SessionLabel refactorings, add actorType

server/src/main/java/password/pwm/PwmApplication.java

@@ -113,9 +113,7 @@ public class PwmApplication
             throws PwmUnrecoverableException
     {
         this.pwmEnvironment = Objects.requireNonNull( pwmEnvironment );
-        this.sessionLabel = pwmEnvironment.isInternalRuntimeInstance()
-                ? SessionLabel.RUNTIME_LABEL
-                : SessionLabel.SYSTEM_LABEL;
+        this.sessionLabel = SessionLabel.forSystem( pwmEnvironment, DomainID.systemId() );
 
         this.pwmServiceManager = new PwmServiceManager(
                 sessionLabel, this, DomainID.systemId(), PwmServiceEnum.forScope( PwmSettingScope.SYSTEM ) );

server/src/main/java/password/pwm/PwmDomain.java

@@ -87,9 +87,7 @@ public class PwmDomain
         this.pwmApplication = Objects.requireNonNull( pwmApplication );
         this.domainID = Objects.requireNonNull( domainID );
 
-        this.sessionLabel = pwmApplication.getPwmEnvironment().isInternalRuntimeInstance()
-                ? SessionLabel.RUNTIME_LABEL.toBuilder().domain( domainID.stringValue() ).build()
-                : SessionLabel.SYSTEM_LABEL.toBuilder().domain( domainID.stringValue() ).build();
+        this.sessionLabel = SessionLabel.forSystem( pwmApplication.getPwmEnvironment(), domainID );
 
         this.pwmServiceManager = new PwmServiceManager( sessionLabel, pwmApplication, domainID, PwmServiceEnum.forScope( PwmSettingScope.DOMAIN ) );
     }

server/src/main/java/password/pwm/PwmEnvironment.java

@@ -57,6 +57,8 @@ public class PwmEnvironment
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmEnvironment.class );
 
+    private static final SessionLabel SESSION_LABEL = SessionLabel.SYSTEM_LABEL;
+
     @lombok.Builder.Default
     private PwmApplicationMode applicationMode = PwmApplicationMode.ERROR;
 
@@ -179,7 +181,7 @@ public class PwmEnvironment
         }
         if ( applicationPathIsWebInfPath )
         {
-            LOGGER.trace( SessionLabel.SYSTEM_LABEL, () -> "applicationPath appears to be servlet /WEB-INF directory" );
+            LOGGER.trace( SESSION_LABEL, () -> "applicationPath appears to be servlet /WEB-INF directory" );
         }
     }
 
@@ -207,7 +209,7 @@ public class PwmEnvironment
             );
         }
 
-        LOGGER.trace( SessionLabel.SYSTEM_LABEL, () -> "examining applicationPath of " + applicationPath.getAbsolutePath() + "" );
+        LOGGER.trace( SESSION_LABEL, () -> "examining applicationPath of " + applicationPath.getAbsolutePath() + "" );
 
         if ( !applicationPath.exists() )
         {
@@ -234,7 +236,7 @@ public class PwmEnvironment
         }
 
         final File infoFile = new File( applicationPath.getAbsolutePath() + File.separator + PwmConstants.APPLICATION_PATH_INFO_FILE );
-        LOGGER.trace( SessionLabel.SYSTEM_LABEL, () -> "checking " + infoFile.getAbsolutePath() + " status" );
+        LOGGER.trace( SESSION_LABEL, () -> "checking " + infoFile.getAbsolutePath() + " status" );
         if ( infoFile.exists() )
         {
             final String errorMsg = "The file " + infoFile.getAbsolutePath() + " exists, and an applicationPath was not explicitly specified."
@@ -321,7 +323,7 @@ public class PwmEnvironment
                 }
                 else
                 {
-                    LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "unknown " + EnvironmentParameter.applicationFlags + " value: " + input );
+                    LOGGER.warn( SESSION_LABEL, () -> "unknown " + EnvironmentParameter.applicationFlags + " value: " + input );
                 }
             }
             return returnFlags;
@@ -341,7 +343,7 @@ public class PwmEnvironment
             }
             catch ( final Exception e )
             {
-                LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "error reading properties file '" + input + "' specified by environment setting "
+                LOGGER.warn( SESSION_LABEL, () -> "error reading properties file '" + input + "' specified by environment setting "
                         + EnvironmentParameter.applicationParamFile + ", error: " + e.getMessage() );
             }
 
