update chai api to 0.8.0

improve c/r service logging

server/pom.xml

@@ -221,7 +221,7 @@
         <dependency>
             <groupId>com.github.ldapchai</groupId>
             <artifactId>ldapchai</artifactId>
-            <version>0.7.6</version>
+            <version>0.8.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>org.apache.directory.api</groupId>

server/src/main/java/password/pwm/http/servlet/SetupResponsesServlet.java

@@ -21,6 +21,7 @@
 package password.pwm.http.servlet;
 
 import com.novell.ldapchai.ChaiUser;
+import com.novell.ldapchai.cr.ChaiChallenge;
 import com.novell.ldapchai.cr.ChaiCrFactory;
 import com.novell.ldapchai.cr.ChaiResponseSet;
 import com.novell.ldapchai.cr.Challenge;
@@ -434,7 +435,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ChaiUser theUser = pwmSession.getSessionManager().getActor( );
         final String userGUID = pwmSession.getUserInfo().getUserGuid();
-        pwmApplication.getCrService().writeResponses( pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID, responseInfoBean );
+        pwmApplication.getCrService().writeResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID, responseInfoBean );
         pwmSession.reloadUserInfoBean( pwmRequest );
         pwmApplication.getStatisticsManager().incrementValue( Statistic.SETUP_RESPONSES );
         pwmApplication.getAuditManager().submit( AuditEvent.SET_RESPONSES, pwmSession.getUserInfo(), pwmSession );
@@ -477,17 +478,30 @@ public class SetupResponsesServlet extends ControlledPwmServlet
                 if ( loopChallenge.isRequired() || !setupData.isSimpleMode() )
                 {
 
+                    final Challenge newChallenge;
                     if ( !loopChallenge.isAdminDefined() )
                     {
                         final String questionText = inputMap.get( PwmConstants.PARAM_QUESTION_PREFIX + indexKey );
-                        loopChallenge.setChallengeText( questionText );
+                        newChallenge = new ChaiChallenge(
+                                loopChallenge.isRequired(),
+                                questionText,
+                                loopChallenge.getMinLength(),
+                                loopChallenge.getMaxLength(),
+                                loopChallenge.isAdminDefined(),
+                                loopChallenge.getMaxQuestionCharsInAnswer(),
+                                loopChallenge.isEnforceWordlist()
+                        );
+                    }
+                    else
+                    {
+                        newChallenge = loopChallenge;
                     }
 
                     final String answer = inputMap.get( PwmConstants.PARAM_RESPONSE_PREFIX + indexKey );
 
                     if ( answer != null && answer.length() > 0 )
                     {
-                        readResponses.put( loopChallenge, answer );
+                        readResponses.put( newChallenge, answer );
                     }
                 }
             }

server/src/main/java/password/pwm/util/cli/commands/ImportResponsesCommand.java

@@ -74,7 +74,7 @@ public class ImportResponsesCommand extends AbstractCliCommand
                         final ChallengeSet challengeSet = challengeProfile.getChallengeSet();
                         final String userGuid = LdapOperationsHelper.readLdapGuidValue( pwmApplication, null, userIdentity, false );
                         final ResponseInfoBean responseInfoBean = inputData.toResponseInfoBean( PwmConstants.DEFAULT_LOCALE, challengeSet.getIdentifier() );
-                        pwmApplication.getCrService().writeResponses( userIdentity, user, userGuid, responseInfoBean );
+                        pwmApplication.getCrService().writeResponses( null, userIdentity, user, userGuid, responseInfoBean );
                     }
                     catch ( final Exception e )
                     {

server/src/main/java/password/pwm/util/operations/CrService.java

@@ -423,7 +423,7 @@ public class CrService implements PwmService
             final ResponseInfoBean readResponses;
 
             LOGGER.trace( sessionLabel, () -> "attempting read of response info via storage method: " + storageMethod );
-            readResponses = operatorMap.get( storageMethod ).readResponseInfo( theUser, userIdentity, userGUID );
+            readResponses = operatorMap.get( storageMethod ).readResponseInfo( sessionLabel, theUser, userIdentity, userGUID );
 
             if ( readResponses != null )
             {
@@ -471,7 +471,7 @@ public class CrService implements PwmService
             final ResponseSet readResponses;
 
