Reorganized TPS templates and scripts.

The templates, JS, and CGI scripts for TPS have been moved
into the TPS core package. Removed unused cfg.pl.

Ticket #407

151 files changed, 32533 insertions, 63 deletions

diff --git a/base/tps/apache/cgi-bin/demo/Enroll.html b/base/tps/apache/cgi-bin/demo/Enroll.html
new file mode 100755
index 000000000..df00dbee4
--- /dev/null
+++ b/base/tps/apache/cgi-bin/demo/Enroll.html
@@ -0,0 +1,81 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/demo/style.css" type="text/css">
+
+<title>Enrollment</title>
+</head>
+<script type="text/JavaScript" src="/esc/demo/util.js">
+</script>
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+<table width="100%" class="logobar">
+  <tr>
+    <td>
+<img alt="" src="/pki/esc/demo/logo.jpg">
+    </td>
+    <td>
+      <p class="headerText">Veracify Investments Smartcard Enrollment</p>
+    </td>
+  </tr>
+</table>
+  <table id="BindingTable" width="200px" align="center">
+    <tr id="HeaderRow">
+       <td></td>
+    </tr>
+  </table>
+  <p class="bodyText">You have plugged in your Veracify Investments smartcard! After answering a few easy questions, you will be able to use your smartcard to securely manage your investment portfolio.
+  </p>
+  <p class="bodyText"> 
+      Now we would like you to identify yourself as a current Veracify Investments Customer.
+   </p>  
+    <table>
+      <tr>
+        <td><p >Veracify Account Name: </p></td>
+        <td> </td>
+        <td><input type="text" id="snametf"  value=""></td>
+         <td> </td>
+        <td><p>Veracify Account Number: </p></td>
+         <td> </td>
+        <td><input type="password" id="snamepwd" value=""></td>
+      </tr>
+
+      </table>
+
+      <p class="bodyText"> Before you can use your smartcard, you will need a password to protect it.</p> 
+      <table>
+      <tr>
+        <td><p >Password:</p></td>
+        <td><input type="password" id="pintf" name="pintf" value=""></td>
+
+        <td><p >Re-Enter Password:</p></td>
+        <td><input type="password" id="reenterpintf" name="reenterpintf" value=""></td>
+    </table>
+    <br>
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Enroll My Veracify Smartcard" onClick="DoEnrollCOOLKey();">
+        </td>
+      </tr>
+    </table>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/demo/enroll.cgi b/base/tps/apache/cgi-bin/demo/enroll.cgi
index c0f4bcabf..c0f4bcabf 100755
--- a/base/tps/forms/esc/cgi-bin/demo/enroll.cgi
+++ b/base/tps/apache/cgi-bin/demo/enroll.cgi
diff --git a/base/tps/forms/esc/cgi-bin/demo/index.cgi b/base/tps/apache/cgi-bin/demo/index.cgi
index c9a1d21dd..c9a1d21dd 100755
--- a/base/tps/forms/esc/cgi-bin/demo/index.cgi
+++ b/base/tps/apache/cgi-bin/demo/index.cgi
diff --git a/base/tps/forms/esc/esc.cgi b/base/tps/apache/cgi-bin/esc.cgi
index 70a93c0a0..70a93c0a0 100755
--- a/base/tps/forms/esc/esc.cgi
+++ b/base/tps/apache/cgi-bin/esc.cgi
diff --git a/base/tps/forms/esc/home.cgi b/base/tps/apache/cgi-bin/home.cgi
index 5fdf5ecf8..5fdf5ecf8 100755
--- a/base/tps/forms/esc/home.cgi
+++ b/base/tps/apache/cgi-bin/home.cgi
diff --git a/base/tps/apache/cgi-bin/home/Enroll.html b/base/tps/apache/cgi-bin/home/Enroll.html
new file mode 100755
index 000000000..218da280c
--- /dev/null
+++ b/base/tps/apache/cgi-bin/home/Enroll.html
@@ -0,0 +1,79 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/home/style.css" type="text/css">
+
+<title>Enrollment</title>
+</head>
+<script type="text/JavaScript" src="/esc/home/util.js">
+</script>
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+<table width="100%" class="logobar">
+  <tr>
+    <td>
+<img alt="" src="/pki/esc/home/logo.jpg">
+    </td>
+    <td>
+      <p class="headerText">Smartcard Enrollment</p>
+    </td>
+  </tr>
+</table>
+  <table id="BindingTable" width="200px"align="center">
+    <tr id="HeaderRow">
+    </tr>
+  </table>
+  <p class="bodyText">You have plugged in your smartcard! After answering a few easy questions, you will be able to use your smartcard.
+  </p>
+  <p class="bodyText"> 
+      Now we would like you to identify yourself.
+   </p>  
+    <table>
+      <tr>
+        <td><p >LDAP User ID: </p></td>
+        <td> </td>
+        <td><input type="text" id="snametf"  value=""></td>
+         <td> </td>
+        <td><p>LDAP Password: </p></td>
+         <td> </td>
+        <td><input type="password" id="snamepwd" value=""></td>
+      </tr>
+
+      </table>
+
+      <p class="bodyText"> Before you can use your smartcard, you will need a password to protect it.</p> 
+      <table>
+      <tr>
+        <td><p >Password:</p></td>
+        <td><input type="password" id="pintf" name="pintf" value=""></td>
+
+        <td><p >Re-Enter Password:</p></td>
+        <td><input type="password" id="reenterpintf" name="reenterpintf" value=""></td>
+    </table>
+    <br>
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Enroll My Smartcard" onClick="DoEnrollCOOLKey();">
+        </td>
+      </tr>
+    </table>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/home/cachain.cgi b/base/tps/apache/cgi-bin/home/cachain.cgi
index ddbf5e6ae..ddbf5e6ae 100755
--- a/base/tps/forms/esc/cgi-bin/home/cachain.cgi
+++ b/base/tps/apache/cgi-bin/home/cachain.cgi
diff --git a/base/tps/forms/esc/cgi-bin/home/enroll.cgi b/base/tps/apache/cgi-bin/home/enroll.cgi
index c0f4bcabf..c0f4bcabf 100755
--- a/base/tps/forms/esc/cgi-bin/home/enroll.cgi
+++ b/base/tps/apache/cgi-bin/home/enroll.cgi
diff --git a/base/tps/forms/esc/cgi-bin/home/index.cgi b/base/tps/apache/cgi-bin/home/index.cgi
index 1e54a8354..1e54a8354 100755
--- a/base/tps/forms/esc/cgi-bin/home/index.cgi
+++ b/base/tps/apache/cgi-bin/home/index.cgi
diff --git a/base/tps/apache/cgi-bin/so/Enroll.html b/base/tps/apache/cgi-bin/so/Enroll.html
new file mode 100755
index 000000000..3d2fa6daa
--- /dev/null
+++ b/base/tps/apache/cgi-bin/so/Enroll.html
@@ -0,0 +1,138 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/so/style.css" type="text/css">
+
+<title>Enrollment</title>
+</head>
+<script type="text/JavaScript" src="/esc/so/util.js">
+</script>
+
+<script type="text/javascript">
+<!--
+function UserSelectRowByKeyID(keyType, keyID)
+{
+  DoCoolKeySetConfigValue("Operation-" + keyID,
+           "http://$host:$port/nk_service");
+  DoCoolKeySetConfigValue("TokenType-" + keyID, "userKey");
+  SelectRowByKeyID(keyType, keyID);
+}
+
+function UserOnDoneInitializeBindingTable()
+{
+  var arr = GetAvailableCOOLKeys();
+  var i;
+  for (i=0; i < arr.length; i++)
+  {
+    var keyType = arr[i][0];
+    var keyID = arr[i][1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+    UserSelectRowByKeyID(keyType, keyID);
+  }
+}
+
+function UserOnCOOLKeyStateError()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+}
+
+
+function toggleAjaxProgress(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.style.display = 'none';
+  } else {
+    e.style.display = 'block';
+  }
+}
+
+function UserOnCOOLKeyStatusUpdate(data)
+{
+  var progress = document.getElementById("progress");
+
+  if(progress)
+      progress.innerHTML = data + "%";
+}
+
+// -->
+</script>
+
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+<table width="100%" class="logobar">
+  <tr>
+    <td>
+<!--<img alt="" src="/pki/esc/so/images/logo.gif"> -->
+    </td>
+    <td align = "center">
+      <p class="headerText">Security Officer Enrollment</p>
+    </td>
+  </tr>
+</table>
+  <div id="pb" style="display:none;">
+  <table id="BindingTable" width="200px"align="center">
+    <tr id="HeaderRow">
+    </tr>
+  </table>
+  </div>
+  <p class="bodyText">You have plugged in your smartcard! After answering a few easy questions, you will be able to enroll the smartcard for the Security Officer user.
+  </p>
+  <p class="bodyText"> 
+      Now we would like you to identify yourself.
+   </p>  
+    <table>
+      <tr>
+        <td><p >LDAP User ID: </p></td>
+        <td> </td>
+        <td><input type="text" id="snametf"  value=""></td>
+         <td> </td>
+        <td><p>LDAP Password: </p></td>
+         <td> </td>
+        <td><input type="password" id="snamepwd" value=""></td>
+      </tr>
+
+      </table>
+
+      <p class="bodyText"> Before you can use your smartcard, you will need a password to protect it.</p> 
+      <table>
+      <tr>
+        <td><p >Password:</p></td>
+        <td><input type="password" id="pintf" name="pintf" value=""></td>
+
+        <td><p >Re-Enter Password:</p></td>
+        <td><input type="password" id="reenterpintf" name="reenterpintf" value=""></td>
+    </table>
+    <br>
+    <div id="ajax-pb" style="display:none;">
+       <img src="/pki/esc/so/images/indicator.gif">
+       <h2 id="progress" name="progress" value="0%" ></h2>
+    </table>
+    </div>
+
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Enroll My Smartcard" onClick="toggleAjaxProgress('ajax-pb','on');DoEnrollCOOLKey();">
+        </td>
+      </tr>
+    </table>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/so/enroll.cgi b/base/tps/apache/cgi-bin/so/enroll.cgi
index 148cd78c0..148cd78c0 100755
--- a/base/tps/forms/esc/cgi-bin/so/enroll.cgi
+++ b/base/tps/apache/cgi-bin/so/enroll.cgi
diff --git a/base/tps/forms/esc/cgi-bin/so/index.cgi b/base/tps/apache/cgi-bin/so/index.cgi
index 7b3f2c68d..7b3f2c68d 100755
--- a/base/tps/forms/esc/cgi-bin/so/index.cgi
+++ b/base/tps/apache/cgi-bin/so/index.cgi
diff --git a/base/tps/forms/esc/cgi-bin/sow/ajax-list.cgi b/base/tps/apache/cgi-bin/sow/ajax-list.cgi
index 0f4ac094f..0f4ac094f 100755
--- a/base/tps/forms/esc/cgi-bin/sow/ajax-list.cgi
+++ b/base/tps/apache/cgi-bin/sow/ajax-list.cgi
diff --git a/base/tps/forms/esc/cgi-bin/sow/cfg.pl b/base/tps/apache/cgi-bin/sow/cfg.pl
index d616fa136..64e612aaa 100755
--- a/base/tps/forms/esc/cgi-bin/sow/cfg.pl
+++ b/base/tps/apache/cgi-bin/sow/cfg.pl
@@ -1,27 +1,28 @@
 #! /usr/bin/perl
 #
 # --- BEGIN COPYRIGHT BLOCK ---
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation.
-# 
-# This library is distributed in the hope that it will be useful,
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-# 
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor,
-# Boston, MA  02110-1301  USA 
-# 
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
 # Copyright (C) 2007 Red Hat, Inc.
 # All rights reserved.
 # --- END COPYRIGHT BLOCK ---
 #
 
-use Mozilla::LDAP::Conn;
-use PKI::TPS::Common;
+#
+# Establish platform-dependent variables:
+#
+my $ldapsearch="/usr/bin/ldapsearch";
 
 #
 # Feel free to modify the following parameters:
@@ -35,6 +36,11 @@ my $host = "localhost";
 
 my $cfg = "/var/lib/pki-tps/conf/CS.cfg";
 
+sub get_ldapsearch()
+{
+  return $ldapsearch;
+}
+
 sub get_ldap_host()
 {
   my $ldapport = `grep auth.instance.0.hostport $cfg | cut -c26-`;
@@ -51,20 +57,6 @@ sub get_ldap_port()
   return $ldapPort;
 }
 
-sub get_ldap_secure()
-{
-  my $ldapsecure = `grep auth.instance.0.ssl $cfg | cut -c21-`;
-  chomp($ldapsecure);
-  return $ldapsecure;
-}
-
-sub get_ldap_certdir()
-{
-  my $ldapcertdir = `grep service.instanceDir $cfg | cut -c21-`;
-  chomp($ldapcertdir);
-  return $ldapcertdir . "/alias";
-}
-
 sub get_base_dn()
 {
   my $basedn = `grep auth.instance.0.baseDN $cfg | cut -c24-`;
@@ -105,9 +97,6 @@ sub is_agent()
   my $x_hostport = `grep -e "^tokendb.hostport" $cfg | cut -c18-`;
   chomp($x_hostport);
   my ($x_host, $x_port) = split(/:/, $x_hostport);
-
-  my $x_secureconn = `grep -e "^tokendb.ssl" $cfg | cut -c13-`;
-  chomp($x_secureconn);
   my $x_basedn = `grep -e "^tokendb.userBaseDN" $cfg | cut -c20-`;
   chomp($x_basedn);
   my $x_binddn = `grep -e "^tokendb.bindDN" $cfg | cut -c16-`;
@@ -117,24 +106,24 @@ sub is_agent()
   my $x_bindpwd = `grep -e "^tokendbBindPass" $x_bindpwdpath | cut -c17-`;
   chomp($x_bindpwd);
 
-  my $ldap =  PKI::TPS::Common::make_connection(
-                  {host => $x_host, port => $x_port, pswd => $x_bindpwd, bind => $x_binddn, cert => $x_certdir},
-                  $x_secureconn);
+   my $cmd = $ldapsearch . " " .
+            "-x" .
+            "-D \"" . $x_binddn . "\" " .
+            "-w \"" . $x_bindpwd . "\" " .
+            "-b \"" . "cn=TUS Officers,ou=Groups,".$x_basedn . "\" " .
+            "-h \"" . $x_host . "\" " .
+            "-p \"" . $x_port ."\" " .
+            "-LLL \"(uid=" . $uid . "*)\" | wc -l";
 
-  return 0 if (! $ldap);
+  my $matched = `$cmd`;
 
-  my $entry = $ldap->search ( "cn=TUS Officers,ou=Groups,$x_basedn",
-                              "sub",
-                              "uid=$uid",
-                              0
-                            );
+  chomp($matched);
 
-  $ldap->close();
-
-  if ($entry) {
-     return 1;
+  if ($matched eq "0" || $matched eq "") {
+    return 0;
+  } else {
+    return 1;
   }
-  return 0;
 }
 
 sub is_user()
@@ -147,28 +136,33 @@ sub is_user()
   $uid = $1;
 
   my $x_host = get_ldap_host();
-  my $x_port = get_ldap_port();
-  my $x_secureconn = get_ldap_secure();
+  $x_port = get_ldap_port();
   my $x_basedn = get_base_dn();
-  my $x_certdir = get_ldap_certdir();
+  chomp($x_basedn);
+  my $x_binddn = `grep -e "^tokendb.bindDN" $cfg | cut -c16-`;
+  chomp($x_binddn);
+  my $x_bindpwdpath = `grep -e "^tokendb.bindPassPath" $cfg | cut -c22-`;
+  chomp($x_bindpwdpath);
+  my $x_bindpwd = `grep -e "^tokendbBindPass" $x_bindpwdpath | cut -c17-`;
+  chomp($x_bindpwd);
 
-  my $ldap = PKI::TPS::Common::make_connection(
-                  {host => $x_host, port => $x_port, cert => $x_certdir},
-                  $x_secureconn);
+   my $cmd = $ldapsearch . " " .
+            "-x" .
+            "-D \"" . $x_binddn . "\" " .
+            "-w \"" . $x_bindpwd . "\" " .
+            "-b \"" . "ou=people,".$x_basedn . "\" " .
+            "-h \"" . $x_host . "\" " .
+            "-p \"" . $x_port ."\" " .
+            "-LLL \"(uid=" . $uid . "*)\" | wc -l";
 
-  return 0 if (! $ldap);
 
-  my $entry = $ldap->search ( "ou=people,$x_basedn",
-                              "sub",
-                              "uid=$uid",
-                               0
-                            );
+  my $matched = `$cmd`;
 
-  $ldap->close();
+  chomp($matched);
 