@@ -358,14 +360,14 @@ public class PwmEnvironment
                     }
                     else
                     {
-                        LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "unknown " + EnvironmentParameter.applicationParamFile + " value: " + input );
+                        LOGGER.warn( SESSION_LABEL, () -> "unknown " + EnvironmentParameter.applicationParamFile + " value: " + input );
                     }
                 }
                 return Collections.unmodifiableMap( returnParams );
             }
             catch ( final Exception e )
             {
-                LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "unable to parse jason value of " + EnvironmentParameter.applicationParamFile + ", error: " + e.getMessage() );
+                LOGGER.warn( SESSION_LABEL, () -> "unable to parse jason value of " + EnvironmentParameter.applicationParamFile + ", error: " + e.getMessage() );
             }
 
             return Collections.emptyMap();
@@ -376,7 +378,7 @@ public class PwmEnvironment
     {
         if ( PwmConstants.TRIAL_MODE && mode == PwmApplicationMode.RUNNING )
         {
-            LOGGER.info( SessionLabel.SYSTEM_LABEL, () -> "application is in trial mode" );
+            LOGGER.info( SESSION_LABEL, () -> "application is in trial mode" );
             return PwmApplicationMode.CONFIGURATION;
         }
 

server/src/main/java/password/pwm/bean/SessionLabel.java

@@ -20,51 +20,160 @@
 
 package password.pwm.bean;
 
+import lombok.AccessLevel;
 import lombok.Builder;
 import lombok.Value;
-import password.pwm.PwmConstants;
+import password.pwm.PwmApplication;
+import password.pwm.PwmEnvironment;
+import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.http.PwmRequest;
+import password.pwm.http.PwmRequestUtil;
+import password.pwm.http.PwmSession;
 import password.pwm.svc.PwmService;
+import password.pwm.user.UserInfo;
+import password.pwm.util.java.AtomicLoopLongIncrementer;
 import password.pwm.util.java.StringUtil;
+import password.pwm.util.logging.PwmLogEvent;
+import password.pwm.util.logging.PwmLogger;
 
+import javax.servlet.http.HttpServletRequest;
 import java.io.Serializable;
+import java.util.Objects;
 
 @Value
-@Builder( toBuilder = true )
+@Builder( toBuilder = true, access = AccessLevel.PRIVATE )
+/**
+ * Increasingly miss-named data class that represents request/operation actor and origin data.
+ */
 public class SessionLabel implements Serializable
 {
-    private static final String SYSTEM_LABEL_SESSION_ID = "#";
-    private static final String RUNTIME_LABEL_SESSION_ID = "#";
-    private static final String HEALTH_LABEL_SESSION_ID = "H";
-    private static final String RUNTIME_USERNAME = "internal";
-    private static final String HEALTH_USERNAME = "health";
+    private static final PwmLogger LOGGER = PwmLogger.forClass( SessionLabel.class );
 
-    public static final SessionLabel SYSTEM_LABEL = SessionLabel.builder().sessionID( SYSTEM_LABEL_SESSION_ID ).username( PwmConstants.PWM_APP_NAME ).build();
-    public static final SessionLabel RUNTIME_LABEL = SessionLabel.builder().sessionID( RUNTIME_LABEL_SESSION_ID ).username( RUNTIME_USERNAME ).build();
-    public static final SessionLabel HEALTH_LABEL = SessionLabel.builder().sessionID( HEALTH_LABEL_SESSION_ID ).username( HEALTH_USERNAME ).build();
-    public static final SessionLabel TEST_SESSION_LABEL = SessionLabel.builder().sessionID( SYSTEM_LABEL_SESSION_ID ).username( "test" ).build();
-    public static final SessionLabel CLI_SESSION_LABEL = SessionLabel.builder().sessionID( SYSTEM_LABEL_SESSION_ID ).username( "cli" ).build();
-    public static final SessionLabel CONTEXT_SESSION_LABEL = SessionLabel.builder().sessionID( SYSTEM_LABEL_SESSION_ID ).username( "context" ).build();
-    public static final SessionLabel ONEJAR_LABEL = SessionLabel.builder().sessionID( SYSTEM_LABEL_SESSION_ID ).username( "onejar" ).build();
+    private static final String SYSTEM_LABEL_SESSION_ID = "#";
+    private static final String RUNTIME_LABEL_SESSION_ID = "!";
 
+    public static final SessionLabel SYSTEM_LABEL = SessionLabel.forNonUserType( ActorType.system, DomainID.systemId() );
+    public static final SessionLabel HEALTH_LABEL = SessionLabel.forNonUserType( ActorType.health, DomainID.systemId() );
+    public static final SessionLabel TEST_SESSION_LABEL = SessionLabel.forNonUserType( ActorType.test, DomainID.systemId() );
+    public static final SessionLabel CLI_SESSION_LABEL = SessionLabel.forNonUserType( ActorType.cli, DomainID.systemId() );
+    public static final SessionLabel CONTEXT_SESSION_LABEL = SessionLabel.forNonUserType( ActorType.context, DomainID.systemId() );
+    public static final SessionLabel ONEJAR_LABEL = SessionLabel.forNonUserType( ActorType.onejar, DomainID.systemId() );
 
     private final String sessionID;
     private final String requestID;
-    private final String userID;
     private final String username;
     private final String sourceAddress;
     private final String sourceHostname;
     private final String profile;
     private final String domain;
+    private final ActorType actorType;
 
