Removed remaining references to old style / legacy application code:

- kernel.GenericURLFincer removed (commented out in core Initializer) - kernel.ACSObject, removed references to method kernel.MDUtil#hasPackageInstanceRole without replacement - kernel.MDutil: removed method hasPackageInstanceRole In case of problems one or the other may be commented in again, if problems are not resolvable. Various documentation and formatting, code clean-up. git-svn-id: https://svn.libreccm.org/ccm/trunk@2052 8810af33-2d31-482b-a856-94f89814c4df
2013-01-26 12:41:39 +00:00 · 2013-01-26 12:41:39 +00:00 · 869b42fe36
parent 18414f374a
commit 869b42fe36
34 changed files with 621 additions and 530 deletions
--- a/ccm-core/pdl/com/arsdigita/kernel/ACSObject.pdl
+++ b/ccm-core/pdl/com/arsdigita/kernel/ACSObject.pdl
@ -43,20 +43,22 @@ object type ACSObject {
    // aggressive load (container.id);
 }
-query PackageInstanceForObject {
+// Used by GenericURLFinder
-    PackageInstance packageInstance;
+// query PackageInstanceForObject {
 //     PackageInstance packageInstance;
 //
 //     do {
 //         SELECT ap.package_id, ap.pretty_name,
 //                o.object_type, o.display_name, o.default_domain_class
 //         FROM apm_packages ap, acs_objects o
 //         WHERE ap.package_id = o.object_id
 //         AND ap.package_id = package_id_for_object_id(:objectID)
 //     } map {
 //         packageInstance.id = ap.package_id;
 //         packageInstance.prettyName = ap.pretty_name;
 //         packageInstance.objectType = o.object_type;
 //         packageInstance.displayName = o.display_name;
 //         packageInstance.defaultDomainClass = o.default_domain_class;
 //     }
-    do {
+// }
        SELECT ap.package_id, ap.pretty_name,
               o.object_type, o.display_name, o.default_domain_class
        FROM apm_packages ap, acs_objects o
        WHERE ap.package_id = o.object_id
        AND ap.package_id = package_id_for_object_id(:objectID)
    } map {
        packageInstance.id = ap.package_id;
        packageInstance.prettyName = ap.pretty_name;
        packageInstance.objectType = o.object_type;
        packageInstance.displayName = o.display_name;
        packageInstance.defaultDomainClass = o.default_domain_class;
    }
 }
--- a/ccm-core/src/com/arsdigita/kernel/ACSObject.java
+++ b/ccm-core/src/com/arsdigita/kernel/ACSObject.java
@ -165,6 +165,7 @@ public abstract class ACSObject extends ObservableDomainObject {
    /**
     * Called from base class (DomainObject) constructors.
     */
    @Override
    protected void initialize() {
        super.initialize();
@ -264,10 +265,12 @@ public abstract class ACSObject extends ObservableDomainObject {
    }
    /**
-     * Returns the container for this object, or null if there is
+     * Returns the container for this object, or null if there is no
-     * no container.  The container is produced by domain-specific
+     * container. 
-     * logic based on any properties of the domain object.  The resulting
+     * 
-     * container is denormalized internally by ACSObject.save().
+     * The container is produced by domain-specific logic based on any
     * properties of the domain object.  The resulting container is
     * denormalized internally by ACSObject.save().
     * The denormalized container hierarchy is currently only used
     * for generically determining what package instance an object
     * belongs to.  In the future, other generic services may be
@ -291,6 +294,9 @@ public abstract class ACSObject extends ObservableDomainObject {
     * of one File Storage application instance).
     *
     * @return this object's container.
     * @deprecated without direct replacement. Method uses old app style
     * PackageInstance no longer in use. Involing code has to be refactored
     * to use new style application code.
     */
    protected ACSObject getContainer() {
        ObjectType specificType = MDUtil.getType(getSpecificObjectType());
@ -301,10 +307,12 @@ public abstract class ACSObject extends ObservableDomainObject {
            containerData = (DataObject) get(p.getName());
        }
        if (containerData == null) {
-            if (MDUtil.hasPackageInstanceRole(specificType)) {
+            throw new IllegalArgumentException(
-                specializeDataObject(specificType);
+                      "containerData is null, PackageInstance removed.");
-                containerData = (DataObject) get(MDUtil.PACKAGE_INSTANCE);
+         // if (MDUtil.hasPackageInstanceRole(specificType)) {
-            }
+         //     specializeDataObject(specificType);
         //     containerData = (DataObject) get(MDUtil.PACKAGE_INSTANCE);
         // }
        }
        return (ACSObject) DomainObjectFactory.newInstance(containerData);
@ -312,9 +320,10 @@ public abstract class ACSObject extends ObservableDomainObject {
    /**
     * Returns true if this object has been moved to a new container,
-     * or null if the container has not changed.  This methods is
+     * or null if the container has not changed.  
-     * used by ACSObject.save() to determine when to denormalize
+     * 
-     * the result of getContainer().
+     * This methods is used by ACSObject.save() to determine when to
     * denormalize the result of getContainer().
     *
     * While this method is not abstract, the default implementation
     * "guesses" the container based on metadata about the object.
@ -330,11 +339,14 @@ public abstract class ACSObject extends ObservableDomainObject {
     *
     * @return this object's container.
     *
     * @deprecated
     * @see #getContainer()
     */
    protected boolean isContainerModified() {
        ObjectType specificType = MDUtil.getType(getSpecificObjectType());
        Property p = MDUtil.getCompositeRole(specificType);
        if (p != null) {
            specializeDataObject(specificType);
            if (isPropertyModified(p.getName())) {
@ -348,10 +360,16 @@ public abstract class ACSObject extends ObservableDomainObject {
                return false;
            }
        }
-        if (MDUtil.hasPackageInstanceRole(specificType)) {
+
-            specializeDataObject(specificType);
+   //  Removed. EXPERIMENTAL! (pboy 2013-01-26, r2049 hb)
-            return isPropertyModified(MDUtil.PACKAGE_INSTANCE);
+   //  Because package tyble is empty (there exist no old style nor new style
-        }
+   //  compatible applications anymore, everything is new style legacy free)
   //  the argument in if should always return false.!
   //   if (MDUtil.hasPackageInstanceRole(specificType)) {
   //       specializeDataObject(specificType);
   //       return isPropertyModified(MDUtil.PACKAGE_INSTANCE);
   //   }
        return false;
    }
@ -452,7 +470,8 @@ public abstract class ACSObject extends ObservableDomainObject {
             * container for everything in the system is immature
             * and not consistent.
             */
-            SecurityLogger.log(Priority.INFO, "No parent container for " + this.getOID() + ".");
+            SecurityLogger.log(Priority.INFO, "No parent container for " 
                                               + this.getOID() + ".");
            return;
        }
    }
@ -461,6 +480,7 @@ public abstract class ACSObject extends ObservableDomainObject {
        assertPrivilege(PrivilegeDescriptor.WRITE);
    }
    @Override
    protected void beforeSave() {
        // set the display name property if necessary
        String displayName = getDisplayName();
--- a/ccm-core/src/com/arsdigita/kernel/GenericURLFinder.java.nolongerInUse
+++ b/ccm-core/src/com/arsdigita/kernel/GenericURLFinder.java.nolongerInUse
@ -102,6 +102,9 @@ import java.net.URLEncoder;
 *
 * @author Oumi Mehrotra
 * @version $Id: GenericURLFinder.java 287 2005-02-22 00:29:02Z sskracic $
 * @deprecated without replacement. Current code depends solely on old style
 * applications using SiteNode and Package / PackageType. Both are no longer
 * in use. This class can not provide any useful information anymore (pb 2013-01)
 */
 public class GenericURLFinder implements URLFinder {
--- a/ccm-core/src/com/arsdigita/kernel/Initializer.java
+++ b/ccm-core/src/com/arsdigita/kernel/Initializer.java
@ -127,8 +127,10 @@ public class Initializer extends GenericInitializer {
        // finders registered for them by other initializers (in UI packages).
        // For PackageInstance, urls are determined from the mount points on
        // the site map.
-        URLService.registerFinder(PackageInstance.BASE_DATA_OBJECT_TYPE,
+   //   EXPERIMENTAL. This class relies on SiteNode / Package / PackageTye
-                                  new GenericURLFinder(""));
+   //   and is not able to provide usefull information anymore. 
   //   URLService.registerFinder(PackageInstance.BASE_DATA_OBJECT_TYPE,
   //                             new GenericURLFinder(""));
        if (Kernel.getSystemParty() == null) {
            final DatabaseTransaction transaction = new DatabaseTransaction();
--- a/ccm-core/src/com/arsdigita/kernel/Kernel.java
+++ b/ccm-core/src/com/arsdigita/kernel/Kernel.java
@ -48,19 +48,33 @@ public class Kernel {
    private static final Logger s_log = Logger.getLogger(Kernel.class);
    /** The ID of the user that represents "the public", i.e. a non-logged-in
-     *  user. Created by insert-users.sql (during load step)               . */
+     *  user. Created by insert-users.sql (during load step)                  */
    private static final BigDecimal PUBLIC_USER_ID = new BigDecimal(-200);
-    /** Public (i.e. a non-logged-in) User object (retrieved by PUBLIC_USER_ID)  */
+
    /** Public (i.e. a non-logged-in) User object (retrieved by PUBLIC_USER_ID)*/
    private static User s_publicUser;
    /* The Kernel Initial Context object                                      */
    private static KernelContext s_initialContext;
-    private static KernelConfig s_config;
+
-    private static SecurityConfig s_securityConfig;
+    /* The /actual) Kernel Context object                                     */
    private static ThreadLocal s_context;
    /* The Kernel Configuration object                                        */
    private static KernelConfig s_config;
    /* The Kernel Security Configuration object                               */
    private static SecurityConfig s_securityConfig;
    /** Status flag wether the class is initialized or not.                   */ 
    private static boolean initialized = false;
    /**
     * Internal service routine used by varios methods to initialize the
     * class.
     */
    private static void init() {
        if (initialized) {
            return;
        }
@ -73,6 +87,7 @@ public class Kernel {
        s_config.load();
        s_securityConfig.load();
        s_context = new ThreadLocal() {
            @Override
            public Object initialValue() {
                return s_initialContext;
            }
@ -81,12 +96,20 @@ public class Kernel {
        initialized = true;
    }
-    public static final KernelConfig getConfig() {
+    /**
     * Provides the Kernel Config object for client classes.
     * @return  ConfigObject
     */
    public static KernelConfig getConfig() {
        init();
        return s_config;
    }
-    public static final SecurityConfig getSecurityConfig() {
+    /**
     * Provides the Kernel Security Config object for client classes.
