Formatting (line wrap > 120 in comments

99 files changed, 534 insertions, 240 deletions

diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java
index c98135eaa..508793ddf 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java
@@ -26,7 +26,8 @@ import java.util.Vector;
  * enforcer can verify the ACLs with the current
  * context to see if the corresponding resource is accessible.
  * <P>
- * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be granted
+ * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple <code>ACLEntry</code>
+ * , a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be granted
  * <P>
  * 
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
index 70e4b7c02..8b52b3928 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
@@ -64,7 +64,8 @@ public interface IAuthzManager {
      * own authorization information before full operation. It is supposed
      * to be called from the authzMgrAccessInit() method of the AuthzSubsystem.
      * <p>
-     * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo is the resACLs, whose format should conform to the following:
+     * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo
+     * is the resACLs, whose format should conform to the following:
      * 
      * <pre>
      *    <resource ID>:right-1[,right-n]:[allow,deny](right(s))<evaluatorType>=<value>:<comment for this resource acl
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
index e0fb0ba4b..f161b5e8d 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
@@ -20,9 +20,13 @@ package com.netscape.certsrv.jobs;
 /**
  * class representing one Job cron information
  * <p>
- * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week (0-6 with 0=Sunday)</i>
+ * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in
+ * an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the
+ * following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week
+ * (0-6 with 0=Sunday)</i>
  * <p>
- * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday through Friday, at 11:30am and 11:30pm.
+ * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday
+ * through Friday, at 11:30am and 11:30pm.
  * <p>
  * 
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
index e4daffbe7..f4184853d 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
@@ -30,8 +30,12 @@ import com.netscape.certsrv.base.ISubsystem;
  * if there is any job to be done, if so, a thread is created to execute
  * the job(s).
  * <p>
- * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that hour. <b>The inteval value is
- * recommended at 1 minute, setting it otherwise has the potential of forever missing the beat</b>. Use with caution.
+ * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the
+ * default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the
+ * Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am
+ * on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that
+ * hour. <b>The inteval value is recommended at 1 minute, setting it otherwise has the potential of forever missing the
+ * beat</b>. Use with caution.
  * 
  * @version $Revision$, $Date$
  */
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java
index b89737927..13748f2d1 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java
@@ -103,8 +103,10 @@ public interface IKeyService {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is made (this is when the DRM receives the request)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery request is processed (this is when the DRM processes the request)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is
+     * made (this is when the DRM receives the request)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery
+     * request is processed (this is when the DRM processes the request)
      * </ul>
      * 
      * @param reqID request id
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
index 7d3d7ff71..189530f7a 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
@@ -22,9 +22,11 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This interface represents an enrollment profile.
  * <p>
- * An enrollment profile contains a list of enrollment specific input plugins, default policies, constriant policies and output plugins.
+ * An enrollment profile contains a list of enrollment specific input plugins, default policies, constriant policies and
+ * output plugins.
  * <p>
- * This interface also defines a set of enrollment specific attribute names that can be used to retrieve values from an enrollment request.
+ * This interface also defines a set of enrollment specific attribute names that can be used to retrieve values from an
+ * enrollment request.
  * <p>
  * 
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
index bf1aefcff..469d6dded 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
@@ -31,13 +31,18 @@ import com.netscape.certsrv.request.IRequest;
  * the request with additional values.
  * <p>
  * 
- * During request submission process, a default policy is invoked to populate the default values in the request. The default values will later on be used for execution. The default values are like the parameters for the request.
+ * During request submission process, a default policy is invoked to populate the default values in the request. The
+ * default values will later on be used for execution. The default values are like the parameters for the request.
  * <p>
  * 
- * This policy is called in 2 places. For automated enrollment request, this policy is invoked to populate the HTTP parameters into the request. For request that cannot be executed immediately, this policy will be invoked again right after the agent's approval.
+ * This policy is called in 2 places. For automated enrollment request, this policy is invoked to populate the HTTP
+ * parameters into the request. For request that cannot be executed immediately, this policy will be invoked again right
+ * after the agent's approval.
  * <p>
  * 
- * Each default policy may contain zero or more properties that describe the default value. For example, a X509 Key can be described by its key type, key length, and key data. The properties help to describe the default value into human readable values.
+ * Each default policy may contain zero or more properties that describe the default value. For example, a X509 Key can
+ * be described by its key type, key length, and key data. The properties help to describe the default value into human
+ * readable values.
  * <p>
  * 
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java
index 779bf6a88..0cd39c091 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java
@@ -46,7 +46,8 @@ import com.netscape.cms.profile.common.ProfilePolicy;
  * The output policy is for building the result page.
  * <p>
  * 
- * Each profile can have multiple policy set. Each set is composed of zero or more default policies and zero or more constraint policies.
+ * Each profile can have multiple policy set. Each set is composed of zero or more default policies and zero or more
+ * constraint policies.
  * <p>
  * 
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
index ddb1dae2a..48738d810 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
@@ -39,7 +39,8 @@ public class AgentApprovals
     /**
      * Adds an approval to approval's list.
      * <p>
-     * If an approval is already present for this user, it is updated with a new date. Otherwise a new value is inserted.
+     * If an approval is already present for this user, it is updated with a new date. Otherwise a new value is
+     * inserted.
      * 
      * @param userName user name of the approving agent
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
index 4d23c9032..9998abee7 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
@@ -38,7 +38,8 @@ public interface IPolicy {
      * determine whether the request can be processed immediately,
      * or should be held pending manual approval.
      * <p>
-     * The policy can update fields in the request, to add additional values or to restrict the values to pre-determined ranges.
+     * The policy can update fields in the request, to add additional values or to restrict the values to pre-determined
+     * ranges.
      * <p>
      * 
      * @param request
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
index 507d527ff..8d0b0924c 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
@@ -188,7 +188,8 @@ public interface IRequest {
      * assigned by the originator of the request (for example,
      * the EE servlet or the RA servlet.
      * <p>
-     * The sourceId should be unique so that it can be used to retrieve request later without knowing the locally assigned primary id (RequestID)
+     * The sourceId should be unique so that it can be used to retrieve request later without knowing the locally
+     * assigned primary id (RequestID)
      * <p>
      * 
      * @return
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
index 5c5d13a67..a8f5f7332 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
@@ -59,7 +59,8 @@ public interface IRequestQueue {
      * except for the sourceID of the original request
      * (remote authority's request Id).
      * <p>
-     * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling releaseRequest().
+     * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling
+     * releaseRequest().
      * 
      * @param r request to be cloned
      * @return cloned request
@@ -112,7 +113,8 @@ public interface IRequestQueue {
      * only valid for requests with status BEGIN. An error is
      * generated for other cases.
      * <p>
-     * This call might be used by agent servlets that want to copy a previous request, and resubmit it. By putting it into PENDING state, the normal agent screens can be used for further processing.
+     * This call might be used by agent servlets that want to copy a previous request, and resubmit it. By putting it
+     * into PENDING state, the normal agent screens can be used for further processing.
      * 
      * @param req
      *            the request to mark PENDING
@@ -127,7 +129,8 @@ public interface IRequestQueue {
      * except for the sourceID of the original request
      * (remote authority's request Id).
      * <p>
-     * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling releaseRequest().
+     * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling
+     * releaseRequest().
      * 
      * @param r request to be cloned
      * @return cloned request mark PENDING
@@ -141,9 +144,11 @@ public interface IRequestQueue {
      * <p>
      * This call will fail if: the request is not in PENDING state the policy modules do not accept the request
      * <p>
-     * If the policy modules reject the request, then the request will remain in the PENDING state. Messages from the policy module can be display to the agent to indicate the source of the problem.
+     * If the policy modules reject the request, then the request will remain in the PENDING state. Messages from the
+     * policy module can be display to the agent to indicate the source of the problem.
      * <p>
-     * The request processing code adds an AgentApproval to this request that contains the authentication id of the agent. This data is retrieved from the Session object (qv).
+     * The request processing code adds an AgentApproval to this request that contains the authentication id of the
+     * agent. This data is retrieved from the Session object (qv).
      * 
      * @param request
      *            the request that is being approved
@@ -157,7 +162,8 @@ public interface IRequestQueue {
      * <p>
      * This call will fail if: the request is not in PENDING state
      * <p>
-     * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the action
+     * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the
+     * action
      * 
      * @param request
      *            the request that is being rejected
@@ -171,7 +177,8 @@ public interface IRequestQueue {
      * <p>
      * This call will fail if: the request is not in PENDING state
      * <p>
-     * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the action
+     * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the
+     * action
      * 
      * @param request
      *            the request that is being canceled
@@ -199,7 +206,8 @@ public interface IRequestQueue {
      * queue. The caller should use the RequestIds to locate
      * each request by calling findRequest().
      * <p>
-     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object.
+     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
+     * object.
      * 
      * @return request list
      */
@@ -211,7 +219,8 @@ public interface IRequestQueue {
      * requests could be listed by specifying RequestStatus.PENDING
      * as the <i>status</i> argument
      * <p>
-     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object.
+     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
+     * object.
      * 
      * @param status request status
      * @return request list
@@ -222,7 +231,8 @@ public interface IRequestQueue {
      * Returns an enumerator that lists all RequestIds for requests
      * that match the filter.