-    public static SessionLabel forPwmService( final PwmService pwmService, final DomainID domainID )
+    public enum ActorType
+    {
+        user,
+        system,
+        runtime,
+        health,
+        test,
+        cli,
+        onejar,
+        context,
+        rest,
+    }
+
+    private static SessionLabel forNonUserType( final ActorType actorType, final DomainID domainID )
     {
+        Objects.requireNonNull( actorType );
+
+        final String sessionID = domainID == null || domainID.isSystem() ? SYSTEM_LABEL_SESSION_ID : RUNTIME_LABEL_SESSION_ID;
+        final String domainSting = domainID == null ? DomainID.systemId().stringValue() : domainID.stringValue();
+
         return SessionLabel.builder()
-                .sessionID( SYSTEM_LABEL_SESSION_ID )
+                .actorType( actorType )
+                .domain( domainSting )
+                .sessionID( sessionID )
+                .username( actorType.name() ).build();
+    }
+
+    public static SessionLabel forRestRequest(
+            final PwmApplication pwmApplication,
+            final HttpServletRequest req,
+            final AtomicLoopLongIncrementer requestCounter,
+            final DomainID domainID
+    )
+    {
+        final String id = "rest-" + requestCounter.next();
+
+        return SessionLabel.forNonUserType( ActorType.rest, domainID ).toBuilder()
+                .sessionID( id )
+                .requestID( id )
+                .sourceAddress( PwmRequestUtil.readUserNetworkAddress( req, pwmApplication.getConfig() ).orElse( "" ) )
+                .sourceHostname( PwmRequestUtil.readUserHostname( req, pwmApplication.getConfig() ).orElse( "" ) )
+                .build();
+    }
+
+
+    public static SessionLabel forSystem( final PwmEnvironment pwmEnvironment, final DomainID domainID )
+    {
+        return forNonUserType( pwmEnvironment != null && pwmEnvironment.isInternalRuntimeInstance()
+                ? SessionLabel.ActorType.runtime
+                : SessionLabel.ActorType.system, domainID );
+    }
+
+    public static SessionLabel forPwmService( final PwmService pwmService, final DomainID domainID )
+    {
+        return forNonUserType( ActorType.system, domainID ).toBuilder()
                 .username( pwmService.getClass().getSimpleName() )
                 .domain( domainID.stringValue() )
                 .build();
     }
 
+    public static SessionLabel forPwmRequest( final PwmRequest pwmRequest )
+    {
+        final SessionLabel.SessionLabelBuilder builder = SessionLabel.builder();
+
+        builder.actorType( ActorType.user );
+        builder.sourceAddress( pwmRequest.getSrcAddress().orElse( null ) );
+        builder.sourceHostname( pwmRequest.getSrcHostname().orElse( null ) );
+        builder.requestID( pwmRequest.getPwmRequestID() );
+        builder.domain( pwmRequest.getDomainID().stringValue() );
+
+        if ( pwmRequest.hasSession() )
+        {
+            final PwmSession pwmSession = pwmRequest.getPwmSession();
+            builder.sessionID( pwmSession.getSessionStateBean().getSessionID() );
+
+            if ( pwmRequest.isAuthenticated() )
+            {
+                try
+                {
+                    final UserInfo userInfo = pwmSession.getUserInfo();
+                    final UserIdentity userIdentity = userInfo.getUserIdentity();
+
+                    builder.username( userInfo.getUsername() );
+                    builder.profile( userIdentity == null ? null : userIdentity.getLdapProfileID().stringValue() );
+                }
+                catch ( final PwmUnrecoverableException e )
+                {
+                    LOGGER.error( () -> "unexpected error reading username: " + e.getMessage(), e );
+                }
+            }
+        }
+
+        return builder.build();
+    }
+
+    public static SessionLabel fromPwmLogEvent( final PwmLogEvent pwmLogEvent )
+    {
+        return SessionLabel.builder()
+                .sessionID( pwmLogEvent.getSessionID() )
+                .requestID( pwmLogEvent.getRequestID() )
+                .username( pwmLogEvent.getUsername() )
+                .sourceAddress( pwmLogEvent.getSourceAddress() )
+                .domain( pwmLogEvent.getDomain() )
+                .build();
+    }
+
     public String toDebugLabel( )
     {
         final StringBuilder sb = new StringBuilder();
@@ -83,7 +192,8 @@ public class SessionLabel implements Serializable
             }
             sb.append( domain );
         }
-        if ( StringUtil.notEmpty( username ) )
+
+        if ( actorType == ActorType.user && StringUtil.notEmpty( username ) )
         {
             if ( sb.length() > 0 )
             {
@@ -103,11 +213,11 @@ public class SessionLabel implements Serializable
 
     public boolean isRuntime()
     {
-        return RUNTIME_LABEL.equals( this );
+        return this.actorType == ActorType.runtime;
     }
 
     public boolean isHealth()
     {
-        return HEALTH_LABEL.equals( this );
+        return this.actorType == ActorType.health;
     }
 }