             LOGGER.trace( sessionLabel, () -> "attempting read of responses via storage method: " + storageMethod );
-            readResponses = operatorMap.get( storageMethod ).readResponseSet( theUser, userIdentity, userGUID );
+            readResponses = operatorMap.get( storageMethod ).readResponseSet( sessionLabel, theUser, userIdentity, userGUID );
 
             if ( readResponses != null )
             {
@@ -489,6 +489,7 @@ public class CrService implements PwmService
 
 
     public void writeResponses(
+            final SessionLabel sessionLabel,
             final UserIdentity userIdentity,
             final ChaiUser theUser,
             final String userGUID,
@@ -504,13 +505,17 @@ public class CrService implements PwmService
 
         final List<DataStorageMethod> writeMethods = ConfigurationUtil.getCrWritePreference( config );
 
+        LOGGER.debug( sessionLabel, () -> "will attempt to write the following storage methods: "
+                + JsonUtil.serializeCollection( writeMethods ) + " for user " + theUser.getEntryDN() );
+
+
         for ( final DataStorageMethod loopWriteMethod : writeMethods )
         {
             try
             {
                 attempts++;
-                operatorMap.get( loopWriteMethod ).writeResponses( userIdentity, theUser, userGUID, responseInfoBean );
-                LOGGER.debug( () -> "saved responses using storage method " + loopWriteMethod + " for user " + theUser.getEntryDN() );
+                operatorMap.get( loopWriteMethod ).writeResponses( sessionLabel, userIdentity, theUser, userGUID, responseInfoBean );
+                LOGGER.debug( sessionLabel, () -> "saved responses using storage method " + loopWriteMethod + " for user " + theUser.getEntryDN() );
                 errorMessages.put( loopWriteMethod, "Success" );
                 successes++;
             }
@@ -552,16 +557,19 @@ public class CrService implements PwmService
         int attempts = 0;
         int successes = 0;
 
-        LOGGER.trace( sessionLabel, () -> "beginning clear response operation for user " + theUser.getEntryDN() + " guid=" + userGUID );
-
         final List<DataStorageMethod> writeMethods = ConfigurationUtil.getCrWritePreference( config );
 
+        LOGGER.debug( sessionLabel, () -> "will attempt to clear the following storage methods: "
+                + JsonUtil.serializeCollection( writeMethods ) + " for user " + theUser.getEntryDN()
+                + theUser.getEntryDN() + " guid=" + userGUID );
+
         for ( final DataStorageMethod loopWriteMethod : writeMethods )
         {
             try
             {
                 attempts++;
-                operatorMap.get( loopWriteMethod ).clearResponses( userIdentity, theUser, userGUID );
+                operatorMap.get( loopWriteMethod ).clearResponses( sessionLabel, userIdentity, theUser, userGUID );
+                LOGGER.debug( sessionLabel, () -> "cleared responses using storage method " + loopWriteMethod + " for user " + theUser.getEntryDN() );
                 successes++;
             }
             catch ( final PwmUnrecoverableException e )

server/src/main/java/password/pwm/util/operations/cr/CrOperator.java

@@ -30,12 +30,12 @@ import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.exception.ChaiValidationException;
 import com.novell.ldapchai.impl.edir.NmasResponseSet;
 import password.pwm.bean.ResponseInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.option.DataStorageMethod;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.util.logging.PwmLogger;
 
-import java.time.Instant;
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
@@ -45,31 +45,54 @@ public interface CrOperator
     /**
      * Read a response set suitable for use in forgotten password scenarios.
      *
+     * @param sessionLabel sessionLabel of invocation
      * @param theUser chaiUser to examine
      * @param userIdentity identify of the user
      * @param userGUID user's guid
      * @return a responseSet instance suitable for use with forgotten password.
      * @throws PwmUnrecoverableException if the operation fails
      */
-    ResponseSet readResponseSet( ChaiUser theUser, UserIdentity userIdentity, String userGUID )
+    ResponseSet readResponseSet(
+            SessionLabel sessionLabel,
+            ChaiUser theUser,
+            UserIdentity userIdentity,
+            String userGUID
+    )
             throws PwmUnrecoverableException;
 