      * <p>
-     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object.
+     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
+     * object.
      * 
      * @param filter search filter
      * @return request list
@@ -233,7 +243,8 @@ public interface IRequestQueue {
      * Returns an enumerator that lists all RequestIds for requests
      * that match the filter.
      * <p>
-     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object.
+     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
+     * object.
      * 
      * @param filter search filter
      * @param maxSize max size to return
@@ -245,7 +256,8 @@ public interface IRequestQueue {
      * Returns an enumerator that lists all RequestIds for requests
      * that match the filter.
      * <p>
-     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object.
+     * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
+     * object.
      * 
      * @param filter search filter
      * @param maxSize max size to return
diff --git a/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java b/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java
index eaaea5efe..6a8bbcbf2 100644
--- a/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java
+++ b/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java
@@ -40,7 +40,8 @@ import com.netscape.certsrv.authentication.ECompSyntaxErr;
  * subject name from ldap attributes and dn.
  * <p>
  * 
- * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
+ * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If
+ * empty or not set, the ldap entry DN will be used as the certificate subject name.
  * <p>
  * 
  * The syntax is
diff --git a/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java b/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java
index 0e747dbe2..8fb84842f 100644
--- a/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java
+++ b/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java
@@ -220,7 +220,8 @@ public class CMCAuth implements IAuthManager, IExtendedPluginInfo,
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY used when CMC (agent-pre-signed) cert requests or revocation requests are submitted and signature is verified
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY used when CMC (agent-pre-signed) cert
+     * requests or revocation requests are submitted and signature is verified
      * </ul>
      * 
      * @param authCred Authentication credentials, CRED_UID and CRED_CMC.
diff --git a/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java b/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java
index 21280f0f9..653a950aa 100644
--- a/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java
+++ b/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java
@@ -32,7 +32,8 @@ import com.netscape.certsrv.base.EBaseException;
  * subject name from ldap attributes and dn.
  * <p>
  * 
- * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
+ * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If
+ * empty or not set, the ldap entry DN will be used as the certificate subject name.
  * <p>
  * 
  * The syntax is
diff --git a/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java b/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java
index 59c5d376b..3120b9e23 100644
--- a/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java
+++ b/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java
@@ -173,7 +173,8 @@ public abstract class DirBasedAuthentication
      * 	dnpattern               - dn pattern.
      * </pre>
      * <p>
-     * <i><b>dnpattern</b></i> is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
+     * <i><b>dnpattern</b></i> is a string representing a subject name pattern to formulate from the directory
+     * attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
      * <p>
      * The syntax is
      * 
diff --git a/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java b/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java
index 3542570a9..02a8f1438 100644
--- a/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java
+++ b/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java
@@ -33,7 +33,8 @@ import com.netscape.certsrv.base.EBaseException;
  * subject name from ldap attributes and dn.
  * <p>
  * 
- * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
+ * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If
+ * empty or not set, the ldap entry DN will be used as the certificate subject name.
  * <p>
  * 
  * The syntax is
diff --git a/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java b/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java
index a4eac0900..dcce8277e 100644
--- a/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java
+++ b/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java
@@ -40,7 +40,8 @@ import com.netscape.cmsutil.util.Utils;
  * An abstract class represents an authorization manager that governs the
  * access of internal resources such as servlets.
  * It parses in the ACLs associated with each protected
- * resources, and provides protected method <CODE>checkPermission</CODE> for code that needs to verify access before performing
+ * resources, and provides protected method <CODE>checkPermission</CODE> for code that needs to verify access before
+ * performing
  * actions.
  * <P>
  * Here is a sample resourceACLS for a resource
@@ -52,7 +53,8 @@ import com.netscape.cmsutil.util.Utils;
  *           allow (execute) group="Administrators";
  * </PRE>
  * 
- * To perform permission checking, code call authz mgr authorize() method to verify access. See AuthzMgr for calling example.
+ * To perform permission checking, code call authz mgr authorize() method to verify access. See AuthzMgr for calling
+ * example.
  * <P>
  * default "evaluators" are used to evaluate the "group=.." or "user=.." rules. See evaluator for more info
  * 
@@ -234,12 +236,19 @@ public abstract class AAclAuthz {
      * marked as privileged, this methods will simply
      * return.
      * <P>
-     * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's considered passed.
+     * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be
+     * evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any
+     * acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's
+     * considered passed.
      * <p>
-     * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and there is no need to continue the check. If passed permission check for "certServer", then it's considered passed, and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at the leaf level, no such resource exist, or
-     * no acis, it's considered passed.
+     * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and
+     * there is no need to continue the check. If passed permission check for "certServer", then it's considered passed,
+     * and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for
+     * permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at
+     * the leaf level, no such resource exist, or no acis, it's considered passed.
      * <p>
-     * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks, will the eventual access be granted.
+     * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks,
+     * will the eventual access be granted.
      * 
      * @param name resource name
      * @param perm permission requested
@@ -293,9 +302,13 @@ public abstract class AAclAuthz {
      * Checks if the permission is granted or denied in
      * the current execution context.
      * <P>
-     * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be granted
+     * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple
+     * <code>ACLEntry</code>, a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be
+     * granted
      * <P>
-     * negative ("deny") aclEntries are treated differently than positive ("allow") statements. If a negative aclEntries fails the acl check, the permission check will return "false" right away; while in the case of a positive aclEntry, if the the aclEntry fails the acl check, the next aclEntry will be evaluated.
+     * negative ("deny") aclEntries are treated differently than positive ("allow") statements. If a negative aclEntries
+     * fails the acl check, the permission check will return "false" right away; while in the case of a positive
+     * aclEntry, if the the aclEntry fails the acl check, the next aclEntry will be evaluated.
      * 
      * @param name resource name
      * @param perm permission requested
@@ -447,12 +460,19 @@ public abstract class AAclAuthz {
      * marked as privileged, this methods will simply
      * return.
      * <P>
-     * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's considered passed.
+     * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be
+     * evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any
+     * acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's
+     * considered passed.
      * <p>
-     * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and there is no need to continue the check. If passed permission check for "certServer", then it's considered passed, and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at the leaf level, no such resource exist, or
-     * no acis, it's considered passed.
+     * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and
+     * there is no need to continue the check. If passed permission check for "certServer", then it's considered passed,
+     * and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for
+     * permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at
+     * the leaf level, no such resource exist, or no acis, it's considered passed.
      * <p>
-     * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks, will the eventual access be granted.
+     * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks,
+     * will the eventual access be granted.
      * 
      * @param authToken authentication token gotten from authentication
      * @param name resource name
diff --git a/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java b/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java
index b2318e7ea..df24f275e 100644
--- a/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java
+++ b/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java
@@ -254,7 +254,9 @@ public class DirAclAuthz extends AAclAuthz
     /**
      * update acls. when memory update is done, flush to ldap.
      * <p>
-     * Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts down, another flush will be attempted.
+     * Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates
+     * lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts
+     * down, another flush will be attempted.
      * 
      * @param id is the resource id
      * @param rights The allowable rights for this resource
diff --git a/pki/base/common/src/com/netscape/cms/logging/LogFile.java b/pki/base/common/src/com/netscape/cms/logging/LogFile.java
index 143e59d8d..30920d4cd 100644
--- a/pki/base/common/src/com/netscape/cms/logging/LogFile.java
+++ b/pki/base/common/src/com/netscape/cms/logging/LogFile.java
@@ -697,7 +697,8 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_SIGNING used when a signature on the audit log is generated (same as "flush" time)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_SIGNING used when a signature on the audit log is generated (same as
+     * "flush" time)
      * </ul>
      * 
      * @exception IOException for input/output problems
diff --git a/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java b/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java
index 783534485..e085937e5 100644
--- a/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java
+++ b/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java
@@ -285,7 +285,8 @@ public class RollingLogFile extends LogFile {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_DELETE used AFTER audit log expires (authorization should not allow, but in case authorization gets compromised make sure it is written AFTER the log expiration happens)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_DELETE used AFTER audit log expires (authorization should not allow,
+     * but in case authorization gets compromised make sure it is written AFTER the log expiration happens)
      * </ul>
      * 
      * @param expirationSeconds The number of seconds since the expired files
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java b/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java
index c9e9401a5..b7a24bd65 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java
@@ -58,7 +58,9 @@ public class AgentPolicy extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=AgentPolicy ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com ra.Policy.rule.<ruleName>.class=xxxx ra.Policy.rule.<ruleName>.params.*
+     * ra.Policy.rule.<ruleName>.implName=AgentPolicy ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com ra.Policy.rule.<ruleName>.class=xxxx
+     * ra.Policy.rule.<ruleName>.params.*
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java
index 5ad1f6c49..9ad322085 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java
@@ -95,7 +95,10 @@ public class DSAKeyConstraints extends APolicyRule
      * Initializes this policy rule.
      * <P>
      * 
-     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=DSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=1024 ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com
+     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=DSAKeyConstraints
+     * ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512
+     * ra.Policy.rule.<ruleName>.maxSize=1024 ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o ==
+     * netscape.com
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java b/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java
index fd1436469..f341dd224 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java
@@ -56,7 +56,8 @@ public class DefaultRevocation extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=DefaultRevocation ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com
+     * ra.Policy.rule.<ruleName>.implName=DefaultRevocation ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java
index c523ae9f2..14cd9ece4 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java
@@ -87,7 +87,9 @@ public class KeyAlgorithmConstraints extends APolicyRule
      * Initializes this policy rule.