server/src/main/java/password/pwm/config/AppConfig.java

@@ -25,7 +25,6 @@ import password.pwm.PwmConstants;
 import password.pwm.bean.DomainID;
 import password.pwm.bean.PrivateKeyCertificate;
 import password.pwm.bean.ProfileID;
-import password.pwm.bean.SessionLabel;
 import password.pwm.config.option.CertificateMatchingMode;
 import password.pwm.config.option.DataStorageMethod;
 import password.pwm.config.profile.EmailServerProfile;
@@ -380,7 +379,7 @@ public class AppConfig implements SettingReader
             {
                 final String errorMsg = "Security Key value is not configured, will generate temp value for use by runtime instance";
                 final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_INVALID_SECURITY_KEY, errorMsg );
-                LOGGER.warn( SessionLabel.SYSTEM_LABEL, errorInfo::toDebugStr );
+                LOGGER.warn( errorInfo::toDebugStr );
                 return new PwmSecurityKey( PwmRandom.getInstance().alphaNumericString( 1024 ) );
             }
             else

server/src/main/java/password/pwm/config/StoredSettingReader.java

@@ -25,7 +25,6 @@ import password.pwm.bean.DomainID;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.PrivateKeyCertificate;
 import password.pwm.bean.ProfileID;
-import password.pwm.bean.SessionLabel;
 import password.pwm.config.option.DataStorageMethod;
 import password.pwm.config.profile.Profile;
 import password.pwm.config.profile.ProfileDefinition;
@@ -319,7 +318,7 @@ public class StoredSettingReader implements SettingReader
 
         if ( setting.getFlags().contains( PwmSettingFlag.Deprecated ) )
         {
-            LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "attempt to read deprecated config setting: " + setting.toMenuLocationDebug( profileID, null ) );
+            LOGGER.warn( () -> "attempt to read deprecated config setting: " + setting.toMenuLocationDebug( profileID, null ) );
         }
 
         if ( profileID == null )

server/src/main/java/password/pwm/config/stored/ConfigurationCleaner.java

@@ -49,6 +49,8 @@ public class ConfigurationCleaner
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( ConfigurationCleaner.class );
 
+    private static final SessionLabel SESSION_LABEL = SessionLabel.SYSTEM_LABEL;
+
     private static final List<PwmExceptionLoggingConsumer<StoredConfigurationModifier>> STORED_CONFIG_POST_PROCESSORS = List.of(
             new UpdateDeprecatedAdComplexitySettings(),
             new UpdateDeprecatedMinPwdLifetimeSetting(),
@@ -113,7 +115,7 @@ public class ConfigurationCleaner
             }
             catch ( final PwmUnrecoverableException e )
             {
-                LOGGER.error( SessionLabel.SYSTEM_LABEL, () -> "error converting deprecated AD password policy setting: " + key + ", error: " + e.getMessage() );
+                LOGGER.error( SESSION_LABEL, () -> "error converting deprecated AD password policy setting: " + key + ", error: " + e.getMessage() );
             }
         }
     }
@@ -139,7 +141,7 @@ public class ConfigurationCleaner
                                 : new StringValue( RecoveryMinLifetimeOption.ALLOW.name() );
                         final Optional<ValueMetaData> existingData = oldConfig.readSettingMetadata( key );
                         final UserIdentity newActor = existingData.map( ValueMetaData::getUserIdentity ).orElse( null );
-                        LOGGER.info( SessionLabel.SYSTEM_LABEL, () -> "converting deprecated non-default setting "
+                        LOGGER.info( SESSION_LABEL, () -> "converting deprecated non-default setting "
                                 + PwmSetting.RECOVERY_ENFORCE_MINIMUM_PASSWORD_LIFETIME.toMenuLocationDebug( profileID, PwmConstants.DEFAULT_LOCALE ) + "/" + profileID
                                 + " to replacement setting " + PwmSetting.RECOVERY_MINIMUM_PASSWORD_LIFETIME_OPTIONS.toMenuLocationDebug( profileID, PwmConstants.DEFAULT_LOCALE )
                                 + ", value="
@@ -165,7 +167,7 @@ public class ConfigurationCleaner
                 final StoredConfigKey existingPubWebservicesKey = StoredConfigKey.forSetting( PwmSetting.PUBLIC_HEALTH_STATS_WEBSERVICES, null, domainID );
                 if ( oldConfig.readStoredValue( existingPubWebservicesKey ).isPresent() )
                 {
-                    LOGGER.info( SessionLabel.SYSTEM_LABEL, () -> "converting deprecated non-default setting "
+                    LOGGER.info( SESSION_LABEL, () -> "converting deprecated non-default setting "
                             + PwmSetting.PUBLIC_HEALTH_STATS_WEBSERVICES.toMenuLocationDebug( null, PwmConstants.DEFAULT_LOCALE )
                             + " to replacement setting " + PwmSetting.WEBSERVICES_PUBLIC_ENABLE.toMenuLocationDebug( null, PwmConstants.DEFAULT_LOCALE ) );
                     final StoredConfigKey existingPubEnableKey = StoredConfigKey.forSetting( PwmSetting.WEBSERVICES_PUBLIC_ENABLE, null, domainID );
@@ -222,7 +224,7 @@ public class ConfigurationCleaner
                     }
                     catch ( final PwmUnrecoverableException e )
                     {
-                        LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "error moving setting " + pwmSetting.getKey() + " without profile attribute to profile \"" + destProfile
+                        LOGGER.warn( SESSION_LABEL, () -> "error moving setting " + pwmSetting.getKey() + " without profile attribute to profile \"" + destProfile
                                 + "\", error: " + e.getMessage() );
                     }
                 }
@@ -230,12 +232,12 @@ public class ConfigurationCleaner
 