     /**
      * Read a response info bean suitable for examining the user's stored response data, but not for use during forgotten password.
      *
+     * @param sessionLabel sessionLabel of invocation
      * @param theUser chaiUser to examine
      * @param userIdentity identify of the user
      * @param userGUID user's guid
      * @return a bean with the users stored response data.
      * @throws PwmUnrecoverableException if the operation fails
      */
-    ResponseInfoBean readResponseInfo( ChaiUser theUser, UserIdentity userIdentity, String userGUID )
+    ResponseInfoBean readResponseInfo(
+            SessionLabel sessionLabel,
+            ChaiUser theUser,
+            UserIdentity userIdentity,
+            String userGUID
+    )
             throws PwmUnrecoverableException;
 
-    void clearResponses( UserIdentity userIdentity, ChaiUser theUser, String userGUID )
+    void clearResponses(
+            SessionLabel sessionLabel,
+            UserIdentity userIdentity,
+            ChaiUser theUser,
+            String userGUID
+    )
             throws PwmUnrecoverableException;
 
-    void writeResponses( UserIdentity userIdentity, ChaiUser theUser, String userGuid, ResponseInfoBean responseInfoBean )
+    void writeResponses(
+            SessionLabel sessionLabel,
+            UserIdentity userIdentity,
+            ChaiUser theUser,
+            String userGuid,
+            ResponseInfoBean responseInfoBean
+    )
             throws PwmUnrecoverableException;
 
     void close( );
@@ -117,10 +140,7 @@ public interface CrOperator
                     dataSource,
                     formatType
             );
-            responseInfoBean.setTimestamp( responseSet.getTimestamp() == null
-                    ? null
-                    : Instant.ofEpochMilli( responseSet.getTimestamp().getTime() )
-            );
+            responseInfoBean.setTimestamp( responseSet.getTimestamp() );
             return responseInfoBean;
         }
     }

server/src/main/java/password/pwm/util/operations/cr/DbCrOperator.java

@@ -28,6 +28,7 @@ import com.novell.ldapchai.exception.ChaiException;
 import com.novell.ldapchai.exception.ChaiValidationException;
 import password.pwm.PwmApplication;
 import password.pwm.bean.ResponseInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.option.DataStorageMethod;
 import password.pwm.error.ErrorInformation;
@@ -59,6 +60,7 @@ public class DbCrOperator implements CrOperator
 
     @Override
     public ResponseSet readResponseSet(
+            final SessionLabel sessionLabel,
             final ChaiUser theUser,
             final UserIdentity userIdentity,
             final String userGUID
@@ -79,12 +81,12 @@ public class DbCrOperator implements CrOperator
             if ( responseStringBlob != null && responseStringBlob.length() > 0 )
             {
                 final ResponseSet userResponseSet = ChaiResponseSet.parseChaiResponseSetXML( responseStringBlob, theUser );
-                LOGGER.debug( () -> "found responses for " + theUser.getEntryDN() + " in remote database: " + userResponseSet.toString() );
+                LOGGER.debug( sessionLabel, () -> "found responses for " + theUser.getEntryDN() + " in remote database: " + userResponseSet.toString() );
                 return userResponseSet;
             }
             else
             {
-                LOGGER.trace( () -> "user guid for " + theUser.getEntryDN() + " not found in remote database (key=" + userGUID + ")" );
+                LOGGER.trace( sessionLabel, () -> "user guid for " + theUser.getEntryDN() + " not found in remote database (key=" + userGUID + ")" );
             }
         }
         catch ( final ChaiValidationException e )
@@ -103,12 +105,12 @@ public class DbCrOperator implements CrOperator
     }
 