     * @return SecurityConfigObject
     */
    public static SecurityConfig getSecurityConfig() {
        init();
        return s_securityConfig;
    }
@ -103,12 +126,12 @@ public class Kernel {
     *
     * @post return != null
     */
-    public static final KernelContext getContext() {
+    public static KernelContext getContext() {
        init();
        return (KernelContext) s_context.get();
    }
-    static final void setContext(KernelContext context) {
+    static void setContext(KernelContext context) {
        init();
        if (s_log.isDebugEnabled()) {
            s_log.debug("Set context to " + context.getDebugInfo());
@ -117,16 +140,17 @@ public class Kernel {
    }
    /**
-     * Get the system party, the agent of any work the system
+     * Get the system party, the agent of any work the system performs,
-     * performs, as apart from what some user or group does. Returns
+     * as apart from what some user or group does. 
-     * null if the system party is not defined.
+     * 
     * Returns null if the system party is not defined.
     */
-    public static final Party getSystemParty() {
+    public static Party getSystemParty() {
        init();
        return s_systemParty;
    }
-    static final void setSystemParty(Party party) {
+    static void setSystemParty(Party party) {
        init();
        s_systemParty = party;
    }
@ -134,8 +158,8 @@ public class Kernel {
    /**
     * Get the User that represents "the public", i.e. non-logged-in
     * users.
-     **/
+     */
-    public static final User getPublicUser() {
+    public static User getPublicUser() {
        init();
        if (s_publicUser == null) {
            // We could synchronize this method, but we don't really care if the
--- a/ccm-core/src/com/arsdigita/kernel/MDUtil.java
+++ b/ccm-core/src/com/arsdigita/kernel/MDUtil.java
@ -26,10 +26,10 @@ import java.util.HashMap;
 import java.util.Iterator;
 /**
- * Metadata Utilities:
+ * Metadata Utilities.
 * Package-private class containing utility/convenience methods for
 * accessing persistence metadata.
- **/
+ */
 class MDUtil {
    // map used to cache metadata lookups
@ -38,6 +38,10 @@ class MDUtil {
    //     the ObjectType.
    private static HashMap s_composites = new HashMap();
    /**
     * @deprecated without direct replacement. PACKAGE_INSTANCE is old style
     * application no longer in use. 
     */
    static final String PACKAGE_INSTANCE = "packageInstance";
    static Property getCompositeRole(ObjectType type) {
@ -68,14 +72,21 @@ class MDUtil {
    }
-    static boolean hasPackageInstanceRole(ObjectType o) {
+    /**
     * 
     * @param o
     * @return 
     * @ deprecated PACKAGE_INSTANCE is old style application no longer in use.
     */
 /*  static boolean hasPackageInstanceRole(ObjectType o) {
        Property p = o.getProperty(PACKAGE_INSTANCE);
-        return
+        return  p != null &&
-            p != null &&
+                p.isRole() &&
-            p.isRole() &&
+                ((ObjectType) p.getType()).isSubtypeOf(
-            ((ObjectType) p.getType()).isSubtypeOf(
+                    getType(PackageInstance.BASE_DATA_OBJECT_TYPE));
-                getType(PackageInstance.BASE_DATA_OBJECT_TYPE));
+
-    }
+    }  */
    /**
--- a/ccm-core/src/com/arsdigita/kernel/UserAuthentication.java
+++ b/ccm-core/src/com/arsdigita/kernel/UserAuthentication.java
@ -40,16 +40,16 @@ import org.apache.log4j.Logger;
 * Provides user authentication methods on a contained
 * User object.
 *
 * @see com.arsdigita.kernel.User
 *
 * @author Phong Nguyen
 * @version 1.0
- *
+ * @version $Id: UserAuthentication.java 1230 2006-06-22 11:50:59Z apevec $
- * @see com.arsdigita.kernel.User
+ */
 **/
 public class UserAuthentication extends DomainObject {
    public static final String versionId = "$Id: UserAuthentication.java 1230 2006-06-22 11:50:59Z apevec $ by $Author: apevec $, $DateTime: 2004/08/16 18:10:38 $";
    private static final Logger s_log =
-        Logger.getLogger(UserAuthentication.class.getName());
+                         Logger.getLogger(UserAuthentication.class.getName());
    private User m_user;
    public static final String BASE_DATA_OBJECT_TYPE =
--- a/ccm-core/src/com/arsdigita/kernel/permissions/ObjectContext.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/ObjectContext.java
@ -28,9 +28,9 @@ import com.arsdigita.persistence.OID;
 /**
- * A class that represents a context heiracrchy of
+ * A class that represents a context hierarchy of <code>ACSObject</code>s
- * <code>ACSObject</code>s to other <code>ACSObject</code>s where the
+ * to other <code>ACSObject</code>s where the context is used for
- * context is used for security inheritance.
+ * security inheritance.
 *
 * <p>
 * <font color="ff0000">
@ -43,14 +43,17 @@ import com.arsdigita.persistence.OID;
 * @version 1.0
 *
 * @see com.arsdigita.kernel.ACSObject
- **/
+ * @version $Id: ObjectContext.java 287 2005-02-22 00:29:02Z sskracic $
 */
 final class ObjectContext extends DomainObject {
    public static final String versionId = "$Id: ObjectContext.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $";
    private static final String BASE_DATA_OBJECT_TYPE =
-        "com.arsdigita.kernel.permissions.ObjectContext";
+                                "com.arsdigita.kernel.permissions.ObjectContext";
    /**
     * 
     * @return 
     */
    protected String getBaseDataObjectType() {
        return BASE_DATA_OBJECT_TYPE;
    }
@ -63,7 +66,7 @@ final class ObjectContext extends DomainObject {
     * @see com.arsdigita.domain.DomainObject#DomainObject(String)
     * @see com.arsdigita.persistence.DataObject
     * @see com.arsdigita.persistence.metadata.ObjectType
-     **/
+     */
    protected ObjectContext() {
        super(BASE_DATA_OBJECT_TYPE);
    }
@ -79,7 +82,7 @@ final class ObjectContext extends DomainObject {
     * @see com.arsdigita.domain.DomainObject#DomainObject(OID)
     * @see com.arsdigita.persistence.DataObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    protected ObjectContext(OID oid) throws DataObjectNotFoundException {
        super(oid);
    }
@ -87,7 +90,7 @@ final class ObjectContext extends DomainObject {
    /**
     * Wrapper for {@link #ObjectContext(OID)} that uses the default
     * object type for object context.
-     **/
+     */
    protected ObjectContext(Object id) throws DataObjectNotFoundException {
        this(new OID(BASE_DATA_OBJECT_TYPE, id));
    }
@ -104,7 +107,7 @@ final class ObjectContext extends DomainObject {
     *
     * @see com.arsdigita.kernel.ACSObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    protected DataObject getContext() {
        DataObject dataObj = (DataObject) get("context");
        return dataObj;
@ -121,7 +124,7 @@ final class ObjectContext extends DomainObject {
     *
     * @see com.arsdigita.kernel.ACSObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    protected OID getContextOID() {
        DataObject dataObj = (DataObject) get("context");
        if (dataObj != null) {
@ -138,7 +141,7 @@ final class ObjectContext extends DomainObject {
     * @param contextObject The <code>ACSObject</code> to use as the context.
     *
     * @see com.arsdigita.kernel.ACSObject
-     **/
+     */
    protected void setContext(ACSObject contextObject) {
        if (contextObject == null) {
            // hack to fix a bug in persistence.
@ -158,7 +161,7 @@ final class ObjectContext extends DomainObject {
     *
     * @see com.arsdigita.kernel.ACSObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    protected void setContext(OID contextObjectOID) {
        if (contextObjectOID == null) {
            // hack to fix a bug in persistence.
@ -180,7 +183,7 @@ final class ObjectContext extends DomainObject {
     * <code>ObjectContext</code>.
     *
     * @see com.arsdigita.kernel.ACSObject
-     **/
+     */
    protected void setObject(ACSObject acsObject) {
        if (isNew()) {
            set("objectId", acsObject.getID());
@ -200,7 +203,7 @@ final class ObjectContext extends DomainObject {
     *
     * @see com.arsdigita.kernel.ACSObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    protected void setObject(OID objectOID) {
        if (isNew()) {
            set("objectId", objectOID.get("id"));
--- a/ccm-core/src/com/arsdigita/kernel/permissions/ObjectPermissionCollection.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/ObjectPermissionCollection.java
@ -45,16 +45,15 @@ import java.math.BigDecimal;
 *
 * @author Oumi Mehrotra 
 * @version 1.0
- **/
+ * @version $Id: ObjectPermissionCollection.java 287 2005-02-22 00:29:02Z sskracic $
 */
 public class ObjectPermissionCollection extends DomainQuery {
    public static final String versionId = "$Id: ObjectPermissionCollection.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $";
    /**
     * Constructor.
     *
     * @see com.arsdigita.domain.DomainCollection#DomainCollection(DataCollection)
-     **/
+     */
    protected ObjectPermissionCollection(DataQuery query) {
        super(query);
    }
--- a/ccm-core/src/com/arsdigita/kernel/permissions/Permission.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/Permission.java
@ -49,12 +49,9 @@ import org.apache.log4j.Logger;
 *
 * @author Phong Nguyen
 * @version 1.0
 * @version $Id: Permission.java 287 2005-02-22 00:29:02Z sskracic $
 */
 class Permission extends DomainObject {
    public static final String versionId =
        "$Id: Permission.java 287 2005-02-22 00:29:02Z sskracic $" +
        "$Author: sskracic $" +
        "$DateTime: 2004/08/16 18:10:38 $";
    // Get the category named the same as this class
    private static final Logger s_log = Logger.getLogger(Permission.class);
@ -66,8 +63,11 @@ class Permission extends DomainObject {
    static final String PRIVILEGE = "privilege";
    static final String BASE_DATA_OBJECT_TYPE =
-        "com.arsdigita.kernel.permissions.Permission";
+                        "com.arsdigita.kernel.permissions.Permission";
    /**
     * 
     */
    @Override
    protected String getBaseDataObjectType() {
        return BASE_DATA_OBJECT_TYPE;
@ -276,6 +276,9 @@ class Permission extends DomainObject {
        super.beforeSave();
    }
    /**
     * 
     */
    private void setCreationInfo() {
        User user = Web.getContext().getUser();
        // The user may be null.