             try
             {
-                LOGGER.info( SessionLabel.SYSTEM_LABEL, () -> "removing setting " + key + " without profile" );
+                LOGGER.info( SESSION_LABEL, () -> "removing setting " + key + " without profile" );
                 modifier.deleteKey( key );
             }
             catch ( final PwmUnrecoverableException e )
             {
-                LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "error deleting setting " + pwmSetting.getKey() + " after adding profile settings: " + e.getMessage() );
+                LOGGER.warn( SESSION_LABEL, () -> "error deleting setting " + pwmSetting.getKey() + " after adding profile settings: " + e.getMessage() );
             }
         }
     }
@@ -271,12 +273,12 @@ public class ConfigurationCleaner
         {
             try
             {
-                LOGGER.info( SessionLabel.SYSTEM_LABEL, () -> "removing setting " + key.toString() + " with non-existing profileID" );
+                LOGGER.info( SESSION_LABEL, () -> "removing setting " + key.toString() + " with non-existing profileID" );
                 modifier.deleteKey( key );
             }
             catch ( final PwmUnrecoverableException e )
             {
-                LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "error deleting setting " + key.toString() + " with non-existing profileID: " + e.getMessage() );
+                LOGGER.warn( SESSION_LABEL, () -> "error deleting setting " + key.toString() + " with non-existing profileID: " + e.getMessage() );
             }
         }
     }
@@ -307,12 +309,12 @@ public class ConfigurationCleaner
             try
             {
                 final StoredValue value = inputConfig.readStoredValue( key ).orElseThrow();
-                LOGGER.info( SessionLabel.SYSTEM_LABEL, () -> "removing setting " + key.toString() + " with default value: " + value.toDebugString( PwmConstants.DEFAULT_LOCALE ) );
+                LOGGER.info( SESSION_LABEL, () -> "removing setting " + key.toString() + " with default value: " + value.toDebugString( PwmConstants.DEFAULT_LOCALE ) );
                 modifier.deleteKey( key );
             }
             catch ( final PwmUnrecoverableException e )
             {
-                LOGGER.warn( SessionLabel.SYSTEM_LABEL, () -> "error deleting setting " + key.toString() + " with default value: " + e.getMessage() );
+                LOGGER.warn( SESSION_LABEL, () -> "error deleting setting " + key.toString() + " with default value: " + e.getMessage() );
             }
         }
     }

server/src/main/java/password/pwm/health/HealthService.java

@@ -117,7 +117,7 @@ public class HealthService extends AbstractPwmService implements PwmService
 
         if ( !settings.isHealthCheckEnabled() )
         {
-            LOGGER.debug( () -> "health monitor will remain inactive due to AppProperty " + AppProperty.HEALTHCHECK_ENABLED.getKey() );
+            LOGGER.debug( getSessionLabel(), () -> "health monitor will remain inactive due to AppProperty " + AppProperty.HEALTHCHECK_ENABLED.getKey() );
             return STATUS.CLOSED;
         }
 

server/src/main/java/password/pwm/http/PwmRequest.java

@@ -105,8 +105,8 @@ public class PwmRequest extends PwmHttpRequestWrapper
     private final Supplier<PwmRequestContext> requestContextSupplier = LazySupplier.create(
             this::makePwmRequestContext );
 
-    private final Supplier<SessionLabel> sessionLabelSupplier = LazySupplier.create(
-            () -> PwmRequestUtil.makeSessionLabel( this ) );
+    private final LazySupplier<SessionLabel> sessionLabelSupplier = LazySupplier.create(
+            () -> SessionLabel.forPwmRequest( this ) );
 
     public static PwmRequest forRequest(
             final HttpServletRequest request,

server/src/main/java/password/pwm/http/PwmRequestUtil.java

@@ -26,8 +26,6 @@ import org.apache.commons.fileupload.servlet.ServletFileUpload;
 import org.apache.commons.validator.routines.InetAddressValidator;
 import password.pwm.Permission;
 import password.pwm.PwmDomain;
-import password.pwm.bean.SessionLabel;
-import password.pwm.bean.UserIdentity;
 import password.pwm.config.AppConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.value.data.UserPermission;
@@ -37,7 +35,6 @@ import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.ldap.permission.UserPermissionUtility;
-import password.pwm.user.UserInfo;
 import password.pwm.util.java.JavaHelper;
 import password.pwm.util.java.StringUtil;
 import password.pwm.util.java.TimeDuration;
@@ -101,40 +98,6 @@ public class PwmRequestUtil
         return Collections.unmodifiableMap( returnObj );
     }
 