     @Override
-    public ResponseInfoBean readResponseInfo( final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID )
+    public ResponseInfoBean readResponseInfo( final SessionLabel sessionLabel, final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID )
             throws PwmUnrecoverableException
     {
         try
         {
-            final ResponseSet responseSet = readResponseSet( theUser, userIdentity, userGUID );
+            final ResponseSet responseSet = readResponseSet( sessionLabel, theUser, userIdentity, userGUID );
             return responseSet == null ? null : CrOperators.convertToNoAnswerInfoBean( responseSet, DataStorageMethod.DB );
         }
         catch ( final ChaiException e )
@@ -121,7 +123,12 @@ public class DbCrOperator implements CrOperator
     }
 
     @Override
-    public void clearResponses( final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID )
+    public void clearResponses(
+            final SessionLabel sessionLabel,
+            final UserIdentity userIdentity,
+            final ChaiUser theUser,
+            final String userGUID
+    )
             throws PwmUnrecoverableException
     {
         if ( userGUID == null || userGUID.length() < 1 )
@@ -136,7 +143,7 @@ public class DbCrOperator implements CrOperator
         {
             final DatabaseAccessor databaseAccessor = pwmApplication.getDatabaseService().getAccessor();
             databaseAccessor.remove( DatabaseTable.PWM_RESPONSES, userGUID );
-            LOGGER.info( () -> "cleared responses for user " + theUser.getEntryDN() + " in remote database" );
+            LOGGER.info( sessionLabel, () -> "cleared responses for user " + theUser.getEntryDN() + " in remote database" );
         }
         catch ( final DatabaseException e )
         {
@@ -144,14 +151,13 @@ public class DbCrOperator implements CrOperator
                     PwmError.ERROR_CLEARING_RESPONSES,
                     "unexpected error clearing responses for " + theUser.getEntryDN() + " in remote database, error: " + e.getMessage()
             );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
     }
 
     @Override
     public void writeResponses(
+            final SessionLabel sessionLabel,
             final UserIdentity userIdentity,
             final ChaiUser theUser,
             final String userGUID,
@@ -167,7 +173,7 @@ public class DbCrOperator implements CrOperator
             );
         }
 
-        LOGGER.trace( () -> "attempting to save responses for " + theUser.getEntryDN() + " in remote database (key=" + userGUID + ")" );
+        LOGGER.trace( sessionLabel, () -> "attempting to save responses for " + theUser.getEntryDN() + " in remote database (key=" + userGUID + ")" );
 
         try
         {
@@ -182,7 +188,7 @@ public class DbCrOperator implements CrOperator
 
             final DatabaseAccessor databaseAccessor = pwmApplication.getDatabaseService().getAccessor();
             databaseAccessor.put( DatabaseTable.PWM_RESPONSES, userGUID, responseSet.stringValue() );
-            LOGGER.info( () -> "saved responses for " + theUser.getEntryDN() + " in remote database (key=" + userGUID + ")" );
+            LOGGER.info( sessionLabel, () -> "saved responses for " + theUser.getEntryDN() + " in remote database (key=" + userGUID + ")" );
         }
         catch ( final ChaiException e )
         {
@@ -194,10 +200,8 @@ public class DbCrOperator implements CrOperator
                     PwmError.ERROR_WRITING_RESPONSES,
                     "unexpected error saving responses for " + theUser.getEntryDN() + " in remote database: " + e.getMessage()
             );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            LOGGER.error( () -> errorInfo.toDebugStr() );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            LOGGER.error( sessionLabel, errorInfo::toDebugStr );
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
     }
 }

server/src/main/java/password/pwm/util/operations/cr/LdapCrOperator.java

@@ -29,6 +29,7 @@ import com.novell.ldapchai.exception.ChaiException;
 import com.novell.ldapchai.exception.ChaiOperationException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.bean.ResponseInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
@@ -60,7 +61,7 @@ public class LdapCrOperator implements CrOperator
     }
 
     @Override
-    public ResponseSet readResponseSet( final ChaiUser theUser, final UserIdentity userIdentity, final String userGuid )
+    public ResponseSet readResponseSet( final SessionLabel sessionLabel, final ChaiUser theUser, final UserIdentity userIdentity, final String userGuid )
             throws PwmUnrecoverableException
     {
         try
@@ -69,18 +70,18 @@ public class LdapCrOperator implements CrOperator
         }
         catch ( final ChaiException e )
         {
-            LOGGER.debug( () -> "ldap error reading response set: " + e.getMessage(), e );
+            LOGGER.debug( sessionLabel, () -> "ldap error reading response set: " + e.getMessage() );
         }
         return null;
     }
 
