From 7c7b9d023cd466c1771068badc020dab36beb553 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Thu, 5 Apr 2012 14:49:11 -0500 Subject: Removed whitespaces from Java code. Whitespaces in Java code have been removed with the following command: find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \; Ticket #134 --- base/common/src/com/netscape/certsrv/acls/ACL.java | 26 +-- .../src/com/netscape/certsrv/acls/ACLEntry.java | 32 +-- .../com/netscape/certsrv/acls/ACLsResources.java | 4 +- .../com/netscape/certsrv/acls/EACLsException.java | 22 +- .../common/src/com/netscape/certsrv/acls/IACL.java | 12 +- .../src/com/netscape/certsrv/acls/IACLEntry.java | 4 +- base/common/src/com/netscape/certsrv/apps/CMS.java | 236 ++++++++++----------- .../src/com/netscape/certsrv/apps/ICMSEngine.java | 220 +++++++++---------- .../com/netscape/certsrv/apps/ICommandQueue.java | 6 +- .../certsrv/authentication/AuthCredentials.java | 12 +- .../certsrv/authentication/AuthManagerProxy.java | 8 +- .../certsrv/authentication/AuthMgrPlugin.java | 12 +- .../certsrv/authentication/AuthResources.java | 4 +- .../netscape/certsrv/authentication/AuthToken.java | 18 +- .../certsrv/authentication/EAuthException.java | 12 +- .../certsrv/authentication/EAuthInternalError.java | 2 +- .../certsrv/authentication/EAuthMgrNotFound.java | 2 +- .../authentication/EAuthMgrPluginNotFound.java | 2 +- .../certsrv/authentication/EAuthUserError.java | 2 +- .../certsrv/authentication/ECompSyntaxErr.java | 2 +- .../certsrv/authentication/EFormSubjectDN.java | 2 +- .../authentication/EInvalidCredentials.java | 2 +- .../certsrv/authentication/EMissingCredential.java | 2 +- .../certsrv/authentication/IAuthCredentials.java | 6 +- .../certsrv/authentication/IAuthManager.java | 16 +- .../certsrv/authentication/IAuthSubsystem.java | 30 +-- .../certsrv/authentication/IAuthToken.java | 42 ++-- .../authentication/ISSLClientCertProvider.java | 6 +- .../com/netscape/certsrv/authority/IAuthority.java | 4 +- .../netscape/certsrv/authority/ICertAuthority.java | 10 +- .../certsrv/authorization/AuthzManagerProxy.java | 8 +- .../certsrv/authorization/AuthzMgrPlugin.java | 12 +- .../certsrv/authorization/AuthzResources.java | 4 +- .../netscape/certsrv/authorization/AuthzToken.java | 22 +- .../certsrv/authorization/EAuthzAccessDenied.java | 2 +- .../certsrv/authorization/EAuthzException.java | 12 +- .../certsrv/authorization/EAuthzInternalError.java | 2 +- .../certsrv/authorization/EAuthzMgrNotFound.java | 2 +- .../authorization/EAuthzMgrPluginNotFound.java | 2 +- .../authorization/EAuthzUnknownOperation.java | 2 +- .../authorization/EAuthzUnknownProtectedRes.java | 2 +- .../certsrv/authorization/IAuthzManager.java | 32 +-- .../certsrv/authorization/IAuthzSubsystem.java | 26 +-- .../src/com/netscape/certsrv/base/ASubsystem.java | 10 +- .../netscape/certsrv/base/AttributeNameHelper.java | 8 +- .../com/netscape/certsrv/base/BaseResources.java | 2 +- .../com/netscape/certsrv/base/EBaseException.java | 22 +- .../netscape/certsrv/base/EPropertyNotDefined.java | 4 +- .../netscape/certsrv/base/EPropertyNotFound.java | 4 +- .../netscape/certsrv/base/ExtendedPluginInfo.java | 22 +- .../src/com/netscape/certsrv/base/IArgBlock.java | 56 ++--- .../src/com/netscape/certsrv/base/IAttrSet.java | 10 +- .../src/com/netscape/certsrv/base/IAuthInfo.java | 2 +- .../com/netscape/certsrv/base/ICRLPrettyPrint.java | 6 +- .../netscape/certsrv/base/ICertPrettyPrint.java | 4 +- .../com/netscape/certsrv/base/IConfigStore.java | 58 ++--- .../certsrv/base/IConfigStoreEventListener.java | 6 +- .../com/netscape/certsrv/base/IExtPrettyPrint.java | 4 +- .../netscape/certsrv/base/IExtendedPluginInfo.java | 20 +- .../src/com/netscape/certsrv/base/IPluginImpl.java | 18 +- .../netscape/certsrv/base/IPrettyPrintFormat.java | 10 +- .../netscape/certsrv/base/ISourceConfigStore.java | 14 +- .../src/com/netscape/certsrv/base/ISubsystem.java | 12 +- .../netscape/certsrv/base/ISubsystemSource.java | 4 +- .../src/com/netscape/certsrv/base/ITimeSource.java | 4 +- .../src/com/netscape/certsrv/base/KeyGenInfo.java | 32 +-- .../netscape/certsrv/base/MessageFormatter.java | 8 +- .../netscape/certsrv/base/MetaAttributeDef.java | 22 +- .../src/com/netscape/certsrv/base/MetaInfo.java | 14 +- .../src/com/netscape/certsrv/base/Nonces.java | 2 +- .../netscape/certsrv/base/PasswordResources.java | 2 +- .../src/com/netscape/certsrv/base/Plugin.java | 8 +- .../com/netscape/certsrv/base/SessionContext.java | 8 +- .../src/com/netscape/certsrv/ca/CAResources.java | 2 +- .../src/com/netscape/certsrv/ca/ECAException.java | 12 +- .../com/netscape/certsrv/ca/EErrorPublishCRL.java | 4 +- .../src/com/netscape/certsrv/ca/ICAService.java | 12 +- .../com/netscape/certsrv/ca/ICMSCRLExtension.java | 10 +- .../com/netscape/certsrv/ca/ICMSCRLExtensions.java | 8 +- .../com/netscape/certsrv/ca/ICRLIssuingPoint.java | 118 +++++------ .../netscape/certsrv/ca/ICertificateAuthority.java | 100 ++++----- .../certsrv/cert/ICrossCertPairSubsystem.java | 8 +- .../netscape/certsrv/client/IDataProcessor.java | 4 +- .../certsrv/client/connection/IAuthenticator.java | 2 +- .../certsrv/client/connection/IConnection.java | 2 +- .../client/connection/IConnectionFactory.java | 4 +- .../netscape/certsrv/common/ConfigConstants.java | 2 +- .../src/com/netscape/certsrv/common/Constants.java | 6 +- .../src/com/netscape/certsrv/common/DestDef.java | 2 +- .../netscape/certsrv/common/NameValuePairs.java | 6 +- .../src/com/netscape/certsrv/common/OpDef.java | 2 +- .../src/com/netscape/certsrv/common/PrefixDef.java | 2 +- .../src/com/netscape/certsrv/common/ScopeDef.java | 2 +- .../src/com/netscape/certsrv/common/TaskId.java | 4 +- .../com/netscape/certsrv/connector/IConnector.java | 12 +- .../certsrv/connector/IHttpConnFactory.java | 6 +- .../certsrv/connector/IHttpConnection.java | 4 +- .../certsrv/connector/IHttpPKIMessage.java | 10 +- .../netscape/certsrv/connector/IPKIMessage.java | 14 +- .../certsrv/connector/IRemoteAuthority.java | 10 +- .../certsrv/connector/IRequestEncoder.java | 6 +- .../com/netscape/certsrv/connector/IResender.java | 4 +- .../src/com/netscape/certsrv/dbs/DBResources.java | 2 +- .../src/com/netscape/certsrv/dbs/EDBException.java | 10 +- .../netscape/certsrv/dbs/EDBNotAvailException.java | 4 +- .../certsrv/dbs/EDBRecordNotFoundException.java | 4 +- .../com/netscape/certsrv/dbs/IDBAttrMapper.java | 10 +- .../com/netscape/certsrv/dbs/IDBDynAttrMapper.java | 4 +- .../src/com/netscape/certsrv/dbs/IDBObj.java | 4 +- .../src/com/netscape/certsrv/dbs/IDBRegistry.java | 30 +-- .../src/com/netscape/certsrv/dbs/IDBSSession.java | 36 ++-- .../com/netscape/certsrv/dbs/IDBSearchResults.java | 6 +- .../src/com/netscape/certsrv/dbs/IDBSubsystem.java | 44 ++-- .../com/netscape/certsrv/dbs/IDBVirtualList.java | 26 +-- .../netscape/certsrv/dbs/IElementProcessor.java | 4 +- .../com/netscape/certsrv/dbs/IFilterConverter.java | 6 +- .../src/com/netscape/certsrv/dbs/Modification.java | 10 +- .../com/netscape/certsrv/dbs/ModificationSet.java | 6 +- .../netscape/certsrv/dbs/certdb/ICertRecord.java | 24 +-- .../certsrv/dbs/certdb/ICertRecordList.java | 16 +- .../certsrv/dbs/certdb/ICertificateRepository.java | 90 ++++---- .../certsrv/dbs/certdb/IRevocationInfo.java | 6 +- .../certsrv/dbs/crldb/ICRLIssuingPointRecord.java | 32 +-- .../netscape/certsrv/dbs/crldb/ICRLRepository.java | 26 +-- .../com/netscape/certsrv/dbs/keydb/IKeyRecord.java | 22 +- .../netscape/certsrv/dbs/keydb/IKeyRecordList.java | 6 +- .../netscape/certsrv/dbs/keydb/IKeyRepository.java | 26 +-- .../com/netscape/certsrv/dbs/keydb/KeyState.java | 10 +- .../dbs/replicadb/IReplicaIDRepository.java | 2 +- .../certsrv/dbs/repository/IRepository.java | 14 +- .../certsrv/dbs/repository/IRepositoryRecord.java | 4 +- .../certsrv/evaluators/IAccessEvaluator.java | 12 +- .../certsrv/extensions/EExtensionsException.java | 2 +- .../certsrv/extensions/ExtensionsResources.java | 2 +- .../netscape/certsrv/extensions/ICMSExtension.java | 8 +- .../com/netscape/certsrv/jobs/EJobsException.java | 2 +- .../common/src/com/netscape/certsrv/jobs/IJob.java | 18 +- .../src/com/netscape/certsrv/jobs/IJobCron.java | 2 +- .../com/netscape/certsrv/jobs/IJobsScheduler.java | 14 +- .../src/com/netscape/certsrv/jobs/JobPlugin.java | 8 +- .../com/netscape/certsrv/jobs/JobsResources.java | 2 +- .../com/netscape/certsrv/kra/EKRAException.java | 12 +- .../src/com/netscape/certsrv/kra/IJoinShares.java | 2 +- .../certsrv/kra/IKeyRecoveryAuthority.java | 58 ++--- .../src/com/netscape/certsrv/kra/IKeyService.java | 30 +-- .../com/netscape/certsrv/kra/IProofOfArchival.java | 14 +- .../src/com/netscape/certsrv/kra/IShare.java | 2 +- .../src/com/netscape/certsrv/kra/KRAResources.java | 2 +- .../com/netscape/certsrv/kra/ProofOfArchival.java | 28 +-- .../com/netscape/certsrv/ldap/ELdapException.java | 12 +- .../certsrv/ldap/ELdapServerDownException.java | 4 +- .../com/netscape/certsrv/ldap/ILdapAuthInfo.java | 18 +- .../certsrv/ldap/ILdapBoundConnFactory.java | 2 +- .../netscape/certsrv/ldap/ILdapConnFactory.java | 18 +- .../com/netscape/certsrv/ldap/ILdapConnInfo.java | 8 +- .../com/netscape/certsrv/ldap/ILdapConnModule.java | 6 +- .../com/netscape/certsrv/ldap/LdapResources.java | 2 +- .../certsrv/listeners/EListenersException.java | 12 +- .../certsrv/listeners/IRequestListenerPlugin.java | 12 +- .../certsrv/listeners/ListenersResources.java | 4 +- .../com/netscape/certsrv/logging/AuditEvent.java | 52 ++--- .../com/netscape/certsrv/logging/AuditFormat.java | 2 +- .../com/netscape/certsrv/logging/ConsoleError.java | 4 +- .../com/netscape/certsrv/logging/ConsoleLog.java | 10 +- .../netscape/certsrv/logging/ELogException.java | 22 +- .../com/netscape/certsrv/logging/ELogNotFound.java | 4 +- .../certsrv/logging/ELogPluginNotFound.java | 4 +- .../netscape/certsrv/logging/IBundleLogEvent.java | 4 +- .../com/netscape/certsrv/logging/ILogEvent.java | 20 +- .../netscape/certsrv/logging/ILogEventFactory.java | 6 +- .../certsrv/logging/ILogEventListener.java | 20 +- .../com/netscape/certsrv/logging/ILogQueue.java | 10 +- .../netscape/certsrv/logging/ILogSubsystem.java | 14 +- .../src/com/netscape/certsrv/logging/ILogger.java | 36 ++-- .../com/netscape/certsrv/logging/LogPlugin.java | 2 +- .../com/netscape/certsrv/logging/LogResources.java | 6 +- .../netscape/certsrv/logging/SignedAuditEvent.java | 54 ++--- .../com/netscape/certsrv/logging/SystemEvent.java | 52 ++--- .../notification/ENotificationException.java | 2 +- .../certsrv/notification/IEmailFormProcessor.java | 2 +- .../certsrv/notification/IEmailResolver.java | 4 +- .../certsrv/notification/IEmailResolverKeys.java | 2 +- .../certsrv/notification/IEmailTemplate.java | 2 +- .../certsrv/notification/IMailNotification.java | 14 +- .../notification/NotificationResources.java | 2 +- .../src/com/netscape/certsrv/ocsp/IDefStore.java | 28 +-- .../com/netscape/certsrv/ocsp/IOCSPAuthority.java | 30 +-- .../com/netscape/certsrv/ocsp/IOCSPService.java | 12 +- .../src/com/netscape/certsrv/ocsp/IOCSPStore.java | 8 +- .../certsrv/password/EPasswordCheckException.java | 12 +- .../certsrv/password/IConfigPasswordCheck.java | 6 +- .../netscape/certsrv/password/IPasswordCheck.java | 6 +- .../certsrv/pattern/AttrSetCollection.java | 6 +- .../src/com/netscape/certsrv/pattern/Pattern.java | 12 +- .../netscape/certsrv/policy/EPolicyException.java | 26 +-- .../netscape/certsrv/policy/IEnrollmentPolicy.java | 4 +- .../com/netscape/certsrv/policy/IExpression.java | 6 +- .../policy/IGeneralNameAsConstraintsConfig.java | 8 +- .../certsrv/policy/IGeneralNameConfig.java | 10 +- .../netscape/certsrv/policy/IGeneralNameUtil.java | 4 +- .../policy/IGeneralNamesAsConstraintsConfig.java | 8 +- .../certsrv/policy/IGeneralNamesConfig.java | 8 +- .../certsrv/policy/IKeyArchivalPolicy.java | 4 +- .../certsrv/policy/IKeyRecoveryPolicy.java | 4 +- .../certsrv/policy/IPolicyPredicateParser.java | 6 +- .../netscape/certsrv/policy/IPolicyProcessor.java | 40 ++-- .../com/netscape/certsrv/policy/IPolicyRule.java | 24 +-- .../com/netscape/certsrv/policy/IPolicySet.java | 20 +- .../netscape/certsrv/policy/IRenewalPolicy.java | 4 +- .../netscape/certsrv/policy/IRevocationPolicy.java | 4 +- .../certsrv/policy/ISubjAltNameConfig.java | 8 +- .../netscape/certsrv/policy/PolicyResources.java | 4 +- .../netscape/certsrv/profile/EDeferException.java | 4 +- .../certsrv/profile/EProfileException.java | 4 +- .../netscape/certsrv/profile/ERejectException.java | 4 +- .../netscape/certsrv/profile/IEnrollProfile.java | 4 +- .../certsrv/profile/IPolicyConstraint.java | 14 +- .../netscape/certsrv/profile/IPolicyDefault.java | 26 +-- .../src/com/netscape/certsrv/profile/IProfile.java | 88 ++++---- .../certsrv/profile/IProfileAuthenticator.java | 20 +- .../netscape/certsrv/profile/IProfileContext.java | 6 +- .../com/netscape/certsrv/profile/IProfileEx.java | 2 +- .../netscape/certsrv/profile/IProfileInput.java | 20 +- .../netscape/certsrv/profile/IProfileOutput.java | 20 +- .../netscape/certsrv/profile/IProfilePolicy.java | 8 +- .../certsrv/profile/IProfileSubsystem.java | 24 +-- .../netscape/certsrv/profile/IProfileUpdater.java | 12 +- .../com/netscape/certsrv/property/Descriptor.java | 12 +- .../certsrv/property/EPropertyException.java | 4 +- .../netscape/certsrv/property/IConfigTemplate.java | 10 +- .../com/netscape/certsrv/property/IDescriptor.java | 10 +- .../netscape/certsrv/publish/ECompSyntaxErr.java | 4 +- .../netscape/certsrv/publish/EMapperNotFound.java | 4 +- .../certsrv/publish/EMapperPluginNotFound.java | 4 +- .../certsrv/publish/EPublisherNotFound.java | 4 +- .../certsrv/publish/EPublisherPluginNotFound.java | 4 +- .../netscape/certsrv/publish/ERuleNotFound.java | 4 +- .../certsrv/publish/ERulePluginNotFound.java | 4 +- .../netscape/certsrv/publish/ICRLPublisher.java | 28 +-- .../netscape/certsrv/publish/ILdapCertMapper.java | 4 +- .../netscape/certsrv/publish/ILdapCrlMapper.java | 6 +- .../netscape/certsrv/publish/ILdapExpression.java | 8 +- .../com/netscape/certsrv/publish/ILdapMapper.java | 6 +- .../com/netscape/certsrv/publish/ILdapPlugin.java | 4 +- .../netscape/certsrv/publish/ILdapPluginImpl.java | 6 +- .../certsrv/publish/ILdapPublishModule.java | 6 +- .../netscape/certsrv/publish/ILdapPublisher.java | 6 +- .../com/netscape/certsrv/publish/ILdapRule.java | 4 +- .../netscape/certsrv/publish/IPublishRuleSet.java | 18 +- .../certsrv/publish/IPublisherProcessor.java | 106 ++++----- .../certsrv/publish/IXcertPublisherProcessor.java | 4 +- .../certsrv/publish/LdapCertMapResult.java | 6 +- .../com/netscape/certsrv/publish/MapperPlugin.java | 4 +- .../com/netscape/certsrv/publish/MapperProxy.java | 16 +- .../netscape/certsrv/publish/PublisherPlugin.java | 6 +- .../netscape/certsrv/publish/PublisherProxy.java | 12 +- .../com/netscape/certsrv/publish/RulePlugin.java | 6 +- .../src/com/netscape/certsrv/ra/IRAService.java | 10 +- .../certsrv/ra/IRegistrationAuthority.java | 32 +-- .../certsrv/registry/ERegistryException.java | 4 +- .../com/netscape/certsrv/registry/IPluginInfo.java | 10 +- .../netscape/certsrv/registry/IPluginRegistry.java | 14 +- .../netscape/certsrv/request/ARequestNotifier.java | 46 ++-- .../netscape/certsrv/request/AgentApproval.java | 8 +- .../netscape/certsrv/request/AgentApprovals.java | 14 +- .../certsrv/request/IEnrollmentRequest.java | 2 +- .../src/com/netscape/certsrv/request/INotify.java | 4 +- .../src/com/netscape/certsrv/request/IPolicy.java | 4 +- .../src/com/netscape/certsrv/request/IRequest.java | 136 ++++++------ .../com/netscape/certsrv/request/IRequestList.java | 8 +- .../netscape/certsrv/request/IRequestListener.java | 8 +- .../netscape/certsrv/request/IRequestNotifier.java | 28 +-- .../netscape/certsrv/request/IRequestQueue.java | 58 ++--- .../netscape/certsrv/request/IRequestRecord.java | 14 +- .../certsrv/request/IRequestScheduler.java | 6 +- .../certsrv/request/IRequestSubsystem.java | 8 +- .../certsrv/request/IRequestVirtualList.java | 8 +- .../src/com/netscape/certsrv/request/IService.java | 4 +- .../netscape/certsrv/request/PolicyMessage.java | 4 +- .../com/netscape/certsrv/request/PolicyResult.java | 2 +- .../com/netscape/certsrv/request/RequestId.java | 6 +- .../netscape/certsrv/request/RequestStatus.java | 24 +-- .../netscape/certsrv/request/ldap/IRequestMod.java | 8 +- .../com/netscape/certsrv/security/Credential.java | 8 +- .../certsrv/security/ICryptoSubsystem.java | 80 +++---- .../netscape/certsrv/security/IEncryptionUnit.java | 18 +- .../netscape/certsrv/security/ISigningUnit.java | 30 +-- .../netscape/certsrv/security/IStorageKeyUnit.java | 16 +- .../src/com/netscape/certsrv/security/IToken.java | 4 +- .../certsrv/security/ITransportKeyUnit.java | 4 +- .../com/netscape/certsrv/security/KeyCertData.java | 172 +++++++-------- .../selftests/EDuplicateSelfTestException.java | 18 +- .../selftests/EInvalidSelfTestException.java | 18 +- .../selftests/EMissingSelfTestException.java | 20 +- .../certsrv/selftests/ESelfTestException.java | 8 +- .../com/netscape/certsrv/selftests/ISelfTest.java | 14 +- .../certsrv/selftests/ISelfTestSubsystem.java | 40 ++-- .../certsrv/selftests/SelfTestResources.java | 2 +- .../src/com/netscape/certsrv/template/ArgList.java | 8 +- .../src/com/netscape/certsrv/template/ArgSet.java | 10 +- .../com/netscape/certsrv/template/ArgString.java | 6 +- .../com/netscape/certsrv/template/IArgValue.java | 2 +- .../com/netscape/certsrv/tks/ITKSAuthority.java | 6 +- .../com/netscape/certsrv/usrgrp/Certificates.java | 6 +- .../netscape/certsrv/usrgrp/EUsrGrpException.java | 10 +- .../netscape/certsrv/usrgrp/ICertUserLocator.java | 6 +- .../src/com/netscape/certsrv/usrgrp/IGroup.java | 14 +- .../netscape/certsrv/usrgrp/IGroupConstants.java | 2 +- .../com/netscape/certsrv/usrgrp/IIdEvaluator.java | 4 +- .../com/netscape/certsrv/usrgrp/IUGSubsystem.java | 48 ++--- .../src/com/netscape/certsrv/usrgrp/IUser.java | 42 ++-- .../netscape/certsrv/usrgrp/IUserConstants.java | 2 +- .../src/com/netscape/certsrv/usrgrp/IUsrGrp.java | 22 +- .../netscape/certsrv/usrgrp/UsrGrpResources.java | 4 +- .../src/com/netscape/certsrv/util/HttpInput.java | 2 +- .../com/netscape/certsrv/util/IStatsSubsystem.java | 2 +- .../src/com/netscape/certsrv/util/StatsEvent.java | 2 +- .../netscape/cms/authentication/AVAPattern.java | 60 +++--- .../authentication/AgentCertAuthentication.java | 16 +- .../src/com/netscape/cms/authentication/Crypt.java | 14 +- .../com/netscape/cms/authentication/DNPattern.java | 48 ++--- .../cms/authentication/DirBasedAuthentication.java | 82 +++---- .../netscape/cms/authentication/FlatFileAuth.java | 22 +- .../netscape/cms/authentication/HashAuthData.java | 2 +- .../cms/authentication/HashAuthentication.java | 10 +- .../netscape/cms/authentication/PortalEnroll.java | 12 +- .../netscape/cms/authentication/RDNPattern.java | 50 ++--- .../SSLclientCertAuthentication.java | 16 +- .../cms/authentication/TokenAuthentication.java | 12 +- .../authentication/UdnPwdDirAuthentication.java | 10 +- .../authentication/UidPwdDirAuthentication.java | 8 +- .../authentication/UidPwdPinDirAuthentication.java | 10 +- .../com/netscape/cms/authorization/AAclAuthz.java | 28 +-- .../netscape/cms/authorization/BasicAclAuthz.java | 12 +- .../netscape/cms/authorization/DirAclAuthz.java | 12 +- .../cms/crl/CMSAuthInfoAccessExtension.java | 2 +- .../crl/CMSAuthorityKeyIdentifierExtension.java | 2 +- .../netscape/cms/crl/CMSCRLNumberExtension.java | 2 +- .../netscape/cms/crl/CMSCRLReasonExtension.java | 2 +- .../cms/crl/CMSCertificateIssuerExtension.java | 2 +- .../cms/crl/CMSDeltaCRLIndicatorExtension.java | 2 +- .../netscape/cms/crl/CMSFreshestCRLExtension.java | 2 +- .../cms/crl/CMSHoldInstructionExtension.java | 4 +- .../cms/crl/CMSInvalidityDateExtension.java | 2 +- .../cms/crl/CMSIssuerAlternativeNameExtension.java | 2 +- .../crl/CMSIssuingDistributionPointExtension.java | 2 +- .../cms/evaluators/GroupAccessEvaluator.java | 10 +- .../cms/evaluators/IPAddressAccessEvaluator.java | 10 +- .../cms/evaluators/UserAccessEvaluator.java | 10 +- .../cms/evaluators/UserOrigReqAccessEvaluator.java | 10 +- .../common/src/com/netscape/cms/jobs/AJobBase.java | 20 +- .../src/com/netscape/cms/jobs/PublishCertsJob.java | 4 +- .../netscape/cms/jobs/RenewalNotificationJob.java | 22 +- .../com/netscape/cms/jobs/RequestInQueueJob.java | 6 +- .../com/netscape/cms/jobs/UnpublishExpiredJob.java | 4 +- .../cms/listeners/CertificateIssuedListener.java | 2 +- .../cms/listeners/CertificateRevokedListener.java | 2 +- .../netscape/cms/listeners/PinRemovalListener.java | 2 +- .../netscape/cms/listeners/RequestInQListener.java | 10 +- .../src/com/netscape/cms/logging/LogEntry.java | 6 +- .../src/com/netscape/cms/logging/LogFile.java | 46 ++-- .../com/netscape/cms/logging/RollingLogFile.java | 22 +- .../cms/notification/MailNotification.java | 14 +- .../common/src/com/netscape/cms/ocsp/DefStore.java | 4 +- .../src/com/netscape/cms/ocsp/LDAPStore.java | 2 +- .../com/netscape/cms/password/PasswordChecker.java | 6 +- .../src/com/netscape/cms/policy/APolicyRule.java | 28 +-- .../cms/policy/constraints/AgentPolicy.java | 16 +- .../constraints/AttributePresentConstraints.java | 4 +- .../cms/policy/constraints/DSAKeyConstraints.java | 14 +- .../cms/policy/constraints/DefaultRevocation.java | 16 +- .../cms/policy/constraints/IssuerConstraints.java | 12 +- .../constraints/KeyAlgorithmConstraints.java | 14 +- .../policy/constraints/ManualAuthentication.java | 16 +- .../cms/policy/constraints/RSAKeyConstraints.java | 16 +- .../cms/policy/constraints/RenewalConstraints.java | 18 +- .../constraints/RenewalValidityConstraints.java | 22 +- .../policy/constraints/RevocationConstraints.java | 16 +- .../constraints/SigningAlgorithmConstraints.java | 18 +- .../policy/constraints/SubCANameConstraints.java | 16 +- .../cms/policy/constraints/UniqueSubjectName.java | 4 +- .../constraints/UniqueSubjectNameConstraints.java | 26 +-- .../policy/constraints/ValidityConstraints.java | 22 +- .../cms/policy/extensions/AuthInfoAccessExt.java | 22 +- .../extensions/AuthorityKeyIdentifierExt.java | 36 ++-- .../cms/policy/extensions/BasicConstraintsExt.java | 38 ++-- .../extensions/CRLDistributionPointsExt.java | 6 +- .../policy/extensions/CertificatePoliciesExt.java | 24 +-- .../extensions/CertificateRenewalWindowExt.java | 14 +- .../extensions/CertificateScopeOfUseExt.java | 16 +- .../cms/policy/extensions/ExtendedKeyUsageExt.java | 4 +- .../cms/policy/extensions/GenericASN1Ext.java | 22 +- .../cms/policy/extensions/IssuerAltNameExt.java | 14 +- .../cms/policy/extensions/KeyUsageExt.java | 30 +-- .../cms/policy/extensions/NSCCommentExt.java | 16 +- .../cms/policy/extensions/NSCertTypeExt.java | 32 +-- .../cms/policy/extensions/NameConstraintsExt.java | 30 +-- .../cms/policy/extensions/OCSPNoCheckExt.java | 4 +- .../policy/extensions/PolicyConstraintsExt.java | 32 +-- .../cms/policy/extensions/PolicyMappingsExt.java | 34 +-- .../cms/policy/extensions/PresenceExt.java | 6 +- .../extensions/PrivateKeyUsagePeriodExt.java | 12 +- .../extensions/RemoveBasicConstraintsExt.java | 8 +- .../cms/policy/extensions/SubjAltNameExt.java | 42 ++-- .../cms/policy/extensions/SubjectAltNameExt.java | 32 +-- .../extensions/SubjectDirectoryAttributesExt.java | 4 +- .../policy/extensions/SubjectKeyIdentifierExt.java | 24 +-- .../netscape/cms/profile/common/BasicProfile.java | 16 +- .../cms/profile/common/CACertCAEnrollProfile.java | 4 +- .../cms/profile/common/CAEnrollProfile.java | 4 +- .../cms/profile/common/EnrollProfileContext.java | 2 +- .../cms/profile/common/ProfileContext.java | 2 +- .../netscape/cms/profile/common/ProfilePolicy.java | 2 +- .../cms/profile/common/RAEnrollProfile.java | 2 +- .../profile/common/ServerCertCAEnrollProfile.java | 2 +- .../profile/common/UserCertCAEnrollProfile.java | 2 +- .../constraint/BasicConstraintsExtConstraint.java | 2 +- .../profile/constraint/CAValidityConstraint.java | 2 +- .../cms/profile/constraint/EnrollConstraint.java | 8 +- .../constraint/ExtendedKeyUsageExtConstraint.java | 2 +- .../profile/constraint/ExtensionConstraint.java | 4 +- .../cms/profile/constraint/KeyConstraint.java | 6 +- .../profile/constraint/KeyUsageExtConstraint.java | 2 +- .../constraint/NSCertTypeExtConstraint.java | 2 +- .../cms/profile/constraint/NoConstraint.java | 2 +- .../constraint/RenewGracePeriodConstraint.java | 4 +- .../profile/constraint/SigningAlgConstraint.java | 2 +- .../profile/constraint/SubjectNameConstraint.java | 2 +- .../profile/constraint/UniqueKeyConstraint.java | 18 +- .../constraint/UniqueSubjectNameConstraint.java | 4 +- .../cms/profile/constraint/ValidityConstraint.java | 12 +- .../cms/profile/def/AuthInfoAccessExtDefault.java | 2 +- .../profile/def/AuthTokenSubjectNameDefault.java | 2 +- .../def/AuthorityKeyIdentifierExtDefault.java | 2 +- .../cms/profile/def/AutoAssignDefault.java | 2 +- .../profile/def/BasicConstraintsExtDefault.java | 2 +- .../netscape/cms/profile/def/CAEnrollDefault.java | 2 +- .../def/CRLDistributionPointsExtDefault.java | 2 +- .../profile/def/CertificatePoliciesExtDefault.java | 2 +- .../cms/profile/def/CertificateVersionDefault.java | 2 +- .../netscape/cms/profile/def/EnrollDefault.java | 24 +-- .../netscape/cms/profile/def/EnrollExtDefault.java | 2 +- .../profile/def/ExtendedKeyUsageExtDefault.java | 2 +- .../cms/profile/def/FreshestCRLExtDefault.java | 2 +- .../cms/profile/def/GenericExtDefault.java | 2 +- .../com/netscape/cms/profile/def/ImageDefault.java | 2 +- .../profile/def/InhibitAnyPolicyExtDefault.java | 2 +- .../cms/profile/def/IssuerAltNameExtDefault.java | 2 +- .../cms/profile/def/KeyUsageExtDefault.java | 2 +- .../cms/profile/def/NSCCommentExtDefault.java | 2 +- .../cms/profile/def/NSCertTypeExtDefault.java | 2 +- .../cms/profile/def/NameConstraintsExtDefault.java | 2 +- .../com/netscape/cms/profile/def/NoDefault.java | 2 +- .../cms/profile/def/OCSPNoCheckExtDefault.java | 2 +- .../profile/def/PolicyConstraintsExtDefault.java | 2 +- .../cms/profile/def/PolicyMappingsExtDefault.java | 2 +- .../def/PrivateKeyUsagePeriodExtDefault.java | 4 +- .../cms/profile/def/SubjectAltNameExtDefault.java | 2 +- .../def/SubjectDirAttributesExtDefault.java | 2 +- .../profile/def/SubjectInfoAccessExtDefault.java | 2 +- .../def/SubjectKeyIdentifierExtDefault.java | 2 +- .../cms/profile/def/SubjectNameDefault.java | 2 +- .../cms/profile/def/UserExtensionDefault.java | 2 +- .../netscape/cms/profile/def/UserKeyDefault.java | 2 +- .../cms/profile/def/UserSigningAlgDefault.java | 2 +- .../cms/profile/def/UserSubjectNameDefault.java | 2 +- .../cms/profile/def/UserValidityDefault.java | 2 +- .../netscape/cms/profile/def/ValidityDefault.java | 2 +- .../cms/profile/def/nsHKeySubjectNameDefault.java | 2 +- .../cms/profile/def/nsNKeySubjectNameDefault.java | 2 +- .../def/nsTokenDeviceKeySubjectNameDefault.java | 2 +- .../def/nsTokenUserKeySubjectNameDefault.java | 2 +- .../cms/profile/input/CMCCertReqInput.java | 4 +- .../netscape/cms/profile/input/CertReqInput.java | 4 +- .../cms/profile/input/DualKeyGenInput.java | 4 +- .../cms/profile/input/EncryptionKeyGenInput.java | 4 +- .../netscape/cms/profile/input/EnrollInput.java | 18 +- .../cms/profile/input/FileSigningInput.java | 2 +- .../netscape/cms/profile/input/GenericInput.java | 2 +- .../com/netscape/cms/profile/input/ImageInput.java | 2 +- .../netscape/cms/profile/input/KeyGenInput.java | 4 +- .../cms/profile/input/SerialNumRenewInput.java | 2 +- .../cms/profile/input/SigningKeyGenInput.java | 4 +- .../cms/profile/input/SubjectNameInput.java | 2 +- .../cms/profile/input/SubmitterInfoInput.java | 2 +- .../cms/profile/input/nsHKeyCertReqInput.java | 4 +- .../cms/profile/input/nsNKeyCertReqInput.java | 4 +- .../netscape/cms/profile/output/CMMFOutput.java | 2 +- .../netscape/cms/profile/output/CertOutput.java | 2 +- .../netscape/cms/profile/output/EnrollOutput.java | 10 +- .../netscape/cms/profile/output/PKCS7Output.java | 2 +- .../netscape/cms/profile/output/nsNKeyOutput.java | 2 +- .../cms/profile/updater/SubsystemGroupUpdater.java | 2 +- .../netscape/cms/publish/mappers/AVAPattern.java | 32 +-- .../cms/publish/mappers/LdapCaSimpleMap.java | 10 +- .../cms/publish/mappers/LdapCertCompsMap.java | 8 +- .../cms/publish/mappers/LdapCertExactMap.java | 8 +- .../cms/publish/mappers/LdapCertSubjMap.java | 12 +- .../cms/publish/mappers/LdapCrlIssuerCompsMap.java | 8 +- .../cms/publish/mappers/LdapDNCompsMap.java | 18 +- .../cms/publish/mappers/LdapEnhancedMap.java | 12 +- .../cms/publish/mappers/LdapSimpleMap.java | 12 +- .../cms/publish/mappers/MapAVAPattern.java | 62 +++--- .../netscape/cms/publish/mappers/MapDNPattern.java | 30 +-- .../cms/publish/mappers/MapRDNPattern.java | 32 +-- .../com/netscape/cms/publish/mappers/NoMap.java | 4 +- .../cms/publish/publishers/FileBasedPublisher.java | 8 +- .../publish/publishers/LdapCaCertPublisher.java | 4 +- .../publish/publishers/LdapCertSubjPublisher.java | 6 +- .../publishers/LdapCertificatePairPublisher.java | 6 +- .../cms/publish/publishers/LdapCrlPublisher.java | 2 +- .../publishers/LdapEncryptCertPublisher.java | 6 +- .../publish/publishers/LdapUserCertPublisher.java | 6 +- .../cms/publish/publishers/PublisherUtils.java | 4 +- .../com/netscape/cms/request/RequestScheduler.java | 6 +- .../src/com/netscape/cms/selftests/ASelfTest.java | 14 +- .../com/netscape/cms/selftests/ca/CAPresence.java | 14 +- .../com/netscape/cms/selftests/ca/CAValidity.java | 14 +- .../selftests/common/SystemCertsVerification.java | 14 +- .../netscape/cms/selftests/kra/KRAPresence.java | 14 +- .../netscape/cms/selftests/ocsp/OCSPPresence.java | 14 +- .../netscape/cms/selftests/ocsp/OCSPValidity.java | 14 +- .../com/netscape/cms/selftests/ra/RAPresence.java | 16 +- .../cms/selftests/tks/TKSKnownSessionKey.java | 14 +- .../cms/servlet/admin/ACLAdminServlet.java | 20 +- .../netscape/cms/servlet/admin/AdminResources.java | 2 +- .../netscape/cms/servlet/admin/AdminServlet.java | 42 ++-- .../cms/servlet/admin/AuthAdminServlet.java | 32 +-- .../cms/servlet/admin/AuthCredentials.java | 12 +- .../netscape/cms/servlet/admin/CAAdminServlet.java | 30 +-- .../cms/servlet/admin/CMSAdminServlet.java | 56 ++--- .../cms/servlet/admin/JobsAdminServlet.java | 8 +- .../cms/servlet/admin/KRAAdminServlet.java | 8 +- .../cms/servlet/admin/LogAdminServlet.java | 30 +-- .../cms/servlet/admin/OCSPAdminServlet.java | 14 +- .../cms/servlet/admin/PolicyAdminServlet.java | 34 +-- .../cms/servlet/admin/ProfileAdminServlet.java | 64 +++--- .../cms/servlet/admin/PublisherAdminServlet.java | 22 +- .../netscape/cms/servlet/admin/RAAdminServlet.java | 6 +- .../cms/servlet/admin/RegistryAdminServlet.java | 2 +- .../admin/SystemCertificateResourceService.java | 4 +- .../cms/servlet/admin/UsrGrpAdminServlet.java | 68 +++--- .../cms/servlet/base/CMSResourceService.java | 4 +- .../com/netscape/cms/servlet/base/CMSServlet.java | 94 ++++---- .../netscape/cms/servlet/base/CMSStartServlet.java | 2 +- .../cms/servlet/base/DisplayHtmlServlet.java | 2 +- .../cms/servlet/base/DynamicVariablesServlet.java | 4 +- .../com/netscape/cms/servlet/base/GetStats.java | 6 +- .../netscape/cms/servlet/base/IndexServlet.java | 2 +- .../netscape/cms/servlet/base/PortsServlet.java | 4 +- .../netscape/cms/servlet/base/ProxyServlet.java | 18 +- .../cms/servlet/base/SystemInfoServlet.java | 4 +- .../com/netscape/cms/servlet/base/UserInfo.java | 8 +- .../com/netscape/cms/servlet/base/model/Link.java | 2 +- .../cms/servlet/cert/CMCRevReqServlet.java | 30 +-- .../servlet/cert/ChallengeRevocationServlet1.java | 10 +- .../netscape/cms/servlet/cert/CloneRedirect.java | 4 +- .../netscape/cms/servlet/cert/DirAuthServlet.java | 6 +- .../cms/servlet/cert/DisableEnrollResult.java | 2 +- .../netscape/cms/servlet/cert/DisplayBySerial.java | 16 +- .../com/netscape/cms/servlet/cert/DisplayCRL.java | 6 +- .../cms/servlet/cert/DisplayHashUserEnroll.java | 2 +- .../com/netscape/cms/servlet/cert/DoRevoke.java | 44 ++-- .../com/netscape/cms/servlet/cert/DoRevokeTPS.java | 38 ++-- .../com/netscape/cms/servlet/cert/DoUnrevoke.java | 24 +-- .../netscape/cms/servlet/cert/DoUnrevokeTPS.java | 26 +-- .../cms/servlet/cert/EnableEnrollResult.java | 2 +- .../netscape/cms/servlet/cert/EnrollServlet.java | 44 ++-- .../com/netscape/cms/servlet/cert/GetBySerial.java | 10 +- .../com/netscape/cms/servlet/cert/GetCAChain.java | 6 +- .../src/com/netscape/cms/servlet/cert/GetCRL.java | 6 +- .../cms/servlet/cert/GetCertFromRequest.java | 8 +- .../netscape/cms/servlet/cert/GetEnableStatus.java | 6 +- .../src/com/netscape/cms/servlet/cert/GetInfo.java | 6 +- .../cms/servlet/cert/HashEnrollServlet.java | 64 +++--- .../servlet/cert/ImportCertsTemplateFiller.java | 24 +-- .../com/netscape/cms/servlet/cert/ListCerts.java | 8 +- .../src/com/netscape/cms/servlet/cert/Monitor.java | 4 +- .../netscape/cms/servlet/cert/ReasonToRevoke.java | 6 +- .../cms/servlet/cert/RemoteAuthConfig.java | 4 +- .../netscape/cms/servlet/cert/RenewalServlet.java | 46 ++-- .../cms/servlet/cert/RevocationServlet.java | 26 +-- .../cert/RevocationSuccessTemplateFiller.java | 6 +- .../com/netscape/cms/servlet/cert/SrchCerts.java | 4 +- .../com/netscape/cms/servlet/cert/UpdateCRL.java | 4 +- .../com/netscape/cms/servlet/cert/UpdateDir.java | 4 +- .../cms/servlet/cert/model/CertificateData.java | 2 +- .../cms/servlet/cert/scep/CRSEnrollment.java | 52 ++--- .../cms/servlet/cert/scep/ChallengePassword.java | 6 +- .../cms/servlet/cert/scep/ExtensionsRequested.java | 6 +- .../cms/servlet/common/AuthCredentials.java | 12 +- .../com/netscape/cms/servlet/common/CMSFile.java | 2 +- .../netscape/cms/servlet/common/CMSFileLoader.java | 14 +- .../cms/servlet/common/CMSGWResources.java | 2 +- .../netscape/cms/servlet/common/CMSGateway.java | 4 +- .../cms/servlet/common/CMSLoadTemplate.java | 2 +- .../netscape/cms/servlet/common/CMSRequest.java | 20 +- .../netscape/cms/servlet/common/CMSTemplate.java | 14 +- .../cms/servlet/common/CMSTemplateParams.java | 2 +- .../cms/servlet/common/ECMSGWException.java | 2 +- .../cms/servlet/common/GenErrorTemplateFiller.java | 8 +- .../servlet/common/GenPendingTemplateFiller.java | 6 +- .../servlet/common/GenRejectedTemplateFiller.java | 4 +- .../servlet/common/GenSuccessTemplateFiller.java | 6 +- .../common/GenSvcPendingTemplateFiller.java | 4 +- .../common/GenUnauthorizedTemplateFiller.java | 6 +- .../common/GenUnexpectedErrorTemplateFiller.java | 8 +- .../cms/servlet/common/ICMSTemplateFiller.java | 4 +- .../com/netscape/cms/servlet/common/IRawJS.java | 2 +- .../cms/servlet/common/IndexTemplateFiller.java | 4 +- .../src/com/netscape/cms/servlet/common/RawJS.java | 2 +- .../netscape/cms/servlet/common/ServletUtils.java | 2 +- .../cms/servlet/connector/CloneServlet.java | 38 ++-- .../cms/servlet/connector/ConnectorServlet.java | 38 ++-- .../servlet/connector/GenerateKeyPairServlet.java | 16 +- .../servlet/connector/TokenKeyRecoveryServlet.java | 12 +- .../netscape/cms/servlet/csadmin/AdminPanel.java | 2 +- .../netscape/cms/servlet/csadmin/BaseServlet.java | 2 +- .../com/netscape/cms/servlet/csadmin/CertUtil.java | 4 +- .../cms/servlet/csadmin/CheckIdentity.java | 4 +- .../cms/servlet/csadmin/ConfigBaseServlet.java | 2 +- .../cms/servlet/csadmin/DatabasePanel.java | 6 +- .../cms/servlet/csadmin/DisplayCertChainPanel.java | 2 +- .../netscape/cms/servlet/csadmin/DonePanel.java | 4 +- .../cms/servlet/csadmin/DownloadPKCS12.java | 2 +- .../netscape/cms/servlet/csadmin/GetCertChain.java | 4 +- .../cms/servlet/csadmin/GetConfigEntries.java | 4 +- .../netscape/cms/servlet/csadmin/GetCookie.java | 4 +- .../netscape/cms/servlet/csadmin/GetDomainXML.java | 8 +- .../netscape/cms/servlet/csadmin/GetStatus.java | 4 +- .../cms/servlet/csadmin/GetSubsystemCert.java | 2 +- .../netscape/cms/servlet/csadmin/GetTokenInfo.java | 4 +- .../cms/servlet/csadmin/GetTransportCert.java | 2 +- .../cms/servlet/csadmin/HierarchyPanel.java | 2 +- .../cms/servlet/csadmin/ImportAdminCertPanel.java | 2 +- .../cms/servlet/csadmin/ImportTransportCert.java | 2 +- .../cms/servlet/csadmin/ModuleServlet.java | 2 +- .../netscape/cms/servlet/csadmin/NamePanel.java | 6 +- .../netscape/cms/servlet/csadmin/RegisterUser.java | 2 +- .../cms/servlet/csadmin/RestoreKeyCertPanel.java | 4 +- .../cms/servlet/csadmin/SecurityDomainPanel.java | 2 +- .../netscape/cms/servlet/csadmin/SizePanel.java | 2 +- .../cms/servlet/csadmin/TokenAuthenticate.java | 4 +- .../cms/servlet/csadmin/UpdateConnector.java | 2 +- .../cms/servlet/csadmin/UpdateDomainXML.java | 6 +- .../cms/servlet/csadmin/UpdateNumberRange.java | 6 +- .../cms/servlet/csadmin/UpdateOCSPConfig.java | 2 +- .../cms/servlet/key/ConfirmRecoverBySerial.java | 4 +- .../netscape/cms/servlet/key/DisplayBySerial.java | 8 +- .../servlet/key/DisplayBySerialForRecovery.java | 8 +- .../netscape/cms/servlet/key/DisplayTransport.java | 4 +- .../netscape/cms/servlet/key/ExamineRecovery.java | 6 +- .../cms/servlet/key/GetApprovalStatus.java | 8 +- .../com/netscape/cms/servlet/key/GetAsyncPk12.java | 8 +- .../src/com/netscape/cms/servlet/key/GetPk12.java | 6 +- .../cms/servlet/key/GrantAsyncRecovery.java | 12 +- .../netscape/cms/servlet/key/GrantRecovery.java | 12 +- .../netscape/cms/servlet/key/KeyRecordParser.java | 4 +- .../com/netscape/cms/servlet/key/KeyResource.java | 4 +- .../cms/servlet/key/KeyResourceService.java | 20 +- .../com/netscape/cms/servlet/key/KeysResource.java | 6 +- .../cms/servlet/key/KeysResourceService.java | 24 +-- .../netscape/cms/servlet/key/RecoverBySerial.java | 2 +- .../src/com/netscape/cms/servlet/key/SrchKey.java | 6 +- .../cms/servlet/key/SrchKeyForRecovery.java | 10 +- .../com/netscape/cms/servlet/key/model/KeyDAO.java | 26 +-- .../netscape/cms/servlet/key/model/KeyData.java | 6 +- .../cms/servlet/key/model/KeyDataInfo.java | 8 +- .../cms/servlet/key/model/KeyDataInfos.java | 6 +- .../netscape/cms/servlet/ocsp/AddCAServlet.java | 6 +- .../netscape/cms/servlet/ocsp/AddCRLServlet.java | 8 +- .../cms/servlet/ocsp/CheckCertServlet.java | 6 +- .../com/netscape/cms/servlet/ocsp/GetOCSPInfo.java | 6 +- .../netscape/cms/servlet/ocsp/ListCAServlet.java | 6 +- .../com/netscape/cms/servlet/ocsp/OCSPServlet.java | 6 +- .../netscape/cms/servlet/ocsp/RemoveCAServlet.java | 6 +- .../cms/servlet/processors/CRMFProcessor.java | 6 +- .../cms/servlet/processors/IPKIProcessor.java | 2 +- .../cms/servlet/processors/KeyGenProcessor.java | 2 +- .../cms/servlet/processors/PKCS10Processor.java | 2 +- .../cms/servlet/processors/PKIProcessor.java | 10 +- .../cms/servlet/profile/ProfileApproveServlet.java | 16 +- .../cms/servlet/profile/ProfileListServlet.java | 6 +- .../cms/servlet/profile/ProfileProcessServlet.java | 34 +-- .../cms/servlet/profile/ProfileReviewServlet.java | 6 +- .../cms/servlet/profile/ProfileSelectServlet.java | 4 +- .../cms/servlet/profile/ProfileServlet.java | 4 +- .../servlet/profile/ProfileSubmitCMCServlet.java | 30 +-- .../cms/servlet/profile/ProfileSubmitServlet.java | 40 ++-- .../cms/servlet/request/CertReqParser.java | 20 +- .../netscape/cms/servlet/request/CheckRequest.java | 8 +- .../netscape/cms/servlet/request/IReqParser.java | 2 +- .../netscape/cms/servlet/request/KeyReqParser.java | 2 +- .../request/KeyRequestsResourceService.java | 20 +- .../netscape/cms/servlet/request/ProcessReq.java | 14 +- .../com/netscape/cms/servlet/request/QueryReq.java | 26 +-- .../netscape/cms/servlet/request/ReqParser.java | 2 +- .../netscape/cms/servlet/request/SearchReqs.java | 4 +- .../servlet/request/model/ArchivalRequestData.java | 16 +- .../cms/servlet/request/model/KeyRequestDAO.java | 56 ++--- .../cms/servlet/request/model/KeyRequestInfo.java | 10 +- .../servlet/request/model/RecoveryRequestData.java | 14 +- .../com/netscape/cms/servlet/tks/TokenServlet.java | 18 +- .../netscape/cms/servlet/wizard/WizardServlet.java | 4 +- .../src/com/netscape/cms/shares/OldJoinShares.java | 2 +- .../src/com/netscape/cms/shares/OldShare.java | 2 +- .../src/com/netscape/cmscore/apps/CMSEngine.java | 26 +-- .../com/netscape/cmscore/apps/CommandQueue.java | 2 +- .../com/netscape/cmscore/apps/PKIServerEvent.java | 2 +- .../netscape/cmscore/apps/PKIServerListener.java | 2 +- .../src/com/netscape/cmscore/apps/Setup.java | 2 +- .../cmscore/authentication/AuthSubsystem.java | 22 +- .../authentication/CertUserDBAuthentication.java | 16 +- .../ChallengePhraseAuthentication.java | 22 +- .../cmscore/authentication/NullAuthentication.java | 14 +- .../authentication/PasswdUserDBAuthentication.java | 16 +- .../SSLClientCertAuthentication.java | 8 +- .../cmscore/authentication/VerifiedCert.java | 2 +- .../cmscore/authentication/VerifiedCerts.java | 2 +- .../cmscore/authorization/AuthzSubsystem.java | 22 +- .../src/com/netscape/cmscore/base/ArgBlock.java | 64 +++--- .../com/netscape/cmscore/base/FileConfigStore.java | 10 +- .../com/netscape/cmscore/base/PropConfigStore.java | 90 ++++---- .../netscape/cmscore/base/SimpleProperties.java | 48 ++--- .../netscape/cmscore/base/SourceConfigStore.java | 6 +- .../com/netscape/cmscore/base/SubsystemLoader.java | 2 +- .../com/netscape/cmscore/cert/CertDateCompare.java | 2 +- .../com/netscape/cmscore/cert/CertPrettyPrint.java | 2 +- .../com/netscape/cmscore/cert/CertificatePair.java | 10 +- .../netscape/cmscore/cert/CrlCachePrettyPrint.java | 4 +- .../com/netscape/cmscore/cert/CrlPrettyPrint.java | 2 +- .../cmscore/cert/CrossCertPairSubsystem.java | 10 +- .../com/netscape/cmscore/cert/ExtPrettyPrint.java | 2 +- .../netscape/cmscore/cert/OidLoaderSubsystem.java | 6 +- .../netscape/cmscore/cert/PrettyPrintFormat.java | 6 +- .../cmscore/cert/PrettyPrintResources.java | 2 +- .../netscape/cmscore/cert/PubKeyPrettyPrint.java | 2 +- .../netscape/cmscore/cert/X500NameSubsystem.java | 34 +-- .../cmscore/connector/HttpConnFactory.java | 12 +- .../netscape/cmscore/connector/HttpConnection.java | 8 +- .../netscape/cmscore/connector/HttpConnector.java | 10 +- .../netscape/cmscore/connector/HttpPKIMessage.java | 4 +- .../cmscore/connector/HttpRequestEncoder.java | 2 +- .../netscape/cmscore/connector/LocalConnector.java | 14 +- .../com/netscape/cmscore/connector/Resender.java | 8 +- .../src/com/netscape/cmscore/crmf/CRMFParser.java | 2 +- .../com/netscape/cmscore/dbs/BigIntegerMapper.java | 2 +- .../com/netscape/cmscore/dbs/ByteArrayMapper.java | 2 +- .../src/com/netscape/cmscore/dbs/CRLDBSchema.java | 2 +- .../cmscore/dbs/CRLIssuingPointRecord.java | 2 +- .../com/netscape/cmscore/dbs/CRLRepository.java | 2 +- .../src/com/netscape/cmscore/dbs/CertDBSchema.java | 2 +- .../src/com/netscape/cmscore/dbs/CertRecord.java | 2 +- .../com/netscape/cmscore/dbs/CertRecordList.java | 2 +- .../com/netscape/cmscore/dbs/CertRecordMapper.java | 2 +- .../src/com/netscape/cmscore/dbs/DBRegistry.java | 8 +- .../src/com/netscape/cmscore/dbs/DBSSession.java | 16 +- .../src/com/netscape/cmscore/dbs/DBSUtil.java | 2 +- .../com/netscape/cmscore/dbs/DBSearchResults.java | 2 +- .../src/com/netscape/cmscore/dbs/DBSubsystem.java | 34 +-- .../com/netscape/cmscore/dbs/DateArrayMapper.java | 2 +- .../src/com/netscape/cmscore/dbs/DateMapper.java | 2 +- .../com/netscape/cmscore/dbs/IntegerMapper.java | 2 +- .../src/com/netscape/cmscore/dbs/KeyDBSchema.java | 2 +- .../src/com/netscape/cmscore/dbs/KeyRecord.java | 12 +- .../com/netscape/cmscore/dbs/KeyRecordList.java | 2 +- .../com/netscape/cmscore/dbs/KeyRecordMapper.java | 2 +- .../com/netscape/cmscore/dbs/KeyStateMapper.java | 2 +- .../netscape/cmscore/dbs/LdapFilterConverter.java | 2 +- .../src/com/netscape/cmscore/dbs/LongMapper.java | 2 +- .../com/netscape/cmscore/dbs/MetaInfoMapper.java | 4 +- .../netscape/cmscore/dbs/ObjectStreamMapper.java | 2 +- .../com/netscape/cmscore/dbs/PublicKeyMapper.java | 2 +- .../netscape/cmscore/dbs/ReplicaIDRepository.java | 2 +- .../src/com/netscape/cmscore/dbs/Repository.java | 28 +-- .../com/netscape/cmscore/dbs/RepositoryRecord.java | 2 +- .../com/netscape/cmscore/dbs/RepositorySchema.java | 2 +- .../com/netscape/cmscore/dbs/RevocationInfo.java | 4 +- .../netscape/cmscore/dbs/RevocationInfoMapper.java | 2 +- .../src/com/netscape/cmscore/dbs/StringMapper.java | 2 +- .../netscape/cmscore/dbs/StringVectorMapper.java | 2 +- .../com/netscape/cmscore/dbs/X500NameMapper.java | 2 +- .../netscape/cmscore/dbs/X509CertImplMapper.java | 2 +- .../cmscore/extensions/CMSExtensionsMap.java | 6 +- .../src/com/netscape/cmscore/jobs/CronItem.java | 6 +- .../src/com/netscape/cmscore/jobs/CronRange.java | 4 +- .../src/com/netscape/cmscore/jobs/JobCron.java | 10 +- .../com/netscape/cmscore/jobs/JobsScheduler.java | 14 +- .../netscape/cmscore/ldap/LdapAndExpression.java | 4 +- .../com/netscape/cmscore/ldap/LdapConnModule.java | 2 +- .../netscape/cmscore/ldap/LdapOrExpression.java | 4 +- .../netscape/cmscore/ldap/LdapPredicateParser.java | 16 +- .../netscape/cmscore/ldap/LdapPublishModule.java | 4 +- .../netscape/cmscore/ldap/LdapRequestListener.java | 4 +- .../src/com/netscape/cmscore/ldap/LdapRule.java | 4 +- .../cmscore/ldap/LdapSimpleExpression.java | 6 +- .../netscape/cmscore/ldap/PublisherProcessor.java | 6 +- .../cmscore/ldapconn/LdapAnonConnFactory.java | 20 +- .../cmscore/ldapconn/LdapAnonConnection.java | 2 +- .../netscape/cmscore/ldapconn/LdapAuthInfo.java | 6 +- .../cmscore/ldapconn/LdapBoundConnFactory.java | 16 +- .../netscape/cmscore/ldapconn/LdapConnInfo.java | 8 +- .../cmscore/ldapconn/LdapJssSSLSocketFactory.java | 2 +- .../netscape/cmscore/listeners/ListenerPlugin.java | 4 +- .../cmscore/logging/AuditEventFactory.java | 8 +- .../com/netscape/cmscore/logging/AuditFormat.java | 2 +- .../src/com/netscape/cmscore/logging/LogQueue.java | 12 +- .../com/netscape/cmscore/logging/LogSubsystem.java | 6 +- .../src/com/netscape/cmscore/logging/Logger.java | 42 ++-- .../cmscore/logging/SignedAuditEventFactory.java | 8 +- .../cmscore/logging/SignedAuditLogger.java | 2 +- .../cmscore/logging/SystemEventFactory.java | 8 +- .../cmscore/notification/EmailFormProcessor.java | 2 +- .../cmscore/notification/EmailResolverKeys.java | 10 +- .../cmscore/notification/EmailTemplate.java | 6 +- .../cmscore/notification/ReqCertEmailResolver.java | 6 +- .../notification/ReqCertSANameEmailResolver.java | 6 +- .../com/netscape/cmscore/policy/AndExpression.java | 4 +- .../netscape/cmscore/policy/GeneralNameUtil.java | 6 +- .../cmscore/policy/GenericPolicyProcessor.java | 82 +++---- .../com/netscape/cmscore/policy/OrExpression.java | 4 +- .../cmscore/policy/PolicyPredicateParser.java | 16 +- .../src/com/netscape/cmscore/policy/PolicySet.java | 22 +- .../netscape/cmscore/policy/SimpleExpression.java | 6 +- .../netscape/cmscore/profile/ProfileSubsystem.java | 6 +- .../common/src/com/netscape/cmscore/realm/ACL.java | 26 +-- .../src/com/netscape/cmscore/realm/ACLEntry.java | 32 +-- .../com/netscape/cmscore/realm/PKIJNDIRealm.java | 52 ++--- .../com/netscape/cmscore/registry/PluginInfo.java | 2 +- .../netscape/cmscore/registry/PluginRegistry.java | 4 +- .../netscape/cmscore/request/ARequestQueue.java | 54 ++--- .../netscape/cmscore/request/ARequestRecord.java | 2 +- .../cmscore/request/CertRequestConstants.java | 8 +- .../com/netscape/cmscore/request/RequestAttr.java | 2 +- .../com/netscape/cmscore/request/RequestQueue.java | 10 +- .../netscape/cmscore/request/RequestRecord.java | 28 +-- .../cmscore/request/RequestRepository.java | 6 +- .../netscape/cmscore/request/RequestSubsystem.java | 8 +- .../netscape/cmscore/security/CASigningCert.java | 2 +- .../netscape/cmscore/security/CertificateInfo.java | 4 +- .../cmscore/security/KRATransportCert.java | 4 +- .../netscape/cmscore/security/OCSPSigningCert.java | 2 +- .../src/com/netscape/cmscore/security/PWCBsdr.java | 6 +- .../com/netscape/cmscore/security/PWsdrCache.java | 2 +- .../netscape/cmscore/security/RASigningCert.java | 4 +- .../src/com/netscape/cmscore/security/SSLCert.java | 4 +- .../cmscore/security/SSLSelfSignedCert.java | 4 +- .../netscape/cmscore/security/SubsystemCert.java | 2 +- .../cmscore/selftests/SelfTestOrderedInstance.java | 10 +- .../cmscore/selftests/SelfTestSubsystem.java | 60 +++--- .../cmscore/usrgrp/CertDNCertUserLocator.java | 2 +- .../cmscore/usrgrp/ExactMatchCertUserLocator.java | 2 +- .../src/com/netscape/cmscore/usrgrp/Group.java | 2 +- .../com/netscape/cmscore/usrgrp/UGSubsystem.java | 10 +- .../src/com/netscape/cmscore/usrgrp/User.java | 2 +- .../src/com/netscape/cmscore/util/Debug.java | 14 +- .../netscape/cmscore/util/FileDialogFilter.java | 2 +- .../com/netscape/cmscore/util/StatsSubsystem.java | 4 +- .../src/com/netscape/cmscore/util/UtilMessage.java | 26 +-- .../com/netscape/cmscore/util/UtilResources.java | 2 +- .../certsrv/authentication/AuthTokenTest.java | 2 +- .../cmscore/dbs/DBVirtualListDefaultStub.java | 2 +- .../com/netscape/cmscore/request/RequestTest.java | 2 +- 863 files changed, 5307 insertions(+), 5307 deletions(-) (limited to 'base/common') diff --git a/base/common/src/com/netscape/certsrv/acls/ACL.java b/base/common/src/com/netscape/certsrv/acls/ACL.java index 508793ddf..ea962975c 100644 --- a/base/common/src/com/netscape/certsrv/acls/ACL.java +++ b/base/common/src/com/netscape/certsrv/acls/ACL.java @@ -29,7 +29,7 @@ import java.util.Vector; * An ACL may contain one or more ACLEntry. However, in case of multiple ACLEntry * , a subject must pass ALL of the ACLEntry evaluation for permission to be granted *

