOf( wordlistTypeParam );
@@ -193,7 +193,7 @@ public class ConfigManagerWordlistServlet extends AbstractPwmServlet
 
         try
         {
-            wordlistType.forType( pwmRequest.getPwmApplication() ).clear();
+            wordlistType.forType( pwmRequest.getPwmDomain() ).clear();
         }
         catch ( final Exception e )
         {
@@ -210,10 +210,10 @@ public class ConfigManagerWordlistServlet extends AbstractPwmServlet
 
         for ( final WordlistType wordlistType : WordlistType.values() )
         {
-            final Wordlist wordlist = wordlistType.forType( pwmRequest.getPwmApplication() );
+            final Wordlist wordlist = wordlistType.forType( pwmRequest.getPwmDomain() );
             final WordlistStatus wordlistStatus = wordlist.readWordlistStatus();
             final Wordlist.Activity activity = wordlist.getActivity();
-            final WordlistConfiguration wordlistConfiguration = wordlistType.forType( pwmRequest.getPwmApplication() ).getConfiguration();
+            final WordlistConfiguration wordlistConfiguration = wordlistType.forType( pwmRequest.getPwmDomain() ).getConfiguration();
 
             final WordlistDataBean.WordlistDataBeanBuilder builder = WordlistDataBean.builder();
             {

server/src/main/java/password/pwm/http/servlet/configmanager/DebugItemGenerator.java

@@ -30,6 +30,7 @@ import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
+import password.pwm.config.AppConfig;
 import password.pwm.config.DomainConfig;
 import password.pwm.config.value.StoredValue;
 import password.pwm.config.stored.StoredConfigItemKey;
@@ -139,7 +140,7 @@ public class DebugItemGenerator
         this.sessionLabel = sessionLabel;
 
         final StoredConfiguration obfuscatedStoredConfig = StoredConfigurationUtil.copyConfigAndBlankAllPasswords( pwmDomain.getConfig().getStoredConfiguration() );
-        this.obfuscatedDomainConfig = new DomainConfig( obfuscatedStoredConfig );
+        this.obfuscatedDomainConfig = new AppConfig( obfuscatedStoredConfig ).getDefaultDomainConfig();
     }
 
     private String getFilenameBase()

server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordServlet.java

@@ -179,7 +179,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     {
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         final DomainConfig config = pwmDomain.getConfig();
 
@@ -219,12 +219,12 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
 
     static ForgottenPasswordBean forgottenPasswordBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ForgottenPasswordBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, ForgottenPasswordBean.class );
     }
 
     static void clearForgottenPasswordBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, ForgottenPasswordBean.class );
+        pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, ForgottenPasswordBean.class );
     }
 
     @ActionHandler( action = "actionChoice" )
@@ -232,7 +232,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, ServletException, IOException, ChaiUnavailableException
     {
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
-        final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmApplication(), forgottenPasswordBean );
+        final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmDomain(), forgottenPasswordBean );
 
         final boolean resendEnabled = forgottenPasswordProfile.readSettingAsBoolean( PwmSetting.TOKEN_RESEND_ENABLE );
 
@@ -392,7 +392,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
         final Locale userLocale = pwmRequest.getLocale();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         final String contextParam = pwmRequest.readParameterAsString( PwmConstants.PARAM_CONTEXT );
         final String ldapProfile = pwmRequest.readParameterAsString( PwmConstants.PARAM_LDAP_PROFILE );
@@ -530,7 +530,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                 );
             }
             forgottenPasswordBean.getProgress().getSatisfiedMethods().add( IdentityVerificationMethod.TOKEN );
-            StatisticsManager.incrementStat( pwmRequest.getPwmApplication(), Statistic.RECOVERY_TOKENS_PASSED );
+            StatisticsManager.incrementStat( pwmRequest.getPwmDomain(), Statistic.RECOVERY_TOKENS_PASSED );
 
             if ( pwmRequest.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON ) )
             {
@@ -615,7 +615,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             try
             {
                 // forces service to use proxy account to update (write) updated otp record if necessary.
-                otpPassed = pwmRequest.getPwmApplication().getOtpService().validateToken(
+                otpPassed = pwmRequest.getPwmDomain().getOtpService().validateToken(
                         null,
                         forgottenPasswordBean.getUserIdentity(),
                         otpUserRecord,
@@ -655,7 +655,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         if ( forgottenPasswordBean.getProgress().getInProgressVerificationMethod() != IdentityVerificationMethod.OAUTH )
         {
             LOGGER.debug( pwmRequest, () -> "oauth return detected, however current session did not issue an oauth request; will restart forgotten password sequence" );
-            pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, ForgottenPasswordBean.class );
+            pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, ForgottenPasswordBean.class );
             pwmRequest.sendRedirect( PwmServletDefinition.ForgottenPassword );
             return ProcessStatus.Halt;
         }
@@ -663,13 +663,13 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         if ( forgottenPasswordBean.getUserIdentity() == null )
         {
             LOGGER.debug( pwmRequest, () -> "oauth return detected, however current session does not have a user identity stored; will restart forgotten password sequence" );
-            pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, ForgottenPasswordBean.class );
+            pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, ForgottenPasswordBean.class );
             pwmRequest.sendRedirect( PwmServletDefinition.ForgottenPassword );
             return ProcessStatus.Halt;
         }
 
         final String encryptedResult = pwmRequest.readParameterAsString( PwmConstants.PARAM_RECOVERY_OAUTH_RESULT, PwmHttpRequestWrapper.Flag.BypassValidation );
-        final OAuthForgottenPasswordResults results = pwmRequest.getPwmApplication().getSecureService().decryptObject( encryptedResult, OAuthForgottenPasswordResults.class );
+        final OAuthForgottenPasswordResults results = pwmRequest.getPwmDomain().getSecureService().decryptObject( encryptedResult, OAuthForgottenPasswordResults.class );
         LOGGER.trace( pwmRequest, () -> "received" );
 
         final String userDNfromOAuth = results.getUsername();
@@ -682,7 +682,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
 
         final UserIdentity oauthUserIdentity;
         {
-            final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
+            final UserSearchEngine userSearchEngine = pwmRequest.getPwmDomain().getUserSearchEngine();
             try
             {
                 oauthUserIdentity = userSearchEngine.resolveUsername( userDNfromOAuth, null, null, pwmRequest.getLabel() );
@@ -795,7 +795,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
 
         {
-            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmApplication(), forgottenPasswordBean );
+            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmDomain(), forgottenPasswordBean );
             final boolean resendEnabled = forgottenPasswordProfile.readSettingAsBoolean( PwmSetting.TOKEN_RESEND_ENABLE );
             if ( !resendEnabled )
             {
@@ -846,7 +846,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             {
                 final List<FormConfiguration> formConfigurations = pwmRequest.getConfig().readSettingAsForm( PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FORM );
                 final Map<FormConfiguration, String> formMap = FormUtility.asFormConfigurationMap( formConfigurations, forgottenPasswordBean.getUserSearchValues() );
-                pwmRequest.getPwmApplication().getIntruderManager().convenience().markAttributes( formMap, pwmRequest.getLabel() );
+                pwmRequest.getPwmDomain().getIntruderManager().convenience().markAttributes( formMap, pwmRequest.getLabel() );
             }
 
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_INCORRECT_RESPONSE,
@@ -870,7 +870,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         try
         {
             // check attributes
-            final ChaiUser theUser = pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity );
+            final ChaiUser theUser = pwmRequest.getPwmDomain().getProxiedChaiUser( userIdentity );
             final Locale userLocale = pwmRequest.getLocale();
 
             final List<FormConfiguration> requiredAttributesForm = forgottenPasswordBean.getAttributeForm();
@@ -940,7 +940,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                     pwmRequest.getLabel(),
                     "ForgottenPassword"
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return ProcessStatus.Continue;
@@ -951,7 +951,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     protected void nextStep( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmRequest.getConfig();
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
 
@@ -966,7 +966,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             return;
         }
 
-        final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmApplication(), forgottenPasswordBean );
+        final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmDomain(), forgottenPasswordBean );
         {
             final Map<String, ForgottenPasswordProfile> profileIDList = pwmRequest.getConfig().getForgottenPasswordProfiles();
             final String profileDebugMsg = forgottenPasswordProfile != null && profileIDList != null && profileIDList.size() > 1
@@ -1163,7 +1163,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     private void executeUnlock( final PwmRequest pwmRequest )
             throws IOException, ServletException, ChaiUnavailableException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
         final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
@@ -1198,7 +1198,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     private void executeResetPassword( final PwmRequest pwmRequest )
             throws ChaiUnavailableException, IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
 
@@ -1274,15 +1274,15 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         if ( userIdentity != null )
         {
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest,
                     PwmAuthenticationSource.FORGOTTEN_PASSWORD
             );
             sessionAuthenticator.simulateBadPassword( userIdentity );
-            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity( userIdentity, pwmRequest );
+            pwmRequest.getPwmDomain().getIntruderManager().convenience().markUserIdentity( userIdentity, pwmRequest );
         }
 
-        pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+        pwmRequest.getPwmDomain().getIntruderManager().convenience().markAddressAndSession( pwmRequest );
 
