Merge remote-tracking branch 'origin/master' into angular

checkstyle.xml

@@ -0,0 +1,272 @@
+<?xml version="1.0"?>
+<!--
+  ~ Password Management Servlets (PWM)
+  ~ http://www.pwm-project.org
+  ~
+  ~ Copyright (c) 2006-2009 Novell, Inc.
+  ~ Copyright (c) 2009-2016 The PWM Project
+  ~
+  ~ This program is free software; you can redistribute it and/or modify
+  ~ it under the terms of the GNU General Public License as published by
+  ~ the Free Software Foundation; either version 2 of the License, or
+  ~ (at your option) any later version.
+  ~
+  ~ This program is distributed in the hope that it will be useful,
+  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  ~ GNU General Public License for more details.
+  ~
+  ~ You should have received a copy of the GNU General Public License
+  ~ along with this program; if not, write to the Free Software
+  ~ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+  -->
+
+<!DOCTYPE module PUBLIC
+        "-//Puppy Crawl//DTD Check Configuration 1.2//EN"
+        "http://www.puppycrawl.com/dtds/configuration_1_2.dtd">
+
+<!--
+  PWM Checkstyle definition
+-->
+
+<module name="Checker">
+
+    <!-- Checks that each Java package has a Javadoc file used for commenting. -->
+    <!-- See http://checkstyle.sf.net/config_javadoc.html#JavadocPackage       -->
+    <!--module name="JavadocPackage">
+      <property name="allowLegacy" value="true"/>
+    </module-->
+
+    <module name="FileLength"/>
+
+    <!-- Checks for Headers                              -->
+    <!-- See http://checkstyle.sf.net/config_header.html -->
+    <!--
+    <module name="RegexpHeader">
+        <property name="fileExtensions" value="java"/>
+        <property name="headerFile" value="${checkstyle.header.file}"/>
+    </module>
+    -->
+
+    <module name="FileTabCharacter">
+        <property name="eachLine" value="true"/>
+    </module>
+    <module name="NewlineAtEndOfFile"/>
+
+    <module name="TreeWalker">
+
+        <property name="cacheFile" value="target/checkstyle.cache"/>
+
+        <!-- required for SuppressWarningsFilter (and other Suppress* rules not used here) -->
+        <!-- see http://checkstyle.sourceforge.net/config_annotation.html#SuppressWarningsHolder -->
+        <module name="SuppressWarningsHolder"/>
+
+        <!-- required for SuppressionCommentFilter -->
+        <!-- see http://checkstyle.sourceforge.net/config.html#SuppressionCommentFilter -->
+        <!--
+        <module name="FileContentsHolder"/>
+
+        <module name="LeftCurly">
+            <property name="option" value="nl"/>
+        </module>
+
+        <module name="RightCurly">
+            <property name="option" value="alone"/>
+        </module>
+
+        <module name="LineLength">
+            <property name="max" value="120" />
+            <property name="ignorePattern" value="@version|@see|@todo|TODO"/>
+        </module>
+        -->
+        <!--
+        <module name="MemberName" />
+        -->
+
+        <!-- Checks for Javadoc comments.                     -->
+        <!-- See http://checkstyle.sf.net/config_javadoc.html -->
+        <!--
+        <module name="JavadocMethod">
+            <property name="severity" value="warning"/>
+            <property name="scope" value="protected"/>
+        </module>
+        <module name="JavadocType">
+            <property name="scope" value="protected"/>
+            <property name="allowUnknownTags" value="true" />
+        </module>
+        <module name="JavadocVariable">
+            <property name="severity" value="info"/>
+            <property name="scope" value="protected"/>
+        </module>
+        -->
+
+
+        <!-- Checks for Naming Conventions.                  -->
+        <!-- See http://checkstyle.sf.net/config_naming.html -->
+        <!--
+        <module name="ConstantName"/>
+        <module name="LocalFinalVariableName"/>
+        <module name="LocalVariableName"/>
+        <module name="MethodName"/>
+        <module name="PackageName"/>
+        <module name="ParameterName"/>
+        <module name="StaticVariableName"/>
+        <module name="TypeName"/>
+        -->
+
+        <!-- Checks for imports                              -->
+        <!-- See http://checkstyle.sf.net/config_import.html -->
+        <module name="AvoidStarImport"/>
+        <module name="AvoidStaticImport"/>
+        <module name="IllegalImport"/>
+        <module name="RedundantImport"/>
+        <module name="UnusedImports"/>
+
+
+        <!-- Checks for Size Violations.                    -->
+        <!-- See http://checkstyle.sf.net/config_sizes.html -->
+        <!--
+        <module name="MethodLength"/>
+        <module name="ParameterNumber"/>
+        -->
+
+
+        <!-- Checks for whitespace                               -->
+        <!-- See http://checkstyle.sf.net/config_whitespace.html -->
+        <module name="EmptyForIteratorPad">
+            <property name="option" value="space"/>
+        </module>
+        <!--
+        -->
+        <!-- module name="NoWhitespaceAfter"/ -->
+        <!-- module name="NoWhitespaceBefore"/ -->
+        <!--
+        <module name="OperatorWrap"/>
+        <module name="ParenPad">
+            <property name="option" value="space" />
+        </module>
+        <module name="WhitespaceAfter"/>
+        <module name="WhitespaceAround"/>
+        -->
+        <!-- module name="MethodParamPad"/ -->
+        <module name="GenericWhitespace"/>
+        <module name="EmptyLineSeparator">
+            <property name="allowNoEmptyLineBetweenFields" value="true"/>
+        </module>
+
+
+
+        <!-- Modifier Checks                                    -->
+        <!-- See http://checkstyle.sf.net/config_modifiers.html -->
+        <module name="ModifierOrder"/>
+        <module name="RedundantModifier"/>
+        <!--
+        -->
+
+
+        <!-- Checks for blocks. You know, those {}'s         -->
+        <!-- See http://checkstyle.sf.net/config_blocks.html -->
+        <!--
+        <module name="AvoidNestedBlocks"/>
+        -->
+        <!--
+        <module name="EmptyBlock">
+            <property name="option" value="text"/>
+        </module>
+        <module name="NeedBraces"/>
+        -->
+
+
+        <!-- Checks for common coding problems               -->
+        <!-- See http://checkstyle.sf.net/config_coding.html -->
+        <!-- module name="AvoidInlineConditionals"/ -->
+        <!--
+        <module name="EmptyStatement"/>
+        <module name="EqualsHashCode"/>
+        <module name="HiddenField">
+            <property name="severity" value="warning"/>
+            <property name="ignoreSetter" value="true"/>
+            <property name="ignoreConstructorParameter" value="true"/>
+        </module>
+        <module name="IllegalInstantiation"/>
+        <module name="InnerAssignment"/>
+        -->
+        <!--
+        <module name="MagicNumber">
+            <property name="ignoreNumbers" value="-4, -3, -2, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 31, 32, 37, 64, 100, 128, 256, 512, 1000, 1024"/>
+        </module>
+        -->
+
+        <!-- Checks for class design                         -->
+        <!-- See http://checkstyle.sf.net/config_design.html -->
+        <!-- module name="DesignForExtension"/ -->
+        <!-- module name="FinalClass"/ -->
+        <!-- module name="HideUtilityClassConstructor"/ -->
+        <!--
+        <module name="InterfaceIsType"/>
+        <module name="VisibilityModifier">
+            <property name="protectedAllowed" value="true"/>
+            <property name="packageAllowed" value="true"/>
+        </module>
+        -->
+
+
+        <!-- future enabled checks -->
+        <!--
+        <module name="TrailingComment"/>
+        <module name="NPathComplexity"/>
+        <module name="EnumTrailingCommaCheck"/> //doesnt yet exist as of checkstyle 2.17
+        <module name="MultipleStringLiterals"/>
+        <module name="InnerAssignment"/>
+        <module name="MagicNumber">
+            <property name="ignoreNumbers" value="-4, -3, -2, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 31, 32, 37, 64, 100, 128, 256, 512, 1000, 1024"/>
+        </module>
+        <module name="SimplifyBooleanExpression"/>
+        -->
+
+
+        <!-- coding -->
+        <module name="FallThrough"/>
+        <module name="EqualsHashCode"/>
+        <module name="ArrayTrailingCommaCheck"/>
+        <module name="FinalLocalVariable"/>
+        <module name="MissingSwitchDefault"/>
+        <module name="ModifiedControlVariable"/>
+        <module name="MultipleVariableDeclarations"/>
+        <module name="OneStatementPerLine"/>
+        <module name="FinalParameters"/>
+        <module name="ParameterAssignment"/>
+        <module name="SimplifyBooleanReturn"/>
+        <module name="StringLiteralEquality"/>
+
+        <module name="MutableException"/>
+        <module name="OuterTypeFilename"/>
+        <module name="TodoComment"/>
+        <module name="NoLineWrap"/>
+        <module name="OneTopLevelClass"/>
+        <module name="NoFinalizer"/>
+        <module name="ArrayTypeStyle"/>
+        <module name="UpperEll"/>
+        <module name="PackageDeclaration"/>
+        <module name="NoClone"/>
+    </module>
+
+    <!-- Support @SuppressWarnings (added in Checkstyle 5.7) -->
+    <!-- see http://checkstyle.sourceforge.net/config.html#SuppressWarningsFilter -->
+    <module name="SuppressWarningsFilter"/>
+
+    <!-- Checks properties file for a duplicated properties. -->
+    <!-- See http://checkstyle.sourceforge.net/config_misc.html#UniqueProperties -->
+    <module name="UniqueProperties"/>
+
+    <!-- Support CHECKSTYLE_OFF: regexp and CHECKSTYLE_ON: regexp comments to disable/enable some checks -->
+    <!-- see http://checkstyle.sourceforge.net/config.html#SuppressionCommentFilter -->
+    <!--
+    <module name="SuppressionCommentFilter">
+        <property name="offCommentFormat" value="CHECKSTYLE_OFF\: (.+)"/>
+        <property name="onCommentFormat" value="CHECKSTYLE_ON\: (.+)"/>
+        <property name="checkFormat" value="$1"/>
+    </module>
+    -->
+
+</module>

pom.xml

@@ -153,11 +153,30 @@
                 <version>2.6</version>
                 <configuration>
                     <archiveClasses>true</archiveClasses>
-                    <!--
                     <packagingExcludes>WEB-INF/classes</packagingExcludes>
-                    -->
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-checkstyle-plugin</artifactId>
+                <version>2.17</version>
+                <executions>
+                    <execution>
+                        <id>validate</id>
+                        <phase>validate</phase>
+                        <configuration>
+                            <configLocation>checkstyle.xml</configLocation>
+                            <encoding>UTF-8</encoding>
+                            <consoleOutput>true</consoleOutput>
+                            <includeTestResources>false</includeTestResources>
+                            <failsOnError>true</failsOnError>
+                        </configuration>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
             <plugin>
                 <artifactId>maven-resources-plugin</artifactId>
                 <version>2.7</version>
@@ -226,7 +245,7 @@
                         <artifactId>jspc-compiler-tomcat7</artifactId>
                         <version>2.0.2</version>
                     </dependency>
-                </dependencies>
+				</dependencies>
                 <configuration>
                     <includeInProject>false</includeInProject>
                 </configuration>

src/main/java/password/pwm/AppProperty.java

@@ -270,7 +270,7 @@ public enum AppProperty {
     private final String key;
     private String defaultValue;
 
-    AppProperty(String key) {
+    AppProperty(final String key) {
         this.key = key;
     }
 

src/main/java/password/pwm/PwmAboutProperty.java

@@ -213,4 +213,4 @@ public enum PwmAboutProperty {
         }
 
     }
-}
+}

src/main/java/password/pwm/PwmApplication.java

@@ -127,7 +127,7 @@ public class PwmApplication {
 
         private String key;
 
-        AppAttribute(String key) {
+        AppAttribute(final String key) {
             this.key = key;
         }
 
@@ -174,7 +174,9 @@ public class PwmApplication {
         if (!pwmEnvironment.isInternalRuntimeInstance() && !pwmEnvironment.getFlags().contains(PwmEnvironment.ApplicationFlag.CommandLineInstance)) {
             final String log4jFileName = pwmEnvironment.getConfig().readSettingAsString(PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE);
             final File log4jFile = FileSystemUtility.figureFilepath(log4jFileName, pwmEnvironment.getApplicationPath());
-            final String consoleLevel, fileLevel;
+            final String consoleLevel;
+            final String fileLevel;
+
             switch (getApplicationMode()) {
                 case ERROR:
                 case NEW:
@@ -312,7 +314,7 @@ public class PwmApplication {
         }
 
         try {
-            Map<PwmAboutProperty,String> infoMap = PwmAboutProperty.makeInfoBean(this);
+            final Map<PwmAboutProperty,String> infoMap = PwmAboutProperty.makeInfoBean(this);
             LOGGER.trace("application info: " + JsonUtil.serializeMap(infoMap));
         } catch (Exception e) {
             LOGGER.error("error generating about application bean: " + e.getMessage());

src/main/java/password/pwm/PwmConstants.java

@@ -31,7 +31,14 @@ import password.pwm.util.secure.PwmHashAlgorithm;
 import java.nio.charset.Charset;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.Locale;
+import java.util.ResourceBundle;
+import java.util.TimeZone;
 
 /**
  * Constant values used throughout the servlet.
@@ -90,6 +97,7 @@ public abstract class PwmConstants {
     public static final String DEFAULT_DATETIME_FORMAT_STR = readPwmConstantsBundle("locale.defaultDateTimeFormat");
     public static final TimeZone DEFAULT_TIMEZONE = TimeZone.getTimeZone(readPwmConstantsBundle("locale.defaultTimeZone"));
     public static final DateFormat DEFAULT_DATETIME_FORMAT = new SimpleDateFormat(DEFAULT_DATETIME_FORMAT_STR, DEFAULT_LOCALE);
+
     static {
         DEFAULT_DATETIME_FORMAT.setTimeZone(DEFAULT_TIMEZONE);
     }
@@ -141,6 +149,7 @@ public abstract class PwmConstants {
     public static final String LOG_REMOVED_VALUE_REPLACEMENT = readPwmConstantsBundle("log.removedValue");
 
     public static final Collection<Locale> INCLUDED_LOCALES;
+
     static {
         final List<Locale> localeList = new ArrayList<>();
         final String inputString = readPwmConstantsBundle("includedLocales");
@@ -231,7 +240,7 @@ public abstract class PwmConstants {
         private String path;
         private static final String JSP_ROOT_URL = "/WEB-INF/jsp/";
 
-        JSP_URL(String path) {
+        JSP_URL(final String path) {
             this.path = path;
         }
 
@@ -262,6 +271,7 @@ public abstract class PwmConstants {
     public static final String PARAM_SKIP_CAPTCHA = "skipCaptcha";
     public static final String PARAM_POST_LOGIN_URL = "posturl";
     public static final String PARAM_FILE_UPLOAD = "fileUpload";
+    public static final String PARAM_RECOVERY_OAUTH_RESULT = "roauthResults";
 
     public static final String COOKIE_PERSISTENT_CONFIG_LOGIN = "persistentConfigLogin";
 
@@ -311,7 +321,7 @@ public abstract class PwmConstants {
             "I changed my password to \"incorrect\", so whenever i forget, it will tell me \"your password is incorrect\".",
             "passwords are like underwear, changing underwear regularly is a good thing.", //menno
             "daisy, daisy, give me your password do...",
-            "it's a wholesome can of software goodness" // thx krowten
+            "it's a wholesome can of software goodness", // thx krowten
 
     };
 
@@ -323,6 +333,7 @@ public abstract class PwmConstants {
     private static String readBuildInfoBundle(final String key) {
         return readBuildInfoBundle(key, null);
     }
+
     private static String readBuildInfoBundle(final String key, final String defaultValue) {
         final ResourceBundle resourceBundle = ResourceBundle.getBundle("password.pwm.BuildInformation");
         if (resourceBundle.containsKey(key)) {
@@ -368,7 +379,7 @@ public abstract class PwmConstants {
 
         private final String httpName;
 
-        HttpHeader(String httpName)
+        HttpHeader(final String httpName)
         {
             this.httpName = httpName;
         }
@@ -394,7 +405,7 @@ public abstract class PwmConstants {
 
         private final String headerValue;
 
-        ContentTypeValue(String headerValue) {
+        ContentTypeValue(final String headerValue) {
             this.headerValue = headerValue;
         }
 
@@ -410,7 +421,7 @@ public abstract class PwmConstants {
 
         private String headerValue;
 
-        AcceptValue(String headerValue) {
+        AcceptValue(final String headerValue) {
             this.headerValue = headerValue;
         }
 

src/main/java/password/pwm/PwmEnvironment.java

@@ -32,10 +32,22 @@ import password.pwm.util.JsonUtil;
 import password.pwm.util.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
-import java.io.*;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.RandomAccessFile;
+import java.io.StringWriter;
 import java.nio.channels.FileChannel;
 import java.nio.channels.FileLock;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
 import java.util.concurrent.TimeUnit;
 
 public class PwmEnvironment {
@@ -99,7 +111,8 @@ public class PwmEnvironment {
         public List<String> possibleNames(final String contextName) {
             final List<String> returnValues = new ArrayList<>();
             if (contextName != null) {
-                final String value = PwmConstants.PWM_APP_NAME.toLowerCase() // java property format <app>.<context>.<paramName> like pwm.pwm.applicationFlag
+                // java property format <app>.<context>.<paramName> like pwm.pwm.applicationFlag
+                final String value = PwmConstants.PWM_APP_NAME.toLowerCase()
                         + "."
                         + contextName
                         + "."
@@ -110,7 +123,8 @@ public class PwmEnvironment {
                 returnValues.add(value.toUpperCase().replace(".", "_"));
             }
             {
-                final String value = PwmConstants.PWM_APP_NAME.toLowerCase() // java property format <app>.<paramName> like pwm.applicationFlag
+                // java property format <app>.<paramName> like pwm.applicationFlag
+                final String value = PwmConstants.PWM_APP_NAME.toLowerCase()
                         + "."
                         + this.toString();
                 returnValues.add(value);
@@ -264,7 +278,7 @@ public class PwmEnvironment {
             return Collections.emptyMap();
         }
 
-        public static String readValueFromSystem(PwmEnvironment.EnvironmentParameter parameter, final String contextName) {
+        public static String readValueFromSystem(final PwmEnvironment.EnvironmentParameter parameter, final String contextName) {
             final List<String> namePossibilities = parameter.possibleNames(contextName);
 
             for (final String propertyName : namePossibilities){
@@ -376,12 +390,12 @@ public class PwmEnvironment {
             this.params                  = pwmEnvironment.parameters;
         }
 
-        public Builder(Configuration config, File applicationPath) {
+        public Builder(final Configuration config, final File applicationPath) {
             this.config = config;
             this.applicationPath = applicationPath;
         }
 
-        public Builder setApplicationMode(PwmApplicationMode applicationMode) {
+        public Builder setApplicationMode(final PwmApplicationMode applicationMode) {
             if (PwmConstants.TRIAL_MODE && applicationMode == PwmApplicationMode.RUNNING) {
                 LOGGER.info("application is in trial mode");
                 this.applicationMode = PwmApplicationMode.CONFIGURATION;
@@ -391,22 +405,22 @@ public class PwmEnvironment {
             return this;
         }
 
-        public Builder setInternalRuntimeInstance(boolean internalRuntimeInstance) {
+        public Builder setInternalRuntimeInstance(final boolean internalRuntimeInstance) {
             this.internalRuntimeInstance = internalRuntimeInstance;
             return this;
         }
 
-        public Builder setConfigurationFile(File configurationFile) {
+        public Builder setConfigurationFile(final File configurationFile) {
             this.configurationFile = configurationFile;
             return this;
         }
 
-        public Builder setContextManager(ContextManager contextManager) {
+        public Builder setContextManager(final ContextManager contextManager) {
             this.contextManager = contextManager;
             return this;
         }
 
-        public Builder setFlags(Collection<ApplicationFlag> flags) {
+        public Builder setFlags(final Collection<ApplicationFlag> flags) {
             this.flags.clear();
             if (flags != null) {
                 this.flags.addAll(flags);
@@ -414,7 +428,7 @@ public class PwmEnvironment {
             return this;
         }
 
-        public Builder setParams(Map<ApplicationParameter,String> params) {
+        public Builder setParams(final Map<ApplicationParameter,String> params) {
             this.params.clear();
             if (params != null) {
                 this.params.putAll(params);
@@ -422,7 +436,7 @@ public class PwmEnvironment {
             return this;
         }
 
-        public Builder setConfig(Configuration config) {
+        public Builder setConfig(final Configuration config) {
             this.config = config;
             return this;
         }
@@ -483,7 +497,7 @@ public class PwmEnvironment {
         private FileLock lock;
         private final File lockfile;
 
-        public FileLocker() {
+        FileLocker() {
             final String lockfileName = config.readAppProperty(AppProperty.APPLICATION_FILELOCK_FILENAME);
             lockfile = new File(getApplicationPath(), lockfileName);
         }
@@ -514,7 +528,7 @@ public class PwmEnvironment {
             }
         }
 