--- a/ccm-core/src/com/arsdigita/kernel/permissions/PermissionCache.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/PermissionCache.java
@ -119,7 +119,10 @@ public final class PermissionCache {
        return s_instance;
    }
-    // Caching of permission lookups within the txn
+    /**
     * Caching of permission lookups within the txn
     * @return 
     */
    private static CollectionTxnCache getPermissionsCache() {
        return getInstance().m_prTxnCache;
    }
@ -135,7 +138,7 @@ public final class PermissionCache {
     *
     * @return <code>true</code> if the PermissionDescriptor's base object has the
     * specified permission; <code>false</code> otherwise.
-     **/
+     */
    public boolean checkPermission(PermissionDescriptor perm) {
        OID party = perm.getPartyOID();
        OID obj = perm.getACSObjectOID();
@ -158,6 +161,12 @@ public final class PermissionCache {
        return lookupResult.booleanValue();
    }
    /**
     * 
     * @param party
     * @param obj
     * @return 
     */
    private static HashMap getPrivilegesFromDB(
        OID party,
        OID obj) {
@ -207,21 +216,48 @@ public final class PermissionCache {
    /**
     * 
     */
    private class CollectionTxnCache {
        private String m_prefix;
        /**
         * 
         * @param prefix 
         */
        public CollectionTxnCache(String prefix) {
            m_prefix = prefix;
        }
        /**
         * 
         * @param party
         * @param object
         * @return 
         */
        private String attributeName(OID party, OID object) {
            return m_prefix + ":" + party.get("id") + ":" + object.get("id");
        }
        /**
         * 
         * @param party
         * @param object
         * @param privilegeMap 
         */
        public void cache(OID party, OID object, HashMap privilegeMap) {
            getTxn().setAttribute(attributeName(party, object), privilegeMap);
        }
        /**
         * 
         * @param party
         * @param object
         * @param privilege
         * @return 
         */
        public Boolean lookup(
            OID party,
            OID object,
@ -243,6 +279,10 @@ public final class PermissionCache {
            }
        }
        /**
         * 
         * @return 
         */
        private TransactionContext getTxn() {
            TransactionContext txn =
                SessionManager.getSession().getTransactionContext();
--- a/ccm-core/src/com/arsdigita/kernel/permissions/PermissionCollection.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/PermissionCollection.java
@ -29,16 +29,15 @@ import com.arsdigita.persistence.DataObject;
 *
 * @author Michael Bryzek
 * @version 1.0
 * @version $Id: PermissionCollection.java 287 2005-02-22 00:29:02Z sskracic $
 **/
 class PermissionCollection extends DomainCollection {
    public static final String versionId = "$Id: PermissionCollection.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $";
    /**
     * Constructor.
     *
     * @see com.arsdigita.domain.DomainCollection#DomainCollection(DataCollection)
-     **/
+     */
    PermissionCollection(DataCollection dataCollection) {
        super(dataCollection);
    }
@ -48,7 +47,7 @@ class PermissionCollection extends DomainCollection {
     * the collection.
     *
     * @see com.arsdigita.domain.DomainObject#getDomainObject()
-     **/
+     */
    public DomainObject getDomainObject() {
        DataObject data = m_dataCollection.getDataObject();
        return new Permission(data);
@ -63,7 +62,7 @@ class PermissionCollection extends DomainCollection {
     *
     * @see #getDomainObject()
     * @see ObjectPermission
-     **/
+     */
    public Permission getPermission() {
        return (Permission) getDomainObject();
    }
--- a/ccm-core/src/com/arsdigita/kernel/permissions/PermissionDescriptor.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/PermissionDescriptor.java
@ -44,9 +44,9 @@ public class PermissionDescriptor {
    private PrivilegeDescriptor m_privilege;    // not null
    /**
-     * Creates a new PermissionDescriptor object for the
+     * Creates a new PermissionDescriptor object for the specified party,
-     * specified party, granting the specified privilege on the
+     * granting the specified privilege on the specified ACS object.
-     * specified ACS object.
+     *
     *
     * @param privilege the privilege being granted
     *
@ -77,8 +77,8 @@ public class PermissionDescriptor {
    }
    /**
-     * Creates a new PermissionDescriptor object for the party
+     * Creates a new PermissionDescriptor object for the party with the
-     * with the given OID, that grants the specified privilege on the
+     * given OID, that grants the specified privilege on the
     * ACS object with the given OID.
     *
     * @param privilege the privilege to be granted
--- a/ccm-core/src/com/arsdigita/kernel/permissions/PermissionException.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/PermissionException.java
@ -30,12 +30,11 @@ import org.apache.log4j.Priority;
 *
 * @author <a href="mailto:rhs@mit.edu">rhs@mit.edu</a>
 * @version $Revision: #9 $ $Date: 2004/08/16 $
 * @version $Id: PermissionException.java 287 2005-02-22 00:29:02Z sskracic $
 **/
 public class PermissionException extends RuntimeException {
    public final static String versionId = "$Id: PermissionException.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $";
    private PermissionDescriptor m_permission;
    private String m_msg;
@ -49,6 +48,10 @@ public class PermissionException extends RuntimeException {
        SecurityLogger.log(Priority.WARN, m_msg);
    }
    /**
     * 
     * @param permission 
     */
    public PermissionException(PermissionDescriptor permission) {
        m_permission = permission;
@ -73,6 +76,12 @@ public class PermissionException extends RuntimeException {
        SecurityLogger.log(Priority.WARN, m_msg);
    }
    /**
     * 
     * @param priv
     * @param obj
     * @param message 
     */
    public PermissionException(PrivilegeDescriptor priv, 
                               ACSObject obj, 
                               String message) {
@ -82,10 +91,18 @@ public class PermissionException extends RuntimeException {
        SecurityLogger.log(Priority.WARN, m_msg);
    }
    /**
     * 
     * @return 
     */
    public PermissionDescriptor getPermission() {
        return m_permission;
    }
    /**
     * 
     * @return 
     */
    public String getMessage() {
        return m_msg;
    }
--- a/ccm-core/src/com/arsdigita/kernel/permissions/PermissionManager.java
+++ b/ccm-core/src/com/arsdigita/kernel/permissions/PermissionManager.java
@ -44,7 +44,7 @@ import java.util.HashSet;
 import java.util.Iterator;
 /**
- * default implementation of PermissionService.
+ * Default implementation of PermissionService.
 *
 * @author Oumi Mehrotra
 * @author Michael Bryzek
@ -62,8 +62,8 @@ public class PermissionManager {
    public static final int SYSTEM_PARTY = -204;
    /**
-     * Checks the permission
+     * Checks the permission represented by the passed in
-     * represented by the passed in {@link PermissionDescriptor}.
+     * {@link PermissionDescriptor}.
     *
     * @param permission the {@link PermissionDescriptor} to
     * provide service to
@ -73,7 +73,6 @@ public class PermissionManager {
     **/
    public boolean checkPermission(PermissionDescriptor permission) {
        // For performance, we use different queries depending on whether
        // the party (from the permission descriptor) is a user or a group.
        // Start out assuming the party is a user
@ -92,10 +91,21 @@ public class PermissionManager {
        return doCheck(queryName, permission);
    }
    /**
     * 
     * @param permission
     * @return 
     */
    boolean checkDirectPermission(PermissionDescriptor permission) {
        return checkDirectPermission(permission, true);
    }
    /**
     * 
     * @param permission
     * @param useImpliedPrivs
     * @return 
     */
    boolean checkDirectPermission(
        PermissionDescriptor permission,
        boolean useImpliedPrivs) {
@ -126,13 +136,17 @@ public class PermissionManager {
    /**
     * Check a universal permission.  This will soon be optimized via
     * some sort of caching of universal permissions.
-     **/
+     */
-    private boolean
+    private boolean checkPermission(UniversalPermissionDescriptor permission) {
        checkPermission(UniversalPermissionDescriptor permission)
    {
            return doCheck("CheckUninheritedPermissionForParty",permission);
    }
    /**
     * 
     * @param queryName
     * @param permission
     * @return 
     */
    private boolean doCheck(String queryName,
                            PermissionDescriptor permission) {
        DataQuery query = getQuery("PermissionCheckPlaceholder");
@ -225,7 +239,7 @@ public class PermissionManager {
     *
     * @see com.arsdigita.kernel.ACSObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    public DataObject getContext(OID oid) {
        ObjectContext objContext;
@ -252,7 +266,7 @@ public class PermissionManager {
     *
     * @see com.arsdigita.kernel.ACSObject
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    public DataObject getContext(ACSObject acsObject) {
        return getContext(acsObject.getOID());
    }
@ -387,7 +401,6 @@ public class PermissionManager {
    }
    /**
     *
     * Returns the set of permissions that have been granted on
     * the specified object, including those inherited from
     * the object's permission context.  In the result set,
@ -570,7 +583,7 @@ public class PermissionManager {
     * @param party the OID of the party that privileges are to be returned for
     *
     * @return an iterator of PrivilegeDescriptors.
-     **/
+     */
    public Iterator getPrivileges(OID object, OID party) {
        return getPrivilegeSet(object, party, false).iterator();
@ -588,7 +601,7 @@ public class PermissionManager {
     * @return an iterator of PrivilegeDescriptors.
     *
     * @see #getPrivileges(OID, OID)
-     **/
+     */
    public Iterator getImpliedPrivileges(OID object, OID party) {
        return getPrivilegeSet(object, party, true).iterator();
    }
@ -659,7 +672,7 @@ public class PermissionManager {
     * @see com.arsdigita.kernel.permissions.PermissionDescriptor
     * @see com.arsdigita.kernel.permissions.Permission
     * @see com.arsdigita.persistence.OID
-     **/
+     */
    private OID createPermissionOID(PermissionDescriptor permission) {
        OID oid = new OID(Permission.BASE_DATA_OBJECT_TYPE);
        oid.set(Permission.OBJECT_ID,
--- a/ccm-core/src/com/arsdigita/kernel/security/AccountNotFoundException.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/AccountNotFoundException.java
@ -22,22 +22,38 @@ package com.arsdigita.kernel.security;
 * Thrown when an account is not found.