         StatisticsManager.incrementStat( pwmRequest, Statistic.RECOVERY_FAILURES );
     }
@@ -1413,7 +1413,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                 {
                     remoteMethod = new RemoteVerificationMethod();
                     remoteMethod.init(
-                            pwmRequest.getPwmApplication(),
+                            pwmRequest.getPwmDomain(),
                             userInfo,
                             pwmRequest.getLabel(),
                             pwmRequest.getLocale()
@@ -1436,10 +1436,10 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
 
             case OAUTH:
                 forgottenPasswordBean.getProgress().setInProgressVerificationMethod( IdentityVerificationMethod.OAUTH );
-                final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmApplication(), forgottenPasswordBean );
+                final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmRequest.getPwmDomain(), forgottenPasswordBean );
                 final OAuthSettings oAuthSettings = OAuthSettings.forForgottenPassword( forgottenPasswordProfile );
                 final OAuthMachine oAuthMachine = new OAuthMachine( pwmRequest.getLabel(), oAuthSettings );
-                pwmRequest.getPwmApplication().getSessionStateService().saveSessionBeans( pwmRequest );
+                pwmRequest.getPwmDomain().getSessionStateService().saveSessionBeans( pwmRequest );
                 final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
                 oAuthMachine.redirectUserToOAuthServer( pwmRequest, null, userIdentity, forgottenPasswordProfile.getIdentifier() );
                 break;
@@ -1471,7 +1471,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     {
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
         final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 forgottenPasswordBean
         );
 

server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordUtil.java

@@ -420,9 +420,9 @@ public class ForgottenPasswordUtil
     static void doActionSendNewPassword( final PwmRequest pwmRequest )
             throws ChaiUnavailableException, IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ForgottenPasswordBean forgottenPasswordBean = ForgottenPasswordServlet.forgottenPasswordBean( pwmRequest );
-        final ForgottenPasswordProfile forgottenPasswordProfile = forgottenPasswordProfile( pwmRequest.getPwmApplication(), forgottenPasswordBean );
+        final ForgottenPasswordProfile forgottenPasswordProfile = forgottenPasswordProfile( pwmRequest.getPwmDomain(), forgottenPasswordBean );
         final RecoveryAction recoveryAction = ForgottenPasswordUtil.getRecoveryAction( pwmDomain.getConfig(), forgottenPasswordBean );
 
         LOGGER.trace( pwmRequest, () -> "beginning process to send new password to user" );
@@ -433,7 +433,7 @@ public class ForgottenPasswordUtil
         }
 
         final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
-        final ChaiUser theUser = pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity );
+        final ChaiUser theUser = pwmRequest.getPwmDomain().getProxiedChaiUser( userIdentity );
 
         try
         {

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskCardInfoBean.java

@@ -74,19 +74,19 @@ public class HelpdeskCardInfoBean implements Serializable
         }
 
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 actorLocale,
                 userIdentity,
                 theUser.getChaiProvider()
         );
 
-        builder.userKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
+        builder.userKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmDomain() ) );
 
         final PhotoDataReader photoDataReader = HelpdeskServlet.photoDataReader( pwmRequest, helpdeskProfile, userIdentity );
         builder.photoURL( photoDataReader.figurePhotoURL( ) );
 
-        builder.displayNames( figureDisplayNames( pwmRequest.getPwmApplication(), helpdeskProfile, pwmRequest.getLabel(), userInfo ) );
+        builder.displayNames( figureDisplayNames( pwmRequest.getPwmDomain(), helpdeskProfile, pwmRequest.getLabel(), userInfo ) );
 
         final TimeDuration timeDuration = TimeDuration.fromCurrent( startTime );
         final HelpdeskCardInfoBean helpdeskCardInfoBean = builder.build();

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskDetailInfoBean.java

@@ -122,13 +122,13 @@ public class HelpdeskDetailInfoBean implements Serializable
         }
 
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 actorLocale,
                 userIdentity,
                 theUser.getChaiProvider()
         );
-        final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userInfo, null );
+        final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest.getPwmDomain(), pwmRequest.getLabel(), userInfo, null );
 
         try
         {
@@ -136,7 +136,7 @@ public class HelpdeskDetailInfoBean implements Serializable
             final AccountInformationProfile accountInformationProfile = pwmRequest.getPwmSession().getSessionManager().getAccountInfoProfile();
 
             final List<AccountInformationBean.ActivityRecord> userHistory = AccountInformationBean.makeAuditInfo(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     accountInformationProfile,
                     pwmRequest.getLabel(),
                     userInfo,
@@ -148,7 +148,7 @@ public class HelpdeskDetailInfoBean implements Serializable
             LOGGER.error( pwmRequest, () -> "unexpected error reading userHistory for user '" + userIdentity + "', " + e.getMessage() );
         }
 
-        builder.userKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
+        builder.userKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmDomain() ) );
 
         builder.profileData( getProfileData( helpdeskProfile, userInfo, pwmRequest.getLabel(), pwmRequest.getLocale() ) );
 

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServlet.java

@@ -186,7 +186,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         if ( !pwmRequest.isAuthenticated() )
         {
@@ -246,7 +246,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             pwmRequest.respondWithError( errorInformation, false );
             return ProcessStatus.Halt;
         }
-        final UserIdentity targetUserIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmApplication() );
+        final UserIdentity targetUserIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmDomain() );
         LOGGER.debug( pwmRequest, () -> "received executeAction request for user " + targetUserIdentity.toString() );
 
         final List<ActionConfiguration> actionConfigurations = helpdeskProfile.readSettingAsAction( PwmSetting.HELPDESK_ACTIONS );
@@ -279,7 +279,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
             final ChaiUser chaiUser = HelpdeskServletUtil.getChaiUser( pwmRequest, helpdeskProfile, targetUserIdentity );
             final MacroRequest macroRequest = HelpdeskServletUtil.getTargetUserMacroRequest( pwmRequest, helpdeskProfile, targetUserIdentity );
-            final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmRequest.getPwmApplication(), chaiUser )
+            final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmRequest.getPwmDomain(), chaiUser )
                     .setExpandPwmMacros( true )
                     .setMacroMachine( macroRequest )
                     .createActionExecutor();
@@ -296,7 +296,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmSession.getSessionStateBean().getSrcAddress(),
                         pwmSession.getSessionStateBean().getSrcHostname()
                 );
-                pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+                pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
             }
             final RestResultBean restResultBean = RestResultBean.forSuccessMessage( pwmRequest.getLocale(), pwmRequest.getConfig(), Message.Success_Action, action.getName() );
 
@@ -319,7 +319,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
         final HelpdeskProfile helpdeskProfile = getHelpdeskProfile( pwmRequest );
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final String userKey = pwmRequest.readParameterAsString( PwmConstants.PARAM_USERKEY, PwmHttpRequestWrapper.Flag.BypassValidation );
@@ -499,7 +499,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                 JavaHelper.unhandledSwitchStatement( searchMode );
         }
 
-        final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
+        final UserSearchEngine userSearchEngine = pwmRequest.getPwmDomain().getUserSearchEngine();
 
 
         final SearchConfiguration searchConfiguration;
@@ -564,7 +564,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         }
 
         return HelpdeskSearchResultsBean.builder()
-                .searchResults( results.resultsAsJsonOutput( pwmRequest.getPwmApplication(), pwmRequest.getUserInfoIfLoggedIn() ) )
+                .searchResults( results.resultsAsJsonOutput( pwmRequest.getPwmDomain(), pwmRequest.getUserInfoIfLoggedIn() ) )
                 .sizeExceeded( sizeExceeded )
                 .build();
     }
@@ -583,7 +583,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             pwmRequest.respondWithError( errorInformation, false );
             return ProcessStatus.Halt;
         }
-        final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmDomain() );
 
         if ( !helpdeskProfile.readSettingAsBoolean( PwmSetting.HELPDESK_ENABLE_UNLOCK ) )
         {
@@ -595,7 +595,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
         //clear pwm intruder setting.
         {
-            final IntruderManager intruderManager = pwmRequest.getPwmApplication().getIntruderManager();
+            final IntruderManager intruderManager = pwmRequest.getPwmDomain().getIntruderManager();
             intruderManager.convenience().clearUserIdentity( userIdentity );
         }
 
@@ -618,7 +618,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmRequest.getLabel().getSourceAddress(),
                         pwmRequest.getLabel().getSourceHostname()
                 );
-                pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+                pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
             }
         }
         catch ( final ChaiPasswordPolicyException e )
@@ -662,7 +662,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             pwmRequest.respondWithError( errorInformation, false );
             return ProcessStatus.Halt;
         }
-        final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmDomain() );
 
         if ( !helpdeskProfile.readOptionalVerificationMethods().contains( IdentityVerificationMethod.OTP ) )
         {
@@ -673,10 +673,10 @@ public class HelpdeskServlet extends ControlledPwmServlet
         }
 
         final String code = helpdeskVerificationRequestBean.getCode();
-        final OTPUserRecord otpUserRecord = pwmRequest.getPwmApplication().getOtpService().readOTPUserConfiguration( pwmRequest.getLabel(), userIdentity );
+        final OTPUserRecord otpUserRecord = pwmRequest.getPwmDomain().getOtpService().readOTPUserConfiguration( pwmRequest.getLabel(), userIdentity );
         try
         {
-            final boolean passed = pwmRequest.getPwmApplication().getOtpService().validateToken(
+            final boolean passed = pwmRequest.getPwmDomain().getOtpService().validateToken(
                     pwmRequest.getLabel(),
                     userIdentity,
                     otpUserRecord,
@@ -700,7 +700,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmSession.getSessionStateBean().getSrcAddress(),
                         pwmSession.getSessionStateBean().getSrcHostname()
                 );
-                pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+                pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
 
                 StatisticsManager.incrementStat( pwmRequest, Statistic.HELPDESK_VERIFY_OTP );
                 verificationStateBean.addRecord( userIdentity, IdentityVerificationMethod.OTP );
@@ -716,7 +716,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmSession.getSessionStateBean().getSrcAddress(),
                         pwmSession.getSessionStateBean().getSrcHostname()
                 );
-                pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+                pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
             }
 
             return outputVerificationResponseBean( pwmRequest, passed, verificationStateBean );
@@ -740,7 +740,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final DomainConfig config = pwmRequest.getConfig();
         final Map<String, String> bodyParams = pwmRequest.readBodyAsJsonStringMap();
 