-        void writeLockFileContents(RandomAccessFile file) {
+        void writeLockFileContents(final RandomAccessFile file) {
             try {
                 final Properties props = new Properties();
                 props.put("timestamp", PwmConstants.DEFAULT_DATETIME_FORMAT.format(new Date()));

src/main/java/password/pwm/PwmHttpFilterAuthenticationProvider.java

@@ -28,7 +28,7 @@ import password.pwm.http.PwmRequest;
 import java.io.IOException;
 
 public interface PwmHttpFilterAuthenticationProvider {
-    void attemptAuthentication(final PwmRequest pwmRequest)
+    void attemptAuthentication( PwmRequest pwmRequest)
             throws PwmUnrecoverableException, IOException;
 
     boolean hasRedirectedResponse();

src/main/java/password/pwm/VerificationMethodSystem.java

@@ -41,6 +41,7 @@ public interface VerificationMethodSystem {
 
     interface UserPrompt {
         String getDisplayPrompt();
+
         String getIdentifier();
     }
 
@@ -52,7 +53,7 @@ public interface VerificationMethodSystem {
             return displayPrompt;
         }
 
-        public void setDisplayPrompt(String displayPrompt) {
+        public void setDisplayPrompt(final String displayPrompt) {
             this.displayPrompt = displayPrompt;
         }
 
@@ -60,7 +61,7 @@ public interface VerificationMethodSystem {
             return identifier;
         }
 
-        public void setIdentifier(String identifier) {
+        public void setIdentifier(final String identifier) {
             this.identifier = identifier;
         }
     }
@@ -69,11 +70,11 @@ public interface VerificationMethodSystem {
 
     String getCurrentDisplayInstructions();
 
-    ErrorInformation respondToPrompts(final Map<String, String> answers) throws PwmUnrecoverableException;
+    ErrorInformation respondToPrompts( Map<String, String> answers) throws PwmUnrecoverableException;
 
     VerificationState getVerificationState();
 
-    void init(final PwmApplication pwmApplication, final UserInfoBean userInfoBean, SessionLabel sessionLabel, Locale locale)
+    void init( PwmApplication pwmApplication,  UserInfoBean userInfoBean, SessionLabel sessionLabel, Locale locale)
             throws PwmUnrecoverableException
             ;
 

src/main/java/password/pwm/bean/FormNonce.java

@@ -41,7 +41,7 @@ public class FormNonce implements Serializable {
     @SerializedName("p")
     private final String payload;
 
-    public FormNonce(String sessionGUID, Date timestamp,  int reqCounter, String payload) {
+    public FormNonce(final String sessionGUID, final Date timestamp, final int reqCounter, final String payload) {
         this.sessionGUID = sessionGUID;
         this.timestamp = timestamp;
         this.reqCounter = reqCounter;

src/main/java/password/pwm/bean/LocalSessionStateBean.java

@@ -83,7 +83,7 @@ public class LocalSessionStateBean implements Serializable {
         return passwordModified;
     }
 
-    public void setPasswordModified(boolean passwordModified) {
+    public void setPasswordModified(final boolean passwordModified) {
         this.passwordModified = passwordModified;
     }
 
@@ -123,7 +123,7 @@ public class LocalSessionStateBean implements Serializable {
         return preCaptchaRequestURL;
     }
 
-    public void setPreCaptchaRequestURL(String preCaptchaRequestURL) {
+    public void setPreCaptchaRequestURL(final String preCaptchaRequestURL) {
         this.preCaptchaRequestURL = preCaptchaRequestURL;
     }
 
@@ -183,7 +183,7 @@ public class LocalSessionStateBean implements Serializable {
         return theme;
     }
 
-    public void setTheme(String theme) {
+    public void setTheme(final String theme) {
         this.theme = theme;
     }
 
@@ -199,7 +199,7 @@ public class LocalSessionStateBean implements Serializable {
         return sessionCreationTime;
     }
 
-    public void setSessionCreationTime(Date sessionCreationTime) {
+    public void setSessionCreationTime(final Date sessionCreationTime) {
         this.sessionCreationTime = sessionCreationTime;
     }
 
@@ -207,7 +207,7 @@ public class LocalSessionStateBean implements Serializable {
         return sessionLastAccessedTime;
     }
 
-    public void setSessionLastAccessedTime(Date sessionLastAccessedTime) {
+    public void setSessionLastAccessedTime(final Date sessionLastAccessedTime) {
         this.sessionLastAccessedTime = sessionLastAccessedTime;
     }
 
@@ -215,7 +215,7 @@ public class LocalSessionStateBean implements Serializable {
         return lastRequestURL;
     }
 
-    public void setLastRequestURL(String lastRequestURL) {
+    public void setLastRequestURL(final String lastRequestURL) {
         this.lastRequestURL = lastRequestURL;
     }
 
@@ -236,7 +236,7 @@ public class LocalSessionStateBean implements Serializable {
         return oauthInProgress;
     }
 
-    public void setOauthInProgress(boolean oauthInProgress)
+    public void setOauthInProgress(final boolean oauthInProgress)
     {
         this.oauthInProgress = oauthInProgress;
     }
@@ -245,7 +245,7 @@ public class LocalSessionStateBean implements Serializable {
         return restClientKey;
     }
 
-    public void setRestClientKey(String restClientKey) {
+    public void setRestClientKey(final String restClientKey) {
         this.restClientKey = restClientKey;
     }
 
@@ -257,7 +257,7 @@ public class LocalSessionStateBean implements Serializable {
         return sessionIdRecycleNeeded;
     }
 
-    public void setSessionIdRecycleNeeded(boolean sessionIdRecycleNeeded) {
+    public void setSessionIdRecycleNeeded(final boolean sessionIdRecycleNeeded) {
         this.sessionIdRecycleNeeded = sessionIdRecycleNeeded;
     }
 }

src/main/java/password/pwm/bean/LoginInfoBean.java

@@ -32,7 +32,11 @@ import password.pwm.util.JsonUtil;
 import password.pwm.util.PasswordData;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
 
 
 /**
@@ -106,7 +110,7 @@ public class LoginInfoBean implements Serializable {
         return type;
     }
 
-    public void setType(AuthenticationType type)
+    public void setType(final AuthenticationType type)
     {
         this.type = type;
     }
@@ -116,7 +120,7 @@ public class LoginInfoBean implements Serializable {
         return pw;
     }
 
-    public void setUserCurrentPassword(PasswordData userCurrentPassword)
+    public void setUserCurrentPassword(final PasswordData userCurrentPassword)
     {
         this.pw = userCurrentPassword;
     }
@@ -136,7 +140,7 @@ public class LoginInfoBean implements Serializable {
         return oauthExp;
     }
 
-    public void setOauthExp(Date oauthExp)
+    public void setOauthExp(final Date oauthExp)
     {
         this.oauthExp = oauthExp;
     }
@@ -146,7 +150,7 @@ public class LoginInfoBean implements Serializable {
         return oauthRefToken;
     }
 
-    public void setOauthRefToken(String oauthRefToken)
+    public void setOauthRefToken(final String oauthRefToken)
     {
         this.oauthRefToken = oauthRefToken;
     }
@@ -159,7 +163,7 @@ public class LoginInfoBean implements Serializable {
         return authSource;
     }
 
-    public void setAuthSource(PwmAuthenticationSource authSource) {
+    public void setAuthSource(final PwmAuthenticationSource authSource) {
         this.authSource = authSource;
     }
 
@@ -167,7 +171,7 @@ public class LoginInfoBean implements Serializable {
         return guid;
     }
 
-    public void setGuid(String guid) {
+    public void setGuid(final String guid) {
         this.guid = guid;
     }
 
@@ -175,7 +179,7 @@ public class LoginInfoBean implements Serializable {
         return reqCounter;
     }
 
-    public void setReqCounter(int reqCounter) {
+    public void setReqCounter(final int reqCounter) {
         this.reqCounter = reqCounter;
     }
 
@@ -183,7 +187,7 @@ public class LoginInfoBean implements Serializable {
         return userIdentity;
     }
 
-    public void setUserIdentity(UserIdentity userIdentity) {
+    public void setUserIdentity(final UserIdentity userIdentity) {
         this.userIdentity = userIdentity;
     }
 
@@ -191,7 +195,7 @@ public class LoginInfoBean implements Serializable {
         return auth;
     }
 
-    public void setAuthenticated(boolean authenticated) {
+    public void setAuthenticated(final boolean authenticated) {
         this.auth = authenticated;
     }
 
@@ -199,7 +203,7 @@ public class LoginInfoBean implements Serializable {
         return pw;
     }
 
-    public void setPw(PasswordData pw) {
+    public void setPw(final PasswordData pw) {
         this.pw = pw;
     }
 
@@ -207,11 +211,11 @@ public class LoginInfoBean implements Serializable {
         return reqTime;
     }
 
-    public void setReqTime(Date reqTime) {
+    public void setReqTime(final Date reqTime) {
         this.reqTime = reqTime;
     }
 
-    public boolean isLoginFlag(LoginFlag loginStateFlag) {
+    public boolean isLoginFlag(final LoginFlag loginStateFlag) {
         return loginFlags.contains(loginStateFlag);
     }
 

src/main/java/password/pwm/bean/PrivateKeyCertificate.java

@@ -27,10 +27,10 @@ import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 
 public class PrivateKeyCertificate implements Serializable {
-    final private X509Certificate[] certificates;
-    final private PrivateKey key;
+    private final X509Certificate[] certificates;
+    private final PrivateKey key;
 
-    public PrivateKeyCertificate(X509Certificate certificates[], PrivateKey key) {
+    public PrivateKeyCertificate(final X509Certificate[] certificates, final PrivateKey key) {
         this.certificates = certificates;
         this.key = key;
     }

src/main/java/password/pwm/bean/RemoteVerificationRequestBean.java

@@ -36,7 +36,7 @@ public class RemoteVerificationRequestBean implements Serializable {
         return responseSessionID;
     }
 
-    public void setResponseSessionID(String responseSessionID) {
+    public void setResponseSessionID(final String responseSessionID) {
         this.responseSessionID = responseSessionID;
     }
 
@@ -44,7 +44,7 @@ public class RemoteVerificationRequestBean implements Serializable {
         return userInfo;
     }
 
-    public void setUserInfo(PublicUserInfoBean userInfo) {
+    public void setUserInfo(final PublicUserInfoBean userInfo) {
         this.userInfo = userInfo;
     }
 
@@ -52,7 +52,7 @@ public class RemoteVerificationRequestBean implements Serializable {
         return userResponses;
     }
 
-    public void setUserResponses(Map<String, String> userResponses) {
+    public void setUserResponses(final Map<String, String> userResponses) {
         this.userResponses = userResponses;
     }
 }

src/main/java/password/pwm/bean/RemoteVerificationResponseBean.java

@@ -37,7 +37,7 @@ public class RemoteVerificationResponseBean implements Serializable {
         return displayInstructions;
     }
 
-    public void setDisplayInstructions(String displayInstructions) {
+    public void setDisplayInstructions(final String displayInstructions) {
         this.displayInstructions = displayInstructions;
     }
 
@@ -45,7 +45,7 @@ public class RemoteVerificationResponseBean implements Serializable {
         return verificationState;
     }
 
-    public void setVerificationState(VerificationMethodSystem.VerificationState verificationState) {
+    public void setVerificationState(final VerificationMethodSystem.VerificationState verificationState) {
         this.verificationState = verificationState;
     }
 
@@ -53,7 +53,7 @@ public class RemoteVerificationResponseBean implements Serializable {
         return userPrompts;
     }
 
-    public void setUserPrompts(List<VerificationMethodSystem.UserPromptBean> userPrompts) {
+    public void setUserPrompts(final List<VerificationMethodSystem.UserPromptBean> userPrompts) {
         this.userPrompts = userPrompts;
     }
 
@@ -61,7 +61,7 @@ public class RemoteVerificationResponseBean implements Serializable {
         return errorMessage;
     }
 
-    public void setErrorMessage(String errorMessage) {
+    public void setErrorMessage(final String errorMessage) {
         this.errorMessage = errorMessage;
     }
 }

src/main/java/password/pwm/bean/ResponseInfoBean.java

@@ -32,13 +32,13 @@ import java.util.Locale;
 import java.util.Map;
 
 public class ResponseInfoBean implements Serializable {
-    final private Map<Challenge,String> crMap;
-    final private Map<Challenge,String> helpdeskCrMap;
-    final private Locale locale;
-    final private int minRandoms;
-    final private String csIdentifier;
-    final private DataStorageMethod dataStorageMethod;
-    final private Answer.FormatType formatType;
+    private final Map<Challenge,String> crMap;
+    private final Map<Challenge,String> helpdeskCrMap;
+    private final Locale locale;
+    private final int minRandoms;
+    private final String csIdentifier;
+    private final DataStorageMethod dataStorageMethod;
+    private final Answer.FormatType formatType;
 
     private Date timestamp;
 
@@ -84,7 +84,7 @@ public class ResponseInfoBean implements Serializable {
         return timestamp;
     }
 
-    public void setTimestamp(Date timestamp) {
+    public void setTimestamp(final Date timestamp) {
         this.timestamp = timestamp;
     }
 

src/main/java/password/pwm/bean/SessionLabel.java

@@ -33,7 +33,7 @@ public class SessionLabel implements Serializable {
     private final String srcAddress;
     private final String srcHostname;
 
-    public SessionLabel(String sessionID, UserIdentity userIdentity, String username, final String srcAddress, final String srcHostname)
+    public SessionLabel(final String sessionID, final UserIdentity userIdentity, final String username, final String srcAddress, final String srcHostname)
     {
         this.sessionID = sessionID;
         this.userIdentity = userIdentity;

src/main/java/password/pwm/bean/SmsItemBean.java

@@ -46,7 +46,7 @@ public class SmsItemBean implements Serializable {
         return message;
     }
 
-    public void setMessage(String message) {
+    public void setMessage(final String message) {
         this.message = message;
     }
 

src/main/java/password/pwm/bean/TokenVerificationProgress.java

@@ -49,7 +49,7 @@ public class TokenVerificationProgress implements Serializable {
         return phase;
     }
 
-    public void setPhase(TokenChannel phase) {
+    public void setPhase(final TokenChannel phase) {
         this.phase = phase;
     }
 
@@ -57,7 +57,7 @@ public class TokenVerificationProgress implements Serializable {
         return tokenDisplayText;
     }
 
-    public void setTokenDisplayText(String tokenDisplayText) {
+    public void setTokenDisplayText(final String tokenDisplayText) {
         this.tokenDisplayText = tokenDisplayText;
     }
 }

src/main/java/password/pwm/bean/UserIdentity.java

@@ -161,12 +161,12 @@ public class UserIdentity implements Serializable, Comparable {
     }
 
     @Override
-    public boolean equals(Object o)
+    public boolean equals(final Object o)
     {
         if (this == o) return true;
         if (o == null || getClass() != o.getClass()) return false;
 
-        UserIdentity that = (UserIdentity) o;
+        final UserIdentity that = (UserIdentity) o;
 
         if (!ldapProfile.equals(that.ldapProfile)) return false;
         if (!userDN.equals(that.userDN)) return false;
@@ -183,10 +183,10 @@ public class UserIdentity implements Serializable, Comparable {
     }
 
     @Override
-    public int compareTo(Object o) {
-        String thisStr = (ldapProfile == null ? "_" : ldapProfile) + userDN;
-        UserIdentity otherIdentity = (UserIdentity)o;
-        String otherStr = (otherIdentity.ldapProfile == null ? "_" : otherIdentity.ldapProfile) + otherIdentity.userDN;
+    public int compareTo(final Object o) {
+        final String thisStr = (ldapProfile == null ? "_" : ldapProfile) + userDN;
+        final UserIdentity otherIdentity = (UserIdentity)o;
+        final String otherStr = (otherIdentity.ldapProfile == null ? "_" : otherIdentity.ldapProfile) + otherIdentity.userDN;
 
         return thisStr.compareTo(otherStr);
     }

src/main/java/password/pwm/bean/UserInfoBean.java

@@ -28,7 +28,10 @@ import password.pwm.config.profile.PwmPasswordPolicy;
 import password.pwm.util.otp.OTPUserRecord;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
 
 /**
  * A bean that is stored in the user's session.   Only information that is particular to logged in user is stored in the
@@ -36,11 +39,11 @@ import java.util.*;
  * <p/>
  * For any given HTTP session using PWM, several {@link UserInfoBean}s may be created during
  * the life of the session, however at any given time, no more than one will be stored in
- * the HTTP session.  If the user is not authenticated (determined by {@link LocalSessionStateBean#isAuthenticated()})
+ * the HTTP session.  If the user is not authenticated (determined by {@link LocalSessionStateBean})
  * then there should not be a {@link UserInfoBean} in the HTTP session.
  *
  * @author Jason D. Rivard
- * @see password.pwm.ldap.UserStatusReader#populateUserInfoBean(Locale, UserIdentity)
+ * @see password.pwm.ldap.UserStatusReader#populateUserInfoBean
  */
 public class UserInfoBean implements Serializable {
 // ------------------------------ FIELDS ------------------------------
@@ -90,7 +93,7 @@ public class UserInfoBean implements Serializable {
         return cachedAttributeValues;
     }
 
-    public void setCachedAttributeValues(Map<String, String> cachedAttributeValues)
+    public void setCachedAttributeValues(final Map<String, String> cachedAttributeValues)
     {
         this.cachedAttributeValues = cachedAttributeValues;
     }
@@ -99,7 +102,7 @@ public class UserInfoBean implements Serializable {
         return lastLdapLoginTime;
     }
 
-    public void setLastLdapLoginTime(Date lastLdapLoginTime) {
+    public void setLastLdapLoginTime(final Date lastLdapLoginTime) {
         this.lastLdapLoginTime = lastLdapLoginTime;
     }
 
@@ -123,7 +126,7 @@ public class UserInfoBean implements Serializable {
         return userIdentity;
     }
 
-    public void setUserIdentity(UserIdentity userIdentity) {
+    public void setUserIdentity(final UserIdentity userIdentity) {
         this.userIdentity = userIdentity;
     }
 
@@ -219,7 +222,7 @@ public class UserInfoBean implements Serializable {
         return responseInfoBean;
     }
 
-    public void setResponseInfoBean(ResponseInfoBean responseInfoBean) {
+    public void setResponseInfoBean(final ResponseInfoBean responseInfoBean) {
         this.responseInfoBean = responseInfoBean;
     }
 
@@ -228,7 +231,7 @@ public class UserInfoBean implements Serializable {
         return otpUserRecord;
     }
 
-    public void setOtpUserRecord(OTPUserRecord otpUserRecord)
+    public void setOtpUserRecord(final OTPUserRecord otpUserRecord)
     {
         this.otpUserRecord = otpUserRecord;
     }
@@ -237,7 +240,7 @@ public class UserInfoBean implements Serializable {
         return accountExpirationTime;
     }
 
-    public void setAccountExpirationTime(Date accountExpirationTime) {
+    public void setAccountExpirationTime(final Date accountExpirationTime) {
         this.accountExpirationTime = accountExpirationTime;
     }
 

src/main/java/password/pwm/bean/pub/PublicUserInfoBean.java

@@ -22,6 +22,13 @@
 
 package password.pwm.bean.pub;
 
+import password.pwm.bean.PasswordStatus;
+import password.pwm.bean.UserInfoBean;
+import password.pwm.config.Configuration;
+import password.pwm.config.profile.PwmPasswordRule;
+import password.pwm.http.tag.PasswordRequirementsTag;
+import password.pwm.util.macro.MacroMachine;
+
 import java.io.Serializable;
 import java.util.Collections;
 import java.util.Date;
@@ -30,13 +37,6 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 
-import password.pwm.bean.PasswordStatus;
-import password.pwm.bean.UserInfoBean;
-import password.pwm.config.Configuration;
-import password.pwm.config.profile.PwmPasswordRule;
-import password.pwm.http.tag.PasswordRequirementsTag;
-import password.pwm.util.macro.MacroMachine;
-
 public class PublicUserInfoBean implements Serializable {
     public String userDN;
     public String ldapProfile;

src/main/java/password/pwm/bean/pub/SessionStateInfoBean.java

@@ -43,7 +43,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return label;
     }
 
-    public void setLabel(String label) {
+    public void setLabel(final String label) {
         this.label = label;
     }
 
@@ -51,7 +51,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return createTime;
     }
 
-    public void setCreateTime(Date createTime) {
+    public void setCreateTime(final Date createTime) {
         this.createTime = createTime;
     }
 
@@ -59,7 +59,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return lastTime;
     }
 
-    public void setLastTime(Date lastTime) {
+    public void setLastTime(final Date lastTime) {
         this.lastTime = lastTime;
     }
 
@@ -67,7 +67,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return idle;
     }
 
-    public void setIdle(String idle) {
+    public void setIdle(final String idle) {
         this.idle = idle;
     }
 
@@ -75,7 +75,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return locale;
     }
 
-    public void setLocale(Locale locale) {
+    public void setLocale(final Locale locale) {
         this.locale = locale;
     }
 
@@ -83,7 +83,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return ldapProfile;
     }
 
-    public void setLdapProfile(String ldapProfile) {
+    public void setLdapProfile(final String ldapProfile) {
         this.ldapProfile = ldapProfile;
     }
 
@@ -91,7 +91,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return userDN;
     }
 
-    public void setUserDN(String userDN) {
+    public void setUserDN(final String userDN) {
         this.userDN = userDN;
     }
 
@@ -99,7 +99,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return userID;
     }
 