 *
 * @author Sameer Ajmani
- **/
+ * @version $Id: AccountNotFoundException.java 287 2005-02-22 00:29:02Z sskracic $
 */
 public class AccountNotFoundException extends AccountException {
-    public static final String versionId = "$Id: AccountNotFoundException.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $";
+    /**
     * 
     */
    public AccountNotFoundException() {
        super();
    }
    /**
     * 
     * @param message 
     */
    public AccountNotFoundException(String message) {
        super(message);
    }
    /**
     * 
     * @param rootCause 
     */
    public AccountNotFoundException(Throwable rootCause) {
        super(rootCause);
    }
    /**
     * 
     * @param message
     * @param rootCause 
     */
    public AccountNotFoundException(String message, Throwable rootCause) {
        super(message, rootCause);
    }
--- a/ccm-core/src/com/arsdigita/kernel/security/AdminLoginModule.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/AdminLoginModule.java
@ -28,8 +28,10 @@ import org.apache.log4j.Logger;
 /**
 * Supports login as an aribtrary user by checking whether a user ID has
- * been set for the Subject.  If so, <code>login</code> succeeds, so
+ * been set for the Subject.  
- * <code>commit</code> is called on all login modules to log the user in.
+ * 
 * If so, <code>login</code> succeeds, so <code>commit</code> is called
 * on all login modules to log the user in.
 * If no user ID is set, <code>login</code> fails.  This module should
 * appear at the beginning of a login context with the "sufficient" control
 * flag.  Note that this module does not check the privileges of the current
@ -42,11 +44,19 @@ import org.apache.log4j.Logger;
 */
 public class AdminLoginModule implements LoginModule {
    /** Private logger instance for debugging purpose  */
    private static final Logger s_log =
-        Logger.getLogger(AdminLoginModule.class.getName());
+                         Logger.getLogger(AdminLoginModule.class.getName());
    private Subject m_subject;
    /**
     * 
     * @param subject
     * @param handler
     * @param shared
     * @param options 
     */
    public void initialize(Subject subject,
                           CallbackHandler handler,
                           Map shared,
--- a/ccm-core/src/com/arsdigita/kernel/security/CookieLoginModule.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/CookieLoginModule.java
@ -28,13 +28,14 @@ import org.apache.log4j.Logger;
 */
 public class CookieLoginModule extends UserLoginModule {
    /** Private logger instance for debugging purpose  */
    private static final Logger s_log =
-        Logger.getLogger(CookieLoginModule.class.getName());
+                         Logger.getLogger(CookieLoginModule.class.getName());
    /**
     * Creates a UserLoginModule that uses a CookieManager to manage the
     * credential value.
-     **/
+     */
    public CookieLoginModule() {
        super(new CookieManager());
    }
--- a/ccm-core/src/com/arsdigita/kernel/security/CookieManager.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/CookieManager.java
@ -40,6 +40,7 @@ import org.apache.log4j.Logger;
 */
 public class CookieManager extends CredentialManager {
    /** Private logger instance for debugging purpose  */
    private static final Logger s_log =
                         Logger.getLogger(CookieManager.class.getName());
@ -69,13 +70,15 @@ public class CookieManager extends CredentialManager {
     * wrong value or should be renewed, <code>false</code> otherwise.
     */
    protected boolean shouldSetValue(String value)
-        throws LoginException {
+                      throws LoginException {
        if (getModule().requestIsExcluded()) {
            return false;
        }
        return !getModule().credentialIsSet()
            || !getModule().credentialHasValue(value)
            || getModule().credentialIsOld();
    }
    /**
@ -90,18 +93,19 @@ public class CookieManager extends CredentialManager {
     *
     * @throws LoginException if an error occurs.
     */
-    protected final String getValue()
+    protected final String getValue()  throws LoginException {
        throws LoginException {
        s_log.debug("START getValue");
-        String value = ServletUtils.getCookieValue
+
-            (getModule().getRequest(),
+        String value = ServletUtils.getCookieValue(
-             getModule().getCredentialName());
+                                              getModule().getRequest(),
                                              getModule().getCredentialName());
        if (value == null) {
            s_log.debug("FAILURE getValue");
            throw new CredentialNotFoundException();
        }
        s_log.debug("SUCCESS getValue: "+value);
        return value;
    }
    /**
@ -110,8 +114,7 @@ public class CookieManager extends CredentialManager {
     *
     * @throws LoginException if an error occurs.
     */
-    protected final void setValue(String value)
+    protected final void setValue(String value)  throws LoginException {
        throws LoginException {
        // now we don't automatically set the duration to getCookieMaxAge()
        // setCookie(getModule().getCredentialName(), value, getCookieAge());
 	// yes we do - cookie age was correctly set to either forever, or 
@ -168,7 +171,8 @@ public class CookieManager extends CredentialManager {
     * Sets the named cookie to the given value.
     */
    private void setCookie(String name, String value, int maxAge)
-        throws LoginException {
+                 throws LoginException {
        Cookie cookie = new Cookie(name, value);
        cookie.setMaxAge(maxAge);
        cookie.setPath("/");
@ -180,6 +184,7 @@ public class CookieManager extends CredentialManager {
        }
        s_log.debug("Cookie set: domain - " + cookie.getDomain()
                    + " name - " + cookie.getName());
    }
    /**
--- a/ccm-core/src/com/arsdigita/kernel/security/Credential.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/Credential.java
@ -72,8 +72,9 @@ public class Credential {
     *
     * @return the String representation of this credential.
     **/
    @Override
    public String toString() {
-        StringBuffer buf = new StringBuffer();
+        StringBuilder buf = new StringBuilder();
        buf.append(m_value).append(SEPARATOR);
        buf.append(m_expiration).append(SEPARATOR);
        buf.append(URLEncoder.encode(new String(new Base64().encode(m_validator))));
@ -94,8 +95,7 @@ public class Credential {
     *
     * @return the expiration date of this credential.
     **/
-    public Date getExpiration()
+    public Date getExpiration() {
    {
        return new Date(m_expiration);
        // NOTE: do not cache Date object (Date is mutable)
    }
@ -140,7 +140,7 @@ public class Credential {
    static Credential create(String value,
                             long lifetimeMillis,
                             Mac mac)
-        throws CredentialEncodingException {
+                      throws CredentialEncodingException {
        if (value.indexOf(SEPARATOR) != -1) {
            throw new CredentialEncodingException
@ -190,7 +190,8 @@ public class Credential {
    // intentionally package-scoped to make whitebox testing possible
    static Credential parse(String credential, Mac mac)
-        throws CredentialParsingException, CredentialExpiredException {
+                      throws CredentialParsingException, 
                             CredentialExpiredException {
        // split string into value, expiration, and validator
        StringTokenizer tok = new StringTokenizer(URLDecoder.decode(credential),
@ -208,8 +209,7 @@ public class Credential {
            throw new CredentialParsingException("Bad expiration", e);
        }
        if (expiration < System.currentTimeMillis()) {
-            throw new CredentialExpiredException
+            throw new CredentialExpiredException(new Date(expiration).toString());
                (new Date(expiration).toString());
        }
        final byte[] validator;
--- a/ccm-core/src/com/arsdigita/kernel/security/LocalLoginModule.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/LocalLoginModule.java
@ -18,13 +18,16 @@
 */
 package com.arsdigita.kernel.security;
 import com.arsdigita.kernel.UserAuthentication;
 import com.arsdigita.domain.DataObjectNotFoundException;
 import com.arsdigita.kernel.UserAuthentication;
 import java.util.Map;
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import org.apache.log4j.Logger;
 /**
@ -32,12 +35,12 @@ import org.apache.log4j.Logger;
 * <code>com.arsdigita.kernel.UserAuthentication</code>.
 *
 * @author Sameer Ajmani
 * @version $Id: LocalLoginModule.java 287 2005-02-22 00:29:02Z sskracic $
 **/
 public class LocalLoginModule extends PasswordLoginModule {
    public static final String versionId = "$Id: LocalLoginModule.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $";
    private static final Logger s_log =
-        Logger.getLogger(LocalLoginModule.class.getName());
+                         Logger.getLogger(LocalLoginModule.class.getName());
    // fields set by initialize()
    private Subject m_subject;
@ -46,6 +49,14 @@ public class LocalLoginModule extends PasswordLoginModule {
    private Map m_options;
    // implements LoginModule
    /**
     * 
     * @param subject
     * @param handler
     * @param shared
     * @param options 
     */
    @Override
    public void initialize(Subject subject,
                           CallbackHandler handler,
                           Map shared,
@ -67,12 +78,12 @@ public class LocalLoginModule extends PasswordLoginModule {
     * @throws LoginException if an error occurs.
     **/
    protected void checkPassword(String username, char[] password)
-        throws LoginException {
+                   throws LoginException {
        s_log.debug("START checkPassword");
        UserAuthentication auth;
        try {
-            s_log.debug("retreiving UserAuthentication");
+            s_log.debug("retrieving UserAuthentication");
            auth = UserAuthentication.retrieveForLoginName(username);
        } catch (DataObjectNotFoundException e) {
            throw new AccountNotFoundException("no such user: "+username, e);
--- a/ccm-core/src/com/arsdigita/kernel/security/LoginContext.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/LoginContext.java
@ -179,11 +179,11 @@ public class LoginContext {
 				}
                if (m_flags[i] == AppConfigurationEntry
-                    .LoginModuleControlFlag.REQUIRED) {
+                                  .LoginModuleControlFlag.REQUIRED) {
                    // required module failed
                    gotFailure = true;
                } else if (m_flags[i] == AppConfigurationEntry
-                           .LoginModuleControlFlag.REQUISITE) {
+                                         .LoginModuleControlFlag.REQUISITE) {
                    // requisite module failed
                    gotFailure = true;
                    break; // end login
--- a/ccm-core/src/com/arsdigita/kernel/security/PasswordLoginModule.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/PasswordLoginModule.java
@ -45,11 +45,9 @@ public abstract class PasswordLoginModule implements LoginModule {
                         Logger.getLogger(PasswordLoginModule.class.getName());
    /** Key for username in shared data map. */
-    public static final String NAME_KEY
+    public static final String NAME_KEY = "javax.security.auth.login.name";
        = "javax.security.auth.login.name";
    /** Key for password in shared data map. */
-    public static final String PASSWORD_KEY
+    public static final String PASSWORD_KEY = "javax.security.auth.login.password";
        = "javax.security.auth.login.password";
    // fields set by initialize()
    private Subject m_subject;
@ -57,7 +55,14 @@ public abstract class PasswordLoginModule implements LoginModule {
    private Map m_shared;
    private Map m_options;
-    // implements LoginModule
+    /**
     * Implements LoginModule.
     * 
     * @param subject
     * @param handler
     * @param shared
     * @param options 
     */
    public void initialize(Subject subject,
                           CallbackHandler handler,
                           Map shared,
--- a/ccm-core/src/com/arsdigita/kernel/security/SimpleSSOLoginModule.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/SimpleSSOLoginModule.java
@ -1,3 +1,22 @@
 /*
 * Copyright (C) 2001-2004 Red Hat Inc. All Rights Reserved.