-        final UserIdentity targetUserIdentity = UserIdentity.fromKey( bodyParams.get( PwmConstants.PARAM_USERKEY ), pwmRequest.getPwmApplication() );
+        final UserIdentity targetUserIdentity = UserIdentity.fromKey( bodyParams.get( PwmConstants.PARAM_USERKEY ), pwmRequest.getPwmDomain() );
         final UserInfo targetUserInfo = HelpdeskServletUtil.getTargetUserInfo( pwmRequest, helpdeskProfile, targetUserIdentity );
 
         final String requestedTokenID = bodyParams.get( "id" );
@@ -748,7 +748,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final TokenDestinationItem tokenDestinationItem;
         {
             final List<TokenDestinationItem> items = TokenUtil.figureAvailableTokenDestinations(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     targetUserInfo,
@@ -787,7 +787,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         {
             TokenService.TokenSender.sendToken(
                     TokenService.TokenSendInfo.builder()
-                            .pwmDomain( pwmRequest.getPwmApplication() )
+                            .pwmDomain( pwmRequest.getPwmDomain() )
                             .userInfo( targetUserInfo )
                             .macroRequest( macroRequest )
                             .configuredEmailSetting( emailItemBean )
@@ -814,7 +814,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         tokenData.setToken( tokenKey );
         tokenData.setIssueDate( Instant.now() );
 
-        final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+        final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
         helpdeskVerificationRequestBean.setTokenData( secureService.encryptObjectToString( tokenData ) );
 
         final RestResultBean restResultBean = RestResultBean.withData( helpdeskVerificationRequestBean );
@@ -841,13 +841,13 @@ public class HelpdeskServlet extends ControlledPwmServlet
         );
         final String token = helpdeskVerificationRequestBean.getCode();
 
-        final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+        final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
         final HelpdeskVerificationRequestBean.TokenData tokenData = secureService.decryptObject(
                 helpdeskVerificationRequestBean.getTokenData(),
                 HelpdeskVerificationRequestBean.TokenData.class
         );
 
-        final UserIdentity userIdentity = UserIdentity.fromKey( helpdeskVerificationRequestBean.getUserKey(), pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( helpdeskVerificationRequestBean.getUserKey(), pwmRequest.getPwmDomain() );
 
         if ( tokenData == null || tokenData.getIssueDate() == null || tokenData.getToken() == null || tokenData.getToken().isEmpty() )
         {
@@ -884,7 +884,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     pwmSession.getSessionStateBean().getSrcAddress(),
                     pwmSession.getSessionStateBean().getSrcHostname()
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
             verificationStateBean.addRecord( userIdentity, IdentityVerificationMethod.TOKEN );
         }
         else
@@ -898,7 +898,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     pwmSession.getSessionStateBean().getSrcAddress(),
                     pwmSession.getSessionStateBean().getSrcHostname()
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return outputVerificationResponseBean( pwmRequest, passed, verificationStateBean );
@@ -925,12 +925,12 @@ public class HelpdeskServlet extends ControlledPwmServlet
         }
 
         //clear pwm intruder setting.
-        pwmRequest.getPwmApplication().getIntruderManager().convenience().clearUserIdentity( userIdentity );
+        pwmRequest.getPwmDomain().getIntruderManager().convenience().clearUserIdentity( userIdentity );
 
         try
         {
 
-            final OtpService service = pwmRequest.getPwmApplication().getOtpService();
+            final OtpService service = pwmRequest.getPwmDomain().getOtpService();
             final ChaiUser chaiUser = HelpdeskServletUtil.getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
             service.clearOTPUserConfiguration( pwmRequest, userIdentity, chaiUser );
             {
@@ -943,7 +943,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         pwmRequest.getLabel().getSourceAddress(),
                         pwmRequest.getLabel().getSourceHostname()
                 );
-                pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+                pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
             }
         }
         catch ( final PwmOperationalException e )
@@ -995,7 +995,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final HashMap<String, Object> results = new HashMap<>();
         try
         {
-            results.put( "records", state.asViewableValidationRecords( pwmRequest.getPwmApplication(), pwmRequest.getLocale() ) );
+            results.put( "records", state.asViewableValidationRecords( pwmRequest.getPwmDomain(), pwmRequest.getLocale() ) );
         }
         catch ( final ChaiOperationException e )
         {
@@ -1017,7 +1017,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                 HelpdeskVerificationRequestBean.class
         );
 
-        final UserIdentity userIdentity = UserIdentity.fromKey( helpdeskVerificationRequestBean.getUserKey(), pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( helpdeskVerificationRequestBean.getUserKey(), pwmRequest.getPwmDomain() );
 
         boolean passed = false;
         {
@@ -1073,7 +1073,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     pwmSession.getSessionStateBean().getSrcAddress(),
                     pwmSession.getSessionStateBean().getSrcHostname()
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
             verificationStateBean.addRecord( userIdentity, IdentityVerificationMethod.ATTRIBUTES );
         }
         else
@@ -1087,7 +1087,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     pwmSession.getSessionStateBean().getSrcAddress(),
                     pwmSession.getSessionStateBean().getSrcHostname()
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return outputVerificationResponseBean( pwmRequest, passed, verificationStateBean );
@@ -1102,11 +1102,11 @@ public class HelpdeskServlet extends ControlledPwmServlet
     {
         // add a delay to prevent continuous checks
         final long delayMs = JavaHelper.silentParseLong( pwmRequest.getConfig().readAppProperty( AppProperty.HELPDESK_VERIFICATION_INVALID_DELAY_MS ), 500 );
-        TimeDuration.of( delayMs, TimeDuration.Unit.MILLISECONDS ).jitterPause( pwmRequest.getPwmApplication().getSecureService(), 0.3f );
+        TimeDuration.of( delayMs, TimeDuration.Unit.MILLISECONDS ).jitterPause( pwmRequest.getPwmDomain().getSecureService(), 0.3f );
 
         final HelpdeskVerificationResponseBean responseBean = new HelpdeskVerificationResponseBean(
                 passed,
-                verificationStateBean.toClientString( pwmRequest.getPwmApplication() )
+                verificationStateBean.toClientString( pwmRequest.getPwmDomain() )
         );
         final RestResultBean restResultBean = RestResultBean.withData( responseBean );
         pwmRequest.outputJsonResult( restResultBean );
@@ -1146,12 +1146,12 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
         final ChaiUser chaiUser = HelpdeskServletUtil.getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
         final String userGUID = LdapOperationsHelper.readLdapGuidValue(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 userIdentity,
                 true );
 
-        final CrService crService = pwmRequest.getPwmApplication().getCrService();
+        final CrService crService = pwmRequest.getPwmDomain().getCrService();
         crService.clearResponses(
                 pwmRequest.getLabel(),
                 userIdentity,
@@ -1161,7 +1161,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
         // mark the event log
         {
-            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmRequest.getPwmApplication(), pwmRequest ).createHelpdeskAuditRecord(
+            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory( pwmRequest.getPwmDomain(), pwmRequest ).createHelpdeskAuditRecord(
                     AuditEvent.HELPDESK_CLEAR_RESPONSES,
                     pwmRequest.getPwmSession().getUserInfo().getUserIdentity(),
                     null,
@@ -1169,7 +1169,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress(),
                     pwmRequest.getPwmSession().getSessionStateBean().getSrcHostname()
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         final RestResultBean restResultBean = RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown );
@@ -1185,14 +1185,14 @@ public class HelpdeskServlet extends ControlledPwmServlet
                 RestCheckPasswordServer.JsonInput.class
         );
 
-        final UserIdentity userIdentity = UserIdentity.fromKey( jsonInput.getUsername(), pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( jsonInput.getUsername(), pwmRequest.getPwmDomain() );
         final HelpdeskProfile helpdeskProfile = getHelpdeskProfile( pwmRequest );
 
         HelpdeskServletUtil.checkIfUserIdentityViewable( pwmRequest, helpdeskProfile, userIdentity );
 
         final ChaiUser chaiUser = HelpdeskServletUtil.getChaiUser( pwmRequest, getHelpdeskProfile( pwmRequest ), userIdentity );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
@@ -1210,7 +1210,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         }
 
         final PasswordUtility.PasswordCheckInfo passwordCheckInfo = PasswordUtility.checkEnteredPassword(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLocale(),
                 chaiUser,
                 userInfo,
@@ -1237,10 +1237,10 @@ public class HelpdeskServlet extends ControlledPwmServlet
                 RestSetPasswordServer.JsonInputData.class
         );
 
-        final UserIdentity userIdentity = UserIdentity.fromKey( jsonInput.getUsername(), pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( jsonInput.getUsername(), pwmRequest.getPwmDomain() );
         final ChaiUser chaiUser = HelpdeskServletUtil.getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
@@ -1268,7 +1268,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                         + " is set to " + mode + " and no password is included in request" ) );
             }
             final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getLabel(),
                     userIdentity,
                     chaiUser,
@@ -1277,7 +1277,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             newPassword = RandomPasswordGenerator.createRandomPassword(
                     pwmRequest.getLabel(),
                     passwordPolicy,
-                    pwmRequest.getPwmApplication()
+                    pwmRequest.getPwmDomain()
             );
         }
         else
@@ -1299,7 +1299,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
                     pwmRequest,
                     chaiUser,
                     userInfo,
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     newPassword
             );
         }
@@ -1318,7 +1318,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
     private ProcessStatus processRandomPasswordAction( final PwmRequest pwmRequest ) throws IOException, PwmUnrecoverableException, ChaiUnavailableException
     {
         final RestRandomPasswordServer.JsonInput input = JsonUtil.deserialize( pwmRequest.readRequestBodyAsString(), RestRandomPasswordServer.JsonInput.class );
-        final UserIdentity userIdentity = UserIdentity.fromKey( input.getUsername(), pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( input.getUsername(), pwmRequest.getPwmDomain() );
 
         final HelpdeskProfile helpdeskProfile = getHelpdeskProfile( pwmRequest );
 