-    public void setUserID(String userID) {
+    public void setUserID(final String userID) {
         this.userID = userID;
     }
 
@@ -107,7 +107,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return srcAddress;
     }
 
-    public void setSrcAddress(String srcAddress) {
+    public void setSrcAddress(final String srcAddress) {
         this.srcAddress = srcAddress;
     }
 
@@ -115,7 +115,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return srcHost;
     }
 
-    public void setSrcHost(String srcHost) {
+    public void setSrcHost(final String srcHost) {
         this.srcHost = srcHost;
     }
 
@@ -123,7 +123,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return lastUrl;
     }
 
-    public void setLastUrl(String lastUrl) {
+    public void setLastUrl(final String lastUrl) {
         this.lastUrl = lastUrl;
     }
 
@@ -131,7 +131,7 @@ public class SessionStateInfoBean implements PublishedBean {
         return intruderAttempts;
     }
 
-    public void setIntruderAttempts(int intruderAttempts) {
+    public void setIntruderAttempts(final int intruderAttempts) {
         this.intruderAttempts = intruderAttempts;
     }
 }

src/main/java/password/pwm/config/ActionConfiguration.java

@@ -34,7 +34,9 @@ import java.util.Map;
 public class ActionConfiguration implements Serializable {
 
     public enum Type { webservice, ldap }
+
     public enum WebMethod { delete, get, post, put, patch }
+
     public enum LdapMethod { replace, add, remove }
 
     private String name;
@@ -101,7 +103,7 @@ public class ActionConfiguration implements Serializable {
         final String[] splitString = value.split("=");
         final String attributeName = splitString[0];
         final String attributeValue = splitString[1];
-        ActionConfiguration actionConfiguration = new ActionConfiguration();
+        final ActionConfiguration actionConfiguration = new ActionConfiguration();
         actionConfiguration.name = attributeName;
         actionConfiguration.description = attributeName;
         actionConfiguration.type = Type.ldap;

src/main/java/password/pwm/config/ChallengeItemConfiguration.java

@@ -37,10 +37,10 @@ public class ChallengeItemConfiguration implements Serializable {
     private String regex;
 
     public ChallengeItemConfiguration(
-            String challengeText,
-            int minimumLength,
-            int maximumLength,
-            boolean adminDefined
+            final String challengeText,
+            final int minimumLength,
+            final int maximumLength,
+            final boolean adminDefined
     )
     {
         this.text = challengeText;

src/main/java/password/pwm/config/Configuration.java

@@ -92,7 +92,7 @@ import java.util.TreeMap;
 public class Configuration implements Serializable, SettingReader {
 // ------------------------------ FIELDS ------------------------------
 
-    private final static PwmLogger LOGGER = PwmLogger.forClass(Configuration.class);
+    private static final PwmLogger LOGGER = PwmLogger.forClass(Configuration.class);
 
     private final StoredConfigurationImpl storedConfiguration;
 
@@ -154,12 +154,12 @@ public class Configuration implements Serializable, SettingReader {
         return availableLocaleMap.get(matchedLocale);
     }
 
-    public <E extends Enum<E>> E readSettingAsEnum(PwmSetting setting,  Class<E> enumClass) {
+    public <E extends Enum<E>> E readSettingAsEnum(final PwmSetting setting, final Class<E> enumClass) {
         final StoredValue value = readStoredValue(setting);
         return JavaTypeConverter.valueToEnum(setting, value, enumClass);
     }
 
-    public <E extends Enum<E>> Set<E> readSettingAsOptionList(final PwmSetting setting,  Class<E> enumClass) {
+    public <E extends Enum<E>> Set<E> readSettingAsOptionList(final PwmSetting setting, final Class<E> enumClass) {
         return JavaTypeConverter.valueToOptionList(setting, readStoredValue(setting), enumClass);
     }
 
@@ -189,7 +189,7 @@ public class Configuration implements Serializable, SettingReader {
         return JavaTypeConverter.valueToPassword(readStoredValue(setting));
     }
 
-    public static abstract class JavaTypeConverter {
+    public abstract static class JavaTypeConverter {
         public static long valueToLong(final StoredValue value) {
             if (!(value instanceof NumericValue)) {
                 throw new IllegalArgumentException("setting value is not readable as number");
@@ -241,7 +241,7 @@ public class Configuration implements Serializable, SettingReader {
             }
 
             final List<String> results = new ArrayList<>((List<String>)value.toNativeObject());
-            for (final Iterator iter = results.iterator(); iter.hasNext();) {
+            for (final Iterator iter = results.iterator(); iter.hasNext(); ) {
                 final Object loopString = iter.next();
                 if (loopString == null || loopString.toString().length() < 1) {
                     iter.remove();
@@ -260,7 +260,7 @@ public class Configuration implements Serializable, SettingReader {
             }
 
             final List<UserPermission> results = new ArrayList<>((List<UserPermission>)value.toNativeObject());
-            for (final Iterator iter = results.iterator(); iter.hasNext();) {
+            for (final Iterator iter = results.iterator(); iter.hasNext(); ) {
                 final Object loopString = iter.next();
                 if (loopString == null || loopString.toString().length() < 1) {
                     iter.remove();
@@ -306,7 +306,7 @@ public class Configuration implements Serializable, SettingReader {
             return availableLocaleMap.get(matchedLocale);
         }
 
-        public static <E extends Enum<E>> E valueToEnum(final PwmSetting setting, StoredValue value, Class<E> enumClass) {
+        public static <E extends Enum<E>> E valueToEnum(final PwmSetting setting, final StoredValue value, final Class<E> enumClass) {
             if (PwmSettingSyntax.SELECT != setting.getSyntax()) {
                 throw new IllegalArgumentException("may not read SELECT enum value for setting: " + setting.toString());
             }
@@ -325,7 +325,7 @@ public class Configuration implements Serializable, SettingReader {
             return null;
         }
 
-        public static <E extends Enum<E>> Set<E> valueToOptionList(final PwmSetting setting, final StoredValue value,  Class<E> enumClass) {
+        public static <E extends Enum<E>> Set<E> valueToOptionList(final PwmSetting setting, final StoredValue value, final Class<E> enumClass) {
             if (PwmSettingSyntax.OPTIONLIST != setting.getSyntax()) {
                 throw new IllegalArgumentException("may not read optionlist value for setting: " + setting.toString());
             }
@@ -497,6 +497,10 @@ public class Configuration implements Serializable, SettingReader {
                     returnCollection.add(LocaleHelper.parseLocaleString(localeStr));
                 }
                 break;
+
+            default:
+                // ignore other types
+                break;
         }
 
         return returnCollection;
@@ -511,7 +515,7 @@ public class Configuration implements Serializable, SettingReader {
     }
 
     public Map<FileValue.FileInformation,FileValue.FileContent> readSettingAsFile(final PwmSetting setting) {
-        FileValue fileValue = (FileValue)storedConfiguration.readSetting(setting);
+        final FileValue fileValue = (FileValue)storedConfiguration.readSetting(setting);
         return (Map)fileValue.toNativeObject();
     }
 
@@ -540,6 +544,7 @@ public class Configuration implements Serializable, SettingReader {
     }
 
     private PwmSecurityKey tempInstanceKey = null;
+
     public PwmSecurityKey getSecurityKey() throws PwmUnrecoverableException {
         final PasswordData configValue = readSettingAsPassword(PwmSetting.PWM_SECURITY_KEY);
 
@@ -656,7 +661,7 @@ public class Configuration implements Serializable, SettingReader {
             return TokenStorageMethod.valueOf(readSettingAsString(PwmSetting.TOKEN_STORAGEMETHOD));
         } catch (Exception e) {
             final String errorMsg = "unknown storage method specified: " + readSettingAsString(PwmSetting.TOKEN_STORAGEMETHOD);
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG,errorMsg);
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG,errorMsg);
             LOGGER.warn(errorInformation.toDebugStr());
             return null;
         }
@@ -683,7 +688,7 @@ public class Configuration implements Serializable, SettingReader {
         return true;
     }
 
-    public String readAppProperty(AppProperty property) {
+    public String readAppProperty(final AppProperty property) {
         final Map<String,String> configurationValues = StringUtil.convertStringListToNameValuePair(this.readSettingAsStringArray(PwmSetting.APP_PROPERTY_OVERRIDES),"=");
         if (configurationValues.containsKey(property.getKey())) {
             return configurationValues.get(property.getKey());
@@ -743,7 +748,7 @@ public class Configuration implements Serializable, SettingReader {
                     PwmSetting.FORGOTTEN_PASSWORD_READ_PREFERENCE,
                     PwmSetting.FORGOTTEN_PASSWORD_WRITE_PREFERENCE,
                     PwmSetting.INTRUDER_STORAGE_METHOD,
-                    PwmSetting.EVENTS_USER_STORAGE_METHOD
+                    PwmSetting.EVENTS_USER_STORAGE_METHOD,
             };
 
             for (final PwmSetting loopSetting : settingsToCheck) {
@@ -883,7 +888,7 @@ public class Configuration implements Serializable, SettingReader {
 
     public Set<PwmSetting> nonDefaultSettings() {
         final HashSet returnSet = new HashSet();
-        for (StoredConfigurationImpl.SettingValueRecord valueRecord : this.storedConfiguration.modifiedSettings()) {
+        for (final StoredConfigurationImpl.SettingValueRecord valueRecord : this.storedConfiguration.modifiedSettings()) {
             returnSet.add(valueRecord.getSetting());
         }
         return returnSet;

src/main/java/password/pwm/config/FormConfiguration.java

@@ -24,13 +24,23 @@ package password.pwm.config;
 
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
-import password.pwm.error.*;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmDataValidationException;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmOperationalException;
+import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.LocaleHelper;
 
 import java.io.Serializable;
 import java.math.BigInteger;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.StringTokenizer;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import java.util.regex.PatternSyntaxException;
@@ -282,6 +292,9 @@ public class FormConfiguration implements Serializable {
                 }
                 break;
 
+            default:
+                // continue for other types
+                break;
         }
 
         if (value != null && (this.getMinimumLength() > 0) && (value.length() > 0) && (value.length() < this.getMinimumLength())) {

src/main/java/password/pwm/config/FormUtility.java

@@ -31,7 +31,11 @@ import password.pwm.AppProperty;
 import password.pwm.PwmApplication;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.error.*;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmDataValidationException;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmOperationalException;
+import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
 import password.pwm.ldap.UserDataReader;
 import password.pwm.ldap.UserSearchEngine;
@@ -44,7 +48,15 @@ import password.pwm.util.StringUtil;
 import password.pwm.util.Validator;
 import password.pwm.util.logging.PwmLogger;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
 
 public class FormUtility {
 
@@ -54,7 +66,7 @@ public class FormUtility {
         ReturnEmptyValues
     }
 
-    final private static String NEGATIVE_CACHE_HIT = "NEGATIVE_CACHE_HIT";
+    private static final String NEGATIVE_CACHE_HIT = "NEGATIVE_CACHE_HIT";
 
     public static Map<FormConfiguration, String> readFormValuesFromMap(
             final Map<String,String> inputMap,
@@ -130,7 +142,7 @@ public class FormUtility {
         return bValue;
     }
 
-    public static Map<String,String> asStringMap(Map<FormConfiguration, String> input) {
+    public static Map<String,String> asStringMap(final Map<FormConfiguration, String> input) {
         final Map<String,String> returnObj = new HashMap<>();
         for (final FormConfiguration formConfiguration : input.keySet()) {
             returnObj.put(formConfiguration.getName(), input.get(formConfiguration));
@@ -225,7 +237,7 @@ public class FormUtility {
         final UserSearchEngine.SearchConfiguration searchConfiguration = new UserSearchEngine.SearchConfiguration();
         searchConfiguration.setFilter(filter.toString());
 
-        int resultSearchSizeLimit = 1 + (excludeDN == null ? 0 : excludeDN.size());
+        final int resultSearchSizeLimit = 1 + (excludeDN == null ? 0 : excludeDN.size());
         final long cacheLifetimeMS = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.CACHE_FORM_UNIQUE_VALUE_LIFETIME_MS));
         final CachePolicy cachePolicy = CachePolicy.makePolicyWithExpirationMS(cacheLifetimeMS);
 
@@ -366,7 +378,7 @@ public class FormUtility {
             throws PwmUnrecoverableException
     {
         final Map<FormConfiguration, List<String>> valueMap = populateFormMapFromLdap(formFields, sessionLabel, userDataReader);
-        for (FormConfiguration formConfiguration : formFields) {
+        for (final FormConfiguration formConfiguration : formFields) {
             if (valueMap.containsKey(formConfiguration)) {
                 final List<String> values = valueMap.get(formConfiguration);
                 if (values != null && !values.isEmpty()) {

src/main/java/password/pwm/config/LDAPPermissionInfo.java

@@ -33,7 +33,7 @@ public class LDAPPermissionInfo implements Serializable {
     private final Access access;
     private final Actor actor;
 
-    public LDAPPermissionInfo(Access type, Actor actor) {
+    public LDAPPermissionInfo(final Access type, final Actor actor) {
         this.access = type;
         this.actor = actor;
     }

src/main/java/password/pwm/config/PwmSetting.java

@@ -35,7 +35,16 @@ import password.pwm.util.StringUtil;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.macro.MacroMachine;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.MissingResourceException;
+import java.util.Set;
 import java.util.regex.Pattern;
 import java.util.regex.PatternSyntaxException;
 
@@ -1229,7 +1238,7 @@ public enum PwmSetting {
             if (optionsElement != null) {
                 final List<Element> optionElements = optionsElement.getChildren("option");
                 if (optionElements != null) {
-                    for (Element optionElement : optionElements) {
+                    for (final Element optionElement : optionElements) {
                         if (optionElement.getAttribute("value") == null) {
                             throw new IllegalStateException("option element is missing 'value' attribute for key " + this.getKey());
                         }
@@ -1250,7 +1259,7 @@ public enum PwmSetting {
         if (propertiesElement != null) {
             final List<Element> propertyElements = propertiesElement.getChildren("property");
             if (propertyElements != null) {
-                for (Element propertyElement : propertyElements) {
+                for (final Element propertyElement : propertyElements) {
                     if (propertyElement.getAttributeValue("key") == null) {
                         throw new IllegalStateException("property element is missing 'key' attribute for value " + this.getKey());
                     }
@@ -1306,7 +1315,7 @@ public enum PwmSetting {
                         permissionElement.getAttributeValue(PwmSettingXml.XML_ATTRIBUTE_PERMISSION_ACCESS)
                 );
                 if (actor != null && type != null) {
-                    LDAPPermissionInfo permissionInfo = new LDAPPermissionInfo(type, actor);
+                    final LDAPPermissionInfo permissionInfo = new LDAPPermissionInfo(type, actor);
                     returnObj.add(permissionInfo);
                 }
             }
@@ -1382,8 +1391,8 @@ public enum PwmSetting {
 
     public Pattern getRegExPattern() {
         if (pattern == null) {
-            Element settingNode = PwmSettingXml.readSettingXml(this);
-            Element regexNode = settingNode.getChild("regex");
+            final Element settingNode = PwmSettingXml.readSettingXml(this);
+            final Element regexNode = settingNode.getChild("regex");
             if (regexNode != null) {
                 try {
                     pattern = Pattern.compile(regexNode.getText());
@@ -1455,7 +1464,7 @@ public enum PwmSetting {
         private final Object object;
         private final Set<PwmSettingTemplate> settingTemplates;
 
-        public TemplateSetAssociation(Object association, Set<PwmSettingTemplate> settingTemplates) {
+        public TemplateSetAssociation(final Object association, final Set<PwmSettingTemplate> settingTemplates) {
             this.object = association;
             this.settingTemplates = settingTemplates;
         }

src/main/java/password/pwm/config/PwmSettingCategory.java

@@ -28,7 +28,15 @@ import password.pwm.i18n.Config;
 import password.pwm.i18n.PwmSetting;
 import password.pwm.util.LocaleHelper;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.TreeMap;
 
 public enum PwmSettingCategory {
 
@@ -176,7 +184,7 @@ public enum PwmSettingCategory {
     private Boolean hidden;
 
 
-    PwmSettingCategory(PwmSettingCategory parent) {
+    PwmSettingCategory(final PwmSettingCategory parent) {
         this.parent = parent;
     }
 
@@ -277,7 +285,7 @@ public enum PwmSettingCategory {
         return returnObj;
     }
 
-    private password.pwm.config.PwmSetting readProfileSettingFromXml(boolean nested)
+    private password.pwm.config.PwmSetting readProfileSettingFromXml(final boolean nested)
     {
         PwmSettingCategory nextCategory = this;
         while (nextCategory != null) {
@@ -362,9 +370,9 @@ public enum PwmSettingCategory {
     }
 
     public static List<PwmSettingCategory> valuesForReferenceDoc(final Locale locale) {
-        List<PwmSettingCategory> values = new ArrayList<>(sortedValues(locale));
-        for (Iterator<PwmSettingCategory> iterator = values.iterator(); iterator.hasNext(); ) {
-            PwmSettingCategory category = iterator.next();
+        final List<PwmSettingCategory> values = new ArrayList<>(sortedValues(locale));
+        for (final Iterator<PwmSettingCategory> iterator = values.iterator(); iterator.hasNext(); ) {
+            final PwmSettingCategory category = iterator.next();
             if (category.isHidden()) {
                 iterator.remove();
             } else if (category.getSettings().isEmpty()) {

src/main/java/password/pwm/config/PwmSettingSyntax.java

@@ -22,7 +22,23 @@
 
 package password.pwm.config;
 
-import password.pwm.config.value.*;
+import password.pwm.config.value.ActionValue;
+import password.pwm.config.value.BooleanValue;
+import password.pwm.config.value.ChallengeValue;
+import password.pwm.config.value.EmailValue;
+import password.pwm.config.value.FileValue;
+import password.pwm.config.value.FormValue;
+import password.pwm.config.value.LocalizedStringArrayValue;
+import password.pwm.config.value.LocalizedStringValue;
+import password.pwm.config.value.NumericValue;
+import password.pwm.config.value.OptionListValue;
+import password.pwm.config.value.PasswordValue;
+import password.pwm.config.value.PrivateKeyValue;
+import password.pwm.config.value.StringArrayValue;
+import password.pwm.config.value.StringValue;
+import password.pwm.config.value.UserPermissionValue;
+import password.pwm.config.value.VerificationMethodValue;
+import password.pwm.config.value.X509CertificateValue;
 
 /**
  * Setting syntax definitions.  Each syntax listed here corresponds to some type of native Java object.  The factory specified includes
@@ -57,7 +73,7 @@ public enum PwmSettingSyntax {
 
     private StoredValue.StoredValueFactory storedValueImpl;
 
-    PwmSettingSyntax(StoredValue.StoredValueFactory storedValueImpl) {
+    PwmSettingSyntax(final StoredValue.StoredValueFactory storedValueImpl) {
         this.storedValueImpl = storedValueImpl;
     }
 

src/main/java/password/pwm/config/PwmSettingTemplate.java

@@ -64,7 +64,7 @@ public enum PwmSettingTemplate {
         return requiredAttribute != null && "true".equalsIgnoreCase(requiredAttribute.getValue());
     }
 
-    private static Element readTemplateElement(PwmSettingTemplate pwmSettingTemplate) {
+    private static Element readTemplateElement(final PwmSettingTemplate pwmSettingTemplate) {
         final Element element = PwmSettingXml.readTemplateXml(pwmSettingTemplate);
         if (element == null) {
             throw new IllegalStateException("missing PwmSetting.xml template element for " + pwmSettingTemplate);

src/main/java/password/pwm/config/PwmSettingXml.java

@@ -94,7 +94,7 @@ public class PwmSettingXml {
             final InputStream xmlInputStream = PwmSetting.class.getClassLoader().getResourceAsStream("password/pwm/config/PwmSetting.xml");
             final SchemaFactory factory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
             final Schema schema = factory.newSchema(new StreamSource(xsdInputStream));
-            Validator validator = schema.newValidator();
+            final Validator validator = schema.newValidator();
             validator.validate(new StreamSource(xmlInputStream));
         } catch (Exception e) {
             throw new IllegalStateException("error validating PwmSetting.xml schema using PwmSetting.xsd definition: " + e.getMessage());

src/main/java/password/pwm/config/SettingReader.java

@@ -49,4 +49,6 @@ public interface SettingReader {
     List<ActionConfiguration> readSettingAsAction(PwmSetting setting);
 
     PasswordData readSettingAsPassword(PwmSetting setting);
+
+    String readSettingAsString(PwmSetting oauthIdLoginUrl);
 }

src/main/java/password/pwm/config/SettingUIFunction.java

@@ -29,10 +29,10 @@ import java.io.Serializable;
 
 public interface SettingUIFunction {
     Serializable provideFunction(
-            final PwmRequest pwmRequest,
-            final StoredConfigurationImpl storedConfiguration,
-            final PwmSetting setting,
-            final String profile,
+             PwmRequest pwmRequest,
+            StoredConfigurationImpl storedConfiguration,
+            PwmSetting setting,
+            String profile,
             String extraData
     )
             throws Exception;

src/main/java/password/pwm/config/StoredValue.java

@@ -32,7 +32,7 @@ import java.util.List;
 import java.util.Locale;
 
 public interface StoredValue extends Serializable {
-    List<Element> toXmlValues(final String valueElementName);
+    List<Element> toXmlValues( String valueElementName);
 