-  if ($entry) {
-     return 1;
+  if ($matched eq "0" || $matched eq "") {
+    return 0;
+  } else {
+    return 1;
   }
-  return 0;
 }
-
diff --git a/base/tps/forms/esc/cgi-bin/sow/enroll.cgi b/base/tps/apache/cgi-bin/sow/enroll.cgi
index 8a6431e52..8a6431e52 100755
--- a/base/tps/forms/esc/cgi-bin/sow/enroll.cgi
+++ b/base/tps/apache/cgi-bin/sow/enroll.cgi
diff --git a/base/tps/apache/cgi-bin/sow/enroll.html b/base/tps/apache/cgi-bin/sow/enroll.html
new file mode 100755
index 000000000..7bc377ffe
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/enroll.html
@@ -0,0 +1,260 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Enrollment</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<script type="text/JavaScript" src="/esc/sow/util.js"></script>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+<script type="text/javascript">
+<!--
+function UserOnCOOLKeyStateError()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function UserSelectRowByKeyID(keyType, keyID)
+{
+  DoCoolKeySetConfigValue("Operation-" + keyID,
+           "https://$host:$secure_port/nk_service");
+  DoCoolKeySetConfigValue("TokenType-" + keyID, "userKey");
+  SelectRowByKeyID(keyType, keyID);
+}
+
+function updateKeyText(text)
+{
+  var f = document.getElementById('keytext');
+  new Effect.Shake(f);
+  var text = document.createTextNode(text);
+  var len= f.childNodes.length;  
+  for (i=0;i<len;i++){
+       f.removeChild(f.childNodes[0]);
+  }
+  f.appendChild(text);
+}
+
+var officerToken = null;
+
+function UserOnDoneInitializeBindingTable()
+{
+  document.body.onkeyup = onUserKeyUp;
+  var enrollbtn = document.getElementById('enrollbtn');
+  enrollbtn.disabled = true;
+  var pintf = document.getElementById('pintf');
+  pintf.focus();
+
+  // display existing blank smart
+  var arr = GetAvailableCOOLKeys();
+  if (!arr || arr.length < 1)
+    return;
+  var i;
+  for (i=0; i < arr.length; i++)
+  {
+    var keyType = arr[i][0];
+    var keyID = arr[i][1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+    if (keyStatus == "BLANK") {
+      updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    } else if (keyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    }
+    if(keyStatus == "ENROLLED" ) {
+        var uid =  GetCoolKeyIssuedTo(keyType,keyID);
+        if(uid)
+        {
+            isAgent = window.IsAgentOrUser(uid,"agent");
+        }
+        if(isAgent == true)
+        {
+            officerToken = keyID;
+        }
+    }
+
+  }
+}
+
+function UserOnCOOLKeyInserted(keyType, keyID)
+{
+  var arr = GetAvailableCOOLKeys();
+  var curKeyType = null;
+  var curKeyID = null;
+  var curKeyStatus = null;
+  var i = 0;
+  var enrollbtn = document.getElementById('enrollbtn');
+  while(1) {
+      if (arr && arr.length <= 1  )
+      {
+          toggleButton('enrollbtn','off');
+          return;
+      }
+      if (arr && arr.length > 1 )
+      {
+          toggleButton('enrollbtn','on');
+      }
+      curKeyType = arr[i][0];
+      curKeyID = arr[i][1];
+
+      var curKeyStatus = GetStatusForKeyID(curKeyType, curKeyID);
+      if(!(curKeyID == officerToken && curKeyStatus == "ENROLLED")) {
+          break;
+      }
+      i++;
+  }
+
+  if (curKeyStatus == "ENROLLED" || curKeyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + curKeyStatus + ' smartcard "' + curKeyID + '" is detected!');
+  } else {
+      updateKeyText('A ' + curKeyStatus + ' smartcard "' + curKeyID + '" is detected!');
+  }
+
+  var uid = null;
+  var isAgent = null;
+  UserSelectRowByKeyID(curKeyType, curKeyID);
+
+  if(curKeyStatus == "ENROLLED")
+  {
+    uid =  GetCoolKeyIssuedTo(curKeyType,curKeyID);
+    if(uid)
+    {
+        isAgent = window.IsAgentOrUser(uid,"agent");
+    }     
+    if(isAgent == true)
+    {
+        MyAlert("You can't Enroll a card that belongs to another Security Officer!");
+        updateKeyText('A ' + curKeyStatus + ' smartcard "' + curKeyID + '" SECURITY OFFICER is detected!');
+        toggleButton('enrollbtn','off');
+    }
+  }
+}
+
+
+function UserOnCOOLKeyRemoved(keyType, keyID)
+{
+  updateKeyText('Please insert a blank smartcard now!');
+}
+
+function UserOnCOOLKeyStatusUpdate(data)
+{
+  var progress = document.getElementById("progress");
+  if(progress)
+      progress.innerHTML = data + "%";
+}
+
+function toggleAjaxProgress(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.style.display = 'none';
+  } else {
+    e.style.display = 'block';
+  }
+}
+
+function toggleButton(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.disabled = true;
+  } else {
+    e.disabled = false;
+  }
+}
+
+function onUserKeyUp(e)
+{
+  var pintf = document.getElementById('pintf');
+  var reenterpintf = document.getElementById('reenterpintf');
+  var enrollbtn = document.getElementById('enrollbtn');
+  if (e.keyCode == 13) {
+    if (e.target == pintf) {
+      reenterpintf.focus();
+    } else {
+      pintf.focus();
+    }
+  }
+  if (pintf.value != '' && pintf.value == reenterpintf.value) {
+    enrollbtn.disabled = false;
+  } else {
+    enrollbtn.disabled = true;
+  }
+  return e;
+}
+
+// -->
+</script>
+</head>
+
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+
+<div id="pb" style="display:none;">
+  <table id="BindingTable" width="200px" align="center">
+    <tr id="HeaderRow">
+    </tr>
+  </table>
+</div>
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+  <blockquote><p>The security officer has identified the user as <strong>$cn</strong>. The User ID is <strong>$uid</strong>.</p>
+</blockquote>
+<h2><span id="keytext">Please insert new smartcard now!</span></h2>
+      <blockquote><p>The user must provide a password to protect the smart card.</p> </blockquote>
+        New Token Password:<br>
+        <input type="password" id="pintf" name="pintf" value=""><br/>
+        Re-Enter Token Password:<br>
+        <input type="password" id="reenterpintf" name="reenterpintf" value=""><br/>
+        <input type="hidden" id="snametf"  value="$uid">
+        User Password:<br>
+        <input type="password" id="snamepwd" value="">
+    <table width="100%">
+      <tr>
+<td>
+<div id="ajax-pb" style="display:none;">
+  <img src="/pki/esc/sow/images/indicator.gif">
+  <h2 id="progress" name="progress" value="0%" ></h2>
+  </table>
+
+</div>
+</td>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Start Enrollment" onClick="toggleButton('enrollbtn','off');toggleButton('cancel', 'off');toggleAjaxProgress('ajax-pb','on');DoEnrollCOOLKey();">
+          <input type="submit" id="cancel" name="cancel" value="Cancel" onClick="javascript:location.href='/cgi-bin/sow/search.cgi';">
+        </td>
+      </tr>
+    </table>
+  </div>
+</div>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/enroll_temp.cgi b/base/tps/apache/cgi-bin/sow/enroll_temp.cgi
index 5817039a2..5817039a2 100755
--- a/base/tps/forms/esc/cgi-bin/sow/enroll_temp.cgi
+++ b/base/tps/apache/cgi-bin/sow/enroll_temp.cgi
diff --git a/base/tps/apache/cgi-bin/sow/enroll_temp.html b/base/tps/apache/cgi-bin/sow/enroll_temp.html
new file mode 100755
index 000000000..3f2b31ce6
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/enroll_temp.html
@@ -0,0 +1,231 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Enrollment</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<script type="text/JavaScript" src="/esc/sow/util.js"></script>
+<link rel="stylesheet" href="/esc/sow/style.css" media="screen" type="text/css">
+<script type="text/javascript">
+<!--
+function UserOnCOOLKeyStateError()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function UserSelectRowByKeyID(keyType, keyID)
+{
+  DoCoolKeySetConfigValue("Operation-" + keyID,
+           "https://$host:$secure_port/nk_service");
+  DoCoolKeySetConfigValue("TokenType-" + keyID, "userKey");
+  SelectRowByKeyID(keyType, keyID);
+}
+
+function updateKeyText(text)
+{
+  var f = document.getElementById('keytext');
+  new Effect.Shake(f);
+  var text = document.createTextNode(text);
+  var len= f.childNodes.length;  
+  for (i=0;i<len;i++){
+       f.removeChild(f.childNodes[0]);
+  }
+  f.appendChild(text);
+}
+
+var officerToken = null;
+function UserOnDoneInitializeBindingTable()
+{
+  // display existing blank smart
+  var arr = GetAvailableCOOLKeys();
+  if (!arr || arr.length < 1)
+    return;
+  var i;
+  for (i=0; i < arr.length; i++)
+  {
+    var keyType = arr[i][0];
+    var keyID = arr[i][1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+    if (keyStatus == "BLANK") {
+      updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    } else if (keyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    }
+
+    if(keyStatus == "ENROLLED" ) {
+        var uid =  GetCoolKeyIssuedTo(keyType,keyID);
+        if(uid)
+        {
+            isAgent = window.IsAgentOrUser(uid,"agent");
+        }
+        if(isAgent == true)
+        {
+            officerToken = keyID;
+        }
+    }
+
+  }
+}
+
+function UserOnCOOLKeyInserted(keyType, keyID)
+{
+  var arr = GetAvailableCOOLKeys();
+  var curKeyType = null;
+  var curKeyID = null;
+  var curKeyStatus = null;
+  var i = 0;
+  var enrollbtn = document.getElementById('enrollbtn');
+  while(1) {
+      if (arr && arr.length <= 1  )
+      {
+          toggleButton('enrollbtn','off');
+          return;
+      }
+      if (arr && arr.length > 1 )
+      {
+          toggleButton('enrollbtn','on');
+      }
+      curKeyType = arr[i][0];
+      curKeyID = arr[i][1];
+
+      var curKeyStatus = GetStatusForKeyID(curKeyType, curKeyID);
+      if(!(curKeyID == officerToken && curKeyStatus == "ENROLLED")) {
+          break;
+      }
+      i++;
+  }
+
+  if (curKeyStatus == "ENROLLED" || curKeyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + curKeyStatus + ' smartcard "' + curKeyID + '" is detected!');
+  } else {
+      updateKeyText('A ' + curKeyStatus + ' smartcard "' + curKeyID + '" is detected!');
+  }
+
+  var uid = null;
+  var isAgent = null;
+  UserSelectRowByKeyID(curKeyType, curKeyID);
+
+  if(curKeyStatus == "ENROLLED")
+  {
+    uid =  GetCoolKeyIssuedTo(curKeyType,curKeyID);
+    if(uid)
+    {
+        isAgent = window.IsAgentOrUser(uid,"agent");
+    }     
+    if(isAgent == true)
+    {
+        MyAlert("You can't Enroll a temporary card that belongs to another Security Officer!");
+        updateKeyText('A ' + curKeyStatus + ' smartcard "' + curKeyID + '" SECURITY OFFICER is detected!');
+        toggleButton('enrollbtn','off');
+    }
+  }
+}
+
+function UserOnCOOLKeyRemoved(keyType, keyID)
+{
+  updateKeyText('Please insert a blank smartcard now!');
+}
+
+function UserOnCOOLKeyStatusUpdate(data)
+{
+  var progress = document.getElementById("progress");
+  if(progress)
+      progress.innerHTML = data + "%";
+}
+
+
+function toggleAjaxProgress(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.style.display = 'none';
+  } else {
+    e.style.display = 'block';
+  }
+}
+
+function toggleButton(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.disabled = true;
+  } else {
+    e.disabled = false;
+  }
+}
+// -->
+</script>
+</head>
+
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+
+<div id="pb" style="display:none;">
+  <table id="BindingTable" width="200px" align="center">
+    <tr id="HeaderRow">
+    </tr>
+  </table>
+</div>
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+  <blockquote><p>The security officer has identified the user as <strong>$cn</strong>. The User ID is <strong>$uid</strong>.</p>
+</blockquote>
+<h3><span id="keytext">Please insert new smartcard now!</span></h3>
+      <blockquote><p>The user must provide a password to protect the smart card.</p> </blockquote>
+        <h3>New Token Password:</h3>
+        <input type="password" id="pintf" name="pintf" value=""><br/>
+        <h3>Re-Enter Token Password:</h3>
+        <input type="password" id="reenterpintf" name="reenterpintf" value=""><br/>
+        <input type="hidden" id="snametf"  value="$uid">
+        <h3>User Password:</h3>
+        <input type="password" id="snamepwd" value=""><br/>
+    <table width="100%">
+      <tr>
+<td>
+<div id="ajax-pb" style="display:none;">
+  <img src="/pki/esc/sow/images/indicator.gif">
+  <h2 id="progress" name="progress" value="0%" ></h2>
+</div>
+</td>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Start Enrollment" onClick="toggleButton('enrollbtn','off');toggleButton('cancel', 'off');toggleAjaxProgress('ajax-pb','on');DoEnrollTempCOOLKey();">
+          <input type="submit" id="cancel" name="cancel" value="Cancel" onClick="javascript:location.href='/cgi-bin/sow/search.cgi';">
+        </td>
+      </tr>
+    </table>
+  </div>
+</div>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/format.cgi b/base/tps/apache/cgi-bin/sow/format.cgi
index 9b310991d..9b310991d 100755
--- a/base/tps/forms/esc/cgi-bin/sow/format.cgi
+++ b/base/tps/apache/cgi-bin/sow/format.cgi
diff --git a/base/tps/apache/cgi-bin/sow/format.html b/base/tps/apache/cgi-bin/sow/format.html
new file mode 100755
index 000000000..3af35589b
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/format.html
@@ -0,0 +1,236 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Enrollment</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<script type="text/JavaScript" src="/esc/sow/util.js"></script>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+<script type="text/javascript">
+<!--
+
+function UserOnCOOLKeyStateError()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function UserOnCOOLKeyFormatComplete()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function updateKeyText(text)
+{
+  var f = document.getElementById('keytext');
+  new Effect.Shake(f);
+  var text = document.createTextNode(text);
+  var len= f.childNodes.length;  
+  for (i=0;i<len;i++){
+       f.removeChild(f.childNodes[0]);
+  }
+  f.appendChild(text);
+}
+
+function UserSelectRowByKeyID(keyType, keyID)
+{
+  DoCoolKeySetConfigValue("Operation-" + keyID, 
+           "https://$host:$secure_port/nk_service");
+  DoCoolKeySetConfigValue("TokenType-" + keyID, "userKey");
+  SelectRowByKeyID(keyType, keyID);
+}
+
+var officerToken = null;
+
+function UserOnDoneInitializeBindingTable()
+{
+  // display existing blank smart
+  var arr = GetAvailableCOOLKeys();
+  if (!arr || arr.length < 1)
+    return;
+  var i;
+  for (i=0; i < arr.length; i++)
+  {
+    var keyType = arr[i][0];
+    var keyID = arr[i][1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+    if (keyStatus == "BLANK") {
+      updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    } else if (keyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    }
+
+    if(keyStatus == "ENROLLED" ) {
+        var uid =  GetCoolKeyIssuedTo(keyType,keyID);
+        if(uid)
+        {
+            isAgent = window.IsAgentOrUser(uid,"agent");
+        }
+        if(isAgent == true)
+        {
+            officerToken = keyID;
+        }
+    }
+  }
+
+  if (arr && arr.length <= 1  )
+  {
+    toggleButton('enrollbtn','off');
+  }
+}
+
+function UserOnCOOLKeyInserted(keyType, keyID)
+{
+  var arr = GetAvailableCOOLKeys();
+  var curKeyType = null;
+  var curKeyID = null;
+  var curKeyStatus = null;
+  var i = 0;
+  while(1) {
+      if (arr && arr.length <= 1  )
+      {
+          toggleButton('enrollbtn','off');
+          return;
+      }
+      if (arr && arr.length > 1 )
+      {
+          toggleButton('enrollbtn','on');
+      }
+      curKeyType = arr[i][0];
+      curKeyID = arr[i][1];
+      
+      var curKeyStatus = GetStatusForKeyID(curKeyType, curKeyID);
+      if(!(curKeyID == officerToken && curKeyStatus == "ENROLLED")) {
+          break;
+      }
+      i++; 
+  }
+
+  if (curKeyStatus == "ENROLLED" || curKeyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + curKeyStatus + ' smartcard "' + curKeyID + '" is detected!');
+  } else {
+      updateKeyText('A ' + curKeyStatus + ' smartcard "' + curKeyID + '" is detected!');
+  }
+
+  var uid = null;
+  var isAgent = null;
+  UserSelectRowByKeyID(curKeyType, curKeyID);
+
+  if(curKeyStatus == "ENROLLED")
+  {
+    uid =  GetCoolKeyIssuedTo(curKeyType,curKeyID);
+    if(uid)
+    {
+        isAgent = window.IsAgentOrUser(uid,"agent");
+    }      
+    if(isAgent == true)
+    {
+        MyAlert("You can't Format a card that belongs to another Security Officer!");
+        updateKeyText('A ' + curKeyStatus + ' smartcard "' + curKeyID + '" SECURITY OFFICER is detected!');
+        toggleButton('enrollbtn','off');
+    }
+  }
+}
+
+function UserOnCOOLKeyRemoved(keyType, keyID)
+{
+  updateKeyText('Please insert a blank smartcard now!');
+}
+
+function UserOnCOOLKeyStatusUpdate(data)
+{
+  var progress = document.getElementById("progress");
+
+  if(progress)
+      progress.innerHTML = data + "%";
+}
+
+function toggleAjaxProgress(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.style.display = 'none';
+  } else {
+    e.style.display = 'block';
+  }
+}
+
+function toggleButton(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.disabled = true;
+  } else {
+    e.disabled = false;
+  }
+}
+// -->
+</script>
+</head>
+
+<body onload="InitializeBindingTable();" onunload="cleanup();">
+
+<progressmeter id="progress-id" hidden="true" align = "center"/> 
+
+<div id="pb" style="display:none;">
+  <table id="BindingTable" width="200px" align="center">
+     <tr id="HeaderRow">
+     </tr>
+  </table>
+</div>
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+<br/>
+<blockquote>This will erase the phone home URL and format the user token.</blockquote>
+<h3><span id="keytext">Please insert new smartcard now!</span></h3>
+    <br/>
+    <table width="100%">
+      <tr>
+<td>
+<div id="ajax-pb" style="display:none;">
+  <img src="/pki/esc/sow/images/indicator.gif">
+  <h2 id="progress" name="progress" value="0%" ></h2>
+</div>
+</td>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Format" onClick="toggleButton('enrollbtn','off');toggleButton('cancel', 'off');toggleAjaxProgress('ajax-pb','on');DoFormatCOOLKey();">
+          <input type="submit" id="cancel" name="cancel" value="Cancel" onClick="javascript:location.href='/cgi-bin/sow/search.cgi';">
+        </td>
+      </tr>
+    </table>
+  </div>
+</div>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/formatso.cgi b/base/tps/apache/cgi-bin/sow/formatso.cgi
index d53129139..d53129139 100755
--- a/base/tps/forms/esc/cgi-bin/sow/formatso.cgi
+++ b/base/tps/apache/cgi-bin/sow/formatso.cgi
diff --git a/base/tps/apache/cgi-bin/sow/formatso.html b/base/tps/apache/cgi-bin/sow/formatso.html
new file mode 100755
index 000000000..d09666c5a
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/formatso.html
@@ -0,0 +1,186 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Enrollment</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<script type="text/JavaScript" src="/esc/sow/util.js"></script>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+<script type="text/javascript">
+<!--
+function UserOnCOOLKeyStateError()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function UserOnCOOLKeyFormatComplete()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function updateKeyText(text)
+{
+  var f = document.getElementById('keytext');
+  new Effect.Shake(f);
+  var text = document.createTextNode(text);
+  var len= f.childNodes.length;  
+  for (i=0;i<len;i++){
+       f.removeChild(f.childNodes[0]);
+  }
+  f.appendChild(text);
+}
+
+function UserOnCOOLKeyStatusUpdate(data)
+{
+  var progress = document.getElementById("progress");
+
+  if(progress)
+      progress.innerHTML = data + "%";
+}
+
+function UserSelectRowByKeyID(keyType, keyID)
+{
+  DoCoolKeySetConfigValue("Operation-" + keyID, 
+           "https://$host:$secure_port/nk_service");
+  DoCoolKeySetConfigValue("TokenType-" + keyID, "userKey");
+  SelectRowByKeyID(keyType, keyID);
+}
+
+function UserOnDoneInitializeBindingTable()
+{
+  // display existing blank smart
+  var arr = GetAvailableCOOLKeys();
+  if (!arr || arr.length < 1)
+    return;
+  var i;
+  for (i=0; i < arr.length; i++)
+  {
+    var keyType = arr[i][0];
+    var keyID = arr[i][1];
+    UserOnCOOLKeyInserted(keyType,keyID);
+  }
+}
+
+function UserOnCOOLKeyInserted(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  if (keyStatus == "ENROLLED" || keyStatus == "UNINITIALIZED") {
+    updateKeyText('An ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+  } else {
+    updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+  }
+  UserSelectRowByKeyID(keyType, keyID);
+   var uid = null;
+  var isUser = false;
+
+  if(keyStatus == "ENROLLED")
+  {
+    uid =  GetCoolKeyIssuedTo(keyType,keyID);
+
+    if(uid)
+    {
+        isUser = IsAgentOrUser(uid,"user");
+    }
+    if(isUser == true)
+    {
+        MyAlert("You can't Format a User card here!  Try another card.");
+
+        updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" USER is detected!');
+        toggleButton('enrollbtn','off');
+    }
+  }
+}
+
+function UserOnCOOLKeyRemoved(keyType, keyID)
+{
+  updateKeyText('Please insert a blank smartcard now!');
+}
+
+function toggleAjaxProgress(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.style.display = 'none';
+  } else {
+    e.style.display = 'block';
+  }
+}
+
+function toggleButton(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.disabled = true;
+  } else {
+    e.disabled = false;
+  }
+}
+// -->
+</script>
+</head>
+
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+
+<div id="pb" style="display:none;">
+  <table id="BindingTable" width="200px" align="center">
+    <tr id="HeaderRow">
+    </tr>
+  </table>
+</div>
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+<br/>
+<blockquote>This will erase the phone home URL and format the SO token, so that you can start the demonstration all over again. <br/><br/>WARNING: You will not be able to access the security officer station after this operation.</blockquote>
+<h3><span id="keytext">Please insert new smartcard now!</span></h3>
+    <br/>
+    <table width="100%">
+      <tr>
+<td>
+<div id="ajax-pb" style="display:none;">
+  <img src="/pki/esc/sow/images/indicator.gif">
+  <h2 id="progress" name="progress" value="0%" ></h2>
+</div>
+</td>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Format" onClick="toggleButton('enrollbtn','off');toggleButton('cancel', 'off');toggleAjaxProgress('ajax-pb','on');DoFormatSoCOOLKey();">
+          <input type="submit" id="cancel" name="cancel" value="Cancel" onClick="javascript:location.href='/cgi-bin/sow/search.cgi';">
+        </td>
+      </tr>
+    </table>
+  </div>
+</div>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/index.cgi b/base/tps/apache/cgi-bin/sow/index.cgi
index 7f7a98869..7f7a98869 100755
--- a/base/tps/forms/esc/cgi-bin/sow/index.cgi
+++ b/base/tps/apache/cgi-bin/sow/index.cgi
diff --git a/base/tps/forms/esc/cgi-bin/sow/is_agent.cgi b/base/tps/apache/cgi-bin/sow/is_agent.cgi
index c6b6a87f7..c6b6a87f7 100755
--- a/base/tps/forms/esc/cgi-bin/sow/is_agent.cgi
+++ b/base/tps/apache/cgi-bin/sow/is_agent.cgi
diff --git a/base/tps/forms/esc/cgi-bin/sow/is_user.cgi b/base/tps/apache/cgi-bin/sow/is_user.cgi
index d7a551421..d7a551421 100755
--- a/base/tps/forms/esc/cgi-bin/sow/is_user.cgi
+++ b/base/tps/apache/cgi-bin/sow/is_user.cgi
diff --git a/base/tps/forms/esc/cgi-bin/sow/main.cgi b/base/tps/apache/cgi-bin/sow/main.cgi
index c6f65e42e..c6f65e42e 100755
--- a/base/tps/forms/esc/cgi-bin/sow/main.cgi
+++ b/base/tps/apache/cgi-bin/sow/main.cgi
diff --git a/base/tps/apache/cgi-bin/sow/main.html b/base/tps/apache/cgi-bin/sow/main.html
new file mode 100755
index 000000000..e7de688bc
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/main.html
@@ -0,0 +1,67 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Security Officer</title>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+     <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> | 
+    </div>
+  <blockquote><p>User Token Functions</p></blockquote>
+<ul style="font-size:1.2em;">
+    <a href="search.cgi">Enroll New Card</a> - enroll a new user smart card<br />
+    <a href="search_temp.cgi">Enroll Temporay Card</a> - enroll a temporary smart card<br />
+    <a href="format.cgi">Format Card</a> - format a user card<br />
+    <a href="seturl.cgi">Set Home URL</a> - set phone home URL to a user card<br />
+</ul>
+  <blockquote><p>Misc Functions</p></blockquote>
+<ul style="font-size:1.2em;">
+    <a href="formatso.cgi">Format SO Card</a> - format a SO card<br />
+</ul>
+
+    <br/>
+<font color="red">$error</font>
+    <br/>
+    <table width="100%">
+      <tr>
+        <td align="right">
+        </td>
+      </tr>
+    </table>
+</form>
+
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/noaccess.cgi b/base/tps/apache/cgi-bin/sow/noaccess.cgi
index 17166bcb6..17166bcb6 100755
--- a/base/tps/forms/esc/cgi-bin/sow/noaccess.cgi
+++ b/base/tps/apache/cgi-bin/sow/noaccess.cgi
diff --git a/base/tps/apache/cgi-bin/sow/noaccess.html b/base/tps/apache/cgi-bin/sow/noaccess.html
new file mode 100755
index 000000000..06e9fa2d8
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/noaccess.html
@@ -0,0 +1,63 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Security Officer</title>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+     <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    </div>
+  <blockquote><p>Sorry, you do not have permission to perform the requested operation.</p></blockquote>
+<form method=post action="http://$host:$port/cgi-bin/sow/welcome.cgi">
+    <table>
+      <tr>
+      </tr>
+
+      </table>
+
+    <br/>
+<font color="red">$error</font>
+    <br/>
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="submit" id="search" name="search" value="Start Over">
+        </td>
+      </tr>
+    </table>
+</form>
+
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/read.cgi b/base/tps/apache/cgi-bin/sow/read.cgi
index 8a5793c2b..8a5793c2b 100755
--- a/base/tps/forms/esc/cgi-bin/sow/read.cgi
+++ b/base/tps/apache/cgi-bin/sow/read.cgi
diff --git a/base/tps/apache/cgi-bin/sow/read.html b/base/tps/apache/cgi-bin/sow/read.html
new file mode 100755
index 000000000..1e660c84f
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/read.html
@@ -0,0 +1,78 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/css/style.css" type="text/css">
+
+<title>Security Officer</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+     <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+     </div>
+  <blockquote><p>Please check user's identification and verify the user information. If the information is correct, please insert a new smart card and continue.</p></blockquote>
+  <table>
+  <tr>
+    <td>
+<script type="text/javascript">
+ if ('$departmentNumber' != '') {
+   document.writeln('<img alt="" border=0 src="$photoSmall">');
+  }
+</script>
+    </td>
+    <td>
+       <span class="heading">UID:</span> $uid<br/>
+       <span class="heading">Given Name:</span> $givenName<br/>
+       <span class="heading">Last Name:</span> $sn<br/>
+       <span class="heading">Email:</span>$mail<br/>
+       <span class="heading">Height:</span> $height<br/>
+       <span class="heading">Weight:</span> $weight<br/>
+       <span class="heading">Eye Color:</span> $eyecolor<br/>
+    </td>
+    </table>
+    <br/>
+
+  <form method=post action="enroll.cgi">
+    <input type=hidden name=uid value="$uid">
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="submit" id="search" name="Enroll" value="Continue">
+        </td>
+      </tr>
+    </table>
+  </form>
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/read_temp.cgi b/base/tps/apache/cgi-bin/sow/read_temp.cgi
index 31c6fd7e3..31c6fd7e3 100755
--- a/base/tps/forms/esc/cgi-bin/sow/read_temp.cgi
+++ b/base/tps/apache/cgi-bin/sow/read_temp.cgi
diff --git a/base/tps/apache/cgi-bin/sow/read_temp.html b/base/tps/apache/cgi-bin/sow/read_temp.html
new file mode 100755
index 000000000..1e660c84f
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/read_temp.html
@@ -0,0 +1,78 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/css/style.css" type="text/css">
+
+<title>Security Officer</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+     <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+     </div>
+  <blockquote><p>Please check user's identification and verify the user information. If the information is correct, please insert a new smart card and continue.</p></blockquote>
+  <table>
+  <tr>
+    <td>
+<script type="text/javascript">
+ if ('$departmentNumber' != '') {
+   document.writeln('<img alt="" border=0 src="$photoSmall">');
+  }
+</script>
+    </td>
+    <td>
+       <span class="heading">UID:</span> $uid<br/>
+       <span class="heading">Given Name:</span> $givenName<br/>
+       <span class="heading">Last Name:</span> $sn<br/>
+       <span class="heading">Email:</span>$mail<br/>
+       <span class="heading">Height:</span> $height<br/>
+       <span class="heading">Weight:</span> $weight<br/>
+       <span class="heading">Eye Color:</span> $eyecolor<br/>
+    </td>
+    </table>
+    <br/>
+
+  <form method=post action="enroll.cgi">
+    <input type=hidden name=uid value="$uid">
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="submit" id="search" name="Enroll" value="Continue">
+        </td>
+      </tr>
+    </table>
+  </form>
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/search.cgi b/base/tps/apache/cgi-bin/sow/search.cgi
index e681ed100..e681ed100 100755
--- a/base/tps/forms/esc/cgi-bin/sow/search.cgi
+++ b/base/tps/apache/cgi-bin/sow/search.cgi
diff --git a/base/tps/apache/cgi-bin/sow/search.html b/base/tps/apache/cgi-bin/sow/search.html
new file mode 100755
index 000000000..789a4a015
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/search.html
@@ -0,0 +1,71 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Security Officer</title>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+  <blockquote><p>Please locate the user who is requesting a new smart card.</p></blockquote>
+<form method=post action="read.cgi">
+<div style="font-size:0.8em;">
+    <table>
+      <tr>
+        <td><h3>Name: </h3></td>
+        <td> </td>
+        <td><input type="text" id="name" name="name" value="" autocomplete="off"></td>
+        <input type="hidden" id="name_hidden" name="name_ID"><!-- THE ID OF the country will be inserted into this hidden input --></td>
+         <td> </td>
+      </tr>
+
+      </table>
+</div>
+
+    <br/>
+<font color="red">$error</font>
+    <br/>
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="submit" id="search" name="search" value="Continue">
+        </td>
+      </tr>
+    </table>
+</form>
+
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/search_temp.cgi b/base/tps/apache/cgi-bin/sow/search_temp.cgi
index 5d752a49d..5d752a49d 100755
--- a/base/tps/forms/esc/cgi-bin/sow/search_temp.cgi
+++ b/base/tps/apache/cgi-bin/sow/search_temp.cgi
diff --git a/base/tps/apache/cgi-bin/sow/search_temp.html b/base/tps/apache/cgi-bin/sow/search_temp.html
new file mode 100755
index 000000000..507f223ef
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/search_temp.html
@@ -0,0 +1,71 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Security Officer</title>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+  <blockquote><p>Please locate the user who is requesting a temporary smart card.</p></blockquote>
+<form method=post action="read_temp.cgi">
+<div style="font-size:0.8em;">
+    <table>
+      <tr>
+        <td><h3>Name: </h3></td>
+        <td> </td>
+        <td><input type="text" id="name" name="name" value="" autocomplete="off"></td>
+        <input type="hidden" id="name_hidden" name="name_ID"><!-- THE ID OF the country will be inserted into this hidden input --></td>
+         <td> </td>
+      </tr>
+
+      </table>
+</div>
+
+    <br/>
+<font color="red">$error</font>
+    <br/>
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="submit" id="search" name="search" value="Continue">
+        </td>
+      </tr>
+    </table>
+</form>
+
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/seturl.cgi b/base/tps/apache/cgi-bin/sow/seturl.cgi
index dfac46d8f..dfac46d8f 100755
--- a/base/tps/forms/esc/cgi-bin/sow/seturl.cgi
+++ b/base/tps/apache/cgi-bin/sow/seturl.cgi
diff --git a/base/tps/apache/cgi-bin/sow/seturl.html b/base/tps/apache/cgi-bin/sow/seturl.html
new file mode 100755
index 000000000..966ab7a1b
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/seturl.html
@@ -0,0 +1,174 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Enrollment</title>
+<script type="text/javascript" src="/esc/sow/js/prototype.js"></script>
+<script type="text/javascript" src="/esc/sow/js/scriptaculous.js?load=effects"></script>
+<script type="text/JavaScript" src="/esc/sow/util.js"></script>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+<script type="text/javascript">
+<!--
+function UserOnCOOLKeyStateError()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function UserOnCOOLKeyFormatComplete()
+{
+  toggleAjaxProgress('ajax-pb', 'off');
+  toggleButton('enrollbtn', 'on');
+  toggleButton('cancel', 'on');
+}
+
+function updateKeyText(text)
+{
+  var f = document.getElementById('keytext');
+  new Effect.Shake(f);
+  var text = document.createTextNode(text);
+  var len= f.childNodes.length;  
+  for (i=0;i<len;i++){
+       f.removeChild(f.childNodes[0]);
+  }
+  f.appendChild(text);
+}
+
+function UserSelectRowByKeyID(keyType, keyID)
+{
+  DoCoolKeySetConfigValue("Operation-" + keyID, 
+           "https://$host:$secure_port/nk_service");
+  DoCoolKeySetConfigValue("TokenType-" + keyID, "userKey");
+  SelectRowByKeyID(keyType, keyID);
+}
+
+function UserOnDoneInitializeBindingTable()
+{
+  // display existing blank smart
+  var arr = GetAvailableCOOLKeys();
+  if (!arr || arr.length < 1)
+    return;
+  var i;
+  for (i=0; i < arr.length; i++)
+  {
+    var keyType = arr[i][0];
+    var keyID = arr[i][1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+    if (keyStatus == "BLANK") {
+      updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    } else if (keyStatus == "UNINITIALIZED") {
+      updateKeyText('An ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+      UserSelectRowByKeyID(keyType, keyID);
+    }
+  }
+}
+
+function UserOnCOOLKeyStatusUpdate(data)
+{
+  var progress = document.getElementById("progress");
+
+  if(progress)
+      progress.innerHTML = data + "%";
+}
+
+function UserOnCOOLKeyInserted(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  if (keyStatus == "ENROLLED" || keyStatus == "UNINITIALIZED") {
+    updateKeyText('An ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+  } else {
+    updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
+  }
+  UserSelectRowByKeyID(keyType, keyID);
+}
+
+function UserOnCOOLKeyRemoved(keyType, keyID)
+{
+  updateKeyText('Please insert a blank smartcard now!');
+}
+
+function toggleAjaxProgress(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.style.display = 'none';
+  } else {
+    e.style.display = 'block';
+  }
+}
+
+function toggleButton(id, i)
+{
+  var e = document.getElementById(id);
+  if (i == 'off') {
+    e.disabled = true;
+  } else {
+    e.disabled = false;
+  }
+}
+// -->
+</script>
+</head>
+
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<progressmeter id="progress-id" hidden="true" align = "center"/>
+
+<div id="pb" style="display:none;">
+  <table id="BindingTable" width="200px" align="center">
+    <tr id="HeaderRow">
+    </tr>
+  </table>
+</div>
+<div id="header">
+  <div id="logo">
+     <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+    </div>
+<br/>
+<blockquote>This will burn a phone home URL on the user token.</blockquote>
+<h3><span id="keytext">Please insert new smartcard now!</span></h3>
+    <br/>
+    <table width="100%">
+      <tr>
+<td>
+<div id="ajax-pb" style="display:none;">
+  <img src="/pki/esc/sow/images/indicator.gif">
+  <h2 id="progress" name="progress" value="0%" ></h2>
+</div>
+</td>
+        <td align="right">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Format" onClick="toggleButton('enrollbtn','off');toggleButton('cancel', 'off');toggleAjaxProgress('ajax-pb','on');DoSetURLCOOLKey();">
+          <input type="submit" id="cancel" name="cancel" value="Cancel" onClick="javascript:location.href='/cgi-bin/sow/search.cgi';">
+        </td>
+      </tr>
+    </table>
+  </div>
+</div>
+</body></html>
diff --git a/base/tps/forms/esc/cgi-bin/sow/welcome.cgi b/base/tps/apache/cgi-bin/sow/welcome.cgi
index bc76dd3fa..bc76dd3fa 100755
--- a/base/tps/forms/esc/cgi-bin/sow/welcome.cgi
+++ b/base/tps/apache/cgi-bin/sow/welcome.cgi
diff --git a/base/tps/apache/cgi-bin/sow/welcome.html b/base/tps/apache/cgi-bin/sow/welcome.html
new file mode 100755
index 000000000..718dce94b
--- /dev/null
+++ b/base/tps/apache/cgi-bin/sow/welcome.html
@@ -0,0 +1,63 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css">
+
+<title>Security Officer</title>
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+<div id="header">
+  <div id="logo">
+      <h3>Security Officer Station</h3>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+    <div id="topmenu">
+    </div>
+  <blockquote><p>Welcome to the security officer interface, you will be asked to identify yourself with your token. Please click the continue button below.</p></blockquote>
+<form method=post action="https://$host:$secure_port/cgi-bin/sow/main.cgi">
+    <table>
+      <tr>
+      </tr>
+
+      </table>
+
+    <br/>
+<font color="red">$error</font>
+    <br/>
+    <table width="100%">
+      <tr>
+        <td align="right">
+          <input type="submit" id="search" name="search" value="Continue">
+        </td>
+      </tr>
+    </table>
+</form>
+
+  </div>
+</div>
+
+</body>
+</html>
diff --git a/base/tps/apache/docroot/404.html b/base/tps/apache/docroot/404.html
new file mode 100755
index 000000000..01a0832c9
--- /dev/null
+++ b/base/tps/apache/docroot/404.html
@@ -0,0 +1,146 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<script language=javascript>
+var url = document.URL;
+var protocol = location.protocol;
+var hostname = location.hostname;
+var port = location.port;
+</script>
+
+<head>
+<title>TPS 404 Error!</title>
+<!-- always expand ALL relative paths -->
+<script language=javascript>
+document.write('<link rel="shortcut icon" href="');
+document.write(protocol);
+document.write('//');
+document.write(hostname);
+document.write(':');
+document.write(port);
+document.write('/pki/images/favicon.ico');
+document.write('" />');
+document.write('<link rel="stylesheet" href="');
+document.write(protocol);
+document.write('//');
+document.write(hostname);
+document.write(':');
+document.write(port);
+document.write('/pki/css/pki-base.css');
+document.write('" type="text/css" />');
+document.write('<META http-equiv=Content-Type content="text/html; charset=UTF-8">');
+</script>
+</head>
+<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366">
+<div id="header">
+<!-- always expand ALL relative paths -->
+<script language=javascript>
+document.write('<a href="http://pki.fedoraproject.org/" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="');
+document.write(protocol);
+document.write('//');
+document.write(hostname);
+document.write(':');
+document.write(port);
+document.write('/pki/images/logo_header.gif');
+document.write('" alt="Dogtag" id="myLogo" /></a>');
+</script>
+    <div id="headertitle">
+    <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">&reg;</font></sup> Certificate System</a>
+    </div>
+    <div id="account">
+          <dl><dt><span></span></dt><dd></dd></dl>
+    </div>
+</div>
+
+<div id="mainNavOuter">
+<div id="mainNav">
+<div id="mainNavInner">
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+                                                                                
+                                                                                
+<div id="bar">
+                                                                                
+<div id="systembar">
+<div id="systembarinner">
+                                                                                
+<div>
+  -
+</div>
+                                                                                
+                                                                                
+</div>
+</div>
+                                                                                
+</div>
+<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif">
+Certificate System TPS Error Page 
+</font><br>
+<p> 
+</font>
+<p>
+<script language=javascript>
+document.write('<center>');
+document.write('<table border="1" cellspacing="0" cellpadding="0">');
+document.write('<tr valign="TOP">');
+document.write('<td bgcolor="grey" align="center"><b><font color="BLACK">HTTP STATUS</font></b></td>');
+document.write('<td bgcolor="grey" align="center"><b><font color="BLACK">DESCRIPTION</font></b></td>');
+document.write('</tr>');
+document.write('<tr valign="TOP">');
+document.write('<td align="center"><b><font size="+3" color="red">');
+document.write('404');
+document.write('</font></b></td>');
+document.write('<td><b><font size="+1" color="RED">');
+document.write('The requested resource could not be found but may be available again in the future.');
+document.write('</font></b><br><b><font size="+1" color="RED">');
+document.write('Please check the validity of the URL listed below:');
+document.write('</font></b><br><br>');
+document.write('<center><b><font size="+1"><a href="');
+document.write(url);
+document.write('">');
+document.write(url);
+document.write('</a>');
+document.write('</font></b></center><br></td>');
+document.write('</tr>');
+document.write('</table>');
+document.write('</center>');
+</script>
+<div id="footer">
+</div>
+<!--
+To prevent Internet Explorer from overriding the display of this custom error
+page by displaying it's own "Friendly HTTP Error Message", always include the
+following 'padding' to ensure that the text size exceeds 512 bytes:
+
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+-->
+</body>
+</html>
+
diff --git a/base/tps/apache/docroot/500.html b/base/tps/apache/docroot/500.html
new file mode 100755
index 000000000..94ff29712
--- /dev/null
+++ b/base/tps/apache/docroot/500.html
@@ -0,0 +1,139 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<script language=javascript>
+var url = document.URL;
+var protocol = location.protocol;
+var hostname = location.hostname;
+var port = location.port;
+</script>
+
+<head>
+<title>TPS 500 Error!</title>
+<!-- always expand ALL relative paths -->
+<script language=javascript>
+document.write('<link rel="shortcut icon" href="');
+document.write(protocol);
+document.write('//');
+document.write(hostname);
+document.write(':');
+document.write(port);
+document.write('/pki/images/favicon.ico');
+document.write('" />');
+document.write('<link rel="stylesheet" href="');
+document.write(protocol);
+document.write('//');
+document.write(hostname);
+document.write(':');
+document.write(port);
+document.write('/pki/css/pki-base.css');
+document.write('" type="text/css" />');
+document.write('<META http-equiv=Content-Type content="text/html; charset=UTF-8">');
+</script>
+</head>
+<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366">
+<div id="header">
+<!-- always expand ALL relative paths -->
+<script language=javascript>
+document.write('<a href="http://pki.fedoraproject.org/" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="');
+document.write(protocol);
+document.write('//');
+document.write(hostname);
+document.write(':');
+document.write(port);
+document.write('/pki/images/logo_header.gif');
+document.write('" alt="Dogtag" id="myLogo" /></a>');
+</script>
+    <div id="headertitle">
+    <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">&reg;</font></sup> Certificate System</a>
+    </div>
+    <div id="account">
+          <dl><dt><span></span></dt><dd></dd></dl>
+    </div>
+</div>
+
+<div id="mainNavOuter">
+<div id="mainNav">
+<div id="mainNavInner">
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+                                                                                
+                                                                                
+<div id="bar">
+                                                                                
+<div id="systembar">
+<div id="systembarinner">
+                                                                                
+<div>
+  -
+</div>
+                                                                                
+                                                                                
+</div>
+</div>
+                                                                                
+</div>
+<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif">
+Certificate System TPS Error Page 
+</font><br>
+<p> 
+</font>
+<p>
+<script language=javascript>
+document.write('<center>');
+document.write('<table border="1" cellspacing="0" cellpadding="0">');
+document.write('<tr valign="TOP">');
+document.write('<td bgcolor="grey" align="center"><b><font color="BLACK">HTTP STATUS</font></b></td>');
+document.write('<td bgcolor="grey" align="center"><b><font color="BLACK">DESCRIPTION</font></b></td>');
+document.write('</tr>');
+document.write('<tr valign="TOP">');
+document.write('<td align="center"><b><font size="+3" color="red">');
+document.write('500');
+document.write('</font></b></td>');
+document.write('<td><b><font size="+1" color="RED">');
+document.write('The server encountered an unexpected condition which prevented it from fulfilling the request.<br>');
+document.write('Please consult your local administrator for further assistance. The Certificate System logs may provide further information.');
+document.write('</font></b><br></td>');
+document.write('</tr>');
+document.write('</table>');
+document.write('</center>');
+</script>
+<div id="footer">
+</div>
+<!--
+To prevent Internet Explorer from overriding the display of this custom error
+page by displaying it's own "Friendly HTTP Error Message", always include the
+following 'padding' to ensure that the text size exceeds 512 bytes:
+
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+[IE padding][IE padding][IE padding][IE padding][IE padding][IE padding]
+-->
+</body>
+</html>
+
diff --git a/base/tps/apache/docroot/esc/AdminEsc.html b/base/tps/apache/docroot/esc/AdminEsc.html
new file mode 100755
index 000000000..3fd72c4c8
--- /dev/null
+++ b/base/tps/apache/docroot/esc/AdminEsc.html
@@ -0,0 +1,57 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<head>
+<title>Enterprise Security Administration Page</title>
+
+<link rel=stylesheet href="/style.css" type="text/css">
+
+</head>
+<body>
+
+<table width="100%">
+  <tr>
+    <td>
+<img src="/pki/esc/images/logo.gif">     </td>
+    <td>
+      <p class="headerText"><a href="esc.cgi?screenname=">Enterprise Security Client</a></p>
+    </td>
+  <tr>
+</table>
+
+<br>
+<br>
+<table width=100%>
+<tr>
+  <td class="bodyText">
+Welcome to the Enterprise Security Administration Page.
+</p>
+<p>Below are some useful links that take you directly to some of 
+<br>the useful pages provided by the Enterprise Security program.
+</p>
+  </td>
+ </tr>
+</table>
+<br>
+<li><a class=linkText href="esc.cgi?action=enrollmentpage&screenname=">Key Enrollment Page</a></li>
+<li><a class=linkText href="esc.cgi?action=advancepage&screenname=">Advanced Function Page</a></li>
+<li><a class=linkText href="esc.cgi?action=tokenmanagerpage&screenname=">Token Manager Page</a></li>
+<li><a class=linkText href="esc.cgi?action=settingspage&screenname=">Settings Page</a></li>
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/AdvancePopup.html b/base/tps/apache/docroot/esc/AdvancePopup.html
new file mode 100755
index 000000000..c91889044
--- /dev/null
+++ b/base/tps/apache/docroot/esc/AdvancePopup.html
@@ -0,0 +1,1713 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+
+<head>
+<link rel=stylesheet href="/style.css" type="text/css">
+
+<script language="JavaScript">
+
+//
+// initialize netkey globals
+var netkey;
+var isMSHTML;
+
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+//
+// Determine if we are running MSHTML or GECKO
+//
+if (navigator.userAgent.indexOf("MSIE") != -1) {
+  isMSHTML = true;
+} else {
+  isMSHTML = false;
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          alert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+if (!isMSHTML) {
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+  }
+} else {
+  // MSHTML only initialization
+  netkey = external;
+}
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+  if (!isMSHTML) {
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+    }
+  }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "userKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+
+"Operation Completed Successfully.",
+    "Server Error.",
+    "Problem communicating with the token.",
+    "Problem communicating with the token.",
+    "Problem resetting token's pin.",
+    "Internal Server Error.",
+    "Internal Server Error",
+    "Token Enrollment Error.",
+    "Problem communicating with the token.",
+    "Internal Server Error",
+    "Error communicating with the Certificate Authority, try again later.",
+    "Internal Server Error.",
+    "Error resetting the token's pin.",
+    "Internal Server Error.",
+    "Authentication Failure, Try Again.",
+    "Internal Server Error",
+    "Token is disabled, contact technical support.",
+    "Problem communicating with the token.",
+    "Internal Server Error.",
+    "Cannot upgrade token software.",
+    "Internal Server Error.",
+    "Problem communicating with the token.",
+    "Invalid token type.",
+    "Invalid token type",
+    "Cannot publish.",
+    "Cannot communicate with token database, try again later.",
+    "Token is disabled, contact techincal support.",
+    "Cannot reset pin value for the token, contact technical support.",
+    "Connection to server lost.",
+    "Cannot create entry for token in database, contact technical support.",
+    "No such token state, contact technical support.",
+    "Invalid lost token reason, contact technical support.",
+    "Token unusable due to compromise,contact technical support.",
+    "No such inactive token, contact technical support.",
+    "Cannot process more than one active token.",
+    "Internal Server Error,contact technical support.",
+    "Key Recovery has been processed.",
+    "Key Recovery failed, contact technical support.",
+    "Cannot operate on token reported lost, contact technical support.",
+    "Key archival error, contact technical support.",
+    "Problem connecting to the TKS, contact technical support.",
+    "Failed to update token database, contact technical support.",
+    "Internal certificate revocation error,contact technical support.",
+    "User does not own this token, contact technical support."
+);
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                if(!isMSHTML)
+                {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                }
+
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                alert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+  if(!isMSHTML)
+    {
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                alert("Error Setting data values: " + e);
+            }
+        }
+    }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+  if(!isMSHTML)
+  {
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              alert("Error Setting data values: " + e);
+          }
+
+      }
+
+  }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  alert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetCoolKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetCoolKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    } else {
+      keyArr = ConvertVariantArrayToJScriptArray(netkey.GetAvailableCoolKeys());
+
+      var i;
+      for (i=0; i < keyArr.length; i++)
+        keyArr[i] = ConvertVariantArrayToJScriptArray(keyArr[i]);
+    }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function ChallengeCOOLKey(keyType, keyID, data)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return ConvertVariantArrayToJScriptArray(netkey.ChallengeCoolKey(keyType, keyID, data));
+  } catch(e) {
+    ReportException("netkey.ChallengeCoolKey() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollCoolKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.ResetCoolKeyPIN(keyType, keyID, screenname, pin,screennamepwd);
+  } catch(e) {
+    ReportException("netkey.ResetCoolKeyPIN() failed! Make sure token is properly Enrolled.", e);
+    return false;
+  }
+  return true;
+}
+function FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.FormatCoolKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelCoolKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function BlinkCOOLKey(keyType, keyID, rate, duration)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.BlinkCoolKey(keyType, keyID, rate, duration);
+  } catch(e) {
+    ReportException("netkey.BlinkCoolKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function RequestServiceTicket(screenName, serviceName)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.RequestServiceTicket(screenName, serviceName);
+  } catch(e) {
+    ReportException("netkey..RequestServiceTicket() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+  if (isMSHTML) {
+    row.removeNode(row);
+  } else {
+    table.deleteRow(row.rowIndex);
+  }
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.cells(index);
+  } else {
+    cell = row.cells[index];
+  }
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+  if (isMSHTML) {
+    node = parent.childNodes(index);
+  } else {
+    node = parent.childNodes[index];
+  }
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = table.insertRow();
+  } else {
+    row = table.insertRow(table.rows.length);
+  }
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.insertCell();
+  } else {
+    cell = row.insertCell(row.cells.length);
+  }
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+ // cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+  //cell.appendChild(document.createTextNode(reqAuth));
+
+  //cell = GetCell(row,3);
+  //RemoveAllChildNodes(cell);
+  //cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function GetKeyStatusForKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return "UNKNOWN";
+
+  var cell = GetCell(row,1);
+  return GetNode(cell,0).data;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+ // document.getElementById("snametf").value = gScreenName;
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gKeyEnrollmentType == "deviceKey")
+  {
+  //  document.getElementById("snametf").disabled = true;
+  //  document.getElementById("pintf").disabled = true;
+   // document.getElementById("reenterpintf").disabled = true;
+  //  document.getElementById("snamepwd").disabled = true;
+  }
+  else
+  {
+ //   document.getElementById("snametf").disabled = false;
+  //  document.getElementById("pintf").disabled = false;
+  //  document.getElementById("reenterpintf").disabled = false;
+  //  document.getElementById("snamepwd").disabled = false;
+  }
+
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetKeyStatusForKeyID(keyType, keyID);
+
+    var validKey = (keyStatus == "NETKEY" || keyStatus == "HOUSEKEY");
+  //  document.getElementById("challengebtn").disabled = !validKey;
+    document.getElementById("blinkbtn").disabled = false;
+    //document.getElementById("enrollbtn").disabled = false;
+ //   document.getElementById("formatbtn").disabled = false;
+//    document.getElementById("resetpinbtn").disabled = !((keyStatus == "NETKEY") && (gKeyEnrollmentType == "userKey"));
+document.getElementById("resetpinbtn").disabled = !((gKeyEnrollmentType == "userKey"));
+  }
+  else
+  {
+    //document.getElementById("enrollbtn").disabled = true;
+    document.getElementById("resetpinbtn").disabled = true;
+  //  document.getElementById("formatbtn").disabled = true;
+   // document.getElementById("challengebtn").disabled = true;
+    document.getElementById("blinkbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = FindRow(window.event.srcElement);
+  } else {
+    row = FindRow(event.parentNode);
+  }
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+
+ 
+  if (isMSHTML) {
+     row.onclick = DoSelectRow;
+  }
+
+  // Create the key ID cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  // Create the is auth'ed cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(isAuthed));
+
+  // Create the status bar cell
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ASC native code.
+//
+// ASC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//     netkey.ChallengeCOOLKey(keyType, keyID, data)
+//
+//       - Signs some data with the specified key, and returns the results
+//         in an AcviteX Variant SafeArray. Before accessing any data in
+//         this array, you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray(). The elements in the
+//         array are as follows:
+//
+//             array[0] --> Length of the signed challenge data in binary form.
+//             array[1] --> The signed challenge data as hex.
+//             array[0] --> Length of the nonce data in binary form.
+//             array[0] --> The nonce data as hex.
+//
+//     netkey.BlinkCOOLKey(keyType, keyID, rate, duration)
+//
+//       - Make a specific key blink at a given rate for a given duration.
+//         rate and duration are specified in milliseconds.
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    alert("You must provide a valid screen name!");
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    alert("You must provide a valid PIN!");
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    alert("The PIN values you entered don't match!");
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       alert("You must provide a valid User Password!");
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+  {
+    alert("Please select a key.");
+    return;
+  }
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = GetPINValue();
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname =  null; //GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd = null; // GetScreenNamePwd();
+
+
+    tokencode = GetTokenCode();
+
+    SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+  else
+    SetStatusMessage("Enrolling DeviceKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate())
+     return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = GetPINValue() ;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+  else
+  {
+
+      alert("Your key must be enrolled before attempting a Pin Reset.");
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+
+  if(!Validate())
+     return;
+
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+function DoCancelOperation()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    alert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  alert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  alert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("Enrollment for \"" + KeyToUIString(keyType, keyID) + "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("PIN Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Server Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key (" + keyIDStr + ") failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key (" + keyIDStr + ") failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key (" + keyIDStr + ") failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key (" + keyIDStr + ") canceled.";
+
+  alert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var pin = null;
+
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+</script>
+
+</head>
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<table width="100%">
+  <tr>
+    <td>
+<img src="/pki/esc/images/logo.gif">     </td>
+    <td>
+      <p class="headerText"><a href="esc.cgi?screenname=">Enterprise Security Client</a></p>
+    </td>
+  <tr>
+</table>
+
+  <br>
+  <table id="BindingTable" width="100%"><tbody>
+    <tr id="HeaderRow">
+      <th><p class="titleText">Key ID</p></th>
+      <th><p class="titleText">Key Status</p></th>
+<!--    <th><p class="titleText">Requires Auth</p></th>
+      <th><p class="titleText">Did Auth</p></th>
+-->
+      <th width="100"><p class="titleText">Progress</p></th>
+    </tr>
+  </tbody></table>
+  <form action="esc.cgi">
+    <input type="hidden" id="action" name="action" value="bind"> 
+    <input type="hidden" id="screenname" name="screenname" value="">
+    <input type="hidden" id="challengedata" name="challengedata" value="QVNDIHJvY2tzIHRoZSBwYXJ0eSE="> 
+    <input type="hidden" id="signedchallenge" name="signedchallenge" value="">
+    <input type="hidden" id="signedchallengelength" name="signedchallengelength" value=""> 
+    <input type="hidden" id="nonce" name="nonce" value="">
+    <input type="hidden" id="noncelength" name="noncelength" value=""> 
+    <input type="hidden" id="keytype" name="keytype" value="">
+    <input type="hidden" id="keyid" name="keyid" value="">
+    <input type="hidden" id="keylabel" name="keylabel" value=""> 
+    <table width=100%>
+      <tr> 
+        <td class="bodyText"> 
+          Select enrollment type: <input checked type="radio" id="keytype" name="keytype" value="userKey" onClick="SetEnrollmentType('userKey');">UserKey
+        </td> 
+      </tr> 
+    </table>
+    <table>
+      <tr> 
+        <td><p class="bodyText">Token PIN:</p></td>
+        <td><input type="password" id="pintf" id="pintf" name="pintf" value=""></td>
+        <td><p class="bodyText">Re-Enter PIN:</p></td>
+        <td><input type="password" id="reenterpintf" id="reenterpintf" name="reenterpintf" value=""></td>
+      </tr>
+    </table>
+    <br>
+    <table width="100%">
+      <tr>
+        <td valign="center" align="left">
+          <input type="button" id="resetpinbtn" name="resetpinbtn" value="Reset PIN" onClick="DoResetSelectedCOOLKeyPIN();">
+        <!--  <input type="button" id="formatbtn" name="formatbtn" value="Format" onClick="DoFormatCOOLKey();"> -->
+      <!--    <input type="button" id="challengebtn" name="challengebtn" value="Challenge" onClick="DoChallengeSelectedKey();"> --> 
+          <input type="button" id="blinkbtn" name="blinkbtn" value="Blink" onClick="DoBlinkCOOLKey();"> 
+          <input type="button" id="canclebtn" name="canclebtn" value="Cancel" onClick="DoCancelOperation();">
+
+        <!--  <input type="button" id="helpbtn" name="helpbtn" value="Help" onClick="DoHelp();"> -->
+        </td>
+      </tr>
+    </table>
+    <table width="100%">
+      <tr>
+      <!--  <td valign="center" align="right">
+          <h5><a href="esc.cgi?">Enterprise Security  Admin Page</a></h5>
+        </td> -->
+      </tr>
+    </table>
+  </form>
+  <table width="100%">
+    <tr>
+      <td valign="center" align="left" style="width: 200px;">
+        <div id="cylon1" class="cylon" style="width: 200px; height: 10px;">
+          <div id="eye1" class="cylonEye" style="top: 0px; left: 0px; width: 28px; height: 8px; visibility: hidden;"></div>
+        </div>
+      </td>
+      <td valign="center" align="left" id="statusMsg"></td>
+    </tr>
+  </table>
+</body></html>
diff --git a/base/tps/apache/docroot/esc/EnrollPopup.html b/base/tps/apache/docroot/esc/EnrollPopup.html
new file mode 100755
index 000000000..ead7db355
--- /dev/null
+++ b/base/tps/apache/docroot/esc/EnrollPopup.html
@@ -0,0 +1,1717 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+
+<head>
+<link rel=stylesheet href="/style.css" type="text/css">
+
+<script language="JavaScript">
+
+//
+// initialize netkey globals
+var netkey;
+var isMSHTML;
+
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+//
+// Determine if we are running MSHTML or GECKO
+//
+if (navigator.userAgent.indexOf("MSIE") != -1) {
+  isMSHTML = true;
+} else {
+  isMSHTML = false;
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          alert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+if (!isMSHTML) {
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+  }
+} else {
+  // MSHTML only initialization
+  netkey = external;
+}
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+  if (!isMSHTML) {
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+    }
+  }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "userKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+      
+"Operation Completed Successfully.",
+    "Server Error.",
+    "Problem communicating with the token.",
+    "Problem communicating with the token.",
+    "Problem resetting token's pin.",
+    "Internal Server Error.",
+    "Internal Server Error",
+    "Token Enrollment Error.",
+    "Problem communicating with the token.",
+    "Internal Server Error",
+    "Error communicating with the Certificate Authority, try again later.",
+    "Internal Server Error.",
+    "Error resetting the token's pin.",
+    "Internal Server Error.",
+    "Authentication Failure, Try Again.",
+    "Internal Server Error",
+    "Token is disabled, contact technical support.",
+    "Problem communicating with the token.",
+    "Internal Server Error.",
+    "Cannot upgrade token software.",
+    "Internal Server Error.",
+    "Problem communicating with the token.",
+    "Invalid token type.",
+    "Invalid token type",
+    "Cannot publish.",
+    "Cannot communicate with token database, try again later.",
+    "Token is disabled, contact techincal support.",
+    "Cannot reset pin value for the token, contact technical support.",
+    "Connection to server lost.",
+    "Cannot create entry for token in database, contact technical support.",
+    "No such token state, contact technical support.",
+    "Invalid lost token reason, contact technical support.",
+    "Token unusable due to compromise,contact technical support.",
+    "No such inactive token, contact technical support.",
+    "Cannot process more than one active token.",
+    "Internal Server Error,contact technical support.",
+    "Key Recovery has been processed.",
+    "Key Recovery failed, contact technical support.",
+    "Cannot operate on token reported lost, contact technical support.",
+    "Key archival error, contact technical support.",
+    "Problem connecting to the TKS, contact technical support.",
+    "Failed to update token database, contact technical support.",
+    "Internal certificate revocation error,contact technical support.",
+    "User does not own this token, contact technical support." 
+);    
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                if(!isMSHTML)
+                {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                }
+
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                alert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+  if(!isMSHTML)
+    {
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                alert("Error Setting data values: " + e);
+            }
+        }
+    }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+  if(!isMSHTML)
+  {
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              alert("Error Setting data values: " + e);
+          }
+
+      }
+
+  }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  alert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetCOOLKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetCOOLKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    } else {
+      keyArr = ConvertVariantArrayToJScriptArray(netkey.GetAvailableCoolKeys());
+
+      var i;
+      for (i=0; i < keyArr.length; i++)
+        keyArr[i] = ConvertVariantArrayToJScriptArray(keyArr[i]);
+    }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function ChallengeCOOLKey(keyType, keyID, data)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return ConvertVariantArrayToJScriptArray(netkey.ChallengeCoolKey(keyType, keyID, data));
+  } catch(e) {
+    ReportException("netkey.ChallengeCoolKey() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollCoolKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.ResetCoolKeyPIN(keyType, keyID, screenname, pin,screennamepwd);
+  } catch(e) {
+    ReportException("netkey.ResetCoolKeyPIN() failed! Make sure token is properly Enrolled.", e);
+    return false;
+  }
+  return true;
+}
+function FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.FormatCoolKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelCoolKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function BlinkCOOLKey(keyType, keyID, rate, duration)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.BlinkCoolKey(keyType, keyID, rate, duration);
+  } catch(e) {
+    ReportException("netkey.BlinkCoolKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function RequestServiceTicket(screenName, serviceName)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.RequestServiceTicket(screenName, serviceName);
+  } catch(e) {
+    ReportException("netkey..RequestServiceTicket() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+  if (isMSHTML) {
+    row.removeNode(row);
+  } else {
+    table.deleteRow(row.rowIndex);
+  }
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.cells(index);
+  } else {
+    cell = row.cells[index];
+  }
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+  if (isMSHTML) {
+    node = parent.childNodes(index);
+  } else {
+    node = parent.childNodes[index];
+  }
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = table.insertRow();
+  } else {
+    row = table.insertRow(table.rows.length);
+  }
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.insertCell();
+  } else {
+    cell = row.insertCell(row.cells.length);
+  }
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+//  cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+ // cell = GetCell(row,3);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function GetKeyStatusForKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return "UNKNOWN";
+
+  var cell = GetCell(row,1);
+  return GetNode(cell,0).data;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+ // document.getElementById("snametf").value = gScreenName;
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gKeyEnrollmentType == "deviceKey")
+  {
+  //  document.getElementById("snametf").disabled = true;
+  //  document.getElementById("pintf").disabled = true;
+   // document.getElementById("reenterpintf").disabled = true;
+  //  document.getElementById("snamepwd").disabled = true;
+  }
+  else
+  {
+ //   document.getElementById("snametf").disabled = false;
+  //  document.getElementById("pintf").disabled = false;
+  //  document.getElementById("reenterpintf").disabled = false;
+  //  document.getElementById("snamepwd").disabled = false;
+  }
+
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetKeyStatusForKeyID(keyType, keyID);
+
+    var validKey = (keyStatus == "NETKEY" || keyStatus == "HOUSEKEY");
+  //  document.getElementById("challengebtn").disabled = !validKey;
+   // document.getElementById("blinkbtn").disabled = false;
+    document.getElementById("enrollbtn").disabled = false;
+    //document.getElementById("formatbtn").disabled = false;
+//    document.getElementById("resetpinbtn").disabled = !((keyStatus == "NETKEY") && (gKeyEnrollmentType == "userKey"));
+//document.getElementById("resetpinbtn").disabled = !((gKeyEnrollmentType == "userKey"));
+  }
+  else
+  {
+    document.getElementById("enrollbtn").disabled = true;
+    //document.getElementById("resetpinbtn").disabled = true;
+    //document.getElementById("formatbtn").disabled = true;
+   // document.getElementById("challengebtn").disabled = true;
+    //document.getElementById("blinkbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = FindRow(window.event.srcElement);
+  } else {
+    row = FindRow(event.parentNode);
+  }
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+
+ 
+  if (isMSHTML) {
+     row.onclick = DoSelectRow;
+  }
+
+  // Create the key ID cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  // Create the is auth'ed cell.
+ // cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(isAuthed));
+
+  // Create the status bar cell
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ASC native code.
+//
+// ASC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//     netkey.ChallengeCOOLKey(keyType, keyID, data)
+//
+//       - Signs some data with the specified key, and returns the results
+//         in an AcviteX Variant SafeArray. Before accessing any data in
+//         this array, you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray(). The elements in the
+//         array are as follows:
+//
+//             array[0] --> Length of the signed challenge data in binary form.
+//             array[1] --> The signed challenge data as hex.
+//             array[0] --> Length of the nonce data in binary form.
+//             array[0] --> The nonce data as hex.
+//
+//     netkey.BlinkCOOLKey(keyType, keyID, rate, duration)
+//
+//       - Make a specific key blink at a given rate for a given duration.
+//         rate and duration are specified in milliseconds.
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    alert("You must provide a valid screen name!");
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    alert("You must provide a valid Token PIN!");
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    alert("The PIN values you entered don't match!");
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       alert("You must provide a valid User Password!");
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollCOOLKey()
+{
+
+  if (!gCurrentSelectedRow)
+  {
+    alert("Please select a key.");
+    return;
+  }
+
+ if(!Validate())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname =  null; //GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd = null; // GetScreenNamePwd();
+
+
+    tokencode = GetTokenCode();
+
+    SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+  else
+    SetStatusMessage("Enrolling DeviceKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate())
+     return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = null;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+
+  if(!Validate())
+     return;
+
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+function DoCancelOperation()
+{
+
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    alert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  alert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  alert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("Enrollment for \"" + KeyToUIString(keyType, keyID) + "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("PIN Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Server Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key (" + keyIDStr + ") failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key (" + keyIDStr + ") failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key (" + keyIDStr + ") failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key (" + keyIDStr + ") canceled.";
+
+  alert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+//    screenname = GetScreenNameValue();
+//    if (! screenname)
+ //     return 0;
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+//    screennamepwd = GetScreenNamePwd();
+
+//    if(! screennamepwd)
+ //       return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+</script>
+
+</head>
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+<table width="100%">
+  <tr>
+    <td>
+<img src="/pki/esc/images/logo.gif">
+    </td>
+    <td>
+      <p class="headerText"><a href="esc.cgi?screenname=">Enterprise Security Client</a></p>
+    </td>
+  <tr>
+</table>
+  <br>
+  <table id="BindingTable" width="100%"><tbody>
+    <tr id="HeaderRow">
+      <th><p class="titleText">Key ID</p></th>
+      <th><p class="titleText">Key Status</p></th>
+<!--      <th><p class="titleText">Requires Auth</p></th>
+      <th><p class="titleText">Did Auth</p></th>
+-->
+      <th width="100"><p class="titleText">Progress</p></th>
+    </tr>
+  </tbody></table>
+  <form action="esc.cgi">
+    <input type="hidden" id="action" name="action" value="bind"> 
+    <input type="hidden" id="screenname" name="screenname" value="">
+    <input type="hidden" id="challengedata" name="challengedata" value="QVNDIHJvY2tzIHRoZSBwYXJ0eSE="> 
+    <input type="hidden" id="signedchallenge" name="signedchallenge" value="">
+    <input type="hidden" id="signedchallengelength" name="signedchallengelength" value=""> 
+    <input type="hidden" id="nonce" name="nonce" value="">
+    <input type="hidden" id="noncelength" name="noncelength" value=""> 
+    <input type="hidden" id="keytype" name="keytype" value="">
+    <input type="hidden" id="keyid" name="keyid" value="">
+    <input type="hidden" id="keylabel" name="keylabel" value=""> 
+    <table width=100%>
+      <tr> 
+        <td class="bodyText"> 
+          Select enrollment type: <input checked type="radio" id="keytype" name="keytype" value="userKey" onClick="SetEnrollmentType('userKey');">UserKey
+        </td> 
+      </tr> 
+    </table>
+    <table>
+      <tr> 
+        <td><p class="bodyText">Token PIN:</p></td>
+        <td><input type="password" id="pintf" id="pintf" name="pintf" value=""></td>
+        <td><p class="bodyText">Re-Enter PIN:</p></td>
+        <td><input type="password" id="reenterpintf" id="reenterpintf" name="reenterpintf" value=""></td>
+      </tr>
+    </table>
+    <br>
+    <table width="100%">
+      <tr>
+        <td valign="center" align="left">
+          <input type="button" id="enrollbtn" name="enrollbtn" value="Enroll" onClick="DoEnrollCOOLKey();">
+          <input type="button" id="canclebtn" name="canclebtn" value="Cancel" onClick="DoCancelOperation();">
+        </td>
+      </tr>
+    </table>
+    <table width="100%">
+      <tr>
+      <!--  <td valign="center" align="right">
+          <h5><a href="esc.cgi?">Enterprise Security  Admin Page</a></h5>
+        </td> -->
+      </tr>
+    </table>
+  </form>
+  <table width="100%">
+    <tr>
+      <td valign="center" align="left" style="width: 200px;">
+        <div id="cylon1" class="cylon" style="width: 200px; height: 10px;">
+          <div id="eye1" class="cylonEye" style="top: 0px; left: 0px; width: 28px; height: 8px; visibility: hidden;"></div>
+        </div>
+      </td>
+      <td valign="center" align="left" id="statusMsg"></td>
+    </tr>
+  </table>
+</body></html>
diff --git a/base/tps/apache/docroot/esc/GenericAuth.html b/base/tps/apache/docroot/esc/GenericAuth.html
new file mode 100755
index 000000000..dc8b88e3f
--- /dev/null
+++ b/base/tps/apache/docroot/esc/GenericAuth.html
@@ -0,0 +1,536 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<style>
+
+body {
+background: #ffffff url(/pki/esc/images/bg.jpg) repeat-x;
+        font-family: arial;
+        font-size: 7pt;
+
+}
+
+h1
+{
+   text-align: left;
+
+   font-weight: bold;
+
+   font-size: 13pt;
+
+
+}
+
+
+h2 {
+
+    text-align: left;
+    font-size: 10pt; 
+
+    font-weight: lighter;
+}
+
+</style>
+<script language = "Javascript">
+
+var test_ui = "id=USER_ID&name=User ID&desc=User ID&type=string&option=option1,option2,option3&&id=USER_PWD&name=User Password&desc=User Password&type=password&option=&&id=USER_PIN&name=PIN&desc=One time PIN received via mail&type=password&option=";
+
+var theForm = null;
+var curKeyID = null;
+var curKeyType = 0; 
+
+
+var gTitle = null;
+var gDescription = null;
+
+
+
+function ConfirmPassword(password_element)
+{
+
+  if(!password_element)
+      return 0;
+
+  password_id = password_element.id;
+
+  if(!password_id)
+     return 0;
+
+  confirm_id = "RE_" + password_element.id;
+
+  var size = theForm.length;
+
+  if(theForm)
+  {
+      for(i = 0; i < size ; i++)
+      {
+         var cur_element = theForm.elements[i];
+  
+         if(cur_element.id == confirm_id)
+         {
+             if(cur_element.value != password_element.value)
+             {
+                 alert("Value " + password_element.name + " must match " + cur_element.name);
+                 return 0;
+
+             }
+             else
+             {
+                 return 1;
+             } 
+
+         } 
+
+      }
+
+  }
+
+  return 1;
+}
+
+function Validate()
+{
+    if(theForm)
+    {
+         var size = theForm.length;
+ 
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             if(element.type == "text" )
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0; 
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0;
+                 }
+
+                 if(!ConfirmPassword(element))
+                 {
+                     return 0;
+                 }
+
+             } 
+         } 
+   
+    }
+
+    return 1;
+}
+
+function FormSubmit()
+{
+    var result = Validate();
+
+    var thisParent = window.opener;
+
+    if(!parent)
+    {
+        alert("No parent window.");
+        window.close(); 
+        return; 
+    }
+  
+    if(!result)
+    {
+        return;
+    }
+
+    if(theForm)
+    {
+         var size = theForm.length;
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             var value = element.value;
+
+             if(element.type == "text" )
+             {
+                 var id = element.id;
+                 value = element.value;
+
+                 if(thisParent)
+                 {
+                     //alert("about to set data value key " + curKeyID + " id " + id + " value " + value);
+                     thisParent.COOLKeySetDataValue(curKeyType,curKeyID,id,value);
+
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 var p_id = new String(element.id);
+
+                 if(p_id.indexOf("RE_") == -1)
+                 {                   
+                     if(thisParent)
+                     {
+                         thisParent.COOLKeySetDataValue(curKeyType,curKeyID,p_id,value); 
+                     }
+                 }
+             }
+         }
+
+     }
+   
+     window.close(); 
+}
+
+function GetUIObjectList(uiData)
+{
+    var  str = new String(uiData);
+    var splits = str.split("&&");
+
+//    alert("Get " + splits + " len " + splits.length);
+
+    var params = new Array();
+    var size = splits.length;
+
+    for(i = 0 ; i <  size ; i++)
+    {
+       params[i] = splits[i].split("&");
+    }
+
+    size = params.length;
+    var name_value_objects = new Array();
+
+    for(i = 0 ; i < size; i++)
+    {
+         var name_values = new Array();
+
+         pISize = params[i].length;
+         for(j = 0 ;  j < pISize ; j ++)
+         {
+             var pair = params[i][j].split("=");
+
+             //alert(" pair " + pair[0] + " pair1 " + pair[1]);
+
+             if(pair[0] == "option")
+             {
+                 var options = pair[1].split(",");
+             }
+
+             name_values[pair[0]] = pair[1];
+         }
+
+         name_value_objects[i] = name_values;
+    }
+
+    return name_value_objects;
+
+}
+
+function AddBRToNode(theNode)
+{
+
+   if(!theNode)
+       return;
+
+   var br = document.createElement("br");
+
+   theNode.appendChild(br);
+
+}
+
+function AddTextToNode(theNode,theText)
+{
+
+    if(!theNode || !theText)
+        return;
+
+
+    var text = document.createTextNode(theText);
+
+    theNode.appendChild(text);
+      
+
+
+
+}
+function AddTextToDocument(theText)
+{
+    if(!theText)
+         return;
+
+     var p = document.createElement("p");
+
+     if(p)
+     {
+         p.appendChild(document.createTextNode(theText));
+     } 
+
+     document.body.appendChild(p);
+}
+
+function CreateForm()
+{
+    var form = document.createElement("form");
+    document.body.appendChild(form);
+    return form;
+}
+
+function CreateTable()
+{
+  var table = document.createElement("table");
+  document.body.appendChild(table);
+  tbody = document.createElement("tbody");
+  table.appendChild(tbody);
+
+  return table;
+}
+
+function AddRowToTable(table)
+{
+    if(!table)
+        return null;
+
+    var tr = document.createElement("tr");
+    (table.tBodies[0]).appendChild(tr);
+
+    return tr; 
+}
+
+function AddColumnToRow(row)
+{
+  if(!row)
+     return null;
+
+  var td = document.createElement("td");
+  row.appendChild(td);
+
+  return td;
+}
+
+function AddTextToColumn(column,text)
+{
+   if(!column || !text)
+       return;
+
+   var text_node = document.createTextNode(text);
+   column.appendChild(text_node);
+
+   return text_node;
+}
+
+function AddInputField(type,id, name,value)
+{
+    var    field = document.createElement("input");
+   
+    if(!field)
+        return null;
+  
+    field.type =  type;   
+    field.id =id;
+    field.name =name;
+    field.value =value;
+
+    return field;
+}
+
+function ConstructUI(aKeyType,aKeyID,uiData)
+{
+
+    //alert("Construct UI data " + uiData);
+    var name_value_objects = GetUIObjectList(uiData);
+    var len = name_value_objects.length;
+
+    gTitle = document.createElement("h1");
+
+    gDescription = document.createElement("h2");
+
+
+    document.body.appendChild(gTitle);
+
+
+    document.body.appendChild(gDescription);
+
+
+    form = CreateForm(); 
+    theForm = form;
+    curKeyID = aKeyID;
+    curKeyType = aKeyType;
+
+    table = CreateTable();
+
+    form.appendChild(table);
+
+    for(i = 0 ; i < len ; i ++)
+    {
+        curParameter = name_value_objects[i];
+
+        if(curParameter)
+        {
+
+            title = curParameter["title"];
+
+
+            if(title)
+            {
+                //alert("title " + title);
+
+                AddTextToNode(gTitle,title);
+ 
+
+            }
+
+            description = curParameter["description"];
+
+            if(description)
+            {
+               AddBRToNode(document.body);
+               AddBRToNode(document.body);
+
+               AddTextToNode(gDescription,description);
+
+               AddBRToNode(document.body);
+
+            }
+
+            id   = curParameter["id"];
+            name = curParameter["name"];
+            type = curParameter["type"];
+            desc = curParameter["desc"]; 
+
+            //alert(" id " + id + " name " + name + " type " + type + " desc " + desc); 
+
+            if(id)
+            {
+               if(table)
+               {
+                   row = AddRowToTable(table);
+               }
+
+               if(row)
+               {
+                   column = AddColumnToRow(row);
+               }
+
+               if(column)
+               {
+                    AddTextToColumn(column,name);
+               }
+
+               if(type == "string" || type == "integer")
+               {
+                   field = AddInputField("text",id,name,"");
+               }
+
+               re_field = null;
+ 
+               if(type == "password")
+               {
+                   field = AddInputField("password",id,name,"");
+               }
+
+               if(type == "hidden")
+               {
+                   field = AddInputField("hidden",id,name,"");
+               } 
+
+               if(field)
+               {
+                   field_col = AddColumnToRow(row);                
+                   if(field_col)
+                   {
+                       field_col.appendChild(field);
+                   }
+               }
+
+               if(re_field)
+               {
+                 re_text = AddColumnToRow(row);
+
+                 if(re_text)
+                 {
+                     AddTextToColumn(re_text,"Confirm " + name);
+                     re_field_col = AddColumnToRow(row);
+                     if(re_field_col)
+                     {
+                         re_field_col.appendChild(re_field);
+                     }
+                   
+                 } 
+
+               }
+           }
+
+        }
+
+    }
+
+    var last_row = AddRowToTable(table);
+
+    if(last_row)
+    {
+        var button_field = AddColumnToRow(last_row);
+
+        if(button_field)
+        {
+           var button = AddInputField("button","Submit","Submit","Submit");
+            button.onclick = FormSubmit;
+            button_field.appendChild(button);
+
+        }
+
+    } 
+}
+
+function UiLoad()
+{
+
+
+   var thisParent = window.opener;
+
+
+   if(!thisParent)
+   {
+        alert("Auth dialog has no parent!");
+        return;
+   }
+
+   var keyID =  this.name;
+
+   var ui = thisParent.getUIForKey(keyID); 
+
+   var type = thisParent.getTypeForKey(keyID);
+
+   //alert("UiLoad " + ui);
+
+   if(ui)
+   {
+       ConstructUI(type,keyID,ui);
+   }
+}
+
+</script>
+</head>
+<body onload = "UiLoad()"> 
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/SettingsEsc.html b/base/tps/apache/docroot/esc/SettingsEsc.html
new file mode 100755
index 000000000..0340ee64c
--- /dev/null
+++ b/base/tps/apache/docroot/esc/SettingsEsc.html
@@ -0,0 +1,737 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<head>
+
+<link rel=stylesheet href="/style.css" type="text/css">
+
+<script lang="JavaScript">
+//
+// initialize netkey globals
+var netkey;
+var gNotify = null;
+var isMSHTML;
+
+//
+// Determine if we are running MSHTML or GECKO
+//
+if (navigator.userAgent.indexOf("MSIE") != -1) {
+  isMSHTML = true;
+} else {
+  isMSHTML = false;
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          alert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+if (!isMSHTML) {
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+
+    gNotify = new jsNotify;
+
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+
+  } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+  }
+} else {
+  // MSHTML only initialization
+  netkey = external;
+}
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+  if (!isMSHTML) {
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+    }
+  }
+}
+
+
+////////////////////////////////////////////////////////////////
+//
+// Host will be responsible for generating the gBindingsArray.
+//
+////////////////////////////////////////////////////////////////
+
+var gBindingsArray = [
+  <!-- SECURECOOL_BINDINGS_ARRAY -->
+];
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+var gKeyBusyArray = [ ];
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function LoadBindingsIntoTable()
+{
+  var table = document.getElementById("KeyTable");
+
+  if (table)
+  {
+    var i;
+    for (i=0; i < gBindingsArray.length; i++)
+    {
+      CreateTableRow(table, gBindingsArray[i][0], gBindingsArray[i][1], false,
+                     gBindingsArray[i][2], true);
+    }
+  }
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+  {
+    var table = document.getElementById("KeyTable");
+    if (table)
+    {
+      // The assumption here is that if the key isn't already
+      // listed in the table, then it must be a new unbound key!
+
+      row = CreateTableRow(table, keyType, keyID, true, keyID, false);
+    }
+
+    if (!row)
+      return null;
+  }
+  else if (IsKeyBound(keyType, keyID))
+    SetKeyIsVisible(row, true);
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function ReportException(msg, e)
+{
+  alert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    } else {
+      keyArr = ConvertVariantArrayToJScriptArray(netkey.GetAvailableCoolKeys());
+
+      var i;
+      for (i=0; i < keyArr.length; i++)
+        keyArr[i] = ConvertVariantArrayToJScriptArray(keyArr[i]);
+    }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function BlinkCOOLKey(keyType, keyID, rate, duration)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.BlinkCoolKey(keyType, keyID, rate, duration);
+  } catch(e) {
+    ReportException("netkey.BlinkCoolKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+  if (isMSHTML) {
+    row.removeNode(row);
+  } else {
+    table.deleteRow(row.rowIndex);
+  }
+}
+
+function InsertRow(table)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = table.insertRow();
+  } else {
+    row = table.insertRow(table.rows.length);
+  }
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.insertCell();
+  } else {
+    cell = row.insertCell(row.cells.length);
+  }
+  return cell;
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+}
+
+function InitializeBindingTable()
+{
+  LoadBindingsIntoTable();
+  UpdateBindingTableAvailability();
+}
+
+function IsKeyBound(keyType, keyID)
+{
+  
+  for (i=0; i < gBindingsArray.length; i++)
+  {
+    if (keyType == gBindingsArray[i][0] && keyID == gBindingsArray[i][1])
+      return true;
+  }
+
+  return false;
+}
+
+function COOLKeyIsBusy(keyType, keyID)
+{
+  for (i=0; i < gKeyBusyArray.length; i++)
+  {
+    if (keyType == gKeyBusyArray[i][0] && keyID == gKeyBusyArray[i][1])
+      return true;
+  }
+
+  return false;
+}
+
+function AddKeyToBusyArray(keyType, keyID)
+{
+  // If key is already in our array, nothing to do.
+  if (COOLKeyIsBusy(keyType, keyID))
+    return;
+
+  gKeyBusyArray.push(new Array(keyType, keyID));
+}
+
+function RemoveKeyFromBusyArray(keyType, keyID)
+{
+  for (i=0; i < gKeyBusyArray.length; i++)
+  {
+    if (keyType == gKeyBusyArray[i][0] && keyID == gKeyBusyArray[i][1])
+      gKeyBusyArray.splice(i, 1);
+  }
+}
+
+function SetKeyIsVisible(row, isVisible)
+{
+  if (!row) return;
+  var cell = row.cells(0);
+  if (!cell) return;
+
+  var v = "inherit";
+  if (!isVisible)
+    v = "hidden";
+  cell.firstChild.style.visibility = v;
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+function CreateTableRow(table, keyType, keyID, isAvailable, label, isSecured)
+{
+  
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (label == keyID)
+    label = keyIDStr;
+
+  // Add a tooltip to the row so that it displays more info.
+  var title = keyType + " - " + keyIDStr;
+  if (isSecured && label)
+    title += " - " + label;
+  row.setAttribute("title", title);
+
+  // Create the isAvailable cell:
+  cell = InsertCell(row);
+  cell.setAttribute("align", "center");
+  var a = document.createElement("a");
+  a.setAttribute("href", "javascript:DoBlinkCOOLKey(" + keyType + ", '" + keyID + "');");
+  if (! isAvailable)
+    a.style.visibility = "hidden";
+  var img = document.createElement("img");
+  img.setAttribute("src", "/pki/esc/images/NetKey-Small.gif");
+  a.appendChild(img);
+  cell.appendChild(a);
+
+  // Create the label cell. Make sure we truncate long
+  // labels so that they fit nicely into the window.
+  cell = InsertCell(row);
+  if (label.length > 24)
+    label = label.substr(0, 24) + "...";
+  cell.appendChild(document.createTextNode(label));
+
+  // Create the action cell:
+  cell = InsertCell(row);
+  a = document.createElement("a");
+  if (isSecured)
+  {
+  //  a.setAttribute("href", "javascript:UnbindCOOLKey(" + keyType + ", '" + keyID + "');");
+    a.appendChild(document.createTextNode("Release"));
+  }
+  else
+  {
+  //  a.setAttribute("href", "javascript:BindCOOLKey(" + keyType + ", '" + keyID + "');");
+    a.appendChild(document.createTextNode("Secure"));
+  }
+  cell.appendChild(a);
+
+  // Create the secured cell:
+  cell = InsertCell(row);
+  cell.setAttribute("align", "center");
+  img = document.createElement("img");
+  img.setAttribute("src", "/pki/esc/images/PadLock.gif");
+  if (!isSecured)
+  img.style.visibility = "hidden";
+  cell.appendChild(img);
+
+  return row;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ASC native code.
+//
+// ASC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.GetCOOLKeyStatus(keyType, keyID)
+//
+//       - Returns an integer describing the status of the COOLKey. Possible
+//         values are:
+//
+//           0 // Unavailable
+//           1 // AppletNotFound
+//           2 // Uninitialized
+//           3 // Unknown
+//           4 // Available
+//           5 // EnrollmentInProgress
+//           6 // UnblockInProgress
+//           7 // PINResetInProgress
+//           8 // RenewInProgress
+//           9 // FormatInProgress
+//          10 // BlinkInProgress
+//
+//     netkey.GetCOOLKeyPolicy(keyType, keyID)
+//
+//       - Retrieves the Certificate Policy Extension Object Identifier (OID)
+//         as a string. This can be useful for distinguishing between types of
+//         COOLKeys. The list of currently defined OIDS are:
+//
+//             Bronze Member - Phase 1:     OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1
+//             Silver Member - Phase 2:     OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2
+//             Gold Associate - Phase 2:    OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3