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 *
 */
 package com.arsdigita.kernel.security;
@ -30,6 +49,7 @@ import com.arsdigita.kernel.UserAuthentication;
 * @author Alan Pevec
 */
 public class SimpleSSOLoginModule implements LoginModule {
    private static org.apache.log4j.Category s_log =
        org.apache.log4j.Category.getInstance ( SimpleSSOLoginModule.class );
--- a/ccm-core/src/com/arsdigita/kernel/security/Store.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/Store.java
@ -97,6 +97,9 @@ final class Store implements KeyStorage {
        dobj.save();
    }
    /**
     * 
     */
    synchronized byte[] loadSecret() {
        if ( m_secret != null ) { return m_secret; }
--- a/ccm-core/src/com/arsdigita/kernel/security/UserContext.java
+++ b/ccm-core/src/com/arsdigita/kernel/security/UserContext.java
@ -584,12 +584,19 @@ public class UserContext {
    /**
     * Implements callbacks for interactive (register-based) login.
     */
-    private class LoginCallbackHandler
+    private class LoginCallbackHandler implements CallbackHandler {
-        implements CallbackHandler {
+
        private String m_username;
        private char[] m_password;
        private boolean m_forever;
        /**
         * Constructor.
         * 
         * @param username
         * @param password
         * @param forever 
         */
        public LoginCallbackHandler(String username,
                                    char[] password,
                                    boolean forever) {
@ -598,6 +605,12 @@ public class UserContext {
            m_forever  = forever;
        }
        /**
         * 
         * @param callbacks
         * @throws IOException
         * @throws UnsupportedCallbackException 
         */
        public void handle(Callback[] callbacks)
            throws IOException, UnsupportedCallbackException {
@ -635,8 +648,9 @@ public class UserContext {
     * @throws LoginException if the user ID is not available.
     */
    private BigDecimal getUserID(Subject subject) throws LoginException {
-        Iterator principals = subject.getPrincipals
+
-            (PartyPrincipal.class).iterator();
+        Iterator principals = subject.getPrincipals(PartyPrincipal.class)
                                     .iterator();
        if (!principals.hasNext()) {
            throw new FailedLoginException
@ -652,15 +666,15 @@ public class UserContext {
     *
     * @throws LoginException if logout fails.
     */
-    public void logout()
+    public void logout()  throws LoginException {
        throws LoginException {
        s_log.debug("START logout");
        CallbackHandler handler = new RequestCallbackHandler();
-        LoginContext context = new LoginContext
+        LoginContext context = new LoginContext(REQUEST_LOGIN_CONTEXT, handler);
            (REQUEST_LOGIN_CONTEXT, handler);
        context.logout();
        clearValues();
        m_session.loadSessionID(handler);
        s_log.debug("SUCCESS logout");
    }
@ -671,10 +685,9 @@ public class UserContext {
     * @throws UnsupportedCallbackException with appropriate error message
     */
    static void reportUnsupportedCallback(Callback cb)
-        throws UnsupportedCallbackException {
+                throws UnsupportedCallbackException {
-        s_log.error
+        s_log.error ("Unsupported callback: "
-            ("Unsupported callback: "
+                     +(cb == null ? null : cb.getClass().getName()));
             +(cb == null ? null : cb.getClass().getName()));
        throw new UnsupportedCallbackException(cb);
    }
 }
--- a/ccm-core/src/com/arsdigita/messaging/Message.java
+++ b/ccm-core/src/com/arsdigita/messaging/Message.java
@ -47,7 +47,6 @@ import org.apache.log4j.Logger;
 * @author David Dao 
 * @version $Id: Message.java 1503 2007-03-20 12:31:29Z chrisgilbert23 $
 */
 public class Message extends ACSObject implements MessageType
 {
@ -81,18 +80,14 @@ public class Message extends ACSObject implements MessageType
    private Party m_sender = null;
-    /**
+    /** Private loggin instance to assist debugging.                       */
     * Used for logging.
     */
    private static final Logger s_log =
-        Logger.getLogger(Message.class);
+                         Logger.getLogger(Message.class);
    /**
-     * Creates a new message with the sentDate initialized to the
+     * Consructor, ceates a new message with the sentDate initialized to
-     * current time, but leaves all other parameters null.
+     * the current time, but leaves all other parameters null.
     */
    public Message() {
        this(BASE_DATA_OBJECT_TYPE);
    }
@ -104,7 +99,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param type the DataObject type.
     */
    public Message(String type) {
        super(type);
        setSentDate(new Date());
@ -116,7 +110,6 @@ public class Message extends ACSObject implements MessageType
     * @param f the party sending the message
     * @param s the subject of the message
     */
    public Message(Party f, String s) {
        this(f,s,null);
    }
@ -128,7 +121,6 @@ public class Message extends ACSObject implements MessageType
     * @param s the subject of the message
     * @param b the plain-text body of the message
     */
    public Message(Party f, String s, String b) {
        this();
@ -142,7 +134,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param dataObject the DataObject representing this message.
     */
    public Message(DataObject dataObject) {
        super(dataObject);
    }
@ -153,9 +144,7 @@ public class Message extends ACSObject implements MessageType
     *
     * @param id the id of the message
     */
-
+    public Message(BigDecimal id)  throws DataObjectNotFoundException
    public Message(BigDecimal id)
        throws DataObjectNotFoundException
    {
        this(new OID(BASE_DATA_OBJECT_TYPE, id));
    }
@ -166,7 +155,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param oid the OID of the message
     */
    public Message(OID oid)
        throws DataObjectNotFoundException
    {
@ -186,7 +174,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param msg the message to generate reply information from
     */
    protected void getReplyInfo(Message msg) {
        // Set inReplyTo
@ -222,7 +209,6 @@ public class Message extends ACSObject implements MessageType
     * Gets a new message that is suitable for a reply to this
     * message.
     */
    public Message reply() throws MessagingException {
        Message reply = new Message();
        reply.getReplyInfo(this);
@ -233,7 +219,6 @@ public class Message extends ACSObject implements MessageType
     * Gets the subject of the message.
     * @return the subject of the message.
     */
    public String getSubject() {
        return (String) get(SUBJECT);
    }
@ -242,7 +227,6 @@ public class Message extends ACSObject implements MessageType
     * Sets the subject of the message.
     * @param s the subject
     */
    public void setSubject(String s) {
        set(SUBJECT, s);
    }
@ -251,7 +235,6 @@ public class Message extends ACSObject implements MessageType
     * Sets the sender of the message.
     * @param f the party sending the message
     */
    public void setFrom(Party f) {
        m_sender = f;
        setAssociation(SENDER, f);
@ -261,7 +244,6 @@ public class Message extends ACSObject implements MessageType
     * Gets the sender of the message.
     * @return the sender.
     */
    public Party getFrom() {
        if (m_sender == null) {
            DataObject senderData = (DataObject) get(SENDER);
@ -298,7 +280,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @return the content of the message.
     */
    public String getBody() {
        return (String) get(BODY);
    }
@ -327,7 +308,6 @@ public class Message extends ACSObject implements MessageType
     * @param body the body of the message
     * @param type the MIME type
     */
    public void setBody(String body, String type) {
        set(BODY, body);
        set(TYPE, type);
@ -338,7 +318,6 @@ public class Message extends ACSObject implements MessageType
     * A convenience method that sets the body of the message to a
     * string with a MIME type of "text/plain".
     */
    public void setText(String text) {
        setBody(text, TEXT_PLAIN);
    }
@ -350,7 +329,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @return the MIME type of the message body.
     */
    public String getBodyType() {
        return (String) get(TYPE);
    }
@ -363,7 +341,6 @@ public class Message extends ACSObject implements MessageType
     * @return <code>true</code> if this message is of the specified
     * MIME type; <code>false</code> otherwise.
     */
    public boolean isMimeType(String mimeType) {
        String primary = getPrimaryType(mimeType);
        return primary.regionMatches
@ -373,7 +350,6 @@ public class Message extends ACSObject implements MessageType
    /**
     * Returns the primary MIME type in a String
     */
    private static String getPrimaryType(String type) {
        StringTokenizer st = new StringTokenizer(type, " ;");
        return st.nextToken();
@ -383,7 +359,6 @@ public class Message extends ACSObject implements MessageType
     * Returns the date this message was sent.
     * @return the date this message was sent.
     */
    public Date getSentDate() {
        return (Date) get(SENT);
    }
@ -393,7 +368,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param sentDate the date the message was sent
     */
    public void setSentDate(Date sentDate) {
        set(SENT, sentDate);
    }
@ -405,7 +379,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @return the ID of an ACSObject which this message refers to.
     */
    public BigDecimal getRefersTo() {
        return (BigDecimal) get(OBJECT_ID);
    }
@ -415,7 +388,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param id the ID of the ACSObject this message refers to.
     */
    public void setRefersTo(BigDecimal id) {
        set(OBJECT_ID, id);
    }
@ -425,7 +397,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param obj the ACSObject this message refers to.
     */
    public void setRefersTo(ACSObject obj) {
        setRefersTo(obj.getID());
    }
@ -454,7 +425,6 @@ public class Message extends ACSObject implements MessageType
     * @param text the content of the attachment
     * @param name the name of the attachment
     */
    public void attach(String text,
                       String name) {
        attach(text,name,null,MessagePart.ATTACHMENT);
@ -469,7 +439,6 @@ public class Message extends ACSObject implements MessageType
     * @param name the name of the attachment
     * @param description a description of the attachment
     */
    public void attach(String text,
                       String name,
                       String description) {
@ -484,7 +453,6 @@ public class Message extends ACSObject implements MessageType
     * @param name the name of the attachment
     * @param description a description of the attachment
     */
    public void attach(String text,
                       String name,
                       String description,
@ -504,7 +472,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @param part the MessagePart to attach
     */
    public void attach(MessagePart part) {
        addPart(part);
    }
@ -513,7 +480,6 @@ public class Message extends ACSObject implements MessageType
     * Returns the number of items attached to this message.
     * @return the number of items attached to this message.
     */
    public int getAttachmentCount() {
        return getParts().size();
    }
@ -522,7 +488,6 @@ public class Message extends ACSObject implements MessageType
     * Returns an iterator over the attachments for this message.
     * @return an iterator over the attachments for this message.
     */
    public ListIterator getAttachments() {
        return getParts().listIterator();
    }
@ -532,7 +497,6 @@ public class Message extends ACSObject implements MessageType
     * parts and correctly maintain the association between the
     * message body and its attachments.