     Object toNativeObject();
 
@@ -47,11 +47,11 @@ public interface StoredValue extends Serializable {
     int currentSyntaxVersion();
 
     interface StoredValueFactory {
-        StoredValue fromJson(final String input);
+        StoredValue fromJson( String input);
 
-        StoredValue fromXmlElement(final Element settingElement, final PwmSecurityKey key)
+        StoredValue fromXmlElement( Element settingElement,  PwmSecurityKey key)
                 throws PwmException;
     }
 
     String valueHash() throws PwmUnrecoverableException;
-}
+}

src/main/java/password/pwm/config/function/AbstractUriCertImportFunction.java

@@ -27,7 +27,11 @@ import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationImpl;
 import password.pwm.config.value.X509CertificateValue;
-import password.pwm.error.*;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmException;
+import password.pwm.error.PwmOperationalException;
+import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmSession;
 import password.pwm.util.X509Utils;
@@ -39,11 +43,11 @@ abstract class AbstractUriCertImportFunction implements SettingUIFunction {
 
     @Override
     public String provideFunction(
-            PwmRequest pwmRequest,
-            StoredConfigurationImpl storedConfiguration,
-            PwmSetting setting,
-            String profile,
-            String extraData)
+            final PwmRequest pwmRequest,
+            final StoredConfigurationImpl storedConfiguration,
+            final PwmSetting setting,
+            final String profile,
+            final String extraData)
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
@@ -56,7 +60,7 @@ abstract class AbstractUriCertImportFunction implements SettingUIFunction {
                 if (e instanceof PwmException) {
                     throw new PwmOperationalException(((PwmException) e).getErrorInformation());
                 }
-                ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"error importing certificates: " + e.getMessage());
+                final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"error importing certificates: " + e.getMessage());
                 throw new PwmOperationalException(errorInformation);
             }
 
@@ -72,10 +76,10 @@ abstract class AbstractUriCertImportFunction implements SettingUIFunction {
         return returnStr.toString();
     }
 
-    abstract String getUri(StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData) throws PwmOperationalException;
+    abstract String getUri(StoredConfigurationImpl storedConfiguration,  PwmSetting pwmSetting,  String profile,  String extraData) throws PwmOperationalException;
 
 
-    void store(X509Certificate[] certs, StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData, final UserIdentity userIdentity) throws PwmOperationalException, PwmUnrecoverableException {
+    void store(final X509Certificate[] certs, final StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData, final UserIdentity userIdentity) throws PwmOperationalException, PwmUnrecoverableException {
         storedConfiguration.writeSetting(pwmSetting, new X509CertificateValue(certs), userIdentity);
     }
 

src/main/java/password/pwm/config/function/ActionCertImportFunction.java

@@ -41,20 +41,20 @@ import java.util.List;
 public class ActionCertImportFunction extends AbstractUriCertImportFunction {
 
     @Override
-    String getUri(StoredConfigurationImpl storedConfiguration, PwmSetting pwmSetting, String profile, String extraData) throws PwmOperationalException {
+    String getUri(final StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData) throws PwmOperationalException {
         final ActionValue actionValue = (ActionValue)storedConfiguration.readSetting(pwmSetting, profile);
         final String actionName = actionNameFromExtraData(extraData);
         final ActionConfiguration action =  actionValue.forName(actionName);
         final String uriString = action.getUrl();
 
         if (uriString == null || uriString.isEmpty()) {
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + pwmSetting.toMenuLocationDebug(profile, null) + " action " + actionName + " must first be configured");
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + pwmSetting.toMenuLocationDebug(profile, null) + " action " + actionName + " must first be configured");
             throw new PwmOperationalException(errorInformation);
         }
         try {
             URI.create(uriString);
         } catch (IllegalArgumentException e) {
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + pwmSetting.toMenuLocationDebug(profile, null) + " action " + actionName + " has an invalid URL syntax");
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + pwmSetting.toMenuLocationDebug(profile, null) + " action " + actionName + " has an invalid URL syntax");
             throw new PwmOperationalException(errorInformation);
         }
         return uriString;
@@ -64,11 +64,11 @@ public class ActionCertImportFunction extends AbstractUriCertImportFunction {
         return extraData;
     }
 
-    void store(X509Certificate[] certs, StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData, final UserIdentity userIdentity) throws PwmOperationalException, PwmUnrecoverableException {
+    void store(final X509Certificate[] certs, final StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData, final UserIdentity userIdentity) throws PwmOperationalException, PwmUnrecoverableException {
         final ActionValue actionValue = (ActionValue)storedConfiguration.readSetting(pwmSetting, profile);
         final String actionName = actionNameFromExtraData(extraData);
         final List<ActionConfiguration> newList = new ArrayList<>();
-        for (ActionConfiguration loopConfiguration : actionValue.toNativeObject()) {
+        for (final ActionConfiguration loopConfiguration : actionValue.toNativeObject()) {
             if (actionName.equals(loopConfiguration.getName())) {
                 final ActionConfiguration newConfig = loopConfiguration.copyWithNewCertificate(certs);
                 newList.add(newConfig);

src/main/java/password/pwm/config/function/LdapCertImportFunction.java

@@ -29,7 +29,11 @@ import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationImpl;
 import password.pwm.config.value.StringArrayValue;
 import password.pwm.config.value.X509CertificateValue;
-import password.pwm.error.*;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmException;
+import password.pwm.error.PwmOperationalException;
+import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmSession;
 import password.pwm.i18n.Message;
@@ -46,11 +50,11 @@ public class LdapCertImportFunction implements SettingUIFunction {
 
     @Override
     public String provideFunction(
-            PwmRequest pwmRequest,
-            StoredConfigurationImpl storedConfiguration,
-            PwmSetting setting,
-            String profile,
-            String extraData)
+            final PwmRequest pwmRequest,
+            final StoredConfigurationImpl storedConfiguration,
+            final PwmSetting setting,
+            final String profile,
+            final String extraData)
             throws PwmOperationalException, PwmUnrecoverableException {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
@@ -72,7 +76,7 @@ public class LdapCertImportFunction implements SettingUIFunction {
             if (e instanceof PwmException) {
                 throw new PwmOperationalException(((PwmException) e).getErrorInformation());
             }
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN,"error importing certificates: " + e.getMessage());
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN,"error importing certificates: " + e.getMessage());
             throw new PwmOperationalException(errorInformation);
         }
 

src/main/java/password/pwm/config/function/NAAFCertImportFunction.java

@@ -32,19 +32,19 @@ import java.net.URI;
 
 public class NAAFCertImportFunction extends AbstractUriCertImportFunction {
 
-    final static PwmSetting uriSourceSetting = PwmSetting.NAAF_WS_URL;
+    static final PwmSetting uriSourceSetting = PwmSetting.NAAF_WS_URL;
 
     @Override
-    String getUri(StoredConfigurationImpl storedConfiguration, PwmSetting pwmSetting, String profile, String extraData) throws PwmOperationalException {
+    String getUri(final StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData) throws PwmOperationalException {
         final String uriString = (String)storedConfiguration.readSetting(uriSourceSetting).toNativeObject();
         if (uriString == null || uriString.isEmpty()) {
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " must first be configured");
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " must first be configured");
             throw new PwmOperationalException(errorInformation);
         }
         try {
             URI.create(uriString);
         } catch (IllegalArgumentException e) {
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " has an invalid URL syntax");
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " has an invalid URL syntax");
             throw new PwmOperationalException(errorInformation);
         }
         return uriString;

src/main/java/password/pwm/config/function/OAuthCertImportFunction.java

@@ -32,19 +32,19 @@ import java.net.URI;
 
 public class OAuthCertImportFunction extends AbstractUriCertImportFunction {
 
-    final static PwmSetting uriSourceSetting = PwmSetting.OAUTH_ID_CODERESOLVE_URL;
+    static final PwmSetting uriSourceSetting = PwmSetting.OAUTH_ID_CODERESOLVE_URL;
 
     @Override
-    String getUri(StoredConfigurationImpl storedConfiguration, PwmSetting pwmSetting, String profile, String extraData) throws PwmOperationalException {
+    String getUri(final StoredConfigurationImpl storedConfiguration, final PwmSetting pwmSetting, final String profile, final String extraData) throws PwmOperationalException {
         final String uriString = (String)storedConfiguration.readSetting(uriSourceSetting).toNativeObject();
         if (uriString == null || uriString.isEmpty()) {
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " must first be configured");
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " must first be configured");
             throw new PwmOperationalException(errorInformation);
         }
         try {
             URI.create(uriString);
         } catch (IllegalArgumentException e) {
-            ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " has an invalid URL syntax");
+            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"Setting " + uriSourceSetting.toMenuLocationDebug(profile, null) + " has an invalid URL syntax");
             throw new PwmOperationalException(errorInformation);
         }
         return uriString;

src/main/java/password/pwm/config/function/SyslogCertImportFunction.java

@@ -28,7 +28,11 @@ import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationImpl;
 import password.pwm.config.value.X509CertificateValue;
-import password.pwm.error.*;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmException;
+import password.pwm.error.PwmOperationalException;
+import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmSession;
 import password.pwm.i18n.Message;
@@ -44,11 +48,11 @@ public class SyslogCertImportFunction implements SettingUIFunction {
 
     @Override
     public String provideFunction(
-            PwmRequest pwmRequest,
-            StoredConfigurationImpl storedConfiguration,
-            PwmSetting setting,
-            String profile,
-            String extraData)
+            final PwmRequest pwmRequest,
+            final StoredConfigurationImpl storedConfiguration,
+            final PwmSetting setting,
+            final String profile,
+            final String extraData)
             throws PwmOperationalException, PwmUnrecoverableException {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
@@ -68,7 +72,7 @@ public class SyslogCertImportFunction implements SettingUIFunction {
                     if (e instanceof PwmException) {
                         throw new PwmOperationalException(((PwmException) e).getErrorInformation());
                     }
-                    ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN,"error importing certificates: " + e.getMessage());
+                    final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN,"error importing certificates: " + e.getMessage());
                     throw new PwmOperationalException(errorInformation);
                 }
 

src/main/java/password/pwm/config/function/UserMatchViewerFunction.java

@@ -46,7 +46,11 @@ import password.pwm.util.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.Collection;
+import java.util.Date;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Set;
 
 public class UserMatchViewerFunction implements SettingUIFunction {
     private static final PwmLogger LOGGER = PwmLogger.forClass(UserMatchViewerFunction.class);
@@ -57,7 +61,7 @@ public class UserMatchViewerFunction implements SettingUIFunction {
             final StoredConfigurationImpl storedConfiguration,
             final PwmSetting setting,
             final String profile,
-            String extraData)
+            final String extraData)
             throws Exception
     {
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
@@ -142,7 +146,7 @@ public class UserMatchViewerFunction implements SettingUIFunction {
             return users;
         }
 
-        public void setUsers(Collection<UserIdentity> users) {
+        public void setUsers(final Collection<UserIdentity> users) {
             this.users = users;
         }
 
@@ -150,7 +154,7 @@ public class UserMatchViewerFunction implements SettingUIFunction {
             return sizeExceeded;
         }
 
-        public void setSizeExceeded(boolean sizeExceeded) {
+        public void setSizeExceeded(final boolean sizeExceeded) {
             this.sizeExceeded = sizeExceeded;
         }
 
@@ -158,7 +162,7 @@ public class UserMatchViewerFunction implements SettingUIFunction {
             return searchOperationSummary;
         }
 
-        public void setSearchOperationSummary(String searchOperationSummary) {
+        public void setSearchOperationSummary(final String searchOperationSummary) {
             this.searchOperationSummary = searchOperationSummary;
         }
     }

src/main/java/password/pwm/config/option/IdentityVerificationMethod.java

@@ -45,7 +45,7 @@ public enum IdentityVerificationMethod implements ConfigurationOption {
     private final boolean userSelectable;
     private final Display displayKey;
 
-    IdentityVerificationMethod(boolean userSelectable, Display displayKey) {
+    IdentityVerificationMethod(final boolean userSelectable, final Display displayKey) {
         this.userSelectable = userSelectable;
         this.displayKey = displayKey;
     }

src/main/java/password/pwm/config/option/OTPStorageFormat.java

@@ -40,7 +40,7 @@ public enum OTPStorageFormat {
      *
      * @param useRecoveryCodes
      */
-    OTPStorageFormat(boolean useRecoveryCodes) {
+    OTPStorageFormat(final boolean useRecoveryCodes) {
         this.useRecoveryCodes = useRecoveryCodes;
         this.hashRecoveryCodes = useRecoveryCodes; // defaults to true, if recovery codes enabled.
     }
@@ -52,8 +52,8 @@ public enum OTPStorageFormat {
      * @param hashRecoveryCodes
      */
     OTPStorageFormat(
-            boolean useRecoveryCodes,
-            boolean hashRecoveryCodes
+            final boolean useRecoveryCodes,
+            final boolean hashRecoveryCodes
     ) {
         this.useRecoveryCodes = useRecoveryCodes;
         this.hashRecoveryCodes = useRecoveryCodes && hashRecoveryCodes;

src/main/java/password/pwm/config/option/TLSVersion.java

@@ -33,7 +33,7 @@ public enum TLSVersion {
 
     private final String tomcatValueName;
 
-    TLSVersion(String tomcatValueName) {
+    TLSVersion(final String tomcatValueName) {
         this.tomcatValueName = tomcatValueName;
     }
 

src/main/java/password/pwm/config/profile/AbstractProfile.java

@@ -22,21 +22,35 @@
 
 package password.pwm.config.profile;
 
-import password.pwm.config.*;
+import password.pwm.config.ActionConfiguration;
+import password.pwm.config.Configuration;
+import password.pwm.config.FormConfiguration;
+import password.pwm.config.PwmSetting;
+import password.pwm.config.PwmSettingCategory;
+import password.pwm.config.PwmSettingSyntax;
+import password.pwm.config.SettingReader;
+import password.pwm.config.StoredValue;
+import password.pwm.config.UserPermission;
 import password.pwm.config.option.IdentityVerificationMethod;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.config.value.VerificationMethodValue;
 import password.pwm.util.PasswordData;
 
 import java.security.cert.X509Certificate;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
 
 public abstract class AbstractProfile implements Profile, SettingReader {
 
-    final protected String identifier;
-    final protected Map<PwmSetting,StoredValue> storedValueMap;
+    protected final String identifier;
+    protected final Map<PwmSetting,StoredValue> storedValueMap;
 
-    protected AbstractProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    protected AbstractProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         this.identifier = identifier;
         this.storedValueMap = storedValueMap;
     }
@@ -66,12 +80,12 @@ public abstract class AbstractProfile implements Profile, SettingReader {
     }
 
     @Override
-    public <E extends Enum<E>> Set<E> readSettingAsOptionList(final PwmSetting setting, Class<E> enumClass) {
+    public <E extends Enum<E>> Set<E> readSettingAsOptionList(final PwmSetting setting, final Class<E> enumClass) {
         return Configuration.JavaTypeConverter.valueToOptionList(setting, storedValueMap.get(setting), enumClass);
     }
 
     @Override
-    public <E extends Enum<E>> E readSettingAsEnum(PwmSetting setting, Class<E> enumClass) {
+    public <E extends Enum<E>> E readSettingAsEnum(final PwmSetting setting, final Class<E> enumClass) {
         return Configuration.JavaTypeConverter.valueToEnum(setting, storedValueMap.get(setting), enumClass);
     }
 
@@ -133,7 +147,7 @@ public abstract class AbstractProfile implements Profile, SettingReader {
         return valueMap;
     }
 
-    public Set<IdentityVerificationMethod> readVerificationMethods(final PwmSetting pwmSetting, VerificationMethodValue.EnabledState enabledState) {
+    public Set<IdentityVerificationMethod> readVerificationMethods(final PwmSetting pwmSetting, final VerificationMethodValue.EnabledState enabledState) {
         final Set<IdentityVerificationMethod> result = new LinkedHashSet<>();
         final StoredValue configValue = storedValueMap.get(pwmSetting);
         final VerificationMethodValue.VerificationMethodSettings verificationMethodSettings = (VerificationMethodValue.VerificationMethodSettings)configValue.toNativeObject();

src/main/java/password/pwm/config/profile/ChallengeProfile.java

@@ -28,7 +28,11 @@ import com.novell.ldapchai.cr.Challenge;
 import com.novell.ldapchai.cr.ChallengeSet;
 import com.novell.ldapchai.exception.ChaiValidationException;
 import password.pwm.PwmConstants;
-import password.pwm.config.*;
+import password.pwm.config.ChallengeItemConfiguration;
+import password.pwm.config.Configuration;
+import password.pwm.config.PwmSetting;
+import password.pwm.config.StoredValue;
+import password.pwm.config.UserPermission;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.config.value.ChallengeValue;
 import password.pwm.error.ErrorInformation;
@@ -38,7 +42,12 @@ import password.pwm.util.LocaleHelper;
 import password.pwm.util.logging.PwmLogger;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
 
 public class ChallengeProfile implements Profile, Serializable {
     private static final PwmLogger LOGGER = PwmLogger.forClass(ChallengeProfile.class);
@@ -113,12 +122,12 @@ public class ChallengeProfile implements Profile, Serializable {
     }
 
     public static ChallengeProfile createChallengeProfile(
-            String profileID,
-            Locale locale,
-            ChallengeSet challengeSet,
-            ChallengeSet helpdeskChallengeSet,
-            int minRandomSetup,
-            int minHelpdeskRandomSetup
+            final String profileID,
+            final Locale locale,
+            final ChallengeSet challengeSet,
+            final ChallengeSet helpdeskChallengeSet,
+            final int minRandomSetup,
+            final int minHelpdeskRandomSetup
     ) {
         return new ChallengeProfile(profileID, locale, challengeSet, helpdeskChallengeSet, minRandomSetup, minHelpdeskRandomSetup, null);
     }
@@ -165,14 +174,17 @@ public class ChallengeProfile implements Profile, Serializable {
             final StoredConfiguration storedConfiguration,
             final PwmSetting requiredChallenges,
             final PwmSetting randomChallenges,
-            int minimumRands
-    ) throws PwmOperationalException {
+            final int minimumRands
+    )
+            throws PwmOperationalException
+    {
         final List<ChallengeItemConfiguration> requiredQuestions = valueToChallengeItemArray(
                 storedConfiguration.readSetting(requiredChallenges, profileID), locale);
         final List<ChallengeItemConfiguration> randomQuestions = valueToChallengeItemArray(
                 storedConfiguration.readSetting(randomChallenges, profileID), locale);
 
         final List<Challenge> challenges = new ArrayList<>();
+        int randoms = minimumRands;
 
         if (requiredQuestions != null) {
             for (final ChallengeItemConfiguration item : requiredQuestions) {
@@ -207,15 +219,15 @@ public class ChallengeProfile implements Profile, Serializable {
                 }
             }
 
-            if (minimumRands > randomQuestions.size()) {
-                minimumRands = randomQuestions.size();
+            if (randoms > randomQuestions.size()) {
+                randoms = randomQuestions.size();
             }
         } else {
-            minimumRands = 0;
+            randoms = 0;
         }
 
         try {
-            return new ChaiChallengeSet(challenges, minimumRands, locale, PwmConstants.PWM_APP_NAME + "-defined " + PwmConstants.SERVLET_VERSION);
+            return new ChaiChallengeSet(challenges, randoms, locale, PwmConstants.PWM_APP_NAME + "-defined " + PwmConstants.SERVLET_VERSION);
         } catch (ChaiValidationException e) {
             throw new PwmOperationalException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR,"invalid challenge set configuration: " + e.getMessage()));
         }

src/main/java/password/pwm/config/profile/DeleteAccountProfile.java

@@ -32,7 +32,7 @@ import java.util.Map;
 public class DeleteAccountProfile extends AbstractProfile implements Profile {
     private static final ProfileType PROFILE_TYPE = ProfileType.DeleteAccount;
 
-    protected DeleteAccountProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    protected DeleteAccountProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         super(identifier, storedValueMap);
     }
 
@@ -43,7 +43,7 @@ public class DeleteAccountProfile extends AbstractProfile implements Profile {
     }
 
     @Override
-    public String getDisplayName(Locale locale)
+    public String getDisplayName(final Locale locale)
     {
         return this.getIdentifier();
     }

src/main/java/password/pwm/config/profile/ForgottenPasswordProfile.java

@@ -22,12 +22,15 @@
 
 package password.pwm.config.profile;
 
-import password.pwm.config.*;
+import password.pwm.config.PwmSetting;
+import password.pwm.config.StoredValue;
 import password.pwm.config.option.IdentityVerificationMethod;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.config.value.VerificationMethodValue;
 
-import java.util.*;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
 
 public class ForgottenPasswordProfile extends AbstractProfile {
 
@@ -36,13 +39,13 @@ public class ForgottenPasswordProfile extends AbstractProfile {
     private Set<IdentityVerificationMethod> requiredRecoveryVerificationMethods;
     private Set<IdentityVerificationMethod> optionalRecoveryVerificationMethods;
 
-    public ForgottenPasswordProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    public ForgottenPasswordProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         super(identifier, storedValueMap);
     }
 