      * <P>
      * 
-     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate=ou==Sales
+     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints
+     * ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.predicate=ou==Sales
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java b/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java
index 1abc5bda0..b93487609 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java
@@ -56,7 +56,8 @@ public class ManualAuthentication extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=ManualAuthentication ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com
+     * ra.Policy.rule.<ruleName>.implName=ManualAuthentication ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
index 57176950a..d6dde414a 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
@@ -100,7 +100,9 @@ public class RSAKeyConstraints extends APolicyRule
      * 
      * The entries probably are of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=RSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=2048 ra.Policy.rule.<ruleName>.predicate=ou==Marketing
+     * ra.Policy.rule.<ruleName>.implName=RSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=2048
+     * ra.Policy.rule.<ruleName>.predicate=ou==Marketing
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java
index 8b7f90202..2b220cb8f 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java
@@ -96,7 +96,8 @@ public class RenewalConstraints extends APolicyRule
      * 
      * The entries probably are of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.allowExpiredCerts=true
+     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.allowExpiredCerts=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java
index b65e97773..862f8ac5a 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java
@@ -112,7 +112,9 @@ public class RenewalValidityConstraints extends APolicyRule
      * 
      * The entries probably are of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180 ra.Policy.rule.<ruleName>.renewalInterval=15 ra.Policy.rule.<ruleName>.predicate=ou==Sales
+     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180
+     * ra.Policy.rule.<ruleName>.renewalInterval=15 ra.Policy.rule.<ruleName>.predicate=ou==Sales
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java
index b18e4b7f9..d4859195d 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java
@@ -91,7 +91,8 @@ public class RevocationConstraints extends APolicyRule
      * 
      * The entries probably are of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.allowExpiredCerts=true
+     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.allowExpiredCerts=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java
index 94a4ebda9..1dd99702f 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java
@@ -94,7 +94,9 @@ public class SigningAlgorithmConstraints extends APolicyRule
      * Initializes this policy rule.
      * <P>
      * 
-     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=SigningAlgorithmConstraints ra.Policy.rule.<ruleName>.algorithms=SHA-1WithRSA, SHA-1WithDSA ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate=ou==Sales
+     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=SigningAlgorithmConstraints
+     * ra.Policy.rule.<ruleName>.algorithms=SHA-1WithRSA, SHA-1WithDSA ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.predicate=ou==Sales
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java
index ae3d66a1f..dea3d9a9c 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java
@@ -78,7 +78,9 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli
      * Initializes this policy rule.
      * <P>
      * 
-     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate=ou==Sales
+     * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints
+     * ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.predicate=ou==Sales
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java
index f4b3367b8..a3eeae98c 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java
@@ -106,7 +106,9 @@ public class UniqueSubjectNameConstraints extends APolicyRule
      * 
      * The entries probably are of the form:
      * 
-     * ca.Policy.rule.<ruleName>.implName=UniqueSubjectName ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.enablePreAgentApprovalChecking=true ca.Policy.rule.<ruleName>.enableKeyUsageExtensionChecking=true
+     * ca.Policy.rule.<ruleName>.implName=UniqueSubjectName ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.enablePreAgentApprovalChecking=true
+     * ca.Policy.rule.<ruleName>.enableKeyUsageExtensionChecking=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java
index ef35f5e64..1ebf9a0b8 100644
--- a/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java
+++ b/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java
@@ -118,7 +118,9 @@ public class ValidityConstraints extends APolicyRule
      * 
      * The entries probably are of the form:
      * 
-     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180 ra.Policy.rule.<ruleName>.predicate=ou==Sales
+     * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true
+     * ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180
+     * ra.Policy.rule.<ruleName>.predicate=ou==Sales
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java
index 059782570..cf94d73ee 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java
@@ -136,7 +136,8 @@ public class AuthInfoAccessExt extends APolicyRule implements
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.predicate=
+     * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java
index 12f2a74ff..10aa8630f 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java
@@ -96,7 +96,8 @@ public class BasicConstraintsExt extends APolicyRule
      * <p>
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.implName=BasicConstraintsExtImpl ca.Policy.rule.<ruleName>.pathLen=<n>, -1 for undefined. ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.implName=BasicConstraintsExtImpl ca.Policy.rule.<ruleName>.pathLen=<n>, -1 for
+     * undefined. ca.Policy.rule.<ruleName>.enable=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java
index 76f4f04c7..e2c31cf5a 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java
@@ -93,7 +93,8 @@ public class CertificatePoliciesExt extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName=
+     * ca.Policy.rule.<ruleName>.enable=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java
index 35e5be1ad..88ffb4dff 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java
@@ -103,7 +103,8 @@ public class CertificateScopeOfUseExt extends APolicyRule implements
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.predicate=
+     * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java b/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java
index d8c176130..f58ce5539 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java
@@ -333,7 +333,8 @@ public class GenericASN1Ext extends APolicyRule implements
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.implName=genericASNExt ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.predicate=
+     * ca.Policy.rule.<ruleName>.implName=genericASNExt ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java
index 4b2da43dd..7540191f3 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java
@@ -91,7 +91,8 @@ public class NSCCommentExt extends APolicyRule
      * <p>
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.implName=NSCCommentExtImpl ca.Policy.rule.<ruleName>.displayText=<n> ca.Policy.rule.<ruleName>.commentFile=<n> ca.Policy.rule.<ruleName>.enable=false
+     * ca.Policy.rule.<ruleName>.implName=NSCCommentExtImpl ca.Policy.rule.<ruleName>.displayText=<n>
+     * ca.Policy.rule.<ruleName>.commentFile=<n> ca.Policy.rule.<ruleName>.enable=false
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java
index c39be6982..3492ea5ed 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java
@@ -92,7 +92,8 @@ public class NameConstraintsExt extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName=
+     * ca.Policy.rule.<ruleName>.enable=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java
index ec0de7355..ec6762701 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java
@@ -93,7 +93,8 @@ public class PolicyConstraintsExt extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName=
+     * ca.Policy.rule.<ruleName>.enable=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java
index 22c2e85bc..f3ef6c710 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java
@@ -87,7 +87,8 @@ public class PolicyMappingsExt extends APolicyRule
      * 
      * The entries may be of the form:
      * 
-     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true
+     * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName=
+     * ca.Policy.rule.<ruleName>.enable=true
      * 
      * @param config The config store reference
      */
diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java
index 86263e484..8152db07b 100644
--- a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java
+++ b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java
@@ -51,7 +51,9 @@ import com.netscape.cms.policy.APolicyRule;
  * 
  * Adds the subject alternative name extension depending on the certificate type requested.
  * 
- * Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative forms may be certified. Only the primary goes in the subjectName position (which should be phased out).
+ * Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by
+ * the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative
+ * forms may be certified. Only the primary goes in the subjectName position (which should be phased out).
  * 
  * e mailAlternateAddress
  * <P>
diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
index 64abe57a5..efbeb42be 100644
--- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
+++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
@@ -1234,11 +1234,13 @@ public abstract class EnrollProfile extends BasicProfile
      * Populate input
      * <P>
      * 
-     * (either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT made through a connector)
+     * (either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT
+     * made through a connector)
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before
+     * approval process)
      * </ul>
      * 
      * @param ctx profile context
diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java
index 076ba6b30..98fb41496 100644
--- a/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java
+++ b/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java
@@ -45,7 +45,8 @@ import com.netscape.certsrv.request.IRequest;
  * request attributes and cert subject name.
  * <p>
  * 
- * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
+ * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and
+ * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
  * <p>
  * 
  * The syntax is
@@ -96,7 +97,8 @@ import com.netscape.certsrv.request.IRequest;
  * <p>
  * </pre>
  * 
- * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.
+ * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk
+ * that a wrong dn will be mapped into.
  * 
  * @version $Revision$, $Date$
  */
diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java
index b33698863..4eb6baeca 100644
--- a/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java
+++ b/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java
@@ -35,7 +35,8 @@ import com.netscape.certsrv.request.IRequest;
  * request attributes and cert subject name.
  * <p>
  * 
- * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
+ * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and
+ * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
  * <p>
  * 
  * The syntax is
@@ -73,7 +74,8 @@ import com.netscape.certsrv.request.IRequest;
  * <p>
  * </pre>
  * 
- * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into.
+ * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk
+ * that a wrong dn will be mapped into.
  * 
  * @version $Revision$, $Date$
  */
diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java
index ad788b12b..c494627f1 100644
--- a/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java
+++ b/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java
@@ -34,7 +34,8 @@ import com.netscape.certsrv.request.IRequest;
  * request attributes and cert subject name.
  * <p>
  * 
- * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
+ * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and
+ * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
  * <p>
  * 
  * The syntax is
@@ -72,7 +73,8 @@ import com.netscape.certsrv.request.IRequest;
  * <p>
  * </pre>
  * 
- * If an request attribute or subject DN component does not exist, the attribute is skipped.There is potential risk that a wrong dn will be mapped into.