-    static SessionLabel makeSessionLabel( final PwmRequest pwmRequest )
-    {
-        final SessionLabel.SessionLabelBuilder builder = SessionLabel.builder();
-
-        builder.sourceAddress( pwmRequest.getSrcAddress().orElse( null ) );
-        builder.sourceHostname( pwmRequest.getSrcHostname().orElse( null ) );
-        builder.requestID( pwmRequest.getPwmRequestID() );
-        builder.domain( pwmRequest.getDomainID().stringValue() );
-
-        if ( pwmRequest.hasSession() )
-        {
-            final PwmSession pwmSession = pwmRequest.getPwmSession();
-            builder.sessionID( pwmSession.getSessionStateBean().getSessionID() );
-
-            if ( pwmRequest.isAuthenticated() )
-            {
-                try
-                {
-                    final UserInfo userInfo = pwmSession.getUserInfo();
-                    final UserIdentity userIdentity = userInfo.getUserIdentity();
-
-                    builder.username( userInfo.getUsername() );
-                    builder.profile( userIdentity == null ? null : userIdentity.getLdapProfileID().stringValue() );
-                }
-                catch ( final PwmUnrecoverableException e )
-                {
-                    LOGGER.error( () -> "unexpected error reading username: " + e.getMessage(), e );
-                }
-            }
-        }
-
-        return builder.build();
-    }
-
     public static Optional<String> readUserHostname(
             final HttpServletRequest request,
             final AppConfig config

server/src/main/java/password/pwm/http/servlet/configeditor/function/UserMatchViewerFunction.java

@@ -122,7 +122,7 @@ public class UserMatchViewerFunction implements SettingUIFunction
 
         final long maxSearchSeconds = pwmDomain.getConfig().getDefaultLdapProfile().readSettingAsLong( PwmSetting.LDAP_SEARCH_TIMEOUT );
         final TimeDuration maxSearchTime = TimeDuration.of( maxSearchSeconds, TimeDuration.Unit.SECONDS );
-        final Iterator<UserIdentity> matches =  UserPermissionUtility.discoverMatchingUsers( tempDomain, permissions, SessionLabel.SYSTEM_LABEL, maxResultSize, maxSearchTime );
+        final Iterator<UserIdentity> matches =  UserPermissionUtility.discoverMatchingUsers( tempDomain, permissions, sessionLabel, maxResultSize, maxSearchTime );
         final List<UserIdentity> sortedResults = new ArrayList<>( CollectionUtil.iteratorToList( matches ) );
         Collections.sort( sortedResults );
         return Collections.unmodifiableList ( sortedResults );

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServlet.java

@@ -998,7 +998,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
     @ActionHandler( action = "showVerifications" )
     public ProcessStatus restShowVerifications( final PwmRequest pwmRequest )
-            throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException
+            throws IOException, PwmUnrecoverableException
     {
         final Map<String, String> bodyMap = pwmRequest.readBodyAsJsonStringMap( PwmHttpRequestWrapper.Flag.BypassValidation );
         final String rawVerificationStr = bodyMap.get( HelpdeskVerificationStateBean.PARAMETER_VERIFICATION_STATE_KEY );
@@ -1006,7 +1006,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
         final HashMap<String, Object> results = new HashMap<>();
         try
         {
-            results.put( "records", state.asViewableValidationRecords( pwmRequest.getPwmDomain(), pwmRequest.getLocale() ) );
+            results.put( "records", state.asViewableValidationRecords( pwmRequest.getPwmRequestContext() ) );
         }
         catch ( final ChaiOperationException e )
         {

server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskVerificationStateBean.java

@@ -21,20 +21,19 @@
 package password.pwm.http.servlet.helpdesk;
 
 import com.novell.ldapchai.exception.ChaiOperationException;
-import com.novell.ldapchai.exception.ChaiUnavailableException;
 import lombok.Value;
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
 import password.pwm.PwmDomain;
-import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.option.IdentityVerificationMethod;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
-import password.pwm.user.UserInfo;
+import password.pwm.http.PwmRequestContext;
 import password.pwm.ldap.UserInfoFactory;
-import password.pwm.util.json.JsonFactory;
+import password.pwm.user.UserInfo;
 import password.pwm.util.java.TimeDuration;
+import password.pwm.util.json.JsonFactory;
 import password.pwm.util.logging.PwmLogger;
 
 import java.io.Serializable;
@@ -42,7 +41,6 @@ import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
-import java.util.Locale;
 import java.util.Map;
 import java.util.Optional;
 import java.util.TreeMap;
@@ -118,23 +116,21 @@ class HelpdeskVerificationStateBean implements Serializable
         }
     }
 