 
     @Override
-    public String getDisplayName(Locale locale) {
+    public String getDisplayName(final Locale locale) {
         return null;
     }
 

src/main/java/password/pwm/config/profile/HelpdeskProfile.java

@@ -28,13 +28,18 @@ import password.pwm.config.option.IdentityVerificationMethod;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.config.value.VerificationMethodValue;
 
-import java.util.*;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.LinkedHashSet;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
 
 public class HelpdeskProfile extends AbstractProfile implements Profile {
 
     private static final ProfileType PROFILE_TYPE = ProfileType.Helpdesk;
 
-    protected HelpdeskProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    protected HelpdeskProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         super(identifier, storedValueMap);
     }
 
@@ -44,7 +49,7 @@ public class HelpdeskProfile extends AbstractProfile implements Profile {
     }
 
     @Override
-    public String getDisplayName(Locale locale)
+    public String getDisplayName(final Locale locale)
     {
         return this.getIdentifier();
     }

src/main/java/password/pwm/config/profile/LdapProfile.java

@@ -32,13 +32,12 @@ import password.pwm.config.stored.StoredConfigurationImpl;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.util.StringUtil;
 
-import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 
 public class LdapProfile extends AbstractProfile implements Profile {
-    protected LdapProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    protected LdapProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         super(identifier, storedValueMap);
     }
 

src/main/java/password/pwm/config/profile/NewUserProfile.java

@@ -51,7 +51,7 @@ public class NewUserProfile extends AbstractProfile {
     private Date newUserPasswordPolicyCacheTime;
     private final Map<Locale,PwmPasswordPolicy> newUserPasswordPolicyCache = new HashMap<>();
 
-    protected NewUserProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    protected NewUserProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         super(identifier, storedValueMap);
     }
 
@@ -67,7 +67,7 @@ public class NewUserProfile extends AbstractProfile {
     }
 
     @Override
-    public String getDisplayName(Locale locale) {
+    public String getDisplayName(final Locale locale) {
         final String value = this.readSettingAsLocalizedString(PwmSetting.NEWUSER_PROFILE_DISPLAY_NAME, locale);
         return value != null && !value.isEmpty() ? value : this.getIdentifier();
     }

src/main/java/password/pwm/config/profile/ProfileType.java

@@ -37,7 +37,7 @@ public enum ProfileType {
     private final PwmSettingCategory category;
     private final PwmSetting queryMatch;
 
-    ProfileType(boolean authenticated, PwmSettingCategory category, PwmSetting queryMatch) {
+    ProfileType(final boolean authenticated, final PwmSettingCategory category, final PwmSetting queryMatch) {
         this.authenticated = authenticated;
         this.category = category;
         this.queryMatch = queryMatch;

src/main/java/password/pwm/config/profile/PwmPasswordPolicy.java

@@ -63,7 +63,7 @@ public class PwmPasswordPolicy implements Profile,Serializable {
 
     private final Map<String, String> policyMap = new HashMap<>();
 
-    private transient final ChaiPasswordPolicy chaiPasswordPolicy;
+    private final transient ChaiPasswordPolicy chaiPasswordPolicy;
 
     private String profileID;
     private List<UserPermission> userPermissions;
@@ -139,7 +139,7 @@ public class PwmPasswordPolicy implements Profile,Serializable {
         return policyMap.get(rule.getKey());
     }
 
-    public void setProfileID(String profileID) {
+    public void setProfileID(final String profileID) {
         this.profileID = profileID;
     }
 
@@ -147,7 +147,7 @@ public class PwmPasswordPolicy implements Profile,Serializable {
         return userPermissions;
     }
 
-    public void setUserPermissions(List<UserPermission> userPermissions) {
+    public void setUserPermissions(final List<UserPermission> userPermissions) {
         this.userPermissions = userPermissions;
     }
 
@@ -155,7 +155,7 @@ public class PwmPasswordPolicy implements Profile,Serializable {
         return ruleText;
     }
 
-    public void setRuleText(String ruleText) {
+    public void setRuleText(final String ruleText) {
         this.ruleText = ruleText;
     }
 
@@ -227,6 +227,10 @@ public class PwmPasswordPolicy implements Profile,Serializable {
                                     newPasswordPolicies.put(ruleKey, String.valueOf(localValue && otherValue));
                                 }
                                 break;
+
+                            default:
+                                //continue processing
+                                break;
                         }
                 }
             }
@@ -287,7 +291,7 @@ public class PwmPasswordPolicy implements Profile,Serializable {
             return chaiRuleHelper.getDisallowedValues();
         }
 
-        public List<String> getDisallowedAttributes(Flag ... flags) {
+        public List<String> getDisallowedAttributes(final Flag ... flags) {
             final List<String> disallowedAttributes = chaiRuleHelper.getDisallowedAttributes();
 
             if (Helper.enumArrayContainsValue(flags, Flag.KeepThresholds)) {
@@ -313,11 +317,11 @@ public class PwmPasswordPolicy implements Profile,Serializable {
             }
         }
 
-        public List<Pattern> getRegExMatch(MacroMachine macroMachine) {
+        public List<Pattern> getRegExMatch(final MacroMachine macroMachine) {
             return readRegExSetting(PwmPasswordRule.RegExMatch, macroMachine);
         }
 
-        public List<Pattern> getRegExNoMatch(MacroMachine macroMachine) {
+        public List<Pattern> getRegExNoMatch(final MacroMachine macroMachine) {
             return readRegExSetting(PwmPasswordRule.RegExNoMatch, macroMachine);
         }
 
@@ -349,7 +353,7 @@ public class PwmPasswordPolicy implements Profile,Serializable {
             return StringHelper.convertStrToBoolean(value);
         }
 
-        private List<Pattern> readRegExSetting(final PwmPasswordRule rule, MacroMachine macroMachine) {
+        private List<Pattern> readRegExSetting(final PwmPasswordRule rule, final MacroMachine macroMachine) {
             final String input = passwordPolicy.policyMap.get(rule.getKey());
 
             return readRegExSetting(rule, macroMachine, input);
@@ -453,4 +457,4 @@ public class PwmPasswordPolicy implements Profile,Serializable {
 
         return Collections.unmodifiableList(returnList);
     }
-}
+}

src/main/java/password/pwm/config/profile/PwmPasswordRule.java

@@ -22,11 +22,7 @@
 
 package password.pwm.config.profile;
 
-import java.util.HashSet;
-import java.util.Locale;
-import java.util.MissingResourceException;
-import java.util.Set;
-
+import com.novell.ldapchai.ChaiPasswordRule;
 import password.pwm.AppProperty;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
@@ -34,7 +30,10 @@ import password.pwm.i18n.Message;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.logging.PwmLogger;
 
-import com.novell.ldapchai.ChaiPasswordRule;
+import java.util.HashSet;
+import java.util.Locale;
+import java.util.MissingResourceException;
+import java.util.Set;
 
 /**
  * Password rules

src/main/java/password/pwm/config/profile/UpdateAttributesProfile.java

@@ -33,7 +33,7 @@ public class UpdateAttributesProfile extends AbstractProfile implements Profile
 
     private static final ProfileType PROFILE_TYPE = ProfileType.UpdateAttributes;
 
-    protected UpdateAttributesProfile(String identifier, Map<PwmSetting, StoredValue> storedValueMap) {
+    protected UpdateAttributesProfile(final String identifier, final Map<PwmSetting, StoredValue> storedValueMap) {
         super(identifier, storedValueMap);
     }
 
@@ -44,7 +44,7 @@ public class UpdateAttributesProfile extends AbstractProfile implements Profile
     }
 
     @Override
-    public String getDisplayName(Locale locale)
+    public String getDisplayName(final Locale locale)
     {
         return this.getIdentifier();
     }

src/main/java/password/pwm/config/stored/ConfigChangeLog.java

@@ -34,7 +34,7 @@ public interface ConfigChangeLog {
 
     void updateChangeLog(StoredConfigReference reference, StoredValue newValue);
 
-    public void updateChangeLog(final StoredConfigReference reference, final StoredValue currentValue, final StoredValue newValue);
+    void updateChangeLog( StoredConfigReference reference,  StoredValue currentValue,  StoredValue newValue);
 
-    public Collection<StoredConfigReference> changedValues();
+    Collection<StoredConfigReference> changedValues();
 }

src/main/java/password/pwm/config/stored/ConfigChangeLogImpl.java

@@ -29,14 +29,18 @@ import password.pwm.util.LocaleHelper;
 import password.pwm.util.StringUtil;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.Collection;
+import java.util.LinkedHashMap;
+import java.util.Locale;
+import java.util.Map;
+import java.util.TreeMap;
 
 public class ConfigChangeLogImpl implements Serializable, ConfigChangeLog {
     private final Map<StoredConfigReference,StoredValue> changeLog = new LinkedHashMap<>();
     private final Map<StoredConfigReference,StoredValue> originalValue = new LinkedHashMap<>();
     private final StorageEngine storedConfiguration;
 
-    public ConfigChangeLogImpl(StorageEngine storageEngine) {
+    public ConfigChangeLogImpl(final StorageEngine storageEngine) {
         this.storedConfiguration = storageEngine;
     }
 
@@ -46,7 +50,7 @@ public class ConfigChangeLogImpl implements Serializable, ConfigChangeLog {
     }
 
     @Override
-    public String changeLogAsDebugString(final Locale locale, boolean asHtml) {
+    public String changeLogAsDebugString(final Locale locale, final boolean asHtml) {
         final Map<String,String> outputMap = new TreeMap<>();
         final String SEPARATOR = LocaleHelper.getLocalizedMessage(locale, Config.Display_SettingNavigationSeparator, null);
 
@@ -72,6 +76,10 @@ public class ConfigChangeLogImpl implements Serializable, ConfigChangeLog {
                 }
                 break;
                 */
+
+                default:
+                    //continue
+                    break;
             }
         }
         final StringBuilder output = new StringBuilder();

src/main/java/password/pwm/config/stored/ConfigurationProperty.java

@@ -35,7 +35,7 @@ public enum ConfigurationProperty {
 
     private final String key;
 
-    ConfigurationProperty(String key)
+    ConfigurationProperty(final String key)
     {
         this.key = key;
     }

src/main/java/password/pwm/config/stored/ConfigurationReader.java

@@ -23,7 +23,6 @@
 package password.pwm.config.stored;
 
 import org.apache.commons.io.FileUtils;
-import org.omg.CORBA.UNKNOWN;
 import password.pwm.AppProperty;
 import password.pwm.PwmApplication;
 import password.pwm.PwmApplicationMode;
@@ -40,9 +39,12 @@ import password.pwm.util.JsonUtil;
 import password.pwm.util.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
-import java.io.*;
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.math.BigInteger;
-import java.nio.file.CopyOption;
 import java.nio.file.Files;
 import java.nio.file.StandardCopyOption;
 import java.util.Date;

src/main/java/password/pwm/config/stored/NGStorageEngineImpl.java

@@ -38,7 +38,7 @@ class NGStorageEngineImpl implements StorageEngine {
     private final ReentrantReadWriteLock bigLock = new ReentrantReadWriteLock();
     private boolean writeLocked = false;
 
-    public NGStorageEngineImpl(
+    NGStorageEngineImpl(
             final Map<StoredConfigReference, StoredValue> values,
             final Map<StoredConfigReference, ValueMetaData> metaValues
     ) {
@@ -51,7 +51,7 @@ class NGStorageEngineImpl implements StorageEngine {
         return changeLog;
     }
 
-    public StoredValue read(StoredConfigReference storedConfigReference) {
+    public StoredValue read(final StoredConfigReference storedConfigReference) {
         bigLock.readLock().lock();
         try {
             return values.get(storedConfigReference);
@@ -64,7 +64,7 @@ class NGStorageEngineImpl implements StorageEngine {
         return metaValues.get(storedConfigReference);
     }
 
-    public void write(StoredConfigReference reference, StoredValue value, UserIdentity userIdentity)
+    public void write(final StoredConfigReference reference, final StoredValue value, final UserIdentity userIdentity)
     {
         checkWriteLock();
         bigLock.writeLock().lock();
@@ -82,7 +82,7 @@ class NGStorageEngineImpl implements StorageEngine {
         }
     }
 
-    public void reset(StoredConfigReference reference, UserIdentity userIdentity)
+    public void reset(final StoredConfigReference reference, final UserIdentity userIdentity)
     {
         checkWriteLock();
         bigLock.writeLock().lock();

src/main/java/password/pwm/config/stored/NGStoredConfiguration.java

@@ -37,7 +37,7 @@ import java.util.Date;
 import java.util.Map;
 
 class NGStoredConfiguration implements StoredConfiguration {
-    final static private PwmLogger LOGGER = PwmLogger.forClass(NGStoredConfiguration.class);
+    private static final PwmLogger LOGGER = PwmLogger.forClass(NGStoredConfiguration.class);
     private final PwmSecurityKey configurationSecurityKey;
     private final StorageEngine engine;
 
@@ -51,7 +51,7 @@ class NGStoredConfiguration implements StoredConfiguration {
     }
 
     public String readConfigProperty(final ConfigurationProperty configurationProperty) {
-        StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
+        final StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
                 StoredConfigReference.RecordType.PROPERTY,
                 configurationProperty.getKey(),
                 null
@@ -65,7 +65,7 @@ class NGStoredConfiguration implements StoredConfiguration {
 
     public void writeConfigProperty(final ConfigurationProperty configurationProperty, final String value)
     {
-        StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
+        final StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
                 StoredConfigReference.RecordType.PROPERTY,
                 configurationProperty.getKey(),
                 null
@@ -74,7 +74,7 @@ class NGStoredConfiguration implements StoredConfiguration {
         engine.write(storedConfigReference, storedValue, null);
     }
 
-    public void resetSetting(PwmSetting setting, String profileID, UserIdentity userIdentity) {
+    public void resetSetting(final PwmSetting setting, final String profileID, final UserIdentity userIdentity) {
         final StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
                 StoredConfigReference.RecordType.SETTING,
                 setting.getKey(),
@@ -83,25 +83,25 @@ class NGStoredConfiguration implements StoredConfiguration {
         engine.reset(storedConfigReference, userIdentity);
     }
 
-    public boolean isDefaultValue(PwmSetting setting) {
+    public boolean isDefaultValue(final PwmSetting setting) {
         return isDefaultValue(setting, null);
     }
 
-    public boolean isDefaultValue(PwmSetting setting, String profileID) {
+    public boolean isDefaultValue(final PwmSetting setting, final String profileID) {
         final StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
                 StoredConfigReference.RecordType.SETTING,
                 setting.getKey(),
                 profileID
         );
-        StoredValue value = engine.read(storedConfigReference);
+        final StoredValue value = engine.read(storedConfigReference);
         return value == null;
     }
 
-    public StoredValue readSetting(PwmSetting setting) {
+    public StoredValue readSetting(final PwmSetting setting) {
         return readSetting(setting, null);
     }
 
-    public StoredValue readSetting(PwmSetting setting, String profileID) {
+    public StoredValue readSetting(final PwmSetting setting, final String profileID) {
         final StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
                 StoredConfigReference.RecordType.SETTING,
                 setting.getKey(),
@@ -110,24 +110,24 @@ class NGStoredConfiguration implements StoredConfiguration {
         return engine.read(storedConfigReference);
     }
 
-    public void copyProfileID(PwmSettingCategory category, String sourceID, String destinationID, UserIdentity userIdentity)
+    public void copyProfileID(final PwmSettingCategory category, final String sourceID, final String destinationID, final UserIdentity userIdentity)
             throws PwmUnrecoverableException {
         throw new IllegalStateException("not implemented"); //@todo
     }
 
     public void writeSetting(
-            PwmSetting setting,
-            StoredValue value,
-            UserIdentity userIdentity
+            final PwmSetting setting,
+            final StoredValue value,
+            final UserIdentity userIdentity
     ) throws PwmUnrecoverableException {
         writeSetting(setting, null, value, userIdentity);
     }
 
     public void writeSetting(
-            PwmSetting setting,
-            String profileID,
-            StoredValue value,
-            UserIdentity userIdentity
+            final PwmSetting setting,
+            final String profileID,
+            final StoredValue value,
+            final UserIdentity userIdentity
     )
             throws PwmUnrecoverableException
     {
@@ -155,7 +155,7 @@ class NGStoredConfiguration implements StoredConfiguration {
     }
 
     @Override
-    public ValueMetaData readSettingMetadata(PwmSetting setting, String profileID) {
+    public ValueMetaData readSettingMetadata(final PwmSetting setting, final String profileID) {
         final StoredConfigReference storedConfigReference = new StoredConfigReferenceBean(
                 StoredConfigReference.RecordType.SETTING,
                 setting.getKey(),

src/main/java/password/pwm/config/stored/NGStoredConfigurationFactory.java

@@ -43,13 +43,12 @@ import java.util.Date;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
-import static password.pwm.config.stored.StoredConfiguration.*;
 
 public class NGStoredConfigurationFactory {
     private static final PwmLogger LOGGER = PwmLogger.forClass(NGStoredConfigurationFactory.class);
 
     //@Override
-    public NGStoredConfiguration fromXml(InputStream inputStream) throws PwmUnrecoverableException {
+    public NGStoredConfiguration fromXml(final InputStream inputStream) throws PwmUnrecoverableException {
         return XmlEngine.fromXmlImpl(inputStream);
     }
 
@@ -59,7 +58,7 @@ public class NGStoredConfigurationFactory {
 
     private static class XmlEngine {
 
-        static NGStoredConfiguration fromXmlImpl(InputStream inputStream)
+        static NGStoredConfiguration fromXmlImpl(final InputStream inputStream)
                 throws PwmUnrecoverableException
         {
             final Map<StoredConfigReference, StoredValue> values = new LinkedHashMap<>();
@@ -70,11 +69,11 @@ public class NGStoredConfigurationFactory {
 
             final PwmSecurityKey pwmSecurityKey = readSecurityKey(rootElement);
 
-            final Element settingsElement = rootElement.getChild(XML_ELEMENT_SETTINGS);
+            final Element settingsElement = rootElement.getChild(StoredConfiguration.XML_ELEMENT_SETTINGS);
 
             for (final Element loopElement : settingsElement.getChildren()) {
-                if (XML_ELEMENT_PROPERTIES.equals(loopElement.getName())) {
-                    for (final Element propertyElement : loopElement.getChildren(XML_ELEMENT_PROPERTY)) {
+                if (StoredConfiguration.XML_ELEMENT_PROPERTIES.equals(loopElement.getName())) {
+                    for (final Element propertyElement : loopElement.getChildren(StoredConfiguration.XML_ELEMENT_PROPERTY)) {
                         readInterestingElement(propertyElement, pwmSecurityKey, values, metaData);
                     }
                 } else {
@@ -120,7 +119,7 @@ public class NGStoredConfigurationFactory {
         static PwmSecurityKey readSecurityKey(final Element rootElement)
                 throws PwmUnrecoverableException
         {
-            final String createTime = rootElement.getAttributeValue(XML_ATTRIBUTE_CREATE_TIME);
+            final String createTime = rootElement.getAttributeValue(StoredConfiguration.XML_ATTRIBUTE_CREATE_TIME);
             return new PwmSecurityKey(createTime + "StoredConfiguration");
         }
 
@@ -137,7 +136,7 @@ public class NGStoredConfigurationFactory {
                 LOGGER.debug("ignoring setting for unknown key: " + key);
             } else {
                 LOGGER.trace("parsing setting key=" + key + ", profile=" + storedConfigReference.getProfileID());
-                if (settingElement.getChild(XML_ELEMENT_DEFAULT) != null) {
+                if (settingElement.getChild(StoredConfiguration.XML_ELEMENT_DEFAULT) != null) {
                     try {
                         return ValueFactory.fromXmlValues(pwmSetting, settingElement, pwmSecurityKey);
                     } catch (PwmException e) {
@@ -160,7 +159,7 @@ public class NGStoredConfigurationFactory {
                 LOGGER.debug("ignoring property for unknown key: " + key);
             } else {
                 LOGGER.trace("parsing property key=" + key + ", profile=" + storedConfigReference.getProfileID());
-                if (settingElement.getChild(XML_ELEMENT_DEFAULT) != null) {
+                if (settingElement.getChild(StoredConfiguration.XML_ELEMENT_DEFAULT) != null) {
                     return new StringValue(settingElement.getValue());
                 }
             }
@@ -168,19 +167,19 @@ public class NGStoredConfigurationFactory {
         }
 
         static StoredConfigReference referenceForElement(final Element settingElement) {
-            final String key = settingElement.getAttributeValue(XML_ATTRIBUTE_KEY);
+            final String key = settingElement.getAttributeValue(StoredConfiguration.XML_ATTRIBUTE_KEY);
             final String profileID = readProfileID(settingElement);
             final StoredConfigReference.RecordType recordType;
             switch (settingElement.getName()) {
-                case XML_ELEMENT_SETTING:
+                case StoredConfiguration.XML_ELEMENT_SETTING:
                     recordType = StoredConfigReference.RecordType.SETTING;
                     break;
 
-                case XML_ELEMENT_PROPERTY:
+                case StoredConfiguration.XML_ELEMENT_PROPERTY:
                     recordType = StoredConfigReference.RecordType.PROPERTY;
                     break;
 
-                case XML_ELEMENT_LOCALEBUNDLE:
+                case StoredConfiguration.XML_ELEMENT_LOCALEBUNDLE:
                     recordType = StoredConfigReference.RecordType.LOCALE_BUNDLE;
                     break;
 