+//             Platinum MyDoctor - Phase 2: OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4
+//
+//     netkey.GetCOOLKeyRequiresAuthentication(keyType, keyID)
+//
+//       - Returns a bool value that indicates whether or not the COOLKey
+//         requires a PIN to access crypto functionality.
+//
+//     netkey.AuthenticateCOOLKey(keyType, keyID, pin)
+//
+//       - Attempts to authenticates to the COOLKey using the supplied
+//         pin string.
+//
+//     netkey.InitCOOLKey(keyType, keyID, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass null values for both screenName and pin, otherwise, the key.
+//         is formatted as a NetKey.
+//
+//     netkey.ChallengeCOOLKey(keyType, keyID, data)
+//
+//       - Signs some data with the specified key, and returns the results
+//         in an AcviteX Variant SafeArray. Before accessing any data in
+//         this array, you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray(). The elements in the
+//         array are as follows:
+//
+//             array[0] --> Length of the signed challenge data in binary form.
+//             array[1] --> The signed challenge data as hex.
+//             array[0] --> Length of the nonce data in binary form.
+//             array[0] --> The nonce data as hex.
+//
+//     netkey.BlinkCOOLKey(keyType, keyID, rate, duration)
+//
+//       - Make a specific key blink at a given rate for a given duration.
+//         rate and duration are specified in milliseconds.
+//
+//     netkey.RequestServiceTicket(screenName, serviceName)
+//
+//       - Makes an async ticket request for a specific service.
+//         The ticket is returned via the OnTicketRequestSuccess()
+//         callback.
+//
+//     netkey.CancelServiceTicketRequest(screenName, serviceName)
+//
+//       - Cancels a specific service ticket request that may be pending.
+//
+////////////////////////////////////////////////////////////////
+
+function BindCOOLKey(keyType, keyID)
+{
+  if (COOLKeyIsBusy(keyType, keyID))
+  {
+    alert("COOLKey '" + keyID + "' is busy!");
+    return;
+  }
+
+  document.forms[0].action.value = "setlabelpage";
+  document.forms[0].keytype.value = keyType;
+  document.forms[0].keyid.value = keyID;
+  document.forms[0].submit();
+}
+
+function UnbindCOOLKey(keyType, keyID)
+{
+  if (COOLKeyIsBusy(keyType, keyID))
+  {
+    alert("COOLKey '" + keyID + "' is busy!");
+    return;
+  }
+
+  document.forms[0].action.value = "unbindprogresspage";
+  document.forms[0].keytype.value = keyType;
+  document.forms[0].keyid.value = keyID;
+  document.forms[0].submit();
+}
+
+function PurchaseMoreKeys()
+{
+}
+
+function LoadHelp()
+{
+  alert("- Click on the key icon for a specific key to make it blink.\n");
+}
+
+function DoBlinkCOOLKey(keyType, keyID)
+{
+  if (!keyID)
+    return;
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+}
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  refresh();
+}
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("KeyTable");
+  if (row && table)
+  {
+    if (IsKeyBound(keyType, keyID))
+      SetKeyIsVisible(row, false);
+    else
+      RemoveRow(table, row)
+  }
+
+  refresh();
+}
+
+function OnCOOLKeyBusyStart(keyType, keyID)
+{
+  AddKeyToBusyArray(keyType, keyID);
+}
+
+function OnCOOLKeyBusyEnd(keyType, keyID)
+{
+  RemoveKeyFromBusyArray(keyType, keyID);
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+////////////////////////////////////////////////////////////////////////////
+//
+// Notification functions called directly from ASC native code. These
+// functions will only be called if they exist in the current running
+// JavaScript context.
+//
+//   OnCOOLKeyStateChange(keyType, keyID, keyState, data)
+//
+//     - Called when the state of the COOLKey changes. Values for key
+//
+//     keyState   Description             data
+//     -------------------------------------------------------
+//       1000     Key Inserted            <none>
+//       1001     Key Removed             <none>
+//       1002     Enrollment Start        <0=Phase1, 1=Phase2>
+//       1003     Enrollment Complete     <none>
+//       1004     Enrollment Error        Integer Error Code
+//       1005     Unblock Start           <none>
+//       1006     Unblock Complete        <none>
+//       1007     Unblock Error           Integer Error Code
+//       1008     PIN Reset Start         <none>
+//       1009     PIN Reset Complete      <none>
+//       1010     PIN Reset Error         Integer Error Code
+//       1011     Renew Start             <none>
+//       1012     Renew Complete          <none>
+//       1013     Renew Error             Integer Error Code
+//       1014     Format Start            <none>
+//       1015     Format Complete         <none>
+//       1016     Format Error            Integer Error Code
+//       1017     Blink Start             <none>
+//       1018     Blink Complete          <none>
+//       1019     Blink Error             Integer Error Code
+//       1020     Operation Cancelled     Integer Error Code
+//
+//    OnTicketRequestSuccess(serviceName, ticket, authenticator)
+//
+//      - Called when a service ticket request made with 
+//        netkey.RequestServiceTicket() completes successfully.
+//        ticket is the Base64 encoded Kerberos ticket. authenticator
+//        is the Base64 encoded authenticator.
+//
+//    OnTicketRequestException(serviceName, errCode, errSubSystem, errMsg)
+//
+//      - Called when a service ticket request made with
+//        netkey.RequestServiceTicket() fails. serviceName is the service
+//        name used when the request was made. errCode is the error code
+//        defined by CLC. errSubSystem is the sub system defined by CLC.
+//        errMsg is the string containing the error message to display. This
+//        string is provided by UAS or CLC.
+//
+////////////////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data)
+{
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+    case 1005: // UnblockStart
+    case 1008: // PINResetStart
+    case 1011: // RenewStart
+    case 1014: // FormatStart
+      OnCOOLKeyBusyStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+    case 1004: // EnrollmentError
+    case 1006: // UnblockComplete
+    case 1007: // UnblockError
+    case 1009: // PINResetComplete
+    case 1010: // PINResetError
+    case 1012: // RenewComplete
+    case 1013: // RenewError
+    case 1015: // FormatComplete
+    case 1016: // FormatError
+      OnCOOLKeyBusyEnd(keyType, keyID);
+      break;
+  }
+}
+
+</script>
+</head>
+<body onLoad="InitializeBindingTable();" onUnload="cleanup();">
+
+<table width="100%">
+  <tr>
+    <td>
+<img src="/pki/esc/images/logo.gif">     </td>
+    <td>
+      <p class="headerText"><a href="esc.cgi?screenname=">Enterprise Security Client</a></p>
+    </td>
+  <tr>
+</table>
+
+<form method="post" action="esc.cgi">
+<input type="hidden" name="action" value="settingspage">
+<input type="hidden" name="screenname" value="<!-- SECURECOOL_SCREENNAME -->">
+<input type="hidden" name="keytype" value="">
+<input type="hidden" name="keyid" value="">
+<table class="PageHeader">
+</table>
+<table class="ContentTable">
+<tbody>
+<tr><td colspan="2">
+<b>Coolkey</b> (Enterprise Security Key) helps users perform various cryptographic operations.
+<br>
+Your Coolkey(s) and any other Coolkey(s) plugged into this computer are shown here. 
+<br>
+<br>
+<div class="TableTitle">Coolkey(s)   <!-- SECURECOOL_SCREENNAME --></div>
+</td></tr>
+<tr>
+  <td width="55%" valign="top">
+  <table id="KeyTable">
+  <tbody>
+    <tr class="KeyTableHeader">
+      <th></th>
+      <th><p class="titleText">Name</p></th>
+      <th></th>
+      <th><p class="titleText">Secured</p></th>
+    </tr>
+  </tbody>
+  </table>
+  </td>
+</tr>
+</tbody>
+</table>
+</form>
+</body>
+</html>
+
diff --git a/base/tps/apache/docroot/esc/TokenManager.html b/base/tps/apache/docroot/esc/TokenManager.html
new file mode 100755
index 000000000..fcd6beec9
--- /dev/null
+++ b/base/tps/apache/docroot/esc/TokenManager.html
@@ -0,0 +1,1705 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+
+<head>
+<link rel=stylesheet href="/style.css" type="text/css">
+
+<script language="JavaScript">
+
+//
+// initialize netkey globals
+var netkey;
+var isMSHTML;
+
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+//
+// Determine if we are running MSHTML or GECKO
+//
+if (navigator.userAgent.indexOf("MSIE") != -1) {
+  isMSHTML = true;
+} else {
+  isMSHTML = false;
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          alert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+if (!isMSHTML) {
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+  }
+} else {
+  // MSHTML only initialization
+  netkey = external;
+}
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+  if (!isMSHTML) {
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     alert("Can't get UniversalXPConnect: " + e);
+    }
+  }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "userKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+
+"Operation Completed Successfully.",
+    "Server Error.",
+    "Problem communicating with the token.",
+    "Problem communicating with the token.",
+    "Problem resetting token's pin.",
+    "Internal Server Error.",
+    "Internal Server Error",
+    "Token Enrollment Error.",
+    "Problem communicating with the token.",
+    "Internal Server Error",
+    "Error communicating with the Certificate Authority, try again later.",
+    "Internal Server Error.",
+    "Error resetting the token's pin.",
+    "Internal Server Error.",
+    "Authentication Failure, Try Again.",
+    "Internal Server Error",
+    "Token is disabled, contact technical support.",
+    "Problem communicating with the token.",
+    "Internal Server Error.",
+    "Cannot upgrade token software.",
+    "Internal Server Error.",
+    "Problem communicating with the token.",
+    "Invalid token type.",
+    "Invalid token type",
+    "Cannot publish.",
+    "Cannot communicate with token database, try again later.",
+    "Token is disabled, contact techincal support.",
+    "Cannot reset pin value for the token, contact technical support.",
+    "Connection to server lost.",
+    "Cannot create entry for token in database, contact technical support.",
+    "No such token state, contact technical support.",
+    "Invalid lost token reason, contact technical support.",
+    "Token unusable due to compromise,contact technical support.",
+    "No such inactive token, contact technical support.",
+    "Cannot process more than one active token.",
+    "Internal Server Error,contact technical support.",
+    "Key Recovery has been processed.",
+    "Key Recovery failed, contact technical support.",
+    "Cannot operate on token reported lost, contact technical support.",
+    "Key archival error, contact technical support.",
+    "Problem connecting to the TKS, contact technical support.",
+    "Failed to update token database, contact technical support.",
+    "Internal certificate revocation error,contact technical support.",
+    "User does not own this token, contact technical support."
+);
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                if(!isMSHTML)
+                {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                }
+
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                alert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+  if(!isMSHTML)
+    {
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                alert("Error Setting data values: " + e);
+            }
+        }
+    }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+  if(!isMSHTML)
+  {
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              alert("Error Setting data values: " + e);
+          }
+
+      }
+
+  }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  alert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetESCKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetESCKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetESCKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetESCKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    } else {
+      keyArr = ConvertVariantArrayToJScriptArray(netkey.GetAvailableCoolKeys());
+
+      var i;
+      for (i=0; i < keyArr.length; i++)
+        keyArr[i] = ConvertVariantArrayToJScriptArray(keyArr[i]);
+    }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableESCKeys() failed!", e);
+    return [];
+  }
+}
+
+function ChallengeCOOLKey(keyType, keyID, data)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return ConvertVariantArrayToJScriptArray(netkey.ChallengeCoolKey(keyType, keyID, data));
+  } catch(e) {
+    ReportException("netkey.ChallengeESCKey() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollESCKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetESCKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.ResetCoolKeyPIN(keyType, keyID, screenname, pin,screennamepwd);
+  } catch(e) {
+    ReportException("netkey.ResetESCKeyPIN() failed! Make sure token is properly Enrolled.", e);
+    return false;
+  }
+  return true;
+}
+function FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.FormatESCKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelESCKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function BlinkCOOLKey(keyType, keyID, rate, duration)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.BlinkCoolKey(keyType, keyID, rate, duration);
+  } catch(e) {
+    ReportException("netkey.BlinkESCKey() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function RequestServiceTicket(screenName, serviceName)
+{
+  try {
+    if (!isMSHTML) {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    }
+    netkey.RequestServiceTicket(screenName, serviceName);
+  } catch(e) {
+    ReportException("netkey..RequestServiceTicket() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+  if (isMSHTML) {
+    row.removeNode(row);
+  } else {
+    table.deleteRow(row.rowIndex);
+  }
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.cells(index);
+  } else {
+    cell = row.cells[index];
+  }
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+  if (isMSHTML) {
+    node = parent.childNodes(index);
+  } else {
+    node = parent.childNodes[index];
+  }
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = table.insertRow();
+  } else {
+    row = table.insertRow(table.rows.length);
+  }
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+  if (isMSHTML) {
+    cell = row.insertCell();
+  } else {
+    cell = row.insertCell(row.cells.length);
+  }
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+ // cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  //cell = GetCell(row,3);
+  //RemoveAllChildNodes(cell);
+  //cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function GetKeyStatusForKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return "UNKNOWN";
+
+  var cell = GetCell(row,1);
+  return GetNode(cell,0).data;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+ // document.getElementById("snametf").value = gScreenName;
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gKeyEnrollmentType == "deviceKey")
+  {
+  //  document.getElementById("snametf").disabled = true;
+  //  document.getElementById("pintf").disabled = true;
+   // document.getElementById("reenterpintf").disabled = true;
+  //  document.getElementById("snamepwd").disabled = true;
+  }
+  else
+  {
+ //   document.getElementById("snametf").disabled = false;
+  //  document.getElementById("pintf").disabled = false;
+  //  document.getElementById("reenterpintf").disabled = false;
+  //  document.getElementById("snamepwd").disabled = false;
+  }
+
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetKeyStatusForKeyID(keyType, keyID);
+
+    var validKey = (keyStatus == "NETKEY" || keyStatus == "HOUSEKEY");
+  //  document.getElementById("challengebtn").disabled = !validKey;
+    document.getElementById("blinkbtn").disabled = false;
+//    document.getElementById("enrollbtn").disabled = false;
+    document.getElementById("formatbtn").disabled = false;
+//    document.getElementById("resetpinbtn").disabled = !((keyStatus == "NETKEY") && (gKeyEnrollmentType == "userKey"));
+//document.getElementById("resetpinbtn").disabled = !((gKeyEnrollmentType == "userKey"));
+  }
+  else
+  {
+    //document.getElementById("enrollbtn").disabled = true;
+   // document.getElementById("resetpinbtn").disabled = true;
+    document.getElementById("formatbtn").disabled = true;
+   // document.getElementById("challengebtn").disabled = true;
+    document.getElementById("blinkbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+  if (isMSHTML) {
+    row = FindRow(window.event.srcElement);
+  } else {
+    row = FindRow(event.parentNode);
+  }
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+
+ 
+  if (isMSHTML) {
+     row.onclick = DoSelectRow;
+  }
+
+  // Create the key ID cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(reqAuth));
+
+  // Create the is auth'ed cell.
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode(isAuthed));
+
+  // Create the status bar cell
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ASC native code.
+//
+// ASC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//     netkey.ChallengeCOOLKey(keyType, keyID, data)
+//
+//       - Signs some data with the specified key, and returns the results
+//         in an AcviteX Variant SafeArray. Before accessing any data in
+//         this array, you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray(). The elements in the
+//         array are as follows:
+//
+//             array[0] --> Length of the signed challenge data in binary form.
+//             array[1] --> The signed challenge data as hex.
+//             array[0] --> Length of the nonce data in binary form.
+//             array[0] --> The nonce data as hex.
+//
+//     netkey.BlinkCOOLKey(keyType, keyID, rate, duration)
+//
+//       - Make a specific key blink at a given rate for a given duration.
+//         rate and duration are specified in milliseconds.
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    alert("You must provide a valid screen name!");
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    alert("You must provide a valid PIN!");
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    alert("The PIN values you entered don't match!");
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       alert("You must provide a valid User Password!");
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+  {
+    alert("Please select a key.");
+    return;
+  }
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname =  null; //GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd = null; // GetScreenNamePwd();
+
+
+    tokencode = GetTokenCode();
+
+    SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+  else
+    SetStatusMessage("Enrolling DeviceKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+ // if(!Validate())
+  //   return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = null;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+
+ // if(!Validate())
+  //   return;
+
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+function DoCancelOperation()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    alert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  alert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  alert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("Enrollment for \"" + KeyToUIString(keyType, keyID) + "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("PIN Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  alert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Server Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key (" + keyIDStr + ") failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key (" + keyIDStr + ") failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key (" + keyIDStr + ") failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key (" + keyIDStr + ") canceled.";
+
+  alert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+//    screenname = GetScreenNameValue();
+//    if (! screenname)
+ //     return 0;
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+//    screennamepwd = GetScreenNamePwd();
+
+//    if(! screennamepwd)
+ //       return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+</script>
+
+</head>
+<body onload="InitializeBindingTable();" onunload=cleanup()>
+
+<table width="100%">
+  <tr>
+    <td>
+<img src="/pki/esc/images/logo.gif">     </td>
+    <td>
+      <p class="headerText"><a href="esc.cgi?screenname=">Enterprise Security Client</a></p>
+    </td>
+  <tr>
+</table>
+
+  <br>
+  <table id="BindingTable" width="100%"><tbody>
+    <tr id="HeaderRow">
+      <th><p class="titleText">Key ID</p></th>
+      <th><p class="titleText">Key Status</p></th>
+<!--      <th><p class="titleText">Requires Auth</p></th>
+      <th><p class="titleText">Did Auth</p></th>
+
+-->
+      <th width="100"><p class="titleText">Progress</p></th>
+    </tr>
+  </tbody></table>
+  <form action="esc.cgi">
+    <input type="hidden" id="action" name="action" value="bind"> 
+    <input type="hidden" id="screenname" name="screenname" value="">
+    <input type="hidden" id="challengedata" name="challengedata" value="QVNDIHJvY2tzIHRoZSBwYXJ0eSE="> 
+    <input type="hidden" id="signedchallenge" name="signedchallenge" value="">
+    <input type="hidden" id="signedchallengelength" name="signedchallengelength" value=""> 
+    <input type="hidden" id="nonce" name="nonce" value="">
+    <input type="hidden" id="noncelength" name="noncelength" value=""> 
+    <input type="hidden" id="keytype" name="keytype" value="">
+    <input type="hidden" id="keyid" name="keyid" value="">
+    <input type="hidden" id="keylabel" name="keylabel" value=""> 
+    <br>
+    <table width="100%">
+      <tr>
+        <td valign="center" align="left">
+          <input type="button" id="formatbtn" name="formatbtn" value="Format" onClick="DoFormatCOOLKey();">
+      <!--    <input type="button" id="challengebtn" name="challengebtn" value="Challenge" onClick="DoChallengeSelectedKey();"> --> 
+          <input type="button" id="blinkbtn" name="blinkbtn" value="Blink" onClick="DoBlinkCOOLKey();">  
+
+          <input type="button" id="canclebtn" name="canclebtn" value="Cancel" onClick="DoCancelOperation();">
+
+
+        <!--  <input type="button" id="helpbtn" name="helpbtn" value="Help" onClick="DoHelp();"> -->
+        </td>
+      </tr>
+    </table>
+    <table width="100%">
+      <tr>
+      <!--  <td valign="center" align="right">
+          <h5><a href="esc.cgi?">Enterprise Security  Admin Page</a></h5>
+        </td> -->
+      </tr>
+    </table>
+  </form>
+  <table width="100%">
+    <tr>
+      <td valign="center" align="left" style="width: 200px;">
+        <div id="cylon1" class="cylon" style="width: 200px; height: 10px;">
+          <div id="eye1" class="cylonEye" style="top: 0px; left: 0px; width: 28px; height: 8px; visibility: hidden;"></div>
+        </div>
+      </td>
+      <td valign="center" align="left" id="statusMsg"></td>
+    </tr>
+  </table>
+</body></html>
diff --git a/base/tps/apache/docroot/esc/TokenPin.html b/base/tps/apache/docroot/esc/TokenPin.html
new file mode 100755
index 000000000..54bb8e8c0
--- /dev/null
+++ b/base/tps/apache/docroot/esc/TokenPin.html
@@ -0,0 +1,76 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<head>
+<style>
+body {
+  background-color: rgb(32%,71%,75%);
+  font-family: "Arial";
+  font-size: 8pt; }
+</style>
+
+<script language = "Javascript">
+function DoSubmitData()
+{
+    var pin = document.getElementById("tokenpin").value;
+
+    var pin_confirm = document.getElementById("tokenpincf").value;
+
+    if(!pin || !pin_confirm )
+    {
+        alert("Please Enter Valid  Token Pin and confirmation value!");
+
+        return;
+    }
+    var parent = window.opener;
+
+    if(parent)
+    {
+        parent.COOLKeySetTokenPin(pin);
+
+    }
+    window.close();
+}
+</script>
+</head>
+<body>
+<b>Please Enter Your Token Pin:</b>
+<form>
+<table>
+<TR>
+<TD align="left">
+<font size=-2>Token Pin:</font><BR>
+<INPUT input type="password" id="tokenpin"  name="tokenpin" value="" size=25><BR>
+</TD>
+</TR>
+<TR>
+<TD align="left">
+<font size=-2>Token Pin:(Confirm)</font><br>
+<INPUT type="password"  id="tokenpincf"  name="tokenpincf" value="" size=25><BR>
+</TD>
+</TR>
+<BR>
+<TR>
+<TD>
+<INPUT type ="button" id="Submit" value="Submit" onClick="DoSubmitData();"
+</TD>
+</TR>
+</table>
+</form>
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/demo/EnrollSuccess.html b/base/tps/apache/docroot/esc/demo/EnrollSuccess.html
new file mode 100644
index 000000000..2a9d2b386
--- /dev/null
+++ b/base/tps/apache/docroot/esc/demo/EnrollSuccess.html
@@ -0,0 +1,51 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<link rel=stylesheet href="/demo/style.css" type="text/css"> 
+<title>Success!</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+</head>
+
+<body  leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
+<table width="100%" border="0" cellspacing="0" cellpadding="0" class="logobar">
+  <tr> 
+    <td bgcolor="#000000">&nbsp;&nbsp;&nbsp;<img src="/pki/esc/demo/logo.jpg" width="250" height="50"></td>
+  </tr>
+</table>
+
+<p class="bodyText" >
+Congratulations! You have successfully Enrolled your Veracity Investments Security Smartcard! Now that you have enrolled, you will be able to use your smartcard to allow you and only you to log onto the Vercacity Investments On-Line Account Manager. 
+
+</p>
+<p class="bodyText">
+
+Begin your journey into the world of safe and secure account access by logging on to the Veracity Investments On-Line Account Manager.
+
+</p>
+
+<!--
+<a href="https://veracity.test.com/login.cgi?">Veracity Investments Account Manager</a></p>
+
+-->
+ 
+</body>
+
+</html>
+
diff --git a/base/tps/apache/docroot/esc/demo/GenericAuth.html b/base/tps/apache/docroot/esc/demo/GenericAuth.html
new file mode 100755
index 000000000..dad83a001
--- /dev/null
+++ b/base/tps/apache/docroot/esc/demo/GenericAuth.html
@@ -0,0 +1,537 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<style>
+
+body {
+background: #ffffff url(/pki/esc/images/bg.jpg) repeat-x;
+        font-family: arial;
+        font-size: 7pt;
+
+}
+
+h1
+{
+   text-align: left;
+
+   font-weight: bold;
+
+   font-size: 13pt;
+
+
+}
+
+
+h2 {
+
+    text-align: left;
+    font-size: 10pt; 
+
+    font-weight: lighter;
+}
+
+</style>
+<script language = "Javascript">
+
+var test_ui = "id=USER_ID&name=User ID&desc=User ID&type=string&option=option1,option2,option3&&id=USER_PWD&name=User Password&desc=User Password&type=password&option=&&id=USER_PIN&name=PIN&desc=One time PIN received via mail&type=password&option=";
+
+var theForm = null;
+var curKeyID = null;
+var curKeyType = 0; 
+
+
+var gTitle = null;
+var gDescription = null;
+
+
+
+function ConfirmPassword(password_element)
+{
+
+  if(!password_element)
+      return 0;
+
+  password_id = password_element.id;
+
+  if(!password_id)
+     return 0;
+
+  confirm_id = "RE_" + password_element.id;
+
+  var size = theForm.length;
+
+  if(theForm)
+  {
+      for(i = 0; i < size ; i++)
+      {
+         var cur_element = theForm.elements[i];
+  
+         if(cur_element.id == confirm_id)
+         {
+             if(cur_element.value != password_element.value)
+             {
+                 alert("Value " + password_element.name + " must match " + cur_element.name);
+                 return 0;
+
+             }
+             else
+             {
+                 return 1;
+             } 
+
+         } 
+
+      }
+
+  }
+
+  return 1;
+}
+
+function Validate()
+{
+    if(theForm)
+    {
+         var size = theForm.length;
+ 
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             if(element.type == "text" )
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0; 
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0;
+                 }
+
+                 if(!ConfirmPassword(element))
+                 {
+                     return 0;
+                 }
+
+             } 
+         } 
+   
+    }
+
+    return 1;
+}
+
+function FormSubmit()
+{
+    var result = Validate();
+
+    var thisParent = window.opener;
+
+    if(!parent)
+    {
+        alert("No parent window.");
+        window.close(); 
+        return; 
+    }
+  
+    if(!result)
+    {
+        return;
+    }
+
+    if(theForm)
+    {
+         var size = theForm.length;
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             var value = element.value;
+
+             if(element.type == "text" )
+             {
+                 var id = element.id;
+                 value = element.value;
+
+                 if(thisParent)
+                 {
+                     //alert("about to set data value key " + curKeyID + " id " + id + " value " + value);
+                     thisParent.COOLKeySetDataValue(curKeyType,curKeyID,id,value);
+
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 var p_id = new String(element.id);
+
+                 if(p_id.indexOf("RE_") == -1)
+                 {                   
+                     if(thisParent)
+                     {
+                         thisParent.COOLKeySetDataValue(curKeyType,curKeyID,p_id,value); 
+                     }
+                 }
+             }
+         }
+
+     }
+   
+     window.close(); 
+}
+
+function GetUIObjectList(uiData)
+{
+    var  str = new String(uiData);
+    var splits = str.split("&&");
+
+//    alert("Get " + splits + " len " + splits.length);
+
+    var params = new Array();
+    var size = splits.length;
+
+    for(i = 0 ; i <  size ; i++)
+    {
+       params[i] = splits[i].split("&");
+    }
+
+    size = params.length;
+    var name_value_objects = new Array();
+
+    for(i = 0 ; i < size; i++)
+    {
+         var name_values = new Array();
+
+         pISize = params[i].length;
+         for(j = 0 ;  j < pISize ; j ++)
+         {
+             var pair = params[i][j].split("=");
+
+             //alert(" pair " + pair[0] + " pair1 " + pair[1]);
+
+             if(pair[0] == "option")
+             {
+                 var options = pair[1].split(",");
+             }
+
+             name_values[pair[0]] = pair[1];
+         }
+
+         name_value_objects[i] = name_values;
+    }
+
+    return name_value_objects;
+
+}
+
+function AddBRToNode(theNode)
+{
+
+   if(!theNode)
+       return;
+
+   var br = document.createElement("br");
+
+   theNode.appendChild(br);
+
+}
+
+function AddTextToNode(theNode,theText)
+{
+
+    if(!theNode || !theText)
+        return;
+
+
+    var text = document.createTextNode(theText);
+
+    theNode.appendChild(text);
+      
+
+
+
+}
+function AddTextToDocument(theText)
+{
+    if(!theText)
+         return;
+
+     var p = document.createElement("p");
+
+     if(p)
+     {
+         p.appendChild(document.createTextNode(theText));
+     } 
+
+     document.body.appendChild(p);
+}
+
+function CreateForm()
+{
+    var form = document.createElement("form");
+    document.body.appendChild(form);
+    return form;
+}
+
+function CreateTable()
+{
+  var table = document.createElement("table");
+  document.body.appendChild(table);
+  tbody = document.createElement("tbody");
+  table.appendChild(tbody);
+
+  return table;
+}
+
+function AddRowToTable(table)
+{
+    if(!table)
+        return null;
+
+    var tr = document.createElement("tr");
+    (table.tBodies[0]).appendChild(tr);
+
+    return tr; 
+}
+
+function AddColumnToRow(row)
+{
+  if(!row)
+     return null;
+
+  var td = document.createElement("td");
+  row.appendChild(td);
+
+  return td;
+}
+
+function AddTextToColumn(column,text)
+{
+   if(!column || !text)
+       return;
+
+   var text_node = document.createTextNode(text);
+   column.appendChild(text_node);
+
+   return text_node;
+}
+
+function AddInputField(type,id, name,value)
+{
+    var    field = document.createElement("input");
+   
+    if(!field)
+        return null;
+  
+    field.type =  type;   
+    field.id =id;
+    field.name =name;
+    field.value =value;
+
+    return field;
+}
+
+function ConstructUI(aKeyType,aKeyID,uiData)
+{
+
+    //alert("Construct UI data " + uiData);
+    var name_value_objects = GetUIObjectList(uiData);
+    var len = name_value_objects.length;
+
+    gTitle = document.createElement("h1");
+
+    gDescription = document.createElement("h2");
+
+
+    document.body.appendChild(gTitle);
+
+
+    document.body.appendChild(gDescription);
+
+
+    form = CreateForm(); 
+    theForm = form;
+    curKeyID = aKeyID;
+    curKeyType = aKeyType;
+
+    table = CreateTable();
+
+    form.appendChild(table);
+
+    for(i = 0 ; i < len ; i ++)
+    {
+        curParameter = name_value_objects[i];
+
+        if(curParameter)
+        {
+
+            title = curParameter["title"];
+
+
+            if(title)
+            {
+                //alert("title " + title);
+
+                AddTextToNode(gTitle,title);
+ 
+
+            }
+
+            description = curParameter["description"];
+
+            if(description)
+            {
+               AddBRToNode(document.body);
+               AddBRToNode(document.body);
+
+               AddTextToNode(gDescription,description);
+
+               AddBRToNode(document.body);
+
+            }
+
+            id   = curParameter["id"];
+            name = curParameter["name"];
+            type = curParameter["type"];
+            desc = curParameter["desc"]; 
+
+            //alert(" id " + id + " name " + name + " type " + type + " desc " + desc); 
+
+            if(id)
+            {
+               if(table)
+               {
+                   row = AddRowToTable(table);
+               }
+
+               if(row)
+               {
+                   column = AddColumnToRow(row);
+               }
+
+               if(column)
+               {
+                    AddTextToColumn(column,name);
+               }
+
+               if(type == "string" || type == "integer")
+               {
+                   field = AddInputField("text",id,name,"");
+               }
+
+               re_field = null;
+ 
+               if(type == "password")
+               {
+                   field = AddInputField("password",id,name,"");
+               }
+
+               if(type == "hidden")
+               {
+                   field = AddInputField("hidden",id,name,"");
+               } 
+
+               if(field)
+               {
+                   field_col = AddColumnToRow(row);                
+                   if(field_col)
+                   {
+                       field_col.appendChild(field);
+                   }
+               }
+
+               if(re_field)
+               {
+                 re_text = AddColumnToRow(row);
+
+                 if(re_text)
+                 {
+                     AddTextToColumn(re_text,"Confirm " + name);
+                     re_field_col = AddColumnToRow(row);
+                     if(re_field_col)
+                     {
+                         re_field_col.appendChild(re_field);
+                     }
+                   
+                 } 
+
+               }
+           }
+
+        }
+
+    }
+
+    var last_row = AddRowToTable(table);
+
+    if(last_row)
+    {
+        var button_field = AddColumnToRow(last_row);
+
+        if(button_field)
+        {
+           var button = AddInputField("button","Submit","Submit","Submit");
+            button.onclick = FormSubmit;
+            button_field.appendChild(button);
+
+        }
+
+    } 
+}
+
+function UiLoad()
+{
+
+
+   var thisParent = window.opener;
+
+
+   if(!thisParent)
+   {
+        alert("Auth dialog has no parent!");
+        return;
+   }
+
+   var keyID =  this.name;
+
+   var ui = thisParent.getUIForKey(keyID); 
+
+   var type = thisParent.getTypeForKey(keyID);
+
+   //alert("UiLoad " + ui);
+
+   if(ui)
+   {
+       ConstructUI(type,keyID,ui);
+   }
+}
+
+</script>
+</head>
+<body onload = "UiLoad()"> 
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/demo/util.js b/base/tps/apache/docroot/esc/demo/util.js
new file mode 100755
index 000000000..d5707e0f4
--- /dev/null
+++ b/base/tps/apache/docroot/esc/demo/util.js
@@ -0,0 +1,1503 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Copyright (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+//
+// initialize netkey globals
+var netkey;
+
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+var gWindow = null;
+
+const ErrorText = "For additional assistance contact Veracify Investments Technical Support at 1-555-555-VERACI";
+
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          MyAlert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+  }
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+    }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "userKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+      
+    "Operation Completed Successfully.",
+    "Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Problem communicating with the smartcard.",
+    "Problem resetting smartcard's pin.",
+    "Internal Smartcard Server error.",
+    "Internal Smartcard Server error.",
+    "Smartcard enrollment error.",
+    "Can not communicate with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the Certificattion Authority.",
+    "Internal Smartcard Server error.",
+    "Error resetting the smartcard's password.",
+    "Internal Smartcard Server error.",
+    "Smartcard Server authentication failure.",
+    "Internal Smartcard Server error.",
+    "Your Smartcard is listed as disabled.",
+    "Problem communicating with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Cannot upgrade smartcard software.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Invalid smartcard type.",
+    "Invalid smartcard type.",
+    "Cannot publish smartcard information.",
+    "Cannot communicate with smartcard database.",
+    "Smartcard is disabled.",
+    "Cannot reset password value for the smartcard.",
+    "Connection to Smartcard Server lost.",
+    "Cannot create entry for smartcard in smartcard database.",
+    "Smartcard found to be in an inconsistent state.",
+    "Invalid reason for lost smartcard submitted.",
+    "Smartcard found to be unusable due to compromise.",
+    "No such inactive smartcard found.",
+    "Cannot process more than one active smartcard.",
+    "Internal Smartcard Server error.",
+    "Smartcard key recovery has been processed.",
+    "Smartcard key recovery failed.",
+    "Cannot process this smartcard, which has been reported lost.",
+    "Smartcard key archival error.",
+    "Problem connecting to the Smartcard TKS Server.",
+    "Failed to update smartcard database.",
+    "Internal certificate revocation error discovered.",
+    "User does not own this smartcard.", 
+    "Smart Card Manager has been misconfigured.",
+    "Smart Card Manager can not talk to smart card reader.",
+    "Smart Card Manager can not establish a session with  the smart card.",
+    "Smart Card Manager can not talk to Smart Card Server.",
+    "Smart Card Manager can not talk to smart card reader."
+ );    
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              MyAlert("Error Setting data values: " + e);
+          }
+
+      }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  MyAlert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetCOOLKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetCOOLKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollCoolKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelCoolKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function MyAlert(message)
+{
+    if(message)
+        DoMyAlert(message,"Veracify Investments");
+
+} 
+function DoMyAlert(message,title)
+{
+
+   if(!message || !title)
+       return;
+
+   try {
+
+       netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+       var prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].getService(Components.interfaces.nsIPromptService);
+
+
+       prompts.alert(window,title,message);
+
+   } catch(e) {
+
+
+       alert("Problem with nsIPromptService " + e);
+   }
+
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+    table.deleteRow(row.rowIndex);
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+    cell = row.cells[index];
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+    node = parent.childNodes[index];
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+    row = table.insertRow(table.rows.length);
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+    cell = row.insertCell(row.cells.length);
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+//  cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+ // cell = GetCell(row,3);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  gWindow = window;
+ if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+
+    document.getElementById("enrollbtn").disabled = false;
+  }
+  else
+  {
+    document.getElementById("enrollbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+    row = FindRow(event.parentNode);
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+ 
+     row.onclick = DoSelectRow;
+
+  // Create the key ID cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  //cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode("Enrollment Progress"));
+
+  // Create the status bar cell
+
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+//  progressMeter.style.visibility = "hidden";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+//  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  //row.style.display ="none";
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ESC native code.
+//
+// ESC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    MyAlert("You must provide a valid Veracify Account Name!");
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    MyAlert("You must provide a valid Veracify Key Password!");
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    MyAlert("The Veracify Key Password values you entered do not match!");
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       MyAlert("You must provide a valid Veracify Account Number !");
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollCOOLKey()
+{
+
+  if (!gCurrentSelectedRow)
+  {
+    MyAlert("Please select a key.");
+    return;
+  }
+
+
+ if(!Validate())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname =  GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd =  GetScreenNamePwd();
+
+    tokencode = GetTokenCode();
+
+    //SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  var doShow = true;
+
+  ShowProgressBar(keyType,keyID,doShow );
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+    var doShow = false;
+    ShowProgressBar(aKeyType,aKeyID,doShow );
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate())
+     return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = null;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+
+  if(!Validate())
+     return;
+
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+function DoCancelOperation()
+{
+
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    MyAlert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  MyAlert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  MyAlert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+  SetStatusMessage("");
+  MyAlert("Enrollment of smartcard complete!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+
+  window.setTimeout("loadSuccessPage()",4);
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Password Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Error Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key  failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key  failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key  failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key  canceled.";
+
+  typeStr += " \n " + ErrorText;
+  MyAlert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname = GetScreenNameValue();
+    if (! screenname)
+      return 0;
+
+    screennamepwd = GetScreenNamePwd();
+
+    if(! screennamepwd)
+        return 0;
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+function loadSuccessPage()
+{
+    window.location="/esc/demo/EnrollSuccess.html";
+}
+
+function ShowProgressBar(aKeyType,aKeyID, doShow)
+{
+   if(!gCurrentSelectedRow)
+      return;
+
+   if(doShow)
+       gCurrentSelectedRow.style.display="table-row";
+   else
+   {
+       gCurrentSelectedRow.style.display="none";
+   }
+}
diff --git a/base/tps/apache/docroot/esc/home/EnrollSuccess.html b/base/tps/apache/docroot/esc/home/EnrollSuccess.html
new file mode 100644
index 000000000..fbe8d241f
--- /dev/null
+++ b/base/tps/apache/docroot/esc/home/EnrollSuccess.html
@@ -0,0 +1,46 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<link rel=stylesheet href="/home/style.css" type="text/css"> 
+<title>Success!</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+</head>
+
+<body  leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
+<table width="100%" border="0" cellspacing="0" cellpadding="0" class="logobar">
+  <tr> 
+    <td bgcolor="#000000">&nbsp;&nbsp;&nbsp;<img src="/pki/esc/home/logo.jpg" width="250" height="50"></td>
+  </tr>
+</table>
+
+<p class="bodyText" >
+Congratulations! You have successfully Enrolled your Smartcard! Now that you have enrolled, you will be able to use your smartcard to allow you and only you to log onto the available Smartcard-protected services.
+
+</p>
+<p class="bodyText">
+
+Begin your journey into the world of safe and secure account access by logging on to the available Smartcard-protected services.
+
+</p>
+
+</body>
+
+</html>
+
diff --git a/base/tps/apache/docroot/esc/home/GenericAuth.html b/base/tps/apache/docroot/esc/home/GenericAuth.html
new file mode 100755
index 000000000..219f9a6ad
--- /dev/null
+++ b/base/tps/apache/docroot/esc/home/GenericAuth.html
@@ -0,0 +1,538 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+<head>
+<style>
+
+body {
+background: #ffffff url(/pki/esc/images/bg.jpg) repeat-x;
+        font-family: arial;
+        font-size: 7pt;
+
+}
+
+h1
+{
+   text-align: left;
+
+   font-weight: bold;
+
+   font-size: 13pt;
+
+
+}
+
+
+h2 {
+
+    text-align: left;
+    font-size: 10pt; 
+
+    font-weight: lighter;
+}
+
+</style>
+<script language = "Javascript">
+
+var test_ui = "id=USER_ID&name=User ID&desc=User ID&type=string&option=option1,option2,option3&&id=USER_PWD&name=User Password&desc=User Password&type=password&option=&&id=USER_PIN&name=PIN&desc=One time PIN received via mail&type=password&option=";
+
+var theForm = null;
+var curKeyID = null;
+var curKeyType = 0; 
+
+
+var gTitle = null;
+var gDescription = null;
+
+
+
+function ConfirmPassword(password_element)
+{
+
+  if(!password_element)
+      return 0;
+
+  password_id = password_element.id;
+
+  if(!password_id)
+     return 0;
+
+  confirm_id = "RE_" + password_element.id;
+
+  var size = theForm.length;
+
+  if(theForm)
+  {
+      for(i = 0; i < size ; i++)
+      {
+         var cur_element = theForm.elements[i];
+  
+         if(cur_element.id == confirm_id)
+         {
+             if(cur_element.value != password_element.value)
+             {
+                 alert("Value " + password_element.name + " must match " + cur_element.name);
+                 return 0;
+
+             }
+             else
+             {
+                 return 1;
+             } 
+
+         } 
+
+      }
+
+  }
+
+  return 1;
+}
+
+function Validate()
+{
+    if(theForm)
+    {
+         var size = theForm.length;
+ 
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             if(element.type == "text" )
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0; 
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0;
+                 }
+
+                 if(!ConfirmPassword(element))
+                 {
+                     return 0;
+                 }
+
+             } 
+         } 
+   
+    }
+
+    return 1;
+}
+
+function FormSubmit()
+{
+    var result = Validate();
+
+    var thisParent = window.opener;
+
+    if(!parent)
+    {
+        alert("No parent window.");
+        window.close(); 
+        return; 
+    }
+  
+    if(!result)
+    {
+        return;
+    }
+
+    if(theForm)
+    {
+         var size = theForm.length;
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             var value = element.value;
+
+             if(element.type == "text" )
+             {
+                 var id = element.id;
+                 value = element.value;
+
+                 if(thisParent)
+                 {
+                     //alert("about to set data value key " + curKeyID + " id " + id + " value " + value);
+                     thisParent.COOLKeySetDataValue(curKeyType,curKeyID,id,value);
+
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 var p_id = new String(element.id);
+
+                 if(p_id.indexOf("RE_") == -1)
+                 {                   
+                     if(thisParent)
+                     {
+                         thisParent.COOLKeySetDataValue(curKeyType,curKeyID,p_id,value); 
+                     }
+                 }
+             }
+         }
+
+     }
+   
+     window.close(); 
+}
+
+function GetUIObjectList(uiData)
+{
+    var  str = new String(uiData);
+    var splits = str.split("&&");
+
+//    alert("Get " + splits + " len " + splits.length);
+
+    var params = new Array();
+    var size = splits.length;
+
+    for(i = 0 ; i <  size ; i++)
+    {
+       params[i] = splits[i].split("&");
+    }
+
+    size = params.length;
+    var name_value_objects = new Array();
+
+    for(i = 0 ; i < size; i++)
+    {
+         var name_values = new Array();
+
+         pISize = params[i].length;
+         for(j = 0 ;  j < pISize ; j ++)
+         {
+             var pair = params[i][j].split("=");
+
+             //alert(" pair " + pair[0] + " pair1 " + pair[1]);
+
+             if(pair[0] == "option")
+             {
+                 var options = pair[1].split(",");
+             }
+
+             name_values[pair[0]] = pair[1];
+         }
+
+         name_value_objects[i] = name_values;
+    }
+
+    return name_value_objects;
+
+}
+
+function AddBRToNode(theNode)
+{
+
+   if(!theNode)
+       return;
+
+   var br = document.createElement("br");
+
+   theNode.appendChild(br);
+
+}
+
+function AddTextToNode(theNode,theText)
+{
+
+    if(!theNode || !theText)
+        return;
+
+
+    var text = document.createTextNode(theText);
+
+    theNode.appendChild(text);
+      
+
+
+
+}
+function AddTextToDocument(theText)
+{
+    if(!theText)
+         return;
+
+     var p = document.createElement("p");
+
+     if(p)
+     {
+         p.appendChild(document.createTextNode(theText));
+     } 
+
+     document.body.appendChild(p);
+}
+
+function CreateForm()
+{
+    var form = document.createElement("form");
+    document.body.appendChild(form);
+    return form;
+}
+
+function CreateTable()
+{
+  var table = document.createElement("table");
+  document.body.appendChild(table);
+  tbody = document.createElement("tbody");
+  table.appendChild(tbody);
+
+  return table;
+}
+
+function AddRowToTable(table)
+{
+    if(!table)
+        return null;
+
+    var tr = document.createElement("tr");
+    (table.tBodies[0]).appendChild(tr);
+
+    return tr; 
+}
+
+function AddColumnToRow(row)
+{
+  if(!row)
+     return null;
+
+  var td = document.createElement("td");
+  row.appendChild(td);
+
+  return td;
+}
+
+function AddTextToColumn(column,text)
+{
+   if(!column || !text)
+       return;
+
+   var text_node = document.createTextNode(text);
+   column.appendChild(text_node);
+
+   return text_node;
+}
+
+function AddInputField(type,id, name,value)
+{
+    var    field = document.createElement("input");
+   
+    if(!field)
+        return null;
+  
+    field.type =  type;   
+    field.id =id;
+    field.name =name;
+    field.value =value;
+
+    return field;
+}
+
+function ConstructUI(aKeyType,aKeyID,uiData)
+{
+
+    //alert("Construct UI data " + uiData);
+    var name_value_objects = GetUIObjectList(uiData);
+    var len = name_value_objects.length;
+
+    gTitle = document.createElement("h1");
+
+    gDescription = document.createElement("h2");
+
+
+    document.body.appendChild(gTitle);
+
+
+    document.body.appendChild(gDescription);
+
+
+    form = CreateForm(); 
+    theForm = form;
+    curKeyID = aKeyID;
+    curKeyType = aKeyType;
+
+    table = CreateTable();
+
+    form.appendChild(table);
+
+    for(i = 0 ; i < len ; i ++)
+    {
+        curParameter = name_value_objects[i];
+
+        if(curParameter)
+        {
+
+            title = curParameter["title"];
+
+
+            if(title)
+            {
+                //alert("title " + title);
+
+                AddTextToNode(gTitle,title);
+ 
+
+            }
+
+            description = curParameter["description"];
+
+            if(description)
+            {
+               AddBRToNode(document.body);
+               AddBRToNode(document.body);
+
+               AddTextToNode(gDescription,description);
+
+               AddBRToNode(document.body);
+
+            }
+
+            id   = curParameter["id"];
+            name = curParameter["name"];
+            type = curParameter["type"];
+            desc = curParameter["desc"]; 
+
+            //alert(" id " + id + " name " + name + " type " + type + " desc " + desc); 
+
+            if(id)
+            {
+               if(table)
+               {
+                   row = AddRowToTable(table);
+               }
+
+               if(row)
+               {
+                   column = AddColumnToRow(row);
+               }
+
+               if(column)
+               {
+                    AddTextToColumn(column,name);
+               }
+
+               if(type == "string" || type == "integer")
+               {
+                   field = AddInputField("text",id,name,"");
+               }
+
+               re_field = null;
+ 
+               if(type == "password")
+               {
+                   field = AddInputField("password",id,name,"");
+               }
+
+               if(type == "hidden")
+               {
+                   field = AddInputField("hidden",id,name,"");
+               } 
+
+               if(field)
+               {
+                   field_col = AddColumnToRow(row);                
+                   if(field_col)
+                   {
+                       field_col.appendChild(field);
+                   }
+               }
+
+               if(re_field)
+               {
+                 re_text = AddColumnToRow(row);
+
+                 if(re_text)
+                 {
+                     AddTextToColumn(re_text,"Confirm " + name);
+                     re_field_col = AddColumnToRow(row);
+                     if(re_field_col)
+                     {
+                         re_field_col.appendChild(re_field);
+                     }
+                   
+                 } 
+
+               }
+           }
+
+        }
+
+    }
+
+    var last_row = AddRowToTable(table);
+
+    if(last_row)
+    {
+        var button_field = AddColumnToRow(last_row);
+
+        if(button_field)
+        {
+           var button = AddInputField("button","Submit","Submit","Submit");
+            button.onclick = FormSubmit;
+            button_field.appendChild(button);
+
+        }
+
+    } 
+}
+
+function UiLoad()
+{
+
+
+   var thisParent = window.opener;
+
+
+   if(!thisParent)
+   {
+        alert("Auth dialog has no parent!");
+        return;
+   }
+
+   var keyID =  this.name;
+
+   var ui = thisParent.getUIForKey(keyID); 
+
+   var type = thisParent.getTypeForKey(keyID);
+
+   //alert("UiLoad " + ui);
+
+   if(ui)
+   {
+       ConstructUI(type,keyID,ui);
+   }
+}
+
+</script>
+</head>
+<body onload = "UiLoad()"> 
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/home/util.js b/base/tps/apache/docroot/esc/home/util.js
new file mode 100755
index 000000000..6e03a94af
--- /dev/null
+++ b/base/tps/apache/docroot/esc/home/util.js
@@ -0,0 +1,1502 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Copyright (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+//
+// initialize netkey globals
+var netkey;
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+var gWindow = null;
+
+const ErrorText = "For additional assistance contact your Technical Support";
+
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          MyAlert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+  }
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+    }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "userKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+      
+    "Operation Completed Successfully.",
+    "Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Problem communicating with the smartcard.",
+    "Problem resetting smartcard's pin.",
+    "Internal Smartcard Server error.",
+    "Internal Smartcard Server error.",
+    "Smartcard enrollment error.",
+    "Can not communicate with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the Certificattion Authority.",
+    "Internal Smartcard Server error.",
+    "Error resetting the smartcard's password.",
+    "Internal Smartcard Server error.",
+    "Smartcard Server authentication failure.",
+    "Internal Smartcard Server error.",
+    "Your Smartcard is listed as disabled.",
+    "Problem communicating with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Cannot upgrade smartcard software.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Invalid smartcard type.",
+    "Invalid smartcard type.",
+    "Cannot publish smartcard information.",
+    "Cannot communicate with smartcard database.",
+    "Smartcard is disabled.",
+    "Cannot reset password value for the smartcard.",
+    "Connection to Smartcard Server lost.",
+    "Cannot create entry for smartcard in smartcard database.",
+    "Smartcard found to be in an inconsistent state.",
+    "Invalid reason for lost smartcard submitted.",
+    "Smartcard found to be unusable due to compromise.",
+    "No such inactive smartcard found.",
+    "Cannot process more than one active smartcard.",
+    "Internal Smartcard Server error.",
+    "Smartcard key recovery has been processed.",
+    "Smartcard key recovery failed.",
+    "Cannot process this smartcard, which has been reported lost.",
+    "Smartcard key archival error.",
+    "Problem connecting to the Smartcard TKS Server.",
+    "Failed to update smartcard database.",
+    "Internal certificate revocation error discovered.",
+    "User does not own this smartcard.", 
+    "Smart Card Manager has been misconfigured.",
+    "Smart Card Manager can not talk to smart card reader.",
+    "Smart Card Manager can not establish a session with  the smart card.",
+    "Smart Card Manager can not talk to Smart Card Server.",
+    "Smart Card Manager can not talk to smart card reader."
+ );    
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              MyAlert("Error Setting data values: " + e);
+          }
+
+      }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  MyAlert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetCOOLKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetCOOLKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollCoolKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelCoolKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function MyAlert(message)
+{
+    if(message)
+        DoMyAlert(message,"Smart Card Manager");
+
+} 
+function DoMyAlert(message,title)
+{
+
+   if(!message || !title)
+       return;
+
+   try {
+
+       netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+       var prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].getService(Components.interfaces.nsIPromptService);
+
+
+       prompts.alert(window,title,message);
+
+   } catch(e) {
+
+
+       alert("Problem with nsIPromptService " + e);
+   }
+
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+    table.deleteRow(row.rowIndex);
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+    cell = row.cells[index];
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+    node = parent.childNodes[index];
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+    row = table.insertRow(table.rows.length);
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+    cell = row.insertCell(row.cells.length);
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+//  cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+ // cell = GetCell(row,3);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  gWindow = window;
+ if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+
+    document.getElementById("enrollbtn").disabled = false;
+  }
+  else
+  {
+    document.getElementById("enrollbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+    row = FindRow(event.parentNode);
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+ 
+     row.onclick = DoSelectRow;
+
+  // Create the key ID cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  //cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode("Enrollment Progress"));
+
+  // Create the status bar cell
+
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+//  progressMeter.style.visibility = "hidden";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+//  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  //row.style.display ="none";
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ESC native code.
+//
+// ESC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    MyAlert("You must provide a valid LDAP User ID!");
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    MyAlert("You must provide a valid Key Password!");
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    MyAlert("The Key Password values you entered do not match!");
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       MyAlert("You must provide a valid LDAP User ID !");
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollCOOLKey()
+{
+
+  if (!gCurrentSelectedRow)
+  {
+    MyAlert("Please select a key.");
+    return;
+  }
+
+
+ if(!Validate())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname =  GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd =  GetScreenNamePwd();
+
+    tokencode = GetTokenCode();
+
+    //SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  var doShow = true;
+
+  ShowProgressBar(keyType,keyID,doShow );
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+    var doShow = false;
+    ShowProgressBar(aKeyType,aKeyID,doShow );
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate())
+     return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = null;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+
+  if(!Validate())
+     return;
+
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+function DoCancelOperation()
+{
+
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    MyAlert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  MyAlert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  MyAlert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+  SetStatusMessage("");
+  MyAlert("Enrollment of smartcard complete!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+
+  window.setTimeout("loadSuccessPage()",4);
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Password Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Error Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key  failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key  failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key  failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key  canceled.";
+
+  typeStr += " \n " + ErrorText;
+  MyAlert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname = GetScreenNameValue();
+    if (! screenname)
+      return 0;
+
+    screennamepwd = GetScreenNamePwd();
+
+    if(! screennamepwd)
+        return 0;
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+function loadSuccessPage()
+{
+    window.location="/esc/home/EnrollSuccess.html";
+}
+
+function ShowProgressBar(aKeyType,aKeyID, doShow)
+{
+   if(!gCurrentSelectedRow)
+      return;
+
+   if(doShow)
+       gCurrentSelectedRow.style.display="table-row";
+   else
+   {
+       gCurrentSelectedRow.style.display="none";
+   }
+}
diff --git a/base/tps/apache/docroot/esc/so/EnrollSuccess.html b/base/tps/apache/docroot/esc/so/EnrollSuccess.html
new file mode 100644
index 000000000..9ed0cebee
--- /dev/null
+++ b/base/tps/apache/docroot/esc/so/EnrollSuccess.html
@@ -0,0 +1,46 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<link rel=stylesheet href="/esc/so/style.css" type="text/css"> 
+<title>Success!</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+</head>
+
+<body  leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
+<div id="header">
+  <div id="logo">
+      <center><h3><!--<img align=bottom src="/pki/esc/sow/images/logo.gif">-->Security Officer Station</h3></center>
+  </div>
+</div>
+
+<div id="content">
+  <div id="maintext">
+     <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+     </div>
+<blockquote><strong>Congratulations!</strong> You have successfully Enrolled your Security Officer Smartcard! Now that you have enrolled, you will be able to access the Security Officer Workstation.</blockquote>
+<br/>
+
+</div>
+</div>
+</body>
+
+</html>
+
diff --git a/base/tps/apache/docroot/esc/so/GenericAuth.html b/base/tps/apache/docroot/esc/so/GenericAuth.html
new file mode 100755
index 000000000..219f9a6ad
--- /dev/null
+++ b/base/tps/apache/docroot/esc/so/GenericAuth.html
@@ -0,0 +1,538 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+<head>
+<style>
+
+body {
+background: #ffffff url(/pki/esc/images/bg.jpg) repeat-x;
+        font-family: arial;
+        font-size: 7pt;
+
+}
+
+h1
+{
+   text-align: left;
+
+   font-weight: bold;
+
+   font-size: 13pt;
+
+
+}
+
+
+h2 {
+
+    text-align: left;
+    font-size: 10pt; 
+
+    font-weight: lighter;
+}
+
+</style>
+<script language = "Javascript">
+
+var test_ui = "id=USER_ID&name=User ID&desc=User ID&type=string&option=option1,option2,option3&&id=USER_PWD&name=User Password&desc=User Password&type=password&option=&&id=USER_PIN&name=PIN&desc=One time PIN received via mail&type=password&option=";
+
+var theForm = null;
+var curKeyID = null;
+var curKeyType = 0; 
+
+
+var gTitle = null;
+var gDescription = null;
+
+
+
+function ConfirmPassword(password_element)
+{
+
+  if(!password_element)
+      return 0;
+
+  password_id = password_element.id;
+
+  if(!password_id)
+     return 0;
+
+  confirm_id = "RE_" + password_element.id;
+
+  var size = theForm.length;
+
+  if(theForm)
+  {
+      for(i = 0; i < size ; i++)
+      {
+         var cur_element = theForm.elements[i];
+  
+         if(cur_element.id == confirm_id)
+         {
+             if(cur_element.value != password_element.value)
+             {
+                 alert("Value " + password_element.name + " must match " + cur_element.name);
+                 return 0;
+
+             }
+             else
+             {
+                 return 1;
+             } 
+
+         } 
+
+      }
+
+  }
+
+  return 1;
+}
+
+function Validate()
+{
+    if(theForm)
+    {
+         var size = theForm.length;
+ 
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             if(element.type == "text" )
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0; 
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0;
+                 }
+
+                 if(!ConfirmPassword(element))
+                 {
+                     return 0;
+                 }
+
+             } 
+         } 
+   
+    }
+
+    return 1;
+}
+
+function FormSubmit()
+{
+    var result = Validate();
+
+    var thisParent = window.opener;
+
+    if(!parent)
+    {
+        alert("No parent window.");
+        window.close(); 
+        return; 
+    }
+  
+    if(!result)
+    {
+        return;
+    }
+
+    if(theForm)
+    {
+         var size = theForm.length;
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             var value = element.value;
+
+             if(element.type == "text" )
+             {
+                 var id = element.id;
+                 value = element.value;
+
+                 if(thisParent)
+                 {
+                     //alert("about to set data value key " + curKeyID + " id " + id + " value " + value);
+                     thisParent.COOLKeySetDataValue(curKeyType,curKeyID,id,value);
+
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 var p_id = new String(element.id);
+
+                 if(p_id.indexOf("RE_") == -1)
+                 {                   
+                     if(thisParent)
+                     {
+                         thisParent.COOLKeySetDataValue(curKeyType,curKeyID,p_id,value); 
+                     }
+                 }
+             }
+         }
+
+     }
+   
+     window.close(); 
+}
+
+function GetUIObjectList(uiData)
+{
+    var  str = new String(uiData);
+    var splits = str.split("&&");
+
+//    alert("Get " + splits + " len " + splits.length);
+
+    var params = new Array();
+    var size = splits.length;
+
+    for(i = 0 ; i <  size ; i++)
+    {
+       params[i] = splits[i].split("&");
+    }
+
+    size = params.length;
+    var name_value_objects = new Array();
+
+    for(i = 0 ; i < size; i++)
+    {
+         var name_values = new Array();
+
+         pISize = params[i].length;
+         for(j = 0 ;  j < pISize ; j ++)
+         {
+             var pair = params[i][j].split("=");
+
+             //alert(" pair " + pair[0] + " pair1 " + pair[1]);
+
+             if(pair[0] == "option")
+             {
+                 var options = pair[1].split(",");
+             }
+
+             name_values[pair[0]] = pair[1];
+         }
+
+         name_value_objects[i] = name_values;
+    }
+
+    return name_value_objects;
+
+}
+
+function AddBRToNode(theNode)
+{
+
+   if(!theNode)
+       return;
+
+   var br = document.createElement("br");
+
+   theNode.appendChild(br);
+
+}
+
+function AddTextToNode(theNode,theText)
+{
+
+    if(!theNode || !theText)
+        return;
+
+
+    var text = document.createTextNode(theText);
+
+    theNode.appendChild(text);
+      
+
+
+
+}
+function AddTextToDocument(theText)
+{
+    if(!theText)
+         return;
+
+     var p = document.createElement("p");
+
+     if(p)
+     {
+         p.appendChild(document.createTextNode(theText));
+     } 
+
+     document.body.appendChild(p);
+}
+
+function CreateForm()
+{
+    var form = document.createElement("form");
+    document.body.appendChild(form);
+    return form;
+}
+
+function CreateTable()
+{
+  var table = document.createElement("table");
+  document.body.appendChild(table);
+  tbody = document.createElement("tbody");
+  table.appendChild(tbody);
+
+  return table;
+}
+
+function AddRowToTable(table)
+{
+    if(!table)
+        return null;
+
+    var tr = document.createElement("tr");
+    (table.tBodies[0]).appendChild(tr);
+
+    return tr; 
+}
+
+function AddColumnToRow(row)
+{
+  if(!row)
+     return null;
+
+  var td = document.createElement("td");
+  row.appendChild(td);
+
+  return td;
+}
+
+function AddTextToColumn(column,text)
+{
+   if(!column || !text)
+       return;
+
+   var text_node = document.createTextNode(text);
+   column.appendChild(text_node);
+
+   return text_node;
+}
+
+function AddInputField(type,id, name,value)
+{
+    var    field = document.createElement("input");
+   
+    if(!field)
+        return null;
+  
+    field.type =  type;   
+    field.id =id;
+    field.name =name;
+    field.value =value;
+
+    return field;
+}
+
+function ConstructUI(aKeyType,aKeyID,uiData)
+{
+
+    //alert("Construct UI data " + uiData);
+    var name_value_objects = GetUIObjectList(uiData);
+    var len = name_value_objects.length;
+
+    gTitle = document.createElement("h1");
+
+    gDescription = document.createElement("h2");
+
+
+    document.body.appendChild(gTitle);
+
+
+    document.body.appendChild(gDescription);
+
+
+    form = CreateForm(); 
+    theForm = form;
+    curKeyID = aKeyID;
+    curKeyType = aKeyType;
+
+    table = CreateTable();
+
+    form.appendChild(table);
+
+    for(i = 0 ; i < len ; i ++)
+    {
+        curParameter = name_value_objects[i];
+
+        if(curParameter)
+        {
+
+            title = curParameter["title"];
+
+
+            if(title)
+            {
+                //alert("title " + title);
+
+                AddTextToNode(gTitle,title);
+ 
+
+            }
+
+            description = curParameter["description"];
+
+            if(description)
+            {
+               AddBRToNode(document.body);
+               AddBRToNode(document.body);
+
+               AddTextToNode(gDescription,description);
+
+               AddBRToNode(document.body);
+
+            }
+
+            id   = curParameter["id"];
+            name = curParameter["name"];
+            type = curParameter["type"];
+            desc = curParameter["desc"]; 
+
+            //alert(" id " + id + " name " + name + " type " + type + " desc " + desc); 
+
+            if(id)
+            {
+               if(table)
+               {
+                   row = AddRowToTable(table);
+               }
+
+               if(row)
+               {
+                   column = AddColumnToRow(row);
+               }
+
+               if(column)
+               {
+                    AddTextToColumn(column,name);
+               }
+
+               if(type == "string" || type == "integer")
+               {
+                   field = AddInputField("text",id,name,"");
+               }
+
+               re_field = null;
+ 
+               if(type == "password")
+               {
+                   field = AddInputField("password",id,name,"");
+               }
+
+               if(type == "hidden")
+               {
+                   field = AddInputField("hidden",id,name,"");
+               } 
+
+               if(field)
+               {
+                   field_col = AddColumnToRow(row);                
+                   if(field_col)
+                   {
+                       field_col.appendChild(field);
+                   }
+               }
+
+               if(re_field)
+               {
+                 re_text = AddColumnToRow(row);
+
+                 if(re_text)
+                 {
+                     AddTextToColumn(re_text,"Confirm " + name);
+                     re_field_col = AddColumnToRow(row);
+                     if(re_field_col)
+                     {
+                         re_field_col.appendChild(re_field);
+                     }
+                   
+                 } 
+
+               }
+           }
+
+        }
+
+    }
+
+    var last_row = AddRowToTable(table);
+
+    if(last_row)
+    {
+        var button_field = AddColumnToRow(last_row);
+
+        if(button_field)
+        {
+           var button = AddInputField("button","Submit","Submit","Submit");
+            button.onclick = FormSubmit;
+            button_field.appendChild(button);
+
+        }
+
+    } 
+}
+
+function UiLoad()
+{
+
+
+   var thisParent = window.opener;
+
+
+   if(!thisParent)
+   {
+        alert("Auth dialog has no parent!");
+        return;
+   }
+
+   var keyID =  this.name;
+
+   var ui = thisParent.getUIForKey(keyID); 
+
+   var type = thisParent.getTypeForKey(keyID);
+
+   //alert("UiLoad " + ui);
+
+   if(ui)
+   {
+       ConstructUI(type,keyID,ui);
+   }
+}
+
+</script>
+</head>
+<body onload = "UiLoad()"> 
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/so/util.js b/base/tps/apache/docroot/esc/so/util.js
new file mode 100755
index 000000000..ccd81ee84
--- /dev/null
+++ b/base/tps/apache/docroot/esc/so/util.js
@@ -0,0 +1,1513 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Copyright (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+//
+// initialize netkey globals
+var netkey;
+
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+var gWindow = null;
+
+const ErrorText = "For additional assistance contact your Technical Support";
+
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          MyAlert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+  }
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+    }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "soKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+      
+    "Operation Completed Successfully.",
+    "Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Problem communicating with the smartcard.",
+    "Problem resetting smartcard's pin.",
+    "Internal Smartcard Server error.",
+    "Internal Smartcard Server error.",
+    "Smartcard enrollment error.",
+    "Can not communicate with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the Certificattion Authority.",
+    "Internal Smartcard Server error.",
+    "Error resetting the smartcard's password.",
+    "Internal Smartcard Server error.",
+    "Smartcard Server authentication failure.",
+    "Internal Smartcard Server error.",
+    "Your Smartcard is listed as disabled.",
+    "Problem communicating with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Cannot upgrade smartcard software.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Invalid smartcard type.",
+    "Invalid smartcard type.",
+    "Cannot publish smartcard information.",
+    "Cannot communicate with smartcard database.",
+    "Smartcard is disabled.",
+    "Cannot reset password value for the smartcard.",
+    "Connection to Smartcard Server lost.",
+    "Cannot create entry for smartcard in smartcard database.",
+    "Smartcard found to be in an inconsistent state.",
+    "Invalid reason for lost smartcard submitted.",
+    "Smartcard found to be unusable due to compromise.",
+    "No such inactive smartcard found.",
+    "Cannot process more than one active smartcard.",
+    "Internal Smartcard Server error.",
+    "Smartcard key recovery has been processed.",
+    "Smartcard key recovery failed.",
+    "Cannot process this smartcard, which has been reported lost.",
+    "Smartcard key archival error.",
+    "Problem connecting to the Smartcard TKS Server.",
+    "Failed to update smartcard database.",
+    "Internal certificate revocation error discovered.",
+    "User does not own this smartcard.", 
+    "Smart Card Manager has been misconfigured.",
+    "Smart Card Manager can not talk to smart card reader.",
+    "Smart Card Manager can not establish a session with  the smart card.",
+    "Smart Card Manager can not talk to Smart Card Server.",
+    "Smart Card Manager can not talk to smart card reader."
+ );    
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              MyAlert("Error Setting data values: " + e);
+          }
+
+      }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  MyAlert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetCOOLKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetCOOLKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollCoolKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelCoolKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function MyAlert(message)
+{
+    if(message)
+        DoMyAlert(message,"Smart Card Manager");
+
+} 
+function DoMyAlert(message,title)
+{
+
+   if(!message || !title)
+       return;
+
+   try {
+
+       netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+       var prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].getService(Components.interfaces.nsIPromptService);
+
+
+       prompts.alert(window,title,message);
+
+   } catch(e) {
+
+
+       alert("Problem with nsIPromptService " + e);
+   }
+
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+    table.deleteRow(row.rowIndex);
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+    cell = row.cells[index];
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+    node = parent.childNodes[index];
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+    row = table.insertRow(table.rows.length);
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+    cell = row.insertCell(row.cells.length);
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+//  cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+ // cell = GetCell(row,3);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  gWindow = window;
+ if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+  if (UserOnDoneInitializeBindingTable) {
+    UserOnDoneInitializeBindingTable();
+  }
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+
+    document.getElementById("enrollbtn").disabled = false;
+  }
+  else
+  {
+    document.getElementById("enrollbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+    row = FindRow(event.parentNode);
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+ 
+     row.onclick = DoSelectRow;
+
+  // Create the key ID cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  //cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode("Enrollment Progress"));
+
+  // Create the status bar cell
+
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+//  progressMeter.style.visibility = "hidden";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+//  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  //row.style.display ="none";
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ESC native code.
+//
+// ESC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    MyAlert("You must provide a valid LDAP User ID!");
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    MyAlert("You must provide a valid Key Password!");
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    MyAlert("The Key Password values you entered do not match!");
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       MyAlert("You must provide a valid LDAP User ID !");
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollCOOLKey()
+{
+
+  if (!gCurrentSelectedRow)
+  {
+    MyAlert("Please select a key.");
+    return;
+  }
+
+
+ if(!Validate())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "soKey")
+  {
+    screenname =  GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd =  GetScreenNamePwd();
+
+    tokencode = GetTokenCode();
+
+    //SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  var doShow = true;
+
+  ShowProgressBar(keyType,keyID,doShow );
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+    var doShow = false;
+    ShowProgressBar(aKeyType,aKeyID,doShow );
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate())
+     return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = null;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+
+  if(!Validate())
+     return;
+
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+function DoCancelOperation()
+{
+
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    MyAlert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  MyAlert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  MyAlert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+  SetStatusMessage("");
+  MyAlert("Enrollment of smartcard complete!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+
+  window.setTimeout("loadSuccessPage()",4);
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Password Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Error Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key  failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key  failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key  failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key  canceled.";
+
+  typeStr += " \n " + ErrorText;
+  MyAlert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+
+  if (UserOnCOOLKeyStateError) {
+    UserOnCOOLKeyStateError(); // call user-level
+  }
+
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "soKey")
+  {
+    screenname = GetScreenNameValue();
+    if (! screenname)
+      return 0;
+
+    screennamepwd = GetScreenNamePwd();
+
+    if(! screennamepwd)
+        return 0;
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      if(UserOnCOOLKeyStatusUpdate)
+          UserOnCOOLKeyStatusUpdate(data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+function loadSuccessPage()
+{
+    window.location="/esc/so/EnrollSuccess.html";
+}
+
+function ShowProgressBar(aKeyType,aKeyID, doShow)
+{
+   if(!gCurrentSelectedRow)
+      return;
+
+   if(doShow)
+       gCurrentSelectedRow.style.display="table-row";
+   else
+   {
+       gCurrentSelectedRow.style.display="none";
+   }
+}
diff --git a/base/tps/apache/docroot/esc/sow/EnrollSuccess.html b/base/tps/apache/docroot/esc/sow/EnrollSuccess.html
new file mode 100644
index 000000000..478819213
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/EnrollSuccess.html
@@ -0,0 +1,50 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<link rel=stylesheet href="/esc/sow/style.css" type="text/css"> 
+<title>Success!</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+<link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
+</head>
+
+<body>
+
+
+<div id="header">
+  <div id="logo">
+      <center><h3><!--<img align=bottom src="/pki/esc/sow/images/logo.gif">-->Security Officer Station</h3></center>
+  </div>
+</div>
+
+
+<div id="content">
+  <div id="maintext">
+     <div id="topmenu">
+    | <a href="/cgi-bin/sow/main.cgi">Main</a> |
+     </div>
+<blockquote><strong>Congratulations!</strong> This user has successfully enrolled the Smartcard! Now that this user has enrolled, he/she will be able to use the smartcard to log onto all available Smartcard-protected services.</blockquote>
+<br/>
+
+</div>
+</div>
+
+</body>
+
+</html>
diff --git a/base/tps/apache/docroot/esc/sow/GenericAuth.html b/base/tps/apache/docroot/esc/sow/GenericAuth.html
new file mode 100755
index 000000000..219f9a6ad
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/GenericAuth.html
@@ -0,0 +1,538 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2009 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+<head>
+<style>
+
+body {
+background: #ffffff url(/pki/esc/images/bg.jpg) repeat-x;
+        font-family: arial;
+        font-size: 7pt;
+
+}
+
+h1
+{
+   text-align: left;
+
+   font-weight: bold;
+
+   font-size: 13pt;
+
+
+}
+
+
+h2 {
+
+    text-align: left;
+    font-size: 10pt; 
+
+    font-weight: lighter;
+}
+
+</style>
+<script language = "Javascript">
+
+var test_ui = "id=USER_ID&name=User ID&desc=User ID&type=string&option=option1,option2,option3&&id=USER_PWD&name=User Password&desc=User Password&type=password&option=&&id=USER_PIN&name=PIN&desc=One time PIN received via mail&type=password&option=";
+
+var theForm = null;
+var curKeyID = null;
+var curKeyType = 0; 
+
+
+var gTitle = null;
+var gDescription = null;
+
+
+
+function ConfirmPassword(password_element)
+{
+
+  if(!password_element)
+      return 0;
+
+  password_id = password_element.id;
+
+  if(!password_id)
+     return 0;
+
+  confirm_id = "RE_" + password_element.id;
+
+  var size = theForm.length;
+
+  if(theForm)
+  {
+      for(i = 0; i < size ; i++)
+      {
+         var cur_element = theForm.elements[i];
+  
+         if(cur_element.id == confirm_id)
+         {
+             if(cur_element.value != password_element.value)
+             {
+                 alert("Value " + password_element.name + " must match " + cur_element.name);
+                 return 0;
+
+             }
+             else
+             {
+                 return 1;
+             } 
+
+         } 
+
+      }
+
+  }
+
+  return 1;
+}
+
+function Validate()
+{
+    if(theForm)
+    {
+         var size = theForm.length;
+ 
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             if(element.type == "text" )
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0; 
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 if(element.value == "")
+                 {
+                     alert("Please enter value for " + element.name);
+                     return 0;
+                 }
+
+                 if(!ConfirmPassword(element))
+                 {
+                     return 0;
+                 }
+
+             } 
+         } 
+   
+    }
+
+    return 1;
+}
+
+function FormSubmit()
+{
+    var result = Validate();
+
+    var thisParent = window.opener;
+
+    if(!parent)
+    {
+        alert("No parent window.");
+        window.close(); 
+        return; 
+    }
+  
+    if(!result)
+    {
+        return;
+    }
+
+    if(theForm)
+    {
+         var size = theForm.length;
+         for( i = 0; i < size ; i++)
+         {
+             var element = theForm.elements[i];
+
+             var value = element.value;
+
+             if(element.type == "text" )
+             {
+                 var id = element.id;
+                 value = element.value;
+
+                 if(thisParent)
+                 {
+                     //alert("about to set data value key " + curKeyID + " id " + id + " value " + value);
+                     thisParent.COOLKeySetDataValue(curKeyType,curKeyID,id,value);
+
+                 }
+             }
+
+             if(element.type == "password")
+             {
+                 var p_id = new String(element.id);
+
+                 if(p_id.indexOf("RE_") == -1)
+                 {                   
+                     if(thisParent)
+                     {
+                         thisParent.COOLKeySetDataValue(curKeyType,curKeyID,p_id,value); 
+                     }
+                 }
+             }
+         }
+
+     }
+   
+     window.close(); 
+}
+
+function GetUIObjectList(uiData)
+{
+    var  str = new String(uiData);
+    var splits = str.split("&&");
+
+//    alert("Get " + splits + " len " + splits.length);
+
+    var params = new Array();
+    var size = splits.length;
+
+    for(i = 0 ; i <  size ; i++)
+    {
+       params[i] = splits[i].split("&");
+    }
+
+    size = params.length;
+    var name_value_objects = new Array();
+
+    for(i = 0 ; i < size; i++)
+    {
+         var name_values = new Array();
+
+         pISize = params[i].length;
+         for(j = 0 ;  j < pISize ; j ++)
+         {
+             var pair = params[i][j].split("=");
+
+             //alert(" pair " + pair[0] + " pair1 " + pair[1]);
+
+             if(pair[0] == "option")
+             {
+                 var options = pair[1].split(",");
+             }
+
+             name_values[pair[0]] = pair[1];
+         }
+
+         name_value_objects[i] = name_values;
+    }
+
+    return name_value_objects;
+
+}
+
+function AddBRToNode(theNode)
+{
+
+   if(!theNode)
+       return;
+
+   var br = document.createElement("br");
+
+   theNode.appendChild(br);
+
+}
+
+function AddTextToNode(theNode,theText)
+{
+
+    if(!theNode || !theText)
+        return;
+
+
+    var text = document.createTextNode(theText);
+
+    theNode.appendChild(text);
+      
+
+
+
+}
+function AddTextToDocument(theText)
+{
+    if(!theText)
+         return;
+
+     var p = document.createElement("p");
+
+     if(p)
+     {
+         p.appendChild(document.createTextNode(theText));
+     } 
+
+     document.body.appendChild(p);
+}
+
+function CreateForm()
+{
+    var form = document.createElement("form");
+    document.body.appendChild(form);
+    return form;
+}
+
+function CreateTable()
+{
+  var table = document.createElement("table");
+  document.body.appendChild(table);
+  tbody = document.createElement("tbody");
+  table.appendChild(tbody);
+
+  return table;
+}
+
+function AddRowToTable(table)
+{
+    if(!table)
+        return null;
+
+    var tr = document.createElement("tr");
+    (table.tBodies[0]).appendChild(tr);
+
+    return tr; 
+}
+
+function AddColumnToRow(row)
+{
+  if(!row)
+     return null;
+
+  var td = document.createElement("td");
+  row.appendChild(td);
+
+  return td;
+}
+
+function AddTextToColumn(column,text)
+{
+   if(!column || !text)
+       return;
+
+   var text_node = document.createTextNode(text);
+   column.appendChild(text_node);
+
+   return text_node;
+}
+
+function AddInputField(type,id, name,value)
+{
+    var    field = document.createElement("input");
+   
+    if(!field)
+        return null;
+  
+    field.type =  type;   
+    field.id =id;
+    field.name =name;
+    field.value =value;
+
+    return field;
+}
+
+function ConstructUI(aKeyType,aKeyID,uiData)
+{
+
+    //alert("Construct UI data " + uiData);
+    var name_value_objects = GetUIObjectList(uiData);
+    var len = name_value_objects.length;
+
+    gTitle = document.createElement("h1");
+
+    gDescription = document.createElement("h2");
+
+
+    document.body.appendChild(gTitle);
+
+
+    document.body.appendChild(gDescription);
+
+
+    form = CreateForm(); 
+    theForm = form;
+    curKeyID = aKeyID;
+    curKeyType = aKeyType;
+
+    table = CreateTable();
+
+    form.appendChild(table);
+
+    for(i = 0 ; i < len ; i ++)
+    {
+        curParameter = name_value_objects[i];
+
+        if(curParameter)
+        {
+
+            title = curParameter["title"];
+
+
+            if(title)
+            {
+                //alert("title " + title);
+
+                AddTextToNode(gTitle,title);
+ 
+
+            }
+
+            description = curParameter["description"];
+
+            if(description)
+            {
+               AddBRToNode(document.body);
+               AddBRToNode(document.body);
+
+               AddTextToNode(gDescription,description);
+
+               AddBRToNode(document.body);
+
+            }
+
+            id   = curParameter["id"];
+            name = curParameter["name"];
+            type = curParameter["type"];
+            desc = curParameter["desc"]; 
+
+            //alert(" id " + id + " name " + name + " type " + type + " desc " + desc); 
+
+            if(id)
+            {
+               if(table)
+               {
+                   row = AddRowToTable(table);
+               }
+
+               if(row)
+               {
+                   column = AddColumnToRow(row);
+               }
+
+               if(column)
+               {
+                    AddTextToColumn(column,name);
+               }
+
+               if(type == "string" || type == "integer")
+               {
+                   field = AddInputField("text",id,name,"");
+               }
+
+               re_field = null;
+ 
+               if(type == "password")
+               {
+                   field = AddInputField("password",id,name,"");
+               }
+
+               if(type == "hidden")
+               {
+                   field = AddInputField("hidden",id,name,"");
+               } 
+
+               if(field)
+               {
+                   field_col = AddColumnToRow(row);                
+                   if(field_col)
+                   {
+                       field_col.appendChild(field);
+                   }
+               }
+
+               if(re_field)
+               {
+                 re_text = AddColumnToRow(row);
+
+                 if(re_text)
+                 {
+                     AddTextToColumn(re_text,"Confirm " + name);
+                     re_field_col = AddColumnToRow(row);
+                     if(re_field_col)
+                     {
+                         re_field_col.appendChild(re_field);
+                     }
+                   
+                 } 
+
+               }
+           }
+
+        }
+
+    }
+
+    var last_row = AddRowToTable(table);
+
+    if(last_row)
+    {
+        var button_field = AddColumnToRow(last_row);
+
+        if(button_field)
+        {
+           var button = AddInputField("button","Submit","Submit","Submit");
+            button.onclick = FormSubmit;
+            button_field.appendChild(button);
+
+        }
+
+    } 
+}
+
+function UiLoad()
+{
+
+
+   var thisParent = window.opener;
+
+
+   if(!thisParent)
+   {
+        alert("Auth dialog has no parent!");
+        return;
+   }
+
+   var keyID =  this.name;
+
+   var ui = thisParent.getUIForKey(keyID); 
+
+   var type = thisParent.getTypeForKey(keyID);
+
+   //alert("UiLoad " + ui);
+
+   if(ui)
+   {
+       ConstructUI(type,keyID,ui);
+   }
+}
+
+</script>
+</head>
+<body onload = "UiLoad()"> 
+</body>
+</html>
diff --git a/base/tps/apache/docroot/esc/sow/js/ajax-dynamic-list.js b/base/tps/apache/docroot/esc/sow/js/ajax-dynamic-list.js
new file mode 100755
index 000000000..4c89ede8a
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/js/ajax-dynamic-list.js
@@ -0,0 +1,288 @@
+/************************************************************************************************************