@@ -1326,7 +1326,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
         final ChaiUser chaiUser = HelpdeskServletUtil.getChaiUser( pwmRequest, helpdeskProfile, userIdentity );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
@@ -1339,7 +1339,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         randomConfigBuilder.passwordPolicy( userInfo.getPasswordPolicy() );
 
         final RandomPasswordGenerator.RandomGeneratorConfig randomConfig = randomConfigBuilder.build();
-        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomConfig, pwmRequest.getPwmApplication() );
+        final PasswordData randomPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), randomConfig, pwmRequest.getPwmDomain() );
         final RestRandomPasswordServer.JsonOutput jsonOutput = new RestRandomPasswordServer.JsonOutput();
         jsonOutput.setPassword( randomPassword.getStringValue() );
 
@@ -1374,7 +1374,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_MISSING_PARAMETER, "userKey parameter is missing" );
             throw new PwmUnrecoverableException( errorInformation );
         }
-        return UserIdentity.fromKey( userKey, pwmRequest.getPwmApplication() );
+        return UserIdentity.fromKey( userKey, pwmRequest.getPwmDomain() );
     }
 
     static PhotoDataReader photoDataReader( final PwmRequest pwmRequest, final HelpdeskProfile helpdeskProfile, final UserIdentity userIdentity )

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServletUtil.java

@@ -210,9 +210,9 @@ public class HelpdeskServletUtil
     )
             throws ChaiUnavailableException, PwmUnrecoverableException
     {
-        final UserIdentity actorUserIdentity = pwmRequest.getUserInfoIfLoggedIn().canonicalized( pwmRequest.getPwmApplication() );
+        final UserIdentity actorUserIdentity = pwmRequest.getUserInfoIfLoggedIn().canonicalized( pwmRequest.getPwmDomain() );
 
-        if ( actorUserIdentity.canonicalEquals( userIdentity, pwmRequest.getPwmApplication() ) )
+        if ( actorUserIdentity.canonicalEquals( userIdentity, pwmRequest.getPwmDomain() ) )
         {
             final String errorMsg = "cannot select self";
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_UNAUTHORIZED, errorMsg );
@@ -241,7 +241,7 @@ public class HelpdeskServletUtil
                 pwmRequest.getLabel().getSourceAddress(),
                 pwmRequest.getLabel().getSourceHostname()
         );
-        pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+        pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
 
         StatisticsManager.incrementStat( pwmRequest, Statistic.HELPDESK_USER_LOOKUP );
         return helpdeskDetailInfoBean;
@@ -256,7 +256,7 @@ public class HelpdeskServletUtil
             throw new PwmUnrecoverableException( errorInformation );
         }
 
-        return UserIdentity.fromObfuscatedKey( userKey, pwmRequest.getPwmApplication() );
+        return UserIdentity.fromObfuscatedKey( userKey, pwmRequest.getPwmDomain() );
     }
 
 
@@ -292,7 +292,7 @@ public class HelpdeskServletUtil
     )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmRequest.getConfig();
         final Locale locale = pwmRequest.getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_HELPDESK_UNLOCK, locale );
@@ -304,7 +304,7 @@ public class HelpdeskServletUtil
         }
 
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 userIdentity,
@@ -329,7 +329,7 @@ public class HelpdeskServletUtil
     {
         final boolean useProxy = helpdeskProfile.readSettingAsBoolean( PwmSetting.HELPDESK_USE_PROXY );
         return useProxy
-                ? pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity )
+                ? pwmRequest.getPwmDomain().getProxiedChaiUser( userIdentity )
                 : pwmRequest.getPwmSession().getSessionManager().getActor( userIdentity );
     }
 
@@ -341,7 +341,7 @@ public class HelpdeskServletUtil
             throws PwmUnrecoverableException
     {
         return UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 targetUserIdentity,
@@ -357,7 +357,7 @@ public class HelpdeskServletUtil
             throws PwmUnrecoverableException
     {
         final MacroRequest macroRequest = MacroRequest.forUser(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 getTargetUserInfo( pwmRequest, helpdeskProfile, targetUserIdentity ),
                 pwmRequest.getPwmSession().getLoginInfoBean()

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskVerificationOptionsBean.java

@@ -73,7 +73,7 @@ public class HelpdeskVerificationOptionsBean implements Serializable
     {
         final ChaiUser theUser = HelpdeskServletUtil.getChaiUser( pwmRequest, helpdeskProfile, targetUser );
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 pwmRequest.getLocale(),
                 targetUser,
@@ -109,7 +109,7 @@ public class HelpdeskVerificationOptionsBean implements Serializable
                 try
                 {
                     returnList.addAll( TokenUtil.figureAvailableTokenDestinations(
-                            pwmRequest.getPwmApplication(),
+                            pwmRequest.getPwmDomain(),
                             pwmRequest.getLabel(),
                             pwmRequest.getLocale(),
                             userInfo,

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskVerificationStateBean.java

@@ -174,7 +174,7 @@ class HelpdeskVerificationStateBean implements Serializable
         HelpdeskVerificationStateBean state = null;
         if ( rawValue != null && !rawValue.isEmpty() )
         {
-            state = pwmRequest.getPwmApplication().getSecureService().decryptObject( rawValue, HelpdeskVerificationStateBean.class );
+            state = pwmRequest.getPwmDomain().getSecureService().decryptObject( rawValue, HelpdeskVerificationStateBean.class );
             if ( !state.getActor().equals( actor ) )
             {
                 state = null;

server/src/main/java/password/pwm/http/servlet/newuser/NewUserFormUtils.java

@@ -102,7 +102,7 @@ class NewUserFormUtils
     )
             throws PwmOperationalException, PwmUnrecoverableException
     {
-        final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+        final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
 
         final Map<String, String> payloadMap = tokenPayload.getData();
 
@@ -129,7 +129,7 @@ class NewUserFormUtils
         newUserTokenData.setCurrentTokenField( newUserBean.getCurrentTokenField() );
         newUserTokenData.setCompletedTokenFields( newUserBean.getCompletedTokenFields() );
 
-        final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+        final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
         final String encodedTokenData = secureService.encryptObjectToString( newUserTokenData );
         final Map<String, String> payloadMap = new HashMap<>();
         payloadMap.put( NewUserServlet.TOKEN_PAYLOAD_ATTR, encodedTokenData );

server/src/main/java/password/pwm/http/servlet/newuser/NewUserServlet.java

@@ -141,13 +141,13 @@ public class NewUserServlet extends ControlledPwmServlet
 
     static NewUserBean getNewUserBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, NewUserBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, NewUserBean.class );
     }
 
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
         final DomainConfig config = pwmDomain.getConfig();
 
@@ -199,7 +199,7 @@ public class NewUserServlet extends ControlledPwmServlet
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
         final NewUserBean newUserBean = getNewUserBean( pwmRequest );
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( newUserBean.getProfileID() == null )
@@ -370,7 +370,7 @@ public class NewUserServlet extends ControlledPwmServlet
     )
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final Locale locale = pwmRequest.getLocale();
 
         try
@@ -414,7 +414,7 @@ public class NewUserServlet extends ControlledPwmServlet
     {
         final Instant startTime = Instant.now();
         final Locale locale = pwmRequest.getLocale();
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final NewUserProfile newUserProfile = getNewUserProfile( pwmRequest );
         final List<FormConfiguration> formDefinition = newUserProfile.readSettingAsForm( PwmSetting.NEWUSER_FORM );
         final Map<FormConfiguration, String> formValueData = FormUtility.readFormValuesFromMap( newUserForm.getFormData(), formDefinition, locale );
@@ -725,7 +725,7 @@ public class NewUserServlet extends ControlledPwmServlet
     )
             throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, NewUserBean.class );
+        pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, NewUserBean.class );
         pwmRequest.sendRedirectToContinue();
 
         return ProcessStatus.Halt;
@@ -757,7 +757,7 @@ public class NewUserServlet extends ControlledPwmServlet
         }
 
         // -- process complete -- \\
-        pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, NewUserBean.class );
+        pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, NewUserBean.class );
 
         if ( pwmRequest.isAuthenticated() )
         {
@@ -800,7 +800,7 @@ public class NewUserServlet extends ControlledPwmServlet
 
     public static NewUserProfile getNewUserProfile( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        final String profileID = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, NewUserBean.class ).getProfileID();
+        final String profileID = pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, NewUserBean.class ).getProfileID();
         if ( profileID == null )
         {
             throw new IllegalStateException( "can not read new user profile until profile is selected" );

server/src/main/java/password/pwm/http/servlet/newuser/NewUserUtils.java

@@ -128,7 +128,7 @@ class NewUserUtils
     )
             throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final long startTime = System.currentTimeMillis();
@@ -155,8 +155,8 @@ class NewUserUtils
         }
         else
         {
-            final PwmPasswordPolicy pwmPasswordPolicy = newUserProfile.getNewUserPasswordPolicy( pwmRequest.getPwmApplication(), pwmRequest.getLocale() );
-            userPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), pwmPasswordPolicy, pwmRequest.getPwmApplication() );
+            final PwmPasswordPolicy pwmPasswordPolicy = newUserProfile.getNewUserPasswordPolicy( pwmRequest.getPwmDomain(), pwmRequest.getLocale() );
+            userPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), pwmPasswordPolicy, pwmRequest.getPwmDomain() );
         }
 