     @Override
-    public ResponseInfoBean readResponseInfo( final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID )
+    public ResponseInfoBean readResponseInfo( final SessionLabel sessionLabel, final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID )
             throws PwmUnrecoverableException
     {
         try
         {
-            final ResponseSet responseSet = readResponseSet( theUser, userIdentity, userGUID );
+            final ResponseSet responseSet = readResponseSet( sessionLabel, theUser, userIdentity, userGUID );
             return responseSet == null ? null : CrOperators.convertToNoAnswerInfoBean( responseSet, DataStorageMethod.LDAP );
         }
         catch ( final ChaiException e )
@@ -91,7 +92,7 @@ public class LdapCrOperator implements CrOperator
     }
 
     @Override
-    public void clearResponses( final UserIdentity userIdentity, final ChaiUser theUser, final String userGuid )
+    public void clearResponses( final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser, final String userGuid )
             throws PwmUnrecoverableException
     {
         final LdapProfile ldapProfile = userIdentity.getLdapProfile( config );
@@ -110,7 +111,7 @@ public class LdapCrOperator implements CrOperator
             {
                 theUser.deleteAttribute( ldapStorageAttribute, null );
             }
-            LOGGER.info( () -> "cleared responses for user to chai-ldap format" );
+            LOGGER.info( sessionLabel, () -> "cleared responses for user to chai-ldap format" );
         }
         catch ( final ChaiOperationException e )
         {
@@ -126,9 +127,7 @@ public class LdapCrOperator implements CrOperator
                 errorMsg = "error clearing responses to ldap attribute '" + ldapStorageAttribute + "': " + e.getMessage();
             }
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_WRITING_RESPONSES, errorMsg );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
         catch ( final ChaiUnavailableException e )
         {
@@ -137,7 +136,13 @@ public class LdapCrOperator implements CrOperator
     }
 
     @Override
-    public void writeResponses( final UserIdentity userIdentity, final ChaiUser theUser, final String userGuid, final ResponseInfoBean responseInfoBean )
+    public void writeResponses(
+            final SessionLabel sessionLabel,
+            final UserIdentity userIdentity,
+            final ChaiUser theUser,
+            final String userGuid,
+            final ResponseInfoBean responseInfoBean
+    )
             throws PwmUnrecoverableException
     {
         final Instant startTime = Instant.now();
@@ -160,7 +165,7 @@ public class LdapCrOperator implements CrOperator
                     responseInfoBean.getCsIdentifier()
             );
             ChaiCrFactory.writeChaiResponseSet( responseSet, theUser );
-            LOGGER.info( () -> "saved responses for user to chai-ldap format", () -> TimeDuration.fromCurrent( startTime ) );
+            LOGGER.info( sessionLabel, () -> "saved responses for user to chai-ldap format", () -> TimeDuration.fromCurrent( startTime ) );
         }
         catch ( final ChaiException e )
         {
@@ -176,9 +181,7 @@ public class LdapCrOperator implements CrOperator
                 errorMsg = "error writing user responses to ldap attribute '" + ldapStorageAttribute + "': " + e.getMessage();
             }
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_WRITING_RESPONSES, errorMsg );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
     }
 }

server/src/main/java/password/pwm/util/operations/cr/LocalDbCrOperator.java

@@ -26,6 +26,7 @@ import com.novell.ldapchai.cr.ChaiResponseSet;
 import com.novell.ldapchai.cr.ResponseSet;
 import com.novell.ldapchai.exception.ChaiException;
 import password.pwm.bean.ResponseInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.option.DataStorageMethod;
 import password.pwm.error.ErrorInformation;
@@ -53,6 +54,7 @@ public class LocalDbCrOperator implements CrOperator
 