+Ajax dynamic list

+Copyright (C) 2006  DTHMLGoodies.com, Alf Magne Kalleland

+

+This library is free software; you can redistribute it and/or

+modify it under the terms of the GNU Lesser General Public

+License as published by the Free Software Foundation; either

+version 2.1 of the License, or (at your option) any later version.

+

+This library is distributed in the hope that it will be useful,

+but WITHOUT ANY WARRANTY; without even the implied warranty of

+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

+Lesser General Public License for more details.

+

+You should have received a copy of the GNU Lesser General Public

+License along with this library; if not, write to the Free Software

+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

+

+Dhtmlgoodies.com., hereby disclaims all copyright interest in this script

+written by Alf Magne Kalleland.

+

+Alf Magne Kalleland, 2006

+Owner of DHTMLgoodies.com

+	

+************************************************************************************************************/	

+

+	var ajaxBox_offsetX = 0;

+	var ajaxBox_offsetY = 0;

+	var ajax_list_externalFile = 'ajax-list.cgi';	// Path to external file

+	var minimumLettersBeforeLookup = 1;	// Number of letters entered before a lookup is performed.

+	

+	var ajax_list_objects = new Array();

+	var ajax_list_cachedLists = new Array();

+	var ajax_list_activeInput = false;

+	var ajax_list_activeItem;

+	var ajax_list_optionDivFirstItem = false;

+	var ajax_list_currentLetters = new Array();

+	var ajax_optionDiv = false;

+	var ajax_optionDiv_iframe = false;

+

+	var ajax_list_MSIE = false;

+	if(navigator.userAgent.indexOf('MSIE')>=0 && navigator.userAgent.indexOf('Opera')<0)ajax_list_MSIE=true;

+	

+	var currentListIndex = 0;

+	

+	function ajax_getTopPos(inputObj)

+	{

+		

+	  var returnValue = inputObj.offsetTop;

+	  while((inputObj = inputObj.offsetParent) != null){

+	  	returnValue += inputObj.offsetTop;

+	  }

+	  return returnValue;

+	}

+	function ajax_list_cancelEvent()

+	{

+		return false;

+	}

+	

+	function ajax_getLeftPos(inputObj)

+	{

+	  var returnValue = inputObj.offsetLeft;

+	  while((inputObj = inputObj.offsetParent) != null)returnValue += inputObj.offsetLeft;

+	  

+	  return returnValue;

+	}

+	

+	function ajax_option_setValue(e,inputObj)

+	{

+		if(!inputObj)inputObj=this;

+		var tmpValue = inputObj.innerHTML;

+		if(ajax_list_MSIE)tmpValue = inputObj.innerText;else tmpValue = inputObj.textContent;

+		if(!tmpValue)tmpValue = inputObj.innerHTML;

+		ajax_list_activeInput.value = tmpValue;

+		if(document.getElementById(ajax_list_activeInput.name + '_hidden'))document.getElementById(ajax_list_activeInput.name + '_hidden').value = inputObj.id; 

+		ajax_options_hide();

+	}

+	

+	function ajax_options_hide()

+	{

+		ajax_optionDiv.style.display='none';	

+		if(ajax_optionDiv_iframe)ajax_optionDiv_iframe.style.display='none';

+	}

+

+	function ajax_options_rollOverActiveItem(item,fromKeyBoard)

+	{

+		if(ajax_list_activeItem)ajax_list_activeItem.className='optionDiv';

+		item.className='optionDivSelected';

+		ajax_list_activeItem = item;

+		

+		if(fromKeyBoard){

+			if(ajax_list_activeItem.offsetTop>ajax_optionDiv.offsetHeight){

+				ajax_optionDiv.scrollTop = ajax_list_activeItem.offsetTop - ajax_optionDiv.offsetHeight + ajax_list_activeItem.offsetHeight + 2 ;

+			}

+			if(ajax_list_activeItem.offsetTop<ajax_optionDiv.scrollTop)

+			{

+				ajax_optionDiv.scrollTop = 0;	

+			}

+		}

+	}

+	

+	function ajax_option_list_buildList(letters,paramToExternalFile)

+	{

+		

+		ajax_optionDiv.innerHTML = '';

+		ajax_list_activeItem = false;

+		if(ajax_list_cachedLists[paramToExternalFile][letters.toLowerCase()].length<=1){

+			ajax_options_hide();

+			return;			

+		}

+		

+		

+		

+		ajax_list_optionDivFirstItem = false;

+		var optionsAdded = false;

+		for(var no=0;no<ajax_list_cachedLists[paramToExternalFile][letters.toLowerCase()].length;no++){

+			if(ajax_list_cachedLists[paramToExternalFile][letters.toLowerCase()][no].length==0)continue;

+			optionsAdded = true;

+			var div = document.createElement('DIV');

+			var items = ajax_list_cachedLists[paramToExternalFile][letters.toLowerCase()][no].split(/###/gi);

+			

+			if(ajax_list_cachedLists[paramToExternalFile][letters.toLowerCase()].length==1 && ajax_list_activeInput.value == items[0]){

+				ajax_options_hide();

+				return;						

+			}

+			

+			

+			div.innerHTML = items[items.length-1];

+			div.id = items[0];

+			div.className='optionDiv';

+			div.onmouseover = function(){ ajax_options_rollOverActiveItem(this,false) }

+			div.onclick = ajax_option_setValue;

+			if(!ajax_list_optionDivFirstItem)ajax_list_optionDivFirstItem = div;

+			ajax_optionDiv.appendChild(div);

+		}	

+		if(optionsAdded){

+			ajax_optionDiv.style.display='block';

+			if(ajax_optionDiv_iframe)ajax_optionDiv_iframe.style.display='';

+		}

+					

+	}

+	

+	function ajax_option_list_showContent(ajaxIndex,inputObj,paramToExternalFile,whichIndex)

+	{

+		if(whichIndex!=currentListIndex)return;

+		var letters = inputObj.value;

+		var content = ajax_list_objects[ajaxIndex].response;

+		var elements = content.split('|');

+		ajax_list_cachedLists[paramToExternalFile][letters.toLowerCase()] = elements;

+		ajax_option_list_buildList(letters,paramToExternalFile);

+		

+	}

+	

+	function ajax_option_resize(inputObj)

+	{

+		ajax_optionDiv.style.top = (ajax_getTopPos(inputObj) + inputObj.offsetHeight + ajaxBox_offsetY) + 'px';

+		ajax_optionDiv.style.left = (ajax_getLeftPos(inputObj) + ajaxBox_offsetX) + 'px';

+		if(ajax_optionDiv_iframe){

+			ajax_optionDiv_iframe.style.left = ajax_optionDiv.style.left;

+			ajax_optionDiv_iframe.style.top = ajax_optionDiv.style.top;			

+		}		

+		

+	}

+	

+	function ajax_showOptions(inputObj,paramToExternalFile,e)

+	{

+		if(e.keyCode==13 || e.keyCode==9)return;

+		if(ajax_list_currentLetters[inputObj.name]==inputObj.value)return;

+		if(!ajax_list_cachedLists[paramToExternalFile])ajax_list_cachedLists[paramToExternalFile] = new Array();

+		ajax_list_currentLetters[inputObj.name] = inputObj.value;

+		if(!ajax_optionDiv){

+			ajax_optionDiv = document.createElement('DIV');

+			ajax_optionDiv.id = 'ajax_listOfOptions';	

+			document.body.appendChild(ajax_optionDiv);

+			

+			if(ajax_list_MSIE){

+				ajax_optionDiv_iframe = document.createElement('IFRAME');

+				ajax_optionDiv_iframe.border='0';

+				ajax_optionDiv_iframe.style.width = ajax_optionDiv.clientWidth + 'px';

+				ajax_optionDiv_iframe.style.height = ajax_optionDiv.clientHeight + 'px';

+				ajax_optionDiv_iframe.id = 'ajax_listOfOptions_iframe';

+				

+				document.body.appendChild(ajax_optionDiv_iframe);

+			}

+			

+			var allInputs = document.getElementsByTagName('INPUT');

+			for(var no=0;no<allInputs.length;no++){

+				if(!allInputs[no].onkeyup)allInputs[no].onfocus = ajax_options_hide;

+			}			

+			var allSelects = document.getElementsByTagName('SELECT');

+			for(var no=0;no<allSelects.length;no++){

+				allSelects[no].onfocus = ajax_options_hide;

+			}

+

+			var oldonkeydown=document.body.onkeydown;

+			if(typeof oldonkeydown!='function'){

+				document.body.onkeydown=ajax_option_keyNavigation;

+			}else{

+				document.body.onkeydown=function(){

+					oldonkeydown();

+				ajax_option_keyNavigation() ;}

+			}

+			var oldonresize=document.body.onresize;

+			if(typeof oldonresize!='function'){

+				document.body.onresize=function() {ajax_option_resize(inputObj); };

+			}else{

+				document.body.onresize=function(){oldonresize();

+				ajax_option_resize(inputObj) ;}

+			}

+				

+		}

+		

+		if(inputObj.value.length<minimumLettersBeforeLookup){

+			ajax_options_hide();

+			return;

+		}

+				

+

+		ajax_optionDiv.style.top = (ajax_getTopPos(inputObj) + inputObj.offsetHeight + ajaxBox_offsetY) + 'px';

+		ajax_optionDiv.style.left = (ajax_getLeftPos(inputObj) + ajaxBox_offsetX) + 'px';

+		if(ajax_optionDiv_iframe){

+			ajax_optionDiv_iframe.style.left = ajax_optionDiv.style.left;

+			ajax_optionDiv_iframe.style.top = ajax_optionDiv.style.top;			

+		}

+		

+		ajax_list_activeInput = inputObj;

+		ajax_optionDiv.onselectstart =  ajax_list_cancelEvent;

+		currentListIndex++;

+		if(ajax_list_cachedLists[paramToExternalFile][inputObj.value.toLowerCase()]){

+			ajax_option_list_buildList(inputObj.value,paramToExternalFile,currentListIndex);			

+		}else{

+			ajax_optionDiv.innerHTML = '';

+			var ajaxIndex = ajax_list_objects.length;

+			ajax_list_objects[ajaxIndex] = new sack();

+			var url = ajax_list_externalFile + '?' + paramToExternalFile + '=1&letters=' + inputObj.value.replace(" ","+");

+			ajax_list_objects[ajaxIndex].requestFile = url;	// Specifying which file to get

+			ajax_list_objects[ajaxIndex].onCompletion = function(){ ajax_option_list_showContent(ajaxIndex,inputObj,paramToExternalFile,currentListIndex); };	// Specify function that will be executed after file has been found

+			ajax_list_objects[ajaxIndex].runAJAX();		// Execute AJAX function		

+		}

+		

+			

+	}

+	

+	function ajax_option_keyNavigation(e)

+	{

+		if(document.all)e = event;

+		

+		if(!ajax_optionDiv)return;

+		if(ajax_optionDiv.style.display=='none')return;

+		

+		if(e.keyCode==38){	// Up arrow

+			if(!ajax_list_activeItem)return;

+			if(ajax_list_activeItem && !ajax_list_activeItem.previousSibling)return;

+			ajax_options_rollOverActiveItem(ajax_list_activeItem.previousSibling,true);

+		}

+		

+		if(e.keyCode==40){	// Down arrow

+			if(!ajax_list_activeItem){

+				ajax_options_rollOverActiveItem(ajax_list_optionDivFirstItem,true);

+			}else{

+				if(!ajax_list_activeItem.nextSibling)return;

+				ajax_options_rollOverActiveItem(ajax_list_activeItem.nextSibling,true);

+			}

+		}

+		

+		if(e.keyCode==13 || e.keyCode==9){	// Enter key or tab key

+			if(ajax_list_activeItem && ajax_list_activeItem.className=='optionDivSelected')ajax_option_setValue(false,ajax_list_activeItem);

+			if(e.keyCode==13)return false; else return true;

+		}

+		if(e.keyCode==27){	// Escape key

+			ajax_options_hide();			

+		}

+	}

+	

+	

+	document.documentElement.onclick = autoHideList;

+	

+	function autoHideList(e)

+	{

+		if(document.all)e = event;

+		

+		if (e.target) source = e.target;

+			else if (e.srcElement) source = e.srcElement;

+			if (source.nodeType == 3) // defeat Safari bug

+				source = source.parentNode;		

+		if(source.tagName.toLowerCase()!='input' && source.tagName.toLowerCase()!='textarea')ajax_options_hide();

+		

+	}

diff --git a/base/tps/apache/docroot/esc/sow/js/ajax.js b/base/tps/apache/docroot/esc/sow/js/ajax.js
new file mode 100755
index 000000000..fc342fdd1
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/js/ajax.js
@@ -0,0 +1,193 @@
+/* Simple AJAX Code-Kit (SACK) v1.6.1 */

+/* ©2005 Gregory Wild-Smith */

+/* www.twilightuniverse.com */

+/* Software licenced under a modified X11 licence,

+   see documentation or authors website for more details */

+

+function sack(file) {

+	this.xmlhttp = null;

+

+	this.resetData = function() {

+		this.method = "POST";

+  		this.queryStringSeparator = "?";

+		this.argumentSeparator = "&";

+		this.URLString = "";

+		this.encodeURIString = true;

+  		this.execute = false;

+  		this.element = null;

+		this.elementObj = null;

+		this.requestFile = file;

+		this.vars = new Object();

+		this.responseStatus = new Array(2);

+  	};

+

+	this.resetFunctions = function() {

+  		this.onLoading = function() { };

+  		this.onLoaded = function() { };

+  		this.onInteractive = function() { };

+  		this.onCompletion = function() { };

+  		this.onError = function() { };

+		this.onFail = function() { };

+	};

+

+	this.reset = function() {

+		this.resetFunctions();

+		this.resetData();

+	};

+

+	this.createAJAX = function() {

+		try {

+			this.xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");

+		} catch (e1) {

+			try {

+				this.xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");

+			} catch (e2) {

+				this.xmlhttp = null;

+			}

+		}

+

+		if (! this.xmlhttp) {

+			if (typeof XMLHttpRequest != "undefined") {

+				this.xmlhttp = new XMLHttpRequest();

+			} else {

+				this.failed = true;

+			}

+		}

+	};

+

+	this.setVar = function(name, value){

+		this.vars[name] = Array(value, false);

+	};

+

+	this.encVar = function(name, value, returnvars) {

+		if (true == returnvars) {

+			return Array(encodeURIComponent(name), encodeURIComponent(value));

+		} else {

+			this.vars[encodeURIComponent(name)] = Array(encodeURIComponent(value), true);

+		}

+	}

+

+	this.processURLString = function(string, encode) {

+		encoded = encodeURIComponent(this.argumentSeparator);

+		regexp = new RegExp(this.argumentSeparator + "|" + encoded);

+		varArray = string.split(regexp);

+		for (i = 0; i < varArray.length; i++){

+			urlVars = varArray[i].split("=");

+			if (true == encode){

+				this.encVar(urlVars[0], urlVars[1]);

+			} else {

+				this.setVar(urlVars[0], urlVars[1]);

+			}

+		}

+	}

+

+	this.createURLString = function(urlstring) {

+		if (this.encodeURIString && this.URLString.length) {

+			this.processURLString(this.URLString, true);

+		}

+

+		if (urlstring) {

+			if (this.URLString.length) {

+				this.URLString += this.argumentSeparator + urlstring;

+			} else {

+				this.URLString = urlstring;

+			}

+		}

+

+		// prevents caching of URLString

+		this.setVar("rndval", new Date().getTime());

+

+		urlstringtemp = new Array();

+		for (key in this.vars) {

+			if (false == this.vars[key][1] && true == this.encodeURIString) {

+				encoded = this.encVar(key, this.vars[key][0], true);

+				delete this.vars[key];

+				this.vars[encoded[0]] = Array(encoded[1], true);

+				key = encoded[0];

+			}

+

+			urlstringtemp[urlstringtemp.length] = key + "=" + this.vars[key][0];

+		}

+		if (urlstring){

+			this.URLString += this.argumentSeparator + urlstringtemp.join(this.argumentSeparator);

+		} else {

+			this.URLString += urlstringtemp.join(this.argumentSeparator);

+		}

+	}

+

+	this.runResponse = function() {

+		eval(this.response);

+	}

+

+	this.runAJAX = function(urlstring) {

+		if (this.failed) {

+			this.onFail();

+		} else {

+			this.createURLString(urlstring);

+			if (this.element) {

+				this.elementObj = document.getElementById(this.element);

+			}

+			if (this.xmlhttp) {

+				var self = this;

+				if (this.method == "GET") {

+					totalurlstring = this.requestFile + this.queryStringSeparator + this.URLString;

+					this.xmlhttp.open(this.method, totalurlstring, true);

+				} else {

+					this.xmlhttp.open(this.method, this.requestFile, true);

+					try {

+						this.xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded")

+					} catch (e) { }

+				}

+

+				this.xmlhttp.onreadystatechange = function() {

+					switch (self.xmlhttp.readyState) {

+						case 1:

+							self.onLoading();

+							break;

+						case 2:

+							self.onLoaded();

+							break;

+						case 3:

+							self.onInteractive();

+							break;

+						case 4:

+							self.response = self.xmlhttp.responseText;

+							self.responseXML = self.xmlhttp.responseXML;

+							self.responseStatus[0] = self.xmlhttp.status;

+							self.responseStatus[1] = self.xmlhttp.statusText;

+

+							if (self.execute) {

+								self.runResponse();

+							}

+

+							if (self.elementObj) {

+								elemNodeName = self.elementObj.nodeName;

+								elemNodeName.toLowerCase();

+								if (elemNodeName == "input"

+								|| elemNodeName == "select"

+								|| elemNodeName == "option"

+								|| elemNodeName == "textarea") {

+									self.elementObj.value = self.response;

+								} else {

+									self.elementObj.innerHTML = self.response;

+								}

+							}

+							if (self.responseStatus[0] == "200") {

+								self.onCompletion();

+							} else {

+								self.onError();

+							}

+

+							self.URLString = "";

+							break;

+					}

+				};

+

+				this.xmlhttp.send(this.URLString);

+			}

+		}

+	};

+

+	this.reset();

+	this.createAJAX();

+}

diff --git a/base/tps/apache/docroot/esc/sow/js/effects.js b/base/tps/apache/docroot/esc/sow/js/effects.js
new file mode 100755
index 000000000..d3940a82b
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/js/effects.js
@@ -0,0 +1,903 @@
+// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
+// Contributors:
+//  Justin Palmer (http://encytemedia.com/)
+//  Mark Pilgrim (http://diveintomark.org/)
+//  Martin Bialasinki
+// 
+// See scriptaculous.js for full license.  
+
+/* ------------- element ext -------------- */  
+ 
+// converts rgb() and #xxx to #xxxxxx format,  
+// returns self (or first argument) if not convertable  
+String.prototype.parseColor = function() {  
+  var color = '#';  
+  if(this.slice(0,4) == 'rgb(') {  
+    var cols = this.slice(4,this.length-1).split(',');  
+    var i=0; do { color += parseInt(cols[i]).toColorPart() } while (++i<3);  
+  } else {  
+    if(this.slice(0,1) == '#') {  
+      if(this.length==4) for(var i=1;i<4;i++) color += (this.charAt(i) + this.charAt(i)).toLowerCase();  
+      if(this.length==7) color = this.toLowerCase();  
+    }  
+  }  
+  return(color.length==7 ? color : (arguments[0] || this));  
+}
+
+Element.collectTextNodes = function(element) {  
+  return $A($(element).childNodes).collect( function(node) {
+    return (node.nodeType==3 ? node.nodeValue : 
+      (node.hasChildNodes() ? Element.collectTextNodes(node) : ''));
+  }).flatten().join('');
+}
+
+Element.collectTextNodesIgnoreClass = function(element, className) {  
+  return $A($(element).childNodes).collect( function(node) {
+    return (node.nodeType==3 ? node.nodeValue : 
+      ((node.hasChildNodes() && !Element.hasClassName(node,className)) ? 
+        Element.collectTextNodes(node) : ''));
+  }).flatten().join('');
+}
+
+Element.setStyle = function(element, style) {
+  element = $(element);
+  for(k in style) element.style[k.camelize()] = style[k];
+}
+
+Element.setContentZoom = function(element, percent) {  
+  Element.setStyle(element, {fontSize: (percent/100) + 'em'});   
+  if(navigator.appVersion.indexOf('AppleWebKit')>0) window.scrollBy(0,0);  
+}
+
+Element.getOpacity = function(element){  
+  var opacity;
+  if (opacity = Element.getStyle(element, 'opacity'))  
+    return parseFloat(opacity);  
+  if (opacity = (Element.getStyle(element, 'filter') || '').match(/alpha\(opacity=(.*)\)/))  
+    if(opacity[1]) return parseFloat(opacity[1]) / 100;  
+  return 1.0;  
+}
+
+Element.setOpacity = function(element, value){  
+  element= $(element);  
+  if (value == 1){
+    Element.setStyle(element, { opacity: 
+      (/Gecko/.test(navigator.userAgent) && !/Konqueror|Safari|KHTML/.test(navigator.userAgent)) ? 
+      0.999999 : null });
+    if(/MSIE/.test(navigator.userAgent))  
+      Element.setStyle(element, {filter: Element.getStyle(element,'filter').replace(/alpha\([^\)]*\)/gi,'')});  
+  } else {  
+    if(value < 0.00001) value = 0;  
+    Element.setStyle(element, {opacity: value});
+    if(/MSIE/.test(navigator.userAgent))  
+     Element.setStyle(element, 
+       { filter: Element.getStyle(element,'filter').replace(/alpha\([^\)]*\)/gi,'') +
+                 'alpha(opacity='+value*100+')' });  
+  }   
+}  
+ 
+Element.getInlineOpacity = function(element){  
+  return $(element).style.opacity || '';
+}  
+
+Element.childrenWithClassName = function(element, className) {  
+  return $A($(element).getElementsByTagName('*')).select(
+    function(c) { return Element.hasClassName(c, className) });
+}
+
+Array.prototype.call = function() {
+  var args = arguments;
+  this.each(function(f){ f.apply(this, args) });
+}
+
+/*--------------------------------------------------------------------------*/
+
+var Effect = {
+  tagifyText: function(element) {
+    var tagifyStyle = 'position:relative';
+    if(/MSIE/.test(navigator.userAgent)) tagifyStyle += ';zoom:1';
+    element = $(element);
+    $A(element.childNodes).each( function(child) {
+      if(child.nodeType==3) {
+        child.nodeValue.toArray().each( function(character) {
+          element.insertBefore(
+            Builder.node('span',{style: tagifyStyle},
+              character == ' ' ? String.fromCharCode(160) : character), 
+              child);
+        });
+        Element.remove(child);
+      }
+    });
+  },
+  multiple: function(element, effect) {
+    var elements;
+    if(((typeof element == 'object') || 
+        (typeof element == 'function')) && 
+       (element.length))
+      elements = element;
+    else
+      elements = $(element).childNodes;
+      
+    var options = Object.extend({
+      speed: 0.1,
+      delay: 0.0
+    }, arguments[2] || {});
+    var masterDelay = options.delay;
+
+    $A(elements).each( function(element, index) {
+      new effect(element, Object.extend(options, { delay: index * options.speed + masterDelay }));
+    });
+  },
+  PAIRS: {
+    'slide':  ['SlideDown','SlideUp'],
+    'blind':  ['BlindDown','BlindUp'],
+    'appear': ['Appear','Fade']
+  },
+  toggle: function(element, effect) {
+    element = $(element);
+    effect = (effect || 'appear').toLowerCase();
+    var options = Object.extend({
+      queue: { position:'end', scope:(element.id || 'global') }
+    }, arguments[2] || {});
+    Effect[Element.visible(element) ? 
+      Effect.PAIRS[effect][1] : Effect.PAIRS[effect][0]](element, options);
+  }
+};
+
+var Effect2 = Effect; // deprecated
+
+/* ------------- transitions ------------- */
+
+Effect.Transitions = {}
+
+Effect.Transitions.linear = function(pos) {
+  return pos;
+}
+Effect.Transitions.sinoidal = function(pos) {
+  return (-Math.cos(pos*Math.PI)/2) + 0.5;
+}
+Effect.Transitions.reverse  = function(pos) {
+  return 1-pos;
+}
+Effect.Transitions.flicker = function(pos) {
+  return ((-Math.cos(pos*Math.PI)/4) + 0.75) + Math.random()/4;
+}
+Effect.Transitions.wobble = function(pos) {
+  return (-Math.cos(pos*Math.PI*(9*pos))/2) + 0.5;
+}
+Effect.Transitions.pulse = function(pos) {
+  return (Math.floor(pos*10) % 2 == 0 ? 
+    (pos*10-Math.floor(pos*10)) : 1-(pos*10-Math.floor(pos*10)));
+}
+Effect.Transitions.none = function(pos) {
+  return 0;
+}
+Effect.Transitions.full = function(pos) {
+  return 1;
+}
+
+/* ------------- core effects ------------- */
+
+Effect.ScopedQueue = Class.create();
+Object.extend(Object.extend(Effect.ScopedQueue.prototype, Enumerable), {
+  initialize: function() {
+    this.effects  = [];
+    this.interval = null;
+  },
+  _each: function(iterator) {
+    this.effects._each(iterator);
+  },
+  add: function(effect) {
+    var timestamp = new Date().getTime();
+    
+    var position = (typeof effect.options.queue == 'string') ? 
+      effect.options.queue : effect.options.queue.position;
+    
+    switch(position) {
+      case 'front':
+        // move unstarted effects after this effect  
+        this.effects.findAll(function(e){ return e.state=='idle' }).each( function(e) {
+            e.startOn  += effect.finishOn;
+            e.finishOn += effect.finishOn;
+          });
+        break;
+      case 'end':
+        // start effect after last queued effect has finished
+        timestamp = this.effects.pluck('finishOn').max() || timestamp;
+        break;
+    }
+    
+    effect.startOn  += timestamp;
+    effect.finishOn += timestamp;
+    this.effects.push(effect);
+    if(!this.interval) 
+      this.interval = setInterval(this.loop.bind(this), 40);
+  },
+  remove: function(effect) {
+    this.effects = this.effects.reject(function(e) { return e==effect });
+    if(this.effects.length == 0) {
+      clearInterval(this.interval);
+      this.interval = null;
+    }
+  },
+  loop: function() {
+    var timePos = new Date().getTime();
+    this.effects.invoke('loop', timePos);
+  }
+});
+
+Effect.Queues = {
+  instances: $H(),
+  get: function(queueName) {
+    if(typeof queueName != 'string') return queueName;
+    
+    if(!this.instances[queueName])
+      this.instances[queueName] = new Effect.ScopedQueue();
+      
+    return this.instances[queueName];
+  }
+}
+Effect.Queue = Effect.Queues.get('global');
+
+Effect.DefaultOptions = {
+  transition: Effect.Transitions.sinoidal,
+  duration:   1.0,   // seconds
+  fps:        25.0,  // max. 25fps due to Effect.Queue implementation
+  sync:       false, // true for combining
+  from:       0.0,
+  to:         1.0,
+  delay:      0.0,
+  queue:      'parallel'
+}
+
+Effect.Base = function() {};
+Effect.Base.prototype = {
+  position: null,
+  start: function(options) {
+    this.options      = Object.extend(Object.extend({},Effect.DefaultOptions), options || {});
+    this.currentFrame = 0;
+    this.state        = 'idle';
+    this.startOn      = this.options.delay*1000;
+    this.finishOn     = this.startOn + (this.options.duration*1000);
+    this.event('beforeStart');
+    if(!this.options.sync)
+      Effect.Queues.get(typeof this.options.queue == 'string' ? 
+        'global' : this.options.queue.scope).add(this);
+  },
+  loop: function(timePos) {
+    if(timePos >= this.startOn) {
+      if(timePos >= this.finishOn) {
+        this.render(1.0);
+        this.cancel();
+        this.event('beforeFinish');
+        if(this.finish) this.finish(); 
+        this.event('afterFinish');
+        return;  
+      }
+      var pos   = (timePos - this.startOn) / (this.finishOn - this.startOn);
+      var frame = Math.round(pos * this.options.fps * this.options.duration);
+      if(frame > this.currentFrame) {
+        this.render(pos);
+        this.currentFrame = frame;
+      }
+    }
+  },
+  render: function(pos) {
+    if(this.state == 'idle') {
+      this.state = 'running';
+      this.event('beforeSetup');
+      if(this.setup) this.setup();
+      this.event('afterSetup');
+    }
+    if(this.state == 'running') {
+      if(this.options.transition) pos = this.options.transition(pos);
+      pos *= (this.options.to-this.options.from);
+      pos += this.options.from;
+      this.position = pos;
+      this.event('beforeUpdate');
+      if(this.update) this.update(pos);
+      this.event('afterUpdate');
+    }
+  },
+  cancel: function() {
+    if(!this.options.sync)
+      Effect.Queues.get(typeof this.options.queue == 'string' ? 
+        'global' : this.options.queue.scope).remove(this);
+    this.state = 'finished';
+  },
+  event: function(eventName) {
+    if(this.options[eventName + 'Internal']) this.options[eventName + 'Internal'](this);
+    if(this.options[eventName]) this.options[eventName](this);
+  },
+  inspect: function() {
+    return '#<Effect:' + $H(this).inspect() + ',options:' + $H(this.options).inspect() + '>';
+  }
+}
+
+Effect.Parallel = Class.create();
+Object.extend(Object.extend(Effect.Parallel.prototype, Effect.Base.prototype), {
+  initialize: function(effects) {
+    this.effects = effects || [];
+    this.start(arguments[1]);
+  },
+  update: function(position) {
+    this.effects.invoke('render', position);
+  },
+  finish: function(position) {
+    this.effects.each( function(effect) {
+      effect.render(1.0);
+      effect.cancel();
+      effect.event('beforeFinish');
+      if(effect.finish) effect.finish(position);
+      effect.event('afterFinish');
+    });
+  }
+});
+
+Effect.Opacity = Class.create();
+Object.extend(Object.extend(Effect.Opacity.prototype, Effect.Base.prototype), {
+  initialize: function(element) {
+    this.element = $(element);
+    // make this work on IE on elements without 'layout'
+    if(/MSIE/.test(navigator.userAgent) && (!this.element.hasLayout))
+      Element.setStyle(this.element, {zoom: 1});
+    var options = Object.extend({
+      from: Element.getOpacity(this.element) || 0.0,
+      to:   1.0
+    }, arguments[1] || {});
+    this.start(options);
+  },
+  update: function(position) {
+    Element.setOpacity(this.element, position);
+  }
+});
+
+Effect.Move = Class.create();
+Object.extend(Object.extend(Effect.Move.prototype, Effect.Base.prototype), {
+  initialize: function(element) {
+    this.element = $(element);
+    var options = Object.extend({
+      x:    0,
+      y:    0,
+      mode: 'relative'
+    }, arguments[1] || {});
+    this.start(options);
+  },
+  setup: function() {
+    // Bug in Opera: Opera returns the "real" position of a static element or
+    // relative element that does not have top/left explicitly set.
+    // ==> Always set top and left for position relative elements in your stylesheets 
+    // (to 0 if you do not need them) 
+    Element.makePositioned(this.element);
+    this.originalLeft = parseFloat(Element.getStyle(this.element,'left') || '0');
+    this.originalTop  = parseFloat(Element.getStyle(this.element,'top')  || '0');
+    if(this.options.mode == 'absolute') {
+      // absolute movement, so we need to calc deltaX and deltaY
+      this.options.x = this.options.x - this.originalLeft;
+      this.options.y = this.options.y - this.originalTop;
+    }
+  },
+  update: function(position) {
+    Element.setStyle(this.element, {
+      left: this.options.x  * position + this.originalLeft + 'px',
+      top:  this.options.y  * position + this.originalTop  + 'px'
+    });
+  }
+});
+
+// for backwards compatibility
+Effect.MoveBy = function(element, toTop, toLeft) {
+  return new Effect.Move(element, 
+    Object.extend({ x: toLeft, y: toTop }, arguments[3] || {}));
+};
+
+Effect.Scale = Class.create();
+Object.extend(Object.extend(Effect.Scale.prototype, Effect.Base.prototype), {
+  initialize: function(element, percent) {
+    this.element = $(element)
+    var options = Object.extend({
+      scaleX: true,
+      scaleY: true,
+      scaleContent: true,
+      scaleFromCenter: false,
+      scaleMode: 'box',        // 'box' or 'contents' or {} with provided values
+      scaleFrom: 100.0,
+      scaleTo:   percent
+    }, arguments[2] || {});
+    this.start(options);
+  },
+  setup: function() {
+    this.restoreAfterFinish = this.options.restoreAfterFinish || false;
+    this.elementPositioning = Element.getStyle(this.element,'position');
+    
+    this.originalStyle = {};
+    ['top','left','width','height','fontSize'].each( function(k) {
+      this.originalStyle[k] = this.element.style[k];
+    }.bind(this));
+      
+    this.originalTop  = this.element.offsetTop;
+    this.originalLeft = this.element.offsetLeft;
+    
+    var fontSize = Element.getStyle(this.element,'font-size') || '100%';
+    ['em','px','%'].each( function(fontSizeType) {
+      if(fontSize.indexOf(fontSizeType)>0) {
+        this.fontSize     = parseFloat(fontSize);
+        this.fontSizeType = fontSizeType;
+      }
+    }.bind(this));
+    
+    this.factor = (this.options.scaleTo - this.options.scaleFrom)/100;
+    
+    this.dims = null;
+    if(this.options.scaleMode=='box')
+      this.dims = [this.element.offsetHeight, this.element.offsetWidth];
+    if(/^content/.test(this.options.scaleMode))
+      this.dims = [this.element.scrollHeight, this.element.scrollWidth];
+    if(!this.dims)
+      this.dims = [this.options.scaleMode.originalHeight,
+                   this.options.scaleMode.originalWidth];
+  },
+  update: function(position) {
+    var currentScale = (this.options.scaleFrom/100.0) + (this.factor * position);
+    if(this.options.scaleContent && this.fontSize)
+      Element.setStyle(this.element, {fontSize: this.fontSize * currentScale + this.fontSizeType });
+    this.setDimensions(this.dims[0] * currentScale, this.dims[1] * currentScale);
+  },
+  finish: function(position) {
+    if (this.restoreAfterFinish) Element.setStyle(this.element, this.originalStyle);
+  },
+  setDimensions: function(height, width) {
+    var d = {};
+    if(this.options.scaleX) d.width = width + 'px';
+    if(this.options.scaleY) d.height = height + 'px';
+    if(this.options.scaleFromCenter) {
+      var topd  = (height - this.dims[0])/2;
+      var leftd = (width  - this.dims[1])/2;
+      if(this.elementPositioning == 'absolute') {
+        if(this.options.scaleY) d.top = this.originalTop-topd + 'px';
+        if(this.options.scaleX) d.left = this.originalLeft-leftd + 'px';
+      } else {
+        if(this.options.scaleY) d.top = -topd + 'px';
+        if(this.options.scaleX) d.left = -leftd + 'px';
+      }
+    }
+    Element.setStyle(this.element, d);
+  }
+});
+
+Effect.Highlight = Class.create();
+Object.extend(Object.extend(Effect.Highlight.prototype, Effect.Base.prototype), {
+  initialize: function(element) {
+    this.element = $(element);
+    var options = Object.extend({ startcolor: '#ffff99' }, arguments[1] || {});
+    this.start(options);
+  },
+  setup: function() {
+    // Prevent executing on elements not in the layout flow
+    if(Element.getStyle(this.element, 'display')=='none') { this.cancel(); return; }
+    // Disable background image during the effect
+    this.oldStyle = {
+      backgroundImage: Element.getStyle(this.element, 'background-image') };
+    Element.setStyle(this.element, {backgroundImage: 'none'});
+    if(!this.options.endcolor)
+      this.options.endcolor = Element.getStyle(this.element, 'background-color').parseColor('#ffffff');
+    if(!this.options.restorecolor)
+      this.options.restorecolor = Element.getStyle(this.element, 'background-color');
+    // init color calculations
+    this._base  = $R(0,2).map(function(i){ return parseInt(this.options.startcolor.slice(i*2+1,i*2+3),16) }.bind(this));
+    this._delta = $R(0,2).map(function(i){ return parseInt(this.options.endcolor.slice(i*2+1,i*2+3),16)-this._base[i] }.bind(this));
+  },
+  update: function(position) {
+    Element.setStyle(this.element,{backgroundColor: $R(0,2).inject('#',function(m,v,i){
+      return m+(Math.round(this._base[i]+(this._delta[i]*position)).toColorPart()); }.bind(this)) });
+  },
+  finish: function() {
+    Element.setStyle(this.element, Object.extend(this.oldStyle, {
+      backgroundColor: this.options.restorecolor
+    }));
+  }
+});
+
+Effect.ScrollTo = Class.create();
+Object.extend(Object.extend(Effect.ScrollTo.prototype, Effect.Base.prototype), {
+  initialize: function(element) {
+    this.element = $(element);
+    this.start(arguments[1] || {});
+  },
+  setup: function() {
+    Position.prepare();
+    var offsets = Position.cumulativeOffset(this.element);
+    if(this.options.offset) offsets[1] += this.options.offset;
+    var max = window.innerHeight ? 
+      window.height - window.innerHeight :
+      document.body.scrollHeight - 
+        (document.documentElement.clientHeight ? 
+          document.documentElement.clientHeight : document.body.clientHeight);
+    this.scrollStart = Position.deltaY;
+    this.delta = (offsets[1] > max ? max : offsets[1]) - this.scrollStart;
+  },
+  update: function(position) {
+    Position.prepare();
+    window.scrollTo(Position.deltaX, 
+      this.scrollStart + (position*this.delta));
+  }
+});
+
+/* ------------- combination effects ------------- */
+
+Effect.Fade = function(element) {
+  var oldOpacity = Element.getInlineOpacity(element);
+  var options = Object.extend({
+  from: Element.getOpacity(element) || 1.0,
+  to:   0.0,
+  afterFinishInternal: function(effect) { with(Element) { 
+    if(effect.options.to!=0) return;
+    hide(effect.element);
+    setStyle(effect.element, {opacity: oldOpacity}); }}
+  }, arguments[1] || {});
+  return new Effect.Opacity(element,options);
+}
+
+Effect.Appear = function(element) {
+  var options = Object.extend({
+  from: (Element.getStyle(element, 'display') == 'none' ? 0.0 : Element.getOpacity(element) || 0.0),
+  to:   1.0,
+  beforeSetup: function(effect) { with(Element) {
+    setOpacity(effect.element, effect.options.from);
+    show(effect.element); }}
+  }, arguments[1] || {});
+  return new Effect.Opacity(element,options);
+}
+
+Effect.Puff = function(element) {
+  element = $(element);
+  var oldStyle = { opacity: Element.getInlineOpacity(element), position: Element.getStyle(element, 'position') };
+  return new Effect.Parallel(
+   [ new Effect.Scale(element, 200, 
+      { sync: true, scaleFromCenter: true, scaleContent: true, restoreAfterFinish: true }), 
+     new Effect.Opacity(element, { sync: true, to: 0.0 } ) ], 
+     Object.extend({ duration: 1.0, 
+      beforeSetupInternal: function(effect) { with(Element) {
+        setStyle(effect.effects[0].element, {position: 'absolute'}); }},
+      afterFinishInternal: function(effect) { with(Element) {
+         hide(effect.effects[0].element);
+         setStyle(effect.effects[0].element, oldStyle); }}
+     }, arguments[1] || {})
+   );
+}
+
+Effect.BlindUp = function(element) {
+  element = $(element);
+  Element.makeClipping(element);
+  return new Effect.Scale(element, 0, 
+    Object.extend({ scaleContent: false, 
+      scaleX: false, 
+      restoreAfterFinish: true,
+      afterFinishInternal: function(effect) { with(Element) {
+        [hide, undoClipping].call(effect.element); }} 
+    }, arguments[1] || {})
+  );
+}
+
+Effect.BlindDown = function(element) {
+  element = $(element);
+  var oldHeight = Element.getStyle(element, 'height');
+  var elementDimensions = Element.getDimensions(element);
+  return new Effect.Scale(element, 100, 
+    Object.extend({ scaleContent: false, 
+      scaleX: false,
+      scaleFrom: 0,
+      scaleMode: {originalHeight: elementDimensions.height, originalWidth: elementDimensions.width},
+      restoreAfterFinish: true,
+      afterSetup: function(effect) { with(Element) {
+        makeClipping(effect.element);
+        setStyle(effect.element, {height: '0px'});
+        show(effect.element); 
+      }},  
+      afterFinishInternal: function(effect) { with(Element) {
+        undoClipping(effect.element);
+        setStyle(effect.element, {height: oldHeight});
+      }}
+    }, arguments[1] || {})
+  );
+}
+
+Effect.SwitchOff = function(element) {
+  element = $(element);
+  var oldOpacity = Element.getInlineOpacity(element);
+  return new Effect.Appear(element, { 
+    duration: 0.4,
+    from: 0,
+    transition: Effect.Transitions.flicker,
+    afterFinishInternal: function(effect) {
+      new Effect.Scale(effect.element, 1, { 
+        duration: 0.3, scaleFromCenter: true,
+        scaleX: false, scaleContent: false, restoreAfterFinish: true,
+        beforeSetup: function(effect) { with(Element) {
+          [makePositioned,makeClipping].call(effect.element);
+        }},
+        afterFinishInternal: function(effect) { with(Element) {
+          [hide,undoClipping,undoPositioned].call(effect.element);
+          setStyle(effect.element, {opacity: oldOpacity});
+        }}
+      })
+    }
+  });
+}
+
+Effect.DropOut = function(element) {
+  element = $(element);
+  var oldStyle = {
+    top: Element.getStyle(element, 'top'),
+    left: Element.getStyle(element, 'left'),
+    opacity: Element.getInlineOpacity(element) };
+  return new Effect.Parallel(
+    [ new Effect.Move(element, {x: 0, y: 100, sync: true }), 
+      new Effect.Opacity(element, { sync: true, to: 0.0 }) ],
+    Object.extend(
+      { duration: 0.5,
+        beforeSetup: function(effect) { with(Element) {
+          makePositioned(effect.effects[0].element); }},
+        afterFinishInternal: function(effect) { with(Element) {
+          [hide, undoPositioned].call(effect.effects[0].element);
+          setStyle(effect.effects[0].element, oldStyle); }} 
+      }, arguments[1] || {}));
+}
+
+Effect.Shake = function(element) {
+  element = $(element);
+  var oldStyle = {
+    top: Element.getStyle(element, 'top'),
+    left: Element.getStyle(element, 'left') };
+	  return new Effect.Move(element, 
+	    { x:  20, y: 0, duration: 0.05, afterFinishInternal: function(effect) {
+	  new Effect.Move(effect.element,
+	    { x: -40, y: 0, duration: 0.1,  afterFinishInternal: function(effect) {
+	  new Effect.Move(effect.element,
+	    { x:  40, y: 0, duration: 0.1,  afterFinishInternal: function(effect) {
+	  new Effect.Move(effect.element,
+	    { x: -40, y: 0, duration: 0.1,  afterFinishInternal: function(effect) {
+	  new Effect.Move(effect.element,
+	    { x:  40, y: 0, duration: 0.1,  afterFinishInternal: function(effect) {
+	  new Effect.Move(effect.element,
+	    { x: -20, y: 0, duration: 0.05, afterFinishInternal: function(effect) { with(Element) {
+        undoPositioned(effect.element);
+        setStyle(effect.element, oldStyle);
+  }}}) }}) }}) }}) }}) }});
+}
+
+Effect.SlideDown = function(element) {
+  element = $(element);
+  Element.cleanWhitespace(element);
+  // SlideDown need to have the content of the element wrapped in a container element with fixed height!
+  var oldInnerBottom = Element.getStyle(element.firstChild, 'bottom');
+  var elementDimensions = Element.getDimensions(element);
+  return new Effect.Scale(element, 100, Object.extend({ 
+    scaleContent: false, 
+    scaleX: false, 
+    scaleFrom: 0,
+    scaleMode: {originalHeight: elementDimensions.height, originalWidth: elementDimensions.width},
+    restoreAfterFinish: true,
+    afterSetup: function(effect) { with(Element) {
+      makePositioned(effect.element);
+      makePositioned(effect.element.firstChild);
+      if(window.opera) setStyle(effect.element, {top: ''});
+      makeClipping(effect.element);
+      setStyle(effect.element, {height: '0px'});
+      show(element); }},
+    afterUpdateInternal: function(effect) { with(Element) {
+      setStyle(effect.element.firstChild, {bottom:
+        (effect.dims[0] - effect.element.clientHeight) + 'px' }); }},
+    afterFinishInternal: function(effect) { with(Element) {
+      undoClipping(effect.element); 
+      undoPositioned(effect.element.firstChild);
+      undoPositioned(effect.element);
+      setStyle(effect.element.firstChild, {bottom: oldInnerBottom}); }}
+    }, arguments[1] || {})
+  );
+}
+  
+Effect.SlideUp = function(element) {
+  element = $(element);
+  Element.cleanWhitespace(element);
+  var oldInnerBottom = Element.getStyle(element.firstChild, 'bottom');
+  return new Effect.Scale(element, 0, 
+   Object.extend({ scaleContent: false, 
+    scaleX: false, 
+    scaleMode: 'box',
+    scaleFrom: 100,
+    restoreAfterFinish: true,
+    beforeStartInternal: function(effect) { with(Element) {
+      makePositioned(effect.element);
+      makePositioned(effect.element.firstChild);
+      if(window.opera) setStyle(effect.element, {top: ''});
+      makeClipping(effect.element);
+      show(element); }},  
+    afterUpdateInternal: function(effect) { with(Element) {
+      setStyle(effect.element.firstChild, {bottom:
+        (effect.dims[0] - effect.element.clientHeight) + 'px' }); }},
+    afterFinishInternal: function(effect) { with(Element) {
+        [hide, undoClipping].call(effect.element); 
+        undoPositioned(effect.element.firstChild);
+        undoPositioned(effect.element);
+        setStyle(effect.element.firstChild, {bottom: oldInnerBottom}); }}
+   }, arguments[1] || {})
+  );
+}
+
+// Bug in opera makes the TD containing this element expand for a instance after finish 
+Effect.Squish = function(element) {
+  return new Effect.Scale(element, window.opera ? 1 : 0, 
+    { restoreAfterFinish: true,
+      beforeSetup: function(effect) { with(Element) {
+        makeClipping(effect.element); }},  
+      afterFinishInternal: function(effect) { with(Element) {
+        hide(effect.element); 
+        undoClipping(effect.element); }}
+  });
+}
+
+Effect.Grow = function(element) {
+  element = $(element);
+  var options = Object.extend({
+    direction: 'center',
+    moveTransistion: Effect.Transitions.sinoidal,
+    scaleTransition: Effect.Transitions.sinoidal,
+    opacityTransition: Effect.Transitions.full
+  }, arguments[1] || {});
+  var oldStyle = {
+    top: element.style.top,
+    left: element.style.left,
+    height: element.style.height,
+    width: element.style.width,
+    opacity: Element.getInlineOpacity(element) };
+
+  var dims = Element.getDimensions(element);    
+  var initialMoveX, initialMoveY;
+  var moveX, moveY;
+  
+  switch (options.direction) {
+    case 'top-left':
+      initialMoveX = initialMoveY = moveX = moveY = 0; 
+      break;
+    case 'top-right':
+      initialMoveX = dims.width;
+      initialMoveY = moveY = 0;
+      moveX = -dims.width;
+      break;
+    case 'bottom-left':
+      initialMoveX = moveX = 0;
+      initialMoveY = dims.height;
+      moveY = -dims.height;
+      break;
+    case 'bottom-right':
+      initialMoveX = dims.width;
+      initialMoveY = dims.height;
+      moveX = -dims.width;
+      moveY = -dims.height;
+      break;
+    case 'center':
+      initialMoveX = dims.width / 2;
+      initialMoveY = dims.height / 2;
+      moveX = -dims.width / 2;
+      moveY = -dims.height / 2;
+      break;
+  }
+  
+  return new Effect.Move(element, {
+    x: initialMoveX,
+    y: initialMoveY,
+    duration: 0.01, 
+    beforeSetup: function(effect) { with(Element) {
+      hide(effect.element);
+      makeClipping(effect.element);
+      makePositioned(effect.element);
+    }},
+    afterFinishInternal: function(effect) {
+      new Effect.Parallel(
+        [ new Effect.Opacity(effect.element, { sync: true, to: 1.0, from: 0.0, transition: options.opacityTransition }),
+          new Effect.Move(effect.element, { x: moveX, y: moveY, sync: true, transition: options.moveTransition }),
+          new Effect.Scale(effect.element, 100, {
+            scaleMode: { originalHeight: dims.height, originalWidth: dims.width }, 
+            sync: true, scaleFrom: window.opera ? 1 : 0, transition: options.scaleTransition, restoreAfterFinish: true})
+        ], Object.extend({
+             beforeSetup: function(effect) { with(Element) {
+               setStyle(effect.effects[0].element, {height: '0px'});
+               show(effect.effects[0].element); }},
+             afterFinishInternal: function(effect) { with(Element) {
+               [undoClipping, undoPositioned].call(effect.effects[0].element); 
+               setStyle(effect.effects[0].element, oldStyle); }}
+           }, options)
+      )
+    }
+  });
+}
+
+Effect.Shrink = function(element) {
+  element = $(element);
+  var options = Object.extend({
+    direction: 'center',
+    moveTransistion: Effect.Transitions.sinoidal,
+    scaleTransition: Effect.Transitions.sinoidal,
+    opacityTransition: Effect.Transitions.none
+  }, arguments[1] || {});
+  var oldStyle = {
+    top: element.style.top,
+    left: element.style.left,
+    height: element.style.height,
+    width: element.style.width,
+    opacity: Element.getInlineOpacity(element) };
+
+  var dims = Element.getDimensions(element);
+  var moveX, moveY;
+  
+  switch (options.direction) {
+    case 'top-left':
+      moveX = moveY = 0;
+      break;
+    case 'top-right':
+      moveX = dims.width;
+      moveY = 0;
+      break;
+    case 'bottom-left':
+      moveX = 0;
+      moveY = dims.height;
+      break;
+    case 'bottom-right':
+      moveX = dims.width;
+      moveY = dims.height;
+      break;
+    case 'center':  
+      moveX = dims.width / 2;
+      moveY = dims.height / 2;
+      break;
+  }
+  
+  return new Effect.Parallel(
+    [ new Effect.Opacity(element, { sync: true, to: 0.0, from: 1.0, transition: options.opacityTransition }),
+      new Effect.Scale(element, window.opera ? 1 : 0, { sync: true, transition: options.scaleTransition, restoreAfterFinish: true}),
+      new Effect.Move(element, { x: moveX, y: moveY, sync: true, transition: options.moveTransition })
+    ], Object.extend({            
+         beforeStartInternal: function(effect) { with(Element) {
+           [makePositioned, makeClipping].call(effect.effects[0].element) }},
+         afterFinishInternal: function(effect) { with(Element) {
+           [hide, undoClipping, undoPositioned].call(effect.effects[0].element);
+           setStyle(effect.effects[0].element, oldStyle); }}
+       }, options)
+  );
+}
+
+Effect.Pulsate = function(element) {
+  element = $(element);
+  var options    = arguments[1] || {};
+  var oldOpacity = Element.getInlineOpacity(element);
+  var transition = options.transition || Effect.Transitions.sinoidal;
+  var reverser   = function(pos){ return transition(1-Effect.Transitions.pulse(pos)) };
+  reverser.bind(transition);
+  return new Effect.Opacity(element, 
+    Object.extend(Object.extend({  duration: 3.0, from: 0,
+      afterFinishInternal: function(effect) { Element.setStyle(effect.element, {opacity: oldOpacity}); }
+    }, options), {transition: reverser}));
+}
+
+Effect.Fold = function(element) {
+  element = $(element);
+  var oldStyle = {
+    top: element.style.top,
+    left: element.style.left,
+    width: element.style.width,
+    height: element.style.height };
+  Element.makeClipping(element);
+  return new Effect.Scale(element, 5, Object.extend({   
+    scaleContent: false,
+    scaleX: false,
+    afterFinishInternal: function(effect) {
+    new Effect.Scale(element, 1, { 
+      scaleContent: false, 
+      scaleY: false,
+      afterFinishInternal: function(effect) { with(Element) {
+        [hide, undoClipping].call(effect.element); 
+        setStyle(effect.element, oldStyle);
+      }} });
+  }}, arguments[1] || {}));
+}
diff --git a/base/tps/apache/docroot/esc/sow/js/lightbox.js b/base/tps/apache/docroot/esc/sow/js/lightbox.js
new file mode 100755
index 000000000..11856b208
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/js/lightbox.js
@@ -0,0 +1,689 @@
+// -----------------------------------------------------------------------------------

+//

+//	Lightbox v2.02

+//	by Lokesh Dhakar - http://www.huddletogether.com

+//	3/31/06

+//

+//	For more information on this script, visit:

+//	http://huddletogether.com/projects/lightbox2/

+//

+//	Licensed under the Creative Commons Attribution 2.5 License - http://creativecommons.org/licenses/by/2.5/

+//	

+//	Credit also due to those who have helped, inspired, and made their code available to the public.

+//	Including: Scott Upton(uptonic.com), Peter-Paul Koch(quirksmode.org), Thomas Fuchs(mir.aculo.us), and others.

+//

+//

+// -----------------------------------------------------------------------------------

+/*

+

+	Table of Contents

+	-----------------

+	Configuration

+	Global Variables

+

+	Extending Built-in Objects	

+	- Object.extend(Element)

+	- Array.prototype.removeDuplicates()

+	- Array.prototype.empty()

+

+	Lightbox Class Declaration

+	- initialize()

+	- start()

+	- changeImage()

+	- resizeImageContainer()

+	- showImage()

+	- updateDetails()

+	- updateNav()

+	- enableKeyboardNav()

+	- disableKeyboardNav()

+	- keyboardAction()

+	- preloadNeighborImages()

+	- end()

+	

+	Miscellaneous Functions

+	- getPageScroll()

+	- getPageSize()

+	- getKey()

+	- listenKey()

+	- showSelectBoxes()

+	- hideSelectBoxes()

+	- pause()

+	- initLightbox()

+	

+	Function Calls

+	- addLoadEvent(initLightbox)

+	

+*/

+// -----------------------------------------------------------------------------------

+

+//

+//	Configuration

+//

+var fileLoadingImage = "/sow/images/loading.gif";		

+var fileBottomNavCloseImage = "/sow/images/closelabel.gif";

+

+var resizeSpeed = 7;	// controls the speed of the image resizing (1=slowest and 10=fastest)

+

+var borderSize = 10;	//if you adjust the padding in the CSS, you will need to update this variable

+

+// -----------------------------------------------------------------------------------

+

+//

+//	Global Variables

+//

+var imageArray = new Array;

+var activeImage;

+

+if(resizeSpeed > 10){ resizeSpeed = 10;}

+if(resizeSpeed < 1){ resizeSpeed = 1;}

+resizeDuration = (11 - resizeSpeed) * 0.15;

+

+// -----------------------------------------------------------------------------------

+

+//

+//	Additional methods for Element added by SU, Couloir

+//	- further additions by Lokesh Dhakar (huddletogether.com)

+//

+Object.extend(Element, {

+	getWidth: function(element) {

+	   	element = $(element);

+	   	return element.offsetWidth; 

+	},

+	setWidth: function(element,w) {

+	   	element = $(element);

+    	element.style.width = w +"px";

+	},

+	setHeight: function(element,h) {

+   		element = $(element);

+    	element.style.height = h +"px";

+	},

+	setTop: function(element,t) {

+	   	element = $(element);

+    	element.style.top = t +"px";

+	},

+	setSrc: function(element,src) {

+    	element = $(element);

+    	element.src = src; 

+	},

+	setHref: function(element,href) {

+    	element = $(element);

+    	element.href = href; 

+	},

+	setInnerHTML: function(element,content) {

+		element = $(element);

+		element.innerHTML = content;

+	}

+});

+

+// -----------------------------------------------------------------------------------

+

+//

+//	Extending built-in Array object

+//	- array.removeDuplicates()

+//	- array.empty()

+//

+Array.prototype.removeDuplicates = function () {

+	for(i = 1; i < this.length; i++){

+		if(this[i][0] == this[i-1][0]){

+			this.splice(i,1);

+		}

+	}

+}

+

+// -----------------------------------------------------------------------------------

+

+Array.prototype.empty = function () {

+	for(i = 0; i <= this.length; i++){

+		this.shift();

+	}

+}

+

+// -----------------------------------------------------------------------------------

+

+//

+//	Lightbox Class Declaration

+//	- initialize()

+//	- start()

+//	- changeImage()

+//	- resizeImageContainer()

+//	- showImage()

+//	- updateDetails()

+//	- updateNav()

+//	- enableKeyboardNav()

+//	- disableKeyboardNav()

+//	- keyboardNavAction()

+//	- preloadNeighborImages()

+//	- end()

+//

+//	Structuring of code inspired by Scott Upton (http://www.uptonic.com/)

+//

+var Lightbox = Class.create();

+

+Lightbox.prototype = {

+	

+	// initialize()

+	// Constructor runs on completion of the DOM loading. Loops through anchor tags looking for 

+	// 'lightbox' references and applies onclick events to appropriate links. The 2nd section of

+	// the function inserts html at the bottom of the page which is used to display the shadow 

+	// overlay and the image container.

+	//

+	initialize: function() {	

+		if (!document.getElementsByTagName){ return; }

+		var anchors = document.getElementsByTagName('a');

+

+		// loop through all anchor tags

+		for (var i=0; i<anchors.length; i++){

+			var anchor = anchors[i];

+			

+			var relAttribute = String(anchor.getAttribute('rel'));

+			

+			// use the string.match() method to catch 'lightbox' references in the rel attribute

+			if (anchor.getAttribute('href') && (relAttribute.toLowerCase().match('lightbox'))){

+				anchor.onclick = function () {myLightbox.start(this); return false;}

+			}

+		}

+

+		// The rest of this code inserts html at the bottom of the page that looks similar to this:

+		//

+		//	<div id="overlay"></div>

+		//	<div id="lightbox">

+		//		<div id="outerImageContainer">

+		//			<div id="imageContainer">

+		//				<img id="lightboxImage">

+		//				<div style="" id="hoverNav">

+		//					<a href="#" id="prevLink"></a>

+		//					<a href="#" id="nextLink"></a>

+		//				</div>

+		//				<div id="loading">

+		//					<a href="#" id="loadingLink">

+		//						<img src="images/loading.gif">

+		//					</a>

+		//				</div>

+		//			</div>

+		//		</div>

+		//		<div id="imageDataContainer">

+		//			<div id="imageData">

+		//				<div id="imageDetails">

+		//					<span id="caption"></span>

+		//					<span id="numberDisplay"></span>

+		//				</div>

+		//				<div id="bottomNav">

+		//					<a href="#" id="bottomNavClose">

+		//						<img src="images/close.gif">

+		//					</a>

+		//				</div>

+		//			</div>

+		//		</div>

+		//	</div>

+

+

+		var objBody = document.getElementsByTagName("body").item(0);

+		

+		var objOverlay = document.createElement("div");

+		objOverlay.setAttribute('id','overlay');

+		objOverlay.style.display = 'none';

+		objOverlay.onclick = function() { myLightbox.end(); return false; }

+		objBody.appendChild(objOverlay);

+		

+		var objLightbox = document.createElement("div");

+		objLightbox.setAttribute('id','lightbox');

+		objLightbox.style.display = 'none';

+		objBody.appendChild(objLightbox);

+	

+		var objOuterImageContainer = document.createElement("div");

+		objOuterImageContainer.setAttribute('id','outerImageContainer');

+		objLightbox.appendChild(objOuterImageContainer);

+

+		var objImageContainer = document.createElement("div");

+		objImageContainer.setAttribute('id','imageContainer');

+		objOuterImageContainer.appendChild(objImageContainer);

+	

+		var objLightboxImage = document.createElement("img");

+		objLightboxImage.setAttribute('id','lightboxImage');

+		objImageContainer.appendChild(objLightboxImage);

+	

+		var objHoverNav = document.createElement("div");

+		objHoverNav.setAttribute('id','hoverNav');

+		objImageContainer.appendChild(objHoverNav);

+	

+		var objPrevLink = document.createElement("a");

+		objPrevLink.setAttribute('id','prevLink');

+		objPrevLink.setAttribute('href','#');

+		objHoverNav.appendChild(objPrevLink);

+		

+		var objNextLink = document.createElement("a");

+		objNextLink.setAttribute('id','nextLink');

+		objNextLink.setAttribute('href','#');

+		objHoverNav.appendChild(objNextLink);

+	

+		var objLoading = document.createElement("div");

+		objLoading.setAttribute('id','loading');

+		objImageContainer.appendChild(objLoading);

+	

+		var objLoadingLink = document.createElement("a");

+		objLoadingLink.setAttribute('id','loadingLink');

+		objLoadingLink.setAttribute('href','#');

+		objLoadingLink.onclick = function() { myLightbox.end(); return false; }

+		objLoading.appendChild(objLoadingLink);

+	

+		var objLoadingImage = document.createElement("img");

+		objLoadingImage.setAttribute('src', fileLoadingImage);

+		objLoadingLink.appendChild(objLoadingImage);

+

+		var objImageDataContainer = document.createElement("div");

+		objImageDataContainer.setAttribute('id','imageDataContainer');

+		objImageDataContainer.className = 'clearfix';

+		objLightbox.appendChild(objImageDataContainer);

+

+		var objImageData = document.createElement("div");

+		objImageData.setAttribute('id','imageData');

+		objImageDataContainer.appendChild(objImageData);

+	

+		var objImageDetails = document.createElement("div");

+		objImageDetails.setAttribute('id','imageDetails');

+		objImageData.appendChild(objImageDetails);

+	

+		var objCaption = document.createElement("span");

+		objCaption.setAttribute('id','caption');

+		objImageDetails.appendChild(objCaption);

+	

+		var objNumberDisplay = document.createElement("span");

+		objNumberDisplay.setAttribute('id','numberDisplay');

+		objImageDetails.appendChild(objNumberDisplay);

+		

+		var objBottomNav = document.createElement("div");

+		objBottomNav.setAttribute('id','bottomNav');

+		objImageData.appendChild(objBottomNav);

+	

+		var objBottomNavCloseLink = document.createElement("a");

+		objBottomNavCloseLink.setAttribute('id','bottomNavClose');

+		objBottomNavCloseLink.setAttribute('href','#');

+		objBottomNavCloseLink.onclick = function() { myLightbox.end(); return false; }

+		objBottomNav.appendChild(objBottomNavCloseLink);

+	

+		var objBottomNavCloseImage = document.createElement("img");

+		objBottomNavCloseImage.setAttribute('src', fileBottomNavCloseImage);

+		objBottomNavCloseLink.appendChild(objBottomNavCloseImage);

+	},

+	

+	//

+	//	start()

+	//	Display overlay and lightbox. If image is part of a set, add siblings to imageArray.

+	//

+	start: function(imageLink) {	

+

+		hideSelectBoxes();

+

+		// stretch overlay to fill page and fade in

+		var arrayPageSize = getPageSize();

+		Element.setHeight('overlay', arrayPageSize[1]);

+		new Effect.Appear('overlay', { duration: 0.2, from: 0.0, to: 0.8 });

+

+		imageArray = [];

+		imageNum = 0;		

+

+		if (!document.getElementsByTagName){ return; }

+		var anchors = document.getElementsByTagName('a');

+

+		// if image is NOT part of a set..

+		if((imageLink.getAttribute('rel') == 'lightbox')){

+			// add single image to imageArray

+			imageArray.push(new Array(imageLink.getAttribute('href'), imageLink.getAttribute('title')));			

+		} else {

+		// if image is part of a set..

+

+			// loop through anchors, find other images in set, and add them to imageArray

+			for (var i=0; i<anchors.length; i++){

+				var anchor = anchors[i];

+				if (anchor.getAttribute('href') && (anchor.getAttribute('rel') == imageLink.getAttribute('rel'))){

+					imageArray.push(new Array(anchor.getAttribute('href'), anchor.getAttribute('title')));

+				}

+			}

+			imageArray.removeDuplicates();

+			while(imageArray[imageNum][0] != imageLink.getAttribute('href')) { imageNum++;}

+		}

+

+		// calculate top offset for the lightbox and display 

+		var arrayPageSize = getPageSize();

+		var arrayPageScroll = getPageScroll();

+		var lightboxTop = arrayPageScroll[1] + (arrayPageSize[3] / 15);

+

+		Element.setTop('lightbox', lightboxTop);

+		Element.show('lightbox');

+		

+		this.changeImage(imageNum);

+	},

+

+	//

+	//	changeImage()

+	//	Hide most elements and preload image in preparation for resizing image container.

+	//

+	changeImage: function(imageNum) {	

+		

+		activeImage = imageNum;	// update global var

+

+		// hide elements during transition

+		Element.show('loading');

+		Element.hide('lightboxImage');

+		Element.hide('hoverNav');

+		Element.hide('prevLink');

+		Element.hide('nextLink');

+		Element.hide('imageDataContainer');

+		Element.hide('numberDisplay');		

+		

+		imgPreloader = new Image();

+		

+		// once image is preloaded, resize image container

+		imgPreloader.onload=function(){

+			Element.setSrc('lightboxImage', imageArray[activeImage][0]);

+			myLightbox.resizeImageContainer(imgPreloader.width, imgPreloader.height);

+		}

+		imgPreloader.src = imageArray[activeImage][0];

+	},

+

+	//

+	//	resizeImageContainer()

+	//

+	resizeImageContainer: function( imgWidth, imgHeight) {

+

+		// get current height and width

+		this.wCur = Element.getWidth('outerImageContainer');

+		this.hCur = Element.getHeight('outerImageContainer');

+

+		// scalars based on change from old to new

+		this.xScale = ((imgWidth  + (borderSize * 2)) / this.wCur) * 100;

+		this.yScale = ((imgHeight  + (borderSize * 2)) / this.hCur) * 100;

+

+		// calculate size difference between new and old image, and resize if necessary

+		wDiff = (this.wCur - borderSize * 2) - imgWidth;

+		hDiff = (this.hCur - borderSize * 2) - imgHeight;

+

+		if(!( hDiff == 0)){ new Effect.Scale('outerImageContainer', this.yScale, {scaleX: false, duration: resizeDuration, queue: 'front'}); }

+		if(!( wDiff == 0)){ new Effect.Scale('outerImageContainer', this.xScale, {scaleY: false, delay: resizeDuration, duration: resizeDuration}); }

+

+		// if new and old image are same size and no scaling transition is necessary, 

+		// do a quick pause to prevent image flicker.

+		if((hDiff == 0) && (wDiff == 0)){

+			if (navigator.appVersion.indexOf("MSIE")!=-1){ pause(250); } else { pause(100);} 

+		}

+

+		Element.setHeight('prevLink', imgHeight);

+		Element.setHeight('nextLink', imgHeight);

+		Element.setWidth( 'imageDataContainer', imgWidth + (borderSize * 2));

+

+		this.showImage();

+	},

+	

+	//

+	//	showImage()

+	//	Display image and begin preloading neighbors.

+	//

+	showImage: function(){

+		Element.hide('loading');

+		new Effect.Appear('lightboxImage', { duration: 0.5, queue: 'end', afterFinish: function(){	myLightbox.updateDetails(); } });

+		this.preloadNeighborImages();

+	},

+

+	//

+	//	updateDetails()

+	//	Display caption, image number, and bottom nav.

+	//

+	updateDetails: function() {

+	

+		Element.show('caption');

+		Element.setInnerHTML( 'caption', imageArray[activeImage][1]);

+		

+		// if image is part of set display 'Image x of x' 

+		if(imageArray.length > 1){

+			Element.show('numberDisplay');

+			Element.setInnerHTML( 'numberDisplay', "Image " + eval(activeImage + 1) + " of " + imageArray.length);

+		}

+

+		new Effect.Parallel(

+			[ new Effect.SlideDown( 'imageDataContainer', { sync: true, duration: resizeDuration + 0.25, from: 0.0, to: 1.0 }), 

+			  new Effect.Appear('imageDataContainer', { sync: true, duration: 1.0 }) ], 

+			{ duration: 0.65, afterFinish: function() { myLightbox.updateNav();} } 

+		);

+	},

+

+	//

+	//	updateNav()

+	//	Display appropriate previous and next hover navigation.

+	//

+	updateNav: function() {

+

+		Element.show('hoverNav');				

+

+		// if not first image in set, display prev image button

+		if(activeImage != 0){

+			Element.show('prevLink');

+			document.getElementById('prevLink').onclick = function() {

+				myLightbox.changeImage(activeImage - 1); return false;

+			}

+		}

+

+		// if not last image in set, display next image button

+		if(activeImage != (imageArray.length - 1)){

+			Element.show('nextLink');

+			document.getElementById('nextLink').onclick = function() {

+				myLightbox.changeImage(activeImage + 1); return false;

+			}

+		}

+		

+		this.enableKeyboardNav();

+	},

+

+	//

+	//	enableKeyboardNav()

+	//

+	enableKeyboardNav: function() {

+		document.onkeydown = this.keyboardAction; 

+	},

+

+	//

+	//	disableKeyboardNav()

+	//

+	disableKeyboardNav: function() {

+		document.onkeydown = '';

+	},

+

+	//

+	//	keyboardAction()

+	//

+	keyboardAction: function(e) {

+		if (e == null) { // ie

+			keycode = event.keyCode;

+		} else { // mozilla

+			keycode = e.which;

+		}

+

+		key = String.fromCharCode(keycode).toLowerCase();

+		

+		if((key == 'x') || (key == 'o') || (key == 'c')){	// close lightbox

+			myLightbox.end();

+		} else if(key == 'p'){	// display previous image

+			if(activeImage != 0){

+				myLightbox.disableKeyboardNav();

+				myLightbox.changeImage(activeImage - 1);

+			}

+		} else if(key == 'n'){	// display next image

+			if(activeImage != (imageArray.length - 1)){

+				myLightbox.disableKeyboardNav();

+				myLightbox.changeImage(activeImage + 1);

+			}

+		}

+

+

+	},

+

+	//

+	//	preloadNeighborImages()

+	//	Preload previous and next images.