         // set up the user creation attributes
@@ -353,7 +353,7 @@ class NewUserUtils
         {
             final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile( pwmRequest );
             NewUserUtils.LOGGER.warn( pwmRequest, () -> "deleting ldap user account " + userDN );
-            newUserProfile.getLdapProfile().getProxyChaiProvider( pwmRequest.getPwmApplication() ).deleteEntry( userDN );
+            newUserProfile.getLdapProfile().getProxyChaiProvider( pwmRequest.getPwmDomain() ).deleteEntry( userDN );
             NewUserUtils.LOGGER.warn( pwmRequest, () -> "ldap user account " + userDN + " has been deleted" );
         }
         catch ( final ChaiUnavailableException | ChaiOperationException e )
@@ -371,7 +371,7 @@ class NewUserUtils
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
         final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile( pwmRequest );
-        final MacroRequest macroRequest = createMacroMachineForNewUser( pwmRequest.getPwmApplication(), newUserProfile, pwmRequest.getLabel(), formValues, null );
+        final MacroRequest macroRequest = createMacroMachineForNewUser( pwmRequest.getPwmDomain(), newUserProfile, pwmRequest.getLabel(), formValues, null );
         final List<String> configuredNames = newUserProfile.readSettingAsStringArray( PwmSetting.NEWUSER_USERNAME_DEFINITION );
         final List<String> failedValues = new ArrayList<>();
 
@@ -445,7 +445,7 @@ class NewUserUtils
     )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
+        final UserSearchEngine userSearchEngine = pwmRequest.getPwmDomain().getUserSearchEngine();
         final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                 .username( rdnValue )
                 .build();
@@ -482,7 +482,7 @@ class NewUserUtils
             return;
         }
 
-        pwmRequest.getPwmApplication().getEmailQueue().submitEmail(
+        pwmRequest.getPwmDomain().getEmailQueue().submitEmail(
                 configuredEmailSetting,
                 pwmSession.getUserInfo(),
                 pwmSession.getSessionManager().getMacroMachine( )
@@ -582,7 +582,7 @@ class NewUserUtils
     )
             throws PwmUnrecoverableException, PwmDataValidationException
     {
-        final RestFormDataClient restFormDataClient = new RestFormDataClient( pwmRequest.getPwmApplication(), pwmRequest.getLabel() );
+        final RestFormDataClient restFormDataClient = new RestFormDataClient( pwmRequest.getPwmDomain(), pwmRequest.getLabel() );
         if ( !restFormDataClient.isEnabled() )
         {
             return;
@@ -701,14 +701,14 @@ class NewUserUtils
             throws PwmUnrecoverableException
     {
         final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile( pwmRequest );
-        final UserInfo userInfo = createUserInfoBeanForNewUser( pwmRequest.getPwmApplication(), newUserProfile, newUserBean.getNewUserForm() );
+        final UserInfo userInfo = createUserInfoBeanForNewUser( pwmRequest.getPwmDomain(), newUserProfile, newUserBean.getNewUserForm() );
 
         final VerificationMethodSystem remoteMethod;
         if ( newUserBean.getRemoteRecoveryMethod() == null )
         {
             remoteMethod = new RemoteVerificationMethod();
             remoteMethod.init(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     userInfo,
                     pwmRequest.getLabel(),
                     pwmRequest.getLocale()
@@ -761,7 +761,7 @@ class NewUserUtils
 
                     final Map<String, String> tokenPayloadMap = NewUserFormUtils.toTokenPayload( pwmRequest, newUserBean );
                     final MacroRequest macroRequest = createMacroMachineForNewUser(
-                            pwmRequest.getPwmApplication(),
+                            pwmRequest.getPwmDomain(),
                             newUserProfile,
                             pwmRequest.getLabel(),
                             newUserBean.getNewUserForm(),

server/src/main/java/password/pwm/http/servlet/oauth/OAuthConsumerServlet.java

@@ -75,7 +75,7 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
     protected void processAction( final PwmRequest pwmRequest )
             throws ServletException, IOException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final DomainConfig config = pwmRequest.getConfig();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
@@ -333,7 +333,7 @@ public class OAuthConsumerServlet extends AbstractPwmServlet
     private void redirectToForgottenPasswordServlet( final PwmRequest pwmRequest, final String oauthSuppliedUsername ) throws IOException, PwmUnrecoverableException
     {
         final OAuthForgottenPasswordResults results = new OAuthForgottenPasswordResults( true, oauthSuppliedUsername );
-        final String encryptedResults = pwmRequest.getPwmApplication().getSecureService().encryptObjectToString( results );
+        final String encryptedResults = pwmRequest.getPwmDomain().getSecureService().encryptObjectToString( results );
 
         final Map<String, String> httpParams = new HashMap<>();
         httpParams.put( PwmConstants.PARAM_RECOVERY_OAUTH_RESULT, encryptedResults );

server/src/main/java/password/pwm/http/servlet/oauth/OAuthMachine.java

@@ -85,7 +85,7 @@ public class OAuthMachine
         final String requestStateStr = pwmRequest.readParameterAsString( pwmRequest.getConfig().readAppProperty( AppProperty.HTTP_PARAM_OAUTH_STATE ) );
         if ( requestStateStr != null )
         {
-            final String stateJson = pwmRequest.getPwmApplication().getSecureService().decryptStringValue( requestStateStr );
+            final String stateJson = pwmRequest.getPwmDomain().getSecureService().decryptStringValue( requestStateStr );
             final OAuthState oAuthState = JsonUtil.deserialize( stateJson, OAuthState.class );
             if ( oAuthState != null )
             {
@@ -299,7 +299,7 @@ public class OAuthMachine
                     .certificates( JavaHelper.isEmpty( certs ) ? null : certs )
                     .maskBodyDebugOutput( true )
                     .build();
-            final PwmHttpClient pwmHttpClient = pwmRequest.getPwmApplication().getHttpClientService().getPwmHttpClient( config );
+            final PwmHttpClient pwmHttpClient = pwmRequest.getPwmDomain().getHttpClientService().getPwmHttpClient( config );
             pwmHttpClientResponse = pwmHttpClient.makeRequest( pwmHttpClientRequest, pwmRequest.getLabel() );
         }
         catch ( final PwmException e )
@@ -441,7 +441,7 @@ public class OAuthMachine
 
 
         final String jsonValue = JsonUtil.serialize( oAuthState );
-        return pwmRequest.getPwmApplication().getSecureService().encryptToString( jsonValue );
+        return pwmRequest.getPwmDomain().getSecureService().encryptToString( jsonValue );
     }
 
     private String figureUsernameGrantParam(

server/src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchDataReader.java

@@ -118,7 +118,7 @@ class PeopleSearchDataReader
 
         {
             // try to serve from cache first
-            final SearchResultBean cachedResult = pwmRequest.getPwmApplication().getCacheService().get( cacheKey, SearchResultBean.class );
+            final SearchResultBean cachedResult = pwmRequest.getPwmDomain().getCacheService().get( cacheKey, SearchResultBean.class );
             if ( cachedResult != null )
             {
                 final SearchResultBean copyWithCacheSet = cachedResult.toBuilder().fromCache( true ).build();
@@ -159,7 +159,7 @@ class PeopleSearchDataReader
 
         {
             // if value is cached then return;
-            final OrgChartDataBean cachedOutput = pwmRequest.getPwmApplication().getCacheService().get( cacheKey, OrgChartDataBean.class );
+            final OrgChartDataBean cachedOutput = pwmRequest.getPwmDomain().getCacheService().get( cacheKey, OrgChartDataBean.class );
             if ( cachedOutput != null )
             {
                 StatisticsManager.incrementStat( pwmRequest, Statistic.PEOPLESEARCH_CACHE_HITS );
@@ -246,7 +246,7 @@ class PeopleSearchDataReader
 
         final CacheKey cacheKey = makeCacheKey( UserDetailBean.class.getSimpleName(), userIdentity.toDelimitedKey() );
         {
-            final UserDetailBean cachedOutput = pwmRequest.getPwmApplication().getCacheService().get( cacheKey, UserDetailBean.class );
+            final UserDetailBean cachedOutput = pwmRequest.getPwmDomain().getCacheService().get( cacheKey, UserDetailBean.class );
             if ( cachedOutput != null )
             {
                 StatisticsManager.incrementStat( pwmRequest, Statistic.PEOPLESEARCH_CACHE_HITS );
@@ -264,7 +264,7 @@ class PeopleSearchDataReader
         final Map<String, String> searchResults = detailResults.getResults().get( userIdentity );
 
         final UserDetailBean userDetailBean = new UserDetailBean();
-        userDetailBean.setUserKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
+        userDetailBean.setUserKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmDomain() ) );
         final List<FormConfiguration> detailFormConfig = this.peopleSearchConfiguration.getSearchDetailForm();
         final Map<String, AttributeDetailBean> attributeBeans = convertResultMapToBeans( userIdentity, detailFormConfig, searchResults );
 