- * + * * @version $Revision$, $Date$ */ public class ACL implements IACL, java.io.Serializable { @@ -55,7 +55,7 @@ public class ACL implements IACL, java.io.Serializable { * Class constructor. * Constructs an access control list associated * with a resource name - * + * * @param name resource name * @param rights applicable rights defined for this resource * @param resourceACLs the entire ACL specification. For example: @@ -79,7 +79,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Sets the name of the resource governed by this * access control. - * + * * @param name name of the resource */ public void setName(String name) { @@ -89,7 +89,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Retrieves the name of the resource governed by * this access control. - * + * * @return name of the resource */ public String getName() { @@ -98,7 +98,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Retrieves the exact string of the resourceACLs - * + * * @return resource's acl */ public String getResourceACLs() { @@ -108,7 +108,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Sets the description of the resource governed by this * access control. - * + * * @param description Description of the protected resource */ public void setDescription(String description) { @@ -118,7 +118,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Retrieves the description of the resource governed by * this access control. - * + * * @return Description of the protected resource */ public String getDescription() { @@ -127,7 +127,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Adds an ACL entry to this list. - * + * * @param entry the ACLEntry to be added to this resource */ public void addEntry(ACLEntry entry) { @@ -136,7 +136,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns ACL entries. - * + * * @return enumeration for the ACLEntry vector */ public Enumeration entries() { @@ -145,7 +145,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns the string reprsentation. - * + * * @return the string representation of the ACL entries in the * following format: * [,,...] @@ -166,7 +166,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Adds an rights entry to this list. - * + * * @param right The right to be added for this ACL */ public void addRight(String right) { @@ -175,7 +175,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Tells if the permission is one of the defined "rights" - * + * * @param permission permission to be checked * @return true if it's one of the "rights"; false otherwise */ @@ -185,7 +185,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns rights entries. - * + * * @return enumeration of rights defined for this ACL */ public Enumeration rights() { diff --git a/base/common/src/com/netscape/certsrv/acls/ACLEntry.java b/base/common/src/com/netscape/certsrv/acls/ACLEntry.java index 2c1b7c3ea..3d18c263c 100644 --- a/base/common/src/com/netscape/certsrv/acls/ACLEntry.java +++ b/base/common/src/com/netscape/certsrv/acls/ACLEntry.java @@ -24,7 +24,7 @@ import java.util.StringTokenizer; /** * A class represents an ACI entry of an access control list. *

- * + * * @version $Revision$, $Date$ */ public class ACLEntry implements IACLEntry, java.io.Serializable { @@ -46,7 +46,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks if this ACL entry is set to negative. - * + * * @return true if this ACL entry expression is for "deny"; * false if this ACL entry expression is for "allow" */ @@ -63,9 +63,9 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Sets the ACL entry string - * + * * @param s string in the following format: - * + * * 

      *   allow|deny (right[,right...]) attribute_expression
      *
@@ -76,9 +76,9 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Gets the ACL Entry String - * + * * @return ACL Entry string in the following format: - * + * * 
      *   allow|deny (right[,right...]) attribute_expression
      *
@@ -90,7 +90,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Adds permission to this entry. Permission must be one of the * "rights" defined for each protected resource in its ACL - * + * * @param acl the acl instance that this aclEntry is associated with * @param permission one of the "rights" defined for each * protected resource in its ACL @@ -106,7 +106,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Returns a list of permissions associated with * this entry. - * + * * @return a list of permissions for this ACL entry */ public Enumeration permissions() { @@ -115,7 +115,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Sets the expression associated with this entry. - * + * * @param expressions the evaluator expressions. For example, * group="Administrators" */ @@ -125,7 +125,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Retrieves the expression associated with this entry. - * + * * @return the evaluator expressions. For example, * group="Administrators" */ @@ -136,7 +136,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks to see if this ACLEntry contains a * particular permission - * + * * @param permission one of the "rights" defined for each * protected resource in its ACL * @return true if permission contained in the permission list @@ -148,7 +148,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks if this entry has the given permission. - * + * * @param permission one of the "rights" defined for each * protected resource in its ACL * @return true if the permission is allowed; false if the @@ -169,13 +169,13 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Parse string in the following format: - * + * * 
      *   allow|deny (right[,right...]) attribute_expression
      *
- * + * * into an instance of the ACLEntry class - * + * * @param acl the acl instance associated with this aclentry * @param aclEntryString aclEntryString in the specified format * @return an instance of the ACLEntry class @@ -219,7 +219,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Returns the string representation of this ACLEntry - * + * * @return string representation of this ACLEntry */ public String toString() { diff --git a/base/common/src/com/netscape/certsrv/acls/ACLsResources.java b/base/common/src/com/netscape/certsrv/acls/ACLsResources.java index bf3ea4a28..d886eb383 100644 --- a/base/common/src/com/netscape/certsrv/acls/ACLsResources.java +++ b/base/common/src/com/netscape/certsrv/acls/ACLsResources.java @@ -23,7 +23,7 @@ import java.util.ListResourceBundle; * A class represents a resource bundle for the entire ACL component. * system. *

- * + * * @deprecated * @version $Revision$, $Date$ */ @@ -31,7 +31,7 @@ public class ACLsResources extends ListResourceBundle { /** * Returns the content of this resource. - * + * * @return the content of this resource. */ public Object[][] getContents() { diff --git a/base/common/src/com/netscape/certsrv/acls/EACLsException.java b/base/common/src/com/netscape/certsrv/acls/EACLsException.java index 8d204091e..b72796ec5 100644 --- a/base/common/src/com/netscape/certsrv/acls/EACLsException.java +++ b/base/common/src/com/netscape/certsrv/acls/EACLsException.java @@ -29,7 +29,7 @@ import com.netscape.certsrv.base.MessageFormatter; * allows AccessManager to be easily integrated into any * existing code. *

- * + * * @version $Revision$, $Date$ */ public class EACLsException extends EBaseException { @@ -46,7 +46,7 @@ public class EACLsException extends EBaseException { /** * Constructs an acls exception. *

- * + * * @param msgFormat exception details */ public EACLsException(String msgFormat) { @@ -56,12 +56,12 @@ public class EACLsException extends EBaseException { /** * Constructs a base exception with a parameter. For example, - * + * * 

      * new EACLsException("failed to load {0}", fileName);
      *
*

- * + * * @param msgFormat exception details in message string format * @param param message string parameter */ @@ -75,7 +75,7 @@ public class EACLsException extends EBaseException { * Constructs a base exception. It can be used to carry * a system exception that may contain information about * the context. For example, - * + * * 

      * 		try {
      *  		...
@@ -84,7 +84,7 @@ public class EACLsException extends EBaseException {
      *      }
      *
*

- * + * * @param msgFormat exception details in message string format * @param param system exception */ @@ -98,7 +98,7 @@ public class EACLsException extends EBaseException { * Constructs a base exception with a list of parameters * that will be substituted into the message format. *

- * + * * @param msgFormat exception details in message string format * @param params list of message format parameters */ @@ -110,7 +110,7 @@ public class EACLsException extends EBaseException { /** * Returns a list of parameters. *

- * + * * @return list of message format parameters */ public Object[] getParameters() { @@ -119,7 +119,7 @@ public class EACLsException extends EBaseException { /** * String representation for the corresponding exception. - * + * * @return String representation for the corresponding exception. */ public String toString() { @@ -128,7 +128,7 @@ public class EACLsException extends EBaseException { /** * Returns string representation for the corresponding exception. - * + * * @param locale client specified locale for string representation. * @return String representation for the corresponding exception. */ @@ -139,7 +139,7 @@ public class EACLsException extends EBaseException { /** * Return the class name of the resource bundle. - * + * * @return class name of the resource bundle. */ protected String getBundleName() { diff --git a/base/common/src/com/netscape/certsrv/acls/IACL.java b/base/common/src/com/netscape/certsrv/acls/IACL.java index aad733722..4126c884c 100644 --- a/base/common/src/com/netscape/certsrv/acls/IACL.java +++ b/base/common/src/com/netscape/certsrv/acls/IACL.java @@ -25,42 +25,42 @@ import java.util.Enumeration; * enforcer can verify the ACLs with the current * context to see if the corresponding resource is accessible. *

- * + * * @version $Revision$, $Date$ */ public interface IACL { /** * Returns the name of the current ACL. - * + * * @return the name of the current ACL. */ public String getName(); /** * Returns the description of the current ACL. - * + * * @return the description of the current ACL. */ public String getDescription(); /** * Returns a list of access rights of the current ACL. - * + * * @return a list of access rights */ public Enumeration rights(); /** * Returns a list of entries of the current ACL. - * + * * @return a list of entries */ public Enumeration entries(); /** * Verifies if permission is granted. - * + * * @param permission one of the applicable rights * @return true if the given permission is one of the applicable rights; false otherwise. */ diff --git a/base/common/src/com/netscape/certsrv/acls/IACLEntry.java b/base/common/src/com/netscape/certsrv/acls/IACLEntry.java index ff806f155..3b5a1c070 100644 --- a/base/common/src/com/netscape/certsrv/acls/IACLEntry.java +++ b/base/common/src/com/netscape/certsrv/acls/IACLEntry.java @@ -20,14 +20,14 @@ package com.netscape.certsrv.acls; /** * A class represents an entry of access control list. *