     @Override
     public ResponseSet readResponseSet(
+            final SessionLabel sessionLabel,
             final ChaiUser theUser,
             final UserIdentity userIdentity,
             final String userGUID
@@ -79,7 +81,7 @@ public class LocalDbCrOperator implements CrOperator
             if ( responseStringBlob != null && responseStringBlob.length() > 0 )
             {
                 final ResponseSet userResponseSet = ChaiResponseSet.parseChaiResponseSetXML( responseStringBlob, theUser );
-                LOGGER.debug( () -> "found user responses in LocalDB: " + userResponseSet.toString() );
+                LOGGER.debug( sessionLabel, () -> "found user responses in LocalDB: " + userResponseSet.toString() );
                 return userResponseSet;
             }
         }
@@ -99,12 +101,17 @@ public class LocalDbCrOperator implements CrOperator
     }
 
     @Override
-    public ResponseInfoBean readResponseInfo( final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID )
+    public ResponseInfoBean readResponseInfo(
+            final SessionLabel sessionLabel,
+            final ChaiUser theUser,
+            final UserIdentity userIdentity,
+            final String userGUID
+    )
             throws PwmUnrecoverableException
     {
         try
         {
-            final ResponseSet responseSet = readResponseSet( theUser, userIdentity, userGUID );
+            final ResponseSet responseSet = readResponseSet( sessionLabel, theUser, userIdentity, userGUID );
             return responseSet == null ? null : CrOperators.convertToNoAnswerInfoBean( responseSet, DataStorageMethod.LOCALDB );
         }
         catch ( final ChaiException e )
@@ -114,7 +121,7 @@ public class LocalDbCrOperator implements CrOperator
     }
 
     @Override
-    public void clearResponses( final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID ) throws PwmUnrecoverableException
+    public void clearResponses( final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID ) throws PwmUnrecoverableException
     {
         if ( userGUID == null || userGUID.length() < 1 )
         {
@@ -131,7 +138,7 @@ public class LocalDbCrOperator implements CrOperator
         try
         {
             localDB.remove( LocalDB.DB.RESPONSE_STORAGE, userGUID );
-            LOGGER.info( () -> "cleared responses for user " + theUser.getEntryDN() + " in local LocalDB" );
+            LOGGER.info( sessionLabel, () -> "cleared responses for user " + theUser.getEntryDN() + " in local LocalDB" );
         }
         catch ( final LocalDBException e )
         {
@@ -141,7 +148,13 @@ public class LocalDbCrOperator implements CrOperator
     }
 
     @Override
-    public void writeResponses( final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID, final ResponseInfoBean responseInfoBean )
+    public void writeResponses(
+            final SessionLabel sessionLabel,
+            final UserIdentity userIdentity,
+            final ChaiUser theUser,
+            final String userGUID,
+            final ResponseInfoBean responseInfoBean
+    )
             throws PwmUnrecoverableException
     {
         if ( userGUID == null || userGUID.length() < 1 )
@@ -168,21 +181,17 @@ public class LocalDbCrOperator implements CrOperator
             );
 
             localDB.put( LocalDB.DB.RESPONSE_STORAGE, userGUID, responseSet.stringValue() );
-            LOGGER.info( () -> "saved responses for user in LocalDB" );
+            LOGGER.info( sessionLabel, () -> "saved responses for user in LocalDB" );
         }
         catch ( final LocalDBException e )
         {
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_WRITING_RESPONSES, "unexpected LocalDB error saving responses to localDB: " + e.getMessage() );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
         catch ( final ChaiException e )
         {
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_WRITING_RESPONSES, "unexpected error saving responses to localDB: " + e.getMessage() );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
     }
 }

server/src/main/java/password/pwm/util/operations/cr/NMASCrOperator.java

@@ -63,6 +63,7 @@ import password.pwm.AppProperty;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
 import password.pwm.bean.ResponseInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
@@ -101,7 +102,6 @@ import java.security.Security;
 import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Locale;
@@ -272,6 +272,7 @@ public class NMASCrOperator implements CrOperator
 
     @Override
     public ResponseSet readResponseSet(
+            final SessionLabel sessionLabel,
             final ChaiUser theUser,
             final UserIdentity userIdentity,
             final String userGuid
@@ -306,14 +307,19 @@ public class NMASCrOperator implements CrOperator
     }
 