@@ -376,7 +376,7 @@ class PeopleSearchDataReader
         {
             userIdentity = null;
         }
-        final String keyString = operationIdentifier + "|" + pwmRequest.getPwmApplication().getSecureService().hash( dataIdentifier );
+        final String keyString = operationIdentifier + "|" + pwmRequest.getPwmDomain().getSecureService().hash( dataIdentifier );
         return CacheKey.newKey(
                 this.getClass(),
                 userIdentity,
@@ -389,7 +389,7 @@ class PeopleSearchDataReader
             throws PwmUnrecoverableException
     {
         final OrgChartReferenceBean orgChartReferenceBean = new OrgChartReferenceBean();
-        orgChartReferenceBean.setUserKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
+        orgChartReferenceBean.setUserKey( userIdentity.toObfuscatedKey( pwmRequest.getPwmDomain() ) );
         final PhotoDataReader photoDataReader = photoDataReader( userIdentity );
         orgChartReferenceBean.setPhotoURL( photoDataReader.figurePhotoURL( ) );
 
@@ -455,7 +455,7 @@ class PeopleSearchDataReader
     )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final TimeDuration maxCacheTime = this.peopleSearchConfiguration.getMaxCacheTime();
         if ( !maxCacheTime.isZero() )
         {
@@ -472,7 +472,7 @@ class PeopleSearchDataReader
     )
             throws PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final CacheKey cacheKey = makeCacheKey( operationIdentifier.name(), dataIdentifier );
         final TimeDuration maxCacheTime = this.peopleSearchConfiguration.getMaxCacheTime();
         final CachePolicy cachePolicy = CachePolicy.makePolicyWithExpiration( maxCacheTime );
@@ -552,7 +552,7 @@ class PeopleSearchDataReader
                         {
                             final String displayValue = figureDisplaynameValue( pwmRequest, loopIdentity );
                             final UserReferenceBean userReference = new UserReferenceBean();
-                            userReference.setUserKey( loopIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
+                            userReference.setUserKey( loopIdentity.toObfuscatedKey( pwmRequest.getPwmDomain() ) );
                             userReference.setDisplayName( displayValue );
                             userReferences.put( displayValue, userReference );
                         }
@@ -591,15 +591,15 @@ class PeopleSearchDataReader
             throws PwmUnrecoverableException
     {
         final Locale locale = pwmRequest.getLocale();
-        final ChaiProvider chaiProvider = pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity ).getChaiProvider();
+        final ChaiProvider chaiProvider = pwmRequest.getPwmDomain().getProxiedChaiUser( userIdentity ).getChaiProvider();
         final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                pwmRequest.getPwmApplication(),
+                pwmRequest.getPwmDomain(),
                 pwmRequest.getLabel(),
                 locale,
                 userIdentity,
                 chaiProvider
         );
-        return MacroRequest.forUser( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userInfo, null );
+        return MacroRequest.forUser( pwmRequest.getPwmDomain(), pwmRequest.getLabel(), userInfo, null );
     }
 
     void checkIfUserIdentityViewable(
@@ -700,7 +700,7 @@ class PeopleSearchDataReader
     {
         final boolean useProxy = useProxy();
         return useProxy
-                ? pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity )
+                ? pwmRequest.getPwmDomain().getProxiedChaiUser( userIdentity )
                 : pwmRequest.getPwmSession().getSessionManager().getActor( userIdentity );
     }
 
@@ -816,7 +816,7 @@ class PeopleSearchDataReader
             searchConfiguration = builder.build();
         }
 
-        final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
+        final UserSearchEngine userSearchEngine = pwmRequest.getPwmDomain().getUserSearchEngine();
 
         final UserSearchResults results;
         final boolean sizeExceeded;
@@ -835,7 +835,7 @@ class PeopleSearchDataReader
             throw new PwmUnrecoverableException( errorInformation );
         }
 
-        final List<Map<String, Object>> resultOutput = new ArrayList<>( results.resultsAsJsonOutput( pwmRequest.getPwmApplication(), null ) );
+        final List<Map<String, Object>> resultOutput = new ArrayList<>( results.resultsAsJsonOutput( pwmRequest.getPwmDomain(), null ) );
         if ( searchRequest.isIncludeDisplayName() )
         {
             for ( final Map<String, Object> map : resultOutput )
@@ -843,7 +843,7 @@ class PeopleSearchDataReader
                 final String userKey = ( String ) map.get( "userKey" );
                 if ( userKey != null )
                 {
-                    final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmApplication() );
+                    final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmDomain() );
                     final String displayValue = figureDisplaynameValue( pwmRequest, userIdentity );
                     map.put( "_displayName", displayValue );
                 }
@@ -936,7 +936,7 @@ class PeopleSearchDataReader
         final Instant startTime = Instant.now();
         LOGGER.trace( pwmRequest, () -> "beginning csv export starting with user " + userIdentity.toDisplayString() + " and depth of " + depth );
 
-        final ThreadPoolExecutor executor = pwmRequest.getPwmApplication().getPeopleSearchService().getJobExecutor();
+        final ThreadPoolExecutor executor = pwmRequest.getPwmDomain().getPeopleSearchService().getJobExecutor();
 
         final AtomicInteger rowCounter = new AtomicInteger( 0 );
         final OrgChartExportState orgChartExportState = new OrgChartExportState(

server/src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchServlet.java

@@ -176,7 +176,7 @@ public abstract class PeopleSearchServlet extends ControlledPwmServlet
             }
             else
             {
-                userIdentity = UserIdentity.fromObfuscatedKey( userKey, pwmRequest.getPwmApplication() );
+                userIdentity = UserIdentity.fromObfuscatedKey( userKey, pwmRequest.getPwmDomain() );
             }
         }
 
@@ -220,7 +220,7 @@ public abstract class PeopleSearchServlet extends ControlledPwmServlet
 
         addExpiresHeadersToResponse( pwmRequest );
         pwmRequest.outputJsonResult( RestResultBean.withData( detailData ) );
-        pwmRequest.getPwmApplication().getStatisticsManager().incrementValue( Statistic.PEOPLESEARCH_DETAILS );
+        pwmRequest.getPwmDomain().getStatisticsManager().incrementValue( Statistic.PEOPLESEARCH_DETAILS );
 
         return ProcessStatus.Halt;
     }
@@ -351,7 +351,7 @@ public abstract class PeopleSearchServlet extends ControlledPwmServlet
 
         final PeopleSearchProfile peopleSearchProfile = peopleSearchProfile( pwmRequest );
         final PeopleSearchDataReader peopleSearchDataReader = new PeopleSearchDataReader( pwmRequest, peopleSearchProfile );
-        final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmApplication() );
+        final UserIdentity userIdentity = UserIdentity.fromKey( userKey, pwmRequest.getPwmDomain() );
         peopleSearchDataReader.checkIfUserIdentityViewable( userIdentity );
         return userIdentity;
     }

server/src/main/java/password/pwm/http/servlet/peoplesearch/PhotoDataReader.java

@@ -123,7 +123,7 @@ public class PhotoDataReader
             return true;
         }
 
-        final boolean hasPermission = UserPermissionUtility.testUserPermission( pwmRequest.getPwmApplication(), pwmRequest.getLabel(), userIdentity, permissions );
+        final boolean hasPermission = UserPermissionUtility.testUserPermission( pwmRequest.getPwmDomain(), pwmRequest.getLabel(), userIdentity, permissions );
         if ( !hasPermission )
         {
             LOGGER.debug( pwmRequest, () -> "user " + userIdentity + " failed photo query filter, denying photo view ("
@@ -152,7 +152,7 @@ public class PhotoDataReader
             case ServerHttp:
                 String returnUrl = pwmRequest.getURLwithoutQueryString();
                 returnUrl = PwmURL.appendAndEncodeUrlParameters( returnUrl, PwmConstants.PARAM_ACTION_REQUEST, PeopleSearchServlet.PeopleSearchActions.photo.name() );
-                returnUrl = PwmURL.appendAndEncodeUrlParameters( returnUrl, PwmConstants.PARAM_USERKEY,  userIdentity.toObfuscatedKey( pwmRequest.getPwmApplication() ) );
+                returnUrl = PwmURL.appendAndEncodeUrlParameters( returnUrl, PwmConstants.PARAM_USERKEY,  userIdentity.toObfuscatedKey( pwmRequest.getPwmDomain() ) );
                 return returnUrl;
 
             default:
@@ -216,7 +216,7 @@ public class PhotoDataReader
     {
         return LdapOperationsHelper.readPhotoDataFromLdap(
                 pwmRequest.getConfig(),
-                pwmRequest.getPwmApplication().getProxiedChaiUser( userIdentity ).getChaiProvider(),
+                pwmRequest.getPwmDomain().getProxiedChaiUser( userIdentity ).getChaiProvider(),
                 userIdentity
         );
     }
@@ -235,7 +235,7 @@ public class PhotoDataReader
             final PwmHttpClientConfiguration configuration = PwmHttpClientConfiguration.builder()
                     .trustManagerType( PwmHttpClientConfiguration.TrustManagerType.promiscuous )
                     .build();
-            final PwmHttpClient pwmHttpClient = pwmRequest.getPwmApplication().getHttpClientService().getPwmHttpClient( configuration );
+            final PwmHttpClient pwmHttpClient = pwmRequest.getPwmDomain().getHttpClientService().getPwmHttpClient( configuration );
             final PwmHttpClientRequest clientRequest = PwmHttpClientRequest.builder()
                     .method( HttpMethod.GET )
                     .url( overrideURL.get() )

server/src/main/java/password/pwm/http/servlet/resource/ResourceFileServlet.java

@@ -140,7 +140,7 @@ public class ResourceFileServlet extends HttpServlet implements PwmServlet
                     "unable to process resource request for request method " + pwmRequest.getMethod() ) );
         }
 
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final ResourceServletService resourceService = pwmDomain.getResourceServletService();
         final ResourceServletConfiguration resourceConfiguration = resourceService.getResourceServletConfiguration();
 

server/src/main/java/password/pwm/http/servlet/updateprofile/UpdateProfileServlet.java