- * + * * @version $Revision$, $Date$ */ public interface IACLEntry { /** * Returns the ACL entry string of the entry. - * + * * @return the ACL entry string of the entry. */ public String getACLEntryString(); diff --git a/base/common/src/com/netscape/certsrv/apps/CMS.java b/base/common/src/com/netscape/certsrv/apps/CMS.java index 3a36c71bc..4d4577777 100644 --- a/base/common/src/com/netscape/certsrv/apps/CMS.java +++ b/base/common/src/com/netscape/certsrv/apps/CMS.java @@ -101,13 +101,13 @@ import com.netscape.cmsutil.password.IPasswordStore; * This represents the CMS server. Plugins can access other * public objects such as subsystems via this inteface. * This object also include a set of utility functions. - * + * * This object does not include the actual implementation. * It acts as a public interface for plugins, and the * actual implementation is in the CMS engine * (com.netscape.cmscore.apps.CMSEngine) that implements * ICMSEngine interface. - * + * * @version $Revision$, $Date$ */ public final class CMS { @@ -139,7 +139,7 @@ public final class CMS { /** * Private constructor. - * + * * @param engine CMS engine implementation */ private CMS(ICMSEngine engine) { @@ -149,7 +149,7 @@ public final class CMS { /** * This method is used for unit tests. It allows the underlying _engine * to be stubbed out. - * + * * @param engine The stub engine to set, for testing. */ public static void setCMSEngine(ICMSEngine engine) { @@ -158,7 +158,7 @@ public final class CMS { /** * Gets this ID . - * + * * @return CMS engine identifier */ public static String getId() { @@ -168,7 +168,7 @@ public final class CMS { /** * Sets the identifier of this subsystem. Should never be called. * Returns error. - * + * * @param id CMS engine identifier */ public static void setId(String id) throws EBaseException { @@ -177,7 +177,7 @@ public final class CMS { /** * Initialize all static, dynamic and final static subsystems. - * + * * @param owner null * @param config main config store. * @exception EBaseException if any error occur in subsystems during @@ -194,7 +194,7 @@ public final class CMS { /** * Starts up all subsystems. subsystems must be initialized. - * + * * @exception EBaseException if any subsystem fails to startup. */ public static void startup() throws EBaseException { @@ -219,7 +219,7 @@ public final class CMS { * Checks to ensure that all new incoming requests have been blocked. * This method is used for reentrancy protection. *

- * + * * @return true or false */ public static boolean areRequestsDisabled() { @@ -269,7 +269,7 @@ public final class CMS { * server will be initialization state first. After the * initialization state, the server will be in the running * state. - * + * * @return true if the server is in the running state */ public static boolean isInRunningState() { @@ -280,7 +280,7 @@ public final class CMS { * Returns the logger of the current server. The logger can * be used to log critical informational or critical error * messages. - * + * * @return logger */ public static ILogger getLogger() { @@ -291,7 +291,7 @@ public final class CMS { * Returns the signed audit logger of the current server. This logger can * be used to log critical informational or critical error * messages. - * + * * @return signed audit logger */ public static ILogger getSignedAuditLogger() { @@ -300,7 +300,7 @@ public final class CMS { /** * Creates a repository record in the internal database. - * + * * @return repository record */ public static IRepositoryRecord createRepositoryRecord() { @@ -309,9 +309,9 @@ public final class CMS { /** * Parse ACL resource attributes - * + * * @param resACLs same format as the resourceACLs attribute: - * + * * 

      *     ::
      *      () 
@@ -325,7 +325,7 @@ public final class CMS {
 
     /**
      * Creates an issuing poing record.
-     * 
+     *
      * @return issuing record
      */
     public static ICRLIssuingPointRecord createCRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize,
@@ -335,7 +335,7 @@ public final class CMS {
 
     /**
      * Retrieves the default CRL issuing point record name.
-     * 
+     *
      * @return CRL issuing point record name
      */
     public static String getCRLIssuingPointRecordName() {
@@ -344,7 +344,7 @@ public final class CMS {
 
     /**
      * Retrieves the process id of this server.
-     * 
+     *
      * @return process id of the server
      */
     public static int getPID() {
@@ -353,7 +353,7 @@ public final class CMS {
 
     /**
      * Retrieves the instance roort path of this server.
-     * 
+     *
      * @return instance directory path name
      */
     public static String getInstanceDir() {
@@ -363,7 +363,7 @@ public final class CMS {
     /**
      * Returns a server wide system time. Plugins should call
      * this method to retrieve system time.
-     * 
+     *
      * @return current time
      */
     public static Date getCurrentDate() {
@@ -374,7 +374,7 @@ public final class CMS {
 
     /**
      * Puts data of an byte array into the debug file.
-     * 
+     *
      * @param data byte array to be recorded in the debug file
      */
     public static void debug(byte data[]) {
@@ -384,7 +384,7 @@ public final class CMS {
 
     /**
      * Puts a message into the debug file.
-     * 
+     *
      * @param msg debugging message
      */
     public static void debug(String msg) {
@@ -394,7 +394,7 @@ public final class CMS {
 
     /**
      * Puts a message into the debug file.
-     * 
+     *
      * @param level 0-10 (0 is less detail, 10 is more detail)
      * @param msg debugging message
      */
@@ -405,7 +405,7 @@ public final class CMS {
 
     /**
      * Puts an exception into the debug file.
-     * 
+     *
      * @param e exception
      */
     public static void debug(Throwable e) {
@@ -415,7 +415,7 @@ public final class CMS {
 
     /**
      * Checks if the debug mode is on or not.
-     * 
+     *
      * @return true if debug mode is on
      */
     public static boolean debugOn() {
@@ -439,7 +439,7 @@ public final class CMS {
      * is expecting to find, or what database attributes it is looking for.
      * @param type indicates what the source of key/val is. For example,
      *     this could be 'CS.cfg', or something else. In the debug
-     *     subsystem, there is a mechanism to filter this so only the types 
+     *     subsystem, there is a mechanism to filter this so only the types
      *     you care about are listed
      * @param key  the 'key' of the hashtable which is being accessed.
      *     This could be the name of the config parameter, or the http param
@@ -468,7 +468,7 @@ public final class CMS {
 
     /**
      * Returns the names of all the registered subsystems.
-     * 
+     *
      * @return a list of string-based subsystem names
      */
     public static Enumeration getSubsystemNames() {
@@ -481,7 +481,7 @@ public final class CMS {
 
     /**
      * Returns all the registered subsystems.
-     * 
+     *
      * @return a list of ISubsystem-based subsystems
      */
     public static Enumeration getSubsystems() {
@@ -490,7 +490,7 @@ public final class CMS {
 
     /**
      * Retrieves the registered subsytem with the given name.
-     * 
+     *
      * @param name subsystem name
      * @return subsystem of the given name
      */
@@ -500,7 +500,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param msgID message id defined in UserMessages.properties
      * @return localized user message
      */
@@ -512,7 +512,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @return localized user message
@@ -525,7 +525,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @return localized user message
@@ -538,7 +538,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -552,7 +552,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -566,7 +566,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -581,7 +581,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -603,7 +603,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -619,7 +619,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param msgID message id defined in UserMessages.properties
      * @param p an array of parameters
      * @return localized user message
@@ -632,7 +632,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p an array of parameters
@@ -646,7 +646,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @return localized log message
      */
@@ -656,7 +656,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p an array of parameters
      * @return localized log message
@@ -667,7 +667,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @return localized log message
@@ -678,7 +678,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -690,7 +690,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -703,7 +703,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -717,7 +717,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -732,7 +732,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -748,7 +748,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -766,7 +766,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -785,7 +785,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -805,7 +805,7 @@ public final class CMS {
 
     /**
      * Returns the main config store. It is a handle to CMS.cfg.
-     * 
+     *
      * @return configuration store
      */
     public static IConfigStore getConfigStore() {
@@ -814,7 +814,7 @@ public final class CMS {
 
     /**
      * Retrieves time server started up.
-     * 
+     *
      * @return last startup time
      */
     public static long getStartupTime() {
@@ -823,7 +823,7 @@ public final class CMS {
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     * 
+     *
      * @param authority remote authority
      * @param factory socket factory
      * @return http connection to the remote authority
@@ -835,7 +835,7 @@ public final class CMS {
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     * 
+     *
      * @param authority remote authority
      * @param factory socket factory
      * @param timeout return error if connection cannot be established within
@@ -849,7 +849,7 @@ public final class CMS {
 
     /**
      * Retrieves the request sender for use with connector.
-     * 
+     *
      * @param authority local authority
      * @param nickname nickname of the client certificate
      * @param remote remote authority
@@ -863,7 +863,7 @@ public final class CMS {
 
     /**
      * Retrieves the nickname of the server's server certificate.
-     * 
+     *
      * @return nickname of the server certificate
      */
     public static String getServerCertNickname() {
@@ -872,7 +872,7 @@ public final class CMS {
 
     /**
      * Sets the nickname of the server's server certificate.
-     * 
+     *
      * @param tokenName name of token where the certificate is located
      * @param nickName name of server certificate
      */
@@ -882,7 +882,7 @@ public final class CMS {
 
     /**
      * Sets the nickname of the server's server certificate.
-     * 
+     *
      * @param newName new nickname of server certificate
      */
     public static void setServerCertNickname(String newName) {
@@ -891,7 +891,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     * 
+     *
      * @return host name of end-entity service
      */
     public static String getEEHost() {
@@ -900,7 +900,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's non-secure end entity service.
-     * 
+     *
      * @return host name of end-entity non-secure service
      */
     public static String getEENonSSLHost() {
@@ -909,7 +909,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's non-secure end entity service.
-     * 
+     *
      * @return ip address of end-entity non-secure service
      */
     public static String getEENonSSLIP() {
@@ -918,7 +918,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's non-secure end entity service.
-     * 
+     *
      * @return port of end-entity non-secure service
      */
     public static String getEENonSSLPort() {
@@ -927,7 +927,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     * 
+     *
      * @return port of end-entity secure service
      */
     public static String getEESSLHost() {
@@ -936,7 +936,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     * 
+     *
      * @return port of end-entity secure service
      */
     public static String getEEClientAuthSSLPort() {
@@ -945,7 +945,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's secure end entity service.
-     * 
+     *
      * @return ip address of end-entity secure service
      */
     public static String getEESSLIP() {
@@ -954,7 +954,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's secure end entity service.
-     * 
+     *
      * @return port of end-entity secure service
      */
     public static String getEESSLPort() {
@@ -963,7 +963,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's agent service.
-     * 
+     *
      * @return host name of agent service
      */
     public static String getAgentHost() {
@@ -972,7 +972,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's agent service.
-     * 
+     *
      * @return ip address of agent service
      */
     public static String getAgentIP() {
@@ -981,7 +981,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's agent service.
-     * 
+     *
      * @return port of agent service
      */
     public static String getAgentPort() {
@@ -990,7 +990,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's administration service.
-     * 
+     *
      * @return host name of administration service
      */
     public static String getAdminHost() {
@@ -999,7 +999,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's administration service.
-     * 
+     *
      * @return ip address of administration service
      */
     public static String getAdminIP() {
@@ -1008,7 +1008,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's administration service.
-     * 
+     *
      * @return port of administration service
      */
     public static String getAdminPort() {
@@ -1017,7 +1017,7 @@ public final class CMS {
 
     /**
      * Creates a general name constraints.
-     * 
+     *
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
@@ -1030,7 +1030,7 @@ public final class CMS {
 
     /**
      * Creates a general name.
-     * 
+     *
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
@@ -1043,7 +1043,7 @@ public final class CMS {
 
     /**
      * Get default parameters for subject alt name configuration.
-     * 
+     *
      * @param name configuration name
      * @param params configuration parameters
      */
@@ -1054,7 +1054,7 @@ public final class CMS {
 
     /**
      * Get extended plugin info for subject alt name configuration.
-     * 
+     *
      * @param name configuration name
      * @param params configuration parameters
      */
@@ -1065,7 +1065,7 @@ public final class CMS {
 
     /**
      * Creates subject alt name configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -1079,7 +1079,7 @@ public final class CMS {
 
     /**
      * Retrieves default general name configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
@@ -1093,7 +1093,7 @@ public final class CMS {
 
     /**
      * Retrieves default general names configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
@@ -1107,7 +1107,7 @@ public final class CMS {
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
@@ -1121,7 +1121,7 @@ public final class CMS {
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
@@ -1135,7 +1135,7 @@ public final class CMS {
 
     /**
      * Created general names configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -1151,7 +1151,7 @@ public final class CMS {
 
     /**
      * Created general name constraints configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -1167,7 +1167,7 @@ public final class CMS {
 
     /**
      * Created general name constraints configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -1183,7 +1183,7 @@ public final class CMS {
 
     /**
      * Returns the finger print of the given certificate.
-     * 
+     *
      * @param cert certificate
      * @return finger print of certificate
      */
@@ -1194,7 +1194,7 @@ public final class CMS {
 
     /**
      * Returns the finger print of the given certificate.
-     * 
+     *
      * @param certDer DER byte array of the certificate
      * @return finger print of certificate
      */
@@ -1205,7 +1205,7 @@ public final class CMS {
 
     /**
      * Returns the finger print of the given certificate.
-     * 
+     *
      * @param cert certificate
      * @return finger print of certificate
      */
@@ -1217,7 +1217,7 @@ public final class CMS {
     /**
      * Creates a HTTP PKI Message that can be sent to a remote
      * authority.
-     * 
+     *
      * @return a new PKI Message for remote authority
      */
     public static IPKIMessage getHttpPKIMessage() {
@@ -1227,7 +1227,7 @@ public final class CMS {
     /**
      * Creates a request encoder. A request cannot be sent to
      * the remote authority in its regular format.
-     * 
+     *
      * @return a request encoder
      */
     public static IRequestEncoder getHttpRequestEncoder() {
@@ -1236,7 +1236,7 @@ public final class CMS {
 
     /**
      * Converts a BER-encoded byte array into a MIME-64 encoded string.
-     * 
+     *
      * @param data data in byte array format
      * @return base-64 encoding for the data
      */
@@ -1246,7 +1246,7 @@ public final class CMS {
 
     /**
      * Converts a MIME-64 encoded string into a BER-encoded byte array.
-     * 
+     *
      * @param data base-64 encoding for the data
      * @return data data in byte array format
      */
@@ -1257,7 +1257,7 @@ public final class CMS {
     /**
      * Retrieves the ldap connection information from the configuration
      * store.
-     * 
+     *
      * @param config configuration parameters of ldap connection
      * @return a LDAP connection info
      */
@@ -1270,7 +1270,7 @@ public final class CMS {
      * Creates a LDAP SSL socket with the given nickname. The
      * certificate associated with the nickname will be used
      * for client authentication.
-     * 
+     *
      * @param certNickname nickname of client certificate
      * @return LDAP SSL socket factory
      */
@@ -1281,7 +1281,7 @@ public final class CMS {
 
     /**
      * Creates a LDAP SSL socket.
-     * 
+     *
      * @return LDAP SSL socket factory
      */
     public static LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory() {
@@ -1290,7 +1290,7 @@ public final class CMS {
 
     /**
      * Creates a LDAP Auth Info object.
-     * 
+     *
      * @return LDAP authentication info
      */
     public static ILdapAuthInfo getLdapAuthInfo() {
@@ -1299,7 +1299,7 @@ public final class CMS {
 
     /**
      * Retrieves the LDAP connection factory.
-     * 
+     *
      * @return bound LDAP connection pool
      */
     public static ILdapConnFactory getLdapBoundConnFactory()
@@ -1309,7 +1309,7 @@ public final class CMS {
 
     /**
      * Retrieves the LDAP connection factory.
-     * 
+     *
      * @return anonymous LDAP connection pool
      */
     public static ILdapConnFactory getLdapAnonConnFactory()
@@ -1319,7 +1319,7 @@ public final class CMS {
 
     /**
      * Retrieves the default X.509 certificate template.
-     * 
+     *
      * @return default certificate template
      */
     public static X509CertInfo getDefaultX509CertInfo() {
@@ -1329,7 +1329,7 @@ public final class CMS {
     /**
      * Retrieves the certifcate in MIME-64 encoded format
      * with header and footer.
-     * 
+     *
      * @param cert certificate
      * @return base-64 format certificate
      */
@@ -1369,7 +1369,7 @@ public final class CMS {
 
     /**
      * Checks if the given certificate is a signing certificate.
-     * 
+     *
      * @param cert certificate
      * @return true if the given certificate is a signing certificate
      */
@@ -1379,7 +1379,7 @@ public final class CMS {
 
     /**
      * Checks if the given certificate is an encryption certificate.
-     * 
+     *
      * @param cert certificate
      * @return true if the given certificate is an encryption certificate
      */
@@ -1389,7 +1389,7 @@ public final class CMS {
 
     /**
      * Retrieves the email form processor.
-     * 
+     *
      * @return email form processor
      */
     public static IEmailFormProcessor getEmailFormProcessor() {
@@ -1398,7 +1398,7 @@ public final class CMS {
 
     /**
      * Retrieves the email form template.
-     * 
+     *
      * @return email template
      */
     public static IEmailTemplate getEmailTemplate(String path) {
@@ -1407,7 +1407,7 @@ public final class CMS {
 
     /**
      * Retrieves the email notification handler.
-     * 
+     *
      * @return email notification
      */
     public static IMailNotification getMailNotification() {
@@ -1416,7 +1416,7 @@ public final class CMS {
 
     /**
      * Retrieves the email key resolver.
-     * 
+     *
      * @return email key resolver
      */
     public static IEmailResolverKeys getEmailResolverKeys() {
@@ -1425,7 +1425,7 @@ public final class CMS {
 
     /**
      * Checks if the given OID is valid.
-     * 
+     *
      * @param attrName attribute name
      * @param value attribute value
      * @return object identifier of the given attrName
@@ -1437,7 +1437,7 @@ public final class CMS {
 
     /**
      * Retrieves the email resolver that checks for subjectAlternateName.
-     * 
+     *
      * @return email key resolver
      */
     public static IEmailResolver getReqCertSANameEmailResolver() {
@@ -1446,7 +1446,7 @@ public final class CMS {
 
     /**
      * Retrieves the extension pretty print handler.
-     * 
+     *
      * @param e extension
      * @param indent indentation
      * @return extension pretty print handler
@@ -1457,7 +1457,7 @@ public final class CMS {
 
     /**
      * Retrieves the certificate pretty print handler.
-     * 
+     *
      * @param delimiter delimiter
      * @return certificate pretty print handler
      */
@@ -1467,7 +1467,7 @@ public final class CMS {
 
     /**
      * Retrieves the CRL pretty print handler.
-     * 
+     *
      * @param crl CRL
      * @return CRL pretty print handler
      */
@@ -1477,7 +1477,7 @@ public final class CMS {
 
     /**
      * Retrieves the CRL cache pretty print handler.
-     * 
+     *
      * @param ip CRL issuing point
      * @return CRL pretty print handler
      */
@@ -1487,7 +1487,7 @@ public final class CMS {
 
     /**
      * Retrieves the certificate pretty print handler.
-     * 
+     *
      * @param cert certificate
      * @return certificate pretty print handler
      */
@@ -1505,7 +1505,7 @@ public final class CMS {
 
     /**
      * Retrieves the password check.
-     * 
+     *
      * @return default password checker
      */
     public static IPasswordCheck getPasswordChecker() {
@@ -1514,7 +1514,7 @@ public final class CMS {
 
     /**
      * Puts a password entry into the single-sign on cache.
-     * 
+     *
      * @param tag password tag
      * @param pw password
      */
@@ -1524,7 +1524,7 @@ public final class CMS {
 
     /**
      * Retrieves the password callback.
-     * 
+     *
      * @return default password callback
      */
     public static PasswordCallback getPasswordCallback() {
@@ -1533,7 +1533,7 @@ public final class CMS {
 
     /**
      * Retrieves command queue
-     * 
+     *
      * @return command queue
      */
     public static ICommandQueue getCommandQueue() {
@@ -1542,7 +1542,7 @@ public final class CMS {
 
     /**
      * Loads the configuration file and starts CMS's core implementation.
-     * 
+     *
      * @param path path to configuration file (CMS.cfg)
      * @exception EBaseException failed to start CMS
      */
@@ -1582,7 +1582,7 @@ public final class CMS {
 
             shutdown();
             throw e;
-        } catch (Exception e) { // catch everything here purposely 
+        } catch (Exception e) { // catch everything here purposely
             ByteArrayOutputStream bos = new ByteArrayOutputStream();
             PrintStream ps = new PrintStream(bos);
 
diff --git a/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java b/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java
index ba9731867..41f4c348e 100644
--- a/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java
+++ b/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java
@@ -86,14 +86,14 @@ import com.netscape.cmsutil.password.IPasswordStore;
  * 

  * The engine implementation is loaded by CMS at startup. It is responsible for starting up all the related subsystems.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICMSEngine extends ISubsystem {
 
     /**
      * Gets this ID .
-     * 
+     *
      * @return CMS engine identifier
      */
     public String getId();
@@ -101,14 +101,14 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Sets the identifier of this subsystem. Should never be called.
      * Returns error.
-     * 
+     *
      * @param id CMS engine identifier
      */
     public void setId(String id) throws EBaseException;
 
     /**
      * Retrieves the process id of this server.
-     * 
+     *
      * @return process id of the server
      */
     public int getPID();
@@ -125,7 +125,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the instance roort path of this server.
-     * 
+     *
      * @return instance directory path name
      */
     public String getInstanceDir();
@@ -133,14 +133,14 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Returns a server wide system time. Plugins should call
      * this method to retrieve system time.
-     * 
+     *
      * @return current time
      */
     public Date getCurrentDate();
 
     /**
      * Retrieves time server started up.
-     * 
+     *
      * @return last startup time
      */
     public long getStartupTime();
@@ -150,28 +150,28 @@ public interface ICMSEngine extends ISubsystem {
      * server will be initialization state first. After the
      * initialization state, the server will be in the running
      * state.
-     * 
+     *
      * @return true if the server is in the running state
      */
     public boolean isInRunningState();
 
     /**
      * Returns the names of all the registered subsystems.
-     * 
+     *
      * @return a list of string-based subsystem names
      */
     public Enumeration getSubsystemNames();
 
     /**
      * Returns all the registered subsystems.
-     * 
+     *
      * @return a list of ISubsystem-based subsystems
      */
     public Enumeration getSubsystems();
 
     /**
      * Retrieves the registered subsytem with the given name.
-     * 
+     *
      * @param name subsystem name
      * @return subsystem of the given name
      */
@@ -181,7 +181,7 @@ public interface ICMSEngine extends ISubsystem {
      * Returns the logger of the current server. The logger can
      * be used to log critical informational or critical error
      * messages.
-     * 
+     *
      * @return logger
      */
     public ILogger getLogger();
@@ -190,28 +190,28 @@ public interface ICMSEngine extends ISubsystem {
      * Returns the signed audit logger of the current server. This logger can
      * be used to log critical informational or critical error
      * messages.
-     * 
+     *
      * @return signed audit logger
      */
     public ILogger getSignedAuditLogger();
 
     /**
      * Puts data of an byte array into the debug file.
-     * 
+     *
      * @param data byte array to be recorded in the debug file
      */
     public void debug(byte data[]);
 
     /**
      * Puts a message into the debug file.
-     * 
+     *
      * @param msg debugging message
      */
     public void debug(String msg);
 
     /**
      * Puts a message into the debug file.
-     * 
+     *
      * @param level 0-10
      * @param msg debugging message
      */
@@ -219,14 +219,14 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Puts an exception into the debug file.
-     * 
+     *
      * @param e exception
      */
     public void debug(Throwable e);
 
     /**
      * Checks if the debug mode is on or not.
-     * 
+     *
      * @return true if debug mode is on
      */
     public boolean debugOn();
@@ -249,7 +249,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @return localized user message
@@ -258,7 +258,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p an array of parameters
@@ -268,7 +268,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -278,7 +278,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -289,7 +289,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     * 
+     *
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -301,7 +301,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @return localized log message
      */
@@ -309,7 +309,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p an array of parameters
      * @return localized log message
@@ -318,7 +318,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @return localized log message
@@ -327,7 +327,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -337,7 +337,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -348,7 +348,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -360,7 +360,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -373,7 +373,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -387,7 +387,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -403,7 +403,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -420,7 +420,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     * 
+     *
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -438,9 +438,9 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Parse ACL resource attributes
-     * 
+     *
      * @param resACLs same format as the resourceACLs attribute:
-     * 
+     *
      *            
      *     ::
      *      () 
@@ -452,7 +452,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates an issuing poing record.
-     * 
+     *
      * @return issuing record
      */
     public ICRLIssuingPointRecord createCRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize,
@@ -460,14 +460,14 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the default CRL issuing point record name.
-     * 
+     *
      * @return CRL issuing point record name
      */
     public String getCRLIssuingPointRecordName();
 
     /**
      * Returns the finger print of the given certificate.
-     * 
+     *
      * @param cert certificate
      * @return finger print of certificate
      */
@@ -476,7 +476,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Returns the finger print of the given certificate.
-     * 
+     *
      * @param cert certificate
      * @return finger print of certificate
      */
@@ -494,7 +494,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates a repository record in the internal database.
-     * 
+     *
      * @return repository record
      */
     public IRepositoryRecord createRepositoryRecord();
@@ -502,7 +502,7 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Creates a HTTP PKI Message that can be sent to a remote
      * authority.
-     * 
+     *
      * @return a new PKI Message for remote authority
      */
     public IPKIMessage getHttpPKIMessage();
@@ -510,14 +510,14 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Creates a request encoder. A request cannot be sent to
      * the remote authority in its regular format.
-     * 
+     *
      * @return a request encoder
      */
     public IRequestEncoder getHttpRequestEncoder();
 
     /**
      * Converts a BER-encoded byte array into a MIME-64 encoded string.
-     * 
+     *
      * @param data data in byte array format
      * @return base-64 encoding for the data
      */
@@ -525,7 +525,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Converts a MIME-64 encoded string into a BER-encoded byte array.
-     * 
+     *
      * @param data base-64 encoding for the data
      * @return data data in byte array format
      */
@@ -534,7 +534,7 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Retrieves the certifcate in MIME-64 encoded format
      * with header and footer.
-     * 
+     *
      * @param cert certificate
      * @return base-64 format certificate
      */
@@ -542,7 +542,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the certificate pretty print handler.
-     * 
+     *
      * @param delimiter delimiter
      * @return certificate pretty print handler
      */
@@ -550,7 +550,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the extension pretty print handler.
-     * 
+     *
      * @param e extension
      * @param indent indentation
      * @return extension pretty print handler
@@ -559,7 +559,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the certificate pretty print handler.
-     * 
+     *
      * @param cert certificate
      * @return certificate pretty print handler
      */
@@ -567,7 +567,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the CRL pretty print handler.
-     * 
+     *
      * @param crl CRL
      * @return CRL pretty print handler
      */
@@ -575,7 +575,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the CRL cache pretty print handler.
-     * 
+     *
      * @param ip CRL issuing point
      * @return CRL pretty print handler
      */
@@ -584,7 +584,7 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Retrieves the ldap connection information from the configuration
      * store.
-     * 
+     *
      * @param config configuration parameters of ldap connection
      * @return a LDAP connection info
      */
@@ -595,7 +595,7 @@ public interface ICMSEngine extends ISubsystem {
      * Creates a LDAP SSL socket with the given nickname. The
      * certificate associated with the nickname will be used
      * for client authentication.
-     * 
+     *
      * @param certNickname nickname of client certificate
      * @return LDAP SSL socket factory
      */
@@ -604,21 +604,21 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates a LDAP SSL socket.
-     * 
+     *
      * @return LDAP SSL socket factory
      */
     public LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory();
 
     /**
      * Creates a LDAP Auth Info object.
-     * 
+     *
      * @return LDAP authentication info
      */
     public ILdapAuthInfo getLdapAuthInfo();
 
     /**
      * Retrieves the LDAP connection factory.
-     * 
+     *
      * @return bound LDAP connection pool
      */
     public ILdapConnFactory getLdapBoundConnFactory() throws ELdapException;
@@ -629,21 +629,21 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the LDAP connection factory.
-     * 
+     *
      * @return anonymous LDAP connection pool
      */
     public ILdapConnFactory getLdapAnonConnFactory() throws ELdapException;
 
     /**
      * Retrieves the password check.
-     * 
+     *
      * @return default password checker
      */
     public IPasswordCheck getPasswordChecker();
 
     /**
      * Puts a password entry into the single-sign on cache.
-     * 
+     *
      * @param tag password tag
      * @param pw password
      */
@@ -651,21 +651,21 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the password callback.
-     * 
+     *
      * @return default password callback
      */
     public PasswordCallback getPasswordCallback();
 
     /**
      * Retrieves the nickname of the server's server certificate.
-     * 
+     *
      * @return nickname of the server certificate
      */
     public String getServerCertNickname();
 
     /**
      * Sets the nickname of the server's server certificate.
-     * 
+     *
      * @param tokenName name of token where the certificate is located
      * @param nickName name of server certificate
      */
@@ -673,112 +673,112 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Sets the nickname of the server's server certificate.
-     * 
+     *
      * @param newName new nickname of server certificate
      */
     public void setServerCertNickname(String newName);
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     * 
+     *
      * @return host name of end-entity service
      */
     public String getEEHost();
 
     /**
      * Retrieves the host name of the server's non-secure end entity service.
-     * 
+     *
      * @return host name of end-entity non-secure service
      */
     public String getEENonSSLHost();
 
     /**
      * Retrieves the IP address of the server's non-secure end entity service.
-     * 
+     *
      * @return ip address of end-entity non-secure service
      */
     public String getEENonSSLIP();
 
     /**
      * Retrieves the port number of the server's non-secure end entity service.
-     * 
+     *
      * @return port of end-entity non-secure service
      */
     public String getEENonSSLPort();
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     * 
+     *
      * @return port of end-entity secure service
      */
     public String getEESSLHost();
 
     /**
      * Retrieves the IP address of the server's secure end entity service.
-     * 
+     *
      * @return ip address of end-entity secure service
      */
     public String getEESSLIP();
 
     /**
      * Retrieves the port number of the server's secure end entity service.
-     * 
+     *
      * @return port of end-entity secure service
      */
     public String getEESSLPort();
 
     /**
      * Retrieves the port number of the server's client auth secure end entity service.
-     * 
+     *
      * @return port of end-entity client auth secure service
      */
     public String getEEClientAuthSSLPort();
 
     /**
      * Retrieves the host name of the server's agent service.
-     * 
+     *
      * @return host name of agent service
      */
     public String getAgentHost();
 
     /**
      * Retrieves the IP address of the server's agent service.
-     * 
+     *
      * @return ip address of agent service
      */
     public String getAgentIP();
 
     /**
      * Retrieves the port number of the server's agent service.
-     * 
+     *
      * @return port of agent service
      */
     public String getAgentPort();
 
     /**
      * Retrieves the host name of the server's administration service.
-     * 
+     *
      * @return host name of administration service
      */
     public String getAdminHost();
 
     /**
      * Retrieves the IP address of the server's administration service.
-     * 
+     *
      * @return ip address of administration service
      */
     public String getAdminIP();
 
     /**
      * Retrieves the port number of the server's administration service.
-     * 
+     *
      * @return port of administration service
      */
     public String getAdminPort();
 
     /**
      * Verifies all system certificates
-     * 
+     *
      * @return true if all passed, false otherwise
      */
     public boolean verifySystemCerts();
@@ -786,28 +786,28 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Verifies a system certificate by its tag name
      * as defined in .cert.list
-     * 
+     *
      * @return true if passed, false otherwise
      */
     public boolean verifySystemCertByTag(String tag);
 
     /**
      * Verifies a system certificate by its nickname
-     * 
+     *
      * @return true if passed, false otherwise
      */
     public boolean verifySystemCertByNickname(String nickname, String certificateUsage);
 
     /**
      * get the CertificateUsage as defined in JSS CryptoManager
-     * 
+     *
      * @return CertificateUsage as defined in JSS CryptoManager
      */
     public CertificateUsage getCertificateUsage(String certusage);
 
     /**
      * Checks if the given certificate is a signing certificate.
-     * 
+     *
      * @param cert certificate
      * @return true if the given certificate is a signing certificate
      */
@@ -815,7 +815,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Checks if the given certificate is an encryption certificate.
-     * 
+     *
      * @param cert certificate
      * @return true if the given certificate is an encryption certificate
      */
@@ -823,49 +823,49 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the default X.509 certificate template.
-     * 
+     *
      * @return default certificate template
      */
     public X509CertInfo getDefaultX509CertInfo();
 
     /**
      * Retrieves the email form processor.
-     * 
+     *
      * @return email form processor
      */
     public IEmailFormProcessor getEmailFormProcessor();
 
     /**
      * Retrieves the email form template.
-     * 
+     *
      * @return email template
      */
     public IEmailTemplate getEmailTemplate(String path);
 
     /**
      * Retrieves the email notification handler.
-     * 
+     *
      * @return email notification
      */
     public IMailNotification getMailNotification();
 
     /**
      * Retrieves the email key resolver.
-     * 
+     *
      * @return email key resolver
      */
     public IEmailResolverKeys getEmailResolverKeys();
 
     /**
      * Retrieves the email resolver that checks for subjectAlternateName.
-     * 
+     *
      * @return email key resolver
      */
     public IEmailResolver getReqCertSANameEmailResolver();
 
     /**
      * Checks if the given OID is valid.
-     * 
+     *
      * @param attrName attribute name
      * @param value attribute value
      * @return object identifier of the given attrName
@@ -875,7 +875,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates a general name constraints.
-     * 
+     *
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
@@ -885,7 +885,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates a general name.
-     * 
+     *
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
@@ -896,7 +896,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves default general name configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
@@ -907,7 +907,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves default general names configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
@@ -918,7 +918,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
@@ -929,7 +929,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     * 
+     *
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
@@ -940,7 +940,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Created general names configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -953,7 +953,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Created general name constraints configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -966,7 +966,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Created general name constraints configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -979,7 +979,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Get default parameters for subject alt name configuration.
-     * 
+     *
      * @param name configuration name
      * @param params configuration parameters
      */
@@ -987,7 +987,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Get extended plugin info for subject alt name configuration.
-     * 
+     *
      * @param name configuration name
      * @param params configuration parameters
      */
@@ -995,7 +995,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates subject alt name configuration.
-     * 
+     *
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
@@ -1006,7 +1006,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     * 
+     *
      * @param authority remote authority
      * @param factory socket factory
      * @return http connection to the remote authority
@@ -1016,7 +1016,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     * 
+     *
      * @param authority remote authority
      * @param factory socket factory
      * @param timeout return error if connection cannot be established within
@@ -1028,7 +1028,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the request sender for use with connector.
-     * 
+     *
      * @param authority local authority
      * @param nickname nickname of the client certificate
      * @param remote remote authority
@@ -1040,7 +1040,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves command queue
-     * 
+     *
      * @return command queue
      */
     public ICommandQueue getCommandQueue();
@@ -1059,14 +1059,14 @@ public interface ICMSEngine extends ISubsystem {
      * Checks to ensure that all new incoming requests have been blocked.
      * This method is used for reentrancy protection.
      * 

-     * 
+     *
      * @return true or false
      */
     public boolean areRequestsDisabled();
 