@@ -198,13 +197,13 @@ public class NGStoredConfigurationFactory {
         }
 
         static String readProfileID(final Element settingElement) {
-            final String profileIDStr = settingElement.getAttributeValue(XML_ATTRIBUTE_PROFILE);
+            final String profileIDStr = settingElement.getAttributeValue(StoredConfiguration.XML_ATTRIBUTE_PROFILE);
             return  profileIDStr != null && !profileIDStr.isEmpty() ? profileIDStr : null;
         }
 
         static ValueMetaData readValueMetaData(final Element element)
         {
-            final String modifyDateStr = element.getAttributeValue(XML_ATTRIBUTE_MODIFY_TIME);
+            final String modifyDateStr = element.getAttributeValue(StoredConfiguration.XML_ATTRIBUTE_MODIFY_TIME);
             Date modifyDate = null;
             try {
                 modifyDate = modifyDateStr == null || modifyDateStr.isEmpty()
@@ -213,8 +212,8 @@ public class NGStoredConfigurationFactory {
             } catch (ParseException e) {
                 LOGGER.warn("error parsing stored date: " +  e.getMessage());
             }
-            final String modifyUser = element.getAttributeValue(XML_ATTRIBUTE_MODIFY_USER);
-            final String modifyUserProfile = element.getAttributeValue(XML_ATTRIBUTE_MODIFY_USER_PROFILE);
+            final String modifyUser = element.getAttributeValue(StoredConfiguration.XML_ATTRIBUTE_MODIFY_USER);
+            final String modifyUserProfile = element.getAttributeValue(StoredConfiguration.XML_ATTRIBUTE_MODIFY_USER_PROFILE);
             final UserIdentity userIdentity;
             userIdentity = modifyUser != null
                     ? new UserIdentity(modifyUser, modifyUserProfile)

src/main/java/password/pwm/config/stored/StoredConfigReference.java

@@ -25,11 +25,11 @@ package password.pwm.config.stored;
 import java.io.Serializable;
 
 public interface StoredConfigReference extends Serializable, Comparable {
-    public RecordType getRecordType();
+    RecordType getRecordType();
 
-    public String getRecordID();
+    String getRecordID();
 
-    public String getProfileID();
+    String getProfileID();
 
     enum RecordType {
         SETTING,

src/main/java/password/pwm/config/stored/StoredConfigReferenceBean.java

@@ -29,7 +29,7 @@ class StoredConfigReferenceBean implements StoredConfigReference, Serializable,
     private String recordID;
     private String profileID;
 
-    StoredConfigReferenceBean(RecordType type, String recordID, String profileID) {
+    StoredConfigReferenceBean(final RecordType type, final String recordID, final String profileID) {
         if (type == null) {
             throw new NullPointerException("recordType can not be null");
         }
@@ -57,7 +57,7 @@ class StoredConfigReferenceBean implements StoredConfigReference, Serializable,
     }
 
     @Override
-    public boolean equals(Object o) {
+    public boolean equals(final Object o) {
         return o instanceof StoredConfigReference && toString().equals(o);
 
     }
@@ -77,7 +77,7 @@ class StoredConfigReferenceBean implements StoredConfigReference, Serializable,
     }
 
     @Override
-    public int compareTo(Object o) {
+    public int compareTo(final Object o) {
         return toString().compareTo(o.toString());
     }
 }

src/main/java/password/pwm/config/stored/StoredConfiguration.java

@@ -69,7 +69,7 @@ public interface StoredConfiguration {
 
     void lock();
 
-    ValueMetaData readSettingMetadata(final PwmSetting setting, final String profileID);
+    ValueMetaData readSettingMetadata( PwmSetting setting,  String profileID);
 
     void resetSetting(PwmSetting setting, String profileID, UserIdentity userIdentity);
 

src/main/java/password/pwm/config/stored/StoredConfigurationFactory.java

@@ -28,7 +28,7 @@ import java.io.InputStream;
 import java.io.OutputStream;
 
 interface StoredConfigurationFactory {
-    StoredConfiguration fromXml(final InputStream inputStream) throws PwmUnrecoverableException;
+    StoredConfiguration fromXml( InputStream inputStream) throws PwmUnrecoverableException;
 
-    void toXml(final OutputStream outputStream);
+    void toXml( OutputStream outputStream);
 }

src/main/java/password/pwm/config/stored/StoredConfigurationImpl.java

@@ -22,19 +22,44 @@
 
 package password.pwm.config.stored;
 
-import org.jdom2.*;
+import org.jdom2.Attribute;
+import org.jdom2.CDATA;
+import org.jdom2.Comment;
+import org.jdom2.Document;
+import org.jdom2.Element;
+import org.jdom2.Text;
 import org.jdom2.xpath.XPathExpression;
 import org.jdom2.xpath.XPathFactory;
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.*;
+import password.pwm.config.PwmSetting;
+import password.pwm.config.PwmSettingCategory;
+import password.pwm.config.PwmSettingSyntax;
+import password.pwm.config.PwmSettingTemplate;
+import password.pwm.config.PwmSettingTemplateSet;
+import password.pwm.config.StoredValue;
 import password.pwm.config.option.ADPolicyComplexity;
-import password.pwm.config.value.*;
-import password.pwm.error.*;
+import password.pwm.config.value.PasswordValue;
+import password.pwm.config.value.PrivateKeyValue;
+import password.pwm.config.value.StringArrayValue;
+import password.pwm.config.value.StringValue;
+import password.pwm.config.value.ValueFactory;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmException;
+import password.pwm.error.PwmOperationalException;
+import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.i18n.Config;
 import password.pwm.i18n.PwmLocaleBundle;
-import password.pwm.util.*;
+import password.pwm.util.BCrypt;
+import password.pwm.util.Helper;
+import password.pwm.util.JsonUtil;
+import password.pwm.util.LocaleHelper;
+import password.pwm.util.PasswordData;
+import password.pwm.util.StringUtil;
+import password.pwm.util.TimeDuration;
+import password.pwm.util.XmlUtil;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.secure.PwmRandom;
 import password.pwm.util.secure.PwmSecurityKey;
@@ -45,8 +70,26 @@ import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.Serializable;
 import java.text.ParseException;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Queue;
+import java.util.ResourceBundle;
+import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeMap;
+import java.util.TreeSet;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
+import java.util.stream.Collectors;
 
 /**
  * @author Jason D. Rivard
@@ -132,7 +175,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
     }
 
     public void resetAllPasswordValues(final String comment) {
-        for (final Iterator<SettingValueRecord> settingValueRecordIterator = new StoredValueIterator(false); settingValueRecordIterator.hasNext();) {
+        for (final Iterator<SettingValueRecord> settingValueRecordIterator = new StoredValueIterator(false); settingValueRecordIterator.hasNext(); ) {
             final SettingValueRecord settingValueRecord = settingValueRecordIterator.next();
             if (settingValueRecord.getSetting().getSyntax() == PwmSettingSyntax.PASSWORD) {
                 this.resetSetting(settingValueRecord.getSetting(),settingValueRecord.getProfile(),null);
@@ -185,7 +228,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
             propertyElement.setContent(new Text(value));
 
             if (null == XPathBuilder.xpathForConfigProperties().evaluateFirst(document)) {
-                Element configProperties = new Element(XML_ELEMENT_PROPERTIES);
+                final Element configProperties = new Element(XML_ELEMENT_PROPERTIES);
                 configProperties.setAttribute(new Attribute(XML_ATTRIBUTE_TYPE,XML_ATTRIBUTE_VALUE_CONFIG));
                 document.getRootElement().addContent(configProperties);
             }
@@ -324,7 +367,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         return new PwmSettingTemplateSet(templates);
     }
 
-    private static PwmSettingTemplate readTemplateValue(final Document document, PwmSetting pwmSetting) {
+    private static PwmSettingTemplate readTemplateValue(final Document document, final PwmSetting pwmSetting) {
         final XPathExpression xp = XPathBuilder.xpathForSetting(pwmSetting, null);
         final Element settingElement = (Element) xp.evaluateFirst(document);
         if (settingElement != null) {
@@ -338,7 +381,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         return null;
     }
 
-    public void setTemplate(PwmSettingTemplate template) {
+    public void setTemplate(final PwmSettingTemplate template) {
         writeConfigProperty(ConfigurationProperty.LDAP_TEMPLATE, template.toString());
     }
 
@@ -349,7 +392,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
 
     public Map<String,String> getModifiedSettingDebugValues(final Locale locale, final boolean prettyPrint) {
         final Map<String,String> returnObj = new LinkedHashMap<>();
-        for (SettingValueRecord record : this.modifiedSettings()) {
+        for (final SettingValueRecord record : this.modifiedSettings()) {
             final String label = record.getSetting().toMenuLocationDebug(record.getProfile(),locale);
             final String value = record.getStoredValue().toDebugString(locale);
             returnObj.put(label,value);
@@ -515,34 +558,28 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
             return Collections.emptyList();
         }
 
-        final LinkedHashSet<ConfigRecordID> returnSet = new LinkedHashSet<>();
-        boolean firstIter = true;
-        for (final String searchWord : StringUtil.whitespaceSplit(searchTerm)) { // split on whitespace
-            final LinkedHashSet<ConfigRecordID> loopResults = new LinkedHashSet<>();
-            for (final PwmSetting loopSetting : PwmSetting.values()) {
-                if (loopSetting.getCategory().hasProfiles()) {
-                    for (final String profile : profilesForSetting(loopSetting)) {
-                        final StoredValue loopValue = readSetting(loopSetting, profile);
-                        if (matchSetting(loopSetting,loopValue,searchWord,locale)) {
-                            loopResults.add(new ConfigRecordID(ConfigRecordID.RecordType.SETTING,loopSetting,profile));
-                        }
-                    }
-                } else {
-                    final StoredValue loopValue = readSetting(loopSetting);
-                    if (matchSetting(loopSetting,loopValue,searchWord,locale)) {
-                        loopResults.add(new ConfigRecordID(ConfigRecordID.RecordType.SETTING,loopSetting,null));
-                    }
-                }
-            }
-            if (firstIter) {
-                returnSet.addAll(loopResults);
-            } else {
-                returnSet.retainAll(loopResults);
-            }
-            firstIter = false;
-        }
+        final SortedSet<ConfigRecordID> matches = new TreeSet<>(
+                allSettingConfigRecordIDs()
+                        .parallelStream()
+                        .filter(s -> matchSetting(s, searchTerm, locale))
+                        .collect(Collectors.toList())
+        );
+
+        return new ArrayList<>(matches);
+    }
+
+    private boolean matchSetting(
+            final ConfigRecordID configRecordID,
+            final String searchTerm,
+            final Locale locale
+    ) {
 
-        return new ArrayList<>(returnSet);
+        final PwmSetting pwmSetting = (PwmSetting)configRecordID.getRecordID();
+        final StoredValue value = readSetting(pwmSetting, configRecordID.getProfileID());
+
+        return StringUtil.whitespaceSplit(searchTerm)
+                .parallelStream()
+                .allMatch(s -> matchSetting(pwmSetting, value, s, locale));
     }
 
     public boolean matchSetting(final PwmSetting setting, final StoredValue value, final String searchTerm, final Locale locale) {
@@ -614,7 +651,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
 
     public StoredValue readSetting(final PwmSetting setting, final String profileID) {
         if (profileID == null && setting.getCategory().hasProfiles()) {
-            IllegalArgumentException e = new IllegalArgumentException("reading of setting " + setting.getKey() + " requires a non-null profileID");
+            final IllegalArgumentException e = new IllegalArgumentException("reading of setting " + setting.getKey() + " requires a non-null profileID");
             LOGGER.error("error", e);
             throw e;
         }
@@ -782,7 +819,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         final List<SettingValueRecord> modifiedSettings = modifiedSettings();
         final StringBuilder sb = new StringBuilder();
         sb.append("PwmSettingsChecksum");
-        for (SettingValueRecord settingValueRecord : modifiedSettings) {
+        for (final SettingValueRecord settingValueRecord : modifiedSettings) {
             final StoredValue storedValue = settingValueRecord.getStoredValue();
             sb.append(storedValue.valueHash());
         }
@@ -832,7 +869,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         return passwordHash != null && passwordHash.length() > 0;
     }
 
-    private static abstract class XPathBuilder {
+    private abstract static class XPathBuilder {
         private static XPathExpression xpathForLocaleBundleSetting(final String bundleName, final String keyName) {
             final XPathFactory xpfac = XPathFactory.instance();
             final String xpathString;
@@ -928,7 +965,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
                 final List<Element> nonAttributedProperties = nonAttributedProperty.evaluate(rootElement);
 
                 if (configPropertiesElement != null && nonAttributedProperties != null) {
-                    for (Element element : nonAttributedProperties) {
+                    for (final Element element : nonAttributedProperties) {
                         element.detach();
                         configPropertiesElement.addContent(element);
                     }
@@ -939,7 +976,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
                         "//" + XML_ELEMENT_PROPERTIES + "[not (@" + XML_ATTRIBUTE_TYPE + ")]");
                 final List<Element> oldPropertiesElements = oldPropertiesXpath.evaluate(rootElement);
                 if (oldPropertiesElements != null) {
-                    for (Element element : oldPropertiesElements) {
+                    for (final Element element : oldPropertiesElements) {
                         element.detach();
                     }
                 }
@@ -1089,7 +1126,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
             final UserIdentity actor = new UserIdentity("UpgradeProcessor", null);
             for (final String profileID : storedConfiguration.profilesForSetting(PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY)) {
                 if (!storedConfiguration.isDefaultValue(PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY, profileID)) {
-                    boolean ad2003Enabled = (boolean) storedConfiguration.readSetting(PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY,profileID).toNativeObject();
+                    final boolean ad2003Enabled = (boolean) storedConfiguration.readSetting(PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY,profileID).toNativeObject();
                     final StoredValue value;
                     if (ad2003Enabled) {
                         value = new StringValue(ADPolicyComplexity.AD2003.toString());
@@ -1140,7 +1177,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
     }
 
 
-    public static class ConfigRecordID implements Serializable {
+    public static class ConfigRecordID implements Serializable, Comparable {
         private RecordType recordType;
         private Object recordID;
         private String profileID;
@@ -1151,9 +1188,9 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         }
 
         public ConfigRecordID(
-                RecordType recordType,
-                Object recordID,
-                String profileID
+                final RecordType recordType,
+                final Object recordID,
+                final String profileID
         )
         {
             this.recordType = recordType;
@@ -1161,29 +1198,6 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
             this.profileID = profileID;
         }
 
-        @Override
-        public boolean equals(Object o)
-        {
-            if (this == o) return true;
-            if (o == null || getClass() != o.getClass()) return false;
-
-            ConfigRecordID that = (ConfigRecordID) o;
-
-            if (profileID != null ? !profileID.equals(that.profileID) : that.profileID != null) return false;
-            if (recordID != null ? !recordID.equals(that.recordID) : that.recordID != null) return false;
-            if (recordType != that.recordType) return false;
-
-            return true;
-        }
-
-        @Override
-        public int hashCode()
-        {
-            int result = recordType != null ? recordType.hashCode() : 0;
-            result = 31 * result + (recordID != null ? recordID.hashCode() : 0);
-            result = 31 * result + (profileID != null ? profileID.hashCode() : 0);
-            return result;
-        }
 
         public RecordType getRecordType()
         {
@@ -1199,13 +1213,42 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         {
             return profileID;
         }
+
+        @Override
+        public boolean equals(final Object o) {
+            return o instanceof StoredConfigReference && toString().equals(o);
+
+        }
+
+        @Override
+        public int hashCode() {
+            return toString().hashCode();
+        }
+
+        @Override
+        public String toString() {
+            return this.getRecordType().toString()
+                    + "-"
+                    + (this.getProfileID() == null ? "" : this.getProfileID())
+                    + "-"
+                    + this.getRecordID();
+        }
+
+        @Override
+        public int compareTo(final Object o) {
+            return toString().compareTo(o.toString());
+        }
     }
 
+
+
+
     public String changeLogAsDebugString(final Locale locale, final boolean asHtml) {
         return changeLog.changeLogAsDebugString(locale, asHtml);
     }
 
     private PwmSecurityKey cachedKey = null;
+
     public PwmSecurityKey getKey() throws PwmUnrecoverableException {
         if (cachedKey == null) {
             cachedKey = new PwmSecurityKey(createTime() + "StoredConfiguration");
@@ -1225,7 +1268,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
             return !changeLog.isEmpty();
         }
 
-        public String changeLogAsDebugString(final Locale locale, boolean asHtml) {
+        public String changeLogAsDebugString(final Locale locale, final boolean asHtml) {
             final Map<String,String> outputMap = new TreeMap<>();
             final String SEPARATOR = LocaleHelper.getLocalizedMessage(locale, Config.Display_SettingNavigationSeparator, null);
 
@@ -1249,6 +1292,10 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
                         outputMap.put("LocaleBundle" + SEPARATOR + bundleName + " " + keys,debugValue);
                     }
                     break;
+
+                    default:
+                        // continue processing
+                        break;
                 }
             }
             final StringBuilder output = new StringBuilder();
@@ -1371,9 +1418,9 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         private StoredValue storedValue;
 
         public SettingValueRecord(
-                PwmSetting setting,
-                String profile,
-                StoredValue storedValue
+                final PwmSetting setting,
+                final String profile,
+                final StoredValue storedValue
         )
         {
             this.setting = setting;
@@ -1401,11 +1448,11 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
 
         private Queue<SettingValueRecord> settingQueue = new LinkedList<>();
 
-        public StoredValueIterator(boolean includeDefaults) {
+        StoredValueIterator(final boolean includeDefaults) {
             for (final PwmSetting setting : PwmSetting.values()) {
                 if (setting.getSyntax() != PwmSettingSyntax.PROFILE && !setting.getCategory().hasProfiles()) {
                     if (includeDefaults || !isDefaultValue(setting)) {
-                        SettingValueRecord settingValueRecord = new SettingValueRecord(setting, null, null);
+                        final SettingValueRecord settingValueRecord = new SettingValueRecord(setting, null, null);
                         settingQueue.add(settingValueRecord);
                     }
                 }
@@ -1416,7 +1463,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
                     for (final String profileID : profilesForSetting(category.getProfileSetting())) {
                         for (final PwmSetting setting : category.getSettings()) {
                             if (includeDefaults || !isDefaultValue(setting,profileID)) {
-                                SettingValueRecord settingValueRecord = new SettingValueRecord(setting, profileID, null);
+                                final SettingValueRecord settingValueRecord = new SettingValueRecord(setting, profileID, null);
                                 settingQueue.add(settingValueRecord);
                             }
                         }
@@ -1435,7 +1482,7 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
         @Override
         public SettingValueRecord next()
         {
-            StoredConfigurationImpl.SettingValueRecord settingValueRecord = settingQueue.poll();
+            final StoredConfigurationImpl.SettingValueRecord settingValueRecord = settingQueue.poll();
             return new SettingValueRecord(
                     settingValueRecord.getSetting(),
                     settingValueRecord.getProfile(),
@@ -1494,4 +1541,18 @@ public class StoredConfigurationImpl implements Serializable, StoredConfiguratio
     public boolean isLocked() {
         return locked;
     }
+
+    private List<ConfigRecordID> allSettingConfigRecordIDs() {
+        final LinkedHashSet<ConfigRecordID> loopResults = new LinkedHashSet<>();
+        for (final PwmSetting loopSetting : PwmSetting.values()) {
+            if (loopSetting.getCategory().hasProfiles()) {
+                for (final String profile : profilesForSetting(loopSetting)) {
+                    loopResults.add(new ConfigRecordID(ConfigRecordID.RecordType.SETTING, loopSetting, profile));
+                }
+            } else {
+                loopResults.add(new ConfigRecordID(ConfigRecordID.RecordType.SETTING, loopSetting, null));
+            }
+        }
+        return new ArrayList<>(loopResults);
+    }
 }

src/main/java/password/pwm/config/stored/StoredConfigurationProvider.java

@@ -28,7 +28,7 @@ import java.io.InputStream;
 import java.io.OutputStream;
 
 interface StoredConfigurationProvider {
-    StoredConfiguration fromXml(final InputStream inputStream) throws PwmUnrecoverableException;
+    StoredConfiguration fromXml( InputStream inputStream) throws PwmUnrecoverableException;
 
-    void toXml(final OutputStream outputStream);
+    void toXml( OutputStream outputStream);
 }

src/main/java/password/pwm/config/stored/StoredConfigurationUtil.java

@@ -28,7 +28,12 @@ import password.pwm.config.PwmSettingSyntax;
 import password.pwm.config.StoredValue;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.TreeMap;
 
 public abstract class StoredConfigurationUtil {
     public static List<String> profilesForSetting
@@ -80,7 +85,7 @@ public abstract class StoredConfigurationUtil {
         final List<String> settingValues = (List<String>)nativeObject;
         final LinkedList<String> profiles = new LinkedList<>();
         profiles.addAll(settingValues);
-        for (Iterator<String> iterator = profiles.iterator(); iterator.hasNext();) {
+        for (final Iterator<String> iterator = profiles.iterator(); iterator.hasNext(); ) {
             final String profile = iterator.next();
             if (profile == null || profile.length() < 1) {
                 iterator.remove();

src/main/java/password/pwm/config/stored/ValueMetaData.java

@@ -31,7 +31,7 @@ public class ValueMetaData implements Serializable {
     private Date modifyDate;
     private UserIdentity userIdentity;
 