@@ -146,7 +146,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
 
     private static UpdateProfileBean getBean( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        return pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, UpdateProfileBean.class );
+        return pwmRequest.getPwmDomain().getSessionStateService().getBean( pwmRequest, UpdateProfileBean.class );
     }
 
     @ActionHandler( action = "enterCode" )
@@ -226,14 +226,14 @@ public class UpdateProfileServlet extends ControlledPwmServlet
             final Map<FormConfiguration, String> formValues = UpdateProfileUtil.readFromJsonRequest( pwmRequest, updateProfileProfile, updateProfileBean );
 
             // verify form meets the form requirements
-            UpdateProfileUtil.verifyFormAttributes( pwmRequest.getPwmApplication(), pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getLocale(), formValues, true );
+            UpdateProfileUtil.verifyFormAttributes( pwmRequest.getPwmDomain(), pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getLocale(), formValues, true );
 
             updateProfileBean.getFormData().putAll( FormUtility.asStringMap( formValues ) );
         }
         catch ( final PwmOperationalException e )
         {
             success = false;
-            userMessage = e.getErrorInformation().toUserStr( pwmRequest.getPwmSession(), pwmRequest.getPwmApplication() );
+            userMessage = e.getErrorInformation().toUserStr( pwmRequest.getPwmSession(), pwmRequest.getPwmDomain() );
         }
 
         final ValidateResponse response = new ValidateResponse();
@@ -261,7 +261,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
                 break;
 
             case exitProfileUpdate:
-                pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, UpdateProfileBean.class );
+                pwmRequest.getPwmDomain().getSessionStateService().clearBean( pwmRequest, UpdateProfileBean.class );
                 pwmRequest.sendRedirectToContinue();
                 return ProcessStatus.Halt;
 
@@ -290,7 +290,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
                     pwmRequest.getLabel(),
                     "UpdateProfile"
             );
-            pwmRequest.getPwmApplication().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmRequest.getPwmDomain().getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
         }
 
         return ProcessStatus.Continue;
@@ -334,7 +334,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
     protected void nextStep( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         final UpdateProfileBean updateProfileBean = getBean( pwmRequest );
         final UpdateProfileProfile updateProfileProfile = getProfile( pwmRequest );
         final PwmSession pwmSession = pwmRequest.getPwmSession();
@@ -381,7 +381,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
             // verify form meets the form requirements
             final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm( PwmSetting.UPDATE_PROFILE_FORM );
             final Map<FormConfiguration, String> formValues = FormUtility.readFormValuesFromMap( updateProfileBean.getFormData(), formFields, pwmRequest.getLocale() );
-            UpdateProfileUtil.verifyFormAttributes( pwmRequest.getPwmApplication(), pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getLocale(), formValues, true );
+            UpdateProfileUtil.verifyFormAttributes( pwmRequest.getPwmDomain(), pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getLocale(), formValues, true );
         }
         catch ( final PwmException e )
         {
@@ -410,7 +410,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
             // write the form values
             final ChaiUser theUser = pwmSession.getSessionManager().getActor( );
             UpdateProfileUtil.doProfileUpdate(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     pwmSession.getUserInfo(),
@@ -450,7 +450,7 @@ public class UpdateProfileServlet extends ControlledPwmServlet
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        if ( !pwmRequest.getPwmApplication().getConfig().readSettingAsBoolean( PwmSetting.UPDATE_PROFILE_ENABLE ) )
+        if ( !pwmRequest.getPwmDomain().getConfig().readSettingAsBoolean( PwmSetting.UPDATE_PROFILE_ENABLE ) )
         {
             pwmRequest.respondWithError( new ErrorInformation(
                     PwmError.ERROR_SERVICE_NOT_AVAILABLE,

server/src/main/java/password/pwm/http/state/CryptoCookieBeanImpl.java

@@ -61,7 +61,7 @@ class CryptoCookieBeanImpl implements SessionBeanProvider
         {
             final String rawValue = pwmRequest.readCookie( cookieName );
             final PwmSecurityKey key = keyForSession( pwmRequest );
-            final E cookieBean = pwmRequest.getPwmApplication().getSecureService().decryptObject( rawValue, key, theClass );
+            final E cookieBean = pwmRequest.getPwmDomain().getSecureService().decryptObject( rawValue, key, theClass );
             if ( validateCookie( pwmRequest, cookieName, cookieBean ) )
             {
                 sessionBeans.put( theClass, cookieBean );
@@ -148,7 +148,7 @@ class CryptoCookieBeanImpl implements SessionBeanProvider
                         else
                         {
                             final PwmSecurityKey key = keyForSession( pwmRequest );
-                            final String encrytedValue = pwmRequest.getPwmApplication().getSecureService().encryptObjectToString( entry.getValue(), key );
+                            final String encrytedValue = pwmRequest.getPwmDomain().getSecureService().encryptObjectToString( entry.getValue(), key );
                             pwmRequest.getPwmResponse().writeCookie( cookieName, encrytedValue, -1, COOKIE_PATH );
                         }
                     }
@@ -183,7 +183,7 @@ class CryptoCookieBeanImpl implements SessionBeanProvider
     private static String nameForClass( final PwmRequest pwmRequest, final Class<? extends PwmSessionBean> theClass )
             throws PwmUnrecoverableException
     {
-        final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+        final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
         return "b-" + StringUtil.truncate( secureService.hash( theClass.getName() ), 8 );
     }
 
@@ -197,7 +197,7 @@ class CryptoCookieBeanImpl implements SessionBeanProvider
             throws PwmUnrecoverableException
     {
         final PwmSecurityKey pwmSecurityKey = pwmRequest.getConfig().getSecurityKey();
-        final String keyHash = pwmSecurityKey.keyHash( pwmRequest.getPwmApplication().getSecureService() );
+        final String keyHash = pwmSecurityKey.keyHash( pwmRequest.getPwmDomain().getSecureService() );
         final String userGuid = pwmRequest.getPwmSession().getLoginInfoBean().getGuid();
         return new PwmSecurityKey( keyHash + userGuid );
     }

server/src/main/java/password/pwm/http/state/CryptoCookieLoginImpl.java

@@ -178,7 +178,7 @@ class CryptoCookieLoginImpl implements SessionLoginProvider
             {
                 LOGGER.debug( pwmRequest, () -> "triggering authentication because request contains an authenticated session but local session is unauthenticated" );
                 final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
-                        pwmRequest.getPwmApplication(),
+                        pwmRequest.getPwmDomain(),
                         pwmRequest,
                         remoteLoginCookie.getAuthSource()
                 );
@@ -279,7 +279,7 @@ class CryptoCookieLoginImpl implements SessionLoginProvider
         {
             final String logMsg = "login cookie session was generated by a foreign instance, seen login cookie value = "
                     + remoteLoginInfoBean.toDebugString();
-            StatisticsManager.incrementStat( pwmRequest.getPwmApplication(), Statistic.FOREIGN_SESSIONS_ACCEPTED );
+            StatisticsManager.incrementStat( pwmRequest.getPwmDomain(), Statistic.FOREIGN_SESSIONS_ACCEPTED );
             LOGGER.trace( pwmRequest, () -> logMsg );
         }
     }

server/src/main/java/password/pwm/http/state/CryptoRequestBeanImpl.java

@@ -48,11 +48,11 @@ public class CryptoRequestBeanImpl implements SessionBeanProvider
         final String submittedPwmFormID = pwmRequest.readParameterAsString( PwmConstants.PARAM_FORM_ID );
         if ( submittedPwmFormID != null && submittedPwmFormID.length() > 0 )
         {
-            final FormNonce formNonce = pwmRequest.getPwmApplication().getSecureService().decryptObject(
+            final FormNonce formNonce = pwmRequest.getPwmDomain().getSecureService().decryptObject(
                     submittedPwmFormID,
                     FormNonce.class
             );
-            final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+            final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
             final E bean = secureService.decryptObject( formNonce.getPayload(), theClass );
             cachedMap.put( theClass, bean );
             return bean;
@@ -71,7 +71,7 @@ public class CryptoRequestBeanImpl implements SessionBeanProvider
     @Override
     public String getSessionStateInfo( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
+        final SecureService secureService = pwmRequest.getPwmDomain().getSecureService();
         final Map<Class, PwmSessionBean> cachedMap = ( Map<Class, PwmSessionBean> ) pwmRequest.getHttpServletRequest().getAttribute( attrName );
         if ( cachedMap == null || cachedMap.isEmpty() )
         {

server/src/main/java/password/pwm/http/tag/ErrorMessageTag.java

@@ -21,7 +21,7 @@
 package password.pwm.http.tag;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmDomain;
+import password.pwm.PwmApplication;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmException;
 import password.pwm.error.PwmUnrecoverableException;
@@ -51,17 +51,17 @@ public class ErrorMessageTag extends PwmAbstractTag
         try
         {
             final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
-            PwmDomain pwmDomain = null;
+            PwmApplication pwmApplication = null;
             try
             {
-                pwmDomain = ContextManager.getPwmApplication( pageContext.getRequest() );
+                pwmApplication = ContextManager.getPwmApplication( pageContext.getRequest() );
             }
             catch ( final PwmException e )
             {
                 /* noop */
             }
 
-            if ( pwmRequest == null || pwmDomain == null )
+            if ( pwmRequest == null || pwmApplication == null )
             {
                 return EVAL_PAGE;
             }
@@ -71,9 +71,9 @@ public class ErrorMessageTag extends PwmAbstractTag
             if ( error != null )
             {
                 final boolean allowHtml = Boolean.parseBoolean( pwmRequest.getConfig().readAppProperty( AppProperty.HTTP_ERRORS_ALLOW_HTML ) );
-                final boolean showErrorDetail = pwmDomain.determineIfDetailErrorMsgShown();
+                final boolean showErrorDetail = pwmApplication.getDefaultDomain().determineIfDetailErrorMsgShown();
 