     /**
      * Create configuration file.
-     * 
+     *
      * @param path configuration path
      * @return configuration store
      * @exception EBaseException failed to create file
@@ -1091,7 +1091,7 @@ public interface ICMSEngine extends ISubsystem {
     /**
      * Checks against the local certificate repository to see
      * if the certificates are revoked.
-     * 
+     *
      * @param certificates certificates
      * @return true if certificate is revoked in the local
      *         certificate repository
@@ -1100,7 +1100,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Sets list of verified certificates
-     * 
+     *
      * @param size size of verified certificates list
      * @param interval interval in which certificate is not recheck
      *            against local certificate repository
diff --git a/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java b/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java
index a165ab461..77b0a4e2b 100644
--- a/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java
+++ b/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java
@@ -24,14 +24,14 @@ import com.netscape.cms.servlet.common.CMSRequest;
 /**
  * This interface represents a command queue for registeration
  * and unregisteration proccess for clean shutdown
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICommandQueue {
 
     /**
      * Registers a thread into the command queue.
-     * 
+     *
      * @param currentRequest request object
      * @param currentServlet servlet that serves the request object
      */
@@ -39,7 +39,7 @@ public interface ICommandQueue {
 
     /**
      * UnRegisters a thread from the command queue.
-     * 
+     *
      * @param currentRequest request object
      * @param currentServlet servlet that serves the request object
      */
diff --git a/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java b/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java
index 5a0cdd3b8..ac17e2d3d 100644
--- a/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java
+++ b/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.base.IArgBlock;
  * Authentication Credentials as input to the authMgr. It contains all the
  * information required for authentication in the authMgr.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthCredentials implements IAuthCredentials {
@@ -44,7 +44,7 @@ public class AuthCredentials implements IAuthCredentials {
 
     /**
      * Sets an authentication credential with credential name and the credential object
-     * 
+     *
      * @param name credential name
      * @param cred credential object
      */
@@ -56,7 +56,7 @@ public class AuthCredentials implements IAuthCredentials {
     /**
      * Returns the credential to which the specified name is mapped in this
      * credential set
-     * 
+     *
      * @param name credential name
      * @return the authentication credential for the given name
      */
@@ -68,7 +68,7 @@ public class AuthCredentials implements IAuthCredentials {
      * Removes the name and its corresponding credential from this
      * credential set. This method does nothing if the named
      * credential is not in the credential set.
-     * 
+     *
      * @param name credential name
      */
     public void delete(String name) {
@@ -79,7 +79,7 @@ public class AuthCredentials implements IAuthCredentials {
      * Returns an enumeration of the credential names in this credential
      * set. Use the Enumeration methods on the returned object to
      * fetch the elements sequentially.
-     * 
+     *
      * @return an enumeration of the names in this credential set
      */
     public Enumeration getElements() {
@@ -96,7 +96,7 @@ public class AuthCredentials implements IAuthCredentials {
 
     /**
      * Returns the argblock.
-     * 
+     *
      * @return the argblock.
      */
     public IArgBlock getArgBlock() {
diff --git a/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java b/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java
index 76161e803..84ed047df 100644
--- a/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java
+++ b/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.authentication;
 /**
  * A class represents an authentication manager. It contains an
  * authentication manager instance and its state (enable or not).
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthManagerProxy {
@@ -29,7 +29,7 @@ public class AuthManagerProxy {
 
     /**
      * Constructor
-     * 
+     *
      * @param enable true if the authMgr is enabled; false otherwise
      * @param mgr authentication manager instance
      */
@@ -40,7 +40,7 @@ public class AuthManagerProxy {
 
     /**
      * Returns the state of the authentication manager instance
-     * 
+     *
      * @return true if the state of the authentication manager instance is
      *         enabled; false otherwise.
      */
@@ -50,7 +50,7 @@ public class AuthManagerProxy {
 
     /**
      * Returns an authentication manager instance.
-     * 
+     *
      * @return an authentication manager instance
      */
     public IAuthManager getAuthManager() {
diff --git a/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java b/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java
index 4226fd83c..8d06aa1e9 100644
--- a/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java
+++ b/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.authentication;
 /**
  * This class represents a registered authentication manager plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthMgrPlugin {
@@ -30,7 +30,7 @@ public class AuthMgrPlugin {
 
     /**
      * Constructs a AuthManager plugin.
-     * 
+     *
      * @param id auth manager implementation name
      * @param classPath class path
      */
@@ -46,7 +46,7 @@ public class AuthMgrPlugin {
 
     /**
      * Returns an auth manager implementation name
-     * 
+     *
      * @return an auth manager implementation name
      */
     public String getId() {
@@ -55,7 +55,7 @@ public class AuthMgrPlugin {
 
     /**
      * Returns a classpath of a AuthManager plugin
-     * 
+     *
      * @return a classpath of a AuthManager plugin
      */
     public String getClassPath() {
@@ -64,7 +64,7 @@ public class AuthMgrPlugin {
 
     /**
      * Returns a visibility of the plugin
-     * 
+     *
      * @return a visibility of the plugin
      */
     public boolean isVisible() {
@@ -73,7 +73,7 @@ public class AuthMgrPlugin {
 
     /**
      * Sets visibility of the plugin
-     * 
+     *
      * @param visibility visibility of the plugin
      */
     public void setVisible(boolean visibility) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/AuthResources.java b/base/common/src/com/netscape/certsrv/authentication/AuthResources.java
index 35e810112..30a7a5d67 100644
--- a/base/common/src/com/netscape/certsrv/authentication/AuthResources.java
+++ b/base/common/src/com/netscape/certsrv/authentication/AuthResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the authentication component.
  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -30,7 +30,7 @@ public class AuthResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
-     * 
+     *
      * @return the contents of this resource
      */
     public Object[][] getContents() {
diff --git a/base/common/src/com/netscape/certsrv/authentication/AuthToken.java b/base/common/src/com/netscape/certsrv/authentication/AuthToken.java
index 0a2b1f0a2..d934f62e8 100644
--- a/base/common/src/com/netscape/certsrv/authentication/AuthToken.java
+++ b/base/common/src/com/netscape/certsrv/authentication/AuthToken.java
@@ -45,7 +45,7 @@ import com.netscape.certsrv.usrgrp.Certificates;
  * its own list of such information. See individual authenticaiton
  * manager for more details.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthToken implements IAuthToken {
@@ -94,13 +94,13 @@ public class AuthToken implements IAuthToken {
     /**
      * Constructs an instance of a authentication token.
      * The token by default contains the following attributes: 

-     * 
+     *
      * 
      * 	"authMgrInstName" - The authentication manager instance name.
      * 	"authMgrImplName" - The authentication manager plugin name.
      * 	"authTime" - The - The time of authentication.
      * 

-     * 
+     *
      * @param authMgr The authentication manager that created this Token.
      */
     public AuthToken(IAuthManager authMgr) {
@@ -126,7 +126,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Removes an attribute in the AuthToken
-     * 
+     *
      * @param attrName The name of the attribute to remove.
      */
     public void delete(String attrName) {
@@ -135,7 +135,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Enumerate all attribute names in the AuthToken.
-     * 
+     *
      * @return Enumeration of all attribute names in this AuthToken.
      */
     public Enumeration getElements() {
@@ -411,7 +411,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Enumerate all attribute values in the AuthToken.
-     * 
+     *
      * @return Enumeration of all attribute names in this AuthToken.
      */
     public Enumeration getVals() {
@@ -421,7 +421,7 @@ public class AuthToken implements IAuthToken {
     /**
      * Gets the name of the authentication manager instance that created
      * this token.
-     * 
+     *
      * @return The name of the authentication manager instance that created
      *         this token.
      */
@@ -432,7 +432,7 @@ public class AuthToken implements IAuthToken {
     /**
      * Gets the plugin name of the authentication manager that created this
      * token.
-     * 
+     *
      * @return The plugin name of the authentication manager that created this
      *         token.
      */
@@ -442,7 +442,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Gets the time of authentication.
-     * 
+     *
      * @return The time of authentication
      */
     public Date getAuthTime() {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EAuthException.java b/base/common/src/com/netscape/certsrv/authentication/EAuthException.java
index c79c3e9a7..07a87ab96 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EAuthException.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EAuthException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * This class represents authentication exceptions.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EAuthException extends EBaseException {
@@ -39,7 +39,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs an authentication exception
      * 

-     * 
+     *
      * @param msgFormat exception details
      */
     public EAuthException(String msgFormat) {
@@ -49,7 +49,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs an authentication exception with a parameter.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -60,7 +60,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs a auth exception with a exception parameter.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -71,7 +71,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs a auth exception with a list of parameters.
      * 

-     * 
+     *
      * @param msgFormat the message format.
      * @param params list of message format parameters
      */
@@ -81,7 +81,7 @@ public class EAuthException extends EBaseException {
 
     /**
      * Returns the resource bundle name
-     * 
+     *
      * @return resource bundle name.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java b/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java
index 52688f922..ed76e7516 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java
@@ -30,7 +30,7 @@ public class EAuthInternalError extends EAuthException {
     /**
      * Constructs an authentication internal error exception
      * with a detailed message.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthInternalError(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java b/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java
index 925aaabf0..7a20c4beb 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java
@@ -29,7 +29,7 @@ public class EAuthMgrNotFound extends EAuthException {
 
     /**
      * Constructs a exception for a missing authentication manager
-     * 
+     *
      * @param errorString error string for missing authentication manager
      */
     public EAuthMgrNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java b/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java
index 2ca90e3c8..c15bf723a 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java
@@ -29,7 +29,7 @@ public class EAuthMgrPluginNotFound extends EAuthException {
 
     /**
      * Constructs a exception for a missing authentication manager plugin
-     * 
+     *
      * @param errorString error for a missing authentication manager plugin
      */
     public EAuthMgrPluginNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java b/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java
index f816c35e8..c2028aa45 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java
@@ -29,7 +29,7 @@ public class EAuthUserError extends EAuthException {
 
     /**
      * Constructs a exception for a Invalid attribute value
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthUserError(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java b/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java
index 84725bb96..25844c1ff 100644
--- a/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java
+++ b/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java
@@ -29,7 +29,7 @@ public class ECompSyntaxErr extends EAuthException {
 
     /**
      * Constructs an component syntax error
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public ECompSyntaxErr(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java b/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java
index 952824481..99f1371f9 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java
@@ -29,7 +29,7 @@ public class EFormSubjectDN extends EAuthException {
 
     /**
      * Constructs an Error on formulating the subject dn.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EFormSubjectDN(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java b/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java
index 3e4daaf0d..a562d69e5 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java
@@ -29,7 +29,7 @@ public class EInvalidCredentials extends EAuthException {
 
     /**
      * Constructs an Invalid Credentials exception.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EInvalidCredentials(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java b/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java
index 5de73aa0d..6a2866630 100644
--- a/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java
+++ b/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java
@@ -29,7 +29,7 @@ public class EMissingCredential extends EAuthException {
 
     /**
      * Constructs a exception for a missing required authentication credential
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EMissingCredential(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java b/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java
index cd8434433..7a7effb4d 100644
--- a/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java
+++ b/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java
@@ -24,21 +24,21 @@ import com.netscape.certsrv.base.IAttrSet;
  * An interface represents authentication credentials:
  * e.g. uid/pwd, uid/pin, certificate, etc.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthCredentials extends IAttrSet {
 
     /**
      * Set argblock.
-     * 
+     *
      * @param blk argblock
      */
     public void setArgBlock(IArgBlock blk);
 
     /**
      * Returns argblock.
-     * 
+     *
      * @return Argblock.
      */
     public IArgBlock getArgBlock();
diff --git a/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java b/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java
index 1ff46af7d..f9eddbc66 100644
--- a/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java
+++ b/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.IConfigStore;
 /**
  * Authentication Manager interface.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthManager {
@@ -41,7 +41,7 @@ public interface IAuthManager {
     /**
      * Get the name of this authentication manager instance.
      * 

-     * 
+     *
      * @return the name of this authentication manager.
      */
     public String getName();
@@ -49,14 +49,14 @@ public interface IAuthManager {
     /**
      * Get name of authentication manager plugin.
      * 

-     * 
+     *
      * @return the name of the authentication manager plugin.
      */
     public String getImplName();
 
     /**
      * Authenticate the given credentials.
-     * 
+     *
      * @param authCred The authentication credentials
      * @return authentication token
      * @exception EMissingCredential If a required credential for this
@@ -69,7 +69,7 @@ public interface IAuthManager {
 
     /**
      * Initialize this authentication manager.
-     * 
+     *
      * @param name The name of this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config The configuration store for this authentication manager.
@@ -86,7 +86,7 @@ public interface IAuthManager {
 
     /**
      * Gets a list of the required credentials for this authentication manager.
-     * 
+     *
      * @return The required credential attributes.
      */
     public String[] getRequiredCreds();
@@ -96,7 +96,7 @@ public interface IAuthManager {
      * The configuration parameters returned is passed to the
      * configuration console so configuration for instances of this
      * implementation can be made through the console.
-     * 
+     *
      * @return a list of configuration parameters.
      * @exception EBaseException If an internal error occurred
      */
@@ -105,7 +105,7 @@ public interface IAuthManager {
 
     /**
      * Get the configuration store for this authentication manager.
-     * 
+     *
      * @return The configuration store of this authentication manager.
      */
     public IConfigStore getConfigStore();
diff --git a/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java b/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java
index 329b6802e..e1ccc2d34 100644
--- a/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * An interface that represents an authentication component
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthSubsystem extends ISubsystem {
@@ -120,7 +120,7 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Authenticate the given credentials using the given manager name.
-     * 
+     *
      * @param authCred The authentication credentials
      * @param authMgrName The authentication manager name
      * @return a authentication token.
@@ -134,7 +134,7 @@ public interface IAuthSubsystem extends ISubsystem {
     /**
      * Gets the required credential attributes for the given authentication
      * manager.
-     * 
+     *
      * @param authMgrName The authentication manager name
      * @return a Vector of required credential attribute names.
      * @exception EBaseException If the required credential is missing
@@ -143,7 +143,7 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Adds (registers) the given authentication manager.
-     * 
+     *
      * @param name The authentication manager name
      * @param authMgr The authentication manager instance.
      */
@@ -151,14 +151,14 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Deletes (deregisters) the given authentication manager.
-     * 
+     *
      * @param name The authentication manager name to delete.
      */
     public void delete(String name);
 
     /**
      * Gets the Authentication manager instance of the specified name.
-     * 
+     *
      * @param name The authentication manager's name.
      * @exception EBaseException when internal error occurs.
      */
@@ -167,21 +167,21 @@ public interface IAuthSubsystem extends ISubsystem {
     /**
      * Gets an enumeration of authentication managers registered to the
      * authentication subsystem.
-     * 
+     *
      * @return a list of authentication managers
      */
     public Enumeration getAuthManagers();
 
     /**
      * Gets an enumeration of authentication manager plugins.
-     * 
+     *
      * @return a list of authentication plugins
      */
     public Enumeration getAuthManagerPlugins();
 
     /**
      * Gets a single authentication manager plugin implementation
-     * 
+     *
      * @param name given authentication plugin name
      * @return the given authentication plugin
      */
@@ -189,7 +189,7 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Get configuration parameters for a authentication mgr plugin.
-     * 
+     *
      * @param implName The plugin name.
      * @return configuration parameters for the given authentication manager plugin
      * @exception EAuthMgrPluginNotFound If the authentication manager
@@ -201,7 +201,7 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Log error message.
-     * 
+     *
      * @param level log level
      * @param msg error message
      */
@@ -209,21 +209,21 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Get a hashtable containing all authentication plugins.
-     * 
+     *
      * @return all authentication plugins.
      */
     public Hashtable getPlugins();
 
     /**
      * Get a hashtable containing all authentication instances.
-     * 
+     *
      * @return all authentication instances.
      */
     public Hashtable getInstances();
 
     /**
      * Get an authentication manager interface for the given name.
-     * 
+     *
      * @param name given authentication manager name.
      * @return an authentication manager for the given manager name.
      */
@@ -231,7 +231,7 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Get an authentication manager plugin impl for the given name.
-     * 
+     *
      * @param name given authentication manager name.
      * @return an authentication manager plugin
      */
diff --git a/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java b/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java
index f46ee3ca1..25a73b8f1 100644
--- a/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java
+++ b/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java
@@ -39,7 +39,7 @@ public interface IAuthToken {
 
     /**
      * Sets an attribute value within this AttrSet.
-     * 
+     *
      * @param name the name of the attribute
      * @param value the attribute object.
      * @return false on an error
@@ -48,7 +48,7 @@ public interface IAuthToken {
 
     /**
      * Gets an attribute value.
-     * 
+     *
      * @param name the name of the attribute to return.
      * @exception EBaseException on attribute handling errors.
      * @return the attribute value
@@ -58,7 +58,7 @@ public interface IAuthToken {
     /**
      * Returns an enumeration of the names of the attributes existing within
      * this AttrSet.
-     * 
+     *
      * @return an enumeration of the attribute names.
      */
     public Enumeration getElements();
@@ -72,7 +72,7 @@ public interface IAuthToken {
     /**
      * Retrieves the byte array value for name. The value should have been
      * previously stored as a byte array (it will be CMS.AtoB decoded).
-     * 
+     *
      * @param name The attribute name.
      * @return The byte array or null on error.
      */
@@ -80,7 +80,7 @@ public interface IAuthToken {
 
     /**
      * Stores the byte array with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on an error
@@ -89,7 +89,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the Integer value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The Integer or null on error.
      */
@@ -97,7 +97,7 @@ public interface IAuthToken {
 
     /**
      * Stores the Integer with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on an error
@@ -106,7 +106,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the BigInteger array value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -114,7 +114,7 @@ public interface IAuthToken {
 
     /**
      * Stores the BigInteger array with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on an error
@@ -123,7 +123,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the Date value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -131,7 +131,7 @@ public interface IAuthToken {
 
     /**
      * Stores the Date with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on an error
@@ -140,7 +140,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the String array value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -148,7 +148,7 @@ public interface IAuthToken {
 
     /**
      * Stores the String array with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return False on error.
@@ -157,7 +157,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the X509CertImpl value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -165,7 +165,7 @@ public interface IAuthToken {
 
     /**
      * Stores the X509CertImpl with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on error
@@ -174,7 +174,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the CertificateExtensions value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -182,7 +182,7 @@ public interface IAuthToken {
 
     /**
      * Stores the CertificateExtensions with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on error
@@ -191,7 +191,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the Certificates value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -199,7 +199,7 @@ public interface IAuthToken {
 
     /**
      * Stores the Certificates with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on error
@@ -208,7 +208,7 @@ public interface IAuthToken {
 
     /**
      * Retrieves the byte[][] value for name.
-     * 
+     *
      * @param name The attribute name.
      * @return The value or null on error.
      */
@@ -216,7 +216,7 @@ public interface IAuthToken {
 
     /**
      * Stores the byte[][] with the associated key.
-     * 
+     *
      * @param name The attribute name.
      * @param value The value to store
      * @return false on error
diff --git a/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java b/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java
index 6932decc0..ce8f40bd0 100644
--- a/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java
+++ b/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java
@@ -24,17 +24,17 @@ import java.security.cert.X509Certificate;
  * SSL client certificate in a SSL session. Normally, this
  * object is a servlet.
  * 

- * 
+ *
  * This interface is used to avoid the internal imeplemtnation to have servlet (protocol handler) dependency.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISSLClientCertProvider {
 
     /**
      * Retrieves the SSL client certificate chain.
-     * 
+     *
      * @return certificate chain
      */
     public X509Certificate[] getClientCertificateChain();
diff --git a/base/common/src/com/netscape/certsrv/authority/IAuthority.java b/base/common/src/com/netscape/certsrv/authority/IAuthority.java
index 2875e4dd1..a232fc452 100644
--- a/base/common/src/com/netscape/certsrv/authority/IAuthority.java
+++ b/base/common/src/com/netscape/certsrv/authority/IAuthority.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.request.IRequestQueue;
 
 /**
  * Authority interface.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface IAuthority extends ISubsystem {
@@ -31,7 +31,7 @@ public interface IAuthority extends ISubsystem {
     /**
      * Retrieves the request queue for the Authority.
      * 

-     * 
+     *
      * @return the request queue.
      */
     public IRequestQueue getRequestQueue();
diff --git a/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java b/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java
index c2f2c91ec..885ca202f 100644
--- a/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java
+++ b/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.request.IRequestListener;
  * Authority that handles certificates needed by the cert registration
  * servlets.
  * 

- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ICertAuthority extends IAuthority {
@@ -38,7 +38,7 @@ public interface ICertAuthority extends IAuthority {
     /**
      * Retrieves the certificate repository for this authority.
      * 

-     * 
+     *
      * @return the certificate repository.
      */
     public ICertificateRepository getCertificateRepository();
@@ -46,7 +46,7 @@ public interface ICertAuthority extends IAuthority {
     /**
      * Returns CA's certificate chain.
      * 

-     * 
+     *
      * @return the Certificate Chain for the CA.
      */
     public CertificateChain getCACertChain();
@@ -54,7 +54,7 @@ public interface ICertAuthority extends IAuthority {
     /**
      * Returns CA's certificate implementaion.
      * 

-     * 
+     *
      * @return CA's certificate.
      */
     public X509CertImpl getCACert();
@@ -94,7 +94,7 @@ public interface ICertAuthority extends IAuthority {
      * Returns the logging interface for this authority.
      * Using this interface both System and Audit events can be
      * logged.
-     * 
+     *
      */
     public ILogger getLogger();
 
diff --git a/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java b/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java
index 58a5264ba..acd3b201c 100644
--- a/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java
+++ b/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.authorization;
 /**
  * A class represents an authorization manager. It contains an
  * authorization manager instance and its state (enable or not).
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthzManagerProxy {
@@ -29,7 +29,7 @@ public class AuthzManagerProxy {
 
     /**
      * Constructor
-     * 
+     *
      * @param enable true if the authzMgr is enabled; false otherwise
      * @param mgr authorization manager instance
      */
@@ -40,7 +40,7 @@ public class AuthzManagerProxy {
 
     /**
      * Returns the state of the authorization manager instance
-     * 
+     *
      * @return true if the state of the authorization manager instance is
      *         enabled; false otherwise.
      */
@@ -50,7 +50,7 @@ public class AuthzManagerProxy {
 
     /**
      * Returns an authorization manager instance.
-     * 
+     *
      * @return an authorization manager instance
      */
     public IAuthzManager getAuthzManager() {
diff --git a/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java b/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java
index e47e58171..011ee294e 100644
--- a/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java
+++ b/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.authorization;
 /**
  * This class represents a registered authorization manager plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthzMgrPlugin {
@@ -30,7 +30,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Constructs a AuthzManager plugin.
-     * 
+     *
      * @param id authz manager implementation name
      * @param classPath class path
      */
@@ -41,7 +41,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Returns an authorization manager implementation name
-     * 
+     *
      * @return an authorization manager implementation name
      */
     public String getId() {
@@ -50,7 +50,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Returns a classpath of a AuthzManager plugin
-     * 
+     *
      * @return a classpath of a AuthzManager plugin
      */
     public String getClassPath() {
@@ -59,7 +59,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Returns a visibility of the plugin
-     * 
+     *
      * @return a visibility of the plugin
      */
     public boolean isVisible() {
@@ -68,7 +68,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Sets visibility of the plugin
-     * 
+     *
      * @param visibility visibility of the plugin
      */
     public void setVisible(boolean visibility) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java b/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java
index 13d33c212..5f736aa02 100644
--- a/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java
+++ b/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the authorization subsystem
  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -30,7 +30,7 @@ public class AuthzResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
-     * 
+     *
      * @return the content of this resource
      */
     public Object[][] getContents() {
diff --git a/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java b/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java
index 262902e62..1272a3dd3 100644
--- a/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java
+++ b/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.base.IAttrSet;
  * authorization happened, name of the resource, type of operation performed
  * on the resource.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthzToken implements IAttrSet {
@@ -77,13 +77,13 @@ public class AuthzToken implements IAttrSet {
     /**
      * Constructs an instance of a authorization token.
      * The token by default contains the following attributes: 

-     * 
+     *
      * 
      * 	"authzMgrInstName" - The authorization manager instance name.
      * 	"authzMgrImplName" - The authorization manager plugin name.
      * 	"authzTime" - The - The time of authorization.
      * 

-     * 
+     *
      * @param authzMgr The authorization manager that created this Token.
      */
     public AuthzToken(IAuthzManager authzMgr) {
@@ -95,7 +95,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Get the value of an attribute in the AuthzToken
-     * 
+     *
      * @param attrName The attribute name
      * @return The value of attrName if any.
      */
@@ -106,7 +106,7 @@ public class AuthzToken implements IAttrSet {
     /**
      * Used by an Authorization manager to set an attribute and value
      * in the AuthzToken.
-     * 
+     *
      * @param attrName The name of the attribute
      * @param value The value of the attribute to set.
      */
@@ -116,7 +116,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Removes an attribute in the AuthzToken
-     * 
+     *
      * @param attrName The name of the attribute to remove.
      */
     public void delete(String attrName) {
@@ -125,7 +125,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Enumerate all attribute names in the AuthzToken.
-     * 
+     *
      * @return Enumeration of all attribute names in this AuthzToken.
      */
     public Enumeration getElements() {
@@ -134,7 +134,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Enumerate all attribute values in the AuthzToken.
-     * 
+     *
      * @return Enumeration of all attribute names in this AuthzToken.
      */
     public Enumeration getVals() {
@@ -144,7 +144,7 @@ public class AuthzToken implements IAttrSet {
     /**
      * Gets the name of the authorization manager instance that created
      * this token.
-     * 
+     *
      * @return The name of the authorization manager instance that created
      *         this token.
      */
@@ -155,7 +155,7 @@ public class AuthzToken implements IAttrSet {
     /**
      * Gets the plugin name of the authorization manager that created this
      * token.
-     * 
+     *
      * @return The plugin name of the authorization manager that created this
      *         token.
      */
@@ -165,7 +165,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Gets the time of authorization.
-     * 
+     *
      * @return The time of authorization
      */
     public Date getAuthzTime() {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java
index 9fc7777c7..9b50176c8 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java
@@ -29,7 +29,7 @@ public class EAuthzAccessDenied extends EAuthzException {
 
     /**
      * Constructs a exception for access denied by Authz manager
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthzAccessDenied(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java
index 65d95a571..873ada1af 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * This class represents authorization exceptions.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EAuthzException extends EBaseException {
@@ -39,7 +39,7 @@ public class EAuthzException extends EBaseException {
     /**
      * Constructs a authz exception
      * 

-     * 
+     *
      * @param msgFormat exception details
      */
     public EAuthzException(String msgFormat) {
@@ -49,7 +49,7 @@ public class EAuthzException extends EBaseException {
     /**
      * Constructs a authz exception with a parameter.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -60,7 +60,7 @@ public class EAuthzException extends EBaseException {
     /**
      * Constructs a authz exception with a exception parameter.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param system exception
      */
@@ -71,7 +71,7 @@ public class EAuthzException extends EBaseException {
     /**
      * Constructs a authz exception with a list of parameters.
      * 

-     * 
+     *
      * @param msgFormat the message format.
      * @param params list of message format parameters
      */
@@ -81,7 +81,7 @@ public class EAuthzException extends EBaseException {
 
     /**
      * Returns the resource bundle name
-     * 
+     *
      * @return resource bundle name
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java
index 2afe2c747..82588b622 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java
@@ -29,7 +29,7 @@ public class EAuthzInternalError extends EAuthzException {
 
     /**
      * Constructs an authorization internal error exception
-     * 
+     *
      * @param errorString error with a detailed message.
      */
     public EAuthzInternalError(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java
index a920d37ac..f3efc656c 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java
@@ -29,7 +29,7 @@ public class EAuthzMgrNotFound extends EAuthzException {
 
     /**
      * Constructs a exception for a missing required authorization manager
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthzMgrNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java
index 43ae6edcd..5b183aa50 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java
@@ -29,7 +29,7 @@ public class EAuthzMgrPluginNotFound extends EAuthzException {
 
     /**
      * Constructs a exception for a missing authorization plugin
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthzMgrPluginNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java
index ce061ddd2..b2bcb9c9d 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java
@@ -29,7 +29,7 @@ public class EAuthzUnknownOperation extends EAuthzException {
 
     /**
      * Constructs a exception for an operation unknown to the authorization manager
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthzUnknownOperation(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java b/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java
index 5cb2d7276..5848c620c 100644
--- a/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java
+++ b/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java
@@ -29,7 +29,7 @@ public class EAuthzUnknownProtectedRes extends EAuthzException {
 
     /**
      * Constructs a exception for a protected resource unknown to the authorization manager
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EAuthzUnknownProtectedRes(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
index 8b52b3928..871f05230 100644
--- a/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
+++ b/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.evaluators.IAccessEvaluator;
  * Authorization Manager interface needs to be implemented by all
  * authorization managers.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthzManager {
@@ -40,7 +40,7 @@ public interface IAuthzManager {
     /**
      * Get the name of this authorization manager instance.
      * 

-     * 
+     *
      * @return String the name of this authorization manager.
      */
     public String getName();
@@ -49,12 +49,12 @@ public interface IAuthzManager {
      * Get implementation name of authorization manager plugin.
      * 

      * An example of an implementation name will be:
-     * 
+     *
      * 
      * com.netscape.cms.BasicAclAuthz
      * 

      * 

-     * 
+     *
      * @return The name of the authorization manager plugin.
      */
     public String getImplName();
@@ -66,13 +66,13 @@ public interface IAuthzManager {
      * 

      * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo
      * is the resACLs, whose format should conform to the following:
-     * 
+     *
      * 
      *    :right-1[,right-n]:[allow,deny](right(s))=:
      * 

      * Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties
-     * 
+     *
      * @param accessInfo the access info string in the format specified in the authorization manager
      * @exception EBaseException error parsing the accessInfo
      */
@@ -81,7 +81,7 @@ public interface IAuthzManager {
     /**
      * Check if the user is authorized to perform the given operation on the
      * given resource.
-     * 
+     *
      * @param authToken the authToken associated with a user.
      * @param resource - the protected resource name
      * @param operation - the protected resource operation name
@@ -97,7 +97,7 @@ public interface IAuthzManager {
 
     /**
      * Initialize this authorization manager.
-     * 
+     *
      * @param name The name of this authorization manager instance.
      * @param implName The name of the authorization manager plugin.
      * @param config The configuration store for this authorization manager.
@@ -117,7 +117,7 @@ public interface IAuthzManager {
      * The configuration parameters returned is passed to the
      * console so configuration for instances of this
      * implementation can be made through the console.
-     * 
+     *
      * @return a list of names for configuration parameters.
      * @exception EBaseException If an internal error occurred
      */
@@ -126,21 +126,21 @@ public interface IAuthzManager {
 
     /**
      * Get the configuration store for this authorization manager.
-     * 
+     *
      * @return The configuration store of this authorization manager.
      */
     public IConfigStore getConfigStore();
 
     /**
      * Get ACL entries
-     * 
+     *
      * @return enumeration of ACL entries.
      */
     public Enumeration getACLs();
 
     /**
      * Get individual ACL entry for the given name of entry.
-     * 
+     *
      * @param target The name of the ACL entry
      * @return The ACL entry.
      */
@@ -148,7 +148,7 @@ public interface IAuthzManager {
 
     /**
      * Update ACLs in the database
-     * 
+     *
      * @param id The name of the ACL entry (ie, resource id)
      * @param rights The allowable rights for this resource
      * @param strACLs The value of the ACL entry
@@ -160,14 +160,14 @@ public interface IAuthzManager {
 
     /**
      * Get all registered evaluators.
-     * 
+     *
      * @return All registered evaluators.
      */
     public Enumeration aclEvaluatorElements();
 
     /**
      * Register new evaluator
-     * 
+     *
      * @param type Type of evaluator
      * @param evaluator Value of evaluator
      */
@@ -175,7 +175,7 @@ public interface IAuthzManager {
 
     /**
      * Return a table of evaluators
-     * 
+     *
      * @return A table of evaluators
      */
     public Hashtable getAccessEvaluators();
diff --git a/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java b/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java
index d8ccc8a83..b96499a77 100644
--- a/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * An interface that represents an authorization component
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthzSubsystem extends ISubsystem {
@@ -60,7 +60,7 @@ public interface IAuthzSubsystem extends ISubsystem {
     /**
      * authorize the user associated with the given authToken for a given
      * operation with the given authorization manager name
-     * 
+     *
      * @param authzMgrName The authorization manager name
      * @param authToken the authenticaton token associated with a user
      * @param resource the resource protected by the authorization system
@@ -77,7 +77,7 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Adds (registers) the given authorization manager.
-     * 
+     *
      * @param name The authorization manager name
      * @param authzMgr The authorization manager instance.
      */
@@ -85,14 +85,14 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Deletes (deregisters) the given authorization manager.
-     * 
+     *
      * @param name The authorization manager name to delete.
      */
     public void delete(String name);
 
     /**
      * Gets the Authorization manager instance of the specified name.
-     * 
+     *
      * @param name The authorization manager's name.
      * @return an authorization manager interface
      */
@@ -101,14 +101,14 @@ public interface IAuthzSubsystem extends ISubsystem {
     /**
      * Gets an enumeration of authorization managers registered to the
      * authorization component.
-     * 
+     *
      * @return a list of authorization managers
      */
     public Enumeration getAuthzManagers();
 
     /**
      * Initialize authz info - usually used for BasicAclAuthz
-     * 
+     *
      * @param authzMgrName name of the authorization manager
      * @param accessInfo string representation of the ACL
      * @exception EBaseException if authorization manager is not found
@@ -117,14 +117,14 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Gets an enumeration of authorization manager plugins.
-     * 
+     *
      * @return list of authorization manager plugins
      */
     public Enumeration getAuthzManagerPlugins();
 
     /**
      * Gets a single authorization manager plugin implementation
-     * 
+     *
      * @param name given authorization plugin name
      * @return authorization manager plugin
      */
@@ -132,7 +132,7 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Log error message.
-     * 
+     *
      * @param level log level
      * @param msg error message
      */
@@ -140,21 +140,21 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Get a hashtable containing all authentication plugins.
-     * 
+     *
      * @return all authentication plugins.
      */
     public Hashtable getPlugins();
 
     /**
      * Get a hashtable containing all authentication instances.
-     * 
+     *
      * @return all authentication instances.
      */
     public Hashtable getInstances();
 
     /**
      * Get an authorization manager interface for the given name.
-     * 
+     *
      * @param name given authorization manager name.
      * @return an authorization manager interface
      */
diff --git a/base/common/src/com/netscape/certsrv/base/ASubsystem.java b/base/common/src/com/netscape/certsrv/base/ASubsystem.java
index 2b4c6d15a..275108926 100644
--- a/base/common/src/com/netscape/certsrv/base/ASubsystem.java
+++ b/base/common/src/com/netscape/certsrv/base/ASubsystem.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.base;
  * This class represents a basic subsystem. Each basic
  * subsystem is named with an identifier and has a
  * configuration store.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class ASubsystem implements ISubsystem {
@@ -32,7 +32,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Initializes this subsystem.
-     * 
+     *
      * @param parent parent subsystem
      * @param cfg configuration store
      */
@@ -43,7 +43,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Retrieves the configuration store.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -52,7 +52,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Sets the identifier of this subsystem.
-     * 
+     *
      * @param id subsystem identifier
      */
     public void setId(String id) {
@@ -61,7 +61,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Retrieves the subsystem identifier.
-     * 
+     *
      * @return subsystem identifier
      */
     public String getId() {
diff --git a/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java b/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java
index 5b6db131e..5f00c7670 100644
--- a/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java
+++ b/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.base;
 /**
  * AttributeNameHelper. This Helper class used to decompose
  * dot-separated attribute name into prefix and suffix.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AttributeNameHelper {
@@ -34,7 +34,7 @@ public class AttributeNameHelper {
     /**
      * Default constructor for the class. Name is of the form
      * "proofOfPosession.type".
-     * 
+     *
      * @param name the attribute name.
      */
     public AttributeNameHelper(String name) {
@@ -50,7 +50,7 @@ public class AttributeNameHelper {
 