+	//

+	preloadNeighborImages: function(){

+

+		if((imageArray.length - 1) > activeImage){

+			preloadNextImage = new Image();

+			preloadNextImage.src = imageArray[activeImage + 1][0];

+		}

+		if(activeImage > 0){

+			preloadPrevImage = new Image();

+			preloadPrevImage.src = imageArray[activeImage - 1][0];

+		}

+	

+	},

+

+	//

+	//	end()

+	//

+	end: function() {

+		this.disableKeyboardNav();

+		Element.hide('lightbox');

+		new Effect.Fade('overlay', { duration: 0.2});

+		showSelectBoxes();

+	}

+}

+

+// -----------------------------------------------------------------------------------

+

+//

+// getPageScroll()

+// Returns array with x,y page scroll values.

+// Core code from - quirksmode.org

+//

+function getPageScroll(){

+

+	var yScroll;

+

+	if (self.pageYOffset) {

+		yScroll = self.pageYOffset;

+	} else if (document.documentElement && document.documentElement.scrollTop){	 // Explorer 6 Strict

+		yScroll = document.documentElement.scrollTop;

+	} else if (document.body) {// all other Explorers

+		yScroll = document.body.scrollTop;

+	}

+

+	arrayPageScroll = new Array('',yScroll) 

+	return arrayPageScroll;

+}

+

+// -----------------------------------------------------------------------------------

+

+//

+// getPageSize()

+// Returns array with page width, height and window width, height

+// Core code from - quirksmode.org

+// Edit for Firefox by pHaez

+//

+function getPageSize(){

+	

+	var xScroll, yScroll;

+	

+	if (window.innerHeight && window.scrollMaxY) {	

+		xScroll = document.body.scrollWidth;

+		yScroll = window.innerHeight + window.scrollMaxY;

+	} else if (document.body.scrollHeight > document.body.offsetHeight){ // all but Explorer Mac

+		xScroll = document.body.scrollWidth;

+		yScroll = document.body.scrollHeight;

+	} else { // Explorer Mac...would also work in Explorer 6 Strict, Mozilla and Safari

+		xScroll = document.body.offsetWidth;

+		yScroll = document.body.offsetHeight;

+	}

+	

+	var windowWidth, windowHeight;

+	if (self.innerHeight) {	// all except Explorer

+		windowWidth = self.innerWidth;

+		windowHeight = self.innerHeight;

+	} else if (document.documentElement && document.documentElement.clientHeight) { // Explorer 6 Strict Mode

+		windowWidth = document.documentElement.clientWidth;

+		windowHeight = document.documentElement.clientHeight;

+	} else if (document.body) { // other Explorers

+		windowWidth = document.body.clientWidth;

+		windowHeight = document.body.clientHeight;

+	}	

+	

+	// for small pages with total height less then height of the viewport

+	if(yScroll < windowHeight){

+		pageHeight = windowHeight;

+	} else { 

+		pageHeight = yScroll;

+	}

+

+	// for small pages with total width less then width of the viewport

+	if(xScroll < windowWidth){	

+		pageWidth = windowWidth;

+	} else {

+		pageWidth = xScroll;

+	}

+

+

+	arrayPageSize = new Array(pageWidth,pageHeight,windowWidth,windowHeight) 

+	return arrayPageSize;

+}

+

+// -----------------------------------------------------------------------------------

+

+//

+// getKey(key)

+// Gets keycode. If 'x' is pressed then it hides the lightbox.

+//

+function getKey(e){

+	if (e == null) { // ie

+		keycode = event.keyCode;

+	} else { // mozilla

+		keycode = e.which;

+	}

+	key = String.fromCharCode(keycode).toLowerCase();

+	

+	if(key == 'x'){

+	}

+}

+

+// -----------------------------------------------------------------------------------

+

+//

+// listenKey()

+//

+function listenKey () {	document.onkeypress = getKey; }

+	

+// ---------------------------------------------------

+

+function showSelectBoxes(){

+	selects = document.getElementsByTagName("select");

+	for (i = 0; i != selects.length; i++) {

+		selects[i].style.visibility = "visible";

+	}

+}

+

+// ---------------------------------------------------

+

+function hideSelectBoxes(){

+	selects = document.getElementsByTagName("select");

+	for (i = 0; i != selects.length; i++) {

+		selects[i].style.visibility = "hidden";

+	}

+}

+

+// ---------------------------------------------------

+

+//

+// pause(numberMillis)

+// Pauses code execution for specified time. Uses busy code, not good.

+// Code from http://www.faqts.com/knowledge_base/view.phtml/aid/1602

+//

+function pause(numberMillis) {

+	var now = new Date();

+	var exitTime = now.getTime() + numberMillis;

+	while (true) {

+		now = new Date();

+		if (now.getTime() > exitTime)

+			return;

+	}

+}

+

+// ---------------------------------------------------

+

+

+

+function initLightbox() { myLightbox = new Lightbox(); }

+Event.observe(window, 'load', initLightbox, false);