-                String outputMsg = error.toUserStr( pwmRequest.getPwmSession(), pwmDomain );
+                String outputMsg = error.toUserStr( pwmRequest.getPwmSession(), pwmApplication.getDefaultDomain() );
                 if ( !allowHtml )
                 {
                     outputMsg = StringUtil.escapeHtml( outputMsg );

server/src/main/java/password/pwm/http/tag/PasswordRequirementsTag.java

@@ -570,7 +570,7 @@ public class PasswordRequirementsTag extends TagSupport
         {
             final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
             final PwmSession pwmSession = pwmRequest.getPwmSession();
-            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
             final DomainConfig config = pwmDomain.getConfig();
             final Locale locale = pwmSession.getSessionStateBean().getLocale();
 

server/src/main/java/password/pwm/http/tag/PwmFormIDTag.java

@@ -41,12 +41,12 @@ public class PwmFormIDTag extends TagSupport
 
     private static String buildPwmFormID( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
-        if ( pwmRequest == null || pwmRequest.getPwmApplication() == null )
+        if ( pwmRequest == null || pwmRequest.getPwmDomain() == null )
         {
             return "";
         }
 
-        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
         if ( pwmDomain == null )
         {
             return "";
@@ -59,7 +59,7 @@ public class PwmFormIDTag extends TagSupport
                 pwmRequest.getPwmSession().getLoginInfoBean().getReqCounter(),
                 value
         );
-        return pwmRequest.getPwmApplication().getSecureService().encryptObjectToString( formID );
+        return pwmRequest.getPwmDomain().getSecureService().encryptObjectToString( formID );
     }
 
     @Override

server/src/main/java/password/pwm/http/tag/PwmScriptRefTag.java

@@ -56,7 +56,7 @@ public class PwmScriptRefTag extends TagSupport
             String url = getUrl();
             url = PwmUrlTag.convertUrl( url );
             url = PwmUrlTag.insertContext( pageContext, url );
-            url = PwmUrlTag.insertResourceNonce( pwmRequest.getPwmApplication(), url );
+            url = PwmUrlTag.insertResourceNonce( pwmRequest.getPwmDomain(), url );
 
             final String output = "<script type=\"text/javascript\" nonce=\"" + cspNonce + "\" src=\"" + url + "\"></script><noscript></noscript>";
             pageContext.getOut().write( output );

server/src/main/java/password/pwm/http/tag/conditional/PwmIfTest.java

@@ -151,7 +151,7 @@ public enum PwmIfTest
                 final PwmIfOptions options
         )
         {
-            if ( pwmRequest.getPwmApplication() != null && pwmRequest.getConfig() != null )
+            if ( pwmRequest.getPwmDomain() != null && pwmRequest.getConfig() != null )
             {
                 final String strValue = pwmRequest.getConfig().readAppProperty( appProperty );
                 return Boolean.parseBoolean( strValue );
@@ -194,9 +194,9 @@ public enum PwmIfTest
         @Override
         public boolean test( final PwmRequest pwmRequest, final PwmIfOptions options ) throws ChaiUnavailableException, PwmUnrecoverableException
         {
-            final PwmApplicationMode applicationMode = pwmRequest.getPwmApplication().getApplicationMode();
+            final PwmApplicationMode applicationMode = pwmRequest.getPwmDomain().getApplicationMode();
             final boolean configMode = applicationMode == PwmApplicationMode.CONFIGURATION;
-            final boolean adminUser = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN );
+            final boolean adminUser = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN );
             if ( Boolean.parseBoolean( pwmRequest.getConfig().readAppProperty( AppProperty.CLIENT_WARNING_HEADER_SHOW ) ) )
             {
                 if ( configMode || PwmConstants.TRIAL_MODE )
@@ -246,7 +246,7 @@ public enum PwmIfTest
 
             return pwmRequest != null
                     && pwmRequest.getPwmSession().getSessionManager().checkPermission(
-                    pwmRequest.getPwmApplication(),
+                    pwmRequest.getPwmDomain(),
                     permission );
         }
     }
@@ -311,7 +311,7 @@ public enum PwmIfTest
         )
                 throws ChaiUnavailableException, PwmUnrecoverableException
         {
-            return pwmRequest.getPwmApplication().determineIfDetailErrorMsgShown();
+            return pwmRequest.getPwmDomain().determineIfDetailErrorMsgShown();
         }
     }
 
@@ -346,7 +346,7 @@ public enum PwmIfTest
         )
                 throws ChaiUnavailableException, PwmUnrecoverableException
         {
-            return pwmRequest.getPwmApplication().getApplicationMode() == PwmApplicationMode.CONFIGURATION;
+            return pwmRequest.getPwmDomain().getApplicationMode() == PwmApplicationMode.CONFIGURATION;
         }
     }
 
@@ -361,17 +361,17 @@ public enum PwmIfTest
                 return false;
             }
 
-            final PwmApplicationMode mode = pwmRequest.getPwmApplication().getApplicationMode();
+            final PwmApplicationMode mode = pwmRequest.getPwmDomain().getApplicationMode();
 
             if ( mode == PwmApplicationMode.CONFIGURATION )
             {
                 return true;
             }
 
-            final boolean adminUser = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN );
+            final boolean adminUser = pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN );
             if ( adminUser )
             {
-                final HealthMonitor healthMonitor = pwmRequest.getPwmApplication().getHealthMonitor();
+                final HealthMonitor healthMonitor = pwmRequest.getPwmDomain().getHealthMonitor();
                 if ( healthMonitor != null && healthMonitor.status() == PwmService.STATUS.OPEN )
                 {
                     if ( healthMonitor.getMostSevereHealthStatus() == HealthStatus.WARN )
@@ -400,7 +400,7 @@ public enum PwmIfTest
                 return false;
             }
 
-            if ( pwmRequest.getPwmApplication().getApplicationMode() != PwmApplicationMode.RUNNING )
+            if ( pwmRequest.getPwmDomain().getApplicationMode() != PwmApplicationMode.RUNNING )
             {
                 return true;
             }
@@ -412,7 +412,7 @@ public enum PwmIfTest
 
             if ( pwmRequest.isAuthenticated() )
             {
-                if ( pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN ) )
+                if ( pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN ) )
                 {
                     return true;
                 }
@@ -466,7 +466,7 @@ public enum PwmIfTest
         @Override
         public boolean test( final PwmRequest pwmRequest, final PwmIfOptions options ) throws ChaiUnavailableException, PwmUnrecoverableException
         {
-            return pwmRequest.getPwmApplication().getPwmEnvironment().getFlags().contains( flag );
+            return pwmRequest.getPwmDomain().getPwmEnvironment().getFlags().contains( flag );
         }
     }
 

server/src/main/java/password/pwm/http/tag/url/PwmUrlTag.java

@@ -89,7 +89,7 @@ public class PwmUrlTag extends PwmAbstractTag
         }
         if ( pwmRequest != null )
         {
-            workingUrl = insertResourceNonce( pwmRequest.getPwmApplication(), workingUrl );
+            workingUrl = insertResourceNonce( pwmRequest.getPwmDomain(), workingUrl );
         }
 
         outputURL = workingUrl;
@@ -182,7 +182,7 @@ public class PwmUrlTag extends PwmAbstractTag
 
         if ( pwmRequest != null )
         {
-            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
 
             themeName = figureThemeName( pwmRequest );
 

server/src/main/java/password/pwm/http/tag/value/PwmValue.java

@@ -189,7 +189,7 @@ public enum PwmValue
         @Override
         public String valueOutput( final PwmRequest pwmRequest, final PageContext pageContext ) throws ChaiUnavailableException, PwmUnrecoverableException
         {
-            return pwmRequest.getPwmApplication().getInstanceID();
+            return pwmRequest.getPwmDomain().getInstanceID();
 
         }
     }
@@ -208,7 +208,7 @@ public enum PwmValue
             {
                 return LocaleHelper.getLocalizedMessage( pwmRequest.getLocale(), "Header_TrialMode", pwmRequest.getConfig(), Admin.class, fieldNames );
             }
-            else if ( pwmRequest.getPwmApplication().getApplicationMode() == PwmApplicationMode.CONFIGURATION )
+            else if ( pwmRequest.getPwmDomain().getApplicationMode() == PwmApplicationMode.CONFIGURATION )
             {
                 String output = "";
                 if ( Boolean.parseBoolean( pwmRequest.getConfig().readAppProperty( AppProperty.CLIENT_JSP_SHOW_ICONS ) ) )
@@ -218,7 +218,7 @@ public enum PwmValue
                 output += LocaleHelper.getLocalizedMessage( pwmRequest.getLocale(), "Header_ConfigModeActive", pwmRequest.getConfig(), Admin.class, fieldNames );
                 return output;
             }
-            else if ( pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmApplication(), Permission.PWMADMIN ) )
+            else if ( pwmRequest.getPwmSession().getSessionManager().checkPermission( pwmRequest.getPwmDomain(), Permission.PWMADMIN ) )
             {
                 return LocaleHelper.getLocalizedMessage( pwmRequest.getLocale(), "Header_AdminUser", pwmRequest.getConfig(), Admin.class, fieldNames );
 
@@ -253,7 +253,7 @@ public enum PwmValue
         public String valueOutput( final PwmRequest pwmRequest, final PageContext pageContext )
         {
             final Locale locale = pwmRequest.getLocale();
-            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
             final LocaleHelper.TextDirection textDirection = LocaleHelper.textDirectionForLocale( pwmDomain, locale );
             return textDirection.name();
         }