     /**
      * Return the prefix of the name.
-     * 
+     *
      * @return attribute prefix
      */
     public String getPrefix() {
@@ -59,7 +59,7 @@ public class AttributeNameHelper {
 
     /**
      * Return the suffix of the name.
-     * 
+     *
      * @return attribute suffix
      */
     public String getSuffix() {
diff --git a/base/common/src/com/netscape/certsrv/base/BaseResources.java b/base/common/src/com/netscape/certsrv/base/BaseResources.java
index 41159481f..87c7e60a1 100644
--- a/base/common/src/com/netscape/certsrv/base/BaseResources.java
+++ b/base/common/src/com/netscape/certsrv/base/BaseResources.java
@@ -23,7 +23,7 @@ import java.util.ListResourceBundle;
  * A class represents a resource bundle for the entire
  * system.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
diff --git a/base/common/src/com/netscape/certsrv/base/EBaseException.java b/base/common/src/com/netscape/certsrv/base/EBaseException.java
index 26def60f5..0ce8fdc3d 100644
--- a/base/common/src/com/netscape/certsrv/base/EBaseException.java
+++ b/base/common/src/com/netscape/certsrv/base/EBaseException.java
@@ -23,7 +23,7 @@ import java.util.Locale;
  * An exception with localizable error messages. It is the
  * base class for all exceptions in certificate server.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.base.BaseResources
@@ -50,7 +50,7 @@ public class EBaseException extends Exception {
      * Constructs an instance of this exception with the given resource key.
      * If resource key is not found in the resource bundle, the resource key
      * specified is used as the error message.
-     * 
+     *
      * 
      * new EBaseException(BaseResources.PERMISSION_DENIED);
      * new EBaseException("An plain error message");
@@ -65,12 +65,12 @@ public class EBaseException extends Exception {
     /**
      * Constructs an instance of this exception with the given resource key
      * and a parameter as a string.
-     * 
+     *
      * 
      * new EBaseException(BaseResource.NO_CONFIG_FILE, fileName);
      * 

      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -83,7 +83,7 @@ public class EBaseException extends Exception {
     /**
      * Constructs an instance of the exception given the resource key and
      * a exception parameter.
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -92,7 +92,7 @@ public class EBaseException extends Exception {
      *      }
      * 

      * 

-     * 
+     *
      * @param msgFormat The resource key
      * @param param The parameter as an exception
      */
@@ -106,7 +106,7 @@ public class EBaseException extends Exception {
      * Constructs an instance of this exception given the resource key and
      * an array of parameters.
      * 

-     * 
+     *
      * @param msgFormat The resource key
      * @param params Array of params
      */
@@ -118,7 +118,7 @@ public class EBaseException extends Exception {
     /**
      * Returns the list of parameters.
      * 

-     * 
+     *
      * @return List of parameters.
      */
     public Object[] getParameters() {
@@ -128,7 +128,7 @@ public class EBaseException extends Exception {
     /**
      * Returns the exception string in the default locale.
      * 

-     * 
+     *
      * @return The exception string in the default locale.
      */
     public String toString() {
@@ -138,7 +138,7 @@ public class EBaseException extends Exception {
     /**
      * Returns the exception string in the given locale.
      * 

-     * 
+     *
      * @param locale The locale
      * @return The exception string in the given locale.
      */
@@ -149,7 +149,7 @@ public class EBaseException extends Exception {
 
     /**
      * Returns the given resource bundle name.
-     * 
+     *
      * @return the name of the resource bundle for this class.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java b/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java
index 466306582..e689b2224 100644
--- a/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java
+++ b/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.base;
  * property is not defined (empty string) the configuration store.
  * It extends EBaseException and uses the same resource bundle.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.base.EBaseException
  */
@@ -37,7 +37,7 @@ public class EPropertyNotDefined extends EBaseException {
      * Constructs an instance of this exception given the name of the
      * property that's not found.
      * 

-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EPropertyNotDefined(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java b/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java
index 5a8a9550f..bcfca18f7 100644
--- a/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java
+++ b/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.base;
  * property is not found in the configuration store.
  * It extends EBaseException and uses the same resource bundle.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.base.EBaseException
  */
@@ -37,7 +37,7 @@ public class EPropertyNotFound extends EBaseException {
      * Constructs an instance of this exception given the name of the
      * property that's not found.
      * 

-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EPropertyNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java b/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java
index 86f5999d9..e26025d08 100644
--- a/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java
+++ b/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java
@@ -22,7 +22,7 @@ import java.util.Locale;
 /**
  * Plugin which can return extended information to console
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ExtendedPluginInfo implements IExtendedPluginInfo {
@@ -31,7 +31,7 @@ public class ExtendedPluginInfo implements IExtendedPluginInfo {
 
     /**
      * Constructs an extended plugin info object.
-     * 
+     *
      * @param epi plugin info list
      */
     public ExtendedPluginInfo(String epi[]) {
@@ -42,19 +42,19 @@ public class ExtendedPluginInfo implements IExtendedPluginInfo {
      * This method returns an array of strings. Each element of the
      * array represents a configurable parameter, or some other
      * meta-info (such as help-token)
-     * 
+     *
      * there is an entry indexed on that parameter name
      * ;[,required];;...
-     * 
+     *
      * Where:
-     * 
+     *
      * type_info is either 'string', 'number', 'boolean', 'password' or
      * 'choice(ch1,ch2,ch3,...)'
-     * 
+     *
      * If the marker 'required' is included after the type_info,
      * the parameter will has some visually distinctive marking in
      * the UI.
-     * 
+     *
      * 'description' is a short sentence describing the parameter
      * 'choice' is rendered as a drop-down list. The first parameter in the
      * list will be activated by default
@@ -67,20 +67,20 @@ public class ExtendedPluginInfo implements IExtendedPluginInfo {
      * the plugin. It is instead inserted directly into the password cache
      * keyed on the instance name. The value of the parameter
      * 'bindPWPrompt' (see example below) is set to the key.
-     * 
+     *
      * In addition to the configurable parameters, the following magic parameters
      * may be defined:
-     * 
+     *
      * HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin
      * HELP_TEXT;helptext - a general help string describing the plugin
-     * 
+     *
      * For example:
      * "username;string;The username you wish to login as"
      * "bindPWPrompt;password;Enter password to bind as above user with"
      * "algorithm;choice(RSA,DSA);Which algorithm do you want to use"
      * "enable;boolean;Do you want to run this plugin"
      * "port;number;Which port number do you want to use"
-     * 
+     *
      */
     public String[] getExtendedPluginInfo(Locale locale) {
         return _epi;
diff --git a/base/common/src/com/netscape/certsrv/base/IArgBlock.java b/base/common/src/com/netscape/certsrv/base/IArgBlock.java
index adddccba6..92c418c7d 100644
--- a/base/common/src/com/netscape/certsrv/base/IArgBlock.java
+++ b/base/common/src/com/netscape/certsrv/base/IArgBlock.java
@@ -33,14 +33,14 @@ import netscape.security.pkcs.PKCS10;
  * E.g., ((AttrSet)container.get("x")).get("y") is equivalent to
  * container.get("x.y");
  * 

- * 
+ *
  * @version $Revision$, $Date$
  **/
 public interface IArgBlock extends Serializable {
 
     /**
      * Checks if this argument block contains the given key.
-     * 
+     *
      * @param n key
      * @return true if key is present
      */
@@ -48,7 +48,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds string-based value into this argument block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -57,7 +57,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as string.
-     * 
+     *
      * @param n key
      * @return argument value as string
      * @exception EBaseException failed to retrieve value
@@ -66,7 +66,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as string.
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as string
@@ -75,7 +75,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as integer.
-     * 
+     *
      * @param n key
      * @return argument value as int
      * @exception EBaseException failed to retrieve value
@@ -84,7 +84,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as integer.
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as int
@@ -93,7 +93,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as big integer.
-     * 
+     *
      * @param n key
      * @return argument value as big integer
      * @exception EBaseException failed to retrieve value
@@ -102,7 +102,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as big integer.
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as big integer
@@ -111,7 +111,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as object
-     * 
+     *
      * @param n key
      * @return argument value as object
      * @exception EBaseException failed to retrieve value
@@ -120,7 +120,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as object
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as object
@@ -129,7 +129,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Gets boolean value. They should be "true" or "false".
-     * 
+     *
      * @param name name of the input type
      * @return boolean type: true or false
      * @exception EBaseException failed to retrieve value
@@ -138,7 +138,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Gets boolean value. They should be "true" or "false".
-     * 
+     *
      * @param name name of the input type
      * @param def Default value to return.
      * @return boolean type: true or false
@@ -147,7 +147,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Gets KeyGenInfo
-     * 
+     *
      * @param name name of the input type
      * @param def default value to return
      * @exception EBaseException On error.
@@ -158,7 +158,7 @@ public interface IArgBlock extends Serializable {
     /**
      * Gets PKCS10 request. This pkcs10 attribute does not
      * contain header information.
-     * 
+     *
      * @param name name of the input type
      * @return pkcs10 request
      * @exception EBaseException failed to retrieve value
@@ -168,7 +168,7 @@ public interface IArgBlock extends Serializable {
     /**
      * Gets PKCS10 request. This pkcs10 attribute does not
      * contain header information.
-     * 
+     *
      * @param name name of the input type
      * @param def default PKCS10
      * @return pkcs10 request
@@ -178,7 +178,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves PKCS10
-     * 
+     *
      * @param name name of the input type
      * @param checkheader true if header must be present
      * @return PKCS10 object
@@ -188,7 +188,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves PKCS10
-     * 
+     *
      * @param name name of the input type
      * @param checkheader true if header must be present
      * @param def default PKCS10
@@ -199,7 +199,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves PKCS10
-     * 
+     *
      * @param name name of the input type
      * @param def default PKCS10
      * @return PKCS10 object
@@ -209,14 +209,14 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves a list of argument keys.
-     * 
+     *
      * @return a list of string-based keys
      */
     public Enumeration elements();
 
     /**
      * Adds long-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -225,7 +225,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds integer-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -234,7 +234,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds boolean-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -243,7 +243,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds integer-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @param radix radix
@@ -253,7 +253,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Sets argument into this block.
-     * 
+     *
      * @param name key
      * @param obj value
      */
@@ -261,7 +261,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument.
-     * 
+     *
      * @param name key
      * @return object value
      */
@@ -269,14 +269,14 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Deletes argument by the given key.
-     * 
+     *
      * @param name key
      */
     public void delete(String name);
 
     /**
      * Retrieves a list of argument keys.
-     * 
+     *
      * @return a list of string-based keys
      */
     public Enumeration getElements();
diff --git a/base/common/src/com/netscape/certsrv/base/IAttrSet.java b/base/common/src/com/netscape/certsrv/base/IAttrSet.java
index e396b072a..eb2ae2746 100644
--- a/base/common/src/com/netscape/certsrv/base/IAttrSet.java
+++ b/base/common/src/com/netscape/certsrv/base/IAttrSet.java
@@ -30,14 +30,14 @@ import java.util.Enumeration;
  * E.g., ((AttrSet)container.get("x")).get("y") is equivalent to
  * container.get("x.y");
  * 

- * 
+ *
  * @version $Revision$, $Date$
  **/
 public interface IAttrSet extends Serializable {
 
     /**
      * Sets an attribute value within this AttrSet.
-     * 
+     *
      * @param name the name of the attribute
      * @param obj the attribute object.
      * @exception EBaseException on attribute handling errors.
@@ -46,7 +46,7 @@ public interface IAttrSet extends Serializable {
 
     /**
      * Gets an attribute value.
-     * 
+     *
      * @param name the name of the attribute to return.
      * @exception EBaseException on attribute handling errors.
      */
@@ -54,7 +54,7 @@ public interface IAttrSet extends Serializable {
 
     /**
      * Deletes an attribute value from this AttrSet.
-     * 
+     *
      * @param name the name of the attribute to delete.
      * @exception EBaseException on attribute handling errors.
      */
@@ -63,7 +63,7 @@ public interface IAttrSet extends Serializable {
     /**
      * Returns an enumeration of the names of the attributes existing within
      * this AttrSet.
-     * 
+     *
      * @return an enumeration of the attribute names.
      */
     public Enumeration getElements();
diff --git a/base/common/src/com/netscape/certsrv/base/IAuthInfo.java b/base/common/src/com/netscape/certsrv/base/IAuthInfo.java
index 4806a94c0..b2cb2c934 100644
--- a/base/common/src/com/netscape/certsrv/base/IAuthInfo.java
+++ b/base/common/src/com/netscape/certsrv/base/IAuthInfo.java
@@ -24,7 +24,7 @@ package com.netscape.certsrv.base;
  * user needs to authenticate to CMS using SSL. The
  * client certificate is expressed in authenticated context.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthInfo {
diff --git a/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java b/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java
index d111063a7..5bda77384 100644
--- a/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java
+++ b/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java
@@ -22,14 +22,14 @@ import java.util.Locale;
 /**
  * This interface represents a CRL pretty print handler.
  * It converts a CRL object into a printable CRL string.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICRLPrettyPrint {
 
     /**
      * Retrieves the printable CRL string.
-     * 
+     *
      * @param clientLocale end user clocale
      * @param crlSize CRL size
      * @param pageStart starting page number
@@ -40,7 +40,7 @@ public interface ICRLPrettyPrint {
 
     /**
      * Retrieves the printable CRL string.
-     * 
+     *
      * @param clientLocale end user clocale
      * @return printable CRL string
      */
diff --git a/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java b/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java
index e991d5a11..8f9df30b8 100644
--- a/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java
+++ b/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java
@@ -23,14 +23,14 @@ import java.util.Locale;
  * This interface represents a certificate pretty print
  * handler. This handler converts certificate object into
  * a printable certificate string.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICertPrettyPrint {
 
     /**
      * Returns printable certificate string.
-     * 
+     *
      * @param clientLocale end user locale
      * @return printable certificate string
      */
diff --git a/base/common/src/com/netscape/certsrv/base/IConfigStore.java b/base/common/src/com/netscape/certsrv/base/IConfigStore.java
index d12265e83..d96fddb05 100644
--- a/base/common/src/com/netscape/certsrv/base/IConfigStore.java
+++ b/base/common/src/com/netscape/certsrv/base/IConfigStore.java
@@ -26,7 +26,7 @@ import java.util.Enumeration;
  * to keep arbitrary data indexed by string names.
  * 

  * In the following example:
- * 
+ *
  * 
  *      param1=value1
  *      configStore1.param11=value11
@@ -35,27 +35,27 @@ import java.util.Enumeration;
  *      configStore1.subStore1.param112=value112
  *      configStore2.param21=value21
  * 

- * 
+ *
  * The top config store has parameters param1 and sub-stores configStore1 and configStore2. 

  * The following illustrates how a config store is used.
- * 
+ *
  * 
- * // the top config store is passed to the following method. 
+ * // the top config store is passed to the following method.
  * public void init(IConfigStore config) throws EBaseException {
  *     IConfigStore store = config;
  *     String valx = config.getString("param1");
  *     // valx is "value1" <p>
- * 
+ *
  *     IConfigStore substore1 = config.getSubstore("configStore1");
  *     String valy = substore1.getString("param11");
  *     // valy is "value11" <p>
- * 
+ *
  *     IConfigStore substore2 = config.getSubstore("configStore2");
  *     String valz = substore2.getString("param21");
  *     // valz is "value21" <p>
  * }
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConfigStore extends ISourceConfigStore {
@@ -63,7 +63,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Gets the name of this Configuration Store.
      * 

-     * 
+     *
      * @return The name of this Configuration store
      */
     public String getName();
@@ -71,7 +71,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the value of the given property as a string.
      * 

-     * 
+     *
      * @param name The name of the property to get
      * @return The value of the property as a String
      * @exception EPropertyNotFound If the property is not present
@@ -84,7 +84,7 @@ public interface IConfigStore extends ISourceConfigStore {
      * Retrieves the value of a given property as a string or the
      * given default value if the property is not present.
      * 

-     * 
+     *
      * @param name The property to retrive
      * @param defval The default value to return if the property is not present
      * @return The roperty value as a string
@@ -96,7 +96,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Stores a property and its value as a string.
      * 

-     * 
+     *
      * @param name The name of the property
      * @param value The value as a string
      */
@@ -105,7 +105,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the value of a property as a byte array.
      * 

-     * 
+     *
      * @param name The property name
      * @return The property value as a byte array
      * @exception EPropertyNotFound If the property is not present
@@ -118,7 +118,7 @@ public interface IConfigStore extends ISourceConfigStore {
      * Retrieves the value of a property as a byte array, using the
      * given default value if property is not present.
      * 

-     * 
+     *
      * @param name The name of the property
      * @param defval The default value if the property is not present.
      * @return The property value as a byte array.
@@ -130,7 +130,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Stores the given property and value as a byte array.
      * 

-     * 
+     *
      * @param name The property name
      * @param value The value as a byte array to store
      */
@@ -139,7 +139,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as a boolean.
      * 

-     * 
+     *
      * @param name The name of the property as a string.
      * @return The value of the property as a boolean.
      * @exception EPropertyNotFound If the property is not present
@@ -151,7 +151,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as a boolean.
      * 

-     * 
+     *
      * @param name The name of the property
      * @param defval The default value to turn as a boolean if
      *            property is not present
@@ -164,7 +164,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Stores the given property and its value as a boolean.
      * 

-     * 
+     *
      * @param name The property name
      * @param value The value as a boolean
      */
@@ -173,7 +173,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as an integer.
      * 

-     * 
+     *
      * @param name The property name
      * @return The property value as an integer
      * @exception EPropertyNotFound If property is not found
@@ -185,7 +185,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as an integer.
      * 

-     * 
+     *
      * @param name The property name
      * @return int The default value to return as an integer
      * @exception EBaseException If the value cannot be converted to a
@@ -197,7 +197,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Sets a property and its value as an integer.
      * 

-     * 
+     *
      * @param name parameter name
      * @param value integer value
      */
@@ -206,7 +206,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as a big integer.
      * 

-     * 
+     *
      * @param name The property name
      * @return The property value as a big integer
      * @exception EPropertyNotFound If property is not found
@@ -218,7 +218,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as a big integer.
      * 

-     * 
+     *
      * @param name The property name
      * @return int The default value to return as a big integer
      * @exception EBaseException If the value cannot be converted to a
@@ -230,7 +230,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Sets a property and its value as an integer.
      * 

-     * 
+     *
      * @param name parameter name
      * @param value big integer value
      */
@@ -239,7 +239,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Creates a nested sub-store with the specified name.
      * 

-     * 
+     *
      * @param name The name of the sub-store
      * @return The sub-store created
      */
@@ -248,7 +248,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given sub-store.
      * 

-     * 
+     *
      * @param name The name of the sub-store
      * @return The sub-store
      */
@@ -258,7 +258,7 @@ public interface IConfigStore extends ISourceConfigStore {
      * Removes sub-store with the given name.
      * (Removes all properties and sub-stores under this sub-store.)
      * 

-     * 
+     *
      * @param name The name of the sub-store to remove
      */
     public void removeSubStore(String name);
@@ -267,7 +267,7 @@ public interface IConfigStore extends ISourceConfigStore {
 
     /**
      * Retrives and enumeration of all properties in this config-store.
-     * 
+     *
      * @return An enumeration of all properties in this config-store
      */
     public Enumeration getPropertyNames();
@@ -276,7 +276,7 @@ public interface IConfigStore extends ISourceConfigStore {
      * Returns an enumeration of the names of the substores of
      * this config-store.
      * 

-     * 
+     *
      * @return An enumeration of the names of the sub-stores of this
      *         config-store
      */
@@ -284,7 +284,7 @@ public interface IConfigStore extends ISourceConfigStore {
 
     /**
      * Commits all the data into file immediately.
-     * 
+     *
      * @param createBackup true if a backup file should be created
      * @exception EBaseException failed to commit
      */
diff --git a/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java b/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java
index 06e7d522a..8e5c13adf 100644
--- a/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java
+++ b/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java
@@ -21,14 +21,14 @@ import java.util.Hashtable;
 
 /**
  * ConfigStore Parameters Event Notification.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConfigStoreEventListener {
 
     /**
      * Called to validate the config store parameters that changed
-     * 
+     *
      * @param action action
      * @param params configuration parameters changed
      * @exception EBaseException failed to validate
@@ -38,7 +38,7 @@ public interface IConfigStoreEventListener {
 
     /**
      * Validates the config store parameters that changed
-     * 
+     *
      * @param action action
      * @param params configuration parameters changed
      * @exception EBaseException failed to validate
diff --git a/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java b/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java
index 8d95a40ca..108f0d544 100644
--- a/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java
+++ b/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java
@@ -20,14 +20,14 @@ package com.netscape.certsrv.base;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IExtPrettyPrint {
 
     /**
      * Retrieves the printable extension string.
-     * 
+     *
      * @return printable extension string
      */
     public String toString();
diff --git a/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java b/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java
index aff3daf4d..9a4de1345 100644
--- a/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java
+++ b/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java
@@ -22,7 +22,7 @@ import java.util.Locale;
 /**
  * Plugin which can return extended information to console
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IExtendedPluginInfo {
@@ -34,19 +34,19 @@ public interface IExtendedPluginInfo {
      * This method returns an array of strings. Each element of the
      * array represents a configurable parameter, or some other
      * meta-info (such as help-token)
-     * 
+     *
      * there is an entry indexed on that parameter name
      * ;[,required];;...
-     * 
+     *
      * Where:
-     * 
+     *
      * type_info is either 'string', 'number', 'boolean', 'password' or
      * 'choice(ch1,ch2,ch3,...)'
-     * 
+     *
      * If the marker 'required' is included after the type_info,
      * the parameter will has some visually distinctive marking in
      * the UI.
-     * 
+     *
      * 'description' is a short sentence describing the parameter
      * 'choice' is rendered as a drop-down list. The first parameter in the
      * list will be activated by default
@@ -59,20 +59,20 @@ public interface IExtendedPluginInfo {
      * the plugin. It is instead inserted directly into the password cache
      * keyed on the instance name. The value of the parameter
      * 'bindPWPrompt' (see example below) is set to the key.
-     * 
+     *
      * In addition to the configurable parameters, the following magic parameters
      * may be defined:
-     * 
+     *
      * HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin
      * HELP_TEXT;helptext - a general help string describing the plugin
-     * 
+     *
      * For example:
      * "username;string;The username you wish to login as"
      * "bindPWPrompt;password;Enter password to bind as above user with"
      * "algorithm;choice(RSA,DSA);Which algorithm do you want to use"
      * "enable;boolean;Do you want to run this plugin"
      * "port;number;Which port number do you want to use"
-     * 
+     *
      */
     public String[] getExtendedPluginInfo(Locale locale);
 
diff --git a/base/common/src/com/netscape/certsrv/base/IPluginImpl.java b/base/common/src/com/netscape/certsrv/base/IPluginImpl.java
index a7a0560b5..293aa2017 100644
--- a/base/common/src/com/netscape/certsrv/base/IPluginImpl.java
+++ b/base/common/src/com/netscape/certsrv/base/IPluginImpl.java
@@ -21,7 +21,7 @@ import java.util.Vector;
 
 /**
  * This interface represents a plugin instance.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPluginImpl {
@@ -31,7 +31,7 @@ public interface IPluginImpl {
     /**
      * Gets the description for this plugin instance.
      * 

-     * 
+     *
      * @return The Description for this plugin instance.
      */
     public String getDescription();
@@ -39,7 +39,7 @@ public interface IPluginImpl {
     /**
      * Returns the name of the plugin class.
      * 

-     * 
+     *
      * @return The name of the plugin class.
      */
     public String getImplName();
@@ -47,7 +47,7 @@ public interface IPluginImpl {
     /**
      * Returns the name of the plugin instance.
      * 

-     * 
+     *
      * @return The name of the plugin instance. If none is set
      *         the name of the implementation will be returned.xxxx
      */
@@ -55,7 +55,7 @@ public interface IPluginImpl {
 
     /**
      * Initializes this plugin instance.
-     * 
+     *
      * @param sys parent subsystem
      * @param instanceName instance name of this plugin
      * @param className class name of this plugin
@@ -73,14 +73,14 @@ public interface IPluginImpl {
 
     /**
      * Retrieves the configuration store.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Return configured parameters for a plugin instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs. Each name/value
      *         pair is constructed as a String in name=value format.
      */
@@ -88,14 +88,14 @@ public interface IPluginImpl {
 
     /**
      * Retrieves a list of configuration parameter names.
-     * 
+     *
      * @return a list of parameter names
      */
     public String[] getConfigParams();
 
     /**
      * Return default parameters for a plugin implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs. Each name/value
      *         pair is constructed as a String in name=value.
      */
diff --git a/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java b/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java
index 67c1b01d1..b7d3d5570 100644
--- a/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java
+++ b/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java
@@ -20,14 +20,14 @@ package com.netscape.certsrv.base;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     * 
+     *
      * @param in byte array
      * @param indentSize indentation size
      * @param lineLen length of line
@@ -39,7 +39,7 @@ public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     * 
+     *
      * @param in byte array
      * @param indentSize indentation size
      * @param lineLen length of line
@@ -49,7 +49,7 @@ public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     * 
+     *
      * @param in byte array
      * @param indentSize indentation size
      * @return pretty print string
@@ -58,7 +58,7 @@ public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     * 
+     *
      * @param in byte array
      * @return pretty print string
      */
diff --git a/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java b/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java
index eb848c54e..42637c258 100644
--- a/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java
+++ b/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java
@@ -27,9 +27,9 @@ import java.util.Enumeration;
  * An interface that represents the source that creates the configuration
  * store tree. Note that the tree can be built based on the information
  * from a text file or ldap entries.
- * 
+ *
  * @see com.netscape.certsrv.base.IConfigStore
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISourceConfigStore extends Serializable {
@@ -37,7 +37,7 @@ public interface ISourceConfigStore extends Serializable {
     /**
      * Gets a property.
      * 

-     * 
+     *
      * @param name The property name
      * @return property value
      */
@@ -46,7 +46,7 @@ public interface ISourceConfigStore extends Serializable {
     /**
      * Retrieves a property.
      * 

-     * 
+     *
      * @param name The property name
      * @param value The property value
      */
@@ -55,7 +55,7 @@ public interface ISourceConfigStore extends Serializable {
     /**
      * Returns an enumeration of the config store's keys.
      * 

-     * 
+     *
      * @return a list of keys
      * @see java.util.Hashtable#elements
      * @see java.util.Enumeration
@@ -64,7 +64,7 @@ public interface ISourceConfigStore extends Serializable {
 
     /**
      * Reads a config store from an input stream.
-     * 
+     *
      * @param in input stream where the properties are located
      * @exception IOException If an IO error occurs while loading from input.
      */
@@ -72,7 +72,7 @@ public interface ISourceConfigStore extends Serializable {
 
     /**
      * Stores this config store to the specified output stream.
-     * 
+     *
      * @param out output stream where the properties should be serialized
      * @param header optional header to be serialized
      */
diff --git a/base/common/src/com/netscape/certsrv/base/ISubsystem.java b/base/common/src/com/netscape/certsrv/base/ISubsystem.java
index 7b2a37d7d..25bee71c3 100644
--- a/base/common/src/com/netscape/certsrv/base/ISubsystem.java
+++ b/base/common/src/com/netscape/certsrv/base/ISubsystem.java
@@ -22,21 +22,21 @@ package com.netscape.certsrv.base;
  * subsystems. Each subsystem is responsible for a set of
  * speciailized functions.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISubsystem {
 
     /**
      * Retrieves the name of this subsystem.
-     * 
+     *
      * @return subsystem identifier
      */
     public String getId();
 
     /**
      * Sets specific to this subsystem.
-     * 
+     *
      * @param id subsystem identifier
      * @exception EBaseException failed to set id
      */
@@ -46,7 +46,7 @@ public interface ISubsystem {
      * Initializes this subsystem with the given configuration
      * store.
      * 

-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      * @exception EBaseException failed to initialize
@@ -56,7 +56,7 @@ public interface ISubsystem {
 
     /**
      * Notifies this subsystem if owner is in running mode.
-     * 
+     *
      * @exception EBaseException failed to start up
      */
     public void startup() throws EBaseException;
@@ -71,7 +71,7 @@ public interface ISubsystem {
     /**
      * Returns the root configuration storage of this system.
      * 

-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore();
diff --git a/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java b/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java
index f6bb6378b..31d7dddfb 100644
--- a/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java
+++ b/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java
@@ -21,14 +21,14 @@ package com.netscape.certsrv.base;
  * An interface represents a subsystem source. A subsystem
  * source is a container that manages multiple subsystems.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISubsystemSource {
 
     /**
      * Retrieves subsystem from the source.
-     * 
+     *
      * @param sid subsystem identifier
      * @return subsystem
      */
diff --git a/base/common/src/com/netscape/certsrv/base/ITimeSource.java b/base/common/src/com/netscape/certsrv/base/ITimeSource.java
index 1e7dd0fb0..194143c7a 100644
--- a/base/common/src/com/netscape/certsrv/base/ITimeSource.java
+++ b/base/common/src/com/netscape/certsrv/base/ITimeSource.java
@@ -26,14 +26,14 @@ import java.util.Date;
  * current time based on the system time. It is
  * possible to register a time source that returns
  * the current time from a NTP server.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ITimeSource {
 
     /**
      * Retrieves current time and date.
-     * 
+     *
      * @return current time and date
      */
     public Date getCurrentDate();
diff --git a/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java b/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java
index 8c13fca56..1846b8a4a 100644
--- a/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java
+++ b/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java
@@ -27,26 +27,26 @@ import netscape.security.x509.AlgorithmId;
 import netscape.security.x509.X509Key;
 
 /**
- * 
+ *
  * The KeyGenInfo represents the information generated by
  * the KeyGen tag of the HTML forms. It provides the parsing and accessing
  * mechanisms.
  * 

- * 
+ *
  * 
  * SignedPublicKeyAndChallenge ::= SEQUENCE {
  *      publicKeyAndChallenge PublicKeyAndChallenge,
  *      signatureAlgorithm AlgorithmIdentifier,
  *      signature BIT STRING
  * }
- * 
+ *
  * PublicKeyAndChallenge ::= SEQUENCE {
  *      spki SubjectPublicKeyInfo,
  *      challenge IA5STRING
  * }
  * 

- * 
- * 
+ *
+ *
  * @version $Revision$, $Date$
  */
 
@@ -80,7 +80,7 @@ public class KeyGenInfo {
     /**
      * Construct KeyGenInfo using the SignedPublicKeyAndChallenge
      * string representation.
-     * 
+     *
      * @param spkac SignedPublicKeyAndChallenge string representation
      */
     public KeyGenInfo(String spkac)
@@ -94,7 +94,7 @@ public class KeyGenInfo {
 
     /**
      * Initialize using the SPKAC string
-     * 
+     *
      * @param spkac SPKAC string from the end user
      */
     public void decode(String spkac) throws IOException {
@@ -105,7 +105,7 @@ public class KeyGenInfo {
 
     /**
      * Der encoded into buffer
-     * 
+     *
      * @return Der encoded buffer
      */
     public byte[] encode() {
@@ -114,7 +114,7 @@ public class KeyGenInfo {
 
     /**
      * Get SPKI in DerValue form
-     * 
+     *
      * @return SPKI in DerValue form
      */
     public DerValue getDerSPKI() {
@@ -123,7 +123,7 @@ public class KeyGenInfo {
 
     /**
      * Get SPKI as X509Key
-     * 
+     *
      * @return SPKI in X509Key form
      */
     public X509Key getSPKI() {
@@ -132,7 +132,7 @@ public class KeyGenInfo {
 
     /**
      * Get Challenge phrase in DerValue form
-     * 
+     *
      * @return Challenge in DerValue form. null if none.
      */
     public DerValue getDerChallenge() {
@@ -141,7 +141,7 @@ public class KeyGenInfo {
 
     /**
      * Get Challenge phrase in string format
-     * 
+     *
      * @return challenge phrase. null if none.
      */
     public String getChallenge() {
@@ -150,7 +150,7 @@ public class KeyGenInfo {
 
     /**
      * Get Signature
-     * 
+     *
      * @return signature
      */
     public byte[] getSignature() {
@@ -159,7 +159,7 @@ public class KeyGenInfo {
 
     /**
      * Get Algorithm ID
-     * 
+     *
      * @return the algorithm id
      */
     public AlgorithmId getAlgorithmId() {
@@ -168,7 +168,7 @@ public class KeyGenInfo {
 
     /**
      * Validate Signature and Challenge Phrase
-     * 
+     *
      * @param challenge phrase; null if none
      * @return true if validated; otherwise, false
      */
@@ -183,7 +183,7 @@ public class KeyGenInfo {
 
     /**
      * String representation of KenGenInfo
-     * 
+     *
      * @return string representation of KeGenInfo
      */
     public String toString() {
diff --git a/base/common/src/com/netscape/certsrv/base/MessageFormatter.java b/base/common/src/com/netscape/certsrv/base/MessageFormatter.java
index 903b534e0..40275b516 100644
--- a/base/common/src/com/netscape/certsrv/base/MessageFormatter.java
+++ b/base/common/src/com/netscape/certsrv/base/MessageFormatter.java
@@ -29,7 +29,7 @@ import java.util.ResourceBundle;
  * messages taking arguments and using java.util.ResourceBundle
  * and java.text.MessageFormat mechanism.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see java.util.ResourceBundle
@@ -40,7 +40,7 @@ public class MessageFormatter {
 
     /**
      * Retrieves the localized string.
-     * 
+     *
      * @param locale end user locale
      * @param resourceBundleBaseName resource bundle class name
      * @param formatString format string
@@ -55,7 +55,7 @@ public class MessageFormatter {
 
     /**
      * Retrieves the localized string.
-     * 
+     *
      * @param locale end user locale
      * @param resourceBundleBaseName resource bundle class name
      * @param formatString format string
@@ -74,7 +74,7 @@ public class MessageFormatter {
 
     /**
      * Retrieves the localized string.
-     * 
+     *
      * @param locale end user locale
      * @param resourceBundleBaseName resource bundle class name
      * @param formatString format string
diff --git a/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java b/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java
index 3a7bac977..a9a1e448f 100644
--- a/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java
+++ b/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java
@@ -25,7 +25,7 @@ import netscape.security.util.ObjectIdentifier;
 /**
  * A class representing a meta attribute defintion.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class MetaAttributeDef {
@@ -43,7 +43,7 @@ public class MetaAttributeDef {
     /**
      * Constructs a MetaAttribute defintion
      * 

-     * 
+     *
      * @param name attribute name
      * @param valueClass attribute value class
      * @param oid attribute object identifier
@@ -58,7 +58,7 @@ public class MetaAttributeDef {
     /**
      * Gets an attribute OID.
      * 

-     * 
+     *
      * @return returns attribute OID or null if not defined.
      */
     public ObjectIdentifier getOID() {
@@ -68,7 +68,7 @@ public class MetaAttributeDef {
     /**
      * Gets an Java class for the attribute values
      * 

-     * 
+     *
      * @return returns Java class for the attribute values
      */
     public Class getValueClass() {
@@ -78,7 +78,7 @@ public class MetaAttributeDef {
     /**
      * Gets attribute name
      * 

-     * 
+     *
      * @return returns attribute name
      */
     public String getName() {
@@ -90,7 +90,7 @@ public class MetaAttributeDef {
      * Attribute is defined by name, Java class for attribute values and
      * optional object identifier
      * 

-     * 
+     *
      * @param name attribute name
      * @param valueClass attribute value class
      * @param oid attribute object identifier
@@ -132,7 +132,7 @@ public class MetaAttributeDef {
     /**
      * Compares this attribute definition with another, for equality.
      * 

-     * 
+     *
      * @return true iff names, valueClasses and object identifiers
      *         are identical.
      */
@@ -157,7 +157,7 @@ public class MetaAttributeDef {
     /**
      * Retrieves attribute definition by name
      * 