-    public ValueMetaData(Date modifyDate, UserIdentity userIdentity) {
+    public ValueMetaData(final Date modifyDate, final UserIdentity userIdentity) {
         this.modifyDate = modifyDate;
         this.userIdentity = userIdentity;
     }

src/main/java/password/pwm/config/value/AbstractValue.java

@@ -37,12 +37,12 @@ public abstract class AbstractValue implements StoredValue {
     }
 
     @Override
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         return JsonUtil.serialize((Serializable) this.toNativeObject(), JsonUtil.Flag.PrettyPrint);
     }
 
     @Override
-    public Serializable toDebugJsonObject(Locale locale) {
+    public Serializable toDebugJsonObject(final Locale locale) {
         return (Serializable)this.toNativeObject();
     }
 

src/main/java/password/pwm/config/value/ActionValue.java

@@ -29,12 +29,19 @@ import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
 import password.pwm.config.StoredValue;
 import password.pwm.error.PwmOperationalException;
+import password.pwm.util.Helper;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.X509Utils;
 import password.pwm.util.secure.PwmSecurityKey;
 
 import java.security.cert.X509Certificate;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
 
 public class ActionValue extends AbstractValue implements StoredValue {
     final List<ActionConfiguration> values;
@@ -66,7 +73,7 @@ public class ActionValue extends AbstractValue implements StoredValue {
             }
 
             public ActionValue fromXmlElement(
-                    Element settingElement,
+                    final Element settingElement,
                     final PwmSecurityKey input
             )
                     throws PwmOperationalException
@@ -107,7 +114,7 @@ public class ActionValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableList(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (values == null || values.size() < 1 || values.get(0) == null) {
                 return Collections.singletonList("required value missing");
@@ -134,7 +141,7 @@ public class ActionValue extends AbstractValue implements StoredValue {
         return Collections.emptyList();
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         final StringBuilder sb = new StringBuilder();
         int counter = 0;
         for (final ActionConfiguration actionConfiguration : values) {
@@ -160,8 +167,11 @@ public class ActionValue extends AbstractValue implements StoredValue {
                     sb.append("method=" + actionConfiguration.getLdapMethod());
                     sb.append(" attribute=" + actionConfiguration.getAttributeName());
                     sb.append(" value=" + actionConfiguration.getAttributeValue());
-
                 }
+                break;
+
+                default:
+                    Helper.unhandledSwitchStatement(actionConfiguration.getType());
             }
             sb.append("]");
             counter++;
@@ -178,7 +188,7 @@ public class ActionValue extends AbstractValue implements StoredValue {
         final List<Map<String,Object>> tempObj = JsonUtil.deserialize(originalJson, new TypeToken<List<Map<String,Object>>>() {
         });
         for (final Map<String,Object> mapObj : tempObj) {
-            ActionConfiguration actionConfiguration = forName((String)mapObj.get("name"));
+            final ActionConfiguration actionConfiguration = forName((String)mapObj.get("name"));
             if (actionConfiguration != null && actionConfiguration.getCertificates() != null) {
                 final List<Map<String,String>> certificateInfos = new ArrayList<>();
                 for (final X509Certificate certificate : actionConfiguration.getCertificates()) {

src/main/java/password/pwm/config/value/BooleanValue.java

@@ -39,7 +39,7 @@ import java.util.Locale;
 public class BooleanValue implements StoredValue {
     boolean value;
 
-    public BooleanValue(boolean value) {
+    public BooleanValue(final boolean value) {
         this.value = value;
     }
 
@@ -47,7 +47,7 @@ public class BooleanValue implements StoredValue {
     public static StoredValueFactory factory()
     {
         return new StoredValueFactory() {
-            public BooleanValue fromJson(String value) {
+            public BooleanValue fromJson(final String value) {
                 return new BooleanValue(JsonUtil.deserialize(value, Boolean.class));
             }
 
@@ -61,13 +61,13 @@ public class BooleanValue implements StoredValue {
         };
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting)
+    public List<String> validateValue(final PwmSetting pwmSetting)
     {
         return Collections.emptyList();
     }
 
     @Override
-    public List<Element> toXmlValues(String valueElementName) {
+    public List<Element> toXmlValues(final String valueElementName) {
         final Element valueElement = new Element(valueElementName);
         valueElement.addContent(String.valueOf(value));
         return Collections.singletonList(valueElement);
@@ -78,15 +78,17 @@ public class BooleanValue implements StoredValue {
         return value;
     }
 
-    public String toDebugString(Locale locale) {
-        locale = locale == null ? PwmConstants.DEFAULT_LOCALE : locale;
+    public String toDebugString(final Locale locale) {
+        final Locale loc = (locale == null)
+                ? PwmConstants.DEFAULT_LOCALE
+                : locale;
         return value
-                ? Display.getLocalizedMessage(locale,Display.Value_True,null)
-                : Display.getLocalizedMessage(locale,Display.Value_False,null);
+                ? Display.getLocalizedMessage(loc,Display.Value_True,null)
+                : Display.getLocalizedMessage(loc,Display.Value_False,null);
     }
 
     @Override
-    public Serializable toDebugJsonObject(Locale locale) {
+    public Serializable toDebugJsonObject(final Locale locale) {
         return value;
     }
 

src/main/java/password/pwm/config/value/ChallengeValue.java

@@ -33,10 +33,15 @@ import password.pwm.util.LocaleHelper;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.TreeMap;
 
 public class ChallengeValue extends AbstractValue implements StoredValue {
-    final static private PwmLogger LOGGER = PwmLogger.forClass(ChallengeValue.class);
+    private static final PwmLogger LOGGER = PwmLogger.forClass(ChallengeValue.class);
     final Map<String, List<ChallengeItemConfiguration>> values; //locale str as key.
 
     ChallengeValue(final Map<String, List<ChallengeItemConfiguration>> values) {
@@ -113,7 +118,7 @@ public class ChallengeValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableMap(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (values == null || values.size() < 1 || values.keySet().iterator().next().length() < 1) {
                 return Collections.singletonList("required value missing");
@@ -183,7 +188,7 @@ public class ChallengeValue extends AbstractValue implements StoredValue {
         return new ChallengeItemConfiguration(challengeText, minLength, maxLength, adminDefined);
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (values == null) {
             return "No Actions";
         }
@@ -191,7 +196,7 @@ public class ChallengeValue extends AbstractValue implements StoredValue {
         for (final String localeKey : values.keySet()) {
             final List<ChallengeItemConfiguration> challengeItems = values.get(localeKey);
             sb.append("Locale: ").append(LocaleHelper.debugLabel(LocaleHelper.parseLocaleString(localeKey))).append("\n");
-            for (ChallengeItemConfiguration challengeItemBean : challengeItems) {
+            for (final ChallengeItemConfiguration challengeItemBean : challengeItems) {
                 sb.append(" ChallengeItem: [AdminDefined: ").append(challengeItemBean.isAdminDefined());
                 sb.append(" MinLength:").append(challengeItemBean.getMinLength());
                 sb.append(" MaxLength:").append(challengeItemBean.getMaxLength());

src/main/java/password/pwm/config/value/EmailValue.java

@@ -32,7 +32,15 @@ import password.pwm.util.JsonUtil;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeMap;
 
 public class EmailValue extends AbstractValue implements StoredValue {
     final Map<String,EmailItemBean> values; //key is locale identifier
@@ -60,7 +68,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
             }
 
             public EmailValue fromXmlElement(
-                    Element settingElement,
+                    final Element settingElement,
                     final PwmSecurityKey input
             )
                     throws PwmOperationalException
@@ -72,7 +80,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
                         final Element loopValueElement = (Element) loopValue;
                         final String value = loopValueElement.getText();
                         if (value != null && value.length() > 0) {
-                            String localeValue = loopValueElement.getAttribute(
+                            final String localeValue = loopValueElement.getAttribute(
                                     "locale") == null ? "" : loopValueElement.getAttribute("locale").getValue();
                             values.put(localeValue, JsonUtil.deserialize(value, EmailItemBean.class));
                         }
@@ -85,7 +93,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
                     final Map<String, String> bodyPlainMap = new HashMap<>();
                     final Map<String, String> bodyHtmlMap = new HashMap<>();
                     for (final Object loopSettingObj : settingElement.getParentElement().getChildren()) {
-                        Element loopSetting = (Element) loopSettingObj;
+                        final Element loopSetting = (Element) loopSettingObj;
                         if (loopSetting.getAttribute("key") != null) {
                             if (loopSetting.getAttribute("key").getValue().equals(
                                     settingElement.getAttribute("key").getValue() + ".from")) {
@@ -94,7 +102,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
                                     final Element loopValueElement = (Element) loopValue;
                                     final String value = loopValueElement.getText();
                                     if (value != null && value.length() > 0) {
-                                        String localeValue = settingElement.getAttribute(
+                                        final String localeValue = settingElement.getAttribute(
                                                 "locale") == null ? "" : settingElement.getAttribute(
                                                 "locale").getValue();
                                         fromMap.put(localeValue, value);
@@ -108,7 +116,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
                                     final Element loopValueElement = (Element) loopValue;
                                     final String value = loopValueElement.getText();
                                     if (value != null && value.length() > 0) {
-                                        String localeValue = settingElement.getAttribute(
+                                        final String localeValue = settingElement.getAttribute(
                                                 "locale") == null ? "" : settingElement.getAttribute(
                                                 "locale").getValue();
                                         subjectMap.put(localeValue, value);
@@ -122,7 +130,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
                                     final Element loopValueElement = (Element) loopValue;
                                     final String value = loopValueElement.getText();
                                     if (value != null && value.length() > 0) {
-                                        String localeValue = settingElement.getAttribute(
+                                        final String localeValue = settingElement.getAttribute(
                                                 "locale") == null ? "" : settingElement.getAttribute(
                                                 "locale").getValue();
                                         bodyPlainMap.put(localeValue, value);
@@ -136,7 +144,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
                                     final Element loopValueElement = (Element) loopValue;
                                     final String value = loopValueElement.getText();
                                     if (value != null && value.length() > 0) {
-                                        String localeValue = settingElement.getAttribute(
+                                        final String localeValue = settingElement.getAttribute(
                                                 "locale") == null ? "" : settingElement.getAttribute(
                                                 "locale").getValue();
                                         bodyHtmlMap.put(localeValue, value);
@@ -188,7 +196,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableMap(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (values == null || values.isEmpty() || values.values().iterator().next() == null) {
                 return Collections.singletonList("required value missing");
@@ -214,7 +222,7 @@ public class EmailValue extends AbstractValue implements StoredValue {
         return Collections.emptyList();
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (values == null) {
             return "No Email Item";
         }

src/main/java/password/pwm/config/value/FileValue.java

@@ -38,7 +38,12 @@ import password.pwm.util.secure.SecureEngine;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.Serializable;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
 
 public class FileValue extends AbstractValue implements StoredValue {
     private static final PwmLogger LOGGER = PwmLogger.forClass(FileValue.class);
@@ -50,8 +55,8 @@ public class FileValue extends AbstractValue implements StoredValue {
         private String filetype;
 
         public FileInformation(
-                String filename,
-                String filetype
+                final String filename,
+                final String filetype
         )
         {
             this.filename = filename;
@@ -72,7 +77,7 @@ public class FileValue extends AbstractValue implements StoredValue {
     public static class FileContent {
         private byte[] contents;
 
-        public FileContent(byte[] contents)
+        public FileContent(final byte[] contents)
         {
             this.contents = contents;
         }
@@ -82,10 +87,10 @@ public class FileValue extends AbstractValue implements StoredValue {
             return contents;
         }
 
-        public static FileContent fromEncodedString(String input)
+        public static FileContent fromEncodedString(final String input)
                 throws IOException
         {
-            byte[] convertedBytes = StringUtil.base64Decode(input);
+            final byte[] convertedBytes = StringUtil.base64Decode(input);
             return new FileContent(convertedBytes);
         }
 
@@ -113,7 +118,7 @@ public class FileValue extends AbstractValue implements StoredValue {
         }
     }
 
-    public FileValue(Map<FileInformation, FileContent> values)
+    public FileValue(final Map<FileInformation, FileContent> values)
     {
         this.values = values;
     }
@@ -122,7 +127,7 @@ public class FileValue extends AbstractValue implements StoredValue {
     {
         return new StoredValueFactory() {
 
-            public FileValue fromXmlElement(Element settingElement, final PwmSecurityKey input)
+            public FileValue fromXmlElement(final Element settingElement, final PwmSecurityKey input)
                     throws PwmOperationalException
             {
                 final List valueElements = settingElement.getChildren("value");
@@ -152,7 +157,7 @@ public class FileValue extends AbstractValue implements StoredValue {
                 return new FileValue(values);
             }
 
-            public StoredValue fromJson(String input)
+            public StoredValue fromJson(final String input)
             {
                 throw new IllegalStateException("not implemented");
             }
@@ -190,14 +195,14 @@ public class FileValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public List<String> validateValue(PwmSetting pwm)
+    public List<String> validateValue(final PwmSetting pwm)
     {
         return Collections.emptyList();
     }
 
     @Override
     public String toDebugString(
-            Locale locale
+            final Locale locale
     )
     {
         final List<Map<String, Object>> output = asMetaData();
@@ -205,7 +210,7 @@ public class FileValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public Serializable toDebugJsonObject(Locale locale) {
+    public Serializable toDebugJsonObject(final Locale locale) {
         return (Serializable)asMetaData();
     }
 
@@ -231,7 +236,7 @@ public class FileValue extends AbstractValue implements StoredValue {
             return Collections.emptyList();
         }
         final List<FileInfo> returnObj = new ArrayList<>();
-        for (FileValue.FileInformation fileInformation : this.values.keySet()) {
+        for (final FileValue.FileInformation fileInformation : this.values.keySet()) {
             final FileContent fileContent = this.values.get(fileInformation);
             final FileInfo loopInfo = new FileInfo();
             loopInfo.name = fileInformation.getFilename();

src/main/java/password/pwm/config/value/FormValue.java

@@ -32,7 +32,12 @@ import password.pwm.error.PwmOperationalException;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Locale;
+import java.util.Set;
 
 public class FormValue extends AbstractValue implements StoredValue {
     final List<FormConfiguration> values;
@@ -61,7 +66,7 @@ public class FormValue extends AbstractValue implements StoredValue {
                 }
             }
 
-            public FormValue fromXmlElement(Element settingElement, final PwmSecurityKey key)
+            public FormValue fromXmlElement(final Element settingElement, final PwmSecurityKey key)
                     throws PwmOperationalException
             {
                 final boolean oldType = PwmSettingSyntax.LOCALIZED_STRING_ARRAY.toString().equals(
@@ -100,7 +105,7 @@ public class FormValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableList(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (values == null || values.size() < 1 || values.get(0) == null) {
                 return Collections.singletonList("required value missing");
@@ -131,7 +136,7 @@ public class FormValue extends AbstractValue implements StoredValue {
         return needsXmlUpdate;
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (values != null && !values.isEmpty()) {
             final StringBuilder sb = new StringBuilder();
             for (final FormConfiguration formRow : values) {

src/main/java/password/pwm/config/value/LocalizedStringArrayValue.java

@@ -31,7 +31,12 @@ import password.pwm.util.JsonUtil;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.TreeMap;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -96,7 +101,7 @@ public class LocalizedStringArrayValue extends AbstractValue implements StoredVa
         return Collections.unmodifiableMap(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (values == null || values.size() < 1 || values.keySet().iterator().next().length() < 1) {
                 return Collections.singletonList("required value missing");
@@ -119,7 +124,7 @@ public class LocalizedStringArrayValue extends AbstractValue implements StoredVa
     }
 
     @Override
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (values == null) {
             return "";
         }

src/main/java/password/pwm/config/value/LocalizedStringValue.java

@@ -31,7 +31,12 @@ import password.pwm.util.JsonUtil;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.TreeMap;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -56,7 +61,7 @@ public class LocalizedStringValue extends AbstractValue implements StoredValue {
                 }
             }
 
-            public LocalizedStringValue fromXmlElement(Element settingElement, final PwmSecurityKey key)
+            public LocalizedStringValue fromXmlElement(final Element settingElement, final PwmSecurityKey key)
             {
                 final List elements = settingElement.getChildren("value");
                 final Map<String, String> values = new TreeMap<>();
@@ -89,7 +94,7 @@ public class LocalizedStringValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableMap(value);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (value == null || value.size() < 1 || value.values().iterator().next().length() < 1) {
                 return Collections.singletonList("required value missing");
@@ -109,7 +114,7 @@ public class LocalizedStringValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         final StringBuilder sb = new StringBuilder();
         for (final String localeKey : value.keySet()) {
             if (value.size() > 1) {

src/main/java/password/pwm/config/value/NumericValue.java

@@ -34,14 +34,14 @@ import java.util.List;
 public class NumericValue extends AbstractValue implements StoredValue {
     long value;
 
-    public NumericValue(long value) {
+    public NumericValue(final long value) {
         this.value = value;
     }
 
     public static StoredValueFactory factory()
     {
         return new StoredValueFactory() {
-            public NumericValue fromJson(String value)
+            public NumericValue fromJson(final String value)
             {
                 return new NumericValue(JsonUtil.deserialize(value, Long.class));
             }
@@ -56,7 +56,7 @@ public class NumericValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public List<Element> toXmlValues(String valueElementName) {
+    public List<Element> toXmlValues(final String valueElementName) {
         final Element valueElement = new Element(valueElementName);
         valueElement.addContent(Long.toString(value));
         return Collections.singletonList(valueElement);
@@ -68,7 +68,7 @@ public class NumericValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         return Collections.emptyList();
     }
 }

src/main/java/password/pwm/config/value/OptionListValue.java

@@ -30,7 +30,13 @@ import password.pwm.error.PwmOperationalException;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Set;
+import java.util.TreeSet;
 
 public class OptionListValue extends AbstractValue  implements StoredValue {
     final Set<String> values;
@@ -56,7 +62,7 @@ public class OptionListValue extends AbstractValue  implements StoredValue {
                 }
             }
 
-            public OptionListValue fromXmlElement(Element settingElement, final PwmSecurityKey key)
+            public OptionListValue fromXmlElement(final Element settingElement, final PwmSecurityKey key)
                     throws PwmOperationalException
             {
                 final List valueElements = settingElement.getChildren("value");
@@ -87,13 +93,13 @@ public class OptionListValue extends AbstractValue  implements StoredValue {
         return Collections.unmodifiableSet(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         return Collections.emptyList();
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         final StringBuilder sb = new StringBuilder();
-        for (Iterator valueIterator = values.iterator() ; valueIterator.hasNext();) {
+        for (final Iterator valueIterator = values.iterator(); valueIterator.hasNext(); ) {
             sb.append(valueIterator.next());
             if (valueIterator.hasNext()) {
                 sb.append("\n");

src/main/java/password/pwm/config/value/PasswordValue.java

@@ -49,7 +49,7 @@ public class PasswordValue implements StoredValue {
 
     boolean requiresStoredUpdate;
 
-    public PasswordValue(PasswordData passwordData) {
+    public PasswordValue(final PasswordData passwordData) {
         value = passwordData;
     }
 
@@ -119,7 +119,7 @@ public class PasswordValue implements StoredValue {
     }
 
     @Override
-    public List<String> validateValue(PwmSetting pwm)
+    public List<String> validateValue(final PwmSetting pwm)
     {
         return Collections.emptyList();
     }
@@ -151,12 +151,12 @@ public class PasswordValue implements StoredValue {
     }
 
     @Override
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         return PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT;
     }
 
     @Override
-    public Serializable toDebugJsonObject(Locale locale) {
+    public Serializable toDebugJsonObject(final Locale locale) {
         return PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT;
     }
 

src/main/java/password/pwm/config/value/PrivateKeyValue.java

@@ -39,7 +39,12 @@ import java.security.KeyFactory;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
 
 public class PrivateKeyValue extends AbstractValue {
     private static final PwmLogger LOGGER = PwmLogger.forClass(PrivateKeyValue.class);
@@ -96,7 +101,7 @@ public class PrivateKeyValue extends AbstractValue {
         };
     }
 
-    public PrivateKeyValue(PrivateKeyCertificate privateKeyCertificate) {
+    public PrivateKeyValue(final PrivateKeyCertificate privateKeyCertificate) {
         this.privateKeyCertificate = privateKeyCertificate;
     }
 
@@ -112,7 +117,7 @@ public class PrivateKeyValue extends AbstractValue {
     }
 
     @Override
-    public List<String> validateValue(PwmSetting pwm)
+    public List<String> validateValue(final PwmSetting pwm)
     {
         return Collections.emptyList();
     }
@@ -149,7 +154,7 @@ public class PrivateKeyValue extends AbstractValue {
         return Collections.singletonList(valueElement);
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (privateKeyCertificate != null) {
             return "PrivateKeyCertificate: key=" + JsonUtil.serializeMap(X509Utils.makeDebugInfoMap(privateKeyCertificate.getKey()))
                     + ", certificates=" + JsonUtil.serializeCollection(X509Utils.makeDebugInfoMap(privateKeyCertificate.getCertificates()));
@@ -172,7 +177,7 @@ public class PrivateKeyValue extends AbstractValue {
     }
 