     */
    private void addPart(MessagePart part) {
        getParts().add(part);
        part.addToAssociation(getPartAssociation());
@ -542,7 +506,6 @@ public class Message extends ACSObject implements MessageType
     * Get the DataAssociation between this message and its
     * attachments.
     */
    private DataAssociation getPartAssociation() {
        return (DataAssociation) get(MESSAGE_PART);
    }
@ -552,7 +515,6 @@ public class Message extends ACSObject implements MessageType
     * has not been initialized, this will take care of initializing
     * it and loading any parts from the database.
     */
    private ArrayList getParts() {
        if (m_attachments == null) {
@ -583,7 +545,6 @@ public class Message extends ACSObject implements MessageType
     *
     * @deprecated Use getID in place of getMessageID
     */
    public BigDecimal getMessageID() {
        return getID();
    }
@ -607,6 +568,7 @@ public class Message extends ACSObject implements MessageType
        }
        return null;
    }
    /**
    * return the parent Message, or null if there is no parent
    */ 
@ -629,7 +591,6 @@ public class Message extends ACSObject implements MessageType
    /**
     * @return true if the container for this Message has changed.
     */
    public boolean isContainerModified() {
        return isPropertyModified(OBJECT_ID);
    }
@ -641,6 +602,9 @@ public class Message extends ACSObject implements MessageType
        return com.arsdigita.util.HtmlToText.generateHTMLText(text,  formatType);
    }
    /**
     * 
     */
    protected void afterSave() {
        super.afterSave();
--- a/ccm-core/src/com/arsdigita/messaging/MessageThread.java
+++ b/ccm-core/src/com/arsdigita/messaging/MessageThread.java
@ -42,7 +42,6 @@ import java.util.Date;
 * @since 4.8.11
 * @version $Revision: 1.5 $ $DateTime: 2004/08/16 18:10:38 $
 */
 public class MessageThread extends ACSObject {
    public static final String BASE_DATA_OBJECT_TYPE =
@ -127,8 +126,10 @@ public class MessageThread extends ACSObject {
     * The reason for the continued existance of this is thread safety
     */
    private void incrNumberOfReplies() {
-        DataOperation op = SessionManager.getSession().retrieveDataOperation(
+        DataOperation op = SessionManager
-                                                                             "com.arsdigita.messaging.incrNumReplies");
+                           .getSession()
                           .retrieveDataOperation(
                                    "com.arsdigita.messaging.incrNumReplies");
        op.setParameter("threadID", getID());
        op.execute();
    }
@ -138,8 +139,10 @@ public class MessageThread extends ACSObject {
     * The reason for the continued existance of this is thread safety
     */
    private void decrNumberOfReplies() {
-        DataOperation op = SessionManager.getSession().retrieveDataOperation(
+        DataOperation op = SessionManager
-                                                                             "com.arsdigita.messaging.decrNumReplies");
+                            .getSession()
                            .retrieveDataOperation(
                                     "com.arsdigita.messaging.decrNumReplies");
        op.setParameter("threadID", getID());
        op.execute();
    }
@ -158,10 +161,18 @@ public class MessageThread extends ACSObject {
        set(LAST_UPDATE, date);
    }
    /**
     * 
     * @return 
     */
    public String getSubject() {
        return getRootMessage().getSubject();
    }
    /**
     * 
     * @return 
     */
    public String getAuthorName() {
        DataObject author = (DataObject) get(AUTHOR);
        if (author == null) {
@ -171,6 +182,9 @@ public class MessageThread extends ACSObject {
        }
    }
    /**
     * 
     */
    public Party getAuthor() {
        if (m_author == null) {
            DataObject authorData = (DataObject) get(AUTHOR);
@ -181,6 +195,10 @@ public class MessageThread extends ACSObject {
        return m_author;
    }
    /**
     * 
     * @param author 
     */
    private void setAuthor(Party author) {
        m_author = author;
        setAssociation(AUTHOR, author);
--- a/ccm-core/src/com/arsdigita/ui/login/UserLoginForm.java
+++ b/ccm-core/src/com/arsdigita/ui/login/UserLoginForm.java
@ -68,6 +68,17 @@ import org.apache.log4j.Logger;
 * registration form, where a new user may register itself. LoginServlet has
 * to ensure that this page is created appropriately and is available.
 *
 * According to documentation in r1230
 * Simple SSO implementation: /ccm/register first tries to do SSO login,
 * falling back to normal form-based login.
 * Set waf.sso_login=true only after you make sure webapp can *only* be accessed
 * through the frontend webserver doing the authentication.
 *
 * To make this work with Tomcat/mod_jk/Apache HTTPD:
 * -  use latest mod_jk (tested with 1.2.15)
 * -  add attribute Connector@tomcatAuthentication="false" to JK definition 
 *    in server.xml 
 * 
 * @author Roger Hsueh
 * @author Michael Bryzek
 * @author Sameer Ajmani
--- a/ccm-core/src/com/arsdigita/web/Application.java
+++ b/ccm-core/src/com/arsdigita/web/Application.java
@ -20,20 +20,12 @@ package com.arsdigita.web;
 import com.arsdigita.domain.DataObjectNotFoundException;
 import com.arsdigita.domain.DomainObjectFactory;
 // import com.arsdigita.domain.DomainServiceInterfaceExposer;
 import com.arsdigita.kernel.ACSObject;
 import com.arsdigita.kernel.Group;
 import com.arsdigita.kernel.Kernel;
 // import com.arsdigita.kernel.KernelExcursion;
 // import com.arsdigita.kernel.PackageInstance;
 // import com.arsdigita.kernel.PackageType;
 import com.arsdigita.kernel.Resource;
 // import com.arsdigita.kernel.SiteNode;
 // import com.arsdigita.persistence.DataAssociation;
 // import com.arsdigita.persistence.DataAssociationCursor;
 import com.arsdigita.persistence.DataCollection;
 import com.arsdigita.persistence.DataObject;
 // import com.arsdigita.persistence.DataQuery;
 import com.arsdigita.persistence.OID;
 import com.arsdigita.persistence.SessionManager;
 import com.arsdigita.util.Assert;
@ -74,15 +66,22 @@ import org.apache.log4j.Logger;
 */
 public class Application extends Resource {
-    /** Logger instance for debugging  */
+    /** Logger instance for debugging.  */
    private static final Logger s_log = Logger.getLogger(Application.class);
-    public static final String PRIMARY_URL = "primaryURL";
+    /** PDL property, basic object type for all applications of this type    */
    private static final String SLASH = "/";
    public static final String BASE_DATA_OBJECT_TYPE =
                               "com.arsdigita.web.Application";
    /** PDL property, the applications base URL.                            */
    public static final String PRIMARY_URL = "primaryURL";
    /** Internal String to denote a Path delimiter.                         */
    private static final String SLASH = "/";
    /** 
     * Provides the base object type.
     */
    @Override
    protected String getBaseDataObjectType() {
        return BASE_DATA_OBJECT_TYPE;
@ -99,6 +98,11 @@ public class Application extends Resource {
        super(dataObject);
    }
    /**
     * 
     * @param oid
     * @throws DataObjectNotFoundException 
     */
    protected Application(OID oid) throws DataObjectNotFoundException {
        super(oid);
    }
@ -220,15 +224,8 @@ public class Application extends Resource {
            Assert.isTrue(!fragment.equals(""),
                         "The URL fragment must not be the empty string");
        }
-    //  s_log.debug("Application type legacy free: " + type.m_legacyFree );
+        return Application.make(type,fragment,title,parent,
-    //  if (type.m_legacyFree) {
+                                createContainerGroup);
            return Application.make(type,fragment,title,parent,
                                    createContainerGroup);
    //  } else {
    //      s_log.debug("Creating legacy compatible app");
    //      return Application.legacyMake(type,fragment,title,parent,
    //                                    createContainerGroup);
    //  }
    }
    /** 
@ -247,12 +244,12 @@ public class Application extends Resource {
                                    final Application parent,
                                    final boolean createContainerGroup) {
-	final Application app =	(Application) Resource.createResource(type, 
+        final Application app = (Application) Resource.createResource(type, 
-                                                                  title, 
+                                                                       title, 
-                                                                  parent);
+                                                                       parent);
-	if (createContainerGroup) {
+        if (createContainerGroup) {
-	    app.createGroup();
+            app.createGroup();
-	}
+        }
        if (Assert.isEnabled() && fragment != null) {
            Assert.isTrue(fragment.indexOf('/') == -1,
                         "The URL fragment must not contain " +
@ -264,7 +261,8 @@ public class Application extends Resource {
         * Given the original code below the fragment appears in database as
         * "/[fragment]" but all of the other code expects "/[fragment]/" and
         * all other applications created as legacy compatible have a trailing
-         * slash!
+         * slash! Same is true as long as we mix old style dispatcher code with
         * new style servlet code.
         * So I experimentally changed the code to have a trailing slash.
         * Because no other code uses legacy free applications I suppose the
         * original code here is less tested.
@ -287,70 +285,23 @@ public class Application extends Resource {
        return app;
    }
 //  /**
 //   * Creates (makes) a legacy compatible application (using deprecated kernel
 //   * packageType and sitenode stuff).
 //   * @param type
 //   * @param fragment
 //   * @param title
 //   * @param parent
 //   * @param createContainerGroup
 //   * @return
 //   */
 /*private static Application legacyMake(final ApplicationType type,
                                          final String fragment,
                                          final String title,
                                          final Application parent,
                                          final boolean createContainerGroup) {
 	final Application application =	(Application) Resource.createResource(
                                                           type, title, parent);
        if (createContainerGroup) {
            s_log.debug("Creating Group for application");
            application.createGroup();
        }
        final DataObject dataObject =
            DomainServiceInterfaceExposer.getDataObject(application);
        final SiteNode[] siteNode = { null };
        new KernelExcursion() {
            protected void excurse() {
                setParty(Kernel.getSystemParty());
                PackageInstance packageInstance =
                    type.getPackageType().createInstance
                        (type.getTitle());
                // createInstance shouldn't do a save, but it
                // does. if we fix this at some point, we'll
                // need this call:
                //    packageInstance.save();
 		dataObject.set("packageInstance",
                     DomainServiceInterfaceExposer.getDataObject
                         (packageInstance));
                if (fragment != null) {
                    siteNode[0] = makeSiteNode(fragment, parent);
                    siteNode[0].mountPackage(packageInstance);
                    siteNode[0].save();
                }
            }
        }.run();
        if (siteNode[0] != null) {
            application.setPrimaryURL(siteNode[0].getURL());
        }
        return application;
    }  */
    /**
     * 
     * @param id
     * @return 
     */
    public static Application retrieveApplication(BigDecimal id) {
        OID oid = new OID(BASE_DATA_OBJECT_TYPE, id);
        return Application.retrieveApplication(oid);
    }
    /**
     * 
     * @param oid
     * @return 
     */
    public static Application retrieveApplication(OID oid) {
        DataObject dataObject = SessionManager.getSession().retrieve(oid);
@ -361,6 +312,11 @@ public class Application extends Resource {
        return Application.retrieveApplication(dataObject);
    }
    /**
     * 
     * @param dobj
     * @return 
     */
    public static Application retrieveApplication(DataObject dobj) {
        Assert.exists(dobj, DataObject.class);
@ -373,7 +329,12 @@ public class Application extends Resource {
        }
    }
-    public static final Application getContainingApplication(ACSObject obj) {
+    /**
     * 
     * @param obj
     * @return 
     */
    public static Application getContainingApplication(ACSObject obj) {
        Assert.exists(obj, ACSObject.class);
        ACSObject result = obj.gimmeContainer();
@ -385,33 +346,11 @@ public class Application extends Resource {
        return (Application) result;
    }
-//  /**
+    /**
-//   * 
+     * 
-//   * Can return null.