-     * 
+     *
      * @param name attribute name
      * @return attribute definition or null if not found
      */
@@ -168,7 +168,7 @@ public class MetaAttributeDef {
     /**
      * Retrieves attribute definition by object identifier
      * 

-     * 
+     *
      * @param oid attribute object identifier
      * @return attribute definition or null if not found
      */
@@ -179,7 +179,7 @@ public class MetaAttributeDef {
     /**
      * Returns enumeration of the registered attribute names
      * 

-     * 
+     *
      * @return returns enumeration of the registered attribute names
      */
     public static Enumeration getAttributeNames() {
@@ -189,7 +189,7 @@ public class MetaAttributeDef {
     /**
      * Returns enumeration of the registered attribute object identifiers
      * 

-     * 
+     *
      * @return returns enumeration of the attribute object identifiers
      */
     public static Enumeration getAttributeNameOids() {
diff --git a/base/common/src/com/netscape/certsrv/base/MetaInfo.java b/base/common/src/com/netscape/certsrv/base/MetaInfo.java
index 8aed6b840..1ad561489 100644
--- a/base/common/src/com/netscape/certsrv/base/MetaInfo.java
+++ b/base/common/src/com/netscape/certsrv/base/MetaInfo.java
@@ -25,7 +25,7 @@ import java.util.Hashtable;
  * object is just a generic hashtable that is embedded into
  * a request object.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class MetaInfo implements IAttrSet {
@@ -49,7 +49,7 @@ public class MetaInfo implements IAttrSet {
     /**
      * Returns a short string describing this certificate attribute.
      * 

-     * 
+     *
      * @return information about this certificate attribute.
      */
     public String toString() {
@@ -71,7 +71,7 @@ public class MetaInfo implements IAttrSet {
     /**
      * Gets an attribute value.
      * 

-     * 
+     *
      * @param name the name of the attribute to return.
      * @exception EBaseException on attribute handling errors.
      */
@@ -81,10 +81,10 @@ public class MetaInfo implements IAttrSet {
 
     /**
      * Sets an attribute value.
-     * 
+     *
      * @param name the name of the attribute
      * @param obj the attribute object.
-     * 
+     *
      * @exception EBaseException on attribute handling errors.
      */
     public void set(String name, Object obj) throws EBaseException {
@@ -94,7 +94,7 @@ public class MetaInfo implements IAttrSet {
     /**
      * Deletes an attribute value from this CertAttrSet.
      * 

-     * 
+     *
      * @param name the name of the attribute to delete.
      * @exception EBaseException on attribute handling errors.
      */
@@ -106,7 +106,7 @@ public class MetaInfo implements IAttrSet {
      * Returns an enumeration of the names of the attributes existing within
      * this attribute.
      * 

-     * 
+     *
      * @return an enumeration of the attribute names.
      */
     public Enumeration getElements() {
diff --git a/base/common/src/com/netscape/certsrv/base/Nonces.java b/base/common/src/com/netscape/certsrv/base/Nonces.java
index cc0231ac3..c041ec777 100644
--- a/base/common/src/com/netscape/certsrv/base/Nonces.java
+++ b/base/common/src/com/netscape/certsrv/base/Nonces.java
@@ -24,7 +24,7 @@ import java.util.Vector;
 /**
  * This class manages nonces sometimes used to control request state flow.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Nonces {
diff --git a/base/common/src/com/netscape/certsrv/base/PasswordResources.java b/base/common/src/com/netscape/certsrv/base/PasswordResources.java
index c3309c5fa..3e4164ad0 100644
--- a/base/common/src/com/netscape/certsrv/base/PasswordResources.java
+++ b/base/common/src/com/netscape/certsrv/base/PasswordResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the password checker.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
diff --git a/base/common/src/com/netscape/certsrv/base/Plugin.java b/base/common/src/com/netscape/certsrv/base/Plugin.java
index 79fae88ac..c81596505 100644
--- a/base/common/src/com/netscape/certsrv/base/Plugin.java
+++ b/base/common/src/com/netscape/certsrv/base/Plugin.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.base;
 /**
  * This represents a generici CMS plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Plugin {
@@ -30,7 +30,7 @@ public class Plugin {
 
     /**
      * Constructs a plugin.
-     * 
+     *
      * @param id plugin implementation name
      * @param classPath class path
      */
@@ -41,7 +41,7 @@ public class Plugin {
 
     /**
      * Returns the plugin identifier.
-     * 
+     *
      * @return plugin id
      */
     public String getId() {
@@ -50,7 +50,7 @@ public class Plugin {
 
     /**
      * Returns the plugin classpath.
-     * 
+     *
      * @return plugin classpath
      */
     public String getClassPath() {
diff --git a/base/common/src/com/netscape/certsrv/base/SessionContext.java b/base/common/src/com/netscape/certsrv/base/SessionContext.java
index b4ecd1241..c3c568f77 100644
--- a/base/common/src/com/netscape/certsrv/base/SessionContext.java
+++ b/base/common/src/com/netscape/certsrv/base/SessionContext.java
@@ -27,7 +27,7 @@ import java.util.Hashtable;
  * throughout the server. It is useful for passing
  * global and per-thread infomration in methods.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SessionContext extends Hashtable {
@@ -110,7 +110,7 @@ public class SessionContext extends Hashtable {
      * with the current thread.
      * This methods makes custom session context
      * possible.
-     * 
+     *
      * @param sc session context
      */
     public static void setContext(SessionContext sc) {
@@ -121,7 +121,7 @@ public class SessionContext extends Hashtable {
      * Retrieves the session context associated with
      * the current thread. If no context is associated,
      * a context is created.
-     * 
+     *
      * @return sesssion context
      */
     public static SessionContext getContext() {
@@ -138,7 +138,7 @@ public class SessionContext extends Hashtable {
      * Retrieves the session context associated with
      * the current thread. If no context is associated,
      * null is returned.
-     * 
+     *
      * @return sesssion context
      */
     public static SessionContext getExistingContext() {
diff --git a/base/common/src/com/netscape/certsrv/ca/CAResources.java b/base/common/src/com/netscape/certsrv/ca/CAResources.java
index dfb72d57d..90e0e5c61 100644
--- a/base/common/src/com/netscape/certsrv/ca/CAResources.java
+++ b/base/common/src/com/netscape/certsrv/ca/CAResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for CA subsystem.
  * 

- * 
+ *
  * @version $Revision$ $Date$
  */
 public class CAResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/ca/ECAException.java b/base/common/src/com/netscape/certsrv/ca/ECAException.java
index a530b08a5..54ddbe806 100644
--- a/base/common/src/com/netscape/certsrv/ca/ECAException.java
+++ b/base/common/src/com/netscape/certsrv/ca/ECAException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a CA exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ECAException extends EBaseException {
@@ -39,7 +39,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from CAResources.
      */
     public ECAException(String msgFormat) {
@@ -49,7 +49,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from CAResources.
      * @param param additional parameters to the message.
      */
@@ -60,7 +60,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from CAResources.
      * @param e embedded exception.
      */
@@ -71,7 +71,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from CAResources.
      * @param params additional parameters to the message.
      */
@@ -82,7 +82,7 @@ public class ECAException extends EBaseException {
     /**
      * Returns the bundle file name.
      * 

-     * 
+     *
      * @return name of bundle class associated with this exception.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java b/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java
index b4c10a0c5..ca40e55ae 100644
--- a/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java
+++ b/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.ca;
 /**
  * A class represents a CA exception associated with publishing error.
  * 

- * 
+ *
  * @version $Revision$ $Date$
  */
 public class EErrorPublishCRL extends ECAException {
@@ -33,7 +33,7 @@ public class EErrorPublishCRL extends ECAException {
     /**
      * Constructs a CA exception caused by publishing error.
      * 

-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EErrorPublishCRL(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/ca/ICAService.java b/base/common/src/com/netscape/certsrv/ca/ICAService.java
index 1edebcc8b..1d179e076 100644
--- a/base/common/src/com/netscape/certsrv/ca/ICAService.java
+++ b/base/common/src/com/netscape/certsrv/ca/ICAService.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * An interface representing a CA request services.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICAService {
@@ -37,7 +37,7 @@ public interface ICAService {
     /**
      * Marks certificate record as revoked by adding revocation information.
      * Updates CRL cache.
-     * 
+     *
      * @param crlentry revocation information obtained from revocation request
      * @exception EBaseException failed to mark certificate record as revoked
      */
@@ -47,7 +47,7 @@ public interface ICAService {
     /**
      * Marks certificate record as revoked by adding revocation information.
      * Updates CRL cache.
-     * 
+     *
      * @param crlentry revocation information obtained from revocation request
      * @param requestId revocation request id
      * @exception EBaseException failed to mark certificate record as revoked
@@ -58,7 +58,7 @@ public interface ICAService {
     /**
      * Issues certificate base on enrollment information,
      * creates certificate record, and stores all necessary data.
-     * 
+     *
      * @param certi information obtain from revocation request
      * @exception EBaseException failed to issue certificate or create certificate record
      */
@@ -70,7 +70,7 @@ public interface ICAService {
 
     /**
      * Services profile request.
-     * 
+     *
      * @param request profile enrollment request information
      * @exception EBaseException failed to service profile enrollment request
      */
@@ -79,7 +79,7 @@ public interface ICAService {
 
     /**
      * Returns KRA-CA connector.
-     * 
+     *
      * @return KRA-CA connector
      */
     public IConnector getKRAConnector();
diff --git a/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java b/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java
index b3e94d02e..3e7115771 100644
--- a/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java
+++ b/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java
@@ -25,14 +25,14 @@ import com.netscape.certsrv.common.NameValuePairs;
 /**
  * An interface representing a CRL extension plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICMSCRLExtension {
 
     /**
      * Returns CRL extension OID string.
-     * 
+     *
      * @return OID of CRL extension
      */
     public String getCRLExtOID();
@@ -40,7 +40,7 @@ public interface ICMSCRLExtension {
     /**
      * Sets extension criticality and returns extension
      * with new criticality.
-     * 
+     *
      * @param ext CRL extension that will change criticality
      * @param critical new criticality to be assigned to CRL extension
      * @return extension with new criticality
@@ -51,7 +51,7 @@ public interface ICMSCRLExtension {
     /**
      * Builds new CRL extension based on configuration data,
      * issuing point information, and criticality.
-     * 
+     *
      * @param config configuration store
      * @param crlIssuingPoint CRL issuing point
      * @param critical criticality to be assigned to CRL extension
@@ -63,7 +63,7 @@ public interface ICMSCRLExtension {
 
     /**
      * Reads configuration data and converts them to name value pairs.
-     * 
+     *
      * @param config configuration store
      * @param nvp name value pairs obtained from configuration data
      */
diff --git a/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java b/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java
index 6fa520fbf..dad5e691b 100644
--- a/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java
+++ b/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.common.NameValuePairs;
 /**
  * An interface representing a list of CRL extensions.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICMSCRLExtensions {
@@ -31,7 +31,7 @@ public interface ICMSCRLExtensions {
     /**
      * Updates configuration store for extension identified by id
      * with data delivered in name value pairs.
-     * 
+     *
      * @param id extension id
      * @param nvp name value pairs with new configuration data
      * @param config configuration store
@@ -40,7 +40,7 @@ public interface ICMSCRLExtensions {
 
     /**
      * Reads configuration data and returns them as name value pairs.
-     * 
+     *
      * @param id extension id
      * @return name value pairs with configuration data
      */
@@ -48,7 +48,7 @@ public interface ICMSCRLExtensions {
 
     /**
      * Returns class name with its path.
-     * 
+     *
      * @param name extension id
      * @return class name with its path
      */
diff --git a/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java b/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java
index f317db9b1..80a579cca 100644
--- a/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java
+++ b/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.dbs.IElementProcessor;
  * can also be triggered by invoking updateCRL method directly. Another
  * parameter minUpdateInterval can be used to prevent CRL
  * from being updated too often
- * 
+ *
  * @version $Revision$, $Date$
  */
 
@@ -73,98 +73,98 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns true if CRL issuing point is enabled.
-     * 
+     *
      * @return true if CRL issuing point is enabled
      */
     public boolean isCRLIssuingPointEnabled();
 
     /**
      * Returns true if CRL generation is enabled.
-     * 
+     *
      * @return true if CRL generation is enabled
      */
     public boolean isCRLGenerationEnabled();
 
     /**
      * Enables or disables CRL issuing point according to parameter.
-     * 
+     *
      * @param enable if true enables CRL issuing point
      */
     public void enableCRLIssuingPoint(boolean enable);
 
     /**
      * Returns CRL update status.
-     * 
+     *
      * @return CRL update status
      */
     public String getCrlUpdateStatusStr();
 
     /**
      * Returns CRL update error.
-     * 
+     *
      * @return CRL update error
      */
     public String getCrlUpdateErrorStr();
 
     /**
      * Returns CRL publishing status.
-     * 
+     *
      * @return CRL publishing status
      */
     public String getCrlPublishStatusStr();
 
     /**
      * Returns CRL publishing error.
-     * 
+     *
      * @return CRL publishing error
      */
     public String getCrlPublishErrorStr();
 
     /**
      * Returns CRL issuing point initialization status.
-     * 
+     *
      * @return status of CRL issuing point initialization
      */
     public int isCRLIssuingPointInitialized();
 
     /**
      * Checks if manual update is set.
-     * 
+     *
      * @return true if manual update is set
      */
     public boolean isManualUpdateSet();
 
     /**
      * Checks if expired certificates are included in CRL.
-     * 
+     *
      * @return true if expired certificates are included in CRL
      */
     public boolean areExpiredCertsIncluded();
 
     /**
      * Checks if CRL includes CA certificates only.
-     * 
+     *
      * @return true if CRL includes CA certificates only
      */
     public boolean isCACertsOnly();
 
     /**
      * Checks if CRL includes profile certificates only.
-     * 
+     *
      * @return true if CRL includes profile certificates only
      */
     public boolean isProfileCertsOnly();
 
     /**
      * Checks if CRL issuing point includes this profile.
-     * 
+     *
      * @return true if CRL issuing point includes this profile
      */
     public boolean checkCurrentProfile(String id);
 
     /**
      * Initializes CRL issuing point.
-     * 
+     *
      * @param ca certificate authority that holds CRL issuing point
      * @param id CRL issuing point id
      * @param config configuration sub-store for CRL issuing point
@@ -181,21 +181,21 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns internal id of this CRL issuing point.
-     * 
+     *
      * @return internal id of this CRL issuing point
      */
     public String getId();
 
     /**
      * Returns internal description of this CRL issuing point.
-     * 
+     *
      * @return internal description of this CRL issuing point
      */
     public String getDescription();
 
     /**
      * Sets internal description of this CRL issuing point.
-     * 
+     *
      * @param description description for this CRL issuing point.
      */
     public void setDescription(String description);
@@ -203,21 +203,21 @@ public interface ICRLIssuingPoint {
     /**
      * Returns DN of the directory entry where CRLs from this issuing point
      * are published.
-     * 
+     *
      * @return DN of the directory entry where CRLs are published.
      */
     public String getPublishDN();
 
     /**
      * Returns signing algorithm.
-     * 
+     *
      * @return signing algorithm
      */
     public String getSigningAlgorithm();
 
     /**
      * Returns signing algorithm used in last signing operation..
-     * 
+     *
      * @return last signing algorithm
      */
     public String getLastSigningAlgorithm();
@@ -225,14 +225,14 @@ public interface ICRLIssuingPoint {
     /**
      * Returns current CRL generation schema for this CRL issuing point.
      * 

-     * 
+     *
      * @return current CRL generation schema for this CRL issuing point
      */
     public int getCRLSchema();
 
     /**
      * Returns current CRL number of this CRL issuing point.
-     * 
+     *
      * @return current CRL number of this CRL issuing point
      */
     public BigInteger getCRLNumber();
@@ -240,56 +240,56 @@ public interface ICRLIssuingPoint {
     /**
      * Returns current delta CRL number of this CRL issuing point.
      * 

-     * 
+     *
      * @return current delta CRL number of this CRL issuing point
      */
     public BigInteger getDeltaCRLNumber();
 
     /**
      * Returns next CRL number of this CRL issuing point.
-     * 
+     *
      * @return next CRL number of this CRL issuing point
      */
     public BigInteger getNextCRLNumber();
 
     /**
      * Returns number of entries in the current CRL.
-     * 
+     *
      * @return number of entries in the current CRL
      */
     public long getCRLSize();
 
     /**
      * Returns number of entries in delta CRL
-     * 
+     *
      * @return number of entries in delta CRL
      */
     public long getDeltaCRLSize();
 
     /**
      * Returns time of the last update.
-     * 
+     *
      * @return last CRL update time
      */
     public Date getLastUpdate();
 
     /**
      * Returns time of the next update.
-     * 
+     *
      * @return next CRL update time
      */
     public Date getNextUpdate();
 
     /**
      * Returns time of the next delta CRL update.
-     * 
+     *
      * @return next delta CRL update time
      */
     public Date getNextDeltaUpdate();
 
     /**
      * Returns all the revoked certificates from the CRL cache.
-     * 
+     *
      * @param start first requested CRL entry
      * @param end next after last requested CRL entry
      * @return set of all the revoked certificates or null if there are none.
@@ -298,7 +298,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns certificate authority.
-     * 
+     *
      * @return certificate authority
      */
     public ISubsystem getCertificateAuthority();
@@ -306,14 +306,14 @@ public interface ICRLIssuingPoint {
     /**
      * Schedules immediate CRL manual-update
      * and sets signature algorithm to be used for signing.
-     * 
+     *
      * @param signatureAlgorithm signature algorithm to be used for signing
      */
     public void setManualUpdate(String signatureAlgorithm);
 
     /**
      * Returns auto update interval in milliseconds.
-     * 
+     *
      * @return auto update interval in milliseconds
      */
     public long getAutoUpdateInterval();
@@ -321,14 +321,14 @@ public interface ICRLIssuingPoint {
     /**
      * Returns true if CRL is updated for every change
      * of revocation status of any certificate.
-     * 
+     *
      * @return true if CRL update is always triggered by revocation operation
      */
     public boolean getAlwaysUpdate();
 
     /**
      * Returns next update grace period in minutes.
-     * 
+     *
      * @return next update grace period in minutes
      */
     public long getNextUpdateGracePeriod();
@@ -336,7 +336,7 @@ public interface ICRLIssuingPoint {
     /**
      * Returns filter used to build CRL based on information stored
      * in local directory.
-     * 
+     *
      * @return filter used to search local directory
      */
     public String getFilter();
@@ -346,7 +346,7 @@ public interface ICRLIssuingPoint {
      * Calls certificate record processor to get necessary data
      * from certificate records.
      * This also regenerates CRL cache.
-     * 
+     *
      * @param cp certificate record processor
      * @exception EBaseException if an error occurred in the database.
      */
@@ -356,7 +356,7 @@ public interface ICRLIssuingPoint {
     /**
      * Returns date of revoked certificate or null
      * if certificated is not listed as revoked.
-     * 
+     *
      * @param serialNumber serial number of certificate to be checked
      * @param checkDeltaCache true if delta CRL cache suppose to be
      *            included in checking process
@@ -370,7 +370,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns split times from CRL generation.
-     * 
+     *
      * @return split times from CRL generation in milliseconds
      */
     public Vector getSplitTimes();
@@ -378,7 +378,7 @@ public interface ICRLIssuingPoint {
     /**
      * Generates CRL now based on cache or local directory if cache
      * is not available. It also publishes CRL if it is required.
-     * 
+     *
      * @param signingAlgorithm signing algorithm to be used for CRL signing
      * @exception EBaseException if an error occurred during
      *                CRL generation or publishing
@@ -398,21 +398,21 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns number of recently revoked certificates.
-     * 
+     *
      * @return number of recently revoked certificates
      */
     public int getNumberOfRecentlyRevokedCerts();
 
     /**
      * Returns number of recently unrevoked certificates.
-     * 
+     *
      * @return number of recently unrevoked certificates
      */
     public int getNumberOfRecentlyUnrevokedCerts();
 
     /**
      * Returns number of recently expired and revoked certificates.
-     * 
+     *
      * @return number of recently expired and revoked certificates
      */
     public int getNumberOfRecentlyExpiredCerts();
@@ -420,7 +420,7 @@ public interface ICRLIssuingPoint {
     /**
      * Converts list of extensions supplied by revocation request
      * to list of extensions required to be placed in CRL.
-     * 
+     *
      * @param exts list of extensions supplied by revocation request
      * @return list of extensions required to be placed in CRL
      */
@@ -428,7 +428,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Adds revoked certificate to delta-CRL cache.
-     * 
+     *
      * @param serialNumber serial number of revoked certificate
      * @param revokedCert revocation information supplied by revocation request
      */
@@ -436,7 +436,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Adds revoked certificate to delta-CRL cache.
-     * 
+     *
      * @param serialNumber serial number of revoked certificate
      * @param revokedCert revocation information supplied by revocation request
      * @param requestId revocation request id
@@ -446,14 +446,14 @@ public interface ICRLIssuingPoint {
 
     /**
      * Adds unrevoked certificate to delta-CRL cache.
-     * 
+     *
      * @param serialNumber serial number of unrevoked certificate
      */
     public void addUnrevokedCert(BigInteger serialNumber);
 
     /**
      * Adds unrevoked certificate to delta-CRL cache.
-     * 
+     *
      * @param serialNumber serial number of unrevoked certificate
      * @param requestId unrevocation request id
      */
@@ -461,7 +461,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Adds expired and revoked certificate to delta-CRL cache.
-     * 
+     *
      * @param serialNumber serial number of expired and revoked certificate
      */
     public void addExpiredCert(BigInteger serialNumber);
@@ -474,7 +474,7 @@ public interface ICRLIssuingPoint {
     /**
      * Updates issuing point configuration according to supplied data
      * in name value pairs.
-     * 
+     *
      * @param params name value pairs defining new issuing point configuration
      * @return true if configuration is updated successfully
      */
@@ -482,35 +482,35 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns true if delta-CRL is enabled.
-     * 
+     *
      * @return true if delta-CRL is enabled
      */
     public boolean isDeltaCRLEnabled();
 
     /**
      * Returns true if CRL cache is enabled.
-     * 
+     *
      * @return true if CRL cache is enabled
      */
     public boolean isCRLCacheEnabled();
 
     /**
      * Returns true if CRL cache is empty.
-     * 
+     *
      * @return true if CRL cache is empty
      */
     public boolean isCRLCacheEmpty();
 
     /**
      * Returns true if CRL cache testing is enabled.
-     * 
+     *
      * @return true if CRL cache testing is enabled
      */
     public boolean isCRLCacheTestingEnabled();
 
     /**
      * Returns true if supplied delta-CRL is matching current delta-CRL.
-     * 
+     *
      * @param deltaCRL delta-CRL to verify against current delta-CRL
      * @return true if supplied delta-CRL is matching current delta-CRL
      */
@@ -518,7 +518,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns status of CRL generation.
-     * 
+     *
      * @return one of the following according to CRL generation status:
      *         CRL_UPDATE_DONE, CRL_UPDATE_STARTED, and CRL_PUBLISHING_STARTED
      */
@@ -528,7 +528,7 @@ public interface ICRLIssuingPoint {
      * Generates CRL now based on cache or local directory if cache
      * is not available. It also publishes CRL if it is required.
      * CRL is signed by default signing algorithm.
-     * 
+     *
      * @exception EBaseException if an error occurred during
      *                CRL generation or publishing
      */
@@ -536,7 +536,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns list of CRL extensions.
-     * 
+     *
      * @return list of CRL extensions
      */
     public ICMSCRLExtensions getCRLExtensions();
diff --git a/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java b/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java
index 25bc9cabe..ee7d60c38 100644
--- a/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java
+++ b/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java
@@ -47,7 +47,7 @@ import com.netscape.certsrv.security.ISigningUnit;
  * An interface represents a Certificate Authority that is
  * responsible for certificate specific operations.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICertificateAuthority extends ISubsystem {
@@ -111,14 +111,14 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Retrieves the certificate repository where all the locally
      * issued certificates are kept.
-     * 
+     *
      * @return CA's certificate repository
      */
     public ICertificateRepository getCertificateRepository();
 
     /**
      * Retrieves the request queue of this certificate authority.
-     * 
+     *
      * @return CA's request queue
      */
     public IRequestQueue getRequestQueue();
@@ -136,21 +136,21 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the publishing processor of this certificate authority.
-     * 
+     *
      * @return CA's publishing processor
      */
     public IPublisherProcessor getPublisherProcessor();
 
     /**
      * Retrieves the next available serial number.
-     * 
+     *
      * @return next available serial number
      */
     public String getStartSerial();
 
     /**
      * Sets the next available serial number.
-     * 
+     *
      * @param serial next available serial number
      * @exception EBaseException failed to set next available serial number
      */
@@ -159,7 +159,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Retrieves the last serial number that can be used for
      * certificate issuance in this certificate authority.
-     * 
+     *
      * @return the last serial number
      */
     public String getMaxSerial();
@@ -167,7 +167,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Sets the last serial number that can be used for
      * certificate issuance in this certificate authority.
-     * 
+     *
      * @param serial the last serial number
      * @exception EBaseException failed to set the last serial number
      */
@@ -175,21 +175,21 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the default signature algorithm of this certificate authority.
-     * 
+     *
      * @return the default signature algorithm of this CA
      */
     public SignatureAlgorithm getDefaultSignatureAlgorithm();
 
     /**
      * Retrieves the default signing algorithm of this certificate authority.
-     * 
+     *
      * @return the default signing algorithm of this CA
      */
     public String getDefaultAlgorithm();
 
     /**
      * Sets the default signing algorithm of this certificate authority.
-     * 
+     *
      * @param algorithm new default signing algorithm
      * @exception EBaseException failed to set the default signing algorithm
      */
@@ -197,7 +197,7 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the supported signing algorithms of this certificate authority.
-     * 
+     *
      * @return the supported signing algorithms of this CA
      */
     public String[] getCASigningAlgorithms();
@@ -205,7 +205,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Allows certificates to have validities that are longer
      * than this certificate authority's.
-     * 
+     *
      * @param enableCAPast if equals "true", it allows certificates
      *            to have validity longer than CA's certificate validity
      * @exception EBaseException failed to set above option
@@ -214,21 +214,21 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the default validity period.
-     * 
+     *
      * @return the default validity length in days
      */
     public long getDefaultValidity();
 
     /**
      * Retrieves all the CRL issuing points.
-     * 
+     *
      * @return enumeration of all the CRL issuing points
      */
     public Enumeration getCRLIssuingPoints();
 
     /**
      * Retrieves CRL issuing point with the given identifier.
-     * 
+     *
      * @param id CRL issuing point id
      * @return CRL issuing point with given id
      */
@@ -236,7 +236,7 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Adds CRL issuing point with the given identifier and description.
-     * 
+     *
      * @param crlSubStore sub-store with all CRL issuing points
      * @param id CRL issuing point id
      * @param description CRL issuing point description
@@ -247,7 +247,7 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Deletes CRL issuing point with the given identifier.
-     * 
+     *
      * @param crlSubStore sub-store with all CRL issuing points
      * @param id CRL issuing point id
      */
@@ -255,77 +255,77 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the CRL repository.
-     * 
+     *
      * @return CA's CRL repository
      */
     public ICRLRepository getCRLRepository();
 
     /**
      * Retrieves the Replica ID repository.
-     * 
+     *
      * @return CA's Replica ID repository
      */
     public IReplicaIDRepository getReplicaRepository();
 
     /**
      * Retrieves the request in queue listener.
-     * 
+     *
      * @return the request in queue listener
      */
     public IRequestListener getRequestInQListener();
 
     /**
      * Retrieves all request listeners.
-     * 
+     *
      * @return name enumeration of all request listeners
      */
     public Enumeration getRequestListenerNames();
 
     /**
      * Retrieves the request listener for issued certificates.
-     * 
+     *
      * @return the request listener for issued certificates
      */
     public IRequestListener getCertIssuedListener();
 
     /**
      * Retrieves the request listener for revoked certificates.
-     * 
+     *
      * @return the request listener for revoked certificates
      */
     public IRequestListener getCertRevokedListener();
 
     /**
      * Retrieves the CA certificate chain.
-     * 
+     *
      * @return the CA certificate chain
      */
     public CertificateChain getCACertChain();
 
     /**
      * Retrieves the CA certificate.
-     * 
+     *
      * @return the CA certificate
      */
     public org.mozilla.jss.crypto.X509Certificate getCaX509Cert();
 
     /**
      * Retrieves the CA certificate.
-     * 
+     *
      * @return the CA certificate
      */
     public X509CertImpl getCACert();
 
     /**
      * Updates the CRL immediately for MasterCRL issuing point if it exists.
-     * 
+     *
      * @exception EBaseException failed to create or publish CRL
      */
     public void updateCRLNow() throws EBaseException;
 
     /**
      * Publishes the CRL immediately for MasterCRL issuing point if it exists.
-     * 
+     *
      * @exception EBaseException failed to publish CRL
      */
     public void publishCRLNow() throws EBaseException;
@@ -333,7 +333,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Retrieves the signing unit that manages the CA signing key for
      * signing certificates.
-     * 
+     *
      * @return the CA signing unit for certificates
      */
     public ISigningUnit getSigningUnit();
@@ -341,7 +341,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Retrieves the signing unit that manages the CA signing key for
      * signing CRL.
-     * 
+     *
      * @return the CA signing unit for CRLs
      */
     public ISigningUnit getCRLSigningUnit();
@@ -349,28 +349,28 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Retrieves the signing unit that manages the CA signing key for
      * signing OCSP response.
-     * 
+     *
      * @return the CA signing unit for OCSP responses
      */
     public ISigningUnit getOCSPSigningUnit();
 
     /**
      * Sets the maximium path length in the basic constraint extension.
-     * 
+     *
      * @param num the maximium path length
      */
     public void setBasicConstraintMaxLen(int num);
 
     /**
      * Is this a clone CA?
-     * 
+     *
      * @return true if this is a clone CA
      */
     public boolean isClone();
 
     /**
      * Retrieves the request listener by name.
-     * 
+     *
      * @param name request listener name
      * @return the request listener
      */
@@ -383,14 +383,14 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Registers a request listener.
-     * 
+     *
      * @param listener request listener to be registered
      */
     public void registerRequestListener(IRequestListener listener);
 
     /**
      * Registers a request listener.
-     * 
+     *
      * @param name under request listener is going to be registered
      * @param listener request listener to be registered
      */
@@ -398,21 +398,21 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the issuer name of this certificate authority.
-     * 
+     *
      * @return the issuer name of this certificate authority
      */
     public X500Name getX500Name();
 
     /**
      * Retrieves the issuer name of this certificate authority issuing point.
-     * 
+     *
      * @return the issuer name of this certificate authority issuing point
      */
     public X500Name getCRLX500Name();
 
     /**
      * Signs the given CRL with the specific algorithm.
-     * 
+     *
      * @param crl CRL to be signed
      * @param algname algorithm used for signing
      * @return signed CRL
@@ -423,7 +423,7 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Logs a message to this certificate authority.
-     * 
+     *
      * @param level logging level
      * @param msg logged message
      */
@@ -431,14 +431,14 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Returns the nickname for the CA signing certificate.
-     * 
+     *
      * @return the nickname for the CA signing certificate
      */
     public String getNickname();
 
     /**
      * Signs a X.509 certificate template.
-     * 
+     *
      * @param certInfo X.509 certificate template
      * @param algname algorithm used for signing
      * @return signed certificate
@@ -449,7 +449,7 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the default certificate version.
-     * 
+     *
      * @return the default version certificate
      */
     public CertificateVersion getDefaultCertVersion();
@@ -457,7 +457,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Is this CA allowed to issue certificate that has longer
      * validty than the CA's.
-     * 
+     *
      * @return true if allows certificates to have validity longer than CA's
      */
     public boolean isEnablePastCATime();
@@ -465,14 +465,14 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Retrieves the CA service object that is responsible for
      * processing requests.
-     * 
+     *
      * @return CA service object
      */
     public IService getCAService();
 
     /**
      * Returns the in-memory count of the processed OCSP requests.
-     * 
+     *
      * @return number of processed OCSP requests in memory
      */
     public long getNumOCSPRequest();
@@ -480,7 +480,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Returns the in-memory time (in mini-second) of
      * the processed time for OCSP requests.
-     * 
+     *
      * @return processed times for OCSP requests
      */
     public long getOCSPRequestTotalTime();
@@ -488,7 +488,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Returns the in-memory time (in mini-second) of
      * the signing time for OCSP requests.
-     * 
+     *
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalSignTime();
@@ -496,7 +496,7 @@ public interface ICertificateAuthority extends ISubsystem {
     /**
      * Returns the total data signed
      * for OCSP requests.
-     * 
+     *
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalData();
diff --git a/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java b/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java
index c79479dc7..84abeb775 100644
--- a/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.ISubsystem;
 
 /**
  * Interface for handling cross certs
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICrossCertPairSubsystem extends ISubsystem {
@@ -37,7 +37,7 @@ public interface ICrossCertPairSubsystem extends ISubsystem {
      * if matches up a pair, then publish to publishing directory
      * otherwise, leave in internal ldap db and wait for it's matching
      * pair
-     * 
+     *
      * @param certBytes binary byte array of the cert
      * @exception EBaseException when certBytes conversion to X509
      *                certificate fails
@@ -46,14 +46,14 @@ public interface ICrossCertPairSubsystem extends ISubsystem {
 
     /**
      * publish all cert pairs, if publisher is on
-     * 
+     *
      * @exception EBaseException when publishing fails
      */
     public void publishCertPairs() throws EBaseException;
 
     /**
      * convert byte array to X509Certificate
-     * 
+     *
      * @return X509Certificate the X509Certificate class
      *         representation of the certificate byte array
      * @exception CertificateException when conversion fails
diff --git a/base/common/src/com/netscape/certsrv/client/IDataProcessor.java b/base/common/src/com/netscape/certsrv/client/IDataProcessor.java
index b6784b6d2..b08fa6fde 100644
--- a/base/common/src/com/netscape/certsrv/client/IDataProcessor.java
+++ b/base/common/src/com/netscape/certsrv/client/IDataProcessor.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.client;
 /**
  * this class represents the callback interface between
  * the client package and the data storage object (data model)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDataProcessor {
@@ -28,7 +28,7 @@ public interface IDataProcessor {
     /**
      * This method will be callby the client package each time
      * data object arrived from the server side.
-     * 
+     *
      * @param data data object expected by the interface implementor
      */
     public void processData(Object data);
diff --git a/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java b/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java
index 0a96ee698..a2c00acba 100644
--- a/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java
+++ b/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.client.connection;
 
 /**
  * An interface represents authentiator.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAuthenticator {
diff --git a/base/common/src/com/netscape/certsrv/client/connection/IConnection.java b/base/common/src/com/netscape/certsrv/client/connection/IConnection.java
index 4a8166b02..db6ad5a85 100644
--- a/base/common/src/com/netscape/certsrv/client/connection/IConnection.java
+++ b/base/common/src/com/netscape/certsrv/client/connection/IConnection.java
@@ -22,7 +22,7 @@ import java.net.SocketException;
 
 /**
  * Interface for all connection objects.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConnection {
diff --git a/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java b/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java
index 4506abbfa..6396f09d4 100644
--- a/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java
+++ b/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java
@@ -23,14 +23,14 @@ import java.net.UnknownHostException;
 /**
  * Interface for all connection factory. Primarily act as
  * the abstraction layer for different kind of connection factory.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConnectionFactory {
 