+ * If an request attribute or subject DN component does not exist, the attribute is skipped.There is potential risk that
+ * a wrong dn will be mapped into.
  * 
  * @version $Revision$, $Date$
  */
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java
index 1d68d3bc4..72838eb55 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java
@@ -278,7 +278,8 @@ public class AdminServlet extends HttpServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only
+     * webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used)
      * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
      * </ul>
      * 
@@ -615,7 +616,8 @@ public class AdminServlet extends HttpServlet {
      * <ul>
      * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
      * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one accesses a role port)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one
+     * accesses a role port)
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
index 4a0591060..fa3933ed6 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
@@ -518,7 +518,8 @@ public class CAAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
+     * frequency, CRL format)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -673,7 +674,8 @@ public class CAAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
+     * frequency, CRL format)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -833,7 +835,8 @@ public class CAAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
+     * frequency, CRL format)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -974,7 +977,8 @@ public class CAAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
+     * frequency, CRL format)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1191,7 +1195,8 @@ public class CAAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
+     * frequency, CRL format)
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
index 7f5a96e9d..92cbb8885 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
@@ -518,7 +518,8 @@ public final class CMSAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION used when configuring encryption (cert settings and SSL cipher preferences)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION used when configuring encryption (cert settings and SSL
+     * cipher preferences)
      * </ul>
      * 
      * @exception ServletException a servlet error has occurred
@@ -1468,7 +1469,8 @@ public final class CMSAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to import CA certs into the certificate database
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to
+     * import CA certs into the certificate database
      * </ul>
      * 
      * @exception ServletException a servlet error has occurred
@@ -1894,7 +1896,8 @@ public final class CMSAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to import CA certs into the certificate database
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to
+     * import CA certs into the certificate database
      * </ul>
      * 
      * @exception ServletException a servlet error has occurred
@@ -2312,7 +2315,8 @@ public final class CMSAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to import a CA cross-signed certificate into the database
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to
+     * import a CA cross-signed certificate into the database
      * </ul>
      * 
      * @exception ServletException a servlet error has occurred
@@ -3055,7 +3059,8 @@ public final class CMSAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Manage Certificate" is used to edit the trustness of certs and deletion of certs
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Manage Certificate" is used to edit
+     * the trustness of certs and deletion of certs
      * </ul>
      * 
      * @exception ServletException a servlet error has occurred
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
index 256792245..dadbf4088 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
@@ -1422,8 +1422,11 @@ public class LogAdminServlet extends AdminServlet {
      * 
      * <ul>
      * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE used when log file name (including any path changes) for any of audit, system, transaction, or other customized log file change is attempted (authorization should not allow, but make sure it's written after the attempt)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE used when log expiration time change is attempted (authorization should not allow, but make sure it's written after the attempt)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE used when log file name (including any path changes) for
+     * any of audit, system, transaction, or other customized log file change is attempted (authorization should not
+     * allow, but make sure it's written after the attempt)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE used when log expiration time change is attempted
+     * (authorization should not allow, but make sure it's written after the attempt)
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
index a968b5b35..338a58239 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
@@ -229,7 +229,8 @@ public class OCSPAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under Online Certificate Status Manager)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under
+     * Online Certificate Status Manager)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -318,7 +319,8 @@ public class OCSPAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under Online Certificate Status Manager)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under
+     * Online Certificate Status Manager)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -466,7 +468,8 @@ public class OCSPAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under Online Certificate Status Manager)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under
+     * Online Certificate Status Manager)
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java
index e2193cd63..f34a82770 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java
@@ -483,7 +483,8 @@ public class PolicyAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
+     * extensions
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -604,7 +605,8 @@ public class PolicyAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
+     * extensions
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -710,7 +712,8 @@ public class PolicyAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
+     * extensions
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -849,7 +852,8 @@ public class PolicyAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
+     * extensions
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1005,7 +1009,8 @@ public class PolicyAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
+     * extensions
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1095,7 +1100,8 @@ public class PolicyAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
+     * extensions
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
index 47771a190..57fadab47 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
@@ -400,7 +400,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -544,7 +545,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -670,7 +672,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -797,7 +800,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -917,7 +921,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1034,7 +1039,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1151,7 +1157,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1288,7 +1295,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1427,7 +1435,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1559,7 +1568,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1678,7 +1688,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1798,7 +1809,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -2279,7 +2291,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -2416,7 +2429,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -2579,7 +2593,8 @@ public class ProfileAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
+     * and cert profile; obsoletes extensions and constraints policies)
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
index 65c005835..8481fffe1 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
@@ -650,11 +650,13 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * Adds a new user to LDAP server
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#user-admin
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -975,11 +977,13 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * Adds a certificate to a user
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#user-admin
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1327,14 +1331,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * Removes a certificate for a user
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#user-admin
      * <P>
      * 
      * In this method, "certDN" is actually a combination of version, serialNumber, issuerDN, and SubjectDN.
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1471,11 +1477,13 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * itself.
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#user-admin
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1639,11 +1647,13 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * Adds a new group in local scope.
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#group
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#group
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1777,11 +1787,13 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * removes a group
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#group
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#group
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -1885,7 +1897,8 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
@@ -2117,11 +2130,13 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * Modifies an existing user in local scope.
      * <P>
      * 
-     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin
+     * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
+     * ui/admin-protocol-definition.html#user-admin
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
+     * users/groups)
      * </ul>
      * 
      * @param req HTTP servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
index 0c262fdf8..2920d0f46 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
@@ -1680,7 +1680,8 @@ public abstract class CMSServlet extends HttpServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only
+     * webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used)
      * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
      * </ul>
      * 
@@ -1881,7 +1882,8 @@ public abstract class CMSServlet extends HttpServlet {
      * <ul>
      * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
      * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one accesses a role port)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one
+     * accesses a role port)
      * </ul>
      * 
      * @param authzMgrName string representing the name of the authorization
diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java
index f7f31b192..2308318ee 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java
@@ -42,7 +42,8 @@ import com.netscape.certsrv.base.IConfigStore;
  * Return some javascript to the request which contains the list of
  * dynamic data in the CMS system.
  * <p>
- * This allows the requestor (browser) to make decisions about what to present in the UI, depending on how CMS is configured
+ * This allows the requestor (browser) to make decisions about what to present in the UI, depending on how CMS is
+ * configured
  * 
  * @version $Revision$, $Date$
  */
@@ -119,19 +120,23 @@ public class DynamicVariablesServlet extends CMSServlet {
      * <li><strong>AuthMgr</strong> - the authentication manager to use to authenticate the request
      * <li><strong>GetClientCert</strong> - whether to request client auth for this request
      * <li><strong>authority</strong> - the authority (ca, ra, drm) to return to the client
-     * <li><strong>dynamicVariables</strong> - a string of the form: serverdate=serverdate(),subsystemname=subsystemname(), http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl()
+     * <li><strong>dynamicVariables</strong> - a string of the form:
+     * serverdate=serverdate(),subsystemname=subsystemname(), http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl()
      * </ul>
      * The dynamicVariables string is parsed by splitting on commas.
      * When services, the HTTP request provides a piece of javascript
      * code as follows.
      * <p>
-     * Each sub expression "lhs=rhs()" forms a javascript statement of the form <i>lhs=xxx;</i> Where lhs is xxx is the result of 'evaluating' the rhs. The possible values for the rhs() function are:
+     * Each sub expression "lhs=rhs()" forms a javascript statement of the form <i>lhs=xxx;</i> Where lhs is xxx is the
+     * result of 'evaluating' the rhs. The possible values for the rhs() function are:
      * <ul>
-     * <li><strong>serverdate()</strong> - the timestamp of the server (used to ensure that the client clock is set correctly)
+     * <li><strong>serverdate()</strong> - the timestamp of the server (used to ensure that the client clock is set
+     * correctly)
      * <li><strong>subsystemname()</strong>
      * <li><strong>http()</strong> - "true" or "false" - is this an http connection (as opposed to https)
      * <li>authmgrs() - a comma separated list of authentication managers
-     * <li>clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. This is defined in the CMS configuration parameter 'cloning.cloneMasterCrlUrl'
+     * <li>clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. This is defined in the CMS
+     * configuration parameter 'cloning.cloneMasterCrlUrl'
      * </ul>
      * 
      * @see javax.servlet.Servlet#init(ServletConfig)
diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java
index f8625ce30..58ad4eabc 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java
@@ -57,7 +57,8 @@ public class SystemInfoServlet extends HttpServlet {
      * value of the 'op' HTTP parameter.
      * <UL>
      * <LI>op = <i>undefined</i> - display a menu with links to the other functionality of this servlet
-     * <li>op = gc - tell the JVM that we want to do a garbage collection and to run finalizers (@see java.lang.Runtime.getRuntime#gc() )
+     * <li>op = gc - tell the JVM that we want to do a garbage collection and to run finalizers (@see
+     * java.lang.Runtime.getRuntime#gc() )
      * <li>op = general - display information about memory, and other JVM informatino
      * <li>op = thread - display details about each thread.