diff --git a/base/tps/apache/docroot/esc/sow/js/prototype.js b/base/tps/apache/docroot/esc/sow/js/prototype.js
new file mode 100755
index 000000000..e9ccd3c88
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/js/prototype.js
@@ -0,0 +1,1785 @@
+/*  Prototype JavaScript framework, version 1.4.0
+ *  (c) 2005 Sam Stephenson <sam@conio.net>
+ *
+ *  THIS FILE IS AUTOMATICALLY GENERATED. When sending patches, please diff
+ *  against the source tree, available from the Prototype darcs repository.
+ *
+ *  Prototype is freely distributable under the terms of an MIT-style license.
+ *
+ *  For details, see the Prototype web site: http://prototype.conio.net/
+ *
+/*--------------------------------------------------------------------------*/
+
+var Prototype = {
+  Version: '1.4.0',
+  ScriptFragment: '(?:<script.*?>)((\n|\r|.)*?)(?:<\/script>)',
+
+  emptyFunction: function() {},
+  K: function(x) {return x}
+}
+
+var Class = {
+  create: function() {
+    return function() {
+      this.initialize.apply(this, arguments);
+    }
+  }
+}
+
+var Abstract = new Object();
+
+Object.extend = function(destination, source) {
+  for (property in source) {
+    destination[property] = source[property];
+  }
+  return destination;
+}
+
+Object.inspect = function(object) {
+  try {
+    if (object == undefined) return 'undefined';
+    if (object == null) return 'null';
+    return object.inspect ? object.inspect() : object.toString();
+  } catch (e) {
+    if (e instanceof RangeError) return '...';
+    throw e;
+  }
+}
+
+Function.prototype.bind = function() {
+  var __method = this, args = $A(arguments), object = args.shift();
+  return function() {
+    return __method.apply(object, args.concat($A(arguments)));
+  }
+}
+
+Function.prototype.bindAsEventListener = function(object) {
+  var __method = this;
+  return function(event) {
+    return __method.call(object, event || window.event);
+  }
+}
+
+Object.extend(Number.prototype, {
+  toColorPart: function() {
+    var digits = this.toString(16);
+    if (this < 16) return '0' + digits;
+    return digits;
+  },
+
+  succ: function() {
+    return this + 1;
+  },
+
+  times: function(iterator) {
+    $R(0, this, true).each(iterator);
+    return this;
+  }
+});
+
+var Try = {
+  these: function() {
+    var returnValue;
+
+    for (var i = 0; i < arguments.length; i++) {
+      var lambda = arguments[i];
+      try {
+        returnValue = lambda();
+        break;
+      } catch (e) {}
+    }
+
+    return returnValue;
+  }
+}
+
+/*--------------------------------------------------------------------------*/
+
+var PeriodicalExecuter = Class.create();
+PeriodicalExecuter.prototype = {
+  initialize: function(callback, frequency) {
+    this.callback = callback;
+    this.frequency = frequency;
+    this.currentlyExecuting = false;
+
+    this.registerCallback();
+  },
+
+  registerCallback: function() {
+    setInterval(this.onTimerEvent.bind(this), this.frequency * 1000);
+  },
+
+  onTimerEvent: function() {
+    if (!this.currentlyExecuting) {
+      try {
+        this.currentlyExecuting = true;
+        this.callback();
+      } finally {
+        this.currentlyExecuting = false;
+      }
+    }
+  }
+}
+
+/*--------------------------------------------------------------------------*/
+
+function $() {
+  var elements = new Array();
+
+  for (var i = 0; i < arguments.length; i++) {
+    var element = arguments[i];
+    if (typeof element == 'string')
+      element = document.getElementById(element);
+
+    if (arguments.length == 1)
+      return element;
+
+    elements.push(element);
+  }
+
+  return elements;
+}
+Object.extend(String.prototype, {
+  stripTags: function() {
+    return this.replace(/<\/?[^>]+>/gi, '');
+  },
+
+  stripScripts: function() {
+    return this.replace(new RegExp(Prototype.ScriptFragment, 'img'), '');
+  },
+
+  extractScripts: function() {
+    var matchAll = new RegExp(Prototype.ScriptFragment, 'img');
+    var matchOne = new RegExp(Prototype.ScriptFragment, 'im');
+    return (this.match(matchAll) || []).map(function(scriptTag) {
+      return (scriptTag.match(matchOne) || ['', ''])[1];
+    });
+  },
+
+  evalScripts: function() {
+    return this.extractScripts().map(eval);
+  },
+
+  escapeHTML: function() {
+    var div = document.createElement('div');
+    var text = document.createTextNode(this);
+    div.appendChild(text);
+    return div.innerHTML;
+  },
+
+  unescapeHTML: function() {
+    var div = document.createElement('div');
+    div.innerHTML = this.stripTags();
+    return div.childNodes[0] ? div.childNodes[0].nodeValue : '';
+  },
+
+  toQueryParams: function() {
+    var pairs = this.match(/^\??(.*)$/)[1].split('&');
+    return pairs.inject({}, function(params, pairString) {
+      var pair = pairString.split('=');
+      params[pair[0]] = pair[1];
+      return params;
+    });
+  },
+
+  toArray: function() {
+    return this.split('');
+  },
+
+  camelize: function() {
+    var oStringList = this.split('-');
+    if (oStringList.length == 1) return oStringList[0];
+
+    var camelizedString = this.indexOf('-') == 0
+      ? oStringList[0].charAt(0).toUpperCase() + oStringList[0].substring(1)
+      : oStringList[0];
+
+    for (var i = 1, len = oStringList.length; i < len; i++) {
+      var s = oStringList[i];
+      camelizedString += s.charAt(0).toUpperCase() + s.substring(1);
+    }
+
+    return camelizedString;
+  },
+
+  inspect: function() {
+    return "'" + this.replace('\\', '\\\\').replace("'", '\\\'') + "'";
+  }
+});
+
+String.prototype.parseQuery = String.prototype.toQueryParams;
+
+var $break    = new Object();
+var $continue = new Object();
+
+var Enumerable = {
+  each: function(iterator) {
+    var index = 0;
+    try {
+      this._each(function(value) {
+        try {
+          iterator(value, index++);
+        } catch (e) {
+          if (e != $continue) throw e;
+        }
+      });
+    } catch (e) {
+      if (e != $break) throw e;
+    }
+  },
+
+  all: function(iterator) {
+    var result = true;
+    this.each(function(value, index) {
+      result = result && !!(iterator || Prototype.K)(value, index);
+      if (!result) throw $break;
+    });
+    return result;
+  },
+
+  any: function(iterator) {
+    var result = true;
+    this.each(function(value, index) {
+      if (result = !!(iterator || Prototype.K)(value, index))
+        throw $break;
+    });
+    return result;
+  },
+
+  collect: function(iterator) {
+    var results = [];
+    this.each(function(value, index) {
+      results.push(iterator(value, index));
+    });
+    return results;
+  },
+
+  detect: function (iterator) {
+    var result;
+    this.each(function(value, index) {
+      if (iterator(value, index)) {
+        result = value;
+        throw $break;
+      }
+    });
+    return result;
+  },
+
+  findAll: function(iterator) {
+    var results = [];
+    this.each(function(value, index) {
+      if (iterator(value, index))
+        results.push(value);
+    });
+    return results;
+  },
+
+  grep: function(pattern, iterator) {
+    var results = [];
+    this.each(function(value, index) {
+      var stringValue = value.toString();
+      if (stringValue.match(pattern))
+        results.push((iterator || Prototype.K)(value, index));
+    })
+    return results;
+  },
+
+  include: function(object) {
+    var found = false;
+    this.each(function(value) {
+      if (value == object) {
+        found = true;
+        throw $break;
+      }
+    });
+    return found;
+  },
+
+  inject: function(memo, iterator) {
+    this.each(function(value, index) {
+      memo = iterator(memo, value, index);
+    });
+    return memo;
+  },
+
+  invoke: function(method) {
+    var args = $A(arguments).slice(1);
+    return this.collect(function(value) {
+      return value[method].apply(value, args);
+    });
+  },
+
+  max: function(iterator) {
+    var result;
+    this.each(function(value, index) {
+      value = (iterator || Prototype.K)(value, index);
+      if (value >= (result || value))
+        result = value;
+    });
+    return result;
+  },
+
+  min: function(iterator) {
+    var result;
+    this.each(function(value, index) {
+      value = (iterator || Prototype.K)(value, index);
+      if (value <= (result || value))
+        result = value;
+    });
+    return result;
+  },
+
+  partition: function(iterator) {
+    var trues = [], falses = [];
+    this.each(function(value, index) {
+      ((iterator || Prototype.K)(value, index) ?
+        trues : falses).push(value);
+    });
+    return [trues, falses];
+  },
+
+  pluck: function(property) {
+    var results = [];
+    this.each(function(value, index) {
+      results.push(value[property]);
+    });
+    return results;
+  },
+
+  reject: function(iterator) {
+    var results = [];
+    this.each(function(value, index) {
+      if (!iterator(value, index))
+        results.push(value);
+    });
+    return results;
+  },
+
+  sortBy: function(iterator) {
+    return this.collect(function(value, index) {
+      return {value: value, criteria: iterator(value, index)};
+    }).sort(function(left, right) {
+      var a = left.criteria, b = right.criteria;
+      return a < b ? -1 : a > b ? 1 : 0;
+    }).pluck('value');
+  },
+
+  toArray: function() {
+    return this.collect(Prototype.K);
+  },
+
+  zip: function() {
+    var iterator = Prototype.K, args = $A(arguments);
+    if (typeof args.last() == 'function')
+      iterator = args.pop();
+
+    var collections = [this].concat(args).map($A);
+    return this.map(function(value, index) {
+      iterator(value = collections.pluck(index));
+      return value;
+    });
+  },
+
+  inspect: function() {
+    return '#<Enumerable:' + this.toArray().inspect() + '>';
+  }
+}
+
+Object.extend(Enumerable, {
+  map:     Enumerable.collect,
+  find:    Enumerable.detect,
+  select:  Enumerable.findAll,
+  member:  Enumerable.include,
+  entries: Enumerable.toArray
+});
+var $A = Array.from = function(iterable) {
+  if (!iterable) return [];
+  if (iterable.toArray) {
+    return iterable.toArray();
+  } else {
+    var results = [];
+    for (var i = 0; i < iterable.length; i++)
+      results.push(iterable[i]);
+    return results;
+  }
+}
+
+Object.extend(Array.prototype, Enumerable);
+
+Array.prototype._reverse = Array.prototype.reverse;
+
+Object.extend(Array.prototype, {
+  _each: function(iterator) {
+    for (var i = 0; i < this.length; i++)
+      iterator(this[i]);
+  },
+
+  clear: function() {
+    this.length = 0;
+    return this;
+  },
+
+  first: function() {
+    return this[0];
+  },
+
+  last: function() {
+    return this[this.length - 1];
+  },
+
+  compact: function() {
+    return this.select(function(value) {
+      return value != undefined || value != null;
+    });
+  },
+
+  flatten: function() {
+    return this.inject([], function(array, value) {
+      return array.concat(value.constructor == Array ?
+        value.flatten() : [value]);
+    });
+  },
+
+  without: function() {
+    var values = $A(arguments);
+    return this.select(function(value) {
+      return !values.include(value);
+    });
+  },
+
+  indexOf: function(object) {
+    for (var i = 0; i < this.length; i++)
+      if (this[i] == object) return i;
+    return -1;
+  },
+
+  reverse: function(inline) {
+    return (inline !== false ? this : this.toArray())._reverse();
+  },
+
+  shift: function() {
+    var result = this[0];
+    for (var i = 0; i < this.length - 1; i++)
+      this[i] = this[i + 1];
+    this.length--;
+    return result;
+  },
+
+  inspect: function() {
+    return '[' + this.map(Object.inspect).join(', ') + ']';
+  }
+});
+var Hash = {
+  _each: function(iterator) {
+    for (key in this) {
+      var value = this[key];
+      if (typeof value == 'function') continue;
+
+      var pair = [key, value];
+      pair.key = key;
+      pair.value = value;
+      iterator(pair);
+    }
+  },
+
+  keys: function() {
+    return this.pluck('key');
+  },
+
+  values: function() {
+    return this.pluck('value');
+  },
+
+  merge: function(hash) {
+    return $H(hash).inject($H(this), function(mergedHash, pair) {
+      mergedHash[pair.key] = pair.value;
+      return mergedHash;
+    });
+  },
+
+  toQueryString: function() {
+    return this.map(function(pair) {
+      return pair.map(encodeURIComponent).join('=');
+    }).join('&');
+  },
+
+  inspect: function() {
+    return '#<Hash:{' + this.map(function(pair) {
+      return pair.map(Object.inspect).join(': ');
+    }).join(', ') + '}>';
+  }
+}
+
+function $H(object) {
+  var hash = Object.extend({}, object || {});
+  Object.extend(hash, Enumerable);
+  Object.extend(hash, Hash);
+  return hash;
+}
+ObjectRange = Class.create();
+Object.extend(ObjectRange.prototype, Enumerable);
+Object.extend(ObjectRange.prototype, {
+  initialize: function(start, end, exclusive) {
+    this.start = start;
+    this.end = end;
+    this.exclusive = exclusive;
+  },
+
+  _each: function(iterator) {
+    var value = this.start;
+    do {
+      iterator(value);
+      value = value.succ();
+    } while (this.include(value));
+  },
+
+  include: function(value) {
+    if (value < this.start)
+      return false;
+    if (this.exclusive)
+      return value < this.end;
+    return value <= this.end;
+  }
+});
+
+var $R = function(start, end, exclusive) {
+  return new ObjectRange(start, end, exclusive);
+}
+
+var Ajax = {
+  getTransport: function() {
+    return Try.these(
+      function() {return new ActiveXObject('Msxml2.XMLHTTP')},
+      function() {return new ActiveXObject('Microsoft.XMLHTTP')},
+      function() {return new XMLHttpRequest()}
+    ) || false;
+  },
+
+  activeRequestCount: 0
+}
+
+Ajax.Responders = {
+  responders: [],
+
+  _each: function(iterator) {
+    this.responders._each(iterator);
+  },
+
+  register: function(responderToAdd) {
+    if (!this.include(responderToAdd))
+      this.responders.push(responderToAdd);
+  },
+
+  unregister: function(responderToRemove) {
+    this.responders = this.responders.without(responderToRemove);
+  },
+
+  dispatch: function(callback, request, transport, json) {
+    this.each(function(responder) {
+      if (responder[callback] && typeof responder[callback] == 'function') {
+        try {
+          responder[callback].apply(responder, [request, transport, json]);
+        } catch (e) {}
+      }
+    });
+  }
+};
+
+Object.extend(Ajax.Responders, Enumerable);
+
+Ajax.Responders.register({
+  onCreate: function() {
+    Ajax.activeRequestCount++;
+  },
+
+  onComplete: function() {
+    Ajax.activeRequestCount--;
+  }
+});
+
+Ajax.Base = function() {};
+Ajax.Base.prototype = {
+  setOptions: function(options) {
+    this.options = {
+      method:       'post',
+      asynchronous: true,
+      parameters:   ''
+    }
+    Object.extend(this.options, options || {});
+  },
+
+  responseIsSuccess: function() {
+    return this.transport.status == undefined
+        || this.transport.status == 0
+        || (this.transport.status >= 200 && this.transport.status < 300);
+  },
+
+  responseIsFailure: function() {
+    return !this.responseIsSuccess();
+  }
+}
+
+Ajax.Request = Class.create();
+Ajax.Request.Events =
+  ['Uninitialized', 'Loading', 'Loaded', 'Interactive', 'Complete'];
+
+Ajax.Request.prototype = Object.extend(new Ajax.Base(), {
+  initialize: function(url, options) {
+    this.transport = Ajax.getTransport();
+    this.setOptions(options);
+    this.request(url);
+  },
+
+  request: function(url) {
+    var parameters = this.options.parameters || '';
+    if (parameters.length > 0) parameters += '&_=';
+
+    try {
+      this.url = url;
+      if (this.options.method == 'get' && parameters.length > 0)
+        this.url += (this.url.match(/\?/) ? '&' : '?') + parameters;
+
+      Ajax.Responders.dispatch('onCreate', this, this.transport);
+
+      this.transport.open(this.options.method, this.url,
+        this.options.asynchronous);
+
+      if (this.options.asynchronous) {
+        this.transport.onreadystatechange = this.onStateChange.bind(this);
+        setTimeout((function() {this.respondToReadyState(1)}).bind(this), 10);
+      }
+
+      this.setRequestHeaders();
+
+      var body = this.options.postBody ? this.options.postBody : parameters;
+      this.transport.send(this.options.method == 'post' ? body : null);
+
+    } catch (e) {
+      this.dispatchException(e);
+    }
+  },
+
+  setRequestHeaders: function() {
+    var requestHeaders =
+      ['X-Requested-With', 'XMLHttpRequest',
+       'X-Prototype-Version', Prototype.Version];
+
+    if (this.options.method == 'post') {
+      requestHeaders.push('Content-type',
+        'application/x-www-form-urlencoded');
+
+      /* Force "Connection: close" for Mozilla browsers to work around
+       * a bug where XMLHttpReqeuest sends an incorrect Content-length
+       * header. See Mozilla Bugzilla #246651.
+       */
+      if (this.transport.overrideMimeType)
+        requestHeaders.push('Connection', 'close');
+    }
+
+    if (this.options.requestHeaders)
+      requestHeaders.push.apply(requestHeaders, this.options.requestHeaders);
+
+    for (var i = 0; i < requestHeaders.length; i += 2)
+      this.transport.setRequestHeader(requestHeaders[i], requestHeaders[i+1]);
+  },
+
+  onStateChange: function() {
+    var readyState = this.transport.readyState;
+    if (readyState != 1)
+      this.respondToReadyState(this.transport.readyState);
+  },
+
+  header: function(name) {
+    try {
+      return this.transport.getResponseHeader(name);
+    } catch (e) {}
+  },
+
+  evalJSON: function() {
+    try {
+      return eval(this.header('X-JSON'));
+    } catch (e) {}
+  },
+
+  evalResponse: function() {
+    try {
+      return eval(this.transport.responseText);
+    } catch (e) {
+      this.dispatchException(e);
+    }
+  },
+
+  respondToReadyState: function(readyState) {
+    var event = Ajax.Request.Events[readyState];
+    var transport = this.transport, json = this.evalJSON();
+
+    if (event == 'Complete') {
+      try {
+        (this.options['on' + this.transport.status]
+         || this.options['on' + (this.responseIsSuccess() ? 'Success' : 'Failure')]
+         || Prototype.emptyFunction)(transport, json);
+      } catch (e) {
+        this.dispatchException(e);
+      }
+
+      if ((this.header('Content-type') || '').match(/^text\/javascript/i))
+        this.evalResponse();
+    }
+
+    try {
+      (this.options['on' + event] || Prototype.emptyFunction)(transport, json);
+      Ajax.Responders.dispatch('on' + event, this, transport, json);
+    } catch (e) {
+      this.dispatchException(e);
+    }
+
+    /* Avoid memory leak in MSIE: clean up the oncomplete event handler */
+    if (event == 'Complete')
+      this.transport.onreadystatechange = Prototype.emptyFunction;
+  },
+
+  dispatchException: function(exception) {
+    (this.options.onException || Prototype.emptyFunction)(this, exception);
+    Ajax.Responders.dispatch('onException', this, exception);
+  }
+});
+
+Ajax.Updater = Class.create();
+
+Object.extend(Object.extend(Ajax.Updater.prototype, Ajax.Request.prototype), {
+  initialize: function(container, url, options) {
+    this.containers = {
+      success: container.success ? $(container.success) : $(container),
+      failure: container.failure ? $(container.failure) :
+        (container.success ? null : $(container))
+    }
+
+    this.transport = Ajax.getTransport();
+    this.setOptions(options);
+
+    var onComplete = this.options.onComplete || Prototype.emptyFunction;
+    this.options.onComplete = (function(transport, object) {
+      this.updateContent();
+      onComplete(transport, object);
+    }).bind(this);
+
+    this.request(url);
+  },
+
+  updateContent: function() {
+    var receiver = this.responseIsSuccess() ?
+      this.containers.success : this.containers.failure;
+    var response = this.transport.responseText;
+
+    if (!this.options.evalScripts)
+      response = response.stripScripts();
+
+    if (receiver) {
+      if (this.options.insertion) {
+        new this.options.insertion(receiver, response);
+      } else {
+        Element.update(receiver, response);
+      }
+    }
+
+    if (this.responseIsSuccess()) {
+      if (this.onComplete)
+        setTimeout(this.onComplete.bind(this), 10);
+    }
+  }
+});
+
+Ajax.PeriodicalUpdater = Class.create();
+Ajax.PeriodicalUpdater.prototype = Object.extend(new Ajax.Base(), {
+  initialize: function(container, url, options) {
+    this.setOptions(options);
+    this.onComplete = this.options.onComplete;
+
+    this.frequency = (this.options.frequency || 2);
+    this.decay = (this.options.decay || 1);
+
+    this.updater = {};
+    this.container = container;
+    this.url = url;
+
+    this.start();
+  },
+
+  start: function() {
+    this.options.onComplete = this.updateComplete.bind(this);
+    this.onTimerEvent();
+  },
+
+  stop: function() {
+    this.updater.onComplete = undefined;
+    clearTimeout(this.timer);
+    (this.onComplete || Prototype.emptyFunction).apply(this, arguments);
+  },
+
+  updateComplete: function(request) {
+    if (this.options.decay) {
+      this.decay = (request.responseText == this.lastText ?
+        this.decay * this.options.decay : 1);
+
+      this.lastText = request.responseText;
+    }
+    this.timer = setTimeout(this.onTimerEvent.bind(this),
+      this.decay * this.frequency * 1000);
+  },
+
+  onTimerEvent: function() {
+    this.updater = new Ajax.Updater(this.container, this.url, this.options);
+  }
+});
+document.getElementsByClassName = function(className, parentElement) {
+  var children = ($(parentElement) || document.body).getElementsByTagName('*');
+  return $A(children).inject([], function(elements, child) {
+    if (child.className.match(new RegExp("(^|\\s)" + className + "(\\s|$)")))
+      elements.push(child);
+    return elements;
+  });
+}
+
+/*--------------------------------------------------------------------------*/
+
+if (!window.Element) {
+  var Element = new Object();
+}
+
+Object.extend(Element, {
+  visible: function(element) {
+    return $(element).style.display != 'none';
+  },
+
+  toggle: function() {
+    for (var i = 0; i < arguments.length; i++) {
+      var element = $(arguments[i]);
+      Element[Element.visible(element) ? 'hide' : 'show'](element);
+    }
+  },
+
+  hide: function() {
+    for (var i = 0; i < arguments.length; i++) {
+      var element = $(arguments[i]);
+      element.style.display = 'none';
+    }
+  },
+
+  show: function() {
+    for (var i = 0; i < arguments.length; i++) {
+      var element = $(arguments[i]);
+      element.style.display = '';
+    }
+  },
+
+  remove: function(element) {
+    element = $(element);
+    element.parentNode.removeChild(element);
+  },
+
+  update: function(element, html) {
+    $(element).innerHTML = html.stripScripts();
+    setTimeout(function() {html.evalScripts()}, 10);
+  },
+
+  getHeight: function(element) {
+    element = $(element);
+    return element.offsetHeight;
+  },
+
+  classNames: function(element) {
+    return new Element.ClassNames(element);
+  },
+
+  hasClassName: function(element, className) {
+    if (!(element = $(element))) return;
+    return Element.classNames(element).include(className);
+  },
+
+  addClassName: function(element, className) {
+    if (!(element = $(element))) return;
+    return Element.classNames(element).add(className);
+  },
+
+  removeClassName: function(element, className) {
+    if (!(element = $(element))) return;
+    return Element.classNames(element).remove(className);
+  },
+
+  // removes whitespace-only text node children
+  cleanWhitespace: function(element) {
+    element = $(element);
+    for (var i = 0; i < element.childNodes.length; i++) {
+      var node = element.childNodes[i];
+      if (node.nodeType == 3 && !/\S/.test(node.nodeValue))
+        Element.remove(node);
+    }
+  },
+
+  empty: function(element) {
+    return $(element).innerHTML.match(/^\s*$/);
+  },
+
+  scrollTo: function(element) {
+    element = $(element);
+    var x = element.x ? element.x : element.offsetLeft,
+        y = element.y ? element.y : element.offsetTop;
+    window.scrollTo(x, y);
+  },
+
+  getStyle: function(element, style) {
+    element = $(element);
+    var value = element.style[style.camelize()];
+    if (!value) {
+      if (document.defaultView && document.defaultView.getComputedStyle) {
+        var css = document.defaultView.getComputedStyle(element, null);
+        value = css ? css.getPropertyValue(style) : null;
+      } else if (element.currentStyle) {
+        value = element.currentStyle[style.camelize()];
+      }
+    }
+
+    if (window.opera && ['left', 'top', 'right', 'bottom'].include(style))
+      if (Element.getStyle(element, 'position') == 'static') value = 'auto';
+
+    return value == 'auto' ? null : value;
+  },
+
+  setStyle: function(element, style) {
+    element = $(element);
+    for (name in style)
+      element.style[name.camelize()] = style[name];
+  },
+
+  getDimensions: function(element) {
+    element = $(element);
+    if (Element.getStyle(element, 'display') != 'none')
+      return {width: element.offsetWidth, height: element.offsetHeight};
+
+    // All *Width and *Height properties give 0 on elements with display none,
+    // so enable the element temporarily
+    var els = element.style;
+    var originalVisibility = els.visibility;
+    var originalPosition = els.position;
+    els.visibility = 'hidden';
+    els.position = 'absolute';
+    els.display = '';
+    var originalWidth = element.clientWidth;
+    var originalHeight = element.clientHeight;
+    els.display = 'none';
+    els.position = originalPosition;
+    els.visibility = originalVisibility;
+    return {width: originalWidth, height: originalHeight};
+  },
+
+  makePositioned: function(element) {
+    element = $(element);
+    var pos = Element.getStyle(element, 'position');
+    if (pos == 'static' || !pos) {
+      element._madePositioned = true;
+      element.style.position = 'relative';
+      // Opera returns the offset relative to the positioning context, when an
+      // element is position relative but top and left have not been defined
+      if (window.opera) {
+        element.style.top = 0;
+        element.style.left = 0;
+      }
+    }
+  },
+
+  undoPositioned: function(element) {
+    element = $(element);
+    if (element._madePositioned) {
+      element._madePositioned = undefined;
+      element.style.position =
+        element.style.top =
+        element.style.left =
+        element.style.bottom =
+        element.style.right = '';
+    }
+  },
+
+  makeClipping: function(element) {
+    element = $(element);
+    if (element._overflow) return;
+    element._overflow = element.style.overflow;
+    if ((Element.getStyle(element, 'overflow') || 'visible') != 'hidden')
+      element.style.overflow = 'hidden';
+  },
+
+  undoClipping: function(element) {
+    element = $(element);
+    if (element._overflow) return;
+    element.style.overflow = element._overflow;
+    element._overflow = undefined;
+  }
+});
+
+var Toggle = new Object();
+Toggle.display = Element.toggle;
+
+/*--------------------------------------------------------------------------*/
+
+Abstract.Insertion = function(adjacency) {
+  this.adjacency = adjacency;
+}
+
+Abstract.Insertion.prototype = {
+  initialize: function(element, content) {
+    this.element = $(element);
+    this.content = content.stripScripts();
+
+    if (this.adjacency && this.element.insertAdjacentHTML) {
+      try {
+        this.element.insertAdjacentHTML(this.adjacency, this.content);
+      } catch (e) {
+        if (this.element.tagName.toLowerCase() == 'tbody') {
+          this.insertContent(this.contentFromAnonymousTable());
+        } else {
+          throw e;
+        }
+      }
+    } else {
+      this.range = this.element.ownerDocument.createRange();
+      if (this.initializeRange) this.initializeRange();
+      this.insertContent([this.range.createContextualFragment(this.content)]);
+    }
+
+    setTimeout(function() {content.evalScripts()}, 10);
+  },
+
+  contentFromAnonymousTable: function() {
+    var div = document.createElement('div');
+    div.innerHTML = '<table><tbody>' + this.content + '</tbody></table>';
+    return $A(div.childNodes[0].childNodes[0].childNodes);
+  }
+}
+
+var Insertion = new Object();
+
+Insertion.Before = Class.create();
+Insertion.Before.prototype = Object.extend(new Abstract.Insertion('beforeBegin'), {
+  initializeRange: function() {
+    this.range.setStartBefore(this.element);
+  },
+
+  insertContent: function(fragments) {
+    fragments.each((function(fragment) {
+      this.element.parentNode.insertBefore(fragment, this.element);
+    }).bind(this));
+  }
+});
+
+Insertion.Top = Class.create();
+Insertion.Top.prototype = Object.extend(new Abstract.Insertion('afterBegin'), {
+  initializeRange: function() {
+    this.range.selectNodeContents(this.element);
+    this.range.collapse(true);
+  },
+
+  insertContent: function(fragments) {
+    fragments.reverse(false).each((function(fragment) {
+      this.element.insertBefore(fragment, this.element.firstChild);
+    }).bind(this));
+  }
+});
+
+Insertion.Bottom = Class.create();
+Insertion.Bottom.prototype = Object.extend(new Abstract.Insertion('beforeEnd'), {
+  initializeRange: function() {
+    this.range.selectNodeContents(this.element);
+    this.range.collapse(this.element);
+  },
+
+  insertContent: function(fragments) {
+    fragments.each((function(fragment) {
+      this.element.appendChild(fragment);
+    }).bind(this));
+  }
+});
+
+Insertion.After = Class.create();
+Insertion.After.prototype = Object.extend(new Abstract.Insertion('afterEnd'), {
+  initializeRange: function() {
+    this.range.setStartAfter(this.element);
+  },
+
+  insertContent: function(fragments) {
+    fragments.each((function(fragment) {
+      this.element.parentNode.insertBefore(fragment,
+        this.element.nextSibling);
+    }).bind(this));
+  }
+});
+
+/*--------------------------------------------------------------------------*/
+
+Element.ClassNames = Class.create();
+Element.ClassNames.prototype = {
+  initialize: function(element) {
+    this.element = $(element);
+  },
+
+  _each: function(iterator) {
+    this.element.className.split(/\s+/).select(function(name) {
+      return name.length > 0;
+    })._each(iterator);
+  },
+
+  set: function(className) {
+    this.element.className = className;
+  },
+
+  add: function(classNameToAdd) {
+    if (this.include(classNameToAdd)) return;
+    this.set(this.toArray().concat(classNameToAdd).join(' '));
+  },
+
+  remove: function(classNameToRemove) {
+    if (!this.include(classNameToRemove)) return;
+    this.set(this.select(function(className) {
+      return className != classNameToRemove;
+    }).join(' '));
+  },
+
+  toString: function() {
+    return this.toArray().join(' ');
+  }
+}
+
+Object.extend(Element.ClassNames.prototype, Enumerable);
+var Field = {
+  clear: function() {
+    for (var i = 0; i < arguments.length; i++)
+      $(arguments[i]).value = '';
+  },
+
+  focus: function(element) {
+    $(element).focus();
+  },
+
+  present: function() {
+    for (var i = 0; i < arguments.length; i++)
+      if ($(arguments[i]).value == '') return false;
+    return true;
+  },
+
+  select: function(element) {
+    $(element).select();
+  },
+
+  activate: function(element) {
+    element = $(element);
+    element.focus();
+    if (element.select)
+      element.select();
+  }
+}
+
+/*--------------------------------------------------------------------------*/
+
+var Form = {
+  serialize: function(form) {
+    var elements = Form.getElements($(form));
+    var queryComponents = new Array();
+
+    for (var i = 0; i < elements.length; i++) {
+      var queryComponent = Form.Element.serialize(elements[i]);
+      if (queryComponent)
+        queryComponents.push(queryComponent);
+    }
+
+    return queryComponents.join('&');
+  },
+
+  getElements: function(form) {
+    form = $(form);
+    var elements = new Array();
+
+    for (tagName in Form.Element.Serializers) {
+      var tagElements = form.getElementsByTagName(tagName);
+      for (var j = 0; j < tagElements.length; j++)
+        elements.push(tagElements[j]);
+    }
+    return elements;
+  },
+
+  getInputs: function(form, typeName, name) {
+    form = $(form);
+    var inputs = form.getElementsByTagName('input');
+
+    if (!typeName && !name)
+      return inputs;
+
+    var matchingInputs = new Array();
+    for (var i = 0; i < inputs.length; i++) {
+      var input = inputs[i];
+      if ((typeName && input.type != typeName) ||
+          (name && input.name != name))
+        continue;
+      matchingInputs.push(input);
+    }
+
+    return matchingInputs;
+  },
+
+  disable: function(form) {
+    var elements = Form.getElements(form);
+    for (var i = 0; i < elements.length; i++) {
+      var element = elements[i];
+      element.blur();
+      element.disabled = 'true';
+    }
+  },
+
+  enable: function(form) {
+    var elements = Form.getElements(form);
+    for (var i = 0; i < elements.length; i++) {
+      var element = elements[i];
+      element.disabled = '';
+    }
+  },
+
+  findFirstElement: function(form) {
+    return Form.getElements(form).find(function(element) {
+      return element.type != 'hidden' && !element.disabled &&
+        ['input', 'select', 'textarea'].include(element.tagName.toLowerCase());
+    });
+  },
+
+  focusFirstElement: function(form) {
+    Field.activate(Form.findFirstElement(form));
+  },
+
+  reset: function(form) {
+    $(form).reset();
+  }
+}
+
+Form.Element = {
+  serialize: function(element) {
+    element = $(element);
+    var method = element.tagName.toLowerCase();
+    var parameter = Form.Element.Serializers[method](element);
+
+    if (parameter) {
+      var key = encodeURIComponent(parameter[0]);
+      if (key.length == 0) return;
+
+      if (parameter[1].constructor != Array)
+        parameter[1] = [parameter[1]];
+
+      return parameter[1].map(function(value) {
+        return key + '=' + encodeURIComponent(value);
+      }).join('&');
+    }
+  },
+
+  getValue: function(element) {
+    element = $(element);
+    var method = element.tagName.toLowerCase();
+    var parameter = Form.Element.Serializers[method](element);
+
+    if (parameter)
+      return parameter[1];
+  }
+}
+
+Form.Element.Serializers = {
+  input: function(element) {
+    switch (element.type.toLowerCase()) {
+      case 'submit':
+      case 'hidden':
+      case 'password':
+      case 'text':
+        return Form.Element.Serializers.textarea(element);
+      case 'checkbox':
+      case 'radio':
+        return Form.Element.Serializers.inputSelector(element);
+    }
+    return false;
+  },
+
+  inputSelector: function(element) {
+    if (element.checked)
+      return [element.name, element.value];
+  },
+
+  textarea: function(element) {
+    return [element.name, element.value];
+  },
+
+  select: function(element) {
+    return Form.Element.Serializers[element.type == 'select-one' ?
+      'selectOne' : 'selectMany'](element);
+  },
+
+  selectOne: function(element) {
+    var value = '', opt, index = element.selectedIndex;
+    if (index >= 0) {
+      opt = element.options[index];
+      value = opt.value;
+      if (!value && !('value' in opt))
+        value = opt.text;
+    }
+    return [element.name, value];
+  },
+
+  selectMany: function(element) {
+    var value = new Array();
+    for (var i = 0; i < element.length; i++) {
+      var opt = element.options[i];
+      if (opt.selected) {
+        var optValue = opt.value;
+        if (!optValue && !('value' in opt))
+          optValue = opt.text;
+        value.push(optValue);
+      }
+    }
+    return [element.name, value];
+  }
+}
+
+/*--------------------------------------------------------------------------*/
+
+var $F = Form.Element.getValue;
+
+/*--------------------------------------------------------------------------*/
+
+Abstract.TimedObserver = function() {}
+Abstract.TimedObserver.prototype = {
+  initialize: function(element, frequency, callback) {
+    this.frequency = frequency;
+    this.element   = $(element);
+    this.callback  = callback;
+
+    this.lastValue = this.getValue();
+    this.registerCallback();
+  },
+
+  registerCallback: function() {
+    setInterval(this.onTimerEvent.bind(this), this.frequency * 1000);
+  },
+
+  onTimerEvent: function() {
+    var value = this.getValue();
+    if (this.lastValue != value) {
+      this.callback(this.element, value);
+      this.lastValue = value;
+    }
+  }
+}
+
+Form.Element.Observer = Class.create();
+Form.Element.Observer.prototype = Object.extend(new Abstract.TimedObserver(), {
+  getValue: function() {
+    return Form.Element.getValue(this.element);
+  }
+});
+
+Form.Observer = Class.create();
+Form.Observer.prototype = Object.extend(new Abstract.TimedObserver(), {
+  getValue: function() {
+    return Form.serialize(this.element);
+  }
+});
+
+/*--------------------------------------------------------------------------*/
+
+Abstract.EventObserver = function() {}
+Abstract.EventObserver.prototype = {
+  initialize: function(element, callback) {
+    this.element  = $(element);
+    this.callback = callback;
+
+    this.lastValue = this.getValue();
+    if (this.element.tagName.toLowerCase() == 'form')
+      this.registerFormCallbacks();
+    else
+      this.registerCallback(this.element);
+  },
+
+  onElementEvent: function() {
+    var value = this.getValue();
+    if (this.lastValue != value) {
+      this.callback(this.element, value);
+      this.lastValue = value;
+    }
+  },
+
+  registerFormCallbacks: function() {
+    var elements = Form.getElements(this.element);
+    for (var i = 0; i < elements.length; i++)
+      this.registerCallback(elements[i]);
+  },
+
+  registerCallback: function(element) {
+    if (element.type) {
+      switch (element.type.toLowerCase()) {
+        case 'checkbox':
+        case 'radio':
+          Event.observe(element, 'click', this.onElementEvent.bind(this));
+          break;
+        case 'password':
+        case 'text':
+        case 'textarea':
+        case 'select-one':
+        case 'select-multiple':
+          Event.observe(element, 'change', this.onElementEvent.bind(this));
+          break;
+      }
+    }
+  }
+}
+
+Form.Element.EventObserver = Class.create();
+Form.Element.EventObserver.prototype = Object.extend(new Abstract.EventObserver(), {
+  getValue: function() {
+    return Form.Element.getValue(this.element);
+  }
+});
+
+Form.EventObserver = Class.create();
+Form.EventObserver.prototype = Object.extend(new Abstract.EventObserver(), {
+  getValue: function() {
+    return Form.serialize(this.element);
+  }
+});
+if (!window.Event) {
+  var Event = new Object();
+}
+
+Object.extend(Event, {
+  KEY_BACKSPACE: 8,
+  KEY_TAB:       9,
+  KEY_RETURN:   13,
+  KEY_ESC:      27,
+  KEY_LEFT:     37,
+  KEY_UP:       38,
+  KEY_RIGHT:    39,
+  KEY_DOWN:     40,
+  KEY_DELETE:   46,
+
+  element: function(event) {
+    return event.target || event.srcElement;
+  },
+
+  isLeftClick: function(event) {
+    return (((event.which) && (event.which == 1)) ||
+            ((event.button) && (event.button == 1)));
+  },
+
+  pointerX: function(event) {
+    return event.pageX || (event.clientX +
+      (document.documentElement.scrollLeft || document.body.scrollLeft));
+  },
+
+  pointerY: function(event) {
+    return event.pageY || (event.clientY +
+      (document.documentElement.scrollTop || document.body.scrollTop));
+  },
+
+  stop: function(event) {
+    if (event.preventDefault) {
+      event.preventDefault();
+      event.stopPropagation();
+    } else {
+      event.returnValue = false;
+      event.cancelBubble = true;
+    }
+  },
+
+  // find the first node with the given tagName, starting from the
+  // node the event was triggered on; traverses the DOM upwards
+  findElement: function(event, tagName) {
+    var element = Event.element(event);
+    while (element.parentNode && (!element.tagName ||
+        (element.tagName.toUpperCase() != tagName.toUpperCase())))
+      element = element.parentNode;
+    return element;
+  },
+
+  observers: false,
+
+  _observeAndCache: function(element, name, observer, useCapture) {
+    if (!this.observers) this.observers = [];
+    if (element.addEventListener) {
+      this.observers.push([element, name, observer, useCapture]);
+      element.addEventListener(name, observer, useCapture);
+    } else if (element.attachEvent) {
+      this.observers.push([element, name, observer, useCapture]);
+      element.attachEvent('on' + name, observer);
+    }
+  },
+
+  unloadCache: function() {
+    if (!Event.observers) return;
+    for (var i = 0; i < Event.observers.length; i++) {
+      Event.stopObserving.apply(this, Event.observers[i]);
+      Event.observers[i][0] = null;
+    }
+    Event.observers = false;
+  },
+
+  observe: function(element, name, observer, useCapture) {
+    var element = $(element);
+    useCapture = useCapture || false;
+
+    if (name == 'keypress' &&
+        (navigator.appVersion.match(/Konqueror|Safari|KHTML/)
+        || element.attachEvent))
+      name = 'keydown';
+
+    this._observeAndCache(element, name, observer, useCapture);
+  },
+
+  stopObserving: function(element, name, observer, useCapture) {
+    var element = $(element);
+    useCapture = useCapture || false;
+
+    if (name == 'keypress' &&
+        (navigator.appVersion.match(/Konqueror|Safari|KHTML/)
+        || element.detachEvent))
+      name = 'keydown';
+
+    if (element.removeEventListener) {
+      element.removeEventListener(name, observer, useCapture);
+    } else if (element.detachEvent) {
+      element.detachEvent('on' + name, observer);
+    }
+  }
+});
+
+/* prevent memory leaks in IE */
+Event.observe(window, 'unload', Event.unloadCache, false);
+var Position = {
+  // set to true if needed, warning: firefox performance problems
+  // NOT neeeded for page scrolling, only if draggable contained in
+  // scrollable elements
+  includeScrollOffsets: false,
+
+  // must be called before calling withinIncludingScrolloffset, every time the
+  // page is scrolled
+  prepare: function() {
+    this.deltaX =  window.pageXOffset
+                || document.documentElement.scrollLeft
+                || document.body.scrollLeft
+                || 0;
+    this.deltaY =  window.pageYOffset
+                || document.documentElement.scrollTop
+                || document.body.scrollTop
+                || 0;
+  },
+
+  realOffset: function(element) {
+    var valueT = 0, valueL = 0;
+    do {
+      valueT += element.scrollTop  || 0;
+      valueL += element.scrollLeft || 0;
+      element = element.parentNode;
+    } while (element);
+    return [valueL, valueT];
+  },
+
+  cumulativeOffset: function(element) {
+    var valueT = 0, valueL = 0;
+    do {
+      valueT += element.offsetTop  || 0;
+      valueL += element.offsetLeft || 0;
+      element = element.offsetParent;
+    } while (element);
+    return [valueL, valueT];
+  },
+
+  positionedOffset: function(element) {
+    var valueT = 0, valueL = 0;
+    do {
+      valueT += element.offsetTop  || 0;
+      valueL += element.offsetLeft || 0;
+      element = element.offsetParent;
+      if (element) {
+        p = Element.getStyle(element, 'position');
+        if (p == 'relative' || p == 'absolute') break;
+      }
+    } while (element);
+    return [valueL, valueT];
+  },
+
+  offsetParent: function(element) {
+    if (element.offsetParent) return element.offsetParent;
+    if (element == document.body) return element;
+
+    while ((element = element.parentNode) && element != document.body)
+      if (Element.getStyle(element, 'position') != 'static')
+        return element;
+
+    return document.body;
+  },
+
+  // caches x/y coordinate pair to use with overlap
+  within: function(element, x, y) {
+    if (this.includeScrollOffsets)
+      return this.withinIncludingScrolloffsets(element, x, y);
+    this.xcomp = x;
+    this.ycomp = y;
+    this.offset = this.cumulativeOffset(element);
+
+    return (y >= this.offset[1] &&
+            y <  this.offset[1] + element.offsetHeight &&
+            x >= this.offset[0] &&
+            x <  this.offset[0] + element.offsetWidth);
+  },
+
+  withinIncludingScrolloffsets: function(element, x, y) {
+    var offsetcache = this.realOffset(element);
+
+    this.xcomp = x + offsetcache[0] - this.deltaX;
+    this.ycomp = y + offsetcache[1] - this.deltaY;
+    this.offset = this.cumulativeOffset(element);
+
+    return (this.ycomp >= this.offset[1] &&
+            this.ycomp <  this.offset[1] + element.offsetHeight &&
+            this.xcomp >= this.offset[0] &&
+            this.xcomp <  this.offset[0] + element.offsetWidth);
+  },
+
+  // within must be called directly before
+  overlap: function(mode, element) {
+    if (!mode) return 0;
+    if (mode == 'vertical')
+      return ((this.offset[1] + element.offsetHeight) - this.ycomp) /
+        element.offsetHeight;
+    if (mode == 'horizontal')
+      return ((this.offset[0] + element.offsetWidth) - this.xcomp) /
+        element.offsetWidth;
+  },
+
+  clone: function(source, target) {
+    source = $(source);
+    target = $(target);
+    target.style.position = 'absolute';
+    var offsets = this.cumulativeOffset(source);
+    target.style.top    = offsets[1] + 'px';
+    target.style.left   = offsets[0] + 'px';
+    target.style.width  = source.offsetWidth + 'px';
+    target.style.height = source.offsetHeight + 'px';
+  },
+
+  page: function(forElement) {
+    var valueT = 0, valueL = 0;
+
+    var element = forElement;
+    do {
+      valueT += element.offsetTop  || 0;
+      valueL += element.offsetLeft || 0;
+
+      // Safari fix
+      if (element.offsetParent==document.body)
+        if (Element.getStyle(element,'position')=='absolute') break;
+
+    } while (element = element.offsetParent);
+
+    element = forElement;
+    do {
+      valueT -= element.scrollTop  || 0;
+      valueL -= element.scrollLeft || 0;
+    } while (element = element.parentNode);
+
+    return [valueL, valueT];
+  },
+
+  clone: function(source, target) {
+    var options = Object.extend({
+      setLeft:    true,
+      setTop:     true,
+      setWidth:   true,
+      setHeight:  true,
+      offsetTop:  0,
+      offsetLeft: 0
+    }, arguments[2] || {})
+
+    // find page position of source
+    source = $(source);
+    var p = Position.page(source);
+
+    // find coordinate system to use
+    target = $(target);
+    var delta = [0, 0];
+    var parent = null;
+    // delta [0,0] will do fine with position: fixed elements,
+    // position:absolute needs offsetParent deltas
+    if (Element.getStyle(target,'position') == 'absolute') {
+      parent = Position.offsetParent(target);
+      delta = Position.page(parent);
+    }
+
+    // correct by body offsets (fixes Safari)
+    if (parent == document.body) {
+      delta[0] -= document.body.offsetLeft;
+      delta[1] -= document.body.offsetTop;
+    }
+
+    // set position
+    if(options.setLeft)   target.style.left  = (p[0] - delta[0] + options.offsetLeft) + 'px';
+    if(options.setTop)    target.style.top   = (p[1] - delta[1] + options.offsetTop) + 'px';
+    if(options.setWidth)  target.style.width = source.offsetWidth + 'px';
+    if(options.setHeight) target.style.height = source.offsetHeight + 'px';
+  },
+
+  absolutize: function(element) {
+    element = $(element);
+    if (element.style.position == 'absolute') return;
+    Position.prepare();
+
+    var offsets = Position.positionedOffset(element);
+    var top     = offsets[1];
+    var left    = offsets[0];
+    var width   = element.clientWidth;
+    var height  = element.clientHeight;
+
+    element._originalLeft   = left - parseFloat(element.style.left  || 0);
+    element._originalTop    = top  - parseFloat(element.style.top || 0);
+    element._originalWidth  = element.style.width;
+    element._originalHeight = element.style.height;
+
+    element.style.position = 'absolute';
+    element.style.top    = top + 'px';;
+    element.style.left   = left + 'px';;
+    element.style.width  = width + 'px';;
+    element.style.height = height + 'px';;
+  },
+
+  relativize: function(element) {
+    element = $(element);
+    if (element.style.position == 'relative') return;
+    Position.prepare();
+
+    element.style.position = 'relative';
+    var top  = parseFloat(element.style.top  || 0) - (element._originalTop || 0);
+    var left = parseFloat(element.style.left || 0) - (element._originalLeft || 0);
+
+    element.style.top    = top + 'px';
+    element.style.left   = left + 'px';
+    element.style.height = element._originalHeight;
+    element.style.width  = element._originalWidth;
+  }
+}
+
+// Safari returns margins on body which is incorrect if the child is absolutely
+// positioned.  For performance reasons, redefine Position.cumulativeOffset for
+// KHTML/WebKit only.
+if (/Konqueror|Safari|KHTML/.test(navigator.userAgent)) {
+  Position.cumulativeOffset = function(element) {
+    var valueT = 0, valueL = 0;
+    do {
+      valueT += element.offsetTop  || 0;
+      valueL += element.offsetLeft || 0;
+      if (element.offsetParent == document.body)
+        if (Element.getStyle(element, 'position') == 'absolute') break;
+
+      element = element.offsetParent;
+    } while (element);
+
+    return [valueL, valueT];
+  }
+}
\ No newline at end of file
diff --git a/base/tps/apache/docroot/esc/sow/js/scriptaculous.js b/base/tps/apache/docroot/esc/sow/js/scriptaculous.js
new file mode 100755
index 000000000..dac1228fb
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/js/scriptaculous.js
@@ -0,0 +1,45 @@
+// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
+// 
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+var Scriptaculous = {
+  Version: '1.5.1',
+  require: function(libraryName) {
+    // inserting via DOM fails in Safari 2.0, so brute force approach
+    document.write('<script type="text/javascript" src="'+libraryName+'"></script>');
+  },
+  load: function() {
+    if((typeof Prototype=='undefined') ||
+      parseFloat(Prototype.Version.split(".")[0] + "." +
+                 Prototype.Version.split(".")[1]) < 1.4)
+      throw("script.aculo.us requires the Prototype JavaScript framework >= 1.4.0");
+    
+    $A(document.getElementsByTagName("script")).findAll( function(s) {
+      return (s.src && s.src.match(/scriptaculous\.js(\?.*)?$/))
+    }).each( function(s) {
+      var path = s.src.replace(/scriptaculous\.js(\?.*)?$/,'');
+      var includes = s.src.match(/\?.*load=([a-z,]*)/);
+      (includes ? includes[1] : 'builder,effects,dragdrop,controls,slider').split(',').each(
+       function(include) { Scriptaculous.require(path+include+'.js') });
+    });
+  }
+}
+
+Scriptaculous.load();
\ No newline at end of file
diff --git a/base/tps/apache/docroot/esc/sow/util.js b/base/tps/apache/docroot/esc/sow/util.js
new file mode 100755
index 000000000..967e6e5ed
--- /dev/null
+++ b/base/tps/apache/docroot/esc/sow/util.js
@@ -0,0 +1,1769 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Copyright (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+//
+// initialize netkey globals
+var netkey;
+
+
+var keyUITable = new Array();
+var keyTypeTable = new Array();
+var curChildWindow = null;
+
+var gWindow = null;
+
+const ErrorText = "For additional assistance contact your Technical Support";
+
+
+function getUIForKey(aKeyID)
+{
+    return keyUITable[aKeyID];
+
+}
+
+function getTypeForKey(aKeyID)
+{
+    return keyTypeTable[aKeyID];
+}
+
+
+//
+// Notify callback for GECKO
+//
+function jsNotify()  {}
+
+jsNotify.prototype = {
+
+  rhNotifyKeyStateChange: function(aKeyType,aKeyID,aKeyState,aData,strData)
+  {
+    OnCOOLKeyStateChange(aKeyType, aKeyID, aKeyState, aData,strData);
+  },
+
+  QueryInterface: function(iid)
+  {
+    <!--  alert("iid: " + iid); -->
+     if(!iid.equals(Components.interfaces.rhIKeyNotify) &&
+         !iid.equals(Components.interfaces.nsISupports))
+      {
+          MyAlert("Can't find jsNotify interface");
+          throw Components.results.NS_ERROR_NO_INTERFACE;
+      }
+      return this;
+  }
+};
+
+//
+// Attach to the object.
+//
+  // GECKO ONLY initialization
+  try {
+    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey = Components.classes["@redhat.com/rhCoolKey"].getService();
+    netkey = netkey.QueryInterface(Components.interfaces.rhICoolKey);
+    gNotify = new jsNotify;
+    netkey.rhCoolKeySetNotifyCallback(gNotify);
+  } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+  }
+
+//
+// unregister our notify event
+//
+function cleanup()
+{
+
+    try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      netkey.rhCoolKeyUnSetNotifyCallback(gNotify);
+    } catch(e) {
+     MyAlert("Can't get UniversalXPConnect: " + e);
+    }
+}
+
+var gScreenName = "";
+var gKeyEnrollmentType = "userKey";
+
+var gCurrentSelectedRow = null;
+
+
+var gCurKeyType = null;
+var gCurKeyID = null;
+
+////////////////////////////////////////////////////////////////
+//
+// Utility functions specific to this page.
+//
+////////////////////////////////////////////////////////////////
+
+
+// List of Error Messages to be printed out
+
+var Status_Messages = new Array(
+      
+    "Operation Completed Successfully.",
+    "Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Problem communicating with the smartcard.",
+    "Problem resetting smartcard's pin.",
+    "Internal Smartcard Server error.",
+    "Internal Smartcard Server error.",
+    "Smartcard enrollment error.",
+    "Can not communicate with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the Certificattion Authority.",
+    "Internal Smartcard Server error.",
+    "Error resetting the smartcard's password.",
+    "Internal Smartcard Server error.",
+    "Smartcard Server authentication failure.",
+    "Internal Smartcard Server error.",
+    "Your Smartcard is listed as disabled.",
+    "Problem communicating with the smartcard.",
+    "Internal Smartcard Server error.",
+    "Cannot upgrade smartcard software.",
+    "Internal Smartcard Server error.",
+    "Problem communicating with the smartcard.",
+    "Invalid smartcard type.",
+    "Invalid smartcard type.",
+    "Cannot publish smartcard information.",
+    "Cannot communicate with smartcard database.",
+    "Smartcard is disabled.",
+    "Cannot reset password value for the smartcard.",
+    "Connection to Smartcard Server lost.",
+    "Cannot create entry for smartcard in smartcard database.",
+    "Smartcard found to be in an inconsistent state.",
+    "Invalid reason for lost smartcard submitted.",
+    "Smartcard found to be unusable due to compromise.",
+    "No such inactive smartcard found.",
+    "Cannot process more than one active smartcard.",
+    "Internal Smartcard Server error.",
+    "Smartcard key recovery has been processed.",
+    "Smartcard key recovery failed.",
+    "Cannot process this smartcard, which has been reported lost.",
+    "Smartcard key archival error.",
+    "Problem connecting to the Smartcard TKS Server.",
+    "Failed to update smartcard database.",
+    "Internal certificate revocation error discovered.",
+    "User does not own this smartcard.", 
+    "Smart Card Manager has been misconfigured.",
+    "Smart Card Manager can not talk to smart card reader.",
+    "Smart Card Manager can not establish a session with  the smart card.",
+    "Smart Card Manager can not talk to Smart Card Server.",
+    "Smart Card Manager can not talk to smart card reader."
+ );    
+
+function GetAuthDataFromPopUp(aKeyType,aKeyID,aUiData)
+{
+
+   keyUITable[aKeyID] = aUiData;
+   keyTypeTable[aKeyID] = aKeyType;
+
+   //alert("GetAuthDataFromPopUp data " + aUiData);
+   var child = window.open("/GenericAuth.html",aKeyID,"height=400,width=400");
+
+   //alert("Attempted to create child window " + child);
+ 
+   curChildWindow = child; 
+
+}
+
+function COOLKeySetDataValue(aKeyType,aKeyID,name,value)
+{
+        //alert("In COOLKeySetDataValue  aKeyType " + aKeyType + " aKeyID " + aKeyID + " name " + name + " value " + value);  
+        if(netkey)
+        {
+             try {
+                    netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(aKeyType,aKeyID,name,value);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+
+}
+ 
+function COOLKeySetTokenPin(pin)
+{
+        if(netkey)
+        {
+             try { 
+                netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+                netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"TokenPin",pin);
+
+
+            } catch(e) {
+                MyAlert("Error Setting data values: " + e);
+            }
+        }
+}
+
+function COOLKeySetUidPassword(uid,pwd)
+{
+
+      if(netkey)
+      {
+
+          try {
+              netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"UserId",uid);
+
+              netkey.SetCoolKeyDataValue(gCurKeyType,gCurKeyID,"Password",pwd);
+
+          } catch(e) {
+              MyAlert("Error Setting data values: " + e);
+          }
+
+      }
+
+}
+      
+  
+function MyGetErrorMessage(status_code)
+{
+
+ var result = "Internal Server Error";
+
+  if(status_code < 0 && status_code >= Status_Messages.length)
+  {
+     return result;
+      
+  }   
+      
+  return Status_Messages[status_code];
+      
+}   
+
+function KeyToRowID(keyType, keyID)
+{
+  return keyType + "--" + keyID;
+}
+
+function RowIDToKeyInfo(rowID)
+{
+  return rowID.split("--");
+}
+
+function GetRowForKey(keyType, keyID)
+{
+  return document.getElementById(KeyToRowID(keyType, keyID));
+}
+
+function ReportException(msg, e)
+{
+  MyAlert(msg + " " + e.description + "(" + e.number + ")");
+}
+
+function GetCOOLKeyStatus(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyStatus(keyType, keyID);
+  } catch (e) {
+    ReportException("netkey.GetCOOLKeyStatus() failed!", e);
+    return 0;
+  }
+}
+
+function GetCOOLKeyPolicy(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyPolicy(keyType, keyID);
+  } catch (e) {
+  //  ReportException("netkey.GetCOOLKeyPolicy() failed!", e);
+    return "";
+  }
+}
+
+function GetCOOLKeyRequiresAuth(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyRequiresAuthentication(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyRequiresAuthentication() failed!", e);
+    return false;
+  }
+}
+
+function GetCOOLKeyIsAuthed(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsAuthenticated(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsAuthenticated() failed!", e);
+    return false;
+  }
+}
+
+function GetAvailableCOOLKeys()
+{
+  try {
+    var keyArr;
+
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      var inArray = netkey.GetAvailableCoolKeys( {} );
+      keyArr = new Array(inArray.length);
+      var i;
+
+      for (i=0; i < keyArr.length; i++) {
+	keyArr[i] = new Array( "1", inArray[i]);
+      }
+    return keyArr;
+  } catch(e) {
+    ReportException("netkey.GetAvailableCoolKeys() failed!", e);
+    return [];
+  }
+}
+
+function EnrollCOOLKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.EnrollCoolKey(keyType, keyID, enrollmentType, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException("netkey.EnrollCoolKey() failed!", e);
+    return false;
+  }
+
+  return true;
+}
+
+function GetCOOLKeyIsEnrolled(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    return netkey.GetCoolKeyIsEnrolled(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.GetCoolKeyIsEnrolled() failed!", e);
+    return false;
+  }
+}
+
+function CancelCOOLKeyOperation(keyType, keyID)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.CancelCoolKeyOperation(keyType, keyID);
+  } catch(e) {
+    ReportException("netkey.CancelCoolKeyOperation() failed!", e);
+    return false;
+  }
+  return true;
+}
+
+function MyAlert(message)
+{
+    if(message)
+        DoMyAlert(message,"Smart Card Manager");
+
+} 
+function DoMyAlert(message,title)
+{
+
+   if(!message || !title)
+       return;
+
+   try {
+
+       netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+       var prompts = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].getService(Components.interfaces.nsIPromptService);
+
+
+       prompts.alert(window,title,message);
+
+   } catch(e) {
+
+
+       alert("Problem with nsIPromptService " + e);
+   }
+
+}
+
+//
+// MSHTML/GECKO compatibility functions.
+//
+function RemoveRow(table, row)
+{
+    table.deleteRow(row.rowIndex);
+}
+
+function GetCell(row, index)
+{
+  var cell;
+
+    cell = row.cells[index];
+  return cell;
+}
+
+function GetNode(parent, index)
+{
+  var node;
+    node = parent.childNodes[index];
+  return node;
+}
+
+function InsertRow(table)
+{
+  var row;
+
+    row = table.insertRow(table.rows.length);
+  return row;
+}
+
+function InsertCell(row)
+{
+  var cell;
+
+    cell = row.insertCell(row.cells.length);
+  return cell;
+}
+
+function RemoveAllChildNodes(parent)
+{
+  var numChildren = parent.childNodes.length;
+  var i;
+
+  i = numChildren;
+  while (numChildren)
+  {
+    parent.removeChild(GetNode(parent,0));
+    numChildren--;
+  }
+
+}
+
+
+function UpdateInfoForKeyID(keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  if (!row)
+    return;
+
+  var cell = GetCell(row,1)
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(keyStatus));
+
+//  cell = GetCell(row,2);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+ // cell = GetCell(row,3);
+ // RemoveAllChildNodes(cell);
+ // cell.appendChild(document.createTextNode(isAuthed));
+}
+
+function GetStatusForKeyID(keyType, keyID)
+{
+  var keyStatus = "BLANK";
+
+  var status;
+
+  try {
+    status = GetCOOLKeyStatus(keyType, keyID);
+  } catch(e) {
+    status = 0;
+  }
+
+  switch (status) {
+    case 0: // Unavailable
+      keyStatus = "UNAVAILABLE";
+      break;
+    case 1: // AppletNotFound
+      keyStatus = "NO APPLET";
+      break;
+    case 2: // Uninitialized
+      keyStatus = "UNINITIALIZED";
+      break;
+    case 3: // Unknown
+      keyStatus = "UNKNOWN";
+      break;
+    case 4: // Available
+    case 6: // UnblockInProgress
+    case 7: // PINResetInProgress
+    case 8: // RenewInProgress
+      keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+      break;
+    case 5: // EnrollmentInProgress
+      keyStatus = "BUSY";
+      break;
+      break;
+    case 9: // FormatInProgress
+      keyStatus = "BUSY";
+      break;
+  }
+
+  return keyStatus;
+}
+
+function InsertCOOLKeyIntoBindingTable(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+
+  gWindow = window;
+ if (!row)
+  {
+    var table = document.getElementById("BindingTable");
+    if (table)
+    {
+      var keyStatus = GetStatusForKeyID(keyType, keyID);
+      var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+      var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+      row = CreateTableRow(table, keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+    }
+
+    if (!row)
+      return null;
+  }
+
+  return row;
+}
+
+function ConvertVariantArrayToJScriptArray(varr)
+{
+  // C++ native methods, like netkey.GetAvailableCOOLKeys(), can only
+  // return variant SafeArrays, so to access the data inside, you must
+  // first convert it to a VBArray, and then call toArray() to convert
+  // it to a JScript array. Lame, but that's what it takes to
+  // use an array returned from an ActiveX component.
+
+  return new VBArray(varr).toArray();
+}
+
+function UpdateBindingTableAvailability()
+{
+  var arr = GetAvailableCOOLKeys();
+
+  if (!arr || arr.length < 1)
+    return;
+
+  var i;
+
+  for (i=0; i < arr.length; i++)
+  {
+    InsertCOOLKeyIntoBindingTable(arr[i][0], arr[i][1]);
+
+    if (!gCurrentSelectedRow)
+      SelectRowByKeyID(arr[i][0], arr[i][1]);
+  }
+}
+
+function InitializeBindingTable()
+{
+  UpdateBindingTableAvailability();
+  UpdateButtonStates();
+  if (UserOnDoneInitializeBindingTable) {
+    UserOnDoneInitializeBindingTable();
+  }
+}
+
+function KeyIsPresent(keyType, keyID)
+{
+  row = document.all.item(keyType, keyID);
+
+  if (!row)
+    return false;
+
+  return true;
+}
+
+function SetStatusMessage(str)
+{
+  var cell = document.getElementById("statusMsg");
+
+  if (!cell)
+    return;
+  RemoveAllChildNodes(cell);
+  cell.appendChild(document.createTextNode(str));
+}
+
+function UpdateButtonStates()
+{
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    var keyStatus = GetStatusForKeyID(keyType, keyID);
+
+    document.getElementById("enrollbtn").disabled = false;
+  }
+  else
+  {
+    document.getElementById("enrollbtn").disabled = true;
+  }
+
+  refresh();
+}
+
+function GetCurrentKeyID()
+{
+  if (gCurrentSelectedRow)
+  {
+    var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+    var keyType = keyInfo[0];
+    var keyID = keyInfo[1];
+    return keyID;
+  } else {
+    return "No Key Found!";
+  }
+}
+
+function SetEnrollmentType(type)
+{
+  gKeyEnrollmentType = type;
+  UpdateButtonStates();
+}
+
+function FindRow(node)
+{
+  while (node && node.tagName != "TR")
+  {
+    node = node.parentNode;
+  }
+
+  return node;
+}
+
+function SelectRow(row)
+{
+  if (!row || gCurrentSelectedRow == row)
+    return;
+
+  if (gCurrentSelectedRow)
+    gCurrentSelectedRow.removeAttribute("style");
+
+  gCurrentSelectedRow = row;
+  gCurrentSelectedRow.style.backgroundColor="rgb(200,200,200)";
+  UpdateButtonStates();
+}
+
+function SelectRowByKeyID(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  SelectRow(row);
+}
+
+function DoSelectRow(event)
+{
+  var row;
+
+    row = FindRow(event.parentNode);
+  SelectRow(row);
+}
+
+function KeyToUIString(keyType, keyID)
+{
+  // If it's an COOLKey, format the keyID string.
+
+  if (keyType == 1 && keyID.length == 20)
+  {
+    var re = /([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})([0-9a-f]{4})/i;
+    keyID = keyID.replace(re, "$1-$2-$3-$4-$5").toLowerCase();
+  }
+
+  return keyID;
+}
+
+
+
+function CreateTableRow(table, keyType, keyID, keyStatus, reqAuth, isAuthed)
+{
+  var row = InsertRow(table);
+  if (!row)
+    return null;
+
+  row.setAttribute("id", KeyToRowID(keyType, keyID));
+ 
+     row.onclick = DoSelectRow;
+
+  // Create the key ID cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(KeyToUIString(keyType, keyID)));
+
+  //cell.setAttribute("onClick", "DoSelectRow(this);");
+
+  // Create the keyStatus cell.
+  //cell = InsertCell(row);
+  //cell.appendChild(document.createTextNode(keyStatus));
+
+  // Create the requires auth cell.
+ // cell = InsertCell(row);
+ // cell.appendChild(document.createTextNode(reqAuth));
+
+  cell = InsertCell(row);
+  cell.appendChild(document.createTextNode("Enrollment Progress"));
+
+  // Create the status bar cell
+
+  cell = InsertCell(row);
+
+  var progressMeter = document.createElement("div");
+  progressMeter.setAttribute("id", KeyToProgressBarID(keyType, keyID));
+  progressMeter.className = "ProgressMeter";
+  progressMeter.style.width = "100px";
+  progressMeter.style.height = "1.5em";
+//  progressMeter.style.visibility = "hidden";
+  progressMeter.setAttribute("value", 0);
+
+  var progressBar = document.createElement("div");
+  progressBar.className = "ProgressBar";
+  progressBar.style.width = "0px";
+  progressBar.style.height = "100%";
+//  progressBar.style.visibility = "hidden";
+
+  var progressBarStatus = document.createElement("div");
+  progressBarStatus.className = "ProgressBarStatus";
+  progressBarStatus.appendChild(document.createTextNode(""));
+
+  progressMeter.appendChild(progressBar);
+  progressMeter.appendChild(progressBarStatus);
+  cell.appendChild(progressMeter);
+
+  //row.style.display ="none";
+
+  return row;
+}
+
+gAnimationMSecs = 1000/30;
+
+function SetCylonTimer(cylonID, cylonEyeID)
+{
+  setTimeout("AnimateCylonStatusBar(\"" + cylonID +
+             "\", \"" + cylonEyeID + "\");", gAnimationMSecs);
+}
+
+function AnimateCylonStatusBar(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID);
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+    return;
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (!eye)
+    return;
+
+  var dir = eye.getAttribute("direction");
+  var wid = parseInt(eye.style.width);
+  var cywid = parseInt(cylon.style.width);
+  var left = parseInt(eye.style.left);
+
+  var dx = 10;
+
+  if (!dir || dir >= 0)
+  {
+    left += dx;
+
+    if (left + wid > cywid)
+    {
+      left = cywid - wid;
+      eye.setAttribute("direction", "-1");
+    }
+  }
+  else
+  {
+    left -= dx;
+
+    if (left < 0)
+    {
+      left = 0;
+      eye.setAttribute("direction", "1");
+    }
+  }
+
+  eye.style.left = left + "px";
+
+  SetCylonTimer(cylonID, cylonEyeID);
+}
+
+function StartCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (!cylon)
+    return;
+
+  var active = cylon.getAttribute("cylonactive");
+
+  if (!active)
+  {
+    cylon.setAttribute("cylonactive", "true");
+
+    var eye = document.getElementById(cylonEyeID);
+    if (eye)
+    {
+      eye.style.left = "0px";
+      eye.style.visibility = "visible";
+    }
+
+    SetCylonTimer(cylonID, cylonEyeID);
+  }
+}
+
+function StopCylonAnimation(cylonID, cylonEyeID)
+{
+  var cylon = document.getElementById(cylonID)
+
+  if (cylon)
+    cylon.removeAttribute("cylonactive");
+
+  var eye = document.getElementById(cylonEyeID);
+
+  if (eye)
+    eye.style.visibility = "hidden";
+}
+
+function GetProgressMeterValue(progMeterID)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return -1;
+
+  return parseInt(progMeter.getAttribute("value"));
+}
+
+function SetProgressMeterValue(progMeterID, value)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter || value < 0)
+    return;
+
+  if (value > 100)
+    value = 100;
+
+  var progBar = progMeter.firstChild;
+
+  if (value == 0)
+  {
+    progBar.style.width = "0px";
+    progBar.style.visibility = "hidden";
+    progMeter.setAttribute("value", 0);
+    return;
+  }
+
+  progBar.style.visibility = "visible"; 
+
+  var newWidth = parseInt(progMeter.style.width) * value / 100 - 2;
+
+  progBar.style.width =  newWidth + "px";
+  progMeter.setAttribute("value", value);
+}
+
+function SetProgressMeterStatus(progMeterID, statusMsg)
+{
+  var progMeter = document.getElementById(progMeterID);
+
+  if (!progMeter)
+    return;
+
+  var progBar = progMeter.firstChild;
+
+  // If it exists, the meter status should be
+  // div that is the next sibling of the progressMeter.
+
+  var meterStatus = progBar.nextSibling;
+
+  // Just replace the data in the text node, it's much faster,
+  // and reduces flashing!
+
+  meterStatus.firstChild.replaceData(0, meterStatus.firstChild.length, statusMsg);
+}
+
+function ClearProgressBar(progMeterID)
+{
+  SetProgressMeterValue(progMeterID, 0);
+  SetProgressMeterStatus(progMeterID, "");
+}
+
+function KeyToProgressBarID(keyType, keyID)
+{
+  return "PM" + keyType + "-" + keyID;
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions that contact the server or talk directly to
+// ESC native code.
+//
+// ESC Native Functions:
+//
+//     netkey.GetAvailableCOOLKeys()
+//
+//       - Returns an ActiveX Variant SafeArray containing the ID for each key
+//         that is currentlly plugged into the computer. Before accessing any
+//         data in this array you must convert it to a JScript Array with a
+//         call to ConvertVariantArrayToJScriptArray().
+//
+//     netkey.GetCOOLKeyIsEnrolled(keyType, keyID)
+//
+//       - Returns true if a key has been initialized, false if it hasn't.
+//         Initialized means the card has been formatted with certificates
+//         for either an COOL HouseKey or NetKey.
+//
+//     netkey.EnrollCOOLKey(keyType, keyID, enrollmentType, screenName, pin)
+//
+//       - Initiates an async connection to the RA to initialize a specific
+//         key. If you want the key to be initialized as a HouseKey, you should
+//         pass "houseKey" as the enrollmentType, and null values for both
+//         screenName and pin. For a NetKey, use "netKey" as the enrollmentType,
+//         and pass a valid screenName and pin.
+//
+//
+////////////////////////////////////////////////////////////////
+
+function GetScreenNameValue()
+{
+  var sname = document.getElementById("snametf").value;
+
+  if (! sname)
+  {
+    MyAlert("You must provide a valid LDAP User ID!");
+    if (UserOnCOOLKeyStateError) {
+      UserOnCOOLKeyStateError(); // call user-level
+    }
+    return null;
+  }
+
+  return sname;
+}
+
+function GetPINValue()
+{
+  var pinVal =  document.getElementById("pintf").value;
+  var rpinVal =  document.getElementById("reenterpintf").value;
+
+  if (! pinVal)
+  {
+    MyAlert("You must provide a valid Key Password!");
+    if (UserOnCOOLKeyStateError) {
+      UserOnCOOLKeyStateError(); // call user-level
+    }
+    return null;
+  }
+
+  if ( pinVal != rpinVal)
+  {
+    MyAlert("The Key Password values you entered do not match!");
+    if (UserOnCOOLKeyStateError) {
+      UserOnCOOLKeyStateError(); // call user-level
+    }
+    return null;
+  }
+
+  return pinVal;
+}
+
+function GetScreenNamePwd()
+{
+
+  var pwd = document.getElementById("snamepwd").value;
+
+   if(!pwd)
+   {
+       MyAlert("You must provide a valid LDAP User ID !");
+       if (UserOnCOOLKeyStateError) {
+          UserOnCOOLKeyStateError(); // call user-level
+       }
+       return null;
+   }
+   return pwd;
+}
+
+function GetTokenCode()
+{
+
+  return null;
+}
+function DoEnrollTempCOOLKey()
+{
+
+  if (!gCurrentSelectedRow)
+  {
+    MyAlert("Please select a key.");
+    return;
+  }
+
+ if(!Validate())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+    screenname =  GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd =  GetScreenNamePwd();
+
+    tokencode = GetTokenCode();
+
+    //SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  var doShow = true;
+
+  ShowProgressBar(keyType,keyID,doShow );
+
+  if (!EnrollCOOLKey(keyType, keyID, 'userKeyTemporary', screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+    var doShow = false;
+    ShowProgressBar(aKeyType,aKeyID,doShow );
+  }
+}
+function DoEnrollCOOLKey()
+{
+
+  if (!gCurrentSelectedRow)
+  {
+    MyAlert("Please select a key.");
+    return;
+  }
+
+ if(!Validate())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname =  GetScreenNameValue();
+
+    pin =  GetPINValue();
+
+
+    screennamepwd =  GetScreenNamePwd();
+
+    tokencode = GetTokenCode();
+
+    //SetStatusMessage("Enrolling UserKey \"" + KeyToUIString(keyType, keyID) + "\"...");
+  }
+
+  StartCylonAnimation("cylon1", "eye1");    
+
+  var doShow = true;
+
+  ShowProgressBar(keyType,keyID,doShow );
+
+  if (!EnrollCOOLKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+    var doShow = false;
+    ShowProgressBar(aKeyType,aKeyID,doShow );
+  }
+}
+
+function DoResetSelectedCOOLKeyPIN()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate())
+     return;
+
+   //alert("In DoResetSelectedCOOLKeyPIN!");
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var screenname = null;
+  var pin = null;
+  var screennamepwd = null;
+
+  if (GetCOOLKeyIsEnrolled(keyType, keyID))
+  {
+ 
+    SetStatusMessage("Resetting PIN for \"" + keyID + "\"...");
+    StartCylonAnimation("cylon1", "eye1");
+
+    if (!ResetCOOLKeyPIN(keyType, keyID, screenname, pin,screennamepwd))
+    {
+      SetStatusMessage("");
+      StopCylonAnimation("cylon1", "eye1");
+    }
+  }
+}
+
+function DoSetURLCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate1())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = 'soUserKey';
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+
+function DoFormatSoCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate1())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = 'soCleanSOToken';
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+
+function DoFormatCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  if(!Validate1())
+     return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  var type = 'soCleanUserToken';
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  SetStatusMessage("Formatting \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  if (!FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode))
+  {
+    SetStatusMessage("");
+    StopCylonAnimation("cylon1", "eye1");
+  }
+}
+
+function FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode)
+{
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+    netkey.FormatCoolKey(keyType, keyID, type, screenname, pin,screennamepwd,tokencode);
+  } catch(e) {
+    ReportException(getBundleString("errorFormatCoolKey"), e);
+    return false;
+  }
+  return true;
+}
+
+function DoCancelOperation()
+{
+
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  SetStatusMessage("Cancel operation for \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  CancelCOOLKeyOperation(keyType, keyID);
+
+  SetStatusMessage("");
+  StopCylonAnimation("cylon1", "eye1");
+}
+
+function DoChallengeSelectedKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Generating Challenge ...");
+
+  var challengeArray = ChallengeCOOLKey(keyType, keyID, document.forms[0].challengedata.value);
+
+  if (challengeArray.length != 4)
+  {
+    MyAlert("Challenge for key \"" + KeyToUIString(keyType, keyID) + "\" failed!");
+    SetStatusMessage("");
+    return;
+  }
+
+  MyAlert("ChallengeCOOLKey(\""+ KeyToUIString(keyType, keyID) + "\") returned:\n\n" +
+        "challenge[0]: " + challengeArray[0] + "\n" +
+        "challenge[1]: " + challengeArray[1] + "\n" +
+        "challenge[2]: " + challengeArray[2] + "\n" +
+        "challenge[3]: " + challengeArray[3] + "\n");
+
+  SetStatusMessage("");
+}
+
+function DoBlinkCOOLKey()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  SetStatusMessage("Blinking \"" + KeyToUIString(keyType, keyID) + "\" ...");
+  StartCylonAnimation("cylon1", "eye1");
+
+  BlinkCOOLKey(keyType, keyID, 400, 5000);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+}
+
+function OnCOOLKeyBlinkComplete(keyType,keyID)
+{
+  //StopCylonAnimation("cylon1", "eye1");
+  //SetStatusMessage(" ");
+}
+
+function DoHelp()
+{
+  if (!gCurrentSelectedRow)
+    return;
+
+  var keyInfo = RowIDToKeyInfo(gCurrentSelectedRow.getAttribute("id"));
+  var keyType = keyInfo[0];
+  var keyID = keyInfo[1];
+
+  if (!keyID)
+    return;
+
+  var policy = GetCOOLKeyPolicy(keyType, keyID);
+  var type = PolicyToKeyType(policy);
+  MyAlert("Policy:  " + policy + "\n" + "Type:    " + type);
+}
+
+////////////////////////////////////////////////////////////////
+//
+// Functions called directly from ASC native code.
+//
+////////////////////////////////////////////////////////////////
+
+function OnCOOLKeyInserted(keyType, keyID)
+{
+  var row = InsertCOOLKeyIntoBindingTable(keyType, keyID);
+
+  if (!gCurrentSelectedRow)
+    SelectRowByKeyID(keyType, keyID);
+  if (UserOnCOOLKeyInserted) {
+    UserOnCOOLKeyInserted(keyType, keyID);
+  }
+}
+
+
+function OnCOOLKeyRemoved(keyType, keyID)
+{
+  var row = GetRowForKey(keyType, keyID);
+  var table = document.getElementById("BindingTable");
+
+  if (row && table)
+  {
+    RemoveRow(table,row);
+
+    if (row == gCurrentSelectedRow)
+      gCurrentSelectedRow = null;
+  }
+
+  UpdateButtonStates();
+  if (UserOnCOOLKeyRemoved) {
+    UserOnCOOLKeyRemoved(keyType, keyID);
+  }
+}
+
+var gKnownPolicies = [
+
+  // OID Value, precedence, name value
+
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.1.0.1.4", 4, "NETKEY" ],   // Platinum - MyDoctor
+
+  // XXX: Remove the Old OIDs below, after the RA starts generating
+  //      certificates with the OIDs listed above!
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.1", 1, "HOUSEKEY" ], // Bronze   - HouseKey
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.2", 2, "NETKEY" ],   // Silver   - Member
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.3", 3, "NETKEY" ],   // Gold     - Associate
+  [ "OID.1.3.6.1.4.1.1066.1.1000.2.4", 4, "NETKEY" ]    // Platinum - MyDoctor
+];
+
+function PolicyToKeyType(policy)
+{
+   return "ENROLLED";
+}
+
+function OldPolicyToKeyType(policy)
+{
+  var i, j;
+  
+  var knownPoliciesIndex = -1;
+
+  
+  var policies;
+
+
+  if (policy.indexOf(",")== -1)
+  {
+    policies = new Array(1);
+    policies[0] = policy;
+  }
+  else
+  {
+    policies = policy.split(",");
+  }
+
+  for (j = 0; j < policies.length; j++)
+  {
+    for (i = 0; i < gKnownPolicies.length; i++)
+    {
+      if (gKnownPolicies[i][0] == policies[j])
+      {
+         if (knownPoliciesIndex < gKnownPolicies[i][1])
+           knownPoliciesIndex = i;
+      }
+    }  
+  }
+
+  if (knownPoliciesIndex == -1)
+    return "INITIALIZED";
+ 
+  return gKnownPolicies[knownPoliciesIndex][2];    
+}
+
+function BoolToYesNoStr(b)
+{
+  if (b)
+    return "YES";
+  return "NO";
+}
+
+function OnCOOLKeyEnrollmentComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+  SetStatusMessage("");
+  MyAlert("Enrollment of smartcard complete!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+
+  window.setTimeout("loadSuccessPage()",4);
+}
+
+function OnCOOLKeyPINResetComplete(keyType, keyID)
+{
+  var keyStatus = PolicyToKeyType(GetCOOLKeyPolicy(keyType, keyID));
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+  UpdateButtonStates();
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Password Reset was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+}
+
+function OnCOOLKeyFormatComplete(keyType, keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+  MyAlert("Format of \"" + KeyToUIString(keyType, keyID)+ "\" was successful!");
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+  if (UserOnCOOLKeyFormatComplete) {
+    UserOnCOOLKeyFormatComplete(); // call user-level
+  }
+}
+
+function OnCOOLKeyStateError(keyType, keyID, keyState, errorCode)
+{
+  var keyStatus = GetStatusForKeyID(keyType, keyID);
+  var keyReqAuth = BoolToYesNoStr(GetCOOLKeyRequiresAuth(keyType, keyID));
+  var keyIsAuthed = BoolToYesNoStr(GetCOOLKeyIsAuthed(keyType, keyID));
+
+  if(curChildWindow)
+  {
+      curChildWindow.close();
+      curChildWindow = null;
+
+  }
+
+  var doShow = false;
+  ShowProgressBar(keyType,keyID, doShow);
+
+  //UpdateInfoForKeyID(keyType, keyID, keyStatus, keyReqAuth, keyIsAuthed);
+
+  StopCylonAnimation("cylon1", "eye1");
+  SetStatusMessage("");
+
+  var typeStr = "Error(" + errorCode + ")";
+
+  var  messageStr = " \n\n Error Response: " + MyGetErrorMessage(errorCode) ;
+
+  var keyIDStr = KeyToUIString(keyType, keyID);
+
+  if (keyState == 1004)
+    typeStr = "Enrollment of key  failed. " + typeStr + messageStr ;
+  else if (keyState == 1016)
+    typeStr = "Formatting of key  failed. " + typeStr + messageStr;
+  else if (keyState == 1010)
+    typeStr = "PIN Reset for key  failed. " + typeStr + messageStr;
+  else if (keyState == 1020)
+    typeStr = "Operation for key  canceled.";
+
+  typeStr += " \n " + ErrorText;
+  MyAlert(typeStr);
+  ClearProgressBar(KeyToProgressBarID(keyType, keyID));
+  if (UserOnCOOLKeyStateError) {
+    UserOnCOOLKeyStateError(); // call user-level
+  }
+}
+
+function OnCOOLKeyStatusUpdate(progMeterID, statusUpdate)
+{
+  SetProgressMeterValue(progMeterID, statusUpdate);
+  SetProgressMeterStatus(progMeterID, statusUpdate + "%");
+}
+
+function Validate1()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+    screenname = '';
+    screennamepwd = 'netscape';
+    pin = 'netscape'
+
+   return 1;
+}
+function Validate()
+{
+
+  var type = gKeyEnrollmentType;
+  var screenname = null;
+  var pin = null;
+
+  var screennamepwd = null;
+  var tokencode = null;
+
+  if (type == "userKey")
+  {
+    screenname = GetScreenNameValue();
+    if (! screenname)
+      return 0;
+
+    screennamepwd = GetScreenNamePwd();
+
+    if(! screennamepwd)
+        return 0;
+
+    pin =  GetPINValue();
+
+    if (! pin)
+      return 0;
+
+   }
+
+   return 1;
+}
+
+function OnCOOLKeyStateChange(keyType, keyID, keyState, data,strData)
+{
+  // alert("KeyID:    " + keyID + "\n" +
+  //       "KeyState: " + keyState + "\n" +
+  //       "Data:     " + data);
+  //alert("State Change ="+keyState);
+
+  switch(keyState)
+  {
+    case 1000: // KeyInserted
+      OnCOOLKeyInserted(keyType, keyID);
+      break;
+    case 1001: // KeyRemoved
+      OnCOOLKeyRemoved(keyType, keyID);
+      break;
+    case 1002: // EnrollmentStart
+      // OnCOOLKeyEnrollmentStart(keyType, keyID);
+      break;
+    case 1003: // EnrollmentComplete
+      OnCOOLKeyEnrollmentComplete(keyType, keyID);
+      break;
+    case 1004: // EnrollmentError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1008: // PINResetStart
+      // OnCOOLKeyPINResetStart(keyType, keyID);
+      break;
+    case 1009: // PINResetComplete
+      OnCOOLKeyPINResetComplete(keyType, keyID);
+      break;
+    case 1010: // PINResetError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1014: // FormatStart
+      // OnCOOLKeyFormatStart(keyType, keyID);
+      break;
+    case 1015: // FormatComplete
+      OnCOOLKeyFormatComplete(keyType, keyID);
+      break;
+    case 1016: // FormatError
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1017: // BlinkStatus Update?
+      //OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1018: 
+      OnCOOLKeyBlinkComplete(keyType, keyID);
+      break;
+    case 1020: // OperationCancelled
+      OnCOOLKeyStateError(keyType, keyID, keyState, data);
+      break;
+    case 1021: // OperationStatusUpdate
+      OnCOOLKeyStatusUpdate(KeyToProgressBarID(keyType, keyID), data);
+      if(UserOnCOOLKeyStatusUpdate)
+          UserOnCOOLKeyStatusUpdate(data);
+      break;
+
+     case 1022: //Need Auth 
+
+
+       gCurKeyID = keyID;
+       gCurKeyType = keyType;
+
+       GetAuthDataFromPopUp(keyType,keyID,strData);
+
+       break;
+
+  }
+}
+
+function refresh()
+{
+  window.resizeBy(0,1);
+  window.resizeBy(0,-1);
+
+}
+
+function loadSuccessPage()
+{
+    window.location="/esc/sow/EnrollSuccess.html";
+}
+
+function ShowProgressBar(aKeyType,aKeyID, doShow)
+{
+   if(!gCurrentSelectedRow)
+      return;
+
+   if(doShow)
+       gCurrentSelectedRow.style.display="table-row";
+   else
+   {
+       gCurrentSelectedRow.style.display="none";
+   }
+}
+function DoCoolKeySetConfigValue(configValue,newValue)
+{
+   if(!configValue || !newValue)
+      return null;
+
+   var result = null;
+
+   if(netkey)
+   {
+      try {
+            netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+
+            result = netkey.SetCoolKeyConfigValue(configValue,newValue);
+
+            } catch(e) {
+                MyAlert(getBundleString("errorConfigValue") + " " + e);
+      }
+
+    }
+
+    return result;
+}
+
+//Is the user "uid"  an "agent" or "user"
+// Input "type" either "agent" or "user"
+
+function IsAgentOrUser(uid,type)
+{
+  var url = window.location.href;
+  var lastSlash = 0;
+
+  var result = false;
+
+  if(!uid || !type)
+      return false;
+
+  var isAgent = 0;
+
+  if(type == "agent")
+     isAgent = 1;
+
+  //Accept either uid=name or name
+
+  if(uid.lastIndexOf("uid=") < 0)
+  {
+     uid = "uid=" + uid;
+  }
+
+  if(url)
+  {
+    lastSlash = url.lastIndexOf("/");
+  }
+  if(lastSlash > 0)
+  {
+    url =  url.substring(0,lastSlash);
+  }
+
+  if(isAgent)
+    url = url + "/is_agent.cgi?" + uid;
+  else
+    url = url +  "/is_user.cgi?" + uid;
+
+  var req = new XMLHttpRequest();
+  req.open('GET',url,false);
+  req.send(null);
+  if(req.status == 200)
+  {
+    //alert(req.responseText);
+    if(req.responseText.lastIndexOf("yes") >= 0)
+    {
+      result = true;
+    }
+  }
+  return result;
+}
+
+function GetCoolKeyIssuedTo(keyType,keyID)
+{
+  var keyStatus = GetStatusForKeyID(keyType,keyID);
+
+  var issuedTo = null;
+
+  try {
+      netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
+      issuedTo = netkey.GetCoolKeyUID(keyType,keyID);
+
+  } catch (e)
+  {
+  }
+  return issuedTo;
+}
+
diff --git a/base/tps/apache/docroot/footer.vm b/base/tps/apache/docroot/footer.vm
new file mode 100755
index 000000000..a596e45b1
--- /dev/null
+++ b/base/tps/apache/docroot/footer.vm
@@ -0,0 +1,19 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+  <div id="footer">
+  </div>
diff --git a/base/tps/apache/docroot/header.vm b/base/tps/apache/docroot/header.vm
new file mode 100755
index 000000000..3824b87f3
--- /dev/null
+++ b/base/tps/apache/docroot/header.vm
@@ -0,0 +1,26 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<div id="header">
+    <a href="http://pki.fedoraproject.org" title="Visit pki.fedoraproject.org for more information"><img src="/pki/images/logo_header.gif" alt="Dogtag" id="myLogo" /></a>
+    <div id="headertitle">
+    <a href="/" title="Dogtag homepage">Dogtag<sup><font size="-2">&reg;</font></sup> Certificate System</a>
+    </div>
+    <div id="account">
+          <dl><dt><span></span></dt><dd></dd></dl>
+    </div>
+</div>
diff --git a/base/tps/forms/index.cgi b/base/tps/apache/docroot/index.cgi
index 0e643166b..0e643166b 100755
--- a/base/tps/forms/index.cgi
+++ b/base/tps/apache/docroot/index.cgi
diff --git a/base/tps/forms/index.html b/base/tps/apache/docroot/index.html
index b225251a1..b225251a1 100644
--- a/base/tps/forms/index.html
+++ b/base/tps/apache/docroot/index.html
diff --git a/base/tps/apache/docroot/index.vm b/base/tps/apache/docroot/index.vm
new file mode 100755
index 000000000..438d014ef
--- /dev/null
+++ b/base/tps/apache/docroot/index.vm
@@ -0,0 +1,89 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+
+<title>TPS Services</title>
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+    <META http-equiv=Content-Type content="text/html; charset=UTF-8">
+
+</head>
+<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366">
+
+#include ( "header.vm" )
+
+<div id="mainNavOuter">
+<div id="mainNav">
+<div id="mainNavInner">
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+                                                                                
+                                                                                
+<div id="bar">
+                                                                                
+<div id="systembar">
+<div id="systembarinner">
+                                                                                
+<div>
+  -
+</div>
+                                                                                
+                                                                                
+</div>
+</div>
+                                                                                
+</div>
+
+
+<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif">
+Certificate System TPS Services Page 
+</font><br>
+<p> 
+</font>
+<p>
+<center>
+<table border="0" cellspacing="0" cellpadding="0">
+<tr valign="TOP">
+<td>
+<font size=4 face="PrimaSans BT, Verdana, sans-serif">
+<li><a href="https://$machineName:$securePort/tus?op=index_operator">Operator Services</a></li>
+</font>
+</td>
+</tr>
+<tr valign="TOP">
+<td>
+<font size=4 face="PrimaSans BT, Verdana, sans-serif">
+<li><a href="https://$machineName:$securePort/tus">Agent Services</a></li>
+</font>
+</td>
+</tr>
+<tr valign="TOP">
+<td>
+<font size=4 face="PrimaSans BT, Verdana, sans-serif">
+<li><a href="https://$machineName:$securePort/tus?op=index_admin">Administrator Services</a></li>
+</font>
+</td>
+</tr>
+</table>
+</center>
+#include ( "footer.vm" )
+</body>
+</html>
diff --git a/base/tps/apache/docroot/tokendb/addConfig.template b/base/tps/apache/docroot/tokendb/addConfig.template
new file mode 100644
index 000000000..ce0177c1a
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/addConfig.template
@@ -0,0 +1,164 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2010 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Add " + disp_conf_type + " Configuration </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+// validate according to the pattern
+function validate_form(s) {
+    var s_array = s.split("\n");
+    var reg = new RegExp(conf_pattern.replace(/\$name/g, conf_name));
+
+    for (var i=0; i< s_array.length ; i++) {
+        var key_value = s_array[i].split("=");
+        if (! reg.test(key_value[0])) {
+            alert(key_value[0] + " is not a valid parameter.\nValid parameters have the format " + conf_pattern.replace(/\$name/g, conf_name));
+            return false;
+        }
+    }
+    return true;
+}
+
+function doUpdateConfig(form) {
+        var uri = "";
+        var s = document.addConfigForm.added_params.value;
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+
+        if (validate_form(s)) {
+            document.addConfigForm.added_params.value = s.replace(/\n/g, "&&");       
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5>" + disp_conf_type + ": </td>\n");
+    document.write("<td align=left >" + conf_name + "</td></tr>");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Status: </td>\n");
+    document.write("<td align=left width=20% > New </td></tr>");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Contents: </td>\n");
+    document.write("<form NAME =\"addConfigForm\" METHOD=POST onSubmit=\"return doUpdateConfig(this);\">\n");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=save_config_changes\">");
+    document.write("<input TYPE=hidden NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<input TYPE=hidden NAME=pname VALUE=\"" + conf_name + "\">");
+    document.write("<input TYPE=hidden NAME=new_config VALUE=true>");
+
+    document.write("<td>\n");
+    document.write("<textarea name=added_params cols=100 rows=40>\n");
+    document.write("</textarea>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+    document.write("<HR NOSHADE SIZE=1>");
+    document.write("<DIV ALIGN=RIGHT>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=4>\n");
+    document.write("<tr>\n");
+    document.write("<td align=left>\n");
+    document.write("<input TYPE=submit VALUE=Save>");
+    document.write("</td>\n");
+    document.write("<td align=left>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</form>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/addResults.template b/base/tps/apache/docroot/tokendb/addResults.template
new file mode 100644
index 000000000..eca814f8b
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/addResults.template
@@ -0,0 +1,74 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a></font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(tid) == "undefined") {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write("Missing "+addType+" ID</font>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write("New "+addType+" record "+tid+" has been added.</font>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+}
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/agentSelectConfig.template b/base/tps/apache/docroot/tokendb/agentSelectConfig.template
new file mode 100644
index 000000000..af782c190
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/agentSelectConfig.template
@@ -0,0 +1,123 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : " + disp_conf_type + " Review and Approval </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doViewConfig(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        this.action = uri;
+        return true;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr colspan=3>  <p> Use this form to select " + conf_type.replace(/_/g, " ").toLowerCase() + " for review. <br>" + 
+         "Select an item in the drop-down menu below and click \"Review\". </p></tr>");
+
+    document.write("<form NAME =\"selectViewConfigForm\" METHOD=POST onSubmit=\"return doViewConfig(this);\">");
+
+    document.write("<tr>");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=agent_view_config\">");
+    document.write("<input TYPE=HIDDEN NAME=ptype VALUE=\"" + conf_type + "\">");
+    var pset_list = conf_list.split(",");
+    document.write("<td ALIGN=LEFT width=20% >" + disp_conf_type + ": </td>");
+    document.write("<td ALIGN=LEFT><select name=\"pname\" >");
+    for (var i=0; i < pset_list.length; i++) {
+        document.write("<option value=\""+ pset_list[i] + "\">" + pset_list[i] + "</option>\n");
+    }
+    document.write("</select></td></tr>");
+    document.write("</table>");
+    
+    document.write("<HR NOSHADE SIZE=1>");
+    document.write("<DIV ALIGN=RIGHT>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=4>\n");
+    document.write("<tr><td><input TYPE=submit VALUE=Review> </td>");