     /**
      * Creates connection using the host and port
-     * 
+     *
      * @param host The host to connect to
      * @param port The port to connect to
      * @return The created connection
diff --git a/base/common/src/com/netscape/certsrv/common/ConfigConstants.java b/base/common/src/com/netscape/certsrv/common/ConfigConstants.java
index 2ea7b7469..0e135dd2b 100644
--- a/base/common/src/com/netscape/certsrv/common/ConfigConstants.java
+++ b/base/common/src/com/netscape/certsrv/common/ConfigConstants.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.common;
  * This interface contains constants that are used
  * in the protocol between the configuration daemon
  * and UI configuration wizard.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ConfigConstants {
diff --git a/base/common/src/com/netscape/certsrv/common/Constants.java b/base/common/src/com/netscape/certsrv/common/Constants.java
index be9d33b4c..23a9075ae 100644
--- a/base/common/src/com/netscape/certsrv/common/Constants.java
+++ b/base/common/src/com/netscape/certsrv/common/Constants.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.common;
 /**
  * This interface contains constants that are shared
  * by certificate server and its client SDK.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface Constants {
@@ -467,7 +467,7 @@ public interface Constants {
      * Security
      *========================================================*/
 
-    //functionality 
+    //functionality
     public final static String PR_CERT_SERVER = "SERVER";
     public final static String PR_CERT_ADMIN = "ADMIN";
     public final static String PR_CERT_AGENT = "AGENT";
@@ -544,7 +544,7 @@ public interface Constants {
     public final static String PR_TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = "tls_rsa_des_sha";
 
     /*========================================================
-     * Watchdog and Server State Messages 
+     * Watchdog and Server State Messages
      *========================================================*/
 
     public final static String SERVER_STARTUP_WARNING_MESSAGE = "CMS Warning: ";
diff --git a/base/common/src/com/netscape/certsrv/common/DestDef.java b/base/common/src/com/netscape/certsrv/common/DestDef.java
index 273e6af05..de7739d0a 100644
--- a/base/common/src/com/netscape/certsrv/common/DestDef.java
+++ b/base/common/src/com/netscape/certsrv/common/DestDef.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.common;
  * This interface defines all the operation destination
  * used in the administration protocol between the
  * console and the server.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface DestDef {
diff --git a/base/common/src/com/netscape/certsrv/common/NameValuePairs.java b/base/common/src/com/netscape/certsrv/common/NameValuePairs.java
index 0999db7bc..0f95ad2e3 100644
--- a/base/common/src/com/netscape/certsrv/common/NameValuePairs.java
+++ b/base/common/src/com/netscape/certsrv/common/NameValuePairs.java
@@ -23,7 +23,7 @@ import java.util.StringTokenizer;
 /**
  * A class represents an ordered list of name
  * value pairs.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NameValuePairs extends LinkedHashMap {
@@ -39,7 +39,7 @@ public class NameValuePairs extends LinkedHashMap {
     /**
      * Show the content of this name value container as
      * string representation.
-     * 
+     *
      * @return string representation
      */
     public String toString() {
@@ -57,7 +57,7 @@ public class NameValuePairs extends LinkedHashMap {
 
     /**
      * Parses a string into name value pairs.
-     * 
+     *
      * @param s string
      * @param nvp name value pairs
      * @return true if successful
diff --git a/base/common/src/com/netscape/certsrv/common/OpDef.java b/base/common/src/com/netscape/certsrv/common/OpDef.java
index 22a974e12..862b44760 100644
--- a/base/common/src/com/netscape/certsrv/common/OpDef.java
+++ b/base/common/src/com/netscape/certsrv/common/OpDef.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.common;
  * This interface defines all the administration operations
  * used in the administration protocol between the console
  * and the server.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface OpDef {
diff --git a/base/common/src/com/netscape/certsrv/common/PrefixDef.java b/base/common/src/com/netscape/certsrv/common/PrefixDef.java
index 833847d05..ac85694ac 100644
--- a/base/common/src/com/netscape/certsrv/common/PrefixDef.java
+++ b/base/common/src/com/netscape/certsrv/common/PrefixDef.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.common;
  * This interface defines all the prefix tags
  * used in the administration protocol between
  * the console and the server.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface PrefixDef {
diff --git a/base/common/src/com/netscape/certsrv/common/ScopeDef.java b/base/common/src/com/netscape/certsrv/common/ScopeDef.java
index f29067f51..e8919de5e 100644
--- a/base/common/src/com/netscape/certsrv/common/ScopeDef.java
+++ b/base/common/src/com/netscape/certsrv/common/ScopeDef.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.common;
  * This interface defines all the operation scope
  * used in the administration protocol between the
  * console and the server.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ScopeDef {
diff --git a/base/common/src/com/netscape/certsrv/common/TaskId.java b/base/common/src/com/netscape/certsrv/common/TaskId.java
index 01a97b2a1..407ec9187 100644
--- a/base/common/src/com/netscape/certsrv/common/TaskId.java
+++ b/base/common/src/com/netscape/certsrv/common/TaskId.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.common;
  * the configuration protocol between the
  * configuration wizard and the configuration
  * daemon.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface TaskId {
@@ -108,7 +108,7 @@ public interface TaskId {
     // check certificate extension
     public final static String TASK_CHECK_EXTENSION = "checkExtension";
 
-    // check validity period: make sure the notAfterDate of the certificate 
+    // check validity period: make sure the notAfterDate of the certificate
     // will not go beyond the notAfterDate of the CA cert which signs the certificate.
     public final static String TASK_VALIDITY_PERIOD = "checkValidityPeriod";
 
diff --git a/base/common/src/com/netscape/certsrv/connector/IConnector.java b/base/common/src/com/netscape/certsrv/connector/IConnector.java
index 202fb0794..61001be5b 100644
--- a/base/common/src/com/netscape/certsrv/connector/IConnector.java
+++ b/base/common/src/com/netscape/certsrv/connector/IConnector.java
@@ -23,12 +23,12 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This interface represents a connector that forwards
  * CMS requests to a remote authority.
- * 
+ *
  * To register a connector, one can add the following
  * to the CMS.cfg:
- * 
+ *
  * 
- * 
+ *
  *  Example for KRA type connector.
  * ca.connector.KRA.enable=true
  * ca.connector.KRA.host=thehost.netscape.com        #Remote host.
@@ -36,17 +36,17 @@ import com.netscape.certsrv.request.IRequest;
  * ca.connector.KRA.nickName="cert-kra"              #Nickname of connector for identity purposes.
  * ca.connector.KRA.uri="/kra/connector"             #Uri of the KRA server.
  * ca.connector.KRA.id="kra"
- * ca.connector.KRA.minHttpConns=1                   #Min connection pool connections. 
+ * ca.connector.KRA.minHttpConns=1                   #Min connection pool connections.
  * ca.connector.KRA.maxHttpConns=10                  #Max connection pool connections.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConnector {
 
     /**
      * Sends the request to a remote authority.
-     * 
+     *
      * @param req Request to be forwarded to remote authority.
      * @return true for success, otherwise false.
      * @exception EBaseException Failure to send request to remote authority.
diff --git a/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java b/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
index 27a94a57f..55c537cff 100644
--- a/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
+++ b/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
@@ -25,14 +25,14 @@ import com.netscape.certsrv.base.EBaseException;
  * Multiple threads use this interface to utilize and release
  * the Ldap connection resources. This factory will maintain a
  * list of Http type connections to the remote host.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IHttpConnFactory {
 
     /**
      * Request access to a Ldap connection from the pool.
-     * 
+     *
      * @exception EBaseException if any error occurs, such as a
      * @return Ldap connection object.
      *         connection is not available
@@ -42,7 +42,7 @@ public interface IHttpConnFactory {
 
     /**
      * Return connection to the factory. mandatory after a getConn().
-     * 
+     *
      * @param conn Ldap connection object to be returned to the free list of the pool.
      * @exception EBaseException On any failure to return the connection.
      */
diff --git a/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java b/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
index d1652dc90..8adc7da72 100644
--- a/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
+++ b/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
@@ -25,14 +25,14 @@ import com.netscape.certsrv.base.EBaseException;
  * PKI messages to a remote authority. The remote authority
  * will reply with a PKI message as well. An example would
  * be the communication between a CA and a KRA.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IHttpConnection {
 
     /**
      * Sends the PKI message to the remote authority.
-     * 
+     *
      * @param tomsg Message to forward to authority.
      * @exception EBaseException Failed to send message.
      */
diff --git a/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java b/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
index efa49126e..14b4b8648 100644
--- a/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
+++ b/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
@@ -23,35 +23,35 @@ import com.netscape.certsrv.request.IRequest;
  * This represents a Http PKI message. It contains
  * simple name/value pair values. Also maintains information
  * about the status and type of the message.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IHttpPKIMessage extends IPKIMessage {
 
     /**
      * Retrieves the request type.
-     * 
+     *
      * @return String with the type of request.
      */
     public String getReqType();
 
     /**
      * Retrieves the request identifier.
-     * 
+     *
      * @return String of name of request.
      */
     public String getReqId();
 
     /**
      * Copies contents of request to make a simple name/value message.
-     * 
+     *
      * @param r Instance of IRequest to be copied from.
      */
     public void fromRequest(IRequest r);
 
     /**
      * Copies contents to request.
-     * 
+     *
      * @param r Instance of IRequest to be copied to.
      */
     public void toRequest(IRequest r);
diff --git a/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java b/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
index 787dd8385..ca352aa82 100644
--- a/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
+++ b/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
@@ -25,29 +25,29 @@ import com.netscape.certsrv.request.IRequest;
  * Messages that are serialized and go over the wire.
  * It must be serializable, and
  * later will be inherited by CRMF message.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPKIMessage extends Serializable {
 
     /**
-     * 
+     *
      * Returns status of request.
-     * 
+     *
      * @return String of request status.
      */
     public String getReqStatus();
 
     /**
      * Retrieves the request type.
-     * 
+     *
      * @return String of type of request.
      */
     public String getReqType();
 
     /**
      * Retrieves the request identifer.
-     * 
+     *
      * @return String of name of request.
      */
     public String getReqId();
@@ -55,7 +55,7 @@ public interface IPKIMessage extends Serializable {
     /**
      * Makes a PKIMessage from a request
      * PKIMessage will be sent to wire.
-     * 
+     *
      * @param r Request to copy from.
      */
     public void fromRequest(IRequest r);
@@ -63,7 +63,7 @@ public interface IPKIMessage extends Serializable {
     /**
      * Copies contents of PKIMessage to the request
      * PKIMessage is from the wire.
-     * 
+     *
      * @param r Request to copy to.
      */
     public void toRequest(IRequest r);
diff --git a/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java b/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
index 50a3aea5f..f02154021 100644
--- a/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
+++ b/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
@@ -21,35 +21,35 @@ package com.netscape.certsrv.connector;
  * This represents a remote authority that can be
  * a certificate manager, or key recovery manager or
  * some other manager.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRemoteAuthority {
 
     /**
      * Retrieves the host name of the remote Authority.
-     * 
+     *
      * @return String with the name of host of remote Authority.
      */
     public String getHost();
 
     /**
      * Retrieves the port number of the remote Authority.
-     * 
+     *
      * @return Int with port number of remote Authority.
      */
     public int getPort();
 
     /**
      * Retrieves the URI of the remote Authority.
-     * 
+     *
      * @return String with URI of remote Authority.
      */
     public String getURI();
 
     /**
      * Retrieves the timeout value for the connection to the remote Authority.
-     * 
+     *
      * @return In with remote Authority timeout value.
      */
     public int getTimeout();
diff --git a/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java b/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
index 478af4174..c390f7ac3 100644
--- a/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
+++ b/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
@@ -23,14 +23,14 @@ import java.io.IOException;
  * This represents a rquest encoder that serializes and
  * deserializes a request to a Remote Authority so that it can be sent through
  * the connector.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestEncoder {
 
     /**
      * Encodes a request object.
-     * 
+     *
      * @param r Object to serve as the source of the message.
      * @return String containing encoded message.
      * @exception IOException Failure of the encoding operation due to IO error.
@@ -40,7 +40,7 @@ public interface IRequestEncoder {
 
     /**
      * Dncodes a String into an object.
-     * 
+     *
      * @return Object which is the result of the decoded message.
      * @exception IOException Failure of the decoding operation due to IO error.
      */
diff --git a/base/common/src/com/netscape/certsrv/connector/IResender.java b/base/common/src/com/netscape/certsrv/connector/IResender.java
index 85d3e364c..b1cd6149e 100644
--- a/base/common/src/com/netscape/certsrv/connector/IResender.java
+++ b/base/common/src/com/netscape/certsrv/connector/IResender.java
@@ -24,14 +24,14 @@ import com.netscape.certsrv.request.IRequest;
  * Default interval is 5 minutes. The need to resend a message could arise
  * due to an error or the fact that the message could not be serviced
  * immediately.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IResender extends Runnable {
 
     /**
      * Adds the request to the resend queue.
-     * 
+     *
      * @param r Request to be placed on the resend queue.
      */
     public void addRequest(IRequest r);
diff --git a/base/common/src/com/netscape/certsrv/dbs/DBResources.java b/base/common/src/com/netscape/certsrv/dbs/DBResources.java
index a2201b8e6..b06959bbc 100644
--- a/base/common/src/com/netscape/certsrv/dbs/DBResources.java
+++ b/base/common/src/com/netscape/certsrv/dbs/DBResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for DBS subsystem.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DBResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/dbs/EDBException.java b/base/common/src/com/netscape/certsrv/dbs/EDBException.java
index 77508dca4..1908bdf7e 100644
--- a/base/common/src/com/netscape/certsrv/dbs/EDBException.java
+++ b/base/common/src/com/netscape/certsrv/dbs/EDBException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a database exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EDBException extends EBaseException {
@@ -39,7 +39,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * 

-     * 
+     *
      * @param msgFormat message format
      */
     public EDBException(String msgFormat) {
@@ -49,7 +49,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * 

-     * 
+     *
      * @param msgFormat message format
      * @param param parameter
      */
@@ -60,7 +60,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * 

-     * 
+     *
      * @param msgFormat message format
      * @param e exception as parameter
      */
@@ -71,7 +71,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * 

-     * 
+     *
      * @param msgFormat message format
      * @param params list of parameters
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java b/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
index 6afb2dcc3..a7df8bac7 100644
--- a/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
+++ b/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.dbs;
 
 /**
  * Indicates internal db is down.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EDBNotAvailException extends EDBException {
@@ -31,7 +31,7 @@ public class EDBNotAvailException extends EDBException {
 
     /**
      * Constructs a ldap server down exception with host & port info.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EDBNotAvailException(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java b/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java
index dd3880c12..05b1085f0 100644
--- a/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java
+++ b/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.dbs;
 
 /**
  * Indicates internal db is down.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EDBRecordNotFoundException extends EDBException {
@@ -31,7 +31,7 @@ public class EDBRecordNotFoundException extends EDBException {
 
     /**
      * Constructs a ldap server down exception with host & port info.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EDBRecordNotFoundException(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java b/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java
index 27e15bd7d..a5a603ec3 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.base.EBaseException;
  * has knowledge on how to convert a db attribute into
  * zero or more LDAP attribute, and vice versa.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBAttrMapper {
@@ -37,14 +37,14 @@ public interface IDBAttrMapper {
      * Retrieves a list of LDAP attributes that are used
      * in the mapper. By having this, the framework can
      * provide search on selective attributes.
-     * 
+     *
      * @return a list of supported attribute names
      */
     public Enumeration getSupportedLDAPAttributeNames();
 
     /**
      * Maps object attribute into LDAP attributes.
-     * 
+     *
      * @param parent parent object where the object comes from
      * @param name name of db attribute
      * @param obj object itself
@@ -58,7 +58,7 @@ public interface IDBAttrMapper {
     /**
      * Maps LDAP attributes into object, and puts the object
      * into 'parent'.
-     * 
+     *
      * @param attrs LDAP attribute set
      * @param name name of db attribute to be processed
      * @param parent parent object where the object should be added
@@ -69,7 +69,7 @@ public interface IDBAttrMapper {
 
     /**
      * Maps search filters into LDAP search filter.
-     * 
+     *
      * @param name name of db attribute
      * @param op filte operation (i.e. "=", ">=")
      * @param value attribute value
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java b/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java
index 5684dd4d7..c1c8c3b39 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java
@@ -6,7 +6,7 @@ package com.netscape.certsrv.dbs;
  * assigned db attribute into zero or more dynamically assigned LDAP
  * attributes, and vice versa.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBDynAttrMapper extends IDBAttrMapper {
@@ -14,7 +14,7 @@ public interface IDBDynAttrMapper extends IDBAttrMapper {
     /**
      * Returns true if the LDAP attribute can be mapped by this
      * dynamic mapper.
-     * 
+     *
      * @param attrName LDAP attribute name to check
      * @return a list of supported attribute names
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBObj.java b/base/common/src/com/netscape/certsrv/dbs/IDBObj.java
index 5c634beeb..f59fe2195 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBObj.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBObj.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IAttrSet;
 /**
  * An interface represents a database object
  * that is serializable.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBObj extends IAttrSet {
@@ -34,7 +34,7 @@ public interface IDBObj extends IAttrSet {
      * names. This method should return the
      * attribute name even if there is no attribute
      * value for the attribute.
-     * 
+     *
      * @return a list of serializable attribute names
      */
     public Enumeration getSerializableAttrNames();
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java b/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java
index 241f3af9f..badf4d054 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java
@@ -26,21 +26,21 @@ import com.netscape.certsrv.base.ISubsystem;
  * A class represents a registry where all the
  * schema (object classes and attribute) information
  * is stored.
- * 
+ *
  * Attribute mappers can be registered with this
  * registry.
- * 
+ *
  * Given the schema information stored, this registry
  * has knowledge to convert a Java object into a
  * LDAPAttributeSet or vice versa.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBRegistry extends ISubsystem {
 
     /**
      * Registers object class.
-     * 
+     *
      * @param className java class to create for the object classes
      * @param ldapNames a list of LDAP object classes
      * @exception EDBException failed to register
@@ -50,7 +50,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * See if an object class is registered.
-     * 
+     *
      * @param className java class to create
      * @return true if object class is registered already
      */
@@ -58,7 +58,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Registers attribute mapper.
-     * 
+     *
      * @param ufName LDAP attribute name
      * @param mapper mapper to invoke for the attribute
      * @exception EDBException failed to register
@@ -68,7 +68,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * See if an attribute is registered.
-     * 
+     *
      * @param ufName attribute name
      * @return true if attribute is registered already
      */
@@ -76,7 +76,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Registers a dynamic attribute mapper.
-     * 
+     *
      * @param mapper The dynamic mapper to register
      */
     public void registerDynamicMapper(IDBDynAttrMapper mapper);
@@ -85,7 +85,7 @@ public interface IDBRegistry extends ISubsystem {
      * Creates LDAP-based search filters with help of
      * registered mappers.
      * Parses filter from filter string specified in RFC1558.
-     * 
+     *
      * 
      *  ::= '('  ')'
      *  ::=  |  |  | 
@@ -107,7 +107,7 @@ public interface IDBRegistry extends ISubsystem {
      *  ::= NULL |  '*' 
      *  ::= NULL | 
      * 

-     * 
+     *
      * @param filter CMS-based filter
      * @return LDAP-based filter string
      * @exception EBaseException failed to convert filter
@@ -117,7 +117,7 @@ public interface IDBRegistry extends ISubsystem {
     /**
      * Creates LDAP-based search filters with help of
      * registered mappers.
-     * 
+     *
      * @param filter CMS-based filter
      * @param c filter converter
      * @return LDAP-based filter string
@@ -128,7 +128,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Maps object into LDAP attribute set.
-     * 
+     *
      * @param parent object's parent
      * @param name name of the object
      * @param obj object to be mapped
@@ -141,7 +141,7 @@ public interface IDBRegistry extends ISubsystem {
     /**
      * Retrieves a list of LDAP attributes that are associated
      * with the given attributes.
-     * 
+     *
      * @param attrs attributes
      * @return LDAP-based attributes
      * @exception EBaseException failed to map attributes
@@ -151,7 +151,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Creates attribute set from object.
-     * 
+     *
      * @param obj database object
      * @return LDAP attribute set
      * @exception EBaseException failed to create set
@@ -161,7 +161,7 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Creates object from attribute set.
-     * 
+     *
      * @param attrs LDAP attribute set
      * @return database object
      * @exception EBaseException failed to create object
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java b/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
index c186d1145..a4c05f40a 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
@@ -25,36 +25,36 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * An interface represents the database session. Operations
  * can be performed with a session.
- * 
+ *
  * Transaction and Caching support can be integrated
  * into session.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBSSession {
 
     /**
      * Returns database subsystem.
-     * 
+     *
      * @return subsystem
      */
     public ISubsystem getDBSubsystem();
 
     /**
      * Closes this session.
-     * 
+     *
      * @exception EDBException failed to close session
      */
     public void close() throws EDBException;
 
     /**
      * Adds object to backend database. For example,
-     * 
+     *
      * 
      * session.add("cn=123459,o=certificate repository,o=airius.com",
      *             certRec);
      * 

-     * 
+     *
      * @param name name of the object
      * @param obj object to be added
      * @exception EDBException failed to add object
@@ -63,7 +63,7 @@ public interface IDBSSession {
 
     /**
      * Reads an object from the database.
-     * 
+     *
      * @param name name of the object that is to be read
      * @return database object
      * @exception EBaseException failed to read object
@@ -73,7 +73,7 @@ public interface IDBSSession {
     /**
      * Reads an object from the database, and only populates
      * the selected attributes.
-     * 
+     *
      * @param name name of the object that is to be read
      * @param attrs selected attributes
      * @return database object
@@ -84,7 +84,7 @@ public interface IDBSSession {
 
     /**
      * Deletes object from database.
-     * 
+     *
      * @param name name of the object that is to be deleted
      * @exception EBaseException failed to delete object
      */
@@ -92,7 +92,7 @@ public interface IDBSSession {
 
     /**
      * Modify an object in the database.
-     * 
+     *
      * @param name name of the object that is to be modified
      * @param mods modifications
      * @exception EBaseException failed to modify
@@ -103,7 +103,7 @@ public interface IDBSSession {
     /**
      * Searchs for a list of objects that match the
      * filter.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @return search results
@@ -115,7 +115,7 @@ public interface IDBSSession {
     /**
      * Searchs for a list of objects that match the
      * filter.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param maxSize max number of entries
@@ -128,7 +128,7 @@ public interface IDBSSession {
     /**
      * Searchs for a list of objects that match the
      * filter.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param maxSize max number of entries
@@ -142,7 +142,7 @@ public interface IDBSSession {
     /**
      * Retrieves a list of object that satifies the given
      * filter.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -154,7 +154,7 @@ public interface IDBSSession {
 
     /**
      * Retrieves a list of objects.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -167,7 +167,7 @@ public interface IDBSSession {
     /**
      * Sets persistent search to retrieve modified
      * certificate records.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -181,7 +181,7 @@ public interface IDBSSession {
 
     /**
      * Retrieves a list of objects.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -196,7 +196,7 @@ public interface IDBSSession {
 
     /**
      * Retrieves a list of objects.
-     * 
+     *
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java b/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java
index 04736cf32..dd5a41186 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java
@@ -23,21 +23,21 @@ import java.util.Enumeration;
  * A class represents the search results. A search
  * results object contain a enumeration of
  * Java objects that are just read from the database.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBSearchResults extends Enumeration {
 
     /**
      * Checks if any element is available.
-     * 
+     *
      * @return true if there is more elements
      */
     public boolean hasMoreElements();
 
     /**
      * Retrieves next element.
-     * 
+     *
      * @return next element
      */
     public Object nextElement();
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java b/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java
index fec6e6afa..dfa5312e5 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * 

  * This interface separate the database subsystem functionalities from internal implementation.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBSubsystem extends ISubsystem {
@@ -45,21 +45,21 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Retrieves the base DN.
-     * 
+     *
      * @return base DN of the subsystem
      */
     public String getBaseDN();
 
     /**
      * Retrieves the registry.
-     * 
+     *
      * @return registry
      */
     public IDBRegistry getRegistry();
 
     /**
      * Creates a database session.
-     * 
+     *
      * @return database session
      * @exception EDBException failed to create session
      */
@@ -67,14 +67,14 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Avoids losing serial number.
-     * 
+     *
      * @return true if serial number recovery option is enabled
      */
     public boolean enableSerialNumberRecovery();
 
     /**
      * Records next serial number in config file
-     * 
+     *
      * @param serial next serial number
      * @exception EBaseException failed to set
      */
@@ -82,14 +82,14 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets the next serial number in config file
-     * 
+     *
      * @return next serial number
      */
     public BigInteger getNextSerialConfig();
 
     /**
      * Records maximum serial number limit in config file
-     * 
+     *
      * @param serial max serial number
      * @param repo repo identifier
      * @exception EBaseException failed to set
@@ -98,7 +98,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Records minimum serial number limit in config file
-     * 
+     *
      * @param serial min serial number
      * @param repo repo identifier
      * @exception EBaseException failed to set
@@ -107,7 +107,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Records maximum serial number limit for the next range in config file
-     * 
+     *
      * @param serial max serial number
      * @param repo repo identifier
      * @exception EBaseException failed to set
@@ -116,7 +116,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Records minimum serial number limit for the next range in config file
-     * 
+     *
      * @param serial min serial number
      * @param repo repo identifier
      * @exception EBaseException failed to set
@@ -125,7 +125,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets minimum serial number limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @return min serial number
      */
@@ -133,7 +133,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets the maximum serial number limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @return max serial number
      */
@@ -141,7 +141,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets the maximum serial number limit for next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @return max serial number
      */
@@ -149,7 +149,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets minimum serial number limit for next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @return min serial number
      */
@@ -157,7 +157,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets low water mark limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @return low water mark
      */
@@ -165,7 +165,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets range increment limit for next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @return range increment
      */
@@ -173,7 +173,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Gets number corresponding to start of next range from database
-     * 
+     *
      * @param repo repo identifier
      * @return start of next range
      */
@@ -181,7 +181,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Determines if a range conflict has been observed in database
-     * 
+     *
      * @param repo repo identifier
      * @return true if range conflict, false otherwise
      */
@@ -189,7 +189,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Determines if serial number management has been enabled
-     * 
+     *
      * @return true if enabled, false otherwise
      */
     public boolean getEnableSerialMgmt();
@@ -197,7 +197,7 @@ public interface IDBSubsystem extends ISubsystem {
     /**
      * Sets whether serial number management is enabled for certs
      * and requests.
-     * 
+     *
      * @param value true/false
      * @exception EBaseException failed to set
      */
@@ -205,7 +205,7 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Returns LDAP connection to connection pool.
-     * 
+     *
      * @param conn connection to be returned
      */
     public void returnConn(LDAPConnection conn);
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java b/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java
index 919a82efb..23b73fe60 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A interface represents a virtual list of search results.
  * Note that this class must be used with DS4.0.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDBVirtualList {
@@ -33,14 +33,14 @@ public interface IDBVirtualList {
      * that is three times as large as the number of visible entries.
      * That way, you can scroll up/down several items(up to a page-full)
      * without refetching entries from the directory.
-     * 
+     *
      * @param size the page size
      */
     public void setPageSize(int size);
 
     /**
      * Sets the sort key
-     * 
+     *
      * @param sortKey the attribute to sort by
      * @exception EBaseException failed to set
      */
@@ -48,7 +48,7 @@ public interface IDBVirtualList {
 
     /**
      * Sets the sort key
-     * 
+     *
      * @param sortKeys the attributes to sort by
      * @exception EBaseException failed to set
      */
@@ -58,14 +58,14 @@ public interface IDBVirtualList {
      * Retrieves the size of this virtual list.
      * Recommend to call getSize() before getElementAt() or getElements()
      * since you'd better check if the index is out of bound first.
-     * 
+     *
      * @return current size in list
      */
     public int getSize();
 
     /**
      * Returns current index.
-     * 
+     *
      * @return current index
      */
 
@@ -80,7 +80,7 @@ public interface IDBVirtualList {
      * some preceding entries)
      * Recommend to call getSize() before getElementAt() or getElements()
      * since you'd better check if the index is out of bound first.
-     * 
+     *
      * @param first the index of the first entry of the page you want to fetch
      */
     public boolean getPage(int first);
@@ -92,7 +92,7 @@ public interface IDBVirtualList {
      * of an entry.
      * If no entries match, the one just before(or after, if none before)
      * will be returned as mSelectedIndex
-     * 
+     *
      * @param text the prefix of the first entry of the page you want to fetch
      */
     public boolean getPage(String text);
@@ -103,14 +103,14 @@ public interface IDBVirtualList {
      * since you'd better check if the index is out of bound first.
      * If the index is out of range of the virtual list, an exception
      * will be thrown and return null
-     * 
+     *
      * @param index the index of the element to fetch
      */
     public E getElementAt(int index);
 
     /**
      * Retrieves and jumps to element in the given position.
-     * 
+     *
      * @param i position
      * @return object
      */
@@ -119,7 +119,7 @@ public interface IDBVirtualList {
     /**
      * Processes elements as soon as it arrives. It is
      * more memory-efficient.
-     * 
+     *
      * @param startidx starting index
      * @param endidx ending index
      * @param ep object to call
@@ -130,14 +130,14 @@ public interface IDBVirtualList {
 
     /**
      * Gets the virutal selected index
-     * 
+     *
      * @return selected index
      */
     public int getSelectedIndex();
 
     /**
      * Gets the top of the buffer
-     * 
+     *
      * @return first index
      */
     public int getFirstIndex();
diff --git a/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java b/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java
index 648a13aef..25388b15f 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java
@@ -21,14 +21,14 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * Processor handles object read from the session.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IElementProcessor {
 
     /**
      * Handles object
-     * 
+     *
      * @param o object to be processed
      * @exception EBaseException failed to process object
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java b/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java
index 2c0ccb89f..c78cbebef 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.dbs;
  * that understands how to convert a attribute
  * type from one defintion to another.
  * For example,
- * 
+ *
  * 
  * (1) database layer need to convert
  *     registered attribute type to ldap attribute
@@ -31,14 +31,14 @@ package com.netscape.certsrv.dbs;
  *     locale specific attribute type to registered
  *     attribute type.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IFilterConverter {
 
     /**
      * Converts attribute into LDAP attribute.
-     * 
+     *
      * @param attr attribute name
      * @param op attribute operation
      * @param value attribute value
diff --git a/base/common/src/com/netscape/certsrv/dbs/Modification.java b/base/common/src/com/netscape/certsrv/dbs/Modification.java
index 6c61bdb1f..685917cff 100644
--- a/base/common/src/com/netscape/certsrv/dbs/Modification.java
+++ b/base/common/src/com/netscape/certsrv/dbs/Modification.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.dbs;
  * A class represents a modification. This is used by the
  * database (dbs) framework for modification operations.
  * It specifices the modification type and values.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Modification {
@@ -47,7 +47,7 @@ public class Modification {
 
     /**
      * Constructs a role modification.
-     * 
+     *
      * @param name attribute name
      * @param op attribute operation (i.e. MOD_ADD, MOD_DELETE, or MOD_REPLACE)
      * @param value attribute value
@@ -60,7 +60,7 @@ public class Modification {
 
     /**
      * Retrieves attribute name.
-     * 
+     *
      * @return attribute name
      */
     public String getName() {
@@ -69,7 +69,7 @@ public class Modification {
 
     /**
      * Retrieves modification operation type.
-     * 
+     *
      * @return modification type
      */
     public int getOp() {
@@ -78,7 +78,7 @@ public class Modification {
 
     /**
      * Retrieves attribute value.
-     * 
+     *
      * @return attribute value
      */
     public Object getValue() {
diff --git a/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java b/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java
index 70e9b377d..1f4a5133b 100644
--- a/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java
+++ b/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java
@@ -23,7 +23,7 @@ import java.util.Vector;
 /**
  * A class represents a modification set. A modification
  * set contains zero or more modifications.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ModificationSet {
@@ -41,7 +41,7 @@ public class ModificationSet {
 
     /**
      * Adds modification to this set.
-     * 
+     *
      * @param name attribute name
      * @param op modification operation
      * @param value attribute value
@@ -52,7 +52,7 @@ public class ModificationSet {
 
     /**
      * Retrieves a list of modifications.
-     * 
+     *
      * @return a list of Modifications
      */
     public Enumeration getModifications() {
diff --git a/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java b/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java
index d05c9ed5f..76101d9b7 100644
--- a/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java
+++ b/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.dbs.IDBObj;
 
 /**
  * An interface contains constants for certificate record.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICertRecord extends IDBObj {
@@ -99,77 +99,77 @@ public interface ICertRecord extends IDBObj {
 
     /**
      * Retrieves serial number from stored certificate.
-     * 
+     *
      * @return certificate serial number
      */
     public BigInteger getCertificateSerialNumber();
 
     /**
      * Retrieves serial number from certificate record.
-     * 
+     *
      * @return certificate serial number
      */
     public BigInteger getSerialNumber();
 
     /**
      * Retrieves certificate from certificate record.
-     * 
+     *
      * @return certificate
      */
     public X509CertImpl getCertificate();
 
     /**
      * Retrieves name of who issued this certificate.
-     * 
+     *
      * @return name of who issued this certificate
      */
     public String getIssuedBy();
 
     /**
      * Retrieves name of who revoked this certificate.
-     * 
+     *
      * @return name of who revoked this certificate
      */
     public String getRevokedBy();
 
     /**
      * Retrieves date when this certificate was revoked.
-     * 
+     *
      * @return date when this certificate was revoked
      */
     public Date getRevokedOn();
 
     /**
      * Retrieves meta info.
-     * 
+     *
      * @return meta info
      */
     public MetaInfo getMetaInfo();
 
     /**
      * Retrieves certificate status.
-     * 
+     *
      * @return certificate status
      */
     public String getStatus();
 
     /**
      * Retrieves time of creation of this certificate record.
-     * 
+     *
      * @return time of creation of this certificate record
      */
     public Date getCreateTime();
 
     /**
      * Retrieves time of modification of this certificate record.
-     * 
+     *
      * @return time of modification of this certificate record
      */
     public Date getModifyTime();
 
     /**
      * Retrieves revocation info.
-     * 
+     *
      * @return revocation info
      */
     public IRevocationInfo getRevocationInfo();
diff --git a/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java b/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java
index 59a826ee2..152ec98ad 100644
--- a/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java
+++ b/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java
@@ -25,42 +25,42 @@ import com.netscape.certsrv.dbs.IElementProcessor;
 /**
  * A class represents a list of certificate records.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICertRecordList {
 
     /**
      * Gets the current index.
-     * 
+     *
      * @return current index
      */
     public int getCurrentIndex();
 
     /**
      * Retrieves the size of request list.
-     * 
+     *
      * @return size
      */
     public int getSize();
 
     /**
      * Gets size before jump to index.
-     * 
+     *
      * @return size
      */
     public int getSizeBeforeJumpTo();
 
     /**
      * Gets size after jump to index.
-     * 
+     *
      * @return size
      */
     public int getSizeAfterJumpTo();
 
     /**
      * Process certificate record as soon as it is returned.
-     * 
+     *
      * @param startidx starting index
      * @param endidx ending index
      * @param ep element processor
@@ -73,7 +73,7 @@ public interface ICertRecordList {
      * Retrieves requests.
      * It's no good to call this if you didnt check
      * if the startidx, endidx are valid.
-     * 
+     *
      * @param startidx starting index
      * @param endidx ending index
      * @exception EBaseException failed to retrieve
@@ -84,7 +84,7 @@ public interface ICertRecordList {
     /**
      * Gets one single record at a time similar to
      * processCertRecords but no extra class needed.
-     * 
+     *
      * @param index position of the record to be retrieved
      * @return object
      * @exception EBaseException failed to retrieve
diff --git a/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java b/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java
index a8505c2a2..d44280237 100644
--- a/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java
+++ b/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java
@@ -37,7 +37,7 @@ import com.netscape.cmscore.dbs.CertificateRepository.RenewableCertificateCollec
  * An interface represents a CMS certificate repository.
  * It stores all the issued certificate.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICertificateRepository extends IRepository {
@@ -47,7 +47,7 @@ public interface ICertificateRepository extends IRepository {
      * record contains four parts: certificate, meta-attributes,
      * issue information and reovcation information.
      * 