-    List<ViewableValidationRecord> asViewableValidationRecords(
-            final PwmDomain pwmDomain,
-            final Locale locale
-    )
-            throws ChaiOperationException, ChaiUnavailableException, PwmUnrecoverableException
+    List<ViewableValidationRecord> asViewableValidationRecords( final PwmRequestContext pwmRequestContext )
+            throws ChaiOperationException, PwmUnrecoverableException
     {
         final Map<Instant, ViewableValidationRecord> returnRecords = new TreeMap<>();
         for ( final HelpdeskValidationRecord record : records )
         {
             final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(
-                    pwmDomain.getPwmApplication(),
-                    SessionLabel.SYSTEM_LABEL,
+                    pwmRequestContext.getPwmApplication(),
+                    pwmRequestContext.getSessionLabel(),
                     record.getIdentity(),
                     PwmConstants.DEFAULT_LOCALE );
             final String username = userInfo.getUsername();
-            final String profile = pwmDomain.getConfig().getLdapProfiles().get( record.getIdentity().getLdapProfileID() ).getDisplayName( locale );
-            final String method = record.getMethod().getLabel( pwmDomain.getConfig(), locale );
+            final String profile = pwmRequestContext.getPwmDomain().getConfig().getLdapProfiles().get( record.getIdentity().getLdapProfileID() )
+                    .getDisplayName( pwmRequestContext.getLocale() );
+            final String method = record.getMethod().getLabel( pwmRequestContext.getPwmDomain().getConfig(), pwmRequestContext.getLocale() );
             returnRecords.put( record.getTimestamp(), new ViewableValidationRecord( record.getTimestamp(), profile, username, method ) );
         }
         return List.copyOf( returnRecords.values() );

server/src/main/java/password/pwm/svc/intruder/IntruderDomainService.java

@@ -418,7 +418,7 @@ public class IntruderDomainService extends AbstractPwmService implements PwmServ
         {
             final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(
                     pwmDomain.getPwmApplication(),
-                    SessionLabel.SYSTEM_LABEL,
+                    sessionLabel,
                     userIdentity, locale
             );
 

server/src/main/java/password/pwm/util/cli/commands/ExportResponsesCommand.java

@@ -97,7 +97,7 @@ public class ExportResponsesCommand extends AbstractCliCommand
                 searchConfiguration,
                 Integer.MAX_VALUE,
                 Collections.emptyList(),
-                SessionLabel.SYSTEM_LABEL
+                SessionLabel.CLI_SESSION_LABEL
         );
         out( "searching " + results.size() + " users for stored responses...." );
         int counter = 0;

server/src/main/java/password/pwm/util/cli/commands/ResponseStatsCommand.java

@@ -202,7 +202,7 @@ public class ResponseStatsCommand extends AbstractCliCommand
                     searchConfiguration,
                     Integer.MAX_VALUE,
                     Collections.emptyList(),
-                    SessionLabel.SYSTEM_LABEL
+                    SessionLabel.CLI_SESSION_LABEL
             );
             returnList.addAll( searchResults.keySet() );
 

server/src/main/java/password/pwm/util/form/FormUtility.java

@@ -332,7 +332,7 @@ public class FormUtility
                     searchConfiguration,
                     resultSearchSizeLimit,
                     Collections.emptyList(),
-                    SessionLabel.SYSTEM_LABEL
+                    sessionLabel
             ) );
 
             if ( excludeDN != null && !excludeDN.isEmpty() )

server/src/main/java/password/pwm/util/logging/PwmLogEvent.java

@@ -130,13 +130,7 @@ public class PwmLogEvent implements Serializable, Comparable<PwmLogEvent>
     String getEnhancedMessage( )
     {
 
-        final SessionLabel sessionLabel = SessionLabel.builder()
-                .sessionID( getSessionID() )
-                .requestID( getRequestID() )
-                .username( getUsername() )
-                .sourceAddress( getSourceAddress() )
-                .domain( getDomain() )
-                .build();
+        final SessionLabel sessionLabel = SessionLabel.fromPwmLogEvent( this );
 
         return PwmLogUtil.createEnhancedMessage(
                 sessionLabel,

server/src/main/java/password/pwm/util/logging/PwmLogUtil.java

@@ -87,14 +87,13 @@ class PwmLogUtil
             final SessionLabel sessionLabel = logEvent.getSessionLabel();
             if ( sessionLabel != null )
             {
-
                 messageInfoBuilder.actor( sessionLabel.getUsername() );
                 messageInfoBuilder.source( sessionLabel.getSourceAddress() );
             }
 
             final LogToAuditMessageInfo messageInfo = messageInfoBuilder.build();
             final String messageInfoStr = JsonFactory.get().serialize( messageInfo );
-            AuditServiceClient.submitSystemEvent( pwmApplication, SessionLabel.SYSTEM_LABEL, AuditEvent.FATAL_EVENT, messageInfoStr );
+            AuditServiceClient.submitSystemEvent( pwmApplication, logEvent.getSessionLabel(), AuditEvent.FATAL_EVENT, messageInfoStr );
         }
     }
 