+    document.write("<td><input TYPE=button VALUE=Cancel  onClick=\"doCancel();\"></td>");
+    document.write("</tr>");
+    document.write("</table>");
+    document.write("</form>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/agentViewConfig.template b/base/tps/apache/docroot/tokendb/agentViewConfig.template
new file mode 100644
index 000000000..9abce847a
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/agentViewConfig.template
@@ -0,0 +1,187 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2010 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : " + disp_conf_type + " Review </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+function validate_form(thisform) {
+    with (thisform) {
+    }
+    return true;
+}
+
+function doViewConfig(form) {
+        var uri = "";
+        var s = document.editConfigForm.pvalues.value;
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        if (validate_form(this)) {
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+function doDelete() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5>" + disp_conf_type + ": </td>\n");
+    document.write("<td align=left width=20% colspan=4>" + conf_name + "</td></tr>");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Status: </td>\n");
+    document.write("<td align=left width=20% colspan=4>" + conf_state.replace(/_/g, " ") + "</td></tr>");
+
+    document.write("<form NAME =\"viewConfigForm\" METHOD=POST onSubmit=\"return doViewConfig(this);\">\n");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=agent_change_config_state\">");
+    document.write("<input TYPE=hidden NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<input TYPE=hidden NAME=pname VALUE=\"" + conf_name + "\">");
+    document.write("<input TYPE=hidden NAME=ptimestamp VALUE=\"" + conf_tstamp + "\">");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Contents: </td>\n");
+    document.write("<td colspan=4>\n");
+    if ((typeof(conf_values) == "undefined") || (conf_values.length == 0) ) {
+        document.write("<textarea name=pvalues cols=100 rows=40 style=\"color:#000000\" disabled=disabled >\n");
+        document.write("</textarea>\n");
+    } else {
+        document.write("<textarea name=pvalues cols=100 rows=40 style=\"color:#000000\" disabled=disabled >\n");
+        document.write(conf_values.replace(/&&/g, "\r\n"));
+        document.write("</textarea>\n");
+    }
+    document.write("</td></tr>\n");
+    document.write("</table>\n");
+
+    document.write("<HR NOSHADE SIZE=1>");
+    document.write("<DIV ALIGN=RIGHT>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=4>\n");
+    document.write("<tr>\n");
+    document.write("<td align=left>\n");
+    if (conf_state == "Enabled") {
+        document.write("<input TYPE=submit name=choice VALUE=Disable>");
+    } else {
+        document.write("<input TYPE=submit name=choice VALUE=Disable disabled=disabled>");
+    }
+    document.write("</td>\n");
+    document.write("<td align=left>\n");
+    if (conf_state == "Pending_Approval") {
+        document.write("<input TYPE=submit name=choice VALUE=Reject >");
+    } else {
+        document.write("<input TYPE=submit name=choice VALUE=Reject disabled=disabled>");
+    }
+    document.write("</td>\n");
+    document.write("<td align=left>\n");
+    if ((conf_state == "Disabled") || (conf_state == "Pending_Approval")) {
+        document.write("<input TYPE=submit name=choice VALUE=\"Approve and Enable\">");
+    } else {
+        document.write("<input TYPE=submit name=choice VALUE=\"Approve and Enable\" disabled=disabled>");
+    }
+    document.write("</td>\n");
+    document.write("<td align=left>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</form>\n");
+    document.write("</table>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/auditAdmin.template b/base/tps/apache/docroot/tokendb/auditAdmin.template
new file mode 100644
index 000000000..ff299530c
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/auditAdmin.template
@@ -0,0 +1,213 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Configure Audit Logging</font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doUpdateAudit(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        this.action = uri;
+        return true;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+    document.write("<BR>");
+    document.write("<form NAME =\"editAuditForm\" METHOD=POST onSubmit=\"return doUpdateAudit(this);\">");
+    document.write("<input TYPE=HIDDEN NAME=query VALUE=\"op=update_audit_admin\">");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Enable Audit Logging:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    if (signedAuditEnable == "true") {
+        document.write("<input TYPE=RADIO NAME=auditEnable VALUE=\"true\" checked> Enable &nbsp;&nbsp;&nbsp;");
+        document.write("<input TYPE=RADIO NAME=auditEnable VALUE=\"false\"> Disable");
+    } else {
+        document.write("<input TYPE=RADIO NAME=auditEnable VALUE=\"true\" > Enable &nbsp;&nbsp;&nbsp;");
+        document.write("<input TYPE=RADIO NAME=auditEnable VALUE=\"false\" checked> Disable");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Enable Audit Log Signing:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    if (logSigningEnable == "true") {
+        document.write("<input TYPE=RADIO NAME=logSigningEnable VALUE=\"true\" checked> Enable &nbsp;&nbsp;&nbsp;");
+        document.write("<input TYPE=RADIO NAME=logSigningEnable VALUE=\"false\"> Disable");
+    } else {
+        document.write("<input TYPE=RADIO NAME=logSigningEnable VALUE=\"true\" > Enable &nbsp;&nbsp;&nbsp;");
+        document.write("<input TYPE=RADIO NAME=logSigningEnable VALUE=\"false\" checked> Disable");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Audit Log Signing Interval (seconds):&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=TEXT NAME=logSigningInterval VALUE=\"" + signedAuditLogInterval + "\" />");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Audit Log Signing Buffer Size (bytes, minimum 512):&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=TEXT NAME=logSigningBufferSize VALUE=\"" + signedAuditLogBufferSize + "\" />");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    var nonselectable_array = signedAuditNonSelectableEvents.split(",");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Events Always Logged:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<textarea name=nonselect cols=40 rows=10 >\n");
+    for (var i=0; i< nonselectable_array.length; i++) {
+        document.write(nonselectable_array[i] + "\n");
+    }
+    document.write("</textarea>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<p> Selected Optional Events to be logged: </p>");
+    var selectable_array = signedAuditSelectableEvents.split(",");
+    var signedAuditSelectedEvents_tmp = "," + signedAuditSelectedEvents + ",";
+
+
+    if ((typeof(selectable_array) != "undefined") && (selectable_array.length > 0)) {
+        document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+        for (var i=0; i < selectable_array.length; i++) {
+            if (i % 3 == 0) {
+                document.write("<tr bgcolor=#e5e5e5>\n");
+            }
+            document.write("<td>" + selectable_array[i] + "</td>");
+            if (signedAuditSelectedEvents_tmp.search("," + selectable_array[i] + ",") != -1) {
+                document.write("<td><input type=checkbox name=\"event_" + i + "\" value=\"" + selectable_array[i] + "\" checked></td>");
+            } else {
+                document.write("<td><input type=checkbox name=\"event_" + i + "\" value=\"" + selectable_array[i] + "\"></td>");
+            }
+
+            if ((i % 3 == 2) || (i == (selectable_array.length - 1))) {
+                document.write("</tr>");
+            }
+        }
+        document.write("</table>");
+    } else {
+        document.write("<p>There are no optional events to select.</p>");
+    }
+
+    document.write("<input type=hidden name=\"nEvents\" value=" + selectable_array.length + ">");
+
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=submit VALUE=Update>");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</form>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/confirmConfigChanges.template b/base/tps/apache/docroot/tokendb/confirmConfigChanges.template
new file mode 100644
index 000000000..ef541d732
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/confirmConfigChanges.template
@@ -0,0 +1,234 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2010 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+String.prototype.htmlEntities = function () {
+   return this.replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;');
+};
+
+
+String.prototype.unescapeEntry = function () {
+   return this.replace(/&dbquote/g,'\"').replace(/&singlequote/g,'\'').replace(/&lessthan/g,'<').replace(/&greaterthan/g, '>');
+};
+
+String.prototype.escapeEntry = function () {
+   return this.replace(/\"/g,'&dbquote').replace(/\'/g,'&singlequote').replace(/</g,'&lessthan').replace(/>/g, '&greaterthan');
+};
+
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : " + disp_conf_type + " Configuration </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+function validate_form(thisform) {
+    with (thisform) {
+    }
+    return true;
+}
+
+function doConfirmConfig(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+
+        if (validate_form(this)) {
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doBack(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+
+        if (validate_form(this)) {
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+    document.write("<p> Please confirm changes to the " + disp_conf_type + ": " + conf_name + "</p>");
+    document.write("<BR/>");
+
+    document.write("<form NAME =\"confirmConfigForm\" METHOD=POST onSubmit=\"return doConfirmConfig(this);\">\n");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=save_config_changes\">");
+    document.write("<input TYPE=hidden NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<input TYPE=hidden NAME=pname VALUE=\"" + conf_name + "\">");
+    document.write("<input TYPE=hidden NAME=added_params VALUE='" + added_str + "'>");
+    document.write("<input TYPE=hidden NAME=deleted_params VALUE='" + deleted_str + "'>");
+    document.write("<input TYPE=hidden NAME=changed_params VALUE='" + changed_str + "'>");
+    document.write("<input TYPE=hidden NAME=new_config VALUE=false>");
+    document.write("<input TYPE=hidden NAME=ptimestamp VALUE=\"" + conf_tstamp + "\">");
+    document.write("<input TYPE=hidden NAME=approval_requested VALUE=\"" + conf_approval_requested + "\">");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5> <font size=-1 face=\"PrimaSans BT, Verdana, sans-serif\"> Parameters added: </font></td>");
+    document.write("<td>");
+    if ((typeof(added_str) == "undefined") || (added_str.length == 0) ) {
+        document.write("<textarea name=disp_added_params cols=100 rows=10 style=\"color:#000000\" disabled=disabled>\n");
+        document.write("</textarea>\n");
+    } else {
+        document.write("<textarea name=disp_added_params cols=100 rows=10 style=\"color:#000000\" disabled=disabled>\n");
+        document.write(added_str.unescapeEntry().replace(/&&/g, "\r\n"));
+        document.write("</textarea>\n");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5> <font size=-1 face=\"PrimaSans BT, Verdana, sans-serif\"> Parameters deleted: </font></td>");
+    document.write("<td>");
+    if ((typeof(deleted_str) == "undefined") || (deleted_str.length == 0) ) {
+        document.write("<textarea name=disp_deleted_params cols=100 rows=10 style=\"color:#000000\" disabled=disabled>\n");
+        document.write("</textarea>\n");
+    } else {
+        document.write("<textarea name=disp_deleted_params cols=100 rows=10 style=\"color:#000000\" disabled=disabled>\n");
+        document.write(deleted_str.unescapeEntry().replace(/&&/g, "\r\n"));
+        document.write("</textarea>\n");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5> <font size=-1 face=\"PrimaSans BT, Verdana, sans-serif\"> Parameters changed: </font></td>");
+    document.write("<td>");
+    if ((typeof(changed_str) == "undefined") || (changed_str.length == 0) ) {
+        document.write("<textarea name=disp_changed_params cols=100 rows=10 style=\"color:#000000\" disabled=disabled>\n");
+        document.write("</textarea>\n");
+    } else {
+        document.write("<textarea name=disp_changed_params cols=100 rows=10 style=\"color:#000000\" disabled=disabled>\n");
+        document.write(changed_str.unescapeEntry().replace(/&&/g, "\r\n"));
+        document.write("</textarea>\n");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+    document.write("<HR NOSHADE SIZE=1>");
+    document.write("<DIV ALIGN=RIGHT>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=4>\n");
+    document.write("<tr>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=submit VALUE=\"Confirm Changes\">");
+    document.write("</td>\n");
+    document.write("</form>\n");
+
+    document.write("<td>\n");
+    document.write("<form NAME =\"backForm\" METHOD=POST onSubmit=\"return doBack(this);\">\n");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=return_to_edit_config_parameter\">");
+    document.write("<input TYPE=hidden NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<input TYPE=hidden NAME=pname VALUE=\"" + conf_name + "\">");
+    document.write("<input TYPE=hidden NAME=pvalues VALUE=\"" + conf_values.escapeEntry() + "\">");
+    document.write("<input TYPE=hidden NAME=ptimestamp VALUE=\"" + conf_tstamp + "\">");
+    document.write("<input TYPE=hidden NAME=pstate VALUE=\"" + conf_state + "\">");
+    document.write("<input TYPE=submit VALUE=\"Back\">");
+    document.write("</form>\n");
+    document.write("</td>\n");
+
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/confirmDeleteConfig.template b/base/tps/apache/docroot/tokendb/confirmDeleteConfig.template
new file mode 100644
index 000000000..3b1ab8b47
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/confirmDeleteConfig.template
@@ -0,0 +1,173 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2010 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Delete " + disp_conf_type + " Confirmation </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+function validate_form(thisform) {
+    with (thisform) {
+    }
+    return true;
+}
+
+function doUpdateConfig(form) {
+        var uri = "";
+        var s = document.editConfigForm.pvalues.value;
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        document.editConfigForm.pvalues.value = s.replace(/\n/g, "&&");
+        if (validate_form(this)) {
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+function doDelete() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5>" + disp_conf_type + ": </td>\n");
+    document.write("<td align=left width=20% colspan=4>" + conf_name + "</td></tr>");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Status: </td>\n");
+    document.write("<td align=left width=20% colspan=4>" + conf_state.replace(/_/g, " ") + "</td></tr>");
+
+    document.write("<form NAME =\"editConfigForm\" METHOD=POST onSubmit=\"return doUpdateConfig(this);\">\n");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=delete_config_parameter\">");
+    document.write("<input TYPE=hidden NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<input TYPE=hidden NAME=pname VALUE=\"" + conf_name + "\">");
+    document.write("<input TYPE=hidden NAME=ptimestamp VALUE=\"" + conf_tstamp + "\">");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Contents: </td>\n");
+    document.write("<td align=left colspan=4>\n");
+    if ((typeof(conf_values) == "undefined") || (conf_values.length == 0) ) {
+        document.write("<textarea name=pvalues style=\"color:#000000\" cols=100 rows=40 disabled=disabled>\n");
+        document.write("</textarea>\n");
+    } else {
+        document.write("<textarea name=pvalues cols=100 style=\"color:#000000\" rows=40 disabled=disabled>\n");
+        document.write(conf_values.replace(/&&/g, "\r\n"));
+        document.write("</textarea>\n");
+    }
+    document.write("</td></tr>\n");
+    document.write("</table>\n");
+
+    document.write("<HR NOSHADE SIZE=1>");
+    document.write("<DIV ALIGN=RIGHT>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=4>\n");
+    document.write("<tr valign=top>\n");
+    document.write("<td>\n");
+    document.write("Are you sure?");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=submit VALUE=\"Delete\">");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</form>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/delete.template b/base/tps/apache/docroot/tokendb/delete.template
new file mode 100644
index 000000000..4d3243db1
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/delete.template
@@ -0,0 +1,294 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Token Details</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Token Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenPolicy+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<p>\n");
+    document.write("<b>System Information:</b>");
+    document.write("<p>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].keyInfo+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenAppletID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr valign=top>\n");
+    document.write("<td>\n");
+    document.write("Are you sure?");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=delete><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=Delete></form>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/deleteResults.template b/base/tps/apache/docroot/tokendb/deleteResults.template
new file mode 100644
index 000000000..606e11bb0
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/deleteResults.template
@@ -0,0 +1,74 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a></font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(tid) == "undefined") {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write("Missing " + deleteType + " ID</font>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write(deleteType + " record "+tid+" has been deleted.</font>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+}
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/doToken.template b/base/tps/apache/docroot/tokendb/doToken.template
new file mode 100644
index 000000000..419a9a240
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/doToken.template
@@ -0,0 +1,360 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Token Details</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function breakLines(str) {
+	str = str.replace('#', '<br>');	
+	return str;
+}
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+function check_transition(state, tlist) {
+    for (var i=0; i < tlist.length; i++) {
+        if (state == tlist[i]) {
+            return true;
+        }
+    }
+    return false;
+}
+
+if (rc == "0") {
+    document.write("<b>The operation has been successful.</b>");
+    document.write("<p>\n");
+} else if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Token Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Reason:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenReason+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenPolicy+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<p>\n");
+    document.write("<b>System Information:</b>");
+    document.write("<p>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].keyInfo+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenAppletID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td width=60%>\n");
+    var transitions = allowed_transitions.split(",");
+    if (allowed_transitions != "") {
+        document.write("<form method='get' action='tus'><select name=\"question\">");
+
+        if (check_transition(1, transitions)) {
+            document.write("<option value=\"1\" >This token has been physically damaged.</option>");
+        } else {
+            document.write("<option value=\"1\" disabled=true >This token has been physically damaged.</option>");
+        }
+        if (check_transition(2, transitions)) {
+            document.write("<option value=\"2\">This token has been permanently lost.</option>");
+        } else {
+            document.write("<option value=\"2\" disabled=true >This token has been permanently lost.</option>");
+        }
+        if (check_transition(3, transitions)) {
+            document.write("<option value=\"3\" >This token has been temporarily lost.</option>");
+        } else {
+            document.write("<option value=\"3\" disabled=true >This token has been temporarily lost.</option>");
+        }
+        if (check_transition(4, transitions)) {
+            document.write("<option value=\"4\" >This temporarily lost token has been found.</option>");
+        } else {
+            document.write("<option value=\"4\" disabled=true >This temporarily lost token has been found.</option>");
+        }
+        if (check_transition(5, transitions)) {
+            document.write("<option value=\"5\" >This temporarily lost token cannot be found (becomes permanently lost).</option>");
+        } else {
+            document.write("<option value=\"5\" disabled=true >This temporarily lost token cannot be found (becomes permanently lost).</option>");
+        }
+        if (check_transition(6, transitions)) {
+            document.write("<option value=\"6\" >This token has been terminated.</option>");
+        } else {
+            document.write("<option value=\"6\" disabled=true >This token has been terminated.</option>");
+        }
+        document.write("</select><input type=hidden name=op value=do_token><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Go\"></form>");
+    }
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=view_certificate_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Certificates\"></form>");
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=view_activity_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Activities\"></form>");
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=edit><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Edit\"></form>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/doTokenConfirm.template b/base/tps/apache/docroot/tokendb/doTokenConfirm.template
new file mode 100644
index 000000000..16bd2a191
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/doTokenConfirm.template
@@ -0,0 +1,344 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Token Details</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function breakLines(str) {
+	str = str.replace('#', '<br>');	
+	return str;
+}
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Token Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Reason:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenReason+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenPolicy+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<p>\n");
+    document.write("<b>System Information:</b>");
+    document.write("<p>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].keyInfo+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenAppletID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<td width=80%>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">");
+    document.write("Are you sure?");
+     document.write("</font>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td width=80%>\n");
+    document.write("<form method='get' action='tus'><select name=\"question\">");
+    if (question == '1') {
+      document.write("<option selected value=\"1\">This token has been physically damaged.</option>");
+    } else {
+      document.write("<option value=\"1\" disabled>This token has been physically damaged.</option>");
+    }
+    if (question == '2') {
+      document.write("<option selected value=\"2\">This token has been permanently lost.</option>");
+    } else {
+      document.write("<option value=\"2\" disabled>This token has been permanently lost.</option>");
+    }
+    if (question == '3') {
+      document.write("<option selected value=\"3\">This token has been temporarily lost.</option>");
+    } else {
+      document.write("<option value=\"3\" disabled>This token has been temporarily lost.</option>");
+    }
+    if (question == '4') {
+      document.write("<option selected value=\"4\">This temporarily lost token has been found.</option>");
+    } else {
+      document.write("<option value=\"4\" disabled>This temporarily lost token has been found.</option>");
+    }
+    if (question == '5') {
+      document.write("<option selected value=\"5\">This temporarily lost token cannot be found (becomes permanently lost).</option>");
+    } else {
+      document.write("<option value=\"5\" disabled>This temporarily lost token cannot be found (becomes permanently lost).</option>");
+    }
+    if (question == '6') {
+      document.write("<option selected value=\"6\">This token has been terminated.</option>");
+    } else {
+      document.write("<option value=\"6\" disabled>This token has been terminated.</option>");
+    }
+    document.write("</select><input type=hidden name=op value=do_token>");
+    document.write("<input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Go\"></form>");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/edit.template b/base/tps/apache/docroot/tokendb/edit.template
new file mode 100644
index 000000000..163ae3bd1
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/edit.template
@@ -0,0 +1,199 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Edit Token</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function doSave(form) {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    uri += "?op=save&tid="+results[0].cn;
+
+    if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+    }
+
+    if (results[0].tokenPolicy != form.tokenPolicy.value) {
+       uri += "&tokenPolicy=" + form.tokenPolicy.value;
+    }
+    uri += "&m=" + results[0].modified;
+    location.href = uri;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<FORM NAME =\"editForm\" ACTION=\"\" METHOD=GET>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=TEXT NAME=uid SIZE=20 VALUE="+results[0].tokenUserID+">\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write(results[0].tokenStatus+"\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=TEXT NAME=tokenPolicy SIZE=20 VALUE="+results[0].tokenPolicy+">\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write(results[0].tokenType+"\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Save onClick=\"doSave(editForm);\">");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+    document.write("</form>\n");
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/editConfig.template b/base/tps/apache/docroot/tokendb/editConfig.template
new file mode 100644
index 000000000..a4091870a
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/editConfig.template
@@ -0,0 +1,237 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2010 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+String.prototype.htmlEntities = function () {
+   return this.replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;');
+};
+
+String.prototype.unescapeEntry = function () {
+   return this.replace(/&dbquote/g,'\"').replace(/&singlequote/g,'\'').replace(/&lessthan/g,'<').replace(/&greaterthan/g, '>');
+};
+
+String.prototype.escapeEntry = function () {
+   return this.replace(/\"/g,'&dbquote').replace(/\'/g,'&singlequote').replace(/</g,'&lessthan').replace(/>/g, '&greaterthan');
+};
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : " + disp_conf_type + " Configuration </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+// validate according to the pattern
+function validate_form(s) {
+    var s_array = s.split("\n");
+    var reg = new RegExp(conf_pattern.replace(/\$name/g, conf_name));
+
+    for (var i=0; i< s_array.length ; i++) {
+        var key_value = s_array[i].split("=");
+        if (! reg.test(key_value[0])) {
+            alert(key_value[0] + " is not a valid parameter.\nValid parameters have the format " + conf_pattern.replace(/\$name/g, conf_name));
+            return false;
+        }
+    }
+    return true;
+}
+
+function doUpdateConfig(form) {
+        var uri = "";
+        var s = document.editConfigForm.pvalues.value;
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        if (validate_form(s)) {
+            document.editConfigForm.pvalues.value = s.escapeEntry().replace(/\n/g, "&&");
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+function doDelete() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5>" + disp_conf_type + ": </td>\n");
+    document.write("<td align=left width=20% colspan=4>" + conf_name + "</td></tr>");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Status: </td>\n");
+    document.write("<td align=left width=20% colspan=4>" + conf_state.replace(/_/g, " ") + "</td></tr>");
+
+    document.write("<form NAME =\"editConfigForm\" METHOD=POST onSubmit=\"return doUpdateConfig(this);\">\n");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=confirm_config_changes\">");
+    document.write("<input TYPE=hidden NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<input TYPE=hidden NAME=pname VALUE=\"" + conf_name + "\">");
+    document.write("<input TYPE=hidden NAME=ptimestamp VALUE=\"" + conf_tstamp + "\">");
+
+    document.write("<tr><td align=left width=20% bgcolor=#e5e5e5> Contents: </td>\n");
+    document.write("<td align=left colspan=4>\n");
+    if ((typeof(conf_values) == "undefined") || (conf_values.length == 0) ) {
+        if ((conf_state == "Disabled") || (agent_must_approve != "true")) {
+            document.write("<textarea name=pvalues cols=100 rows=40>\n");
+            document.write("</textarea>\n");
+        } else {
+            document.write("<textarea name=pvalues style=\"color:#000000\" cols=100 rows=40 disabled=disabled>\n");
+            document.write("</textarea>\n");
+        }
+    } else {
+        if ((conf_state == "Disabled") || (agent_must_approve != "true")) {
+            document.write("<textarea name=pvalues cols=100 rows=40>\n");
+            document.write(conf_values.unescapeEntry().replace(/&&/g, "\r\n"));
+            document.write("</textarea>\n");
+        } else {
+            document.write("<textarea name=pvalues cols=100 style=\"color:#000000\" rows=40 disabled=disabled>\n");
+            document.write(conf_values.unescapeEntry().replace(/&&/g, "\r\n"));
+            document.write("</textarea>\n");
+        }
+    }
+    document.write("</td></tr>\n");
+    document.write("</table>\n");
+
+    document.write("<HR NOSHADE SIZE=1>");
+    document.write("<DIV ALIGN=RIGHT>");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=4>\n");
+
+    document.write("<tr>\n");
+    document.write("<td align=left>\n");
+    if ((conf_state == "Disabled") || (agent_must_approve != "true")) {
+        document.write("<input name=choice TYPE=submit VALUE=Save>");
+    } else {
+        document.write("<input name=choice TYPE=submit VALUE=Save disabled=disabled>");
+    }
+    document.write("</td>\n");
+
+    document.write("<td align=left>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+
+    if (agent_must_approve == "true") {
+        document.write("<td align=left>\n");
+        if (conf_state == "Disabled") {
+            document.write("<input name=choice TYPE=submit VALUE=\"Submit For Approval\">");
+        } else {
+            document.write("<input name=choice TYPE=submit VALUE=\"Submit For Approval\" disabled=disabled>");
+        }
+        document.write("</td>\n");
+    }
+
+    document.write("</form>\n");
+
+    if (conf_type != "Generals") {
+        document.write("<td align=left>\n");
+        document.write("<form name=deleteConfig method=POST onSubmit=\"return doDelete(this);\">\n");
+        document.write("<input type=hidden name=query value=\"op=confirm_delete_config\">");
+        document.write("<input type=hidden name=pname value=\"" + conf_name + "\">");
+        document.write("<input type=hidden name=ptype value=\"" + conf_type + "\">");
+        document.write("<input type=hidden name=pvalues value=\"" + conf_values.escapeEntry() + "\">");
+        document.write("<input type=hidden name=pstate value=\"" + conf_state + "\">");
+        document.write("<input TYPE=hidden NAME=ptimestamp VALUE=\"" + conf_tstamp + "\">");
+        if ((conf_state == "Disabled")|| (agent_must_approve != "true")) {
+            document.write("<input TYPE=submit VALUE=\"Delete\">");
+        } else {
+            document.write("<input TYPE=submit VALUE=\"Delete\" disabled=disabled>");
+        }
+        document.write("</form>");
+        document.write("</td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/editResults.template b/base/tps/apache/docroot/tokendb/editResults.template
new file mode 100644
index 000000000..783b065c3
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/editResults.template
@@ -0,0 +1,75 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a></font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(tid) == "undefined") {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write("Missing token ID</font>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write("Token record <a href=\"tus?op=show&tid=" + tid + "\">"+tid+"</a> has been updated.</font>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/editUser.template b/base/tps/apache/docroot/tokendb/editUser.template
new file mode 100644
index 000000000..55b587cbe
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/editUser.template
@@ -0,0 +1,313 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Edit User</font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+function validate_form(thisform) {
+    with (thisform) {
+        if (validate_required(firstName,"First Name is required")==false) {
+            firstName.focus();
+            return false;
+        }
+        if (validate_required(lastName,"Last Name is required")==false) {
+            lastName.focus();
+            return false;
+        }
+        if (validate_required(userCert,"User Certificate is required")==false) {
+            userCert.focus();
+            return false;
+        }
+
+    }
+}
+
+function doUpdateUser(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        if (validate_form(this)) {
+            this.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+function doUpdateUserProfile(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        this.action = uri;
+        return true;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+function doCheckBox(val) {
+    document.addUserProfileForm.other_profile.disabled = false;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many users to edit</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<form NAME =\"editUserForm\" METHOD=POST onSubmit=\"return doUpdateUser(this);\">");
+    document.write("<input TYPE=HIDDEN NAME=query VALUE=\"op=save_user\">");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "UserID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].uid+"</font>\n");
+    document.write("<input TYPE=HIDDEN NAME=uid VALUE=\"" + results[0].uid + "\">");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "First Name:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=TEXT NAME=firstName SIZE=20 VALUE=\""+
+                   ((typeof(results[0].givenName) == 'undefined')?'':results[0].givenName)+"\">\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Last Name:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=TEXT NAME=lastName SIZE=20 VALUE=\""+results[0].sn+"\">\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Role:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td ><input type=checkbox name=opOperator value=Operators " + operator + ">Operator</td>\n");
+    document.write("<td ><input type=checkbox name=opAgent value=Agents " + agent + ">Agent</td>\n");
+    document.write("<td ><input type=checkbox name=opAdmin value=Administrators " + admin + ">Administrator</td>\n");
+    document.write("</tr>\n");
+    
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User Certificate:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    if ((typeof(results[0].userCertificate) == "undefined") || (results[0].userCertificate.length == 0) ) {
+        document.write("<textarea name=userCert cols=40 rows=10>\n");
+        document.write("Paste the base 64 user certificate here (without the header and footer)");
+        document.write("</textarea>\n");
+    } else {
+        document.write("<textarea name=userCert cols=40 rows=10>\n");
+        document.write(results[0].userCertificate.replace(/\.\./g, "\r\n"));
+        document.write("</textarea>\n");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    if ((typeof(results[0].profileID) != "undefined") && (results[0].profileID.length != 0)) {
+
+        var profile_array = results[0].profileID.split("#");
+        document.write("<input TYPE=HIDDEN NAME=nProfiles VALUE=\"" + profile_array.length + "\">");
+        document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+        document.write("<tr bgcolor=#e5e5e5>\n");
+
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       "Profile ID</font>\n");
+        document.write("</td>\n");
+
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       "Remove Profile Access</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+
+        for (var i=0; i < profile_array.length; i++) {
+            document.write("<tr>\n");
+            document.write("<td>\n");
+            document.write(profile_array[i]);
+            document.write("<input type=hidden name=\"profile_" + i + "\" value=\""+ profile_array[i] + "\">");
+            document.write("</td>\n");
+            document.write("<td><input type=checkbox name=\"delete_" + i + "\" value=\"delete\"></td>\n");
+            document.write("</tr>\n");
+        }
+        document.write("</table>\n");
+    } else {
+        document.write("<p>Profile Memberships</p>");
+    }
+
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=submit VALUE=Update>");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("</form>\n");
+    document.write("<td>\n");
+    document.write("<form name=deleteUser method=GET action='tus'>\n");
+    document.write("<input type=hidden name=op value=user_delete_confirm>");
+    document.write("<input type=hidden name=uid value=" + results[0].uid + ">");
+    document.write("<input TYPE=submit VALUE=\"Delete User\">");
+    document.write("</form>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+
+    if ((typeof(start_val) != "undefined") && (start_val > 0) && (typeof(num_profiles_to_display) != "undefined")) {
+        var new_start = start_val - num_profiles_to_display;
+        if (new_start < 0) new_start =0;
+        document.write("<td> <form name=prev_edit method=get action=\"doCancel()\">");
+        document.write("<input TYPE=hidden name=op VALUE=edit_user>");
+        document.write("<input TYPE=hidden name=uid VALUE=" + results[0].uid + ">");
+        document.write("<input TYPE=hidden name=start_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_profile_vals) != "undefined") && (has_more_profile_vals == "true")) {
+        var new_start = end_val;
+        document.write("<td> <form method=get name=prev_edit action=\"doCancel()\">");
+        document.write("<input TYPE=hidden name=op VALUE=edit_user>");
+        document.write("<input TYPE=hidden name=uid VALUE=" + results[0].uid + ">");
+        document.write("<input TYPE=hidden name=start_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>");
+
+    document.write("<form NAME =\"addUserProfileForm\" METHOD=POST onSubmit=\"return doUpdateUserProfile(this);\">");
+    document.write("<tr>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 >\n");
+    document.write("<input TYPE=HIDDEN NAME=query VALUE=\"op=add_profile_user\">");
+    document.write("<input TYPE=HIDDEN NAME=uid VALUE=\"" + results[0].uid + "\">");
+    document.write("<td>Add new profile: <select name=\"profile_0\" onChange=\"doCheckbox(this.options[selectedIndex].value)\">");
+    for (var i=0; i < profile_list.length; i++) {
+        document.write("<option value=\""+ profile_list[i] + "\">" + profile_list[i] + "</option>\n");
+    }
+    document.write("</select></td>");
+    document.write("<td><input type=text name=other_profile></td>");
+    document.write("<td><input TYPE=submit VALUE=\"Add Profile\"></td></tr>");
+    document.write("</table>");
+    document.write("</form>\n");
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/error.template b/base/tps/apache/docroot/tokendb/error.template
new file mode 100644
index 000000000..8f629ff72
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/error.template
@@ -0,0 +1,73 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS Error!</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a></font>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+document.write("<font size=-1 face=\"PrimaSans BT, Verdana, sans-serif\">\n");
+
+if (typeof(error) == "undefined") {
+    document.write("TUS encountered undefined error.");
+} else {
+    document.write(""+error);
+}
+
+document.write("</font>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/index.template b/base/tps/apache/docroot/tokendb/index.template
new file mode 100644
index 000000000..4aa9f0cdd
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/index.template
@@ -0,0 +1,151 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS Agent</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a></font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\"><b>UID:</b>" + 
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+    if (form.uid.value == "" && form.tid.value == "") {
+        alert("Enter token or user ID");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view";
+        if (form.tid.value.length > 0) uri += "&tid=" + form.tid.value;
+        if (form.uid.value.length > 0) uri += "&uid=" + form.uid.value;
+        location.href = uri;
+    }
+}
+
+var lastCol = 100;
+document.write("<table BORDER=0 CELLSPACING=0 CELLPADDING=0 width=100%><tr>");
+if ((typeof(operatorAuth) != "undefined") && (operatorAuth == "true")) {
+    document.write("<td width=\"20%\"><a href=\"/tus?op=index_operator\">Operator Operations</td>");
+    lastCol -= 20;
+}
+if ((typeof(agentAuth) != "undefined") && (agentAuth == "true")) {
+    document.write("<td bgcolor=\"#e5e5e5\" width=\"20%\"><a href=\"/tus\">Agent Operations</td>");
+    lastCol -= 20;
+}
+if ((typeof(adminAuth) != "undefined") && (adminAuth == "true")) {
+    document.write("<td width=\"20%\"><a href=\"/tus?op=index_admin\">Administrator Operations</td>");
+    lastCol -= 20;
+}
+document.write("<td width=\"" + lastCol + "%\"></td>");
+document.write("</tr></table>");
+
+//-->
+</SCRIPT>
+
+<table BORDER=0 CELLSPACING=0 CELLPADDING=0 width=100%>
+<tr>
+    <td bgcolor=#e5e5e5>&nbsp;</td>
+</tr>
+</table>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td><i>Tokens</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search">List/Search Tokens</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr>
+    <td><i>Certificates</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_certificate">List/Search Certificates</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr>
+    <td><i>Activities</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_activity">List/Search Activities</a></td>
+  </tr>
+  <tr>
+    <td></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr>
+    <td><i>Advanced Configuration</i></td>
+  </tr>
+  <SCRIPT type="text/JavaScript">
+  <!--
+    var target_array = agent_target_list.split(",");
+    for (var i=0; i< target_array.length ; i++) {
+      document.write("<tr><td>&bull;&nbsp;<a href=\"tus?op=agent_select_config&type=" + target_array[i] + "\">" +
+          target_array[i].replace(/_/g, " ") + "</a></td> </tr>");
+    }
+  //-->
+  </SCRIPT>
+
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/indexAdmin.template b/base/tps/apache/docroot/tokendb/indexAdmin.template
new file mode 100644
index 000000000..97086257b
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/indexAdmin.template
@@ -0,0 +1,176 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS Admin</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a></font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\"><b>UID:</b>" + 
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function submitEditForm(form) {
+    document.editForm.submit();
+}
+
+function doFind(form) {
+    if (form.uid.value == "" && form.tid.value == "") {
+        alert("Enter token or user ID");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view";
+        if (form.tid.value.length > 0) uri += "&tid=" + form.tid.value;
+        if (form.uid.value.length > 0) uri += "&uid=" + form.uid.value;
+        location.href = uri;
+    }
+}
+var lastCol = 100;
+document.write("<table BORDER=0 CELLSPACING=0 CELLPADDING=0 width=100%><tr>");
+if ((typeof(operatorAuth) != "undefined") && (operatorAuth == "true")) {  
+    document.write("<td width=\"20%\"><a href=\"/tus?op=index_operator\">Operator Operations</td>");
+    lastCol -= 20;
+}
+if ((typeof(agentAuth) != "undefined") && (agentAuth == "true")) {
+    document.write("<td width=\"20%\"><a href=\"/tus\">Agent Operations</td>");
+    lastCol -=20;
+}
+if ((typeof(adminAuth) != "undefined") && (adminAuth == "true")) {
+    document.write("<td bgcolor=\"#e5e5e5\" width=\"20%\"><a href=\"/tus?op=index_admin\">Administrator Operations</td>");
+    lastCol -=20;
+}
+document.write("<td width=\"" + lastCol + "%\"></td>");
+document.write("</tr></table>");
+//-->
+</SCRIPT>
+
+<table BORDER=0 CELLSPACING=0 CELLPADDING=0 width=100%>
+<tr>
+    <td bgcolor=#e5e5e5>&nbsp;</td>
+</tr>
+</table>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td></td>
+  </tr>
+  <tr>
+    <td><i>Tokens</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_admin">List/Search Tokens</a></td>
+  </tr>
+   <tr>
+    <td>&bull;&nbsp;<a href="tus?op=new">Add New Token</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr> 
+    <td><i>Users</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=add_user?tid=&uid=">Add User</a></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=view_users">List Users</a></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_users">Search Users</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+   <tr>
+    <td><i>Activities</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_activity_admin">List/Search Activities</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+   <tr>
+    <td><i>Self Tests</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=self_test">Run Self Tests</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+   <tr>
+    <td><i>Auditing</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=audit_admin">Configure Signed Audit</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr>
+    <td><i>Advanced Configuration</i></td>
+  </tr>
+  <SCRIPT type="text/JavaScript">
+  <!--
+    var target_array = target_list.split(","); 
+    for (var i=0; i< target_array.length ; i++) {
+      document.write("<tr><td>&bull;&nbsp;<a href=\"tus?op=select_config_parameter&type=" + target_array[i] + "\">" +
+          target_array[i].replace(/_/g, " ") + "</a></td> </tr>");
+    }
+  //-->
+  </SCRIPT>
+  <tr>
+    <form name="editForm" method=POST action="tus" >
+        <input TYPE=hidden NAME=query VALUE="op=edit_config_parameter">
+        <input TYPE=HIDDEN NAME=ptype VALUE="Generals">
+        <input TYPE=HIDDEN NAME=pname VALUE="General">
+        <td>&bull;&nbsp;<a href="javascript:submitEditForm(this)">General</a></td>
+    </form>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/indexOperator.template b/base/tps/apache/docroot/tokendb/indexOperator.template
new file mode 100644
index 000000000..1b1902843
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/indexOperator.template
@@ -0,0 +1,129 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS Operator</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a></font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\"><b>UID:</b>" + 
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+    if (form.uid.value == "" && form.tid.value == "") {
+        alert("Enter token or user ID");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view";
+        if (form.tid.value.length > 0) uri += "&tid=" + form.tid.value;
+        if (form.uid.value.length > 0) uri += "&uid=" + form.uid.value;
+        location.href = uri;
+    }
+}
+
+var lastCol = 100;
+document.write("<table BORDER=0 CELLSPACING=0 CELLPADDING=0 width=100%><tr>");
+if ((typeof(operatorAuth) != "undefined") && (operatorAuth == "true")) {
+    document.write("<td bgcolor=\"#e5e5e5\" width=\"20%\"><a href=\"/tus?op=index_operator\">Operator Operations</td>");
+    lastCol -= 20;
+}
+if ((typeof(agentAuth) != "undefined") && (agentAuth == "true")) {
+    document.write("<td width=\"20%\"><a href=\"/tus\">Agent Operations</td>");
+    lastCol -=20;
+}
+if ((typeof(adminAuth) != "undefined") && (adminAuth == "true")) {
+    document.write("<td width=\"20%\"><a href=\"/tus?op=index_admin\">Administrator Operations</td>");
+    lastCol -=20;
+}
+document.write("<td width=\"" + lastCol + "%\"></td>");
+document.write("</tr></table>");
+//-->
+</SCRIPT>
+
+<table BORDER=0 CELLSPACING=0 CELLPADDING=0 width=100%>
+<tr>
+    <td bgcolor=#e5e5e5>&nbsp;</td>
+</tr>
+</table>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td><i>Tokens</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search&top=operator">List/Search Tokens</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr>
+    <td><i>Certificates</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_certificate&top=operator">List/Search Certificates</a></td>
+  </tr>
+  <tr><td>&nbsp;</td></tr>
+  <tr>
+    <td><i>Activities</i></td>
+  </tr>
+  <tr>
+    <td>&bull;&nbsp;<a href="tus?op=search_activity&top=operator">List/Search Activities</a></td>
+  </tr>
+  <tr>
+    <td></td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/new.template b/base/tps/apache/docroot/tokendb/new.template
new file mode 100644
index 000000000..f4bf1475d
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/new.template
@@ -0,0 +1,93 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Add New Token</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doAdd(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=add";
+        uri += "&tid=" + form.tid.value;
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="addForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Token ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=tid SIZE=20>
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Add onClick="doAdd(addForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/newUser.template b/base/tps/apache/docroot/tokendb/newUser.template
new file mode 100644
index 000000000..f1e7e6e35
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/newUser.template
@@ -0,0 +1,179 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Admin Operations : Add New User</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function validate_required(field,alerttxt) {
+    with (field) {
+        if (value==null||value=="") {
+            alert(alerttxt);
+            return false;
+        }
+        else {
+            return true;
+        }
+    }
+}
+
+function validate_form(thisform) {
+    with (thisform) {
+        if (validate_required(userid,"Userid is required")==false) {
+            userid.focus();
+            return false;
+        } 
+        if (validate_required(firstName,"First Name is required")==false) {
+            firstName.focus();
+            return false;
+        }
+        if (validate_required(lastName,"Last Name is required")==false) {
+            lastName.focus();
+            return false;
+        }
+        if (validate_required(groupid,"Group ID is required")==false) {
+            groupid.focus();
+            return false;
+        }
+
+    }
+}
+
+function doAdd(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        if (validate_form(this)) {
+            document.addUserForm.action = uri;
+            return true;
+        } else {
+            return false;
+        }
+}
+
+    
+//-->
+</SCRIPT>
+
+<FORM NAME ="addUserForm" METHOD="POST" onSubmit="return doAdd(this)" >
+<input TYPE="hidden" NAME="query" VALUE="op=addUser">
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=userid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User First Name:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=firstName SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User Last Name:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=lastName SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Role:
+      </font>
+    </td>
+    <td> Operator
+      <input TYPE=CHECKBOX NAME=opOperator value="Operators" CHECKED>
+      &nbsp;&nbsp;&nbsp;&nbsp;Agent
+      <input TYPE=CHECKBOX NAME=opAgent value="Agents" >
+      &nbsp;&nbsp;&nbsp;&nbsp;Admin
+      <input TYPE=CHECKBOX NAME=opAdmin value="Administrators" >
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Certificate:
+      </font>
+    </td>
+    <td>
+      <textarea name="cert" cols="40" rows="10" >
+Paste the base 64 user certificate here (without the header and footer) 
+      </textarea>
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=submit VALUE="Add User" >
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/revoke.template b/base/tps/apache/docroot/tokendb/revoke.template
new file mode 100644
index 000000000..6a62ea116
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/revoke.template
@@ -0,0 +1,317 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Token Details</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function breakLines(str) {
+	str = str.replace('#', '<br>');	
+	return str;
+}
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Token Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Reason:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenReason+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenPolicy+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<p>\n");
+    document.write("<b>System Information:</b>");
+    document.write("<p>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].keyInfo+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenAppletID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td width=60%>\n");
+    document.write("<form method='get' action='tus'><select name=\"question\"><option value=\"1\">Is this token physically damaged?</option><option value=\"2\">Is this token permanently lost?</option><option value=\"3\">Is this token temporarily lost?</option><option value=\"4\">Is this temporarily lost token found?</option><option value=\"5\">Does this temporarily lost token become permanently lost?</option></select><input type=hidden name=op value=do_token><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Go\"></form>");
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=revoke><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Revoke\"></form>");
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=view_certificate_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Certificates\"></form>");
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=view_activity_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Activities\"></form>");
+    document.write("</td>\n");
+    document.write("<td width=10%>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=edit><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Edit\"></form>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/search.template b/base/tps/apache/docroot/tokendb/search.template
new file mode 100644
index 000000000..305c9cd74
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/search.template
@@ -0,0 +1,118 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Search Tokens</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view";
+        uri += "&tid=" + form.tid.value;
+        uri += "&uid=" + form.uid.value;
+        uri += "&maxCount=" + form.maxCount.value;
+        if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+            uri += "top=operator";
+        }
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="findForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Token ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=tid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=uid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Max Count:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT SIZE=4 NAME=maxCount value="20">
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Find onClick="doFind(findForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchActivity.template b/base/tps/apache/docroot/tokendb/searchActivity.template
new file mode 100644
index 000000000..e831a2872
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchActivity.template
@@ -0,0 +1,123 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Operator Operations : Search Activity</font>\n");
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Search Activity</font>\n");
+}
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view_activity";
+        uri += "&tid=" + form.tid.value;
+        uri += "&uid=" + form.uid.value;
+        uri += "&maxCount=" + form.maxCount.value;
+        if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+            uri += "top=operator";
+        }
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="findForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Token ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=tid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=uid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Max Count:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=maxCount SIZE=4 value="20">
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Find onClick="doFind(findForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchActivityAdmin.template b/base/tps/apache/docroot/tokendb/searchActivityAdmin.template
new file mode 100644
index 000000000..da201d97f
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchActivityAdmin.template
@@ -0,0 +1,119 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Search Activity</font>\n");
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view_activity_admin";
+        uri += "&tid=" + form.tid.value;
+        uri += "&uid=" + form.uid.value;
+        uri += "&maxCount=" + form.maxCount.value;
+        if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+            uri += "top=operator";
+        }
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="findForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Token ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=tid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=uid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Max Count:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=maxCount SIZE=4 value="20">
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Find onClick="doFind(findForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchActivityAdminResults.template b/base/tps/apache/docroot/tokendb/searchActivityAdminResults.template
new file mode 100644
index 000000000..d8f6587aa
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchActivityAdminResults.template
@@ -0,0 +1,234 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+    "<a href=\""+uri+"\">Main Menu</a> : Administrator Operations : Search Activity Results</font>\n");
+uri += "?op=show_admin&tid=";
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+		"<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#cccccc>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Activity ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "IP</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Operation</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Result</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Created</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("<tr bgcolor=#cccccc>\n");
+    document.write("<td colspan=7>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">");
+    document.write("Details");
+    document.write("</font>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    for (var i = 0; i < results.length; i++) {
+        if (i % 2 == 0) {
+          document.write("<tr bgcolor='#eeeeee'>\n");
+        } else {
+          document.write("<tr >\n");
+        }
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       
+                        results[i].cn+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\"><a href=\"" + uri + 
+                        results[i].tokenID+"\">" + results[i].tokenID + "</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenIP+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenUserID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenOp+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenResult+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfCreate)+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+        if (i % 2 == 0) {
+          document.write("<tr bgcolor='#eeeeee'>\n");
+        } else {
+          document.write("<tr >\n");
+        }
+        document.write("<td colspan=7>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+ results[i].tokenMsg+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+    }
+    document.write("</table>\n");
+
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    if ((typeof(start_entry_val) != "undefined") && (start_entry_val > 1) && 
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val - num_entries_per_page;
+        if (new_start < 0) new_start = 0;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form name=prev_entries method=get >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_entries) != "undefined") && (has_more_entries == 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val + num_entries_per_page;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form method=get name=next_entries >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</div>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+    if (typeof(results) != "undefined" && results.length > 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-2\">");
+        if (typeof(results) != "undefined" || results.length == 0) {
+            if (typeof(limited) != "undefined" && typeof(total) != "undefined") {
+                document.write("<br>" + limited + " of " + total + " Search Results Returned\n");
+            } else if (typeof(total) != "undefined") {
+                document.write("<br>Total Search Results Returned: " + total + "\n");
+            }
+        }
+        document.write("</font>");
+    }
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchActivityResults.template b/base/tps/apache/docroot/tokendb/searchActivityResults.template
new file mode 100644
index 000000000..1f97860a0
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchActivityResults.template
@@ -0,0 +1,239 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Operator Operations : Search Activity Results</font>\n");
+    uri += "?op=show&top=operator&tid=";
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Agent Operations : Search Activity Results</font>\n");
+    uri += "?op=show&tid=";
+}
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+		"<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#cccccc>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Activity ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "IP</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Operation</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Result</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Created</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("<tr bgcolor=#cccccc>\n");
+    document.write("<td colspan=7>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">");
+    document.write("Details");
+    document.write("</font>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    for (var i = 0; i < results.length; i++) {
+        if (i % 2 == 0) {
+          document.write("<tr bgcolor='#eeeeee'>\n");
+        } else {
+          document.write("<tr >\n");
+        }
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       
+                        results[i].cn+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\"><a href=\"" + uri + 
+                        results[i].tokenID+"\">" + results[i].tokenID + "</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenIP+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenUserID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenOp+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenResult+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfCreate)+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+        if (i % 2 == 0) {
+          document.write("<tr bgcolor='#eeeeee'>\n");
+        } else {
+          document.write("<tr >\n");
+        }
+        document.write("<td colspan=7>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+ results[i].tokenMsg+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+    }
+    document.write("</table>\n");
+
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    if ((typeof(start_entry_val) != "undefined") && (start_entry_val > 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val - num_entries_per_page;
+        if (new_start < 0) new_start = 0;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form name=prev_entries method=get >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_entries) != "undefined") && (has_more_entries == 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val + num_entries_per_page;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form method=get name=next_entries >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</div>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+    if (typeof(results) != "undefined" && results.length > 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-2\">");
+        if (typeof(results) != "undefined" || results.length == 0) {
+            if (typeof(limited) != "undefined" && typeof(total) != "undefined") {
+                document.write("<br>" + limited + " of " + total + " Search Results Returned\n");
+            } else if (typeof(total) != "undefined") {
+                document.write("<br>Total Search Results Returned: " + total + "\n");
+            }
+        }
+        document.write("</font>");
+    }
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchAdmin.template b/base/tps/apache/docroot/tokendb/searchAdmin.template
new file mode 100644
index 000000000..b0960f571
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchAdmin.template
@@ -0,0 +1,115 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Search Tokens</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view_admin";
+        uri += "&tid=" + form.tid.value;
+        uri += "&uid=" + form.uid.value;
+        uri += "&maxCount=" + form.maxCount.value;
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="findForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Token ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=tid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=uid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Max Count:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=maxCount SIZE=4 value="20">
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Find onClick="doFind(findForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchAdminResults.template b/base/tps/apache/docroot/tokendb/searchAdminResults.template
new file mode 100644
index 000000000..ab0a471c2
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchAdminResults.template
@@ -0,0 +1,222 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Administrator Operations : Search Results</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+		"<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+uri += "?op=show_admin&tid=";
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#e5e5e5>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Created</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modified</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+	for (var i = 0; i < results.length; i++) {
+        document.write("<tr>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       "<a href=\""+uri+results[i].cn+"\">"+
+                        results[i].cn+"</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenUserID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenStatus+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenAppletID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].keyInfo+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenPolicy+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfCreate)+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfModify)+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+    }
+    document.write("</table>\n");
+
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    if ((typeof(start_entry_val) != "undefined") && (start_entry_val > 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val - num_entries_per_page;
+        if (new_start < 0) new_start = 0;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form name=prev_entries method=get >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_entries) != "undefined") && (has_more_entries == 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val + num_entries_per_page;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form method=get name=next_entries >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</div>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+    if (typeof(results) != "undefined" && results.length > 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-2\">");
+        if (typeof(results) != "undefined" || results.length == 0) {
+            if (typeof(limited) != "undefined" && typeof(total) != "undefined") {
+                document.write("<br>" + limited + " of " + total + " Search Results Returned\n");
+            } else if (typeof(total) != "undefined") {
+                document.write("<br>Total Search Results Returned: " + total + "\n");
+            }
+        }
+        document.write("</font>");
+    }
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchCertificate.template b/base/tps/apache/docroot/tokendb/searchCertificate.template
new file mode 100644
index 000000000..788491fbf
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchCertificate.template
@@ -0,0 +1,118 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Search Certificates</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view_certificate";
+        uri += "&tid=" + form.tid.value;
+        uri += "&uid=" + form.uid.value;
+        uri += "&maxCount=" + form.maxCount.value;
+        if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+           uri += "&top=operator";
+        }
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="findForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Token ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=tid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=uid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Max Count:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT SIZE=4 NAME=maxCount value="20">
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Find onClick="doFind(findForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchCertificateResults.template b/base/tps/apache/docroot/tokendb/searchCertificateResults.template
new file mode 100644
index 000000000..bb6dcabf3
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchCertificateResults.template
@@ -0,0 +1,226 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Operator Operations : Search Certificate Results</font>\n");
+    cert_uri = uri + "?op=show_certificate&top=operator&cn=";
+    uri += "?op=show&top=operator&tid=";
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Agent Operations : Search Certificate Results</font>\n");
+    cert_uri = uri + "?op=show_certificate&cn=";
+    uri += "?op=show&tid=";
+}
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+		"<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#e5e5e5>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Serial Number</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Subject</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Type</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Last Status</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Last Modified At</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+	for (var i = 0; i < results.length; i++) {
+        document.write("<tr>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\"><a href=\""+ cert_uri +
+                        results[i].cn+"\">" + results[i].cn + "</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        "0x" + results[i].tokenSerial+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenSubject+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\"><a href=\"" + uri +
+                        results[i].tokenID+"\">" + results[i].tokenID + "</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenKeyType+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenStatus+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenUserID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfModify)+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+    }
+    document.write("</table>\n");
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    if ((typeof(start_entry_val) != "undefined") && (start_entry_val > 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val - num_entries_per_page;
+        if (new_start < 0) new_start = 0;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form name=prev_entries method=get >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_entries) != "undefined") && (has_more_entries == 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val + num_entries_per_page;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form method=get name=next_entries >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</div>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+    if (typeof(results) != "undefined" && results.length > 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-2\">");
+        if (typeof(results) != "undefined" || results.length == 0) {
+            if (typeof(limited) != "undefined" && typeof(total) != "undefined") {
+                document.write("<br>" + limited + " of " + total + " Search Results Returned\n");
+            } else if (typeof(total) != "undefined") {
+                document.write("<br>Total Search Results Returned: " + total + "\n");
+            }
+        }
+        document.write("</font>");
+    }
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchResults.template b/base/tps/apache/docroot/tokendb/searchResults.template
new file mode 100644
index 000000000..f4644b355
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchResults.template
@@ -0,0 +1,227 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Operator Operations : Search Results</font>\n");
+    uri += "?op=show&top=operator&tid=";
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Agent Operations : Search Results</font>\n");
+    uri += "?op=show&tid=";
+}
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+		"<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#e5e5e5>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Reason</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Created</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modified</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+	for (var i = 0; i < results.length; i++) {
+        document.write("<tr>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       "<a href=\""+uri+results[i].cn+"\">"+
+                        results[i].cn+"</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenUserID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenStatus+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenReason+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].tokenAppletID+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].keyInfo+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfCreate)+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].dateOfModify)+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+    }
+    document.write("</table>\n");
+
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    if ((typeof(start_entry_val) != "undefined") && (start_entry_val > 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val - num_entries_per_page;
+        if (new_start < 0) new_start = 0;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form name=prev_entries method=get >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_entries) != "undefined") && (has_more_entries == 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val + num_entries_per_page;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form method=get name=next_entries >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</div>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+    if (typeof(results) != "undefined" && results.length > 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-2\">");
+        if (typeof(results) != "undefined" || results.length == 0) {
+            if (typeof(limited) != "undefined" && typeof(total) != "undefined") {
+                document.write("<br>" + limited + " of " + total + " Search Results Returned\n");
+            } else if (typeof(total) != "undefined") {
+                document.write("<br>Total Search Results Returned: " + total + "\n");
+            }
+        }
+        document.write("</font>");
+    }
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchUser.template b/base/tps/apache/docroot/tokendb/searchUser.template
new file mode 100644
index 000000000..57e3a5507
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchUser.template
@@ -0,0 +1,126 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Search Users</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doFind(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=view_users";
+        uri += "&uid=" + form.uid.value;
+        uri += "&firstName=" + form.firstName.value;
+        uri += "&lastName=" + form.lastName.value;
+        uri += "&maxCount=" + form.maxCount.value;
+        location.href = uri;
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="findForm" ACTION="" METHOD=GET>
+<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        User ID:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=uid SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        First Name:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=firstName SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Last Name:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=lastName SIZE=20>
+    </td>
+  </tr>
+  <tr>
+    <td ALIGN=LEFT width=30%>
+      <font size=-1 face="PrimaSans BT, Verdana, sans-serif">
+        Max Count:
+      </font>
+    </td>
+    <td>
+      <input TYPE=TEXT NAME=maxCount SIZE=4 value="20">
+    </td>
+  </tr>
+</table>
+<HR NOSHADE SIZE=1>
+<DIV ALIGN=RIGHT>
+<input TYPE=button VALUE=Find onClick="doFind(findForm);">
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/searchUserResults.template b/base/tps/apache/docroot/tokendb/searchUserResults.template
new file mode 100644
index 000000000..bbb885f31
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/searchUserResults.template
@@ -0,0 +1,190 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a> : Administrator Operations : Search Results</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+		"<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+uri += "?op=edit_user&uid=";
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User Not Found</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#e5e5e5>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Name</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Date Created</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Date Modified</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    for (var i = 0; i < results.length; i++) {
+        document.write("<tr>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                       "<a href=\""+uri+results[i].uid+"\">"+
+                        results[i].uid+"</a></font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        results[i].cn+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].createTimeStamp)+"</font>\n");
+        document.write("</td>\n");
+        document.write("<td>\n");
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                        checkDate(results[i].modifyTimeStamp)+"</font>\n");
+        document.write("</td>\n");
+        document.write("</tr>\n");
+    }
+    document.write("</table>\n");
+
+    document.write("<DIV ALIGN=LEFT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    if ((typeof(start_entry_val) != "undefined") && (start_entry_val > 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val - num_entries_per_page;
+        if (new_start < 0) new_start = 0;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form name=prev_entries method=get >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\<\"></form><td>\n");
+    }
+
+    if ((typeof(has_more_entries) != "undefined") && (has_more_entries == 1) &&
+        (typeof(num_entries_per_page) != "undefined") &&
+        (typeof(my_query) != "undefined")) {
+
+        var new_start = start_entry_val + num_entries_per_page;
+        var query = my_query.replace(/&*start_entry_val=\d*/,"");
+        var query_array = query.split("&");
+        document.write("<td> <form method=get name=next_entries >");
+        for (var i=0; i< query_array.length ; i++) {
+            var a = query_array[i].split("=");
+            document.write("<input TYPE=hidden name=" + a[0] + " VALUE=" + a[1] + ">");
+        }
+        document.write("<input TYPE=hidden name=start_entry_val VALUE=" + new_start + ">");
+        document.write("<input TYPE=submit VALUE=\"\>\"></form><td>\n");
+    }
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</div>\n");
+
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+    if (typeof(results) != "undefined" && results.length > 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-2\">");
+        if (typeof(results) != "undefined" || results.length == 0) {
+            if (typeof(limited) != "undefined" && typeof(total) != "undefined") {
+                document.write("<br>" + limited + " of " + total + " Search Results Returned\n");
+            } else if (typeof(total) != "undefined") {
+                document.write("<br>Total Search Results Returned: " + total + "\n");
+            }
+        }
+        document.write("</font>");
+    }
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/selectConfig.template b/base/tps/apache/docroot/tokendb/selectConfig.template
new file mode 100644
index 000000000..33f560461
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/selectConfig.template
@@ -0,0 +1,137 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000000">
+  <tr>
+    <td> 
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white">Red Hat<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</font></td>
+        </tr>
+      </table>
+    </td> 
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : " + disp_conf_type + " Configuration </font>\n");
+
+if ((typeof(flash) != "undefined") && (flash != "")) {
+    document.write("<table width=\"100%\"><tr><td align=\"left\">" +
+        "<font color=\"#ff0000\"><b>" + flash.replace(/\+/g, " ") + "</b><font>" +
+        "</td></tr></table>\n");
+}
+
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" + userid
+                + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doAddConfig(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        // need to validate that pname is not empty
+        this.action = uri;
+        return true;
+}
+
+function doEditConfig(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        this.action = uri;
+        return true;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr bgcolor=#e5e5e5> <p>  Use this form to add or modify " + conf_type.replace(/_/g, " ").toLowerCase() + ".  <br> Either select an item " + 
+         " to edit in the drop-down box below and click \"Edit\", <br> or fill in the name of a new " + disp_conf_type.toLowerCase() + 
+         " and click the \"Add\" button.</p></tr>");
+
+    document.write("<form NAME =\"selectEditConfigForm\" METHOD=POST onSubmit=\"return doEditConfig(this);\">");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=edit_config_parameter\">");
+    document.write("<input TYPE=HIDDEN NAME=ptype VALUE=\"" + conf_type + "\">");
+
+    var pset_list = conf_list.split(",");
+    document.write("<tr>");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5> Edit an existing " + disp_conf_type + ": </td>");
+    document.write("<td ALIGN=LEFT width=30%><select name=\"pname\">");
+    for (var i=0; i < pset_list.length; i++) {
+        document.write("<option value=\""+ pset_list[i] + "\">" + pset_list[i] + "</option>\n");
+    }
+    document.write("</select></td>");
+    document.write("<td ALIGN=LEFT width=30%><input TYPE=submit VALUE=Edit></td></tr>");
+    document.write("</form>\n");
+
+    document.write("<form NAME =\"selectAddConfigForm\" METHOD=POST onSubmit=\"return doAddConfig(this);\">");
+    document.write("<input TYPE=hidden NAME=query VALUE=\"op=add_config_parameter\">");
+    document.write("<input TYPE=HIDDEN NAME=ptype VALUE=\"" + conf_type + "\">");
+    document.write("<tr>");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5> Add a new " + disp_conf_type + ": </td>");
+    document.write("<td ALIGN=LEFT width=30%> <input type=text name=pname></td> ");
+    document.write("<td ALIGN=LEFT width=30%><input TYPE=submit VALUE=Add></td></tr>");
+    document.write("</table>");
+    document.write("</form>\n");
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/selfTest.template b/base/tps/apache/docroot/tokendb/selfTest.template
new file mode 100644
index 000000000..163437d17
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/selfTest.template
@@ -0,0 +1,129 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Admin Operations : Run Self Tests</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function runSelfTest(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus"
+        } else {
+            uri += uriBase;
+        }
+        if (enabledTests > 0) {
+            document.selfTestForm.action = uri;
+            return true;
+        } else {
+            alert("Self tests are not enabled.");
+            return false;
+        }
+}
+//-->
+</SCRIPT>
+
+<FORM NAME ="selfTestForm" METHOD="POST" onSubmit="return runSelfTest(this)" >
+<input TYPE="hidden" NAME="query" VALUE="op=run_self_test">
+
+<SCRIPT type="text/JavaScript">
+<!--
+if ((typeof(test_list) != "undefined") && (test_list.length > 0)) {
+    document.write("<center>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr bgcolor=#e5e5e5>\n");
+    document.write("<td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">&nbsp;&nbsp;&nbsp;&nbsp;Enable&nbsp;&nbsp;&nbsp;&nbsp;</font></td>\n");
+    document.write("<td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">&nbsp;&nbsp;&nbsp;&nbsp;Critical&nbsp;&nbsp;&nbsp;&nbsp;</font></td>\n");
+    document.write("<td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">&nbsp;&nbsp;&nbsp;&nbsp;Test&nbsp;&nbsp;&nbsp;&nbsp;</font></td>\n");
+    document.write("</tr>\n");
+    var enabledTests = 0
+    for (var i = 0, k = 1; i < test_list.length; i++) {
+        document.write("<tr bgcolor=#efefef>\n");
+        document.write("<td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">&nbsp;&nbsp;&nbsp;&nbsp;");
+        document.write("<input type=checkbox name=\"enable"+test_list[i]+"\" value=\"enable"+test_list[i]+"\" ");
+        if ((typeof(enabled) != "undefined") && (enabled & k)) {
+            document.write("CHECKED");
+            enabledTests++;
+        }
+        document.write(" DISABLED>\n");
+        document.write("&nbsp;&nbsp;&nbsp;&nbsp;</font></td>\n");
+        document.write("<td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">&nbsp;&nbsp;&nbsp;&nbsp;");
+        document.write("<input type=checkbox name=\"critical"+test_list[i]+"\" value=\"critical"+test_list[i]+"\" ");
+        if ((typeof(critical) != "undefined") && (critical & k)) {
+            document.write("CHECKED");
+        }
+        document.write(" DISABLED>\n");
+        document.write("&nbsp;&nbsp;&nbsp;&nbsp;</font></td>\n");
+        document.write("<td><font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">&nbsp;&nbsp;&nbsp;&nbsp;");
+        document.write(test_list[i]);
+        document.write("&nbsp;&nbsp;&nbsp;&nbsp;</font></td>\n");
+        document.write("</tr>\n");
+        k *= 2;
+    }
+    document.write("</table>\n");
+    document.write("<HR NOSHADE SIZE=1>\n");
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<input TYPE=submit VALUE=\"Run\">\n");
+} else {
+    document.write("Error: Missing self test list.\n");
+    document.write("<HR NOSHADE SIZE=1>\n");
+}
+//-->
+</SCRIPT>
+
+</form>
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/selfTestResults.template b/base/tps/apache/docroot/tokendb/selfTestResults.template
new file mode 100644
index 000000000..aeb49d711
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/selfTestResults.template
@@ -0,0 +1,113 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri = "";
+if (typeof(uriBase) == "undefined") {
+    uri += "/tus";
+} else {
+    uri += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri+"\">Main Menu</a></font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+if (typeof(result) == "undefined") {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+    document.write("Error: Missing self test results.</font>\n");
+} else {
+    if (typeof(test_list) == "undefined" || test_list.length == 0) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+        document.write("Error: List of self tests is not available.</font>\n");
+    } else {
+        var enabledTests = 0
+        for (var i = 0, k = 1; i < test_list.length; i++) {
+            if ((typeof(enabled) != "undefined") && (enabled & k)) {
+                enabledTests++;
+            }
+            k *= 2;
+        }
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">\n");
+        if (enabledTests == 0) {
+            document.write("Self tests are not enabled.");
+        } else {
+            if (result == 0) {
+                document.write("Self test"+((enabledTests > 1)?"s ":" "));
+                for (i = 0, k = 1, n = 0; i < test_list.length; i++) {
+                    if ((typeof(enabled) != "undefined") && (enabled & k)) {
+                        if (n > 0) {
+                            document.write(", ");
+                        }
+                        document.write("\""+test_list[i]+"\"");
+                        n++;
+                    }
+                    k *= 2;
+                }
+                document.write(((enabledTests > 1)?" are":" is")+" completed successfully.\n");
+            } else if (result > -4 && result < 4) {
+                document.write("Self test \""+test_list[0]+"\" encounter "+((result < 0)?"critical":"")+" failure: "+result+"\n");
+                if (result < 0) {
+                    document.write("<br><b>Please stop the server immediately.</b>\n");
+                }
+            } else {
+                document.write("Self test \""+test_list[1]+"\" encounter "+((result < 0)?"critical":"")+" failure: "+result+"\n");
+                if (result < 0) {
+                    document.write("<br><b>Please stop the server immediately.</b>\n");
+                }
+            }
+        }
+        document.write("</font>\n");
+    }
+}
+document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/show.template b/base/tps/apache/docroot/tokendb/show.template
new file mode 100644
index 000000000..a9dd39334
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/show.template
@@ -0,0 +1,379 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Operator Operations : Token Details</font>\n");
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Token Details</font>\n");
+}
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function breakLines(str) {
+	str = str.replace('#', '<br>');	
+	return str;
+}
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function check_transition(state, tlist) {
+    for (var i=0; i < tlist.length; i++) {
+        if (state == tlist[i]) {
+            return true;
+        }
+    }
+    return false;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Token Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Reason:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenReason+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenPolicy+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<p>\n");
+    document.write("<b>System Information:</b>");
+    document.write("<p>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].keyInfo+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenAppletID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td width=60%>\n");
+   
+    if ((allowed_transitions != "") && ((typeof(topLevel) == "undefined") || (topLevel != "operator"))) { 
+        var transitions = allowed_transitions.split(",");
+        document.write("<form method='get' action='tus'><select name=\"question\">");
+        if (check_transition(1, transitions)) {
+            document.write("<option value=\"1\" >This token has been physically damaged.</option>");
+        } else {
+            document.write("<option value=\"1\" disabled=true >This token has been physically damaged.</option>");
+        }
+        if (check_transition(2, transitions)) {
+            document.write("<option value=\"2\">This token has been permanently lost.</option>");
+        } else {
+            document.write("<option value=\"2\" disabled=true >This token has been permanently lost.</option>");
+        }
+        if (check_transition(3, transitions)) {
+            document.write("<option value=\"3\" >This token has been temporarily lost.</option>");
+        } else {
+            document.write("<option value=\"3\" disabled=true >This token has been temporarily lost.</option>");
+        }
+        if (check_transition(4, transitions)) {
+            document.write("<option value=\"4\" >This temporarily lost token has been found.</option>");
+        } else {
+            document.write("<option value=\"4\" disabled=true >This temporarily lost token has been found.</option>");
+        }
+        if (check_transition(5, transitions)) {
+            document.write("<option value=\"5\" >This temporarily lost token cannot be found (becomes permanently lost).</option>");
+        } else {
+            document.write("<option value=\"5\" disabled=true >This temporarily lost token cannot be found (becomes permanently lost).</option>");
+        }
+        if (check_transition(6, transitions)) {
+            document.write("<option value=\"6\" >This token has been terminated.</option>");
+        } else {
+            document.write("<option value=\"6\" disabled=true >This token has been terminated.</option>");
+        }
+        document.write("</select><input type=hidden name=op value=do_confirm_token><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Go\"></form>");
+    }
+    document.write("</td>\n");
+    document.write("<td align=right width=10%>\n");
+    document.write("</td>\n");
+
+    document.write("<td align=right width=10%>\n");
+    if ((typeof(topLevel) == "undefined") || (topLevel != "operator")) { 
+        document.write("<form method='get' action='tus'><input type=hidden name=op value=edit><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Edit\"></form>");
+    }
+    document.write("</td>\n");
+
+    document.write("<td align=right width=10%>\n");
+    if ((typeof(topLevel) == "undefined") || (topLevel != "operator")) {
+        document.write("<form method='get' action='tus'><input type=hidden name=op value=view_certificate_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Certificates\"></form>");