+     * @param path
-//   * @param siteNode
+     * @return  (Can return null.)
-//   * @return
+     */
 //   * @ deprecated 
 //   */
 /*  public static Application retrieveApplicationForSiteNode
        (SiteNode siteNode) {
        DataQuery query = SessionManager.getSession().retrieveQuery
            ("com.arsdigita.web.applicationForSiteNodeID");
        query.setParameter("siteNodeID", siteNode.getID());
        Application application = null;
        if (query.next()) {
            DataObject dataObject = (DataObject) query.get("application");
            application = Application.retrieveApplication(dataObject);
        }
        query.close();
        return application;
    }   */
    // Can return null.
    public static Application retrieveApplicationForPath(String path) {
        s_log.debug("retrieveApplicationForPath: " + path);
@ -430,11 +369,14 @@ public class Application extends Resource {
        }
    }
-    //
+    // ///////////////////////
    // Association properties
-    //
+    // ///////////////////////
-    // Cannot return null.
+    /**
     * 
     * @return   (Cannot return null.)
     */
    public ApplicationType getApplicationType() {
        DataObject dataObject = (DataObject) get("resourceType");
@ -451,21 +393,19 @@ public class Application extends Resource {
        setAssociation("resourceType", applicationType);
    }
-    // COMPAT XXX
+    /**
-//  /**
+     * 
-//   * @deprecated refactor not using deprecated class PackageType. Use
+     * @return   (Can return null.)
-//   * ApplicationType instead
+     */
 //   */
 //  public PackageType getPackageType() {
 //      return getApplicationType().getPackageType();
 //  }
    // Can return null.
    public Application getParentApplication() {
        return (Application) getParentResource();
    }
-    // Ordered from most distant to closest ancestor.
+    /**
     * .
     * Ordered from most distant to closest ancestor.
     * @return 
     */
    public List getAncestorApplications() {
        // This is the stupid implementation.
@ -512,57 +452,6 @@ public class Application extends Resource {
        return children;
    }
 //  /**
 //   * 
 //   * @return
 //   * @deprecated refactor to use other methods of class aüpplication instead
 //   */
 /*  private PackageInstance getPackageInstance() {
        DataObject dataObject = (DataObject) get("packageInstance");
        Assert.exists(dataObject, DataObject.class);
        return new PackageInstance(dataObject);
    }  */
 //  /**
 //   * 
 //   * @return
 //   * @deprecated refactor to use other methods of class aüpplication instead
 //   */
 /*  private void setPackageInstance(PackageInstance packageInstance) {
        Assert.exists(packageInstance, PackageInstance.class);
        setAssociation("packageInstance", packageInstance);
    }   */
 //  /** 
 //    * 
 //   * Needs to be getSiteNodes instead.
 //   * @return Can return null.
 //   * @deprecated 
 //   */
 /*  public SiteNode getSiteNode() {
        DataObject packageInstance = (DataObject)get("packageInstance");
        DataAssociation siteNodes = (DataAssociation)packageInstance.get
            ("mountPoint");
        DataAssociationCursor siteNodesCursor = siteNodes.cursor();
        DataObject siteNode = null;
        if (siteNodesCursor.next()) {
            siteNode = siteNodesCursor.getDataObject();
        }
        siteNodesCursor.close();
        if (siteNode == null) {
            return null;
        } else {
            return new SiteNode(siteNode);
        }
    }    */
    // Can return null.
    /**
@ -579,9 +468,9 @@ public class Application extends Resource {
        }
    }
-    //
+    // //////////////////
    // Member properties
-    //
+    // //////////////////
    /**
     * Returns the path to this application through the dispatcher.
@ -624,9 +513,6 @@ public class Application extends Resource {
        }
    }
    // XXX primary URL doesn't keep in sync with sitenode hierarchy
    // We need to use a trigger-like mechanism to keep the primaryURL
    // denormalization correct.
    /**
     * @deprecated Use {@link #setPath(String)} instead
     */
@ -649,7 +535,9 @@ public class Application extends Resource {
 * in parallel we have to use a trailing slash for legacy free applications,
 * otherwise they will not be found by methods like retrieveApplicationForPath()
 * which is called by legacy compatible apps including a trailing slash. If 
- * legacy free apps are stored without trailing slash the search will never match.  
+ * legacy free apps are stored without trailing slash the search will never match.
 * The same is true as long as we mix old style dispatcher code with new style
 * servlet code.
 */
 //          Assert.isTrue
 //              (path.equals("") || (path.startsWith(SLASH)
@ -704,6 +592,12 @@ public class Application extends Resource {
        return apps;
    }
    /**
     * 
     * @param applicationObjectType
     * @param path
     * @return 
     */
    public static boolean isInstalled (String applicationObjectType,
                                       String path) {
        DataCollection dataCollection =
@ -719,27 +613,6 @@ public class Application extends Resource {
        }
    }
    //
    // To support ACSObject services
    //
 /*  private static SiteNode makeSiteNode(String urlName, Application parent) {
        SiteNode siteNode;
        if (parent == null) {
            siteNode = SiteNode.createSiteNode(urlName);
        } else {
            SiteNode parentSiteNode = parent.getSiteNode();
            Assert.exists(parentSiteNode, Application.class);
            siteNode = SiteNode.createSiteNode(urlName, parentSiteNode);
        }
        Assert.exists(siteNode, SiteNode.class);
        return siteNode;
    }  */
    /**
     * Returns a canonical application URL.  This is a utility method
     * that constructs a URL fragment (just the path relative to the
@ -759,6 +632,10 @@ public class Application extends Resource {
        return canonicalURL ;
    }
    /**
     * 
     * @return 
     */
    public String getContextPath() {
        return "";
    }
@ -801,6 +678,9 @@ public class Application extends Resource {
        return URL.SERVLET_DIR + "/legacy-adapter";
    }
    /**
     * 
     */
    @Override
    protected void beforeSave() {
        if (isPropertyModified(PRIMARY_URL) || isNew()) {
@ -810,6 +690,9 @@ public class Application extends Resource {
        super.beforeSave();
    }
    /**
     * 
     */
    // This should be done through PDL
    @Override
    public void beforeDelete() {
@ -820,17 +703,24 @@ public class Application extends Resource {
    //  }
    }
    /** 
     * 
     */ 
    @Override
    public void afterDelete() {
        BaseDispatcher.scheduleRefresh();
    }
    /**
     * 
     * @param group 
     */
    public void setGroup(Group group) {
-	setAssociation("containerGroup", group);
+        setAssociation("containerGroup", group);
-	Group parentGroup = getApplicationType().getGroup();
+        Group parentGroup = getApplicationType().getGroup();
-	if (parentGroup != null) {
+        if (parentGroup != null) {
-	    parentGroup.addSubgroup(group);
+            parentGroup.addSubgroup(group);
-	}
+        }
    }
    // note group is  deleted if application is deleted
@ -846,22 +736,22 @@ public class Application extends Resource {
     * 
     */
    public void createGroup() {
-	Assert.isEqual(getGroup(), null,
+        Assert.isEqual(getGroup(), null,
-			"Group has already been created for Application " + getTitle());
+              "Group has already been created for Application " + getTitle());
-	Group group = new Group();
+        Group group = new Group();
-	group.setName(getTitle() + " Groups");
+        group.setName(getTitle() + " Groups");
-	s_log.debug("created group " + group.getName());
+        s_log.debug("created group " + group.getName());
-		
+
-	setAssociation("containerGroup", group);
+        setAssociation("containerGroup", group);
-	Application parentApp = getParentApplication();
+        Application parentApp = getParentApplication();
-	Group parentGroup = parentApp == null ? null : parentApp.getGroup();
+        Group parentGroup = parentApp == null ? null : parentApp.getGroup();
-	if (parentGroup == null) {
+        if (parentGroup == null) {
-	    parentGroup = getApplicationType().getGroup();
+            parentGroup = getApplicationType().getGroup();
-	}
+        }
-	if (parentGroup != null) {
+        if (parentGroup != null) {
-	    parentGroup.addSubgroup(group);
+            parentGroup.addSubgroup(group);
-	    s_log.debug("setting new group as subgroup of " + parentGroup.getName());
+            s_log.debug("setting new group as subgroup of " + parentGroup.getName());
        }
    }
@ -876,12 +766,13 @@ public class Application extends Resource {
     */
    @Override
    public void setTitle (String title) {
-	super.setTitle(title);
+        super.setTitle(title);
-	Group containerGroup = getGroup();
+        Group containerGroup = getGroup();
-	if (containerGroup != null) {
+        if (containerGroup != null) {
-	    containerGroup.setName(getTitle() + " Groups");
+            containerGroup.setName(getTitle() + " Groups");
        }
    }
    /**
     * Group associated with this application type. Usually
     * used as a container group to keep group admin tidy.