      * </UL>
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
index 629c0e2c9..0d7da7fa8 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
@@ -323,8 +323,10 @@ public class CMCRevReqServlet extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (revoked, expired, on-hold, off-hold)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
+     * "revocation") is made (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
+     * changed (revoked, expired, on-hold, off-hold)
      * </ul>
      * 
      * @param argSet CMS template parameters
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
index 18b9ddd60..1c9838f83 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
@@ -125,7 +125,8 @@ public class DisplayBySerial extends CMSServlet {
     /**
      * Serves HTTP request. The format of this request is as follows:
      * <ul>
-     * <li>http.param serialNumber Decimal serial number of certificate to display (or hex if serialNumber preceded by 0x)
+     * <li>http.param serialNumber Decimal serial number of certificate to display (or hex if serialNumber preceded by
+     * 0x)
      * </ul>
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
index 44b339c5a..3f7a24d64 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
@@ -378,12 +378,15 @@ public class DoRevoke extends CMSServlet {
      * (Certificate Request - either an "agent" cert status change request, or an "EE" cert status change request)
      * <P>
      * 
-     * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change request)
+     * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change
+     * request)
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (revoked, expired, on-hold, off-hold)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
+     * "revocation") is made (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
+     * changed (revoked, expired, on-hold, off-hold)
      * </ul>
      * 
      * @param argSet CMS template parameters
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java
index 259625d14..f17e576d6 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java
@@ -284,12 +284,15 @@ public class DoRevokeTPS extends CMSServlet {
      * (Certificate Request - either an "agent" cert status change request, or an "EE" cert status change request)
      * <P>
      * 
-     * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change request)
+     * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change
+     * request)
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (revoked, expired, on-hold, off-hold)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
+     * "revocation") is made (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
+     * changed (revoked, expired, on-hold, off-hold)
      * </ul>
      * 
      * @param argSet CMS template parameters
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
index bafafb8fd..656d36f85 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
@@ -111,7 +111,9 @@ public class DoUnrevoke extends CMSServlet {
     /**
      * Process the HTTP request.
      * <ul>
-     * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex number by prefixing '0x' to the serialNumber string
+     * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked
+     * with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex
+     * number by prefixing '0x' to the serialNumber string
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
@@ -220,8 +222,10 @@ public class DoUnrevoke extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (taken off-hold)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
+     * "revocation") is made (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
+     * changed (taken off-hold)
      * </ul>
      * 
      * @param argSet CMS template parameters
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java
index 1e18c3c4e..3af743a95 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java
@@ -111,7 +111,9 @@ public class DoUnrevokeTPS extends CMSServlet {
     /**
      * Process the HTTP request.
      * <ul>
-     * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex number by prefixing '0x' to the serialNumber string
+     * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked
+     * with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex
+     * number by prefixing '0x' to the serialNumber string
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
@@ -229,8 +231,10 @@ public class DoUnrevokeTPS extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (taken off-hold)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
+     * "revocation") is made (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
+     * changed (taken off-hold)
      * </ul>
      * 
      * @param serialNumbers the serial number of the certificate
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
index ed66f8441..0c7b73780 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
@@ -315,9 +315,12 @@ public class EnrollServlet extends CMSServlet {
     /**
      * Process the HTTP request.
      * <UL>
-     * <LI>If the request is coming through the admin port, it is only allowed to continue if 'admin enrollment' is enabled in the CMS.cfg file
-     * <LI>If the CMS.cfg parameter useThreadNaming is true, the current thread is renamed with more information about the current request ID
-     * <LI>The request is preprocessed, then processed further in one of the cert request processor classes: KeyGenProcessor, PKCS10Processor, CMCProcessor, CRMFProcessor
+     * <LI>If the request is coming through the admin port, it is only allowed to continue if 'admin enrollment' is
+     * enabled in the CMS.cfg file
+     * <LI>If the CMS.cfg parameter useThreadNaming is true, the current thread is renamed with more information about
+     * the current request ID
+     * <LI>The request is preprocessed, then processed further in one of the cert request processor classes:
+     * KeyGenProcessor, PKCS10Processor, CMCProcessor, CRMFProcessor
      * </UL>
      * 
      * @param cmsReq the object holding the request and response information
@@ -690,15 +693,20 @@ public class EnrollServlet extends CMSServlet {
      * Process X509 certificate enrollment request
      * <P>
      * 
-     * (Certificate Request - either an "admin" cert request for an admin certificate, an "agent" cert request for "bulk enrollment", or an "EE" standard cert request)
+     * (Certificate Request - either an "admin" cert request for an admin certificate, an "agent" cert request for
+     * "bulk enrollment", or an "EE" standard cert request)
      * <P>
      * 
-     * (Certificate Request Processed - either an automated "admin" non-profile based CA admin cert acceptance, an automated "admin" non-profile based CA admin cert rejection, an automated "EE" non-profile based cert acceptance, or an automated "EE" non-profile based cert rejection)
+     * (Certificate Request Processed - either an automated "admin" non-profile based CA admin cert acceptance, an
+     * automated "admin" non-profile based CA admin cert rejection, an automated "EE" non-profile based cert acceptance,
+     * or an automated "EE" non-profile based cert rejection)
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made
+     * (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param cmsReq a certificate enrollment request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
index 2e6bc228d..c12c8193d 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
@@ -194,8 +194,10 @@ public class ListCerts extends CMSServlet {
      * <ul>
      * <li>http.param maxCount Number of certificates to show
      * <li>http.param queryFilter and ldap style filter specifying the certificates to show
-     * <li>http.param querySentinelDown the serial number of the first certificate to show (default decimal, or hex if prefixed with 0x) when paging down
-     * <li>http.param querySentinelUp the serial number of the first certificate to show (default decimal, or hex if prefixed with 0x) when paging up
+     * <li>http.param querySentinelDown the serial number of the first certificate to show (default decimal, or hex if
+     * prefixed with 0x) when paging down
+     * <li>http.param querySentinelUp the serial number of the first certificate to show (default decimal, or hex if
+     * prefixed with 0x) when paging up
      * <li>http.param direction "up", "down", "begin", or "end"
      * </ul>
      */
diff --git a/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java b/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java
index 25589abce..ca7759d5a 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java
@@ -406,9 +406,12 @@ public class ConnectorServlet extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is successful (this is used when data does not need to be captured)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before
+     * approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is
+     * successful (this is used when data does not need to be captured)
      * </ul>
      * 
      * @param source string containing source
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java b/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java
index dad214875..a40edee80 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java
@@ -187,7 +187,8 @@ public class GrantAsyncRecovery extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents to approve key recovery requests
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents
+     * to approve key recovery requests
      * </ul>
      * 
      * @param argSet CMS template parameters
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java b/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java
index a70696445..a7b256e83 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java
@@ -193,7 +193,8 @@ public class GrantRecovery extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents to approve key recovery requests
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents
+     * to approve key recovery requests
      * </ul>
      * 
      * @param argSet CMS template parameters
diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
index 93936ca1d..52efb1451 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
@@ -98,9 +98,12 @@ public class AddCAServlet extends CMSServlet {
     /**
      * Process the HTTP request.
      * <ul>
-     * <li>http.param cert ca certificate. The format is base-64, DER encoded, wrapped with -----BEGIN CERTIFICATE-----, -----END CERTIFICATE----- strings
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST used when a CA is attempted to be added to the OCSP responder
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED used when an add CA request to the OCSP Responder is processed
+     * <li>http.param cert ca certificate. The format is base-64, DER encoded, wrapped with -----BEGIN CERTIFICATE-----,
+     * -----END CERTIFICATE----- strings
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST used when a CA is attempted to be added to the OCSP
+     * responder
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED used when an add CA request to the OCSP
+     * Responder is processed
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java
index 8a3ea60b9..2dec0e1f5 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java
@@ -105,10 +105,13 @@ public class AddCRLServlet extends CMSServlet {
      * <P>
      * 
      * <ul>
-     * <li>http.param crl certificate revocation list, base-64, DER encoded wrapped in -----BEGIN CERTIFICATE REVOCATION LIST-----, -----END CERTIFICATE REVOCATION LIST----- strings
+     * <li>http.param crl certificate revocation list, base-64, DER encoded wrapped in -----BEGIN CERTIFICATE REVOCATION
+     * LIST-----, -----END CERTIFICATE REVOCATION LIST----- strings
      * <li>http.param noui if true, use minimal hardcoded text response
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_RETRIEVAL used when CRLs are retrieved by the OCSP Responder ("agent" or "EE")
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_VALIDATION used when CRL is retrieved and validation process occurs ("agent" or "EE")
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_RETRIEVAL used when CRLs are retrieved by the OCSP Responder ("agent"
+     * or "EE")
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_VALIDATION used when CRL is retrieved and validation process occurs
+     * ("agent" or "EE")
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
index fbb5ce49f..5ccb87125 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
@@ -100,7 +100,8 @@ public class CheckCertServlet extends CMSServlet {
     /**
      * Process the HTTP request.
      * <ul>
-     * <li>http.param cert certificate to check. Base64, DER encoded, wrapped in -----BEGIN CERTIFICATE-----, -----END CERTIFICATE----- strings
+     * <li>http.param cert certificate to check. Base64, DER encoded, wrapped in -----BEGIN CERTIFICATE-----, -----END
+     * CERTIFICATE----- strings
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java
index d747bd4b0..ab92a7c67 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java
@@ -89,8 +89,11 @@ public class RemoveCAServlet extends CMSServlet {
      * Process the HTTP request.