     @Override
-    public Serializable toDebugJsonObject(Locale locale) {
+    public Serializable toDebugJsonObject(final Locale locale) {
         return (Serializable)toInfoMap(false);
     }
 }

src/main/java/password/pwm/config/value/StringArrayValue.java

@@ -29,7 +29,11 @@ import password.pwm.config.StoredValue;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.secure.PwmSecurityKey;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -85,7 +89,7 @@ public class StringArrayValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableList(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (values == null || values.size() < 1 || values.get(0).length() < 1) {
                 return Collections.singletonList("required value missing");
@@ -103,10 +107,10 @@ public class StringArrayValue extends AbstractValue implements StoredValue {
         return Collections.emptyList();
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (values != null && !values.isEmpty()) {
             final StringBuilder sb = new StringBuilder();
-            for (Iterator valueIterator = values.iterator() ; valueIterator.hasNext();) {
+            for (final Iterator valueIterator = values.iterator(); valueIterator.hasNext(); ) {
                 sb.append(valueIterator.next());
                 if (valueIterator.hasNext()) {
                     sb.append("\n");

src/main/java/password/pwm/config/value/StringValue.java

@@ -74,7 +74,7 @@ public class StringValue extends AbstractValue implements StoredValue {
         return value;
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         if (pwmSetting.isRequired()) {
             if (value == null || value.length() < 1) {
                 return Collections.singletonList("required value missing");
@@ -102,7 +102,7 @@ public class StringValue extends AbstractValue implements StoredValue {
 
     @Override
     public String toDebugString(
-            Locale locale
+            final Locale locale
     )
     {
         return value == null ? "" : value;

src/main/java/password/pwm/config/value/UserPermissionValue.java

@@ -26,9 +26,9 @@ import com.google.gson.reflect.TypeToken;
 import org.apache.commons.lang3.StringUtils;
 import org.jdom2.Element;
 import password.pwm.config.PwmSetting;
-import password.pwm.config.stored.StoredConfigurationImpl;
 import password.pwm.config.StoredValue;
 import password.pwm.config.UserPermission;
+import password.pwm.config.stored.StoredConfigurationImpl;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.i18n.Display;
 import password.pwm.util.JsonUtil;
@@ -66,7 +66,7 @@ public class UserPermissionValue extends AbstractValue implements StoredValue {
                 }
             }
 
-            public UserPermissionValue fromXmlElement(Element settingElement, final PwmSecurityKey key)
+            public UserPermissionValue fromXmlElement(final Element settingElement, final PwmSecurityKey key)
                     throws PwmOperationalException
             {
                 final boolean newType = "2".equals(
@@ -106,7 +106,7 @@ public class UserPermissionValue extends AbstractValue implements StoredValue {
         return Collections.unmodifiableList(values);
     }
 
-    public List<String> validateValue(PwmSetting pwmSetting) {
+    public List<String> validateValue(final PwmSetting pwmSetting) {
         final List<String> returnObj = new ArrayList<>();
         for (final UserPermission userPermission : values) {
             try {
@@ -128,8 +128,8 @@ public class UserPermissionValue extends AbstractValue implements StoredValue {
             return;
         }
 
-        int leftParens = StringUtils.countMatches(filter, "(");
-        int rightParens = StringUtils.countMatches(filter,")");
+        final int leftParens = StringUtils.countMatches(filter, "(");
+        final int rightParens = StringUtils.countMatches(filter,")");
 
         if (leftParens != rightParens) {
             throw new IllegalArgumentException("unbalanced parentheses");
@@ -142,7 +142,7 @@ public class UserPermissionValue extends AbstractValue implements StoredValue {
         return 2;
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (values != null && !values.isEmpty()) {
             final StringBuilder sb = new StringBuilder();
             int counter = 0;

src/main/java/password/pwm/config/value/VerificationMethodValue.java

@@ -35,7 +35,12 @@ import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.secure.PwmSecurityKey;
 
 import java.io.Serializable;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
 
 public class VerificationMethodValue extends AbstractValue implements StoredValue {
     private static final PwmLogger LOGGER = PwmLogger.forClass(VerificationMethodValue.class);
@@ -56,7 +61,7 @@ public class VerificationMethodValue extends AbstractValue implements StoredValu
         public VerificationMethodSettings() {
         }
 
-        public VerificationMethodSettings(Map<IdentityVerificationMethod, VerificationMethodSetting> methodSettings, int minOptionalRequired) {
+        public VerificationMethodSettings(final Map<IdentityVerificationMethod, VerificationMethodSetting> methodSettings, final int minOptionalRequired) {
             this.methodSettings = methodSettings;
             this.minOptionalRequired = minOptionalRequired;
         }
@@ -73,7 +78,7 @@ public class VerificationMethodValue extends AbstractValue implements StoredValu
     public static class VerificationMethodSetting {
         private EnabledState enabledState = EnabledState.disabled;
 
-        public VerificationMethodSetting(EnabledState enabledState) {
+        public VerificationMethodSetting(final EnabledState enabledState) {
             this.enabledState = enabledState;
         }
 
@@ -86,7 +91,7 @@ public class VerificationMethodValue extends AbstractValue implements StoredValu
         this(new VerificationMethodSettings());
     }
 
-    public VerificationMethodValue(VerificationMethodSettings value) {
+    public VerificationMethodValue(final VerificationMethodSettings value) {
         this.value = value;
         for (final IdentityVerificationMethod recoveryVerificationMethods : IdentityVerificationMethod.availableValues()) {
             if (!value.methodSettings.containsKey(recoveryVerificationMethods)) {
@@ -103,24 +108,24 @@ public class VerificationMethodValue extends AbstractValue implements StoredValu
                 if (input == null) {
                     return new VerificationMethodValue();
                 } else {
-                    VerificationMethodSettings settings = JsonUtil.deserialize(input,VerificationMethodSettings.class);
+                    final VerificationMethodSettings settings = JsonUtil.deserialize(input,VerificationMethodSettings.class);
                     return new VerificationMethodValue(settings);
                 }
             }
 
-            public VerificationMethodValue fromXmlElement(Element settingElement, final PwmSecurityKey key)
+            public VerificationMethodValue fromXmlElement(final Element settingElement, final PwmSecurityKey key)
                     throws PwmOperationalException
             {
                 final Element valueElement = settingElement.getChild("value");
                 final String inputStr = valueElement.getText();
-                VerificationMethodSettings settings = JsonUtil.deserialize(inputStr,VerificationMethodSettings.class);
+                final VerificationMethodSettings settings = JsonUtil.deserialize(inputStr,VerificationMethodSettings.class);
                 return new VerificationMethodValue(settings);
             }
         };
     }
 
     @Override
-    public List<Element> toXmlValues(String valueElementName) {
+    public List<Element> toXmlValues(final String valueElementName) {
         final Element valueElement = new Element(valueElementName);
         valueElement.addContent(new CDATA(JsonUtil.serialize(value)));
         return Collections.singletonList(valueElement);
@@ -132,12 +137,12 @@ public class VerificationMethodValue extends AbstractValue implements StoredValu
     }
 
     @Override
-    public List<String> validateValue(PwmSetting pwm) {
+    public List<String> validateValue(final PwmSetting pwm) {
         return Collections.emptyList();
     }
 
     @Override
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
         if (value == null) {
             return "No Verification Methods";
         }
@@ -153,6 +158,10 @@ public class VerificationMethodValue extends AbstractValue implements StoredValu
                 case required:
                     required.add(method.getLabel(null, locale));
                     break;
+
+                default:
+                    // continue processing
+                    break;
             }
             method.getLabel(null,locale);
         }

src/main/java/password/pwm/config/value/X509CertificateValue.java

@@ -37,7 +37,12 @@ import java.io.ByteArrayInputStream;
 import java.io.Serializable;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
 
 public class X509CertificateValue extends AbstractValue implements StoredValue {
     private static final PwmLogger LOGGER = PwmLogger.forClass(X509CertificateValue.class);
@@ -65,7 +70,7 @@ public class X509CertificateValue extends AbstractValue implements StoredValue {
         };
     }
 
-    public X509CertificateValue(X509Certificate[] certificates) {
+    public X509CertificateValue(final X509Certificate[] certificates) {
         if (certificates == null) {
             throw new NullPointerException("certificates cannot be null");
         }
@@ -76,7 +81,7 @@ public class X509CertificateValue extends AbstractValue implements StoredValue {
         return certificates != null && certificates.length > 0;
     }
 
-    public X509CertificateValue(Collection<X509Certificate> certificates) {
+    public X509CertificateValue(final Collection<X509Certificate> certificates) {
         if (certificates == null) {
             throw new NullPointerException("certificates cannot be null");
         }
@@ -85,7 +90,7 @@ public class X509CertificateValue extends AbstractValue implements StoredValue {
 
 
     @Override
-    public List<Element> toXmlValues(String valueElementName) {
+    public List<Element> toXmlValues(final String valueElementName) {
         final List<Element> returnList = new ArrayList<>();
         for (final X509Certificate value : certificates) {
             final Element valueElement = new Element(valueElementName);
@@ -105,14 +110,14 @@ public class X509CertificateValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public List<String> validateValue(PwmSetting pwm) {
+    public List<String> validateValue(final PwmSetting pwm) {
         return Collections.emptyList();
     }
 
-    public String toDebugString(Locale locale) {
+    public String toDebugString(final Locale locale) {
             final StringBuilder sb = new StringBuilder();
-            int counter = 0;
-            for (X509Certificate cert : certificates) {
+            final int counter = 0;
+            for (final X509Certificate cert : certificates) {
                 sb.append("Certificate ").append(counter).append("\n");
                 sb.append(" Subject: ").append(cert.getSubjectDN().toString()).append("\n");
                 sb.append(" Serial: ").append(X509Utils.hexSerial(cert)).append("\n");
@@ -132,7 +137,7 @@ public class X509CertificateValue extends AbstractValue implements StoredValue {
     }
 
     @Override
-    public Serializable toDebugJsonObject(Locale locale) {
+    public Serializable toDebugJsonObject(final Locale locale) {
         return (Serializable)toInfoMap(false);
     }
 

src/main/java/password/pwm/cr/CrChallengeItemBean.java

@@ -33,7 +33,7 @@ public class CrChallengeItemBean implements Serializable {
     public int maxQuestionCharsInAnswer;
     public boolean enforceWordlist;
 
-    public CrChallengeItemBean(String challengeText, int minLength, int maxLength, boolean adminDefined, boolean required, int maxQuestionCharsInAnswer, boolean enforceWordlist) {
+    public CrChallengeItemBean(final String challengeText, final int minLength, final int maxLength, final boolean adminDefined, final boolean required, final int maxQuestionCharsInAnswer, final boolean enforceWordlist) {
         this.challengeText = challengeText;
         this.minLength = minLength;
         this.maxLength = maxLength;

src/main/java/password/pwm/error/PwmException.java

@@ -23,7 +23,7 @@
 package password.pwm.error;
 
 public abstract class PwmException extends Exception {
-    protected ErrorInformation errorInformation;
+    protected final ErrorInformation errorInformation;
 
     public PwmException(final ErrorInformation error) {
         this.errorInformation = error == null ? new ErrorInformation(PwmError.ERROR_UNKNOWN) : error;

src/main/java/password/pwm/health/CertificateChecker.java

@@ -52,7 +52,7 @@ public class CertificateChecker implements HealthChecker {
     private static final PwmLogger LOGGER = PwmLogger.forClass(CertificateChecker.class);
 
     @Override
-    public List<HealthRecord> doHealthCheck(PwmApplication pwmApplication) {
+    public List<HealthRecord> doHealthCheck(final PwmApplication pwmApplication) {
         final List<HealthRecord> records = new ArrayList<>();
         records.addAll(doHealthCheck(pwmApplication.getConfig()));
         try {
@@ -62,7 +62,7 @@ public class CertificateChecker implements HealthChecker {
         } return records;
     }
 
-    private static List<HealthRecord> doHealthCheck(Configuration configuration) {
+    private static List<HealthRecord> doHealthCheck(final Configuration configuration) {
         final List<HealthRecord> returnList = new ArrayList<>();
         for (final PwmSetting setting : PwmSetting.values()) {
             if (setting.getSyntax() == PwmSettingSyntax.X509CERT && !setting.getCategory().hasProfiles()) {
@@ -84,13 +84,13 @@ public class CertificateChecker implements HealthChecker {
         final StoredConfigurationImpl storedConfiguration = configuration.getStoredConfiguration();
 
         final List<HealthRecord> returnList = new ArrayList<>();
-        List<StoredConfigReference> modifiedReferences = StoredConfigurationUtil.modifiedSettings(storedConfiguration);
-        for (StoredConfigReference storedConfigReference : modifiedReferences) {
+        final List<StoredConfigReference> modifiedReferences = StoredConfigurationUtil.modifiedSettings(storedConfiguration);
+        for (final StoredConfigReference storedConfigReference : modifiedReferences) {
             if (storedConfigReference.getRecordType() == StoredConfigReference.RecordType.SETTING) {
                 final PwmSetting pwmSetting = PwmSetting.forKey(storedConfigReference.getRecordID());
                 if (pwmSetting != null && pwmSetting.getSyntax() == PwmSettingSyntax.ACTION) {
-                    ActionValue value = (ActionValue)storedConfiguration.readSetting(pwmSetting, storedConfigReference.getProfileID());
-                    for (ActionConfiguration actionConfiguration : value.toNativeObject()) {
+                    final ActionValue value = (ActionValue)storedConfiguration.readSetting(pwmSetting, storedConfigReference.getProfileID());
+                    for (final ActionConfiguration actionConfiguration : value.toNativeObject()) {
                         final X509Certificate[] certificates = actionConfiguration.getCertificates();
                         returnList.addAll(doHealthCheck(configuration, pwmSetting, storedConfigReference.getProfileID(), certificates));
                     }
@@ -100,7 +100,7 @@ public class CertificateChecker implements HealthChecker {
         return Collections.unmodifiableList(returnList);
     }
 
-    private static List<HealthRecord> doHealthCheck(Configuration configuration, PwmSetting setting, final String profileID, X509Certificate[] certificates) {
+    private static List<HealthRecord> doHealthCheck(final Configuration configuration, final PwmSetting setting, final String profileID, final X509Certificate[] certificates) {
         final long warnDurationMs = 1000 * Long.parseLong(configuration.readAppProperty(AppProperty.HEALTH_CERTIFICATE_WARN_SECONDS));
 
         if (certificates != null) {

src/main/java/password/pwm/health/ConfigurationChecker.java

@@ -248,8 +248,8 @@ public class ConfigurationChecker implements HealthChecker {
     static class VerifyResponseLdapAttribute implements ConfigHealthCheck {
         @Override
         public List<HealthRecord> healthCheck(
-                Configuration config,
-                Locale locale
+                final Configuration config,
+                final Locale locale
         ) {
             final List<HealthRecord> records = new ArrayList<>();
             final PwmSetting[] interestedSettings = new PwmSetting[]{PwmSetting.FORGOTTEN_PASSWORD_READ_PREFERENCE, PwmSetting.FORGOTTEN_PASSWORD_WRITE_PREFERENCE};
@@ -273,7 +273,7 @@ public class ConfigurationChecker implements HealthChecker {
 
     static class VerifyDbConfiguredIfNeeded implements ConfigHealthCheck {
         @Override
-        public List<HealthRecord> healthCheck(Configuration config, Locale locale) {
+        public List<HealthRecord> healthCheck(final Configuration config, final Locale locale) {
             final List<HealthRecord> records = new ArrayList<>();
             if (!config.hasDbConfigured()) {
                 if (config.helper().shouldHaveDbConfigured()) {
@@ -298,7 +298,7 @@ public class ConfigurationChecker implements HealthChecker {
 
     static class VerifyPasswordPolicyConfigs implements ConfigHealthCheck {
         @Override
-        public List<HealthRecord> healthCheck(Configuration config, Locale locale) {
+        public List<HealthRecord> healthCheck(final Configuration config, final Locale locale) {
             final List<HealthRecord> records = new ArrayList<>();
             for (final String profileID : config.getPasswordProfileIDs()) {
                 try {
@@ -314,7 +314,7 @@ public class ConfigurationChecker implements HealthChecker {
 
     interface ConfigHealthCheck {
         List<HealthRecord> healthCheck(
-                final Configuration configuration,
-                final Locale locale);
+                 Configuration configuration,
+                 Locale locale);
     }
 }

src/main/java/password/pwm/health/DatabaseStatusChecker.java

@@ -36,16 +36,16 @@ public class DatabaseStatusChecker implements HealthChecker {
     private static final PwmLogger LOGGER = PwmLogger.forClass(DatabaseStatusChecker.class);
 
     @Override
-    public List<HealthRecord> doHealthCheck(PwmApplication pwmApplication)
+    public List<HealthRecord> doHealthCheck(final PwmApplication pwmApplication)
     {
         return Collections.emptyList();
     }
 
-    public static List<HealthRecord> checkNewDatabaseStatus(Configuration config) {
+    public static List<HealthRecord> checkNewDatabaseStatus(final Configuration config) {
         return checkDatabaseStatus(config);
     }
 
-    private static List<HealthRecord> checkDatabaseStatus(Configuration config)
+    private static List<HealthRecord> checkDatabaseStatus(final Configuration config)
     {
         if (!config.hasDbConfigured()) {
             return Collections.singletonList(new HealthRecord(HealthStatus.INFO,HealthTopic.Database,"Database not configured"));

src/main/java/password/pwm/health/HealthMessage.java

@@ -90,8 +90,8 @@ public enum HealthMessage {
     private final HealthTopic topic;
 
     HealthMessage(
-            HealthStatus status,
-            HealthTopic topic
+            final HealthStatus status,
+            final HealthTopic topic
     )
     {
         this.status = status;

src/main/java/password/pwm/health/HealthMonitor.java

@@ -31,8 +31,19 @@ import password.pwm.util.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
 import java.io.Serializable;
-import java.util.*;
-import java.util.concurrent.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeSet;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.TimeUnit;
 
 public class HealthMonitor implements PwmService {
     private static final PwmLogger LOGGER = PwmLogger.forClass(HealthMonitor.class);
@@ -42,6 +53,7 @@ public class HealthMonitor implements PwmService {
     private final Set<HealthRecord> healthRecords = new TreeSet<>();
 
     private static final List<HealthChecker> HEALTH_CHECKERS;
+
     static {
         final List<HealthChecker> records = new ArrayList<>();
         records.add(new LDAPStatusChecker());
@@ -85,14 +97,14 @@ public class HealthMonitor implements PwmService {
         return lastHealthCheckTime;
     }
 
-    public HealthStatus getMostSevereHealthStatus(CheckTimeliness timeliness) {
+    public HealthStatus getMostSevereHealthStatus(final CheckTimeliness timeliness) {
         return getMostSevereHealthStatus(getHealthRecords(timeliness));
     }
 
     public static HealthStatus getMostSevereHealthStatus(final Collection<HealthRecord> healthRecords) {
         HealthStatus returnStatus = HealthStatus.GOOD;
         if (healthRecords != null) {
-            for (HealthRecord record : healthRecords) {
+            for (final HealthRecord record : healthRecords) {
                 if (record.getStatus().getSeverityLevel() > returnStatus.getSeverityLevel()) {
                     returnStatus = record.getStatus();
                 }
@@ -105,7 +117,7 @@ public class HealthMonitor implements PwmService {
         return status;
     }
 
-    public void init(PwmApplication pwmApplication) throws PwmException {
+    public void init(final PwmApplication pwmApplication) throws PwmException {
         status = STATUS.OPENING;
         this.pwmApplication = pwmApplication;
         settings = HealthMonitorSettings.fromConfiguration(pwmApplication.getConfig());

src/main/java/password/pwm/health/HealthRecord.java

@@ -99,11 +99,11 @@ public class HealthRecord implements Serializable,Comparable<HealthRecord> {
         this.old_detail = null;
     }
 
-    public static HealthRecord forMessage(HealthMessage message) {
+    public static HealthRecord forMessage(final HealthMessage message) {
         return new HealthRecord(message.getStatus(), message.getTopic(), message, null);
     }
 
-    public static HealthRecord forMessage(HealthMessage message, String... fields) {
+    public static HealthRecord forMessage(final HealthMessage message, final String... fields) {
         return new HealthRecord(message.getStatus(), message.getTopic(), message, fields);
     }
 
@@ -161,7 +161,7 @@ public class HealthRecord implements Serializable,Comparable<HealthRecord> {
     ) {
         final List<password.pwm.ws.server.rest.bean.HealthRecord> healthRecordBeans = password.pwm.ws.server.rest.bean.HealthRecord.fromHealthRecords(
                 profileRecords, locale, configuration);
-        HealthData healthData = new HealthData();
+        final HealthData healthData = new HealthData();
         healthData.timestamp = new Date();
         healthData.overall = HealthMonitor.getMostSevereHealthStatus(profileRecords).toString();
         healthData.records = healthRecordBeans;

src/main/java/password/pwm/health/HealthStatus.java

@@ -39,7 +39,7 @@ public enum HealthStatus {
 
     private int severityLevel;
 
-    HealthStatus(int severityLevel) {
+    HealthStatus(final int severityLevel) {
         this.severityLevel = severityLevel;
     }