@ -889,7 +780,8 @@ public class Application extends Resource {
     * @return null if no group is associated with this application type
     */
    public Group getGroup() {
-	return (Group) DomainObjectFactory.newInstance(
+        return (Group) DomainObjectFactory.newInstance(
-			(DataObject) get("containerGroup"));
+                                            (DataObject) get("containerGroup"));
    }
 }
--- a/ccm-core/src/com/arsdigita/web/ApplicationType.java
+++ b/ccm-core/src/com/arsdigita/web/ApplicationType.java
@ -18,27 +18,26 @@
 */
 package com.arsdigita.web;
 import com.arsdigita.db.Sequences;
 import com.arsdigita.domain.DomainObjectFactory;
 import com.arsdigita.kernel.Group;
 import com.arsdigita.kernel.ResourceType;
 // import com.arsdigita.kernel.PackageType;
 import com.arsdigita.kernel.permissions.PrivilegeDescriptor;
 import com.arsdigita.persistence.DataObject;
 import com.arsdigita.persistence.OID;
 import com.arsdigita.persistence.SessionManager;
 import com.arsdigita.persistence.DataCollection;
 import com.arsdigita.persistence.DataAssociation;
 import com.arsdigita.persistence.DataAssociationCursor;
 import com.arsdigita.persistence.DataCollection;
 import com.arsdigita.persistence.DataObject;
 import com.arsdigita.persistence.OID;
 import com.arsdigita.persistence.PersistenceException;
-// import com.arsdigita.domain.DataObjectNotFoundException;
+import com.arsdigita.persistence.SessionManager;
 import com.arsdigita.domain.DomainObjectFactory;
 import com.arsdigita.db.Sequences;
 import com.arsdigita.util.Assert;
 import com.arsdigita.util.StringUtils;
 import java.util.LinkedList;
 import java.util.Collection;
 import java.math.BigDecimal;
 import java.sql.SQLException;
 import java.util.Collection;
 import java.util.LinkedList;
 import org.apache.log4j.Logger;
 /**
@ -62,7 +61,6 @@ public class ApplicationType extends ResourceType {
    public static final String BASE_DATA_OBJECT_TYPE =
                               "com.arsdigita.web.ApplicationType";
 //  private PackageType m_packageType;
    boolean m_legacyFree = true;
    /**
@ -75,9 +73,7 @@ public class ApplicationType extends ResourceType {
     */
    public ApplicationType(DataObject dataObject) {
        super(dataObject);
    //  if (this.getPackageType() == null) { // indicates a legacy free app
            m_legacyFree = true;
    //  }   // otherwise leave it on its default value of false
    }
    protected ApplicationType(String dataObjectType) {
@ -94,13 +90,8 @@ public class ApplicationType extends ResourceType {
    protected ApplicationType(final String objectType,
                              final String title,
                              final String applicationObjectType) {
        this(objectType, title, applicationObjectType, false);
    //  under some circumstances m_legacyFree is set correctly to true
    //  if (m_legacyFree == false) {  //check if default value is correct!
    //      if (this.getPackageType() == null) { // indicates a legacy free app
    //          m_legacyFree = true;
    //      }   // otherwise leave it on its default value of false
    //  }
    }
@ -129,7 +120,7 @@ public class ApplicationType extends ResourceType {
        if (createContainerGroup) {
            createGroup();
        }
-        m_legacyFree = true;
+
    }
    @Override
@ -137,24 +128,6 @@ public class ApplicationType extends ResourceType {
        return BASE_DATA_OBJECT_TYPE;
    }
    // ensure legacy free instance variable is set correctly 
    // previously only set on creation of application type 
    // (to be honest I can't remember the problem that was 
    // causing, but it did cause a problem in some 
    // circumstances)
    // Method overwrites a (overwritable) method provided by the super class to
    // process a created (empty) data object.
 //  @Override
 //  public void initialize() {
 //      super.initialize();
 //      s_log.debug("initialising application type "); 
 //      if (!isNew() && getPackageType() == null) {
 //          s_log.debug("legacy free type");
 //          m_legacyFree = true;
 //          
 //      }
 //  }
    private void setDefaults() {
        // Defaults for standalone applications.
@ -208,7 +181,12 @@ public class ApplicationType extends ResourceType {
        return new ApplicationType(dataObject);
    }
-    // Can return null.
+
    /**
     * 
     * @param applicationObjectType
     * @return Can return null.
     */
    public static ApplicationType retrieveApplicationTypeForApplication
                                      (String applicationObjectType) {
@ -231,6 +209,10 @@ public class ApplicationType extends ResourceType {
        return applicationType;
    }
    /**
     * 
     * @return 
     */
    public static ApplicationTypeCollection retrieveAllApplicationTypes() {
        DataCollection collection =
            SessionManager.getSession().retrieve(BASE_DATA_OBJECT_TYPE);
@ -246,6 +228,10 @@ public class ApplicationType extends ResourceType {
    // Member properties
    //
    /**
     * 
     * @return 
     */
    @Override
    public String getTitle() {
        String title = (String) get("title");
@ -255,6 +241,10 @@ public class ApplicationType extends ResourceType {
        return title;
    }
    /**
     * 
     * @param title 
     */
    @Override
    public void setTitle(String title) {
        Assert.exists(title, "title");
@ -262,7 +252,11 @@ public class ApplicationType extends ResourceType {
        set("title", title);
    }
-    // Can return null.
+
    /**
     * 
     * @return Can return null.
     */
    @Override
    public String getDescription() {
        final String description = (String) get("description");
@ -466,24 +460,9 @@ public class ApplicationType extends ResourceType {
    // the class name without leading package name.
    public String getName() {
     // if (m_legacyFree == true ) {
            s_log.debug("Expect XSL templates at " + StringUtils.urlize(getTitle()));
            return StringUtils.urlize(getTitle());
     // } else {
            // m_legacyFree seems sometimes not set correctly! It's odd but the
            // goal is to get rid of legacy code so it should do it for the
            // time beeing. We svn rename check getPackageType to see if m_legacyFree is
            // really set correctly.
       //   if (getPackageType() == null) { // indicates legacy free App
       //       s_log.debug("Expect XSL templates at "
       //                   + StringUtils.urlize(getTitle()));
       //       m_legacyFree = true;   // correct m_legacyFree for future use
       //       return StringUtils.urlize(getTitle());
       //   } else {
       //       return this.getPackageType().getKey();
       //   }
     // }
    }
    /**
@ -510,9 +489,7 @@ public class ApplicationType extends ResourceType {
    public boolean isSingleton() {
        final Boolean result = (Boolean) get("isSingleton");
        Assert.exists(result, "Boolean result");
        return result.booleanValue();
    }
@ -523,10 +500,9 @@ public class ApplicationType extends ResourceType {
     */
    @Override
    public BigDecimal getID() {
        BigDecimal id = (BigDecimal)get("id");
        Assert.exists(id, "id");
        return id;
    }
--- a/ccm-core/src/com/arsdigita/web/InternalRequestLocal.java
+++ b/ccm-core/src/com/arsdigita/web/InternalRequestLocal.java
@ -24,11 +24,10 @@ import javax.servlet.http.HttpServletRequest;
 import org.apache.log4j.Logger;
 /**
- * <p>A class that provides request-framed control over a thread-local
+ * A class that provides request-framed control over a thread-local
 * value.  With such control, it is possible to safely reuse
 * thread-local data across requests.  For example, the following
- * <code>InternalRequestLocal</code> reuses a
+ * <code>InternalRequestLocal</code> reuses a <code>HashMap</code>.
 * <code>HashMap</code>.</p>
 *
 * <pre><blockquote>
 * class HashMapRequestLocal extends InternalRequestLocal {
@ -76,12 +75,26 @@ import org.apache.log4j.Logger;
 */
 class InternalRequestLocal extends ThreadLocal {
-    private static final Logger s_log = Logger.getLogger
+    private static final Logger s_log = 
-        (InternalRequestLocal.class);
+                         Logger.getLogger(InternalRequestLocal.class);
    private static final ArrayList s_locals = new ArrayList();
-    static final void prepareAll(final HttpServletRequest sreq) {
+    /**
     * <p>Constructs a new InternalRequestLocal and registers it to be
     * initialized and cleared on each request.</p>
     */
    public InternalRequestLocal() {
        super();
        s_locals.add(this);
    }
    /**
     * 
     * @param sreq 
     */
    static void prepareAll(final HttpServletRequest sreq) {
        if (s_log.isDebugEnabled()) {
            s_log.debug("Initializing all request-local objects; there are " +
                        s_locals.size());
@ -96,7 +109,10 @@ class InternalRequestLocal extends ThreadLocal {
        }
    }
-    static final void clearAll() {
+    /**
     * 
     */
    static void clearAll() {
        if (s_log.isDebugEnabled()) {
            s_log.debug("Clearing all request-local objects; there are " +
                        s_locals.size());
@ -111,16 +127,6 @@ class InternalRequestLocal extends ThreadLocal {
        }
    }
    /**
     * <p>Constructs a new InternalRequestLocal and registers it to be
     * initialized and cleared on each request.</p>
     */
    public InternalRequestLocal() {
        super();
        s_locals.add(this);
    }
    /**
     * <p>Called at the start of each request, this method returns the
     * request-initialized value of the thread-local variable.</p>
--- a/ccm-core/src/com/arsdigita/web/Web.java
+++ b/ccm-core/src/com/arsdigita/web/Web.java
@ -19,22 +19,21 @@
 package com.arsdigita.web;
 import com.arsdigita.kernel.security.UserContext;
 import com.arsdigita.util.Assert;
 import com.arsdigita.util.StringUtils;
 import com.arsdigita.util.UncheckedWrapperException;
 import com.arsdigita.kernel.security.UserContext;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.ServletContext;
 import javax.servlet.RequestDispatcher;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
 import java.util.HashMap;
 import java.util.Map;
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServletRequest;
 import org.apache.log4j.Logger;
 /**
@ -46,10 +45,10 @@ import org.apache.log4j.Logger;
 */
 public class Web {
    public static final String ROOT_WEBAPP = "ROOT";
    private static final Logger s_log = Logger.getLogger(Web.class);
    public static final String ROOT_WEBAPP = "ROOT";
    private static final ThreadLocal s_request =
                                     new InternalRequestLocal();
    private static final ThreadLocal s_servletContext =
@ -64,6 +63,9 @@ public class Web {
    private static WebConfig s_config;
    /**
     * 
     */
    static void init(final HttpServletRequest sreq,
                     final ServletContext sc,
                     final UserContext uc) {
--- a/ccm-core/src/com/arsdigita/web/WebConfig.java
+++ b/ccm-core/src/com/arsdigita/web/WebConfig.java
@ -76,6 +76,7 @@ public final class WebConfig extends AbstractConfig {
        m_host = new HttpHostParameter
            ("waf.web.host", Parameter.OPTIONAL, null) {
                @Override
                public final Object getDefaultValue() {
                    return getServer();
                }
@ -83,6 +84,7 @@ public final class WebConfig extends AbstractConfig {
        m_site = new StringParameter
            ("waf.web.site_name", Parameter.OPTIONAL, null) {
                @Override
                public final Object getDefaultValue() {
                    final HttpHost host = getServer();