      * <ul>
      * <li>http.param ca id. The format is string.
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST used when a CA is attempted to be removed from the OCSP responder
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS and LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE are used when a remove CA request to the OCSP Responder is processed successfully or not.
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST used when a CA is attempted to be removed from the
+     * OCSP responder
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS and
+     * LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE are used when a remove CA request to the OCSP
+     * Responder is processed successfully or not.
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java
index ea0358dbb..094ea263c 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java
@@ -90,7 +90,8 @@ public class CRMFProcessor extends PKIProcessor {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof of possession is checked during certificate enrollment
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof of possession is checked during
+     * certificate enrollment
      * </ul>
      * 
      * @param certReqMsg the certificate request message
diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
index dafdb33da..ebd0b6c0c 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
@@ -85,7 +85,8 @@ public class ProfileApproveServlet extends ProfileServlet {
      * 
      * <ul>
      * <li>http.param profileId the id of the profile to change
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL used when an agent approves/disapproves a cert profile set by the administrator for automatic approval
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL used when an agent approves/disapproves a cert
+     * profile set by the administrator for automatic approval
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java
index ede2416e6..8a8d65d90 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java
@@ -551,7 +551,8 @@ public class ProfileProcessServlet extends ProfileServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param request the servlet request
@@ -607,7 +608,8 @@ public class ProfileProcessServlet extends ProfileServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param request the servlet request
@@ -663,7 +665,8 @@ public class ProfileProcessServlet extends ProfileServlet {
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param request the servlet request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java
index d1ee896a7..04a2c55d5 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java
@@ -213,12 +213,14 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
      * Process the HTTP request
      * <P>
      * 
-     * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE" profile based cert rejection)
+     * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE"
+     * profile based cert rejection)
      * <P>
      * 
      * <ul>
      * <li>http.param profileId ID of profile to use to process request
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
index 144823a26..9c36b0aea 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
@@ -440,12 +440,14 @@ public class ProfileSubmitServlet extends ProfileServlet {
      * Process the HTTP request
      * <P>
      * 
-     * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE" profile based cert rejection)
+     * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE"
+     * profile based cert rejection)
      * <P>
      * 
      * <ul>
      * <li>http.param profileId ID of profile to use to process request
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param cmsReq the object holding the request and response information
diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java b/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
index 6522bdf45..b53413dcf 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
@@ -138,7 +138,8 @@ public class CheckRequest extends CMSServlet {
      * Process the HTTP request.
      * <ul>
      * <li>http.param requestId ID of the request to check
-     * <li>http.param format if 'id', then check the request based on the request ID parameter. If set to CMC, then use the 'queryPending' parameter.
+     * <li>http.param format if 'id', then check the request based on the request ID parameter. If set to CMC, then use
+     * the 'queryPending' parameter.
      * <li>http.param queryPending query formatted as a CMC request
      * </ul>
      * 
diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java b/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
index 7a63e1a11..6e782f5ab 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
@@ -368,12 +368,15 @@ public class ProcessCertReq extends CMSServlet {
      * (Certificate Request - an "agent" cert request for "cloning")
      * <P>
      * 
-     * (Certificate Request Processed - either a manual "agent" non-profile based cert acceptance, a manual "agent" non-profile based cert cancellation, or a manual "agent" non-profile based cert rejection)
+     * (Certificate Request Processed - either a manual "agent" non-profile based cert acceptance, a manual "agent"
+     * non-profile based cert cancellation, or a manual "agent" non-profile based cert rejection)
      * <P>
      * 
      * <ul>
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made (before approval process)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made
+     * (before approval process)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
+     * through the approval process
      * </ul>
      * 
      * @param cmsReq a certificate enrollment request
diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
index 3a12819f3..3cb270466 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
@@ -210,10 +210,13 @@ public class QueryReq extends CMSServlet {
     /**
      * Process the HTTP request.
      * <ul>
-     * <li>http.param reqState request state (one of showAll, showWaiting, showInService, showCancelled, showRejected, showCompleted)
+     * <li>http.param reqState request state (one of showAll, showWaiting, showInService, showCancelled, showRejected,
+     * showCompleted)
      * <li>http.param reqType
-     * <li>http.param seqNumFromDown request ID to start at (decimal, or hex if when paging down seqNumFromDown starts with 0x)
-     * <li>http.param seqNumFromUp request ID to start at (decimal, or hex if when paging up seqNumFromUp starts with 0x)
+     * <li>http.param seqNumFromDown request ID to start at (decimal, or hex if when paging down seqNumFromDown starts
+     * with 0x)
+     * <li>http.param seqNumFromUp request ID to start at (decimal, or hex if when paging up seqNumFromUp starts with
+     * 0x)
      * <li>http.param maxCount maximum number of records to show
      * <li>http.param totalCount total number of records in set of pages
      * <li>http.param direction "up", "down", "begin", or "end"
diff --git a/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java b/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
index 66bc508d5..1a1aaa634 100644
--- a/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
@@ -186,7 +186,8 @@ public class AuthzSubsystem implements IAuthzSubsystem {
      * to be called during the init() method of a servlet.
      * 
      * @param authzMgrName The authorization manager name
-     * @param accessInfo the access information to be initialized. currently it's acl string in the format specified in the authorization manager
+     * @param accessInfo the access information to be initialized. currently it's acl string in the format specified in
+     *            the authorization manager
      */
     public void authzMgrAccessInit(String authzMgrInstName, String accessInfo)
             throws EAuthzMgrNotFound, EBaseException {
diff --git a/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java b/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java
index 1278ed4f3..8aac76e70 100644
--- a/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java
+++ b/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java
@@ -148,7 +148,8 @@ public class FileConfigStore extends PropConfigStore implements
     /**
      * Saves in-memory properties to a specified file.
      * <P>
-     * Note that the superclass's save is synchronized. It means no properties can be altered (inserted) at the saving time.
+     * Note that the superclass's save is synchronized. It means no properties can be altered (inserted) at the saving
+     * time.
      * <P>
      * 
      * @param fileName filename
diff --git a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
index 9bc2a0f00..7b1c6bae4 100644
--- a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
+++ b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
@@ -36,10 +36,14 @@ import java.util.Hashtable;
  * or loaded from a stream. Each key and its corresponding value in
  * the property list is a string.
  * <p>
- * A property list can contain another property list as its "defaults"; this second property list is searched if the property key is not found in the original property list.
+ * A property list can contain another property list as its "defaults"; this second property list is searched if the
+ * property key is not found in the original property list.
  * 
- * Because <code>Properties</code> inherits from <code>Hashtable</code>, the <code>put</code> and <code>putAll</code> methods can be applied to a <code>Properties</code> object. Their use is strongly discouraged as they allow the caller to insert entries whose keys or values are not <code>Strings</code>. The <code>setProperty</code> method should be used instead. If the <code>store</code> or <code>save</code> method is called on a "compromised" <code>Properties</code> object that contains a non-
- * <code>String</code> key or value, the call will fail.
+ * Because <code>Properties</code> inherits from <code>Hashtable</code>, the <code>put</code> and <code>putAll</code>
+ * methods can be applied to a <code>Properties</code> object. Their use is strongly discouraged as they allow the
+ * caller to insert entries whose keys or values are not <code>Strings</code>. The <code>setProperty</code> method
+ * should be used instead. If the <code>store</code> or <code>save</code> method is called on a "compromised"
+ * <code>Properties</code> object that contains a non- <code>String</code> key or value, the call will fail.
  * 
  */
 public class SimpleProperties extends Hashtable<String, String> {
@@ -95,15 +99,29 @@ public class SimpleProperties extends Hashtable<String, String> {
     /**
      * Reads a property list (key and element pairs) from the input stream.
      * <p>
-     * Every property occupies one line of the input stream. Each line is terminated by a line terminator (<code>\n</code> or <code>\r</code> or <code>\r\n</code>). Lines from the input stream are processed until end of file is reached on the input stream.
+     * Every property occupies one line of the input stream. Each line is terminated by a line terminator (
+     * <code>\n</code> or <code>\r</code> or <code>\r\n</code>). Lines from the input stream are processed until end of
+     * file is reached on the input stream.
      * <p>
-     * A line that contains only whitespace or whose first non-whitespace character is an ASCII <code>#</code> or <code>!</code> is ignored (thus, <code>#</code> or <code>!</code> indicate comment lines).
+     * A line that contains only whitespace or whose first non-whitespace character is an ASCII <code>#</code> or
+     * <code>!</code> is ignored (thus, <code>#</code> or <code>!</code> indicate comment lines).
      * <p>
-     * Every line other than a blank line or a comment line describes one property to be added to the table (except that if a line ends with \, then the following line, if it exists, is treated as a continuation line, as described below). The key consists of all the characters in the line starting with the first non-whitespace character and up to, but not including, the first ASCII <code>=</code>, <code>:</code>, or whitespace character. All of the key termination characters may be included in
-     * the key by preceding them with a \. Any whitespace after the key is skipped; if the first non-whitespace character after the key is <code>=</code> or <code>:</code>, then it is ignored and any whitespace characters after it are also skipped. All remaining characters on the line become part of the associated element string. Within the element string, the ASCII escape sequences <code>\t</code>, <code>\n</code>, <code>\r</code>, <code>\\</code>, <code>\"</code>, <code>\'</code>,
-     * <code>\ &#32;</code> &#32;(a backslash and a space), and <code>\\u</code><i>xxxx</i> are recognized and converted to single characters. Moreover, if the last character on the line is <code>\</code>, then the next line is treated as a continuation of the current line; the <code>\</code> and line terminator are simply discarded, and any leading whitespace characters on the continuation line are also discarded and are not part of the element string.