+    } else {
+        document.write("<form method='get' action='tus'><input type=hidden name=op value=view_certificate_all><input type=hidden name=top value=operator><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Certificates\"></form>");
+    }
+    document.write("</td>\n");
+
+    document.write("<td align=right width=10%>\n");
+    if ((typeof(topLevel) == "undefined") || (topLevel != "operator")) {
+        document.write("<form method='get' action='tus'><input type=hidden name=op value=view_activity_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Activities\"></form>"); 
+    } else {
+        document.write("<form method='get' action='tus'><input type=hidden name=op value=view_activity_all><input type=hidden name=top value=operator><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Activities\"></form>");
+    }
+    document.write("</td>\n");
+
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/showAdmin.template b/base/tps/apache/docroot/tokendb/showAdmin.template
new file mode 100644
index 000000000..fe3292011
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/showAdmin.template
@@ -0,0 +1,302 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Token Details</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Token Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Reason:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenReason+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Policy:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenPolicy+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    
+    document.write("</table>\n");
+    document.write("<p>\n");
+    document.write("<b>System Information:</b>");
+    document.write("<p>\n");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Info:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].keyInfo+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Applet ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenAppletID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=view_activity_admin_all><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=\"Show Activities\"></form>");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<form method='get' action='tus'><input type=hidden name=op value=confirm><input type=hidden name=tid value=" + results[0].cn + "><input TYPE=submit VALUE=Delete></form>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/showCert.template b/base/tps/apache/docroot/tokendb/showCert.template
new file mode 100644
index 000000000..964035887
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/showCert.template
@@ -0,0 +1,355 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Operator Operations : Certificate Details</font>\n");
+} else {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Agent Operations : Certificate Details</font>\n");
+}
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function breakLines(str) {
+	str = str.replace('#', '<br>');	
+	return str;
+}
+
+function breakLinesWithDots(str) {
+	str = str.replace(/\.\./g, '<br>');	
+	return str;
+}
+
+function trim(str) {
+    var i, k, newString;
+
+    for (i = 0; i < str.length; i++) {
+        if (str.charAt(i) != ' ' )
+            break;
+    }
+    for (k = str.length - 1; k >= i; k--) {
+        if (str.charAt(k) != ' ' ) {
+            k++;
+            break;
+        }
+    }
+
+    if (k > i)
+        newString = str.substring(i, k);
+    else
+        newString = null;
+
+    return  newString;
+}
+
+function checkDate(str) {
+    var newString;
+
+    if (str.length == 15 && str.charAt(14) == 'Z') {
+        newString = str.substring(0, 4);
+        newString += '/';
+        newString += str.substring(4, 6);
+        newString += '/';
+        newString += str.substring(6, 8);
+        newString += ' ';
+        newString += str.substring(8, 10);
+        newString += ':';
+        newString += str.substring(10, 12);
+        newString += ':';
+        newString += str.substring(12, 14);
+    } else {
+        newString = str;
+    }
+
+    return newString;
+}
+
+function doSave(form) {
+    if (form.uid.value.length > 0) {
+        var trimmedList = "";
+        var uids = form.uid.value.split(',');
+
+        for (var i=0; i < uids.length; i++) {
+            if (i > 0) trimmedList += ",";
+            trimmedList += trim(uids[i]);
+        }
+        form.uid.value = trimmedList;
+    }
+    if (form.status.value.length > 0) {
+        form.status.value = trim(form.status.value);
+    }
+
+    if (form.status.value == "") {
+        alert("Enter token status");
+    } else {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        uri += "?op=save&tid="+results[0].cn;
+
+        if (results[0].tokenUserID != form.uid.value) {
+            uri += "&uid=" + form.uid.value;
+        }
+        if (results[0].tokenStatus != form.status.value) {
+            uri += "&s=" + form.status.value;
+        }
+        uri += "&m=" + results[0].modified;
+        location.href = uri;
+    }
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many tokens to edit</font>\n");
+} else {
+    document.write("<BR>");
+
+    document.write("<p>\n");
+    document.write("<b>Certificate Information:</b>");
+    document.write("<p>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].cn+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Serial Number:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "0x"+results[0].tokenSerial+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    if ((typeof(topLevel) != "undefined") && (topLevel == "operator")) {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\"><a href=\"tus?op=show&top=operator&tid=" + results[0].tokenID + "\">"+
+                   results[0].tokenID+"</a></font>\n");
+    } else {
+        document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\"><a href=\"tus?op=show&tid=" + results[0].tokenID + "\">"+
+                   results[0].tokenID+"</a></font>\n");
+    }
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User ID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenUserID+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Key Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenKeyType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Token Type:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenType+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Issuer:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenIssuer+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Subject:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenSubject+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Not Before:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].tokenNotBefore)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Not After:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].tokenNotAfter)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Status:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].tokenStatus+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Certificate:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "-----BEGIN CERTIFICATE-----<br>" +
+                   breakLinesWithDots(results[0].userCertificate)+
+                   "<br>" +
+                   "-----END CERTIFICATE-----<br>" +
+                   "</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Creation Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfCreate)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Modification Date:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   checkDate(results[0].dateOfModify)+"</font>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tokendb/userDelete.template b/base/tps/apache/docroot/tokendb/userDelete.template
new file mode 100755
index 000000000..db4b226cd
--- /dev/null
+++ b/base/tps/apache/docroot/tokendb/userDelete.template
@@ -0,0 +1,174 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<HTML>
+<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
+<link rel="shortcut icon" href="/pki/images/favicon.ico" />
+<HEAD>
+<TITLE>TPS</Title>
+</HEAD>
+
+<table border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#000080">
+  <tr>
+    <td>
+      <table border="0" cellspacing="12" cellpadding="0">
+        <tr>
+          <td><img src="/pki/images/logo_header.gif"></td>
+          <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+          <td><font size="+1" face="PrimaSans BT, Verdana, sans-serif" color="white"><b>Dogtag<sup><font color="#999999" size="-2">&reg;</font></sup> TPS Services</b></font></td>
+        </tr>
+      </table>
+    </td>
+  </tr>
+</table>
+<p>
+
+<BODY>
+
+<CMS_TEMPLATE>
+
+<SCRIPT type="text/JavaScript">
+<!--
+var uri0 = "";
+if (typeof(uriBase) == "undefined") {
+    uri0 += "/tus";
+} else {
+    uri0 += uriBase;
+}
+
+document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"+1\">"+
+               "<a href=\""+uri0+"\">Main Menu</a> : Administrator Operations : Delete User</font>\n");
+document.write("<table width=\"100%\"><tr><td align=\"right\">" +
+                "<b>UID:</b>" +
+                userid + "</td></tr></table>\n");
+document.write("<HR NOSHADE SIZE=1>\n");
+
+function doDeleteUser(form) {
+        var uri = "";
+        if (typeof(uriBase) == "undefined") {
+            uri += "/tus";
+        } else {
+            uri += uriBase;
+        }
+        this.action = uri;
+        return true;
+}
+
+function doCancel() {
+    var uri = "";
+    if (typeof(uriBase) == "undefined") {
+        uri += "/tus";
+    } else {
+        uri += uriBase;
+    }
+    location.href = uri;
+}
+
+
+
+if (typeof(results) == "undefined" || results.length == 0) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User Not Found</font>\n");
+} else if (results.length > 1) {
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Found too many users to edit</font>\n");
+} else {
+    document.write("<BR>");
+    document.write("<form NAME =\"deleteUserForm\" METHOD=POST onSubmit=\"return doDeleteUser(this);\">");
+    document.write("<input TYPE=HIDDEN NAME=query VALUE=\"op=do_delete_user\">");
+
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0 width=100%>\n");
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "UserID:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   results[0].uid+"</font>\n");
+    document.write("<input TYPE=HIDDEN NAME=uid VALUE=\"" + results[0].uid + "\">");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "First Name:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write(results[0].givenName);
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Last Name:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write(results[0].sn);
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "Role:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td ><input type=checkbox name=opOperator value=Operators disabled=true " + operator + ">Operator</td>\n");
+    document.write("<td ><input type=checkbox name=opAgent value=Agents disabled=true " + agent + ">Agent</td>\n");
+    document.write("<td ><input type=checkbox name=opAdmin value=Administrators disabled=true " + admin + ">Administrator</td>\n");
+    document.write("</tr>\n");
+    
+    document.write("<tr>\n");
+    document.write("<td ALIGN=LEFT width=30% bgcolor=#e5e5e5>\n");
+    document.write("<font face=\"PrimaSans BT, Verdana, sans-serif\" size=\"-1\">"+
+                   "User Certificate:&nbsp;</font>\n");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<textarea name=userCert disabled=true cols=40 rows=10>\n");
+    document.write(results[0].userCertificate);
+    document.write("</textarea>\n");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+
+    document.write("</table>\n");
+    document.write("<BR>\n<HR NOSHADE SIZE=1>\n");
+
+    document.write("<DIV ALIGN=RIGHT>\n");
+    document.write("<table BORDER=0 CELLSPACING=2 CELLPADDING=0>\n");
+    document.write("<tr>\n");
+    document.write("<td>\n");
+    document.write("Are you sure?");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=button VALUE=Cancel onClick=\"doCancel();\">");
+    document.write("</td>\n");
+    document.write("<td>\n");
+    document.write("<input TYPE=submit VALUE=Delete>");
+    document.write("</td>\n");
+    document.write("</tr>\n");
+    document.write("</table>\n");
+    document.write("</form>");
+}
+
+//-->
+</SCRIPT>
+
+</BODY>
+</HTML>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/adminauthenticatepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/adminauthenticatepanel.vm
new file mode 100644
index 000000000..cfa53c628
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/adminauthenticatepanel.vm
@@ -0,0 +1,51 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<h2>Authentication</h2>
+<p>
+The uid and password are used to authenticate to the master subsystem. These are the administrator's credential information for the master subsystem.
+#if ($systemType != "tps")
+<br/>
+If authentication is successful, a cloned subsystem will retrieve the configuration information from the master one.
+#end
+<br/>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+    <table class="details">
+      <tr>
+        <th>Uid:</th>
+
+        <td><input type="text" size="40" name="uid" value="$uid"/></td>
+      </tr>
+      <tr>
+        <th>Password:</th>
+
+        <td><input type="password" size="40" name="__password" value="$password" autocomplete="off"/></td>
+      </tr>
+    </table>
+<p>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/adminpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/adminpanel.vm
new file mode 100644
index 000000000..46d3e25a2
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/adminpanel.vm
@@ -0,0 +1,246 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT ID=Send_OnClick type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+#if ($import == 'true' && $clone != 'clone')
+    var email = document.forms[0].email.value;
+    var name = document.forms[0].name.value;
+    var o = '$securityDomain';
+    if (name == '') {
+        alert("Name is empty");
+        return;
+    }
+    if (email == '') {
+        alert("Email is empty");
+        return;
+    }
+    var dn = "cn=" + name + ",uid=admin,e="+email+",o="+o;
+    document.forms[0].subject.value = dn;
+    var keyGenAlg = "rsa-dual-use";
+    var keyParams = null;
+
+    if (document.forms[0].keytype.value == 'ecc') {
+        keyGenAlg = "ec-dual-use";
+        keyParams = "curve=nistp256"
+    }
+
+    if (navigator.appName == "Netscape" &&
+      typeof(crypto.version) != "undefined") {
+
+        crmfObject = crypto.generateCRMFRequest(
+          dn, "regToken", "authenticator", null,
+          "setCRMFRequest();", 2048, keyParams, keyGenAlg);
+    } else {
+        Send_OnClick();
+    }
+#else
+    with (document.forms[0]) {
+        submit();
+    }
+#end
+}
+
+function setCRMFRequest()
+{
+    with (document.forms[0]) {
+        cert_request.value = crmfObject.request;
+        submit();
+    }
+}
+
+</SCRIPT>
+<SCRIPT type="text/VBS">
+<!--
+
+Sub Send_OnClick
+  Dim TheForm
+  Dim szName
+  Set TheForm = Document.f
+
+
+  ' Contruct the X500 distinguished name
+  szName = "CN=NAME"
+
+  ' IE doesnt like the dn containing the O component
+
+  On Error Resume Next
+  Enroll.HashAlgorithm = "MD5"
+  Enroll.KeySpec = 1
+
+   Enroll.providerType = 1
+   Enroll.providerName = "Microsoft Base Cryptographic Provider v1.0"
+
+   ' adding 2 to "GenKeyFlags" will  enable the 'High Security'
+   ' (USER_PROTECTED) mode, which means IE will pop up a dialog
+   ' asking what level of protection the user would like to give
+   ' the key - this varies from 'none' to 'confirm password
+   ' every time the key is used'
+  Enroll.GenKeyFlags = 1        ' key PKCS12-exportable
+  szCertReq = Enroll.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
+
+  theError = Err.Number
+  On Error Goto 0
+  '
+  ' If the user has cancelled things the we simply ignore whatever
+  ' they were doing ... need to think what should be done here
+  '
+  If (szCertReq = Empty AND theError = 0) Then
+    Exit Sub
+  End If
+  If (szCertReq = Empty OR theError <> 0) Then
+    '
+    ' There was an error in the key pair generation. The error value
+    ' is found in the variable 'theError' which we snarfed above before
+    ' we did the 'On Error Goto 0' which cleared it again.
+    '
+    sz = "The error '" & Hex(theError) & "' occurred." & chr(13) & chr(10) & "The credentials could not be generated."
+    result = MsgBox(sz, 0, "Credentials Enrollment")
+    Exit Sub
+  End If
+
+  TheForm.cert_request.Value = szCertReq
+  TheForm.cert_request_type.Value = "pkcs10"
+  TheForm.subject.Value = "cn=" & TheForm.name.Value & ",uid=" & TheForm.uid.Value & ",e=" & TheForm.email.Value & ",o=" & TheForm.securitydomain.Value
+
+  TheForm.Submit
+  Exit Sub
+
+End Sub
+
+-->
+</SCRIPT>
+
+<SCRIPT type="text/VBS">
+<!--
+FindProviders
+
+Function FindProviders
+        Dim i, j
+        Dim providers()
+        i = 0
+        j = 1
+        Dim el
+        Dim temp
+        Dim first
+        Dim TheForm
+        Set TheForm = document.f
+        On Error Resume Next
+        first = 0
+
+        Do While True
+        temp = ""
+        Enroll.providerType = j
+        temp = Enroll.enumProviders(i,0)
+        If Len(temp) = 0 Then
+        If j < 1 Then
+          j = j + 1
+          i = 0
+        Else
+          Exit Do
+        End If
+        Else
+        set el = document.createElement("OPTION")
+        el.text = temp
+        el.value = j
+        If temp = "Microsoft Base Cryptographic Provider v1.0" Then
+          first = j
+        End If
+        TheForm.cryptprovider.add(el)
+        If first = 0  Then
+          first = 1
+          TheForm.cryptprovider.selectedIndex = 0
+        Else
+          TheForm.cryptprovider.selectedIndex = first
+        End If
+        i = i + 1
+        End If
+        Loop
+End Function
+
+-->
+</SCRIPT>
+The administrator is a privileged user who manages this subsystem. Please enter the following relevant information, and a certificate request will be automatically generated and submitted. An administrator's entry will be created in the internal database and an administrator's certificate will be imported into this browser automatically in the next panel.
+<br/>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<br/>
+    <br/>
+                                                                                
+    <table class="details">
+      <tr>
+        <th>UID:</th>
+#if ($clone != 'clone')
+        <td><input type=text name=uid value="$admin_uid"></td>
+#else
+        <td><input type=text name=uid value="$admin_uid" disabled="disabled"></td>
+#end
+      </tr>
+      <tr>
+        <th>Name:</th>
+#if ($clone != 'clone')
+        <td><input size=35 type=text name=name value="$admin_name"></td>
+#else
+        <td><input size=35 type=text name=name value="$admin_name" disabled="disabled"></td>
+#end
+      </tr>
+      <tr>
+        <th>Email:</th>
+#if ($clone != 'clone')
+        <td><input size=35 type=text name=email value="$admin_email"></td>
+#else
+        <td><input size=35 type=text name=email value="$admin_email" disabled="disabled"></td>
+#end
+      </tr>
+      <tr>
+        <th>Password:</th>
+#if ($clone != 'clone')
+        <td><input type="password" size="40" name="__pwd" value="$admin_pwd" autocomplete="off"/></td>
+#else
+        <td><input type="password" size="40" name="__pwd" value="$admin_pwd" disabled="disabled" autocomplete="off"/></td>
+#end
+      </tr>
+      <tr>
+        <th>Password (Again):</th>
+                                                                              
+#if ($clone != 'clone')
+        <td><input type="password" size="40" name="__admin_password_again" value="$admin_pwd_again" autocomplete="off"/></td>
+#else
+        <td><input type="password" size="40" name="__admin_password_again" value="$admin_pwd_again" disabled="disabled" autocomplete="off"/></td>
+#end
+<input type="hidden" name="cert_request" value=""/>
+<input type="hidden" name="display" value=$displayStr />
+<input type="hidden" name="profileId" value="caAdminCert" />
+<input type="hidden" name="cert_request_type" value="crmf" />
+<input type="hidden" name="import" value=$import />
+<input type="hidden" name="uid" value="admin" />
+<input type="hidden" name="clone" value=$clone />
+<input type="hidden" name="securitydomain" value="$securityDomain" />
+<input type="hidden" name="subject" value="cn=x" />
+      </tr>
+      <tr>
+        <th>Key Type:</th>
+        <td><select name="keytype"><option value="rsa">RSA</option><option value="ecc">ECC</option></select></td>
+      </tr>
+    </table>
+                                                                                     <div align="right">
+      <hr />
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/agentauthenticatepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/agentauthenticatepanel.vm
new file mode 100644
index 000000000..738efe5b3
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/agentauthenticatepanel.vm
@@ -0,0 +1,47 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<h2>Authentication</h2>
+<br/>
+The uid and password are used to authenticate to the CA from which this subsystem's certificates are issued. Enter the uid and password of the Certificate Manager Agent who will approve the certificate requests.
+<br/>
+#if ($errorString != "")
+<img alt="" src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+    <table class="details">
+      <tr>
+        <th>Uid:</th>
+
+        <td><input type="text" size="40" name="uid" value="$uid"/></td>
+      </tr>
+      <tr>
+        <th>Password:</th>
+
+        <td><input type="password" size="40" name="__password" value="$password" autocomplete="off"/></td>
+      </tr>
+    </table>
+<br/>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/authdbpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/authdbpanel.vm
new file mode 100644
index 000000000..3ebb96853
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/authdbpanel.vm
@@ -0,0 +1,67 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT LANGUAGE="JavaScript">
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+    Please provide information about the LDAP server that will be used to authenticate the identity of end users. <a href="javascript: toggle_details();">[Details]</a>
+<script>
+function toggle_details() {
+  d = document.getElementById('details');   if (d.style.display == "block") {
+    d.style.display="none";   } else {
+    d.style.display="block";
+  } } </script>
+<div id=details style="display: none;"> <p>
+    In order for ESC to submit certificate requests to TPS, the end user's identity must first be verified.  To accomplish this, an end user first sends a uid and password to TPS.  TPS must then contact an LDAP server (e.g. - a corporate LDAP directory server) to verify this end user's identity.
+<p>
+If the end user's identity is successfully verified, TPS will establish an authenticated connection with this ESC, and begin accepting certificate requests and issuing certificates to this end user.
+<p>
+If, however, the end user's identity fails to be verified, TPS will not establish a connection with this ESC. TPS never issues certificates to unauthenticated end users.
+</div>
+<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<p>                                                                            
+
+    <table class="details">
+      <tr>
+        <th>Host:</th>
+        <td><input type="text" length="128" size="40" name="host" value="$hostname" /></td>
+      </tr>
+
+      <tr>
+        <th>Port:</th>
+
+        <td><input type="text" length="64" size="40" name="port" value="$portStr" />
+          <input type="CHECKBOX" NAME="secureConn" value="true">SSL </td>
+      </tr>
+            
+      <tr>
+        <th>Base DN:</th>
+        <td><input type="text" length="128" size="40" name="basedn" value="$basedn" /></td>
+      </tr>
+    </table>
+ 
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/cainfopanel.vm b/base/tps/apache/docroot/tps/admin/console/config/cainfopanel.vm
new file mode 100644
index 000000000..8d2e54251
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/cainfopanel.vm
@@ -0,0 +1,54 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT LANGUAGE="JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+
+</SCRIPT>
+A Certificate Authority (CA) is responsible for issuing different kinds of certificates. Each Enterprise Security Client (ESC) interfaces with a TPS subsystem to request end user certificates. Consequently, to obtain these certificates, an HTTPS EE URL to a CA that has been registered in the security domain must also be selected.
+<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<p>
+    <table class="details">
+      <tr>
+        <th>URL:</th>
+        <td><select name="urls">
+           #if ($urls_size != 0)
+           #set ($x=0)
+           #foreach ($p in $urls)
+               <option value="$x">$p</option>
+               #set ($x=$x+1)
+           #end
+           #end
+            </select>
+        </td>
+      </tr>
+    </table>
+
+
+     <div align="right">
+      <hr />
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/certchainpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/certchainpanel.vm
new file mode 100644
index 000000000..d6b7b3fe4
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/certchainpanel.vm
@@ -0,0 +1,48 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<b>Pretty Print of Certificates on this subsystem.
+<p>
+#foreach ($item in $ppcerts)
+<H2>$item.getDN()</H2>
+<table width=100%>
+<tr bgcolor="#cccccc">
+  <td width=20%><b>Certificate: $item.getNickname()</b></td>
+</tr>
+
+<tr>
+  <td><textarea rows=24 cols=80 wrap="virtual" name=$item.getCertTag()>$item.getCertpp()</textarea></td>
+</tr>
+</table>
+#end
+
+    <br/>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/certprettyprintpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/certprettyprintpanel.vm
new file mode 100644
index 000000000..0e5f05af6
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/certprettyprintpanel.vm
@@ -0,0 +1,48 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+The following certificates were installed on this instance.
+<p>
+#foreach ($item in $ppcerts)
+<H2>$item.getDN()</H2>
+<table width=100%>
+<tr bgcolor="#cccccc">
+  <td width=20%><b>Certificate: $item.getNickname()</b></td>
+</tr>
+
+<tr>
+  <td><textarea rows=24 cols=80 wrap="virtual" name=$item.getCertTag()>$item.getCertpp()</textarea></td>
+</tr>
+</table>
+#end
+
+    <br/>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/certrequestpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/certrequestpanel.vm
new file mode 100644
index 000000000..632b27c34
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/certrequestpanel.vm
@@ -0,0 +1,224 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<style type="text/css">
+
+.floating {
+  position: absolute;
+  left: 250px;
+  top: 50px;
+  width: 600px;
+  padding: 3px;
+  border: solid;
+  border-width: 5px;
+  background: white;
+  display: none;
+  margin: 5px;
+}
+</style>
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+
+function showcert(element, event)
+{
+  var x = event.clientX;
+  var y = event.clientY;
+
+  var content = element.getAttribute("content");
+  var content_d = element.getAttribute("content_desc");
+
+  if (content == null) { return false; }
+
+  var n = element.getAttribute("n");
+
+  var editableType = element.getAttribute("editableType");
+  var desc;
+  var d;
+  var c;
+  if (editableType == "cert")
+  {
+    d = document.getElementById(n+"_editCertDiv");
+    c = document.getElementById(n+"_text");
+    desc = document.getElementById(n+"_desc_t");
+  } else if (editableType == "certchain") {
+    d = document.getElementById(n+"_editCertChainDiv");
+    c = document.getElementById(n+"_cc_text");
+    desc = document.getElementById(n+"_cc_desc_t");
+  } else {
+    d = document.getElementById(n+"_showCertDiv");
+    c = document.getElementById(n+"_pre");
+    desc = document.getElementById(n+"_desc_p");
+  }
+
+  if (desc.hasChildNodes())
+  {
+    desc.removeChild(desc.childNodes[0]);
+  }
+  var content_desc = document.createTextNode(content_d);
+  desc.appendChild(content_desc);
+    
+  if (c.hasChildNodes())
+  {
+    c.removeChild(c.childNodes[0]);
+  }
+  var content_text = document.createTextNode(content);
+  c.appendChild(content_text);
+    
+  d.style.left = x+30; // x-offset of floating div
+  assumedheight = 1000;
+
+  var offset = 20;     // extra y-offset of floating div
+  var bottom =  y + offset + assumedheight;
+  if (bottom > window.innerHeight) {
+     offset = 0 - (2*offset) - assumedheight;
+  }
+
+  d.style.top = y+ offset +document.body.scrollTop;
+
+  // unhide the window
+  d.style.display ="block";
+
+}
+
+function hide(tag)
+{
+    document.getElementById(tag+"_showCertDiv").style.display ="none";
+    document.getElementById(tag+"_editCertDiv").style.display ="none";
+    document.getElementById(tag+"_editCertChainDiv").style.display ="none";
+}
+
+</SCRIPT>
+A certificate signing request (CSR) contains a public key and is an unsigned copy of the certificate.
+<p>
+If a given CSR has been successfully signed by a CA, then the certificate will be designated below by a certificate icon labeled Certificate Generated Successfully.
+<p>
+However, if a given CSR contains an <font color="red">action required</font> label under its certificate icon, then those requests must be <i>manually</i> submitted to a CA for certificate generation.
+<p>
+Press the [Apply] button after certificates and chains are pasted in.
+<p>
+Press the [Next] button once all certificates have been generated successfully.
+<p>
+#foreach ($item in $reqscerts)
+<H2>$item.getDN()</H2>
+<table width=100%>
+<tr>
+  <td width=10%></td>
+  <td width=20%></td>
+  <td width=70%></td>
+</tr>
+
+<tr>
+  <td>&nbsp;</td>
+#if ($item.getCert() == "...paste certificate here...") 
+  <td><font color=red>action required</font><br>
+<img src="/pki/images/no-certificate.png"/></td>
+#else
+  #if ($item.getCert() == "...certificate be generated internally...")
+<td>
+  <img src="/pki/images/no-certificate.png"/><br>
+  certificate will be generated internally
+  </td>
+  #else
+    #if ($item.getCert() == "")
+  <td>
+<img src="/pki/images/no-certificate.png"/><br>
+  No Certificate Generated. Please import.<br>
+  </td>
+    #else
+  <td>
+<img src="/pki/images/certificate.png"/><br>
+  Certificate Generated Successfully
+  </td>
+    #end
+  #end
+#end
+
+<td>
+
+
+#if ($item.getCert() == "...paste certificate here...") 
+<a content="$item.getRequest()" content_desc="Copy the following Certificate Request (CSR) and paste it in the external CA enrollment page for enrollment" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> Step 1: Copy the Certificate Request (CSR) to enroll at an external CA</a><p>
+<a content="" content_desc="Copy the base64-encoded PKCS #7 certificate chain into the text box below and press 'X'" n="$item.getCertTag()" editableType="certchain" href="#" onclick="showcert(this,event);"> Step 2: Import the PKCS #7 Certificate Chain (optional if the certificate already contains the chain)</a><p>
+<a content="$item.getCert()" content_desc="Copy the resulting base64-encoded certificate (NOTE: PKCS #7 not accepted) into the text box below and press 'X'" n="$item.getCertTag()" editableType="cert" href="#" onclick="showcert(this,event);"> Step 3: Paste in the Base64-encoded Certificate after enrollment at an external CA (NOTE: this text box does not accept PKCS #7 certificate chains)</a><p>
+#else
+  #if ($item.getCert() == "...certificate be generated internally...")
+<p>
+  #else
+<a content="$item.getRequest()" content_desc="Certificate Request (CSR)" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> View Certificate Request (CSR)</a><p>
+<a content="$item.getCert()" content_desc="Certificate in Base64 encoding" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> View Certificate in Base64-Encoding</a><p>
+<a content="$item.getCertpp()" content_desc="Certificate in pretty print" n="$item.getCertTag()" href="#" onclick="showcert(this,event);"> View Certificate Pretty Print</a><p>
+  #end
+#end
+
+
+</td>
+</tr>
+</table>
+                                                                                
+<div id="$item.getCertTag()_showCertDiv" class="floating">
+<div align="right" onclick="hide('$item.getCertTag()');">X</div>
+<table id="$item.getCertTag()_stable" width="100%">
+<tr>
+<td id="$item.getCertTag()_desc_p"></td>
+</tr>
+<tr>
+<td><pre name="$item.getCertTag()" id="$item.getCertTag()_pre">$item.getCert()</pre></td>
+</tr>
+</table>
+</div>
+
+<div id="$item.getCertTag()_editCertDiv" class="floating">
+<div align="right" onclick="hide('$item.getCertTag()');">X</div>
+<table id="$item.getCertTag()_etable" width="100%">
+<tr>
+<td id="$item.getCertTag()_desc_t"></td>
+</tr>
+<tr>
+<td><textarea rows=30 cols=90 name="$item.getCertTag()" id="$item.getCertTag()_text" style="font-family: monospace;">$item.getCert()</textarea></td>
+</tr>
+</table>
+</div>
+
+<div id="$item.getCertTag()_editCertChainDiv" class="floating">
+<div align="right" onclick="hide('$item.getCertTag()');">X</div>
+<table id="$item.getCertTag()_cc_etable" width="100%">
+<tr>
+<td id="$item.getCertTag()_cc_desc_t"></td>
+</tr>
+<tr>
+<td><textarea rows=30 cols=90 name="$item.getCertTag()_cc" id="$item.getCertTag()_cc_text" style="font-family: monospace;"></textarea></td>
+</tr>
+</table>
+</div>
+
+
+#end
+
+    <p>
+
+
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/config_addhsm.vm b/base/tps/apache/docroot/tps/admin/console/config/config_addhsm.vm
new file mode 100644
index 000000000..90d2f0ea9
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/config_addhsm.vm
@@ -0,0 +1,95 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+<SCRIPT LANGUAGE="JavaScript">
+    function checkClose() {
+      if ('$status' == "update" && '$error' == '') {
+            window.close();
+      }
+    }
+
+</SCRIPT>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+  </head>
+
+
+  <body onLoad="checkClose();"><div id="wrap"><div id="wrap">
+  
+<div id="mainNavOuter">
+<div id="mainNav">
+
+<div id="mainNavInner">
+
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td class="page-content" width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Security Modules</h1>
+Keys will be generated and stored on security modules. A security module can be hardware-based or software-based. Hardware-based security modules are more secure.
+<p>
+<H2>Registering a New Security Module</H2>
+<form name=configForm action="config_addhsm" method="post">
+<p>
+If the desired security module is not listed, it is possible that this security module's PKCS #11 library was not registered with the system. Please register a new security module here.
+<table>
+<tr>
+  <td>
+Library Path: <input type=text name="modulePath" value="">
+  </td>
+</tr>
+<tr>
+  <td>
+Module Name: <input type=text name="moduleName" value="">
+  </td>
+<tr>
+</tr>
+</table>
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+<input onclick="configForm.submit()" type=button name=config_addhsm_next value="Apply">                                                                                
+  </td>
+</tr>
+</table>
+</form>
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/config_db.vm b/base/tps/apache/docroot/tps/admin/console/config/config_db.vm
new file mode 100644
index 000000000..ba40c7cee
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/config_db.vm
@@ -0,0 +1,125 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+
+<SCRIPT LANGUAGE="JavaScript">
+    function donePanel(errorStr, displayS) {
+      if (displayS == "loaded") {
+        if (errorStr == '') {
+            window.close();
+        }
+      }
+    }
+</SCRIPT>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+  </head>
+
+
+  <body onLoad="donePanel('$errorString', '$displayStr')">
+<div id="wrap">
+#include ( "admin/console/config/header.vm" )
+
+<div id="mainNavOuter">
+<div id="mainNav">
+                                                                                
+<div id="mainNavInner">
+                                                                                
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Internal Database </h1>
+
+    <form name=configForm action="config_db" method="post">
+    <b>Internal Database Connection</b> <p>This option allows sharing an internal database to improve managability.<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+    <table class="details">
+      <tr>
+        <th>Host:</th>
+                                                                                
+        <td><input type="text" length="128" size="40" name="host" value="$hostname" /></td>
+      </tr>
+                                                                                
+      <tr>
+        <th>Port:</th>
+                                                                                
+        <td><input type="text" length="64" size="40" name="port" value="$portStr" /></td>
+      </tr>       
+      <tr>
+        <th>Base DN:</th>
+        <td><input type="text" length="128" size="40" name="basedn" value="$basedn" /></td>
+      </tr>
+      <tr>
+        <th>Database:</th>
+                                                                                
+        <td><input type="text" length="128" size="40" name="database" value="$database"  /></td>
+      </tr>
+      <tr>
+        <th>Bind DN:</th>
+        <td><input type="text" length="128" size="40" name="binddn" value="$binddn" /></td>
+      </tr>
+      <tr>
+        <th>Bind Password:</th>
+                                                                                
+        <td><input type="password" length="128" size="40" name="__bindpwd" value="$bindpwd" autocomplete="off" /></td>
+      </tr>
+        <td><input type="hidden" name="display" value=$displayStr /></td>
+    </table>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
+                                                                                
+
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+<input onclick="configForm.submit()" type="button" name="config_db_next" value="Apply">                                                                                
+  </td>
+</tr>
+</table>
+
+    </form>
+
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/config_hsm.vm b/base/tps/apache/docroot/tps/admin/console/config/config_hsm.vm
new file mode 100644
index 000000000..7ec82522c
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/config_hsm.vm
@@ -0,0 +1,175 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+<SCRIPT LANGUAGE="JavaScript">
+    function checkClose() {
+      if ('$status' == "update" && '$error' == '') {
+            window.close();
+      }
+    }
+
+</SCRIPT>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+  </head>
+
+
+  <body onLoad="checkClose();"><div id="wrap">
+  
+<div id="mainNavOuter">
+<div id="mainNav">
+
+<div id="mainNavInner">
+
+#include ( "admin/console/config/topmenu.vm" )
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Security Modules </h1>
+
+<form name=configForm action="config_hsm" method="post">
+
+Keys will be generated and stored on security modules. A security module can be hardware-based or software-based. Hardware-based security modules are more secure. Please make sure that at least one security module is listed below.
+<p>
+<H2>Supported Security Modules</H2>
+<table width=100%>
+<tr bgcolor="#cccccc">
+  <td width=20%><b>Module/Token</b></td>
+  <td width=10%><b>Status</b></td>
+  <td width=10%><b>Default</b></td>
+  <td width=10%><b>Operations</b></td>
+</tr>
+#foreach ($module in $sms)
+<tr bgcolor="#eeeeee">
+  <td><img src=$module.getImagePath()><br>$module.getUserFriendlyName()</td>
+  <td>
+	#if ($module.isFound())
+		Found
+	#else
+		Not Found
+	#end
+  </td>
+  <td></td>
+  <td></td>
+</tr>
+#foreach ($token in $module.getTokens())
+<tr>
+  <td>- $token.getNickName()</td>
+    <td>
+	#if ($token.isLoggedIn())
+	   Logged In
+	#else
+       	   Not logged In
+	#end
+    </td>
+  <td>
+    #if ($defTok == $token.getNickName())
+      <input checked type=radio name="choice" value="$token.getNickName()">
+    #else
+      <input type=radio name="choice" value="$token.getNickName()">
+    #end
+  </td>
+  <td></td>
+</tr>
+#end
+#end
+
+</table>
+<H2>Other Security Modules</H2>
+<h3>The security modules listed below are modules found by the server but not recognized as one of the supported modules. If the user believes that any listed modules below should have been supported, please check the "CS.cfg" configuration file to see if there is a name mismatch and adjust this accordingly.</h3>
+<table width=100%>
+<tr bgcolor="#cccccc">
+  <td width=20%><b>Module/Token</b></td>
+  <td width=10%><b>Status</b></td>
+  <td width=10%><b>Default</b></td>
+  <td width=10%><b>Operations</b></td>
+</tr>
+#foreach ($module in $oms)
+<tr bgcolor="#eeeeee">
+  <td>$module.getUserFriendlyName()</td>
+  <td>
+	#if ($module.isFound())
+		Found
+	#else
+		Not Found
+	#end
+  </td>
+  <td></td>
+  <td></td>
+</tr>
+#foreach ($token in $module.getTokens())
+<tr>
+  <td>- $token.getNickName()</td>
+    <td>
+	#if ($token.isLoggedIn())
+	  Logged In
+	#else
+          Not logged In
+	#end
+    </td>
+  <td>
+    #if ($defTok == $token.getNickName())
+      <input checked type=radio name="choice" value="$token.getNickName()">
+    #else
+      <input type=radio name="choice" value="$token.getNickName()">
+    #end
+  </td>
+  <td></td>
+</tr>
+#end
+#end
+
+</table>
+
+  </td>
+</tr>
+</table>
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+<input onclick="configForm.submit()" type=button name=config_hsm value="Apply">                                                                                
+  </td>
+</tr>
+</table>
+</form>
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/config_hsmloginpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/config_hsmloginpanel.vm
new file mode 100644
index 000000000..332f2f470
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/config_hsmloginpanel.vm
@@ -0,0 +1,82 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT LANGUAGE="JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+  <h1>
+  Security Modules Login Panel</h1>
+Keys will be generated and stored on security modules. A security module can be hardware-based or software-based. Hardware-based security modules are more secure.
+<p>
+<H2>Security Token Login</H2>
+<form name=configHSMLoginForm action="config_hsmlogin" method="post">
+<p>
+The user has chosen to login to the following security module: <b>$SecToken</b>
+<p>
+#if ($status == "alreadyLoggedIn")
+	Token already logged in.
+#else
+   #if ($status == "tokenPasswordNotInitialized")
+	Token password not initialized.
+   #else
+      #if ($status == "justLoggedIn")
+          Token logged in successfully.
+      #else
+<table>
+<tr>
+  <td>
+Security Module Token Name: <b><input type=text name="uTokName" value="$SecToken"></b>
+  </td>
+</tr>
+<tr>
+  <td>
+Security Module Token Password: <input type=password name="__uPasswd" value="" autocomplete="off">
+  </td>
+<tr>
+</tr>
+</table>
+<p>
+      #end
+    #end
+#end
+
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+
+  </td>
+</tr>
+</table>
+	</td>
+      </tr>
+    </table>
+
+    <p>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
+
+
diff --git a/base/tps/apache/docroot/tps/admin/console/config/config_join.vm b/base/tps/apache/docroot/tps/admin/console/config/config_join.vm
new file mode 100644
index 000000000..49e43fbc4
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/config_join.vm
@@ -0,0 +1,124 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+  </head>
+
+<SCRIPT LANGUAGE="JavaScript">
+    function checkClose() {
+      if ('$status' == "update" && '$error' == '') {
+            window.close();
+      }
+    }
+</SCRIPT>
+                                                                                
+                                                                                
+  <body onLoad="checkClose();">
+<div id="wrap">
+  
+#include ( "admin/console/config/header.vm" )
+
+<div id="mainNavOuter">
+<div id="mainNav">
+                                                                                
+<div id="mainNavInner">
+                                                                                
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Join the PKI Network </h1>
+
+To join this PKI network, the setup wizard needs to submit the certificate request to a Root or another subordinate CA for signing.
+    <p>
+    <form action="config_join" method="post" name="f">
+                                                                                
+<input type=radio $check_manual name="choice" value="manual">Manually submit this request to a CA.
+<p>
+<table width=100%>
+<tr>
+  <td width=50%>Certificate Request to a CA:</td>
+  <td>Certificate Chain From a CA:</td>
+  </td>
+</tr>
+<tr>
+  <td>
+<textarea rows=8 cols=40 name="req">$certreq</textarea>
+  </td>
+  <td>
+<textarea rows=8 cols=40 name="cert">$cert</textarea>
+  </td>
+</tr>
+</table>
+<p>
+<input type=radio $check_auto name="choice" value="auto">Automatically submit the request to a Dogtag Certificate Authority
+<br>
+    <table class="details">
+      <tr>
+        <th width=10%>URL:</th>
+        <td><input type="text" length="128" size="40" name="url" value="https://localhost" /></td>
+      </tr>
+                                                                                
+      <tr>
+        <th>UID:</th>
+        <td><input type="text" length="64" size="40" name="uid" value="agent" /></td>
+      </tr>       
+      <tr>
+        <th>Password:</th>
+        <td><input type="password" length="64" size="40" name="__pwd" value="" autocomplete="off" /></td>
+      </tr>       
+    </table>
+<p>
+                                                                                
+    <div align="right">
+      <hr />
+    </div>
+                                                                                
+    </form>
+
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+<input onclick="javascript: document.f.submit();" type=button name=next value="Apply">                                                                                
+  </td>
+</tr>
+</table>
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/config_rootca.vm b/base/tps/apache/docroot/tps/admin/console/config/config_rootca.vm
new file mode 100644
index 000000000..7e17fef35
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/config_rootca.vm
@@ -0,0 +1,112 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+  </head>
+
+<SCRIPT LANGUAGE="JavaScript">
+    function checkClose() {
+      if ('$status' == "update" && '$error' == '') {
+            window.close();
+      }
+    }
+</SCRIPT>
+
+
+  <body onLoad="checkClose();">
+<div id="wrap">
+  
+#include ( "admin/console/config/header.vm" )
+
+<div id="mainNavOuter">
+<div id="mainNav">
+                                                                                
+<div id="mainNavInner">
+                                                                                
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Root CA </h1>
+
+A Root CA provides a set of predefined signing capabilities. Please select the capabilities that this CA needs to provide.
+    <p>
+
+<form name="f" action="config_rootca" method="post">
+                                                                                
+<H2>CA Certificate Profile</H2>
+
+<p>
+    <table class="details">
+      <tr>
+        <th width=10%>Profile:</th>
+                                                                                
+        <td><select name="profile">
+#foreach ($p in $profiles)
+#if ($p.getID() == $selected_profile_id)
+        <option selected value="$p.getID()">$p.getName()</option>
+#else
+        <option value="$p.getID()">$p.getName()</option>
+#end
+#end
+        </select>
+        </td>
+      </tr>
+    </table>
+<p>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
+                                                                                
+    </form>
+
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+<input onclick="javascript: document.f.submit()" type=button name=next value="Apply">                                                                                
+  </td>
+</tr>
+</table>
+
+
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/createsubsystempanel.vm b/base/tps/apache/docroot/tps/admin/console/config/createsubsystempanel.vm
new file mode 100644
index 000000000..1ddd7a90c
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/createsubsystempanel.vm
@@ -0,0 +1,98 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<h2>Subsystem Configuration</h2>
+<p>
+#if ($systemType != "tps")
+This instance can be configured as either a new $systemname subsystem or a clone of an existing $systemname. If the cloning option is chosen, please provide the URL to an existing $systemname instance.
+#else
+This instance can be configured as a new $systemname subsystem.
+#end
+<br/>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<br/>
+<b><input $check_newsubsystem type=radio name=choice value="newsubsystem">&nbsp;Configure this Instance as a New $systemname Subsystem </b>
+<br/>
+    <table class="details">
+      <tr>
+        <th>Subsystem Name: </th>
+        <td><input type=text size="40" name="subsystemName" value="$subsystemName"> (e.g. - $fullsystemname)</td>
+      </tr>
+      <tr>
+        <th>Subsystem HTTP URL (unsecure): </th>
+        <td>http://$machineName:$http_port</td>
+      </tr>
+      <tr>
+        <th>Subsystem HTTPS URL (clientauth): </th>
+        <td>https://$machineName:$https_port</td>
+      </tr>
+      <tr>
+        <th>Subsystem HTTPS URL (non-clientauth): </th>
+        <td>https://$machineName:$non_clientauth_https_port</td>
+      </tr>
+    </table>
+<p>
+#if ($disableClone)
+<b><input $check_clonesubsystem type=radio name=choice value="clonesubsystem" disabled="disabled">&nbsp;Clone an Existing $systemname Subsystem </b>
+#else
+<b><input $check_clonesubsystem type=radio name=choice value="clonesubsystem">&nbsp;Clone an Existing $systemname Subsystem </b>
+#end
+<br/>
+    <table class="details">
+      <tr>
+        <th>Subsystem Name: </th>
+#if ($disableClone)
+        <td><input disabled="disabled" type=text size="40" name="subsystemName" value="$subsystemName"> (e.g. - $fullsystemname
+ Clone 1)</td>
+#else
+        <td><input type=text size="40" name="subsystemName" value="$subsystemName"> (e.g. - $fullsystemname
+ Clone 1)</td>
+#end
+      </tr>
+      <tr>
+        <th>Subsystem URL: </th>
+#if ($disableClone)
+        <td><select name="urls" disabled="disabled">
+#else
+        <td><select name="urls">
+#end
+           #if ($urls_size != 0) 
+           #set ($x=0)
+           #foreach ($p in $urls)
+               <option value="$x">$p</option>
+               #set ($x=$x+1)
+           #end
+           #else
+               <option selected value="none">NONE</option>
+           #end
+        </select>
+        </td>
+      </tr>
+    </table>
+<br/>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/databasepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/databasepanel.vm
new file mode 100644
index 000000000..ce168fd2a
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/databasepanel.vm
@@ -0,0 +1,93 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+Please provide information to an existing Fedora Directory Server that can be used as the internal database for this instance. <a href="javascript:toggle_details();">[Details]</a>
+<SCRIPT type="text/JavaScript">
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+</script>
+<div id=details style="display: none;">
+<p>
+Each instance needs access to a Fedora Directory Server instance to store requests and records. Each PKI instance may create its own associated internal database, or may share an existing internal database. To share an existing internal database instance, a PKI instance would only need to establish a unique distinguished name (DN) using the field entitled <b>Base DN</b> and a unique database name using the field entitled <b>Database</b>. 
+</div>
+<p>
+<i>Note: If the Fedora Directory Server is at a remote host, it is highly recommended that SSL should be used.</i>
+<br/>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<br/>                                                                            
+
+    <table class="details">
+      <tr>
+        <th>Host:</th>
+        <td><input type="text" size="40" name="host" value="$hostname" /></td>
+      </tr>
+            
+      <tr>
+        <th>Port:</th>
+                                
+        <td><input type="text" size="40" name="port" value="$portStr" />  
+<input type="CHECKBOX" NAME="secureConn" value="true">SSL
+</td>
+      </tr>       
+      <tr>
+        <th>Base DN:</th>
+        <td><input type="text" size="40" name="basedn" value="$basedn" /></td>
+      </tr>
+      <tr>
+        <th>Database:</th>
+
+        <td><input type="text" size="40" name="database" value="$database"  /></td>
+      </tr>
+      <tr>
+        <th>Bind DN:</th>
+        <td><input type="text" size="40" name="binddn" value="$binddn" /></td>
+      </tr>
+      <tr>
+        <th>Bind Password:</th>
+
+        <td><input type="password" size="40" name="__bindpwd" value="$bindpwd" autocomplete="off" /></td>
+      </tr>
+    </table>
+        <input type="hidden" name="display" value=$displayStr />
+ 
+#if ($firsttime == 'false')
+<input type="CHECKBOX" NAME="removeData">Remove the existing data from the <b>Base DN</b> shown above.<p>
+#end
+
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/displaycertchain2panel.vm b/base/tps/apache/docroot/tps/admin/console/config/displaycertchain2panel.vm
new file mode 100644
index 000000000..3a13b7cd4
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/displaycertchain2panel.vm
@@ -0,0 +1,40 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT LANGUAGE="JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<p>
+A certificate chain is a list of all certificates chained up to the root.
+<p>
+If the entire certificate chain is displayed below, click the Next button to import it into this subsystem. This certificate chain will then be trusted for this instance.
+<p>
+If no certificate chain is listed below, simply click the Next button to move on to the next panel.
+<p>
+<pre>
+$certchain
+</pre>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
diff --git a/base/tps/apache/docroot/tps/admin/console/config/displaycertchainpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/displaycertchainpanel.vm
new file mode 100644
index 000000000..f7b9dee90
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/displaycertchainpanel.vm
@@ -0,0 +1,40 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<br/>
+A certificate chain is a list of all certificates chained up to the root.
+<br/>
+If a certificate chain is displayed below, click the Next button to trust this certificate chain for this instance.
+<br/>
+If no certificate chain is listed below, simply click the Next button to move on to the next panel.
+<br/>
+<pre>
+$certchain
+</pre>
+#if ($errorString != "")
+<img alt="" src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
diff --git a/base/tps/apache/docroot/tps/admin/console/config/donepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/donepanel.vm
new file mode 100644
index 000000000..2aa76ff0c
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/donepanel.vm
@@ -0,0 +1,54 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<input type="hidden" name="host" value=$host />
+<input type="hidden" name="port" value=$port />
+<input type="hidden" name="systemType" value=$systemType />
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+#if ($systemType == "tks")
+As 'root', restart the server on the command line by typing "$initCommand restart $instanceID". After performing this restart, the server should become operational. 
+#else
+#if ($externalCA == "true" && $systemType == "kra")
+As 'root', restart the server on the command line by typing "$initCommand restart $instanceID". Startup the administration console to add the peer CA to the Trusted Manager's Group. Make sure to add the transport certificate and connector information to the peer CA. After performing this restart, the server should become operational.
+#else
+As 'root', restart the server on the command line by typing "$initCommand
+ restart $instanceID". After performing this restart, the server should become operational.
+<br/>
+Please go to the <A href="https://$host:$non_clientauth_port">services page</A> to access all of the available interfaces.
+<br/>
+Each Enterprise Security Client (ESC) talks to a TPS config URL for token management functions located at <A href="http://$host:$unsecurePort/cgi-bin/home/index.cgi">http://$host:$unsecurePort/cgi-bin/home/index.cgi</A>.
+<br/>
+#end
+#end
+<br/>
+To create additional instances, type "/usr/bin/pkicreate" on the command line.
+<br/>
+#if ($systemType != "tps")
+To start the administration console, type "/usr/bin/pkiconsole" on the command line.
+#end
diff --git a/base/tps/apache/docroot/tps/admin/console/config/drminfopanel.vm b/base/tps/apache/docroot/tps/admin/console/config/drminfopanel.vm
new file mode 100644
index 000000000..8931bf1c9
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/drminfopanel.vm
@@ -0,0 +1,55 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT LANGUAGE="JavaScript">
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+
+</SCRIPT>
+A Data Recovery Manager (DRM) is responsible for server-side key generation, archival, and recovery. If server-side key generation is not needed, this step can be skipped.
+<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+<p>
+#end
+<b><input checked type=radio name=choice value="keygen">&nbsp;Connect this instance to the HTTPS Agent URL of a DRM to support server-side key generation.</b>
+<p>
+<p>
+    <table class="details">
+      <tr>
+        <th>URL:</th>
+        <td><select name="urls">
+           #if ($urls_size != 0)
+           #set ($x=0)
+           #foreach ($p in $urls)
+               <option value="$x">$p</option>
+               #set ($x=$x+1)
+           #end
+           #end
+            </select>
+        </td>
+      </tr>
+    </table>
+    <div align="right">
+      <hr />
+    </div>
+<p>
+<b><input type=radio name=choice value="nokeygen">&nbsp;Configure this instance to NOT support server-side key generation.</b>
+<p>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/footer.vm b/base/tps/apache/docroot/tps/admin/console/config/footer.vm
new file mode 100644
index 000000000..a596e45b1
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/footer.vm
@@ -0,0 +1,19 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+  <div id="footer">
+  </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/header.vm b/base/tps/apache/docroot/tps/admin/console/config/header.vm
new file mode 100644
index 000000000..e0fe6a962
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/header.vm
@@ -0,0 +1,25 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<div id="header">
+    <a href="http://pki.fedoraproject.org" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="/pki/images/logo_header.gif" alt="Dogtag" id="myLogo" /></a>
+    <div id="headerpaddedtitle">
+    <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">&reg;</font></sup> Certificate System</a>
+    </div>
+    <div id="account">
+    </div>
+</div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/hierarchypanel.vm b/base/tps/apache/docroot/tps/admin/console/config/hierarchypanel.vm
new file mode 100644
index 000000000..0138188e9
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/hierarchypanel.vm
@@ -0,0 +1,79 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+  setURL();
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<h2>PKI Hierarchy</h2>
+<p>
+This CA instance can be either a Self-Signed Root CA or a Subordinate CA. <a href="javascript:toggle_details();">[Details]</a>
+<script>
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+
+function setURL() {
+    var cbox = document.forms[0].elements['urls'];
+    if (document.forms[0].choice[0].checked) {
+        cbox.disabled = "disabled";
+    } else {
+        cbox.disabled = "";
+    }
+}
+
+</script>
+                                                                                
+<div id=details style="display: none;">
+<p>
+The PKI hierarchy establishes the trust relationships between this CA instance and the other PKI instances within this security domain. A CA can be chained under an internal CA, or alternatively, it can be chained under a public or an external CA.
+</div>
+
+<p>
+<b><input $check_root type=radio name=choice value="root" onChange="setURL();">&nbsp;Make this a Self-Signed Root CA within this new PKI hierarchy. <img alt="" src="/pki/images/rootca.gif"></b>
+<p>
+<b><input $check_join type=radio name=choice value="join" onChange="setURL();">&nbsp;Make this a subordinate CA of another CA. <img alt="" src="/pki/images/sub.gif"></b>
+
+    <table class="details">
+      <tr>
+        <th>URL:</th>
+        <td><select name="urls">
+           #if ($urls.size() > 0)
+           #set ($x=0)
+           #foreach ($p in $urls)
+               <option value="$x">$p</option>
+               #set ($x=$x+1)
+           #end
+           #end
+            </select>
+        </td>
+      </tr>
+    </table>
+<p>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/importadmincertpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/importadmincertpanel.vm
new file mode 100644
index 000000000..609b4bf4f
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/importadmincertpanel.vm
@@ -0,0 +1,55 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT ID=ImportCertificate_OnClick LANGUAGE="JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+An administrator's certificate has been created and imported into this browser. This certificate is used to access the agent interface of this subsystem.
+<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<font color="red">$info</font>
+<p>
+    <p>
+                                                                                
+    <table class="details">
+      <tr>
+#if ($ca == 'true' && $import == 'true')
+<iframe scrolling=no frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true"></iframe>
+#else
+#if ($caType == 'ca' && $import == 'true')
+<iframe scrolling=no frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true"></iframe>
+#else
+<iframe scrolling=no frameborder=0 height=0 width=0 src="https://$caHost:$caPort/ca/admin/ca/getBySerial?serialNumber=$serialNumber&importCert=true"></iframe>
+#end 
+#end
+<input type="hidden" name="serialNumber" value=$serialNumber />
+<input type="hidden" name="caHost" value=$caHost />
+<input type="hidden" name="caPort" value=$caPort />
+      </tr>
+    </table>
+                                                                                     <div align="right">
+      <hr />
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/login.vm b/base/tps/apache/docroot/tps/admin/console/config/login.vm
new file mode 100644
index 000000000..73f53afa6
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/login.vm
@@ -0,0 +1,109 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+  </head>
+
+
+  <body><div id="wrap">
+  
+#include ( "tps/admin/console/config/header.vm" )
+
+<div id="mainNavOuter">
+<div id="mainNav">
+
+<div id="mainNavInner">
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+
+<div id="bar">
+
+<div id="systembar">
+<div id="systembarinner">
+
+<div>
+  -
+</div>
+
+
+</div>
+</div>
+
+</div>
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td class="sidebar">
+         
+	</td>
+        <td class="page-content" width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Login</h1>
+
+A one time random pin has been generated during setup to protect unauthorized access to this configuration wizard. This pin has been stored in the "CS.cfg" configuration file as the value of the 'preop.pin' parameter. Please enter this pin to continue.
+
+    <p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+    <p>
+    <form name="f" action="login" method="post">
+                                                                                
+    <table class="details">
+      <tr>
+        <th>PIN:</th>
+        <td><input type=password name="pin"></td>
+      </tr>
+    </table>
+                                                                                     <div align="right">
+      <hr />
+    </div>
+    </form>
+
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+<td align=right>
+<input type=button onclick="javascript: document.f.submit();" name=login value="Login">
+</td>
+</tr>
+</table>
+
+
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+#include ( "tps/admin/console/config/footer.vm" )
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/modulepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/modulepanel.vm
new file mode 100644
index 000000000..812d7ca6c
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/modulepanel.vm
@@ -0,0 +1,161 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+Two lists of security modules are provided below. The <b>Supported Security Modules</b> list consists of both software-based and hardware-based security modules that this PKI solution supports, while the <b>Other Security Modules</b> list consists of any other security modules found by this PKI subsystem that are not recognized as one of the supported security modules. <a href="javascript:toggle_details();">[Details]</a>
+<SCRIPT type="text/JavaScript">
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+</script>
+<div id=details style="display: none;">
+<br/>
+Key pairs for this instance will be generated and stored on a device called a security module.
+<br/>
+A <b><i>key pair</i></b> consists of a public key and a private key. A <b><i>private key</i></b> is a secret entity which is never exposed to the public, will generally be protected via a security module, and is commonly referred to simply as the <b><i>key</i></b>. A <b><i>public key</i></b> is open, distributable, and while it may also be stored on a security module, it is not protected by this device. A public key, once signed by a CA, is more generally referred to as a <b><i>certificate</i></b>.
+<br/>
+<b><i>Security modules</i></b> can be either hardware-based or software-based. Although hardware-based security modules provide more security for the secret, or private portion of this key, they must be obtained from a third-party vendor and installed prior to deployment of this PKI solution. For this particular PKI implementation, a software-based FIPS 140-1 security module has been included.
+<br/>
+Before any security module solution can be used, a user must first always be authenticated to this security module via a token.  To support this, each security module consists of one or more <b><i>slots</i></b>. For hardware-based security modules, a slot often consists of one or more physical contact points to the device itself (e.g. - a card reader or USB receptacle), while for software-based security modules, these may be thought of as merely a functional entry point into the software.
+<br/>
+Finally, a <b><i>token</i></b> (often generically referred to as a <b><i>smartcard</i></b>), which contains the actual key material, interfaces with the security module via a slot. For hardware-based security modules, this may be something like a physical card containing a chip, or a USB device that can be physically inserted into a USB slot.  For software-based security modules, this can be thought of as an entry in a database. In the case of both hardware-based as well as software-based security modules, a password is the most commonly used method to complete this authentication.
+<br/>
+Since a security module may consist of slots for one or more tokens, the user must be successfully authenticated to each token of the chosen security module before this configuration can continue.
+</div>
+<br/>
+<H2>Supported Security Modules</H2>
+<table width=100%>
+<tr bgcolor="#cccccc">
+  <td width=20%><b>Module/Token</b></td>
+  <td width=10%><b>Status</b></td>
+  <td width=10%><b>Default</b></td>
+  <td width=10%><b>Operations</b></td>
+</tr>
+#foreach ($module in $sms)
+<tr bgcolor="#eeeeee">
+  <td><img alt="" src=$module.getImagePath()><br>$module.getUserFriendlyName()</td>
+  <td>
+	#if ($module.isFound())
+		Found
+	#else
+		Not Found
+	#end
+  </td>
+  <td></td>
+  <td></td>
+</tr>
+#foreach ($token in $module.getTokens())
+<tr>
+  <td>- $token.getNickName()</td>
+    <td>
+	#if ($token.isLoggedIn())
+	   Logged In
+	#else
+       	   Not logged In
+	#end
+    </td>
+  <td>
+   #if ($token.isLoggedIn())
+    #if ($defTok == $token.getNickName())
+      <input checked type=radio name="choice" value="$token.getNickName()">
+    #else
+      <input type=radio name="choice" value="$token.getNickName()">
+    #end
+   #end
+  </td>
+  <td>
+	#if (!$token.isLoggedIn())
+<a href="wizard?p=$subpanelno&amp;SecToken=$token.getNickName()">Login</a>
+	#end
+</td>
+</tr>
+#end
+#end
+
+</table>
+<H2>Other Security Modules</H2>
+<h3>The security modules listed below are modules found by the server but not recognized as one of the supported modules. If the user believes that any listed modules below should have been supported, please check the "CS.cfg" configuration file to see if there is a name mismatch and adjust this accordingly.</h3>
+<table width=100%>
+<tr bgcolor="#cccccc">
+  <td width=20%><b>Module/Token</b></td>
+  <td width=10%><b>Status</b></td>
+  <td width=10%><b>Default</b></td>
+  <td width=10%><b>Operations</b></td>
+</tr>
+#foreach ($module in $oms)
+<tr bgcolor="#eeeeee">
+  <td>$module.getUserFriendlyName()</td>
+  <td>
+	#if ($module.isFound())
+		Found
+	#else
+		Not Found
+	#end
+  </td>
+  <td></td>
+  <td></td>
+</tr>
+#foreach ($token in $module.getTokens())
+<tr>
+  <td>- $token.getNickName()</td>
+    <td>
+	#if ($token.isLoggedIn())
+	  Logged In
+	#else
+          Not logged In
+	#end
+    </td>
+  <td>
+    #if ($defTok == $token.getNickName())
+      <input checked type=radio name="choice" value="$token.getNickName()">
+    #else
+      <input type=radio name="choice" value="$token.getNickName()">
+    #end
+  </td>
+  <td>
+    #if (!$token.isLoggedIn())
+<a href="wizard?p=$subpanelno&amp;SecToken=$token.getNickName()">Login</a>
+    #end
+  </td>
+</tr>
+#end
+#end
+
+</table>
+
+
+    <br/>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/namepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/namepanel.vm
new file mode 100644
index 000000000..0ed2d1adb
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/namepanel.vm
@@ -0,0 +1,90 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+Each certificate associated with this instance needs to have a unique name within the PKI hierarchy. The following information will be used to generate these unique names.  Each certificate will be stored in the security module using a unique nickname.<a href="javascript:toggle_details();">[Details]</a>
+<SCRIPT type="text/JavaScript">
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+</script>
+                                                                                
+<div id=details style="display: none;">
+<p>
+Each unique name, called the certificate's subject name, is referenced as the distinguished name (DN). A DN may be composed of multiple comma separated name=value fields.
+<br/>
+</div>
+
+    <p>
+#if ($errorString != "")
+<img alt="" src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<br/>
+#foreach ($item in $certs)
+<H2>$item.getUserFriendlyName()</H2>
+                                                                                
+    <table class="details">
+      <tr>
+        <th>DN:</th>
+        <td><input type="text" size="70" name="$item.getCertTag()" value="$item.getDN()"/></td>
+      </tr>
+      <tr> 
+        <th>Nickname:</th>
+        <td><input type="text" size="70" name="$item.getCertTag()_nick" value="$item.getNickname()"/></td>
+      </tr>
+    </table>
+<p>
+#end
+<p>
+<hr>
+<p>
+Please select the CA to submit these system certificate requests:
+<p>
+    <table class="details">
+      <tr>
+        <th>URL:</th>
+        <td><select name="urls">
+           #if ($urls_size != 0)
+           #set ($x=0)
+           #foreach ($p in $urls)
+               <option value="$x">$p</option>
+               #set ($x=$x+1)
+           #end
+           #end
+            </select>
+        </td>
+      </tr>
+    </table>
+                                                                                
+   <div align="right">
+      <hr />
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/securitydomainloginpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/securitydomainloginpanel.vm
new file mode 100644
index 000000000..a8c0c8079
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/securitydomainloginpanel.vm
@@ -0,0 +1,108 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+<META http-equiv=Content-Type content="text/html; charset=UTF-8">
+  </head>
+
+
+<div id="wrap">
+<div id="header">
+    <a href="http://pki.fedoraproject.org/" title="Visit pki.fedoraproject.org for more information about Dogtag products and services"><img src="/pki/images/logo_header.gif" alt="Dogtag" id="myLogo" /></a>
+    <div id="headerpaddedtitle">
+    <a href="/" title="Dogtag Network homepage">Dogtag<sup><font size="-2">&reg;</font></sup> Certificate System</a>
+    </div>
+    <div id="account">
+          <dl><dt><span></span></dt><dd></dd></dl>
+    </div>
+</div>
+
+<div id="mainNavOuter">
+<div id="mainNav">
+                                                                                
+<div id="mainNavInner">
+                                                                                
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  Security Domain ($name) Login </h1>
+
+    <form name=sdForm action="getCookie" method="post">
+    <p>The Enterprise $subsystem Administrator will register this $subsystem Subsystem located at $host under this Security Domain located at $sdhost. The credential information will be provided to the Security Domain for authentication.<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+    <table class="details">
+      <tr>
+        <th>Uid:</th>
+                                                                                
+        <td><input type="text" length="128" size="40" name="uid" value="$sd_uid" /></td>
+      </tr>
+                                                                                
+      <tr>
+        <th>Password:</th>
+                                                                                
+        <td><input type="password" length="64" size="40" name="pwd" value="$sd_pwd" autocomplete="off" /></td>
+      </tr>       
+<input type=hidden name=url value="$url">
+
+    </table>
+                                                                                
+    <div align="right">
+      <hr />
+      &nbsp;
+    </div>
+                                                                                
+
+<p>
+<table width=100%>
+<tr bgcolor="#eeeeee">
+  <td>
+<div align="right">
+<input onclick="sdForm.submit()" type="button" name="sd_next" value="Login"> 
+</div>
+  </td>
+</tr>
+</table>
+
+    </form>
+
+	</td>
+      </tr>
+    </table>
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/securitydomainpanel.vm b/base/tps/apache/docroot/tps/admin/console/config/securitydomainpanel.vm
new file mode 100644
index 000000000..6f651f388
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/securitydomainpanel.vm
@@ -0,0 +1,114 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<h2>$panelname</h2>
+<br/>
+A security domain is a registry for all of the PKI services within an enterprise. Applications may use the security domain to locate other PKI services. <a href="javascript:toggle_details();">[Details]</a>
+<SCRIPT type="text/JavaScript">
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+</script>
+                                                                                
+<div id=details style="display: none;">
+<br/>
+This PKI solution allows multiple security domains within an organization, but each security domain must host a Certificate Authority.
+<br/>
+If the user is creating a new security domain, this CA Administrator is also
+the security domain Administrator.
+<br/>
+If this subsystem is joining an existing security domain, the user will need to provide the credential information of the security domain Administrator
+requested in the next panel.
+</div>
+#if ($errorString != "")
+<img alt="" src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<br/>
+#if ($cstype == "CA") 
+<b><input $check_newdomain type=radio name=choice value="newdomain">&nbsp;Create a New Security Domain </b>
+<br/>
+If no security domain exists, a new one must be created for this CA.
+    <table class="details">
+      <tr>
+        <th>Security Domain Name: </th>
+        <td><input type=text size="40" name="sdomainName" value="$sdomainName"> (e.g. - Dogtag Security Domain)</td>
+      </tr>
+      <tr>
+        <th>Security Domain HTTP EE URL (unsecure): </th>
+        <td>http://$machineName:$http_ee_port</td>
+      </tr>
+      <tr>
+        <th>Security Domain HTTPS Agent URL (clientauth): </th>
+        <td>https://$machineName:$https_agent_port</td>
+      </tr>
+      <tr>
+        <th>Security Domain HTTPS EE URL (non-clientauth): </th>
+        <td>https://$machineName:$https_ee_port</td>
+      </tr>
+      <tr>
+        <th>Security Domain HTTPS Admin URL (non-clientauth): </th>
+        <td>https://$machineName:$https_admin_port</td>
+      </tr>
+    </table>
+<br/>
+<b><input $check_existingdomain type=radio name=choice value="existingdomain">&nbsp;Join an Existing Security Domain </b>
+#else
+<b><input disabled="disabled" type=radio name=choice value="newdomain">&nbsp;Create a New Security Domain </b>
+<br/>
+If no security domain exists, a new one must be created for this CA.
+    <table class="details">
+      <tr>
+        <th>Security Domain Name: </th>
+        <td><input disabled="disabled" type=text size="40" name="sdomainName" value="$sdomainName"> (e.g. - Dogtag Security Domain)</td>
+      </tr>
+    </table>
+<br/>
+<b><input checked type=radio name=choice value="existingdomain">&nbsp;Join an Existing Security Domain </b>
+#end
+<br/>
+Enter the URL to an existing security domain.
+<br/>
+    <table class="details">
+      <tr>
+        <th>Security Domain HTTPS Admin URL (non-clientauth): </th>
+        <td><input type=text size="40" name="sdomainURL" value="$sdomainURL"> (e.g. - https://example.com:9445)</td>
+      </tr>
+    </table>
+<br/>
+<table>
+<tr>
+<td valign="top"><b>NOTE:&nbsp;&nbsp; </b></td>
+<td>Since a Security Domain MUST be a CA (although all CAs are NOT necessarily Security Domains), an appropriate value for this URL may be obtained by logging into the machine which hosts the desired Security Domain CA as 'root' and running the command "$initCommand status $instanceID" from the command-line.</td>
+</tr>
+</table>
+<br/>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/sidemenu.vm b/base/tps/apache/docroot/tps/admin/console/config/sidemenu.vm
new file mode 100644
index 000000000..c3dbf1410
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/sidemenu.vm
@@ -0,0 +1,29 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<div id="sidenav">
+<ul>
+  <li><a href="welcome">Welcome</a></li>
+  <li><a href="database">Internal Database</a></li>
+  <li><a href="module">Security Modules</a></li>
+  <li><a href="size">Key Size</a></li>
+  <li><a href="name">Issuer Name</a></li>
+  <li><a href="hierarchy">PKI Hierarchy</a></li>
+  <li><a href="admin">Administrator</a></li>
+  <li><a href="done">Finish</a></li>
+</ul>
+</div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/sizepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/sizepanel.vm
new file mode 100644
index 000000000..cfcf15190
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/sizepanel.vm
@@ -0,0 +1,303 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<style type="text/css">
+div#advance
+{
+  margin: 0px 20px 0px 20px;
+  display: none;
+}
+div#simple
+{
+  margin: 0px 20px 0px 20px;
+  display: block;
+}
+</style>
+
+<SCRIPT type="text/JavaScript">
+var keys_ecc_curve_list="$keys_ecc_curve_list";
+var keys_ecc_curve_display_list = "$keys_ecc_curve_display_list";
+var keys_rsa_size_display_list = "$keys_rsa_size_display_list";
+
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+
+function toggleLayer(whichLayer)
+{
+  if (document.getElementById) {
+    // this is the way the standards work
+    var style2 = document.getElementById(whichLayer).style;
+    if (style2.display == "block") {
+      style2.display = "none";
+    } else {
+      style2.display = "block";
+    }
+  }
+}
+
+function toggleLayer1(whichLayer)
+{
+  if (document.getElementById) {
+    // this is the way the standards work
+    var style2 = document.getElementById(whichLayer).style;
+    if (style2.display == "block") {
+      style2.display = "none";
+    } else if (style2.display == "") {
+      style2.display = "none";
+    } else {
+      style2.display = "block";
+    }
+  }
+}
+
+function keyTypeChange()
+{
+  var form = document.forms[0];
+
+  var keyTypeSelect = document.forms[0].elements['keytype'];
+  for (var i = 0; i < form.length; i++) {
+    var name = form[i].name;
+    if (name.indexOf('_keytype') != -1) {
+      if (keyTypeSelect.value.indexOf('ecc') != -1) {
+        form.elements[name].selectedIndex = keyTypeSelect.selectedIndex;
+      }
+    }
+  }
+}
+
+function defaultChange()
+{
+  var form = document.forms[0];
+  var choiceSelect = document.forms[0].elements['choice'];
+  for (var i = 0; i < form.length; i++) {
+    var name = form[i].name;
+    if (name.indexOf('_choice') != -1) {
+      for (var j = 0; j < form.elements[name].length; j++) {
+        var c = form.elements[name];
+        c[j].checked = choiceSelect[j].checked;
+      }
+    }
+  }
+}
+
+function customChange()
+{
+  var form = document.forms[0];
+  var choiceSelect = document.forms[0].elements['choice'];
+  for (var i = 0; i < form.length; i++) {
+    var name = form[i].name;
+    if (name.indexOf('_choice') != -1) {
+      for (var j = 0; j < form.elements[name].length; j++) {
+        var c = form.elements[name];
+        c[j].checked = choiceSelect[j].checked;
+      }
+    }
+  }
+}
+
+function textChange()
+{
+  var customSize = document.forms[0].elements['custom_size'];
+  var form = document.forms[0];
+  for (var i = 0; i < form.length; i++) {
+    var name = form[i].name;
+    if (name.indexOf('_custom_size') != -1) {
+      form.elements[name].value = customSize.value;
+    }
+  }
+}
+
+function displayCurveList()
+{
+  var list = keys_ecc_curve_display_list.split(",");
+  var linelen = 0;
+  for (var i=0; i < list.length -1 ; i++) {
+    document.write(list[i] + ",");
+    linelen = linelen + list[i].length;
+    if (linelen >= 60) {
+      document.write("<br/>");
+      linelen=0;
+    }
+  }
+  document.write(list[list.length -1]);
+}
+
+function displayStrengthList()
+{
+  var list = keys_rsa_size_display_list.split(",");
+  var linelen = 0;
+  for (var i=0; i < list.length -1 ; i++) {
+    document.write(list[i] + ",");
+    linelen = linelen + list[i].length;
+    if (linelen >= 60) {
+      document.write("<br/>");
+      linelen=0;
+    }
+  }
+  document.write(list[list.length -1]);
+}
+
+</SCRIPT>
+Select the key pair type(s) and associated key pair size(s) from the pulldown menus. <a href="javascript:toggle_details();">[Details]</a>
+<p>
+Note that only RSA is supported for the audit_signing certificate at this point
+<p>
+<SCRIPT type="text/JavaScript">
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+</SCRIPT>
+<div id=details style="display: none;">
+<p> 
+Each certificate can have its own key pair generated with its own independent settings or common settings can be applied to all key pairs. At minimum, each key pair has to define what <i>type</i> it is by identifying a cipher family and then has to set a <i>strength</i> for that key.
+</p>
+<ul>
+<li>
+<b><i>Key Type</i></b>. Sets the cipher family to use to generate the key pair. RSA and ECC key types have slightly different strength options.
+</li>
+<li>
+<b><i>RSA strength: Key Size</i></b>. Sets the key length for the generated pair. The key length can be one of the lenghs listed below.  Longer keys are stronger, which makes them more secure.
+However, longer key pair sizes also increase the time required to perform operations such as signing certificates, so long keys can affect performance.
+<br/><ul style="list-style:none"><li><i>
+<SCRIPT type="text/JavaScript">
+displayStrengthList();
+</SCRIPT></i></li></ul>
+</li>
+<li>
+<b><i>ECC strength: Curve Name</i></b>. Sets the curve algorithm to use, which can be any one of the curves listed below.  The curves that are included in parenthesis are equivalent - and either name can be used.  Note that not all curves may be supported by the token.
+<br/><ul style="list-style:none"><li><i>
+<SCRIPT type="text/JavaScript">
+displayCurveList();
+</SCRIPT></i></li></ul>
+</li>
+</ul>
+<br/>
+</div>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<p>
+<div id="simple">
+<p>
+<table width=100%>
+<tr>
+  <td align=right><a href="javascript:toggleLayer1('simple'); toggleLayer('advance');" title="Advanced">[Advanced]</a></td>
+</tr>
+</table>
+<p>
+<H2>Common Key Settings</H2>
+<p>
+<table width=100% class="details">
+      <tr>
+        <th width="30%">Key Type:</th>
+        <td><select name="keytype" onChange="keyTypeChange()"><option value=rsa>RSA</option><option value=ecc>ECC</option></select></td>
+      </tr>
+</table>
+<p>
+
+<p>
+    <input
+#if ($select == "default")
+ checked
+#end
+ onChange="defaultChange()" type=radio name="choice" value="default"><b>Use the default key size ($default_keysize  bits for RSA; curve $default_ecc_curvename  for ECC)</b>.
+    <p>
+    <input
+#if ($select == "custom")
+ checked
+#end
+ onChange="customChange()" type=radio name="choice" value="custom"><b>Use the following custom key strength:</b>
+                                                                                
+    <p>
+<table width=100% class="details">
+      <tr>
+        <th>Key Size or Curve (see Details above):</th>
+        <td><input onChange="textChange()" type="text" size="20" name="custom_size" value="" /></td>
+      </tr>
+</table>
+<p>
+</div>
+
+<div id="advance">
+<p>
+<table width=100%>
+<tr>
+  <td align=right><a href="javascript:toggleLayer1('simple');toggleLayer('advance');" title="Simple">[Simple]</a></td>
+</tr>
+</table>
+
+#foreach ($item in $certs)
+<H2>Key for $item.getUserFriendlyName()</H2>
+<p>
+<table width=100% class="details">
+      <tr>
+        <th width="30%">Key Type:</th>
+#if ($item.getCertTag() == "audit_signing")
+        <td><select name="$item.getCertTag()_keytype"><option value=rsa>RSA</option></select></td>
+#else
+        <td><select name="$item.getCertTag()_keytype"><option value=rsa>RSA</option><option value=ecc>ECC</option></select></td>
+#end
+      </tr>
+</table>
+<p>
+    <input
+#if ($item.useDefaultKey())
+ checked
+#end
+ type=radio name=$item.getCertTag()_choice value="default"><b>Use the default key size ($default_keysize bits for RSA, curve $default_ecc_curvename for ECC).
+    <p>
+    <input
+#if (!$item.useDefaultKey())
+ checked
+#end
+ type=radio name=$item.getCertTag()_choice value="custom"><b>Use the following custom key strength:</b>
+                                                                                
+    <p>
+<table width=100% class="details">
+      <tr>
+        <th>Key Size or Curve (see Details above):</th>
+        <td><input type="text" size="20" name=$item.getCertTag()_custom_size value="" /></td>
+      </tr>
+</table>
+#end
+</div>
+
+<br/>
+<br/>
+<br/>
+#if ($firsttime == 'false')
+<input type="CHECKBOX" NAME="generateKeyPair">New Keys<p>
+#end
+<p>
+    <div align="right">
+      <hr />
+<i>Note: After pressing Next, keys will be generated on the server, which will take some time to complete.  Please wait for the next panel to appear.</i>
+      &nbsp;
+    </div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/tksinfopanel.vm b/base/tps/apache/docroot/tps/admin/console/config/tksinfopanel.vm
new file mode 100644
index 000000000..1f6ee162f
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/tksinfopanel.vm
@@ -0,0 +1,50 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT LANGUAGE="JavaScript">
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+
+</SCRIPT>
+The Token Key Service (TKS) is responsible for managing master keys that are used for establishing secure channels. Select an HTTPS Agent URL of a TKS from the list below.
+<p>
+#if ($errorString != "")
+<img src="/pki/images/icon_crit_update.gif">&nbsp;<font color="red">$errorString</font>
+#end
+<p>
+    <table class="details">
+      <tr>
+        <th>URL:</th>
+        <td><select name="urls">
+           #if ($urls_size != 0)
+           #set ($x=0)
+           #foreach ($p in $urls)
+               <option value="$x">$p</option>
+               #set ($x=$x+1)
+           #end
+           #end
+            </select>
+        </td>
+      </tr>
+    </table>
+    <div align="right">
+      <hr />
+    </div>
+<p>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/topmenu.vm b/base/tps/apache/docroot/tps/admin/console/config/topmenu.vm
new file mode 100644
index 000000000..c76b2e8fa
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/topmenu.vm
@@ -0,0 +1,20 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<ul>
+<li id="mainFirst-active"><a href="wizard" class="mainFirstLink">Setup Wizard</a></li>
+</ul>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/welcomepanel.vm b/base/tps/apache/docroot/tps/admin/console/config/welcomepanel.vm
new file mode 100644
index 000000000..619560dd3
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/welcomepanel.vm
@@ -0,0 +1,57 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<SCRIPT type="text/JavaScript">
+function myOnLoad() {
+}
+
+function performPanel() {
+    with (document.forms[0]) {
+        submit();
+    }
+}
+</SCRIPT>
+<H2>$wizardname</H2>
+The $fullsystemname
+ configuration wizard will guide the administrator through the process of configuring a single instance of the $fullsystemname
+ ($systemname). <a href="javascript:toggle_details();">[Details]</a>
+                                                                                
+<SCRIPT type="text/JavaScript">
+function toggle_details()
+{
+  d = document.getElementById('details');
+  if (d.style.display == "block") {
+    d.style.display="none";
+  } else {
+    d.style.display="block";
+  }
+}
+</script>
+                                                                                
+<div id=details style="display: none;">
+<p>
+A Public Key Infrastructure (PKI) system creates, manages, and revokes keys and certificates.
+<p>
+Dogtag Certificate System (DCS) $productversion &nbsp;
+is a robust PKI system consisting of numerous subsystems including a Certificate Authority (CA), a Registration Authority (RA), a Data Recovery Manager (DRM), an Online Certificate Status Protocol (OCSP) Manager, a Token Key Service (TKS), and a Token Processing System (TPS), as well as a multi-platform smartcard middleware software client called Enterprise Security Client (ESC).
+<p>
+For any subsystem to be useable, a user must use this wizard to configure an instance of this subsystem.
+#if ($systemType != "tps")
+<p>
+Additionally, this wizard may also be used to clone any existing instance to achieve scalability and high-availability.
+#end
+</div>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/wizard.vm b/base/tps/apache/docroot/tps/admin/console/config/wizard.vm
new file mode 100644
index 000000000..31d395edf
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/wizard.vm
@@ -0,0 +1,147 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+  <head>
+    
+    <title>Dogtag Certificate System</title>
+
+    <link rel="shortcut icon" href="/pki/images/favicon.ico" />
+    <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" />
+
+    <META http-equiv=Content-Type content="text/html; charset=UTF-8">
+
+  </head>
+
+<SCRIPT LANGUAGE="JavaScript">
+function process(fop) {
+    with (document.forms[0]) {
+        op.value = fop;
+        if (fop == 'next') {
+            document.getElementById('progress').style.visibility = "visible";
+            performPanel();
+        } else if (fop == 'apply') {
+            document.getElementById('progress').style.visibility = "visible";
+            performPanel();
+        } else {
+            document.getElementById('progress').style.visibility = "visible";
+            submit();
+        }
+    }
+}
+
+</SCRIPT>
+
+  <body><div id="wrap">
+  
+#include ( "tps/admin/console/config/header.vm" )
+
+<div id="mainNavOuter">
+<div id="mainNav">
+
+<div id="mainNavInner">
+
+
+<ul>
+<li id="mainFirst-active"><a href="wizard" class="mainFirstLink">$name</a></li>
+</ul>
+
+</div><!-- end mainNavInner -->
+</div><!-- end mainNav -->
+</div><!-- end mainNavOuter -->
+
+
+<div id="bar">
+
+<div id="systembar">
+<div id="systembarinner">
+
+<div>
+</div>
+
+
+</div>
+</div>
+
+</div>
+<!-- close bar -->
+
+  <div id="content">
+    <table width="100%" cellspacing="0">
+      <tr>
+        <td class="sidebar">
+          
+<div id="sidenav">
+<ul>
+#foreach ($pn in $panels)
+#if (!$pn.isSubPanel())
+  #if ($pn.isPanelDone() == "false")
+    <li><center><font color=black size="2">$pn.getName()</font></center></li>
+  #else
+    <li><center><font color=white size="2">$pn.getName()</font></center></li>
+  #end
+#end
+#end
+</ul>
+</div>
+
+	</td>
+        <td class="page-content" width="100%">
+  <h1><img src="/pki/images/icon-software.gif" />
+  $title </h1>
+
+<form name=f method=post action="wizard">
+<input type=hidden name=p value="$p">
+
+#parse ( $panel )
+
+<input type=hidden name="op" value=''>
+
+</form>
+
+<table width=100% border=0 cellspacing=0 cellpadding=0>
+<tr bgcolor="#eeeeee">
+<td><img id=progress style="visibility: hidden;" src="/pki/images/bigrotation2.gif" /></td>
+<td align=right>
+
+#if ($showApplyButton == "true")
+<input type=button onclick="process('apply')" name=back value="Apply">
+#end
+
+#if ($lastpanel)
+&nbsp;
+#else
+<input type=button onclick="process('next')" name=back value="Next>">
+#end
+
+</td>
+</tr>
+</table>
+
+	</td>
+      </tr>
+    </table>
+
+#include ( "tps/admin/console/config/footer.vm" )
+
+  </div> <!-- close content -->
+  </div> <!-- close wrap -->
+
+  </body>
+</html>
diff --git a/base/tps/apache/docroot/tps/admin/console/config/xml.vm b/base/tps/apache/docroot/tps/admin/console/config/xml.vm
new file mode 100644
index 000000000..31ff72aa2
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/config/xml.vm
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<response>
+  $xml 
+</response>
diff --git a/base/tps/apache/docroot/tps/admin/console/js/misc.js b/base/tps/apache/docroot/tps/admin/console/js/misc.js
new file mode 100644
index 000000000..d4dc336ab
--- /dev/null
+++ b/base/tps/apache/docroot/tps/admin/console/js/misc.js
@@ -0,0 +1,30 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// Copyright (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+/**
+ * This function is to submit the form's parameters and to decide if the 
+ * window should remain open.
+ *
+ * @param f The form
+ * @param fclose true if you want to close the window; otherwise false.
+ */
+function saveConfig(f, fclose) {
+    f.submit();
+    if (fclose == true)
+        window.close();
+}