     @Override
-    public ResponseInfoBean readResponseInfo( final ChaiUser theUser, final UserIdentity userIdentity, final String userGUID )
+    public ResponseInfoBean readResponseInfo(
+            final SessionLabel sessionLabel,
+            final ChaiUser theUser,
+            final UserIdentity userIdentity,
+            final String userGUID
+    )
             throws PwmUnrecoverableException
     {
         try
         {
             if ( theUser.getChaiProvider().getDirectoryVendor() != DirectoryVendor.EDIRECTORY )
             {
-                LOGGER.debug( () -> "skipping request to read NMAS responses for " + userIdentity + ", directory type is not eDirectory" );
+                LOGGER.debug( sessionLabel, () -> "skipping request to read NMAS responses for " + userIdentity + ", directory type is not eDirectory" );
                 return null;
             }
 
@@ -334,7 +340,9 @@ public class NMASCrOperator implements CrOperator
 
     @Override
     public void clearResponses(
-            final UserIdentity userIdentity, final ChaiUser theUser,
+            final SessionLabel sessionLabel,
+            final UserIdentity userIdentity,
+            final ChaiUser theUser,
             final String user
     )
             throws PwmUnrecoverableException
@@ -344,22 +352,22 @@ public class NMASCrOperator implements CrOperator
             if ( theUser.getChaiProvider().getDirectoryVendor() == DirectoryVendor.EDIRECTORY )
             {
                 NmasCrFactory.clearResponseSet( theUser );
-                LOGGER.info( () -> "cleared responses for user " + theUser.getEntryDN() + " using NMAS method " );
+                LOGGER.info( sessionLabel, () -> "cleared responses for user " + theUser.getEntryDN() + " using NMAS method " );
             }
         }
         catch ( final ChaiException e )
         {
             final String errorMsg = "error clearing responses from nmas: " + e.getMessage();
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_CLEARING_RESPONSES, errorMsg );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
     }
 
     @Override
     public void writeResponses(
-            final UserIdentity userIdentity, final ChaiUser theUser,
+            final SessionLabel sessionLabel,
+            final UserIdentity userIdentity,
+            final ChaiUser theUser,
             final String userGuid,
             final ResponseInfoBean responseInfoBean
     )
@@ -378,16 +386,14 @@ public class NMASCrOperator implements CrOperator
                         responseInfoBean.getCsIdentifier()
                 );
                 NmasCrFactory.writeResponseSet( nmasResponseSet );
-                LOGGER.info( () -> "saved responses for user using NMAS method " );
+                LOGGER.info( sessionLabel, () -> "saved responses for user using NMAS method " );
             }
         }
         catch ( final ChaiException e )
         {
             final String errorMsg = "error writing responses to nmas: " + e.getMessage();
             final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_WRITING_RESPONSES, errorMsg );
-            final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException( errorInfo );
-            pwmOE.initCause( e );
-            throw pwmOE;
+            throw new PwmUnrecoverableException( errorInfo, e );
         }
     }
 
@@ -629,7 +635,7 @@ public class NMASCrOperator implements CrOperator
         }
 
         @Override
-        public Date getTimestamp( ) throws ChaiUnavailableException, IllegalStateException, ChaiOperationException
+        public Instant getTimestamp( ) throws ChaiUnavailableException, IllegalStateException, ChaiOperationException
         {
             return null;
         }

server/src/main/java/password/pwm/ws/server/rest/RestChallengesServer.java

@@ -284,7 +284,7 @@ public class RestChallengesServer extends RestServlet
             csIdentifer = challengeProfile.getChallengeSet().getIdentifier();
 
             final ResponseInfoBean responseInfoBean = jsonInput.toResponseInfoBean( restRequest.getLocale(), csIdentifer );
-            crService.writeResponses( userIdentity, chaiUser, userGUID, responseInfoBean );
+            crService.writeResponses( restRequest.getSessionLabel(), userIdentity, chaiUser, userGUID, responseInfoBean );
 
             // update statistics
             StatisticsManager.incrementStat( restRequest.getPwmApplication(), Statistic.REST_CHALLENGES );