+     * Every line other than a blank line or a comment line describes one property to be added to the table (except that
+     * if a line ends with \, then the following line, if it exists, is treated as a continuation line, as described
+     * below). The key consists of all the characters in the line starting with the first non-whitespace character and
+     * up to, but not including, the first ASCII <code>=</code>, <code>:</code>, or whitespace character. All of the key
+     * termination characters may be included in the key by preceding them with a \. Any whitespace after the key is
+     * skipped; if the first non-whitespace character after the key is <code>=</code> or <code>:</code>, then it is
+     * ignored and any whitespace characters after it are also skipped. All remaining characters on the line become part
+     * of the associated element string. Within the element string, the ASCII escape sequences <code>\t</code>,
+     * <code>\n</code>, <code>\r</code>, <code>\\</code>, <code>\"</code>, <code>\'</code>, <code>\ &#32;</code> &#32;(a
+     * backslash and a space), and <code>\\u</code><i>xxxx</i> are recognized and converted to single characters.
+     * Moreover, if the last character on the line is <code>\</code>, then the next line is treated as a continuation of
+     * the current line; the <code>\</code> and line terminator are simply discarded, and any leading whitespace
+     * characters on the continuation line are also discarded and are not part of the element string.
      * <p>
-     * As an example, each of the following four lines specifies the key <code>"Truth"</code> and the associated element value <code>"Beauty"</code>:
+     * As an example, each of the following four lines specifies the key <code>"Truth"</code> and the associated element
+     * value <code>"Beauty"</code>:
      * <p>
      * 
      * <pre>
@@ -128,7 +146,9 @@ public class SimpleProperties extends Hashtable<String, String> {
      * &quot;apple, banana, pear, cantaloupe, watermelon,kiwi, mango&quot;
      * </pre>
      * 
-     * Note that a space appears before each <code>\</code> so that a space will appear after each comma in the final result; the <code>\</code>, line terminator, and leading whitespace on the continuation line are merely discarded and are <i>not</i> replaced by one or more other characters.
+     * Note that a space appears before each <code>\</code> so that a space will appear after each comma in the final
+     * result; the <code>\</code>, line terminator, and leading whitespace on the continuation line are merely discarded
+     * and are <i>not</i> replaced by one or more other characters.
      * <p>
      * As a third example, the line:
      * <p>
@@ -261,19 +281,33 @@ public class SimpleProperties extends Hashtable<String, String> {
     }
 
     /**
-     * Writes this property list (key and element pairs) in this <code>Properties</code> table to the output stream in a format suitable
+     * Writes this property list (key and element pairs) in this <code>Properties</code> table to the output stream in a
+     * format suitable
      * for loading into a <code>Properties</code> table using the <code>load</code> method.
      * <p>
-     * Properties from the defaults table of this <code>Properties</code> table (if any) are <i>not</i> written out by this method.
+     * Properties from the defaults table of this <code>Properties</code> table (if any) are <i>not</i> written out by
+     * this method.
      * <p>
-     * If the header argument is not null, then an ASCII <code>#</code> character, the header string, and a line separator are first written to the output stream. Thus, the <code>header</code> can serve as an identifying comment.
+     * If the header argument is not null, then an ASCII <code>#</code> character, the header string, and a line
+     * separator are first written to the output stream. Thus, the <code>header</code> can serve as an identifying
+     * comment.
      * <p>
-     * Next, a comment line is always written, consisting of an ASCII <code>#</code> character, the current date and time (as if produced by the <code>toString</code> method of <code>Date</code> for the current time), and a line separator as generated by the Writer.
+     * Next, a comment line is always written, consisting of an ASCII <code>#</code> character, the current date and
+     * time (as if produced by the <code>toString</code> method of <code>Date</code> for the current time), and a line
+     * separator as generated by the Writer.
      * <p>
-     * Then every entry in this <code>Properties</code> table is written out, one per line. For each entry the key string is written, then an ASCII <code>=</code>, then the associated element string. Each character of the element string is examined to see whether it should be rendered as an escape sequence. The ASCII characters <code>\</code>, tab, newline, and carriage return are written as <code>\\</code>, <code>\t</code>, <code>\n</code>, and <code>\r</code>, respectively. Characters less
-     * than <code>\u0020</code> and characters greater than <code>\u007E</code> are written as <code>\\u</code><i>xxxx</i> for the appropriate hexadecimal value <i>xxxx</i>. Space characters, but not embedded or trailing space characters, are written with a preceding <code>\</code>. The key and value characters <code>#</code>, <code>!</code>, <code>=</code>, and <code>:</code> are written with a preceding slash to ensure that they are properly loaded.
+     * Then every entry in this <code>Properties</code> table is written out, one per line. For each entry the key
+     * string is written, then an ASCII <code>=</code>, then the associated element string. Each character of the
+     * element string is examined to see whether it should be rendered as an escape sequence. The ASCII characters
+     * <code>\</code>, tab, newline, and carriage return are written as <code>\\</code>, <code>\t</code>,
+     * <code>\n</code>, and <code>\r</code>, respectively. Characters less than <code>\u0020</code> and characters
+     * greater than <code>\u007E</code> are written as <code>\\u</code><i>xxxx</i> for the appropriate hexadecimal value
+     * <i>xxxx</i>. Space characters, but not embedded or trailing space characters, are written with a preceding
+     * <code>\</code>. The key and value characters <code>#</code>, <code>!</code>, <code>=</code>, and <code>:</code>
+     * are written with a preceding slash to ensure that they are properly loaded.
      * <p>
-     * After the entries have been written, the output stream is flushed. The output stream remains open after this method returns.
+     * After the entries have been written, the output stream is flushed. The output stream remains open after this
+     * method returns.
      * 
      * @param out an output stream.
      * @param header a description of the property list.
@@ -307,7 +341,8 @@ public class SimpleProperties extends Hashtable<String, String> {
     /**
      * Searches for the property with the specified key in this property list.
      * If the key is not found in this property list, the default property list,
-     * and its defaults, recursively, are then checked. The method returns <code>null</code> if the property is not found.
+     * and its defaults, recursively, are then checked. The method returns <code>null</code> if the property is not
+     * found.
      * 
      * @param key the property key.
      * @return the value in this property list with the specified key value.
diff --git a/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java b/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java
index b7c3f6329..81d0da20e 100644
--- a/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java
@@ -119,7 +119,8 @@ public class OidLoaderSubsystem implements ISubsystem {
      * subsystem specified in the configuration
      * store.
      * <P>
-     * Note that individual subsystem should be initialized in a separated thread if it has dependency on the initialization of other subsystems.
+     * Note that individual subsystem should be initialized in a separated thread if it has dependency on the
+     * initialization of other subsystems.
      * <P>
      * 
      * @param owner owner of this subsystem
diff --git a/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java b/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java
index f85d9016c..4f6d6c632 100644
--- a/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java
@@ -106,7 +106,8 @@ public class X500NameSubsystem implements ISubsystem {
      * X500Name.attr.attribute-name.class=value converter class
      * </pre>
      * 
-     * The value converter class converts a string to a ASN.1 value. It must implement netscape.security.x509.AVAValueConverter interface. Converter classes provided in CMS are:
+     * The value converter class converts a string to a ASN.1 value. It must implement
+     * netscape.security.x509.AVAValueConverter interface. Converter classes provided in CMS are:
      * 
      * <pre>
      *     netscape.security.x509.PrintableConverter - 
diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java b/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java
index a4ed727da..91574c6cc 100644
--- a/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java
+++ b/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java
@@ -27,7 +27,8 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * class representing one Job cron item
  * <p>
- * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges.
+ * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in
+ * an "item"...which includes both numbers and '-' separated ranges.
  * <p>
  * for each of the 5 cron fields, it's represented as a CronItem
  * 
diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java b/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java
index 99696b827..af5ae2a51 100644
--- a/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java
+++ b/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java
@@ -20,9 +20,11 @@ package com.netscape.cmscore.jobs;
 /**
  * class representing one Job cron element
  * <p>
- * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges.
+ * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in
+ * an "item"...which includes both numbers and '-' separated ranges.
  * <p>
- * an Element can contain either an integer number or a range specified as CronRange. In case of integer numbers, begin and end are of the same value
+ * an Element can contain either an integer number or a range specified as CronRange. In case of integer numbers, begin
+ * and end are of the same value
  * 
  * @author cfu
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java b/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java
index eeca68f63..0fca2ba9c 100644
--- a/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java
+++ b/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java
@@ -30,9 +30,13 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * class representing one Job cron information
  * <p>
- * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week (0-6 with 0=Sunday)</i>
+ * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in
+ * an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the
+ * following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week
+ * (0-6 with 0=Sunday)</i>
  * <p>
- * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday through Friday, at 11:30am and 11:30pm.
+ * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday
+ * through Friday, at 11:30am and 11:30pm.
  * <p>
  * 
  * @author cfu
diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java b/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java
index 38ec4a79c..654f3e494 100644
--- a/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java
+++ b/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java
@@ -41,8 +41,12 @@ import com.netscape.cmscore.util.Debug;
  * if there is any job to be done, if so, a thread is created to execute
  * the job(s).
  * <p>
- * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that hour. <b>The inteval value is
- * recommended at 1 minute, setting it otherwise has the potential of forever missing the beat</b>. Use with caution.
+ * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the
+ * default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the
+ * Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am
+ * on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that
+ * hour. <b>The inteval value is recommended at 1 minute, setting it otherwise has the potential of forever missing the
+ * beat</b>. Use with caution.
  * 
  * @author cfu
  * @see JobCron
@@ -86,7 +90,9 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
      * read from the config file all implementations of Jobs,
      * register and initialize them
      * <p>
-     * the config params have the following formats: jobScheduler.impl.[implementation name].class=[package name] jobScheduler.job.[job name].pluginName=[implementation name] jobScheduler.job.[job name].cron=[crontab format] jobScheduler.job.[job name].[any job specific params]=[values]
+     * the config params have the following formats: jobScheduler.impl.[implementation name].class=[package name]
+     * jobScheduler.job.[job name].pluginName=[implementation name] jobScheduler.job.[job name].cron=[crontab format]
+     * jobScheduler.job.[job name].[any job specific params]=[values]
      * 
      * @param config jobsScheduler configStore
      */
diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
index 57f5a76cb..580658eaa 100644
--- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
+++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
@@ -213,7 +213,8 @@ public class LdapPredicateParser {
          * catch (Exception e){e.printStackTrace();}
          * String[] array = { "ou == people AND certtype == client",
          * "ou == servergroup AND certtype == server",
-         * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com",
+         * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com"
+         * ,
          * };
          * for (int i = 0; i < array.length; i++)
          * {
diff --git a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
index 2423773a8..c9cc25997 100644
--- a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
+++ b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
@@ -1308,7 +1308,8 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
      * 
      * <subsystemId>.Policy.undeletablePolicies=<comma separated rule names>
      * Example:
-     * ra.Policy.undeletablePolicies=DirAuthRule, DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule, DefaultRenewalValidityRule
+     * ra.Policy.undeletablePolicies=DirAuthRule, DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule,
+     * DefaultRenewalValidityRule
      * 
      * The predicates if any associated with them may be configured as
      * follows:
@@ -1336,7 +1337,8 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
      * We do n't need to burn in DirAuthRule. We need to configure all
      * other rules except the DirAuthRule as follows:
      * 
-     * ra.Policy.undeletablePolicies = DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule, DefaultRenewalValidityRule
+     * ra.Policy.undeletablePolicies = DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule,
+     * DefaultRenewalValidityRule
      * 
      * The following predicates are necessary:
      * 
diff --git a/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java b/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
index af69e6a89..ebdeba4ce 100644
--- a/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
+++ b/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
@@ -213,7 +213,8 @@ public class PolicyPredicateParser {
          * catch (Exception e){e.printStackTrace();}
          * String[] array = { "ou == people AND certtype == client",
          * "ou == servergroup AND certtype == server",
-         * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com",
+         * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com"
+         * ,
          * };
          * for (int i = 0; i < array.length; i++)
          * {
diff --git a/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java b/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java
index 016e368c6..bd47f3ce6 100644
--- a/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java
+++ b/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java
@@ -68,9 +68,11 @@ import com.netscape.certsrv.request.RequestStatus;
  * <p>
  * !Put state machine description here!
  * <p>
- * This class defines several abstract protected functions that need to be defined by the concrete implementation. In particular, this class does not implement the operations for storing requests persistantly.
+ * This class defines several abstract protected functions that need to be defined by the concrete implementation. In
+ * particular, this class does not implement the operations for storing requests persistantly.
  * <p>
- * This class also provides several accessor functions for setting fields in the IRequest object. These functions are provided as an aid to saving and restoring the state in the database.
+ * This class also provides several accessor functions for setting fields in the IRequest object. These functions are
+ * provided as an aid to saving and restoring the state in the database.
  * <p>
  * This class also implements the locking operations specified by the IRequestQueue interface.
  * <p>
@@ -89,7 +91,8 @@ public abstract class ARequestQueue
     /**
      * Create a new (unique) RequestId. (abstract)
      * <p>
-     * This method must be implemented by the specialized class to generate a new id from data in the persistant store. This id is used to create a new request object.
+     * This method must be implemented by the specialized class to generate a new id from data in the persistant store.
+     * This id is used to create a new request object.
      * <p>
      * 
      * @return
@@ -106,7 +109,8 @@ public abstract class ARequestQueue
      * <p>
      * This function is called to create the in-memory version of a request object.
      * <p>
-     * The implementation of this object can use the createRequest member function to create a new instance of an IRequest, and use the setRequestStatus, setCreationTime and setModificationTime functions to set those values.
+     * The implementation of this object can use the createRequest member function to create a new instance of an
+     * IRequest, and use the setRequestStatus, setCreationTime and setModificationTime functions to set those values.
      * <p>
      * 
      * @param id
@@ -154,7 +158,9 @@ public abstract class ARequestQueue
      * Get complete list of RequestId values found i this
      * queue.
      * <p>
-     * This method can form the basis for creating other types of search/list operations (although there are probably more efficient ways of doing this. ARequestQueue implements default versions of some of the searching by using this method as a basis.
+     * This method can form the basis for creating other types of search/list operations (although there are probably
+     * more efficient ways of doing this. ARequestQueue implements default versions of some of the searching by using
+     * this method as a basis.
      * <p>
      * TODO: return IRequestList -or- just use listRequests as the basic engine.
      * <p>
@@ -500,7 +506,8 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.listRequests
      * <p>
-     * Should be overridden by the specialized class if a more efficient method is available for implementing this operation.
+     * Should be overridden by the specialized class if a more efficient method is available for implementing this
+     * operation.
      * <P>
      * 
      * @see IRequestQueue#listRequests
@@ -512,7 +519,8 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.listRequestsByStatus
      * <p>
-     * Should be overridden by the specialized class if a more efficient method is available for implementing this operation.
+     * Should be overridden by the specialized class if a more efficient method is available for implementing this
+     * operation.
      * <P>
      * 
      * @see IRequestQueue#listRequestsByStatus
diff --git a/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java b/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java
index ee625594f..862ddaa68 100644
--- a/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java
@@ -36,7 +36,8 @@ import com.netscape.cmscore.dbs.DBSubsystem;
  * <p>
  * This class is reponsible for managing storage of request objects in the local database.
  * <p>
- * TODO: review this It provides: + registration of LDAP/JAVA mapping classes with the DBSubsystem + creation of RequestQueue storage in the database + retrieval of existing RequestQueue objects from the database
+ * TODO: review this It provides: + registration of LDAP/JAVA mapping classes with the DBSubsystem + creation of
+ * RequestQueue storage in the database + retrieval of existing RequestQueue objects from the database
  * <p>
  * 
  * @author thayes
diff --git a/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java b/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java
index 614cc5249..3ee2d3ab4 100644
--- a/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java
@@ -87,7 +87,8 @@ public class ProfileSubsystem extends Frame implements ISubsystem, Runnable {
      * subsystem specified in the configuration
      * store.
      * <P>
-     * Note that individual subsystem should be initialized in a separated thread if it has dependency on the initialization of other subsystems.
+     * Note that individual subsystem should be initialized in a separated thread if it has dependency on the
+     * initialization of other subsystems.
      * <P>
      * 
      * @param owner owner of this subsystem
diff --git a/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java b/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java
index aabd8172b..57eb53f2e 100644
--- a/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java
@@ -69,7 +69,8 @@ public class StatsSubsystem implements IStatsSubsystem {
      * subsystem specified in the configuration
      * store.
      * <P>
-     * Note that individual subsystem should be initialized in a separated thread if it has dependency on the initialization of other subsystems.
+     * Note that individual subsystem should be initialized in a separated thread if it has dependency on the
+     * initialization of other subsystems.
      * <P>
      * 
      * @param owner owner of this subsystem
diff --git a/pki/base/common/src/com/netscape/cmscore/util/UtilResources.java b/pki/base/common/src/com/netscape/cmscore/util/UtilResources.java
index 57803c9e5..e8f4d8478 100644
--- a/pki/base/common/src/com/netscape/cmscore/util/UtilResources.java
+++ b/pki/base/common/src/com/netscape/cmscore/util/UtilResources.java
@@ -60,7 +60,8 @@ public class UtilResources extends ListResourceBundle {
             { NO_SUCH_FILE_1, "can''t find file {0}" },
             { FILE_TRUNCATED, "Log file has been truncated." },
             { DIGEST_MATCH_1, "Hash digest matches log file. {0} OK" },
-            { DIGEST_DONT_MATCH_1,
+            {
+                    DIGEST_DONT_MATCH_1,
                     "Hash digest does NOT match log file. {0} and/or hash file is corrupt or the password is incorrect." },
             { EXCEPTION_1, "Caught unexpected exception {0}" },
             { LOG_PASSWORD, "Please enter the log file hash digest password: " },