server/src/main/java/password/pwm/util/macro/ExternalRestMacro.java

@@ -23,7 +23,6 @@ package password.pwm.util.macro;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
 import password.pwm.PwmDomain;
-import password.pwm.bean.SessionLabel;
 import password.pwm.bean.pub.PublicUserInfoBean;
 import password.pwm.error.PwmException;
 import password.pwm.user.UserInfo;
@@ -79,13 +78,19 @@ class ExternalRestMacro extends AbstractMacro
 
             if ( userInfoBean != null )
             {
-                final MacroRequest macroRequest = MacroRequest.forUser( pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfoBean.getUserIdentity() );
+                final MacroRequest macroRequest = MacroRequest.forUser(
+                        pwmApplication,
+                        macroRequestInfo.getUserLocale(),
+                        macroRequestInfo.getSessionLabel(),
+                        userInfoBean.getUserIdentity() );
+
                 final PublicUserInfoBean publicUserInfoBean = UserInfoBean.toPublicUserInfoBean(
                         userInfoBean,
                         pwmDomain.getConfig(),
                         PwmConstants.DEFAULT_LOCALE,
                         macroRequest
                 );
+
                 sendData.put( "userInfo", publicUserInfoBean );
             }
             sendData.put( "input", inputString );

server/src/main/java/password/pwm/util/password/PwmPasswordRuleValidator.java

@@ -253,8 +253,9 @@ public class PwmPasswordRuleValidator
             final MacroRequest macroRequest = MacroRequest.forUser(
                     pwmDomain.getPwmApplication(),
                     PwmConstants.DEFAULT_LOCALE,
-                    SessionLabel.SYSTEM_LABEL,
+                    sessionLabel,
                     userInfo.getUserIdentity() );
+
             final PublicUserInfoBean publicUserInfoBean = UserInfoBean.toPublicUserInfoBean( userInfo, pwmDomain.getConfig(), locale, macroRequest );
             sendData.put( "userInfo", publicUserInfoBean );
         }

server/src/main/java/password/pwm/ws/client/rest/RestTokenDataClient.java

@@ -91,8 +91,8 @@ public class RestTokenDataClient implements RestClient
 
             final MacroRequest macroRequest = MacroRequest.forUser(
                     pwmDomain.getPwmApplication(),
-                    PwmConstants.DEFAULT_LOCALE,
-                    SessionLabel.SYSTEM_LABEL,
+                    locale,
+                    sessionLabel,
                     userInfo.getUserIdentity() );
 
             final PublicUserInfoBean publicUserInfoBean = UserInfoBean.toPublicUserInfoBean( userInfo, pwmDomain.getConfig(), PwmConstants.DEFAULT_LOCALE, macroRequest );

server/src/main/java/password/pwm/ws/server/RestServlet.java

@@ -42,12 +42,11 @@ import password.pwm.http.HttpContentType;
 import password.pwm.http.HttpHeader;
 import password.pwm.http.HttpMethod;
 import password.pwm.http.PwmHttpRequestWrapper;
-import password.pwm.http.PwmRequestUtil;
 import password.pwm.http.filter.RequestInitializationFilter;
 import password.pwm.svc.stats.EpsStatistic;
 import password.pwm.svc.stats.StatisticsClient;
 import password.pwm.util.i18n.LocaleHelper;
-import password.pwm.util.java.AtomicLoopIntIncrementer;
+import password.pwm.util.java.AtomicLoopLongIncrementer;
 import password.pwm.util.java.JavaHelper;
 import password.pwm.util.java.StringUtil;
 import password.pwm.util.java.TimeDuration;
@@ -72,7 +71,7 @@ import java.util.Optional;
 
 public abstract class RestServlet extends HttpServlet
 {
-    private static final AtomicLoopIntIncrementer REQUEST_COUNTER = new AtomicLoopIntIncrementer();
+    private static final AtomicLoopLongIncrementer REQUEST_COUNTER = new AtomicLoopLongIncrementer();
 
     private static final PwmLogger LOGGER = PwmLogger.forClass( RestServlet.class );
 
@@ -107,12 +106,7 @@ public abstract class RestServlet extends HttpServlet
 
         final Locale locale = readLocale( pwmDomain.getPwmApplication(), req, resp );
 
-        final SessionLabel sessionLabel = SessionLabel.builder()
-                    .sessionID( "rest-" + REQUEST_COUNTER.next() )
-                    .sourceAddress( PwmRequestUtil.readUserNetworkAddress( req, pwmApplication.getConfig() ).orElse( "" ) )
-                    .sourceHostname( PwmRequestUtil.readUserHostname( req, pwmApplication.getConfig() ).orElse( "" ) )
-                    .domain( pwmDomain.getDomainID().stringValue() )
-                    .build();
+        final SessionLabel sessionLabel = SessionLabel.forRestRequest( pwmApplication, req, REQUEST_COUNTER, pwmDomain.getDomainID() );
 
         logHttpRequest( pwmApplication, req, sessionLabel );