-     * 
+     *
      * @param record X.509 certificate
      * @exception EBaseException failed to add new certificate to
      *                the repository
@@ -57,7 +57,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Reads the certificate identified by the given serial no.
-     * 
+     *
      * @param serialNo serial number of certificate
      * @return certificate
      * @exception EBaseException failed to retrieve certificate
@@ -67,7 +67,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Reads certificate from repository.
-     * 
+     *
      * @param serialNo serial number of certificate
      * @return certificate record
      * @exception EBaseException failed to retrieve certificate
@@ -77,7 +77,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Sets certificate status update internal
-     * 
+     *
      * @param requestRepo request repository
      * @param interval update interval
      * @param listenToCloneModifications enable listening to clone modifications
@@ -88,14 +88,14 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Updates certificate status now. This is a blocking method.
-     * 
+     *
      * @exception EBaseException failed to update
      */
     public void updateCertStatus() throws EBaseException;
 
     /**
      * Modifies certificate record.
-     * 
+     *
      * @param serialNo serial number of record
      * @param mods modifications
      * @exception EBaseException failed to modify
@@ -105,7 +105,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Checks if the certificate exists in this repository.
-     * 
+     *
      * @param serialNo serial number of certificate
      * @return true if it exists
      * @exception EBaseException failed to check
@@ -115,7 +115,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Deletes certificate from this repository.
-     * 
+     *
      * @param serialNo serial number of certificate
      * @exception EBaseException failed to delete
      */
@@ -124,7 +124,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Marks certificate as revoked.
-     * 
+     *
      * @param id serial number
      * @param info revocation information
      * @exception EBaseException failed to mark
@@ -134,7 +134,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Updates certificate status.
-     * 
+     *
      * @param id serial number
      * @param status certificate status
      * @exception EBaseException failed to update status
@@ -144,7 +144,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Marks certificate as renewable.
-     * 
+     *
      * @param record certificate record to modify
      * @exception EBaseException failed to update
      */
@@ -153,7 +153,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Marks certificate as not renewable.
-     * 
+     *
      * @param record certificate record to modify
      * @exception EBaseException failed to update
      */
@@ -162,7 +162,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Marks certificate as renewed.
-     * 
+     *
      * @param serialNo certificate record to modify
      * @exception EBaseException failed to update
      */
@@ -171,7 +171,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Marks certificate as renewed and notified.
-     * 
+     *
      * @param serialNo certificate record to modify
      * @exception EBaseException failed to update
      */
@@ -183,7 +183,7 @@ public interface ICertificateRepository extends IRepository {
      * the filter.
      * Here is a list of filter
      * attribute can be used:
-     * 
+     *
      * 
      *   certRecordId
      *   certMetaInfo
@@ -194,14 +194,14 @@ public interface ICertificateRepository extends IRepository {
      *   x509Cert.notAfter
      *   x509Cert.subject
      * 

-     * 
+     *
      * The filter should follow RFC1558 LDAP filter syntax.
      * For example,
-     * 
+     *
      * 
      *   (&(certRecordId=5)(x509Cert.notBefore=934398398))
      * 

-     * 
+     *
      * @param filter search filter
      * @param maxSize max size to return
      * @return a list of certificates
@@ -213,7 +213,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Finds a list of certificate records that satisifies
      * the filter.
-     * 
+     *
      * @param filter search filter
      * @param maxSize max size to return
      * @param timeLimit timeout value
@@ -226,7 +226,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Finds a list of certificate records that satisifies
      * the filter.
-     * 
+     *
      * @param filter search filter
      * @param attrs selected attribute
      * @param pageSize page size
@@ -239,7 +239,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Finds a list of certificate records that satisifies
      * the filter.
-     * 
+     *
      * @param filter search filter
      * @param attrs selected attribute
      * @param sortKey key to use for sorting the returned elements
@@ -254,7 +254,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Finds a list of certificate records that satisifies
      * the filter.
-     * 
+     *
      * @param filter search filter
      * @param attrs selected attribute
      * @param jumpTo jump to index
@@ -274,7 +274,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Finds a list of certificate records that satisifies
      * the filter.
-     * 
+     *
      * @param filter search filter
      * @param attrs selected attribute
      * @param jumpTo jump to index
@@ -294,7 +294,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Gets all valid and unexpired certificates pertaining
      * to a subject DN.
-     * 
+     *
      * @param subjectDN The distinguished name of the subject.
      * @param validityType The type of certificatese to retrieve.
      * @return An array of certificates.
@@ -305,7 +305,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves all the revoked certificates that have not expired.
-     * 
+     *
      * @param asOfDate as of date
      * @return a list of revoked certificates
      * @exception EBaseException failed to retrieve
@@ -316,7 +316,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Retrieves all revoked certificates including ones that have expired
      * or that are not yet valid.
-     * 
+     *
      * @return a list of revoked certificates
      * @exception EBaseException failed to search
      */
@@ -325,7 +325,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves all revoked but not expired certificates.
-     * 
+     *
      * @return a list of revoked certificates
      * @exception EBaseException failed to search
      */
@@ -334,7 +334,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Finds all certificates given a filter.
-     * 
+     *
      * @param filter search filter
      * @return a list of certificates
      * @exception EBaseException failed to search
@@ -344,7 +344,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Finds all certificate records given a filter.
-     * 
+     *
      * @param filter search filter
      * @return a list of certificates
      * @exception EBaseException failed to search
@@ -355,7 +355,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Gets Revoked certs orderes by noAfter date, jumps to records
      * where notAfter date is greater than current.
-     * 
+     *
      * @param date reference date
      * @param pageSize page size
      * @return a list of certificate records
@@ -367,7 +367,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Gets Invalid certs orderes by noAfter date, jumps to records
      * where notAfter date is greater than current.
-     * 
+     *
      * @param date reference date
      * @param pageSize page size
      * @return a list of certificate records
@@ -379,7 +379,7 @@ public interface ICertificateRepository extends IRepository {
     /**
      * Gets valid certs orderes by noAfter date, jumps to records
      * where notAfter date is greater than current.
-     * 
+     *
      * @param date reference date
      * @param pageSize page size
      * @return a list of certificate records
@@ -390,7 +390,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Creates certificate record.
-     * 
+     *
      * @param id serial number
      * @param cert certificate
      * @param meta meta information
@@ -401,7 +401,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Finds certificate records.
-     * 
+     *
      * @param filter search filter
      * @return a list of certificate records
      * @exception EBaseException failed to retrieve cert records
@@ -411,7 +411,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves renewable certificates.
-     * 
+     *
      * @param renewalTime renewal time
      * @return certificates
      * @exception EBaseException failed to retrieve
@@ -421,7 +421,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Unmark a revoked certificates.
-     * 
+     *
      * @param id serial number
      * @param info revocation information
      * @param revokedOn revocation date
@@ -434,7 +434,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves valid and not published certificates.
-     * 
+     *
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
@@ -445,7 +445,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves expired and published certificates.
-     * 
+     *
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
@@ -456,7 +456,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves revoked and published certificates.
-     * 
+     *
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
@@ -467,7 +467,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves valid certificates.
-     * 
+     *
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
@@ -478,7 +478,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves expired certificates.
-     * 
+     *
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
@@ -489,7 +489,7 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves revoked certificates.
-     * 
+     *
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
@@ -500,14 +500,14 @@ public interface ICertificateRepository extends IRepository {
 
     /**
      * Retrieves modified certificate records.
-     * 
+     *
      * @param entry LDAPEntry with modified data
      */
     public void getModifications(LDAPEntry entry);
 
     /**
      * Removes certificate records with this repository.
-     * 
+     *
      * @param beginS BigInteger with radix 16
      * @param endS BigInteger with radix 16
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java b/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java
index fb773576c..b24e6ca17 100644
--- a/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java
+++ b/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java
@@ -26,21 +26,21 @@ import netscape.security.x509.CRLExtensions;
  * object is written as an attribute of certificate record
  * which essentially signifies a revocation act.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRevocationInfo {
 
     /**
      * Retrieves revocation date.
-     * 
+     *
      * @return revocation date
      */
     public Date getRevocationDate();
 
     /**
      * Retrieves CRL entry extensions.
-     * 
+     *
      * @return CRL entry extensions
      */
     public CRLExtensions getCRLEntryExtensions();
diff --git a/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java b/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
index b990bbf57..26fd076fa 100644
--- a/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
+++ b/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.dbs.IDBObj;
 /**
  * An interface that defines abilities of
  * a CRL issuing point record.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICRLIssuingPointRecord extends IDBObj {
@@ -54,84 +54,84 @@ public interface ICRLIssuingPointRecord extends IDBObj {
 
     /**
      * Retrieve unique CRL identifier.
-     * 
+     *
      * @return unique CRL identifier
      */
     public String getId();
 
     /**
      * Retrieves current CRL number out of CRL issuing point record.
-     * 
+     *
      * @return current CRL number
      */
     public BigInteger getCRLNumber();
 
     /**
      * Retrieves CRL size measured by the number of entries.
-     * 
+     *
      * @return CRL size
      */
     public Long getCRLSize();
 
     /**
      * Retrieves this update time.
-     * 
+     *
      * @return time of this update
      */
     public Date getThisUpdate();
 
     /**
      * Retrieves next update time.
-     * 
+     *
      * @return time of next update
      */
     public Date getNextUpdate();
 
     /**
      * Retrieves current delta CRL number out of CRL issuing point record.
-     * 
+     *
      * @return current delta CRL number
      */
     public BigInteger getDeltaCRLNumber();
 
     /**
      * Retrieves delta CRL size measured by the number of entries.
-     * 
+     *
      * @return delta CRL size
      */
     public Long getDeltaCRLSize();
 
     /**
      * Retrieve Retrieve reference to the first unsaved data.
-     * 
+     *
      * @return reference to the first unsaved data
      */
     public String getFirstUnsaved();
 
     /**
      * Retrieves encoded CRL.
-     * 
+     *
      * @return encoded CRL
      */
     public byte[] getCRL();
 
     /**
      * Retrieves encoded delta CRL.
-     * 
+     *
      * @return encoded delta CRL
      */
     public byte[] getDeltaCRL();
 
     /**
      * Retrieves encoded CA certificate.
-     * 
+     *
      * @return encoded CA certificate
      */
     public byte[] getCACert();
 
     /**
      * Retrieves cache information about CRL.
-     * 
+     *
      * @return list of recently revoked certificates
      */
     public Hashtable getCRLCacheNoClone();
@@ -140,21 +140,21 @@ public interface ICRLIssuingPointRecord extends IDBObj {
 
     /**
      * Retrieves cache information about revoked certificates.
-     * 
+     *
      * @return list of recently revoked certificates
      */
     public Hashtable getRevokedCerts();
 
     /**
      * Retrieves cache information about certificates released from hold.
-     * 
+     *
      * @return list of certificates recently released from hold
      */
     public Hashtable getUnrevokedCerts();
 
     /**
      * Retrieves cache information about expired certificates.
-     * 
+     *
      * @return list of recently expired certificates
      */
     public Hashtable getExpiredCerts();
diff --git a/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java b/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
index 806a2cb19..56cbe74d0 100644
--- a/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
+++ b/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
@@ -30,14 +30,14 @@ import com.netscape.certsrv.dbs.ModificationSet;
 /**
  * An interface represents a CMS CRL repository. It stores
  * all the CRL issuing points.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICRLRepository {
 
     /**
      * Adds CRL issuing point record.
-     * 
+     *
      * @param rec issuing point record
      * @exception EBaseException failed to add new issuing point record
      */
@@ -46,7 +46,7 @@ public interface ICRLRepository {
 
     /**
      * Retrieves all the issuing points' names.
-     * 
+     *
      * @return A list of issuing points' names.
      * @exception EBaseException failed to retrieve all the issuing points' names.
      */
@@ -54,7 +54,7 @@ public interface ICRLRepository {
 
     /**
      * Reads issuing point record.
-     * 
+     *
      * @return issuing point record
      * @exception EBaseException failed to read issuing point record
      */
@@ -63,7 +63,7 @@ public interface ICRLRepository {
 
     /**
      * Deletes issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @exception EBaseException failed to delete issuing point record
      */
@@ -72,7 +72,7 @@ public interface ICRLRepository {
 
     /**
      * Modifies issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @param mods set of modifications
      * @exception EBaseException failed to modify issuing point record
@@ -82,7 +82,7 @@ public interface ICRLRepository {
 
     /**
      * Updates CRL issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @param newCRL encoded binary CRL
      * @param thisUpdate time of this update
@@ -97,7 +97,7 @@ public interface ICRLRepository {
 
     /**
      * Updates CRL issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @param newCRL encoded binary CRL
      * @param thisUpdate time of this update
@@ -118,7 +118,7 @@ public interface ICRLRepository {
 
     /**
      * Updates CRL issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @param revokedCerts list of revoked certificates
      * @param unrevokedCerts list of released from hold certificates
@@ -129,7 +129,7 @@ public interface ICRLRepository {
 
     /**
      * Updates CRL issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @param expiredCerts list of expired certificates
      * @exception EBaseException failed to update issuing point record
@@ -139,7 +139,7 @@ public interface ICRLRepository {
 
     /**
      * Updates CRL issuing point record.
-     * 
+     *
      * @param id issuing point record id
      * @param crlSize CRL size
      * @param revokedCerts list of revoked certificates
@@ -155,7 +155,7 @@ public interface ICRLRepository {
 
     /**
      * Updates CRL issuing point record with delta-CRL.
-     * 
+     *
      * @param id issuing point record id
      * @param deltaCRLNumber delta CRL number
      * @param deltaCRLSize delta CRL size
@@ -171,7 +171,7 @@ public interface ICRLRepository {
     /**
      * Updates CRL issuing point record with reference to the first
      * unsaved data.
-     * 
+     *
      * @param id issuing point record id
      * @param firstUnsaved reference to the first unsaved data
      * @exception EBaseException failed to update issuing point record
diff --git a/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java b/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java
index 6a02c612d..d1eb05f3d 100644
--- a/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java
+++ b/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * An interface contains constants for key record.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IKeyRecord {
@@ -53,7 +53,7 @@ public interface IKeyRecord {
 
     /**
      * Retrieves the state of the key.
-     * 
+     *
      * @return key state
      * @exception EBaseException failed to retrieve state of the key
      */
@@ -61,7 +61,7 @@ public interface IKeyRecord {
 
     /**
      * Retrieves key identifier.
-     * 
+     *
      * @return key id
      * @exception EBaseException failed to retrieve key id
      */
@@ -69,7 +69,7 @@ public interface IKeyRecord {
 
     /**
      * Retrieves key owner name.
-     * 
+     *
      * @return key owner name
      * @exception EBaseException failed to retrieve key owner name
      */
@@ -77,14 +77,14 @@ public interface IKeyRecord {
 
     /**
      * Retrieves key algorithm.
-     * 
+     *
      * @return key algorithm
      */
     public String getAlgorithm();
 
     /**
      * Retrieves key length.
-     * 
+     *
      * @return key length
      * @exception EBaseException failed to retrieve key length
      */
@@ -123,7 +123,7 @@ public interface IKeyRecord {
 
     /**
      * Retrieves archiver identifier.
-     * 
+     *
      * @return archiver uid
      */
 
@@ -131,21 +131,21 @@ public interface IKeyRecord {
 
     /**
      * Retrieves creation time.
-     * 
+     *
      * @return creation time
      */
     public Date getCreateTime();
 
     /**
      * Retrieves last modification time.
-     * 
+     *
      * @return modification time
      */
     public Date getModifyTime();
 
     /**
      * Retrieves dates of recovery.
-     * 
+     *
      * @return recovery history
      * @exception EBaseException failed to retrieve recovery history
      */
@@ -153,7 +153,7 @@ public interface IKeyRecord {
 
     /**
      * Retrieves public key data.
-     * 
+     *
      * @return public key data
      * @exception EBaseException failed to retrieve public key data
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java b/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java
index 75f833892..d55fa2a98 100644
--- a/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java
+++ b/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java
@@ -24,21 +24,21 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a list of key records.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IKeyRecordList {
 
     /**
      * Retrieves the size of key list.
-     * 
+     *
      * @return size of key list
      */
     public int getSize();
 
     /**
      * Retrieves key records.
-     * 
+     *
      * @param startidx start index
      * @param endidx end index
      * @return key records
diff --git a/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java b/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java
index 627844286..523642aa3 100644
--- a/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java
+++ b/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.dbs.repository.IRepository;
  * An interface represents a Key repository. This is the
  * container of archived keys.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IKeyRepository extends IRepository {
@@ -39,7 +39,7 @@ public interface IKeyRepository extends IRepository {
     /**
      * Archives a key to the repository.
      * 

-     * 
+     *
      * @param record key record
      * @exception EBaseException failed to archive key
      */
@@ -48,7 +48,7 @@ public interface IKeyRepository extends IRepository {
     /**
      * Reads an archived key by serial number.
      * 

-     * 
+     *
      * @param serialNo serial number
      * @return key record
      * @exception EBaseException failed to recover key
@@ -59,7 +59,7 @@ public interface IKeyRepository extends IRepository {
     /**
      * Reads an archived key by b64 encoded cert.
      * 

-     * 
+     *
      * @param cert b64 encoded cert
      * @return key record
      * @exception EBaseException failed to recover key
@@ -70,7 +70,7 @@ public interface IKeyRepository extends IRepository {
     /**
      * Reads an archived key by owner name.
      * 

-     * 
+     *
      * @param ownerName owner name
      * @return key record
      * @exception EBaseException failed to recover key
@@ -80,7 +80,7 @@ public interface IKeyRepository extends IRepository {
 
     /**
      * Reads archived key using public key.
-     * 
+     *
      * @param publicKey public key that is corresponding
      *            to the private key
      * @return key record
@@ -91,7 +91,7 @@ public interface IKeyRepository extends IRepository {
 
     /**
      * Searches for private keys.
-     * 
+     *
      * @param filter LDAP filter for the search
      * @param maxSize maximium number of entries to be returned
      * @return a list of private key records
@@ -102,7 +102,7 @@ public interface IKeyRepository extends IRepository {
 
     /**
      * Searches for private keys.
-     * 
+     *
      * @param filter LDAP filter for the search
      * @param maxSize maximium number of entries to be returned
      * @param timeLimt timeout value
@@ -114,7 +114,7 @@ public interface IKeyRepository extends IRepository {
 
     /**
      * Deletes a key record.
-     * 
+     *
      * @param serialno key identifier
      * @exception EBaseException failed to delete key record
      */
@@ -123,7 +123,7 @@ public interface IKeyRepository extends IRepository {
 
     /**
      * Modifies key record in this repository.
-     * 
+     *
      * @param serialNo key identifier
      * @param mods modification of key records
      * @exception EBaseException failed to modify key record
@@ -134,7 +134,7 @@ public interface IKeyRepository extends IRepository {
     /**
      * Searchs for a list of key records.
      * Here is a list of supported filter attributes:
-     * 
+     *
      * 
      *   keySerialNumber
      *   keyState
@@ -148,7 +148,7 @@ public interface IKeyRepository extends IRepository {
      *   keyModifyTime
      *   keyMetaInfo
      * 

-     * 
+     *
      * @param filter search filter
      * @param attrs list of attributes to be returned
      * @param pageSize virtual list page size
@@ -160,7 +160,7 @@ public interface IKeyRepository extends IRepository {
 
     /**
      * Searchs for a list of key records.
-     * 
+     *
      * @param filter search filter
      * @param attrs list of attributes to be returned
      * @param sortKey name of attribute that the list should be sorted by
diff --git a/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java b/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java
index fa8a0d768..0a81698eb 100644
--- a/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java
+++ b/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java
@@ -23,7 +23,7 @@ import java.io.Serializable;
  * A class represents key state. This object is to
  * encapsulate the life cycle of a key.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public final class KeyState implements Serializable {
@@ -50,7 +50,7 @@ public final class KeyState implements Serializable {
 
     /**
      * Checks if the given object equals to this object.
-     * 
+     *
      * @param other object to be compared
      * @return true if both objects are the same
      */
@@ -65,7 +65,7 @@ public final class KeyState implements Serializable {
 
     /**
      * Returns the hash code.
-     * 
+     *
      * @return hash code
      */
     public int hashCode() {
@@ -74,7 +74,7 @@ public final class KeyState implements Serializable {
 
     /**
      * Return the string-representation of this object.
-     * 
+     *
      * @return string value
      */
     public String toString() {
@@ -90,7 +90,7 @@ public final class KeyState implements Serializable {
 
     /**
      * Converts a string into a key state object.
-     * 
+     *
      * @param state state in string-representation
      * @return key state object
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java b/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java
index 574adfae9..80ca18b08 100644
--- a/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java
+++ b/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.dbs.repository.IRepository;
  * An interface represents a ReplicaID Repository.
  * It provides unique managed replica IDs.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IReplicaIDRepository extends IRepository {
diff --git a/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java b/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java
index 943d4a686..39744ac9b 100644
--- a/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java
+++ b/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.EBaseException;
  * An interface represents a generic repository. It maintains unique
  * serial number within repository.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRepository {
@@ -33,7 +33,7 @@ public interface IRepository {
     /**
      * Retrieves the next serial number, and also increase the
      * serial number by one.
-     * 
+     *
      * @return serial number
      * @exception EBaseException failed to retrieve next serial number
      */
@@ -46,7 +46,7 @@ public interface IRepository {
 
     /**
      * Retrieves the next serial number without increasing the serial number.
-     * 
+     *
      * @return serial number
      * @exception EBaseException failed to retrieve next serial number
      */
@@ -54,7 +54,7 @@ public interface IRepository {
 
     /**
      * Set the maximum serial number.
-     * 
+     *
      * @param serial maximum number
      * @exception EBaseException failed to set maximum serial number
      */
@@ -62,7 +62,7 @@ public interface IRepository {
 
     /**
      * Set the maximum serial number in next range.
-     * 
+     *
      * @param serial maximum number
      * @exception EBaseException failed to set maximum serial number in next range
      */
@@ -71,7 +71,7 @@ public interface IRepository {
     /**
      * Checks to see if a new range is needed, or if we have reached the end of the
      * current range, or if a range conflict has occurred.
-     * 
+     *
      * @exception EBaseException failed to check next range for conflicts
      */
     public void checkRanges() throws EBaseException;
@@ -79,7 +79,7 @@ public interface IRepository {
     /**
      * Sets whether serial number management is enabled for certs
      * and requests.
-     * 
+     *
      * @param value true/false
      * @exception EBaseException failed to set
      */
diff --git a/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java b/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java
index c46e8419c..12dc71c46 100644
--- a/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java
+++ b/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * An interface represents a generic repository record.
  * It maintains unique serial number within repository.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRepositoryRecord extends IDBObj {
@@ -35,7 +35,7 @@ public interface IRepositoryRecord extends IDBObj {
 
     /**
      * Retrieves serial number.
-     * 
+     *
      * @return serial number
      */
     public BigInteger getSerialNumber();
diff --git a/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java b/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java
index 31f8b8c2f..1becee85e 100644
--- a/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java
+++ b/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.authentication.IAuthToken;
  * generally used for access control expression evaluation, however, it
  * can be used for other evaluation-related operations.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IAccessEvaluator {
@@ -39,14 +39,14 @@ public interface IAccessEvaluator {
     /**
      * Gets the type of the evaluator. Type is defined by each
      * evaluator plugin. Each evaluator plugin should have a unique type.
-     * 
+     *
      * @return type of the evaluator
      */
     public String getType();
 
     /**
      * Gets the description of the evaluator
-     * 
+     *
      * @return a text description for this evaluator
      */
     public String getDescription();
@@ -54,7 +54,7 @@ public interface IAccessEvaluator {
     /**
      * Evaluates if the given value satisfies the access
      * control in current context.
-     * 
+     *
      * @param type Type of the evaluator, eg, user, group etc
      * @param op Operator of the evaluator, eg, =, !=
      * @param value Part of the expression that can be used to
@@ -68,7 +68,7 @@ public interface IAccessEvaluator {
     /**
      * Evaluates if the given value satisfies the access
      * control in authToken obtained from Authentication.
-     * 
+     *
      * @param authToken Authentication token
      * @param type Type of the evaluator, eg, user, group etc
      * @param op Operator of the evaluator, eg, =, !=
@@ -82,7 +82,7 @@ public interface IAccessEvaluator {
 
     /**
      * Get the supported operators for this evaluator
-     * 
+     *
      * @return Supported operators in string array
      */
     public String[] getSupportedOperators();
diff --git a/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java b/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java
index 40fe80f99..5374a466a 100644
--- a/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java
+++ b/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * This represents the extensions exception.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EExtensionsException extends EBaseException {
diff --git a/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java b/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java
index ca1e4545a..411509caf 100644
--- a/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java
+++ b/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java
@@ -21,7 +21,7 @@ import java.util.ListResourceBundle;
 
 /**
  * This represents the resources for extensions.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ExtensionsResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java b/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java
index 04086adcf..ef2b1acbf 100644
--- a/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java
+++ b/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * CMS extension interface, for creating extensions from http input and
  * displaying extensions to html forms.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICMSExtension {
@@ -44,7 +44,7 @@ public interface ICMSExtension {
 
     /**
      * Get name of this extension.
-     * 
+     *
      * @return the name of this CMS extension, for
      */
     public String getName();
@@ -56,7 +56,7 @@ public interface ICMSExtension {
 
     /**
      * Get an instance of the extension given http input.
-     * 
+     *
      * @return an instance of the extension.
      */
     public Extension getExtension(IArgBlock argblock)
@@ -65,7 +65,7 @@ public interface ICMSExtension {
     /**
      * Get Javascript name value pairs to put into the request processing
      * template.
-     * 
+     *
      * @return name value pairs
      */
     public IArgBlock getFormParams(Extension extension)
diff --git a/base/common/src/com/netscape/certsrv/jobs/EJobsException.java b/base/common/src/com/netscape/certsrv/jobs/EJobsException.java
index cc0923ae7..38b9db6b9 100644
--- a/base/common/src/com/netscape/certsrv/jobs/EJobsException.java
+++ b/base/common/src/com/netscape/certsrv/jobs/EJobsException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a jobs exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EJobsException extends EBaseException {
diff --git a/base/common/src/com/netscape/certsrv/jobs/IJob.java b/base/common/src/com/netscape/certsrv/jobs/IJob.java
index 5584d68ff..097e2fa64 100644
--- a/base/common/src/com/netscape/certsrv/jobs/IJob.java
+++ b/base/common/src/com/netscape/certsrv/jobs/IJob.java
@@ -24,14 +24,14 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * An interface to be implemented from for a job to be scheduled by
  * the Jobs Scheduler.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IJob {
 
     /**
      * Initialize from the configuration file.
-     * 
+     *
      * @param id String name of this instance
      * @param implName string name of this implementation
      * @param config configuration store for this instance
@@ -42,7 +42,7 @@ public interface IJob {
 
     /**
      * tells if the job is enabled
-     * 
+     *
      * @return a boolean value indicating whether the job is enabled
      *         or not
      */
@@ -50,21 +50,21 @@ public interface IJob {
 
     /**
      * set instance id.
-     * 
+     *
      * @param id String id of the instance
      */
     public void setId(String id);
 
     /**
      * get instance id.
-     * 
+     *
      * @return a String identifier
      */
     public String getId();
 
     /**
      * get cron string associated with this job
-     * 
+     *
      * @return a JobCron object that represents the schedule of this job
      */
     public IJobCron getJobCron();
@@ -73,21 +73,21 @@ public interface IJob {
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams();
 
     /**
      * gets the plugin name of this job.
-     * 
+     *
      * @return a String that is the name of this implementation
      */
     public String getImplName();
 
     /**
      * Gets the configuration substore used by this job
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
diff --git a/base/common/src/com/netscape/certsrv/jobs/IJobCron.java b/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
index f161b5e8d..9a126505a 100644
--- a/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
+++ b/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
@@ -28,7 +28,7 @@ package com.netscape.certsrv.jobs;
  * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday
  * through Friday, at 11:30am and 11:30pm.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IJobCron {
diff --git a/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java b/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
index f4184853d..a14aa93e0 100644
--- a/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
+++ b/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that
  * hour. The inteval value is recommended at 1 minute, setting it otherwise has the potential of forever missing the
  * beat. Use with caution.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IJobsScheduler extends ISubsystem {
@@ -91,14 +91,14 @@ public interface IJobsScheduler extends ISubsystem {
 
     /**
      * Retrieves all the job implementations.
-     * 
+     *
      * @return a Hashtable of available job plugin implementations
      */
     public Hashtable getPlugins();
 
     /**
      * Retrieves all the job instances.
-     * 
+     *
      * @return a Hashtable of job instances
      */
     public Hashtable getInstances();
@@ -107,7 +107,7 @@ public interface IJobsScheduler extends ISubsystem {
      * Retrieves the configuration parameters of the given
      * implementation. It is used to return to the Console for
      * configuration
-     * 
+     *
      * @param implName the pulubin implementation name
      * @return a String array of required configuration parameters of
      *         the given implementation.
@@ -120,7 +120,7 @@ public interface IJobsScheduler extends ISubsystem {
 
     /**
      * Writes a message to the system log.
-     * 
+     *
      * @param level an integer representing the log message level.
      *            Depending on the configuration set by the administrator, this
      *            value is a determining factor for whether this message will be
@@ -134,7 +134,7 @@ public interface IJobsScheduler extends ISubsystem {
 
     /**
      * Sets daemon's wakeup interval.
-     * 
+     *
      * @param minutes time in minutes that is to be the frequency of
      *            JobsScheduler wakeup call.
      */
@@ -151,7 +151,7 @@ public interface IJobsScheduler extends ISubsystem {
      * specifies the rule of frequency that this job should be
      * executed (e.g. every Sunday at midnight). This method is
      * called by each job at initialization time.
-     * 
+     *
      * @param cs the string that represents the cron. See IJobCron
      *            for detail of the format.
      * @return IJobCron an IJobCron
diff --git a/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java b/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java
index 46a1b6d7e..bb64f1565 100644
--- a/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java
+++ b/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.jobs;
  * JobScheduler. A Job plugin can be instantiated into a Job instance
  * and scheduled by the JobScheduler to run at a scheduled interval
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class JobPlugin {
@@ -43,7 +43,7 @@ public class JobPlugin {
 
     /**
      * Constructor for a Job plugin.
-     * 
+     *
      * @param id job plugin name
      * @param classPath the Java class name of this job plugin
      */
@@ -54,7 +54,7 @@ public class JobPlugin {
 
     /**
      * get the job plugin name
-     * 
+     *
      * @return the name of this job plugin
      */
     public String getId() {
@@ -63,7 +63,7 @@ public class JobPlugin {
 
     /**
      * get the Java class name
-     * 
+     *
      * @return the Java class name of this plugin
      */
     public String getClassPath() {
diff --git a/base/common/src/com/netscape/certsrv/jobs/JobsResources.java b/base/common/src/com/netscape/certsrv/jobs/JobsResources.java
index ec33137cf..959621d3b 100644
--- a/base/common/src/com/netscape/certsrv/jobs/JobsResources.java
+++ b/base/common/src/com/netscape/certsrv/jobs/JobsResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the
  * Jobs package
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class JobsResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/kra/EKRAException.java b/base/common/src/com/netscape/certsrv/kra/EKRAException.java
index 3f23bfe78..a42e8f409 100644
--- a/base/common/src/com/netscape/certsrv/kra/EKRAException.java
+++ b/base/common/src/com/netscape/certsrv/kra/EKRAException.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.EBaseException;
  * exception for all the KRA specific exceptions. It is
  * associated with KRAResources.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EKRAException extends EBaseException {
@@ -42,7 +42,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from KRAResources.
      */
     public EKRAException(String msgFormat) {
@@ -52,7 +52,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from KRAResources.
      * @param param additional parameters to the message.
      */
@@ -63,7 +63,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from KRAResources.
      * @param e embedded exception.
      */
@@ -74,7 +74,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * 

-     * 
+     *
      * @param msgFormat constant from KRAResources.
      * @param params additional parameters to the message.
      */
@@ -85,7 +85,7 @@ public class EKRAException extends EBaseException {
     /**
      * Returns the bundle file name.
      * 

-     * 
+     *
      * @return name of bundle class associated with this exception.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/kra/IJoinShares.java b/base/common/src/com/netscape/certsrv/kra/IJoinShares.java
index e9a5ecae5..fca8b1c52 100644
--- a/base/common/src/com/netscape/certsrv/kra/IJoinShares.java
+++ b/base/common/src/com/netscape/certsrv/kra/IJoinShares.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.kra;
 /**
  * Use Java's reflection API to leverage CMS's
  * old Share and JoinShares implementations.
- * 
+ *
  * @deprecated
  * @version $Revision$ $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java b/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java
index a7cc40507..acc3214bb 100644
--- a/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java
+++ b/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java
@@ -42,7 +42,7 @@ import com.netscape.certsrv.security.ITransportKeyUnit;
  * key recovery authority is responsibile for archiving
  * and recovering user encryption private keys.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IKeyRecoveryAuthority extends ISubsystem {
@@ -69,7 +69,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Returns the name of this subsystem.
      * 

-     * 
+     *
      * @return KRA name
      */
     public X500Name getX500Name();
@@ -77,7 +77,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Retrieves KRA request repository.
      * 

-     * 
+     *
      * @return request repository
      */
     public IRequestQueue getRequestQueue();
@@ -91,7 +91,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Retrieves the Replica ID repository.
-     * 
+     *
      * @return KRA's Replica ID repository
      */
     public IReplicaIDRepository getReplicaRepository();
@@ -102,7 +102,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
      * providing credentials. This feature is for enabling
      * user-based recovery operation.
      * 

-     * 
+     *
      * @param cs list of agent credentials
      * @param on true if auto recovery state is on
      * @return current auto recovery state
@@ -111,7 +111,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Returns the current auto recovery state.
-     * 
+     *
      * @return true if auto recvoery state is on
      */
     public boolean getAutoRecoveryState();
@@ -121,7 +121,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
      * In distributed recovery mode, recovery agent login to the
      * agent interface and submit its credential for a particular
      * recovery operation.
-     * 
+     *
      * @param id authorization identifier
      * @param creds list of credentials
      */
@@ -129,7 +129,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Removes a particular auto recovery operation.
-     * 
+     *
      * @param id authorization identifier
      */
     public void removeAutoRecovery(String id);
@@ -138,28 +138,28 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
      * Returns the number of required agents. In M-out-of-N
      * recovery schema, only M agents are required even there
      * are N agents. This method returns M.
-     * 
+     *
      * @return number of required agents
      */
     public int getNoOfRequiredAgents() throws EBaseException;
 
     /**
      * Sets the number of required recovery agents
-     * 
+     *
      * @param number number of agents
      */
     public void setNoOfRequiredAgents(int number) throws EBaseException;
 
     /**
      * Returns the current recovery identifier.
-     * 
+     *
      * @return recovery identifier
      */
     public String getRecoveryID();
 
     /**
      * Returns a list of recovery identifiers.
-     * 
+     *
      * @return list of auto recovery identifiers
      */
     public Enumeration getAutoRecoveryIDs();
@@ -167,7 +167,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Returns the storage key unit that manages the
      * stoarge key.
-     * 
+     *
      * @return storage key unit
      */
     public IStorageKeyUnit getStorageKeyUnit();
@@ -175,14 +175,14 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Returns the transport key unit that manages the
      * transport key.
-     * 
+     *
      * @return transport key unit
      */
     public ITransportKeyUnit getTransportKeyUnit();
 
     /**
      * Returns the token that generates user key pairs for supporting server-side keygen
-     * 
+     *
      * @return keygen token
      */
     public CryptoToken getKeygenToken();
@@ -190,7 +190,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Adds entropy to the token used for supporting server-side keygen
      * Parameters are set in the config file
-     * 
+     *
      * @param logflag create log messages at info level to report entropy shortage
      */
     public void addEntropy(boolean logflag);
@@ -198,7 +198,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Returns the request listener that listens on
      * the request completion event.
-     * 
+     *
      * @return request listener
      */
     public IRequestListener getRequestInQListener();
@@ -213,35 +213,35 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Returns the nickname of the transport certificate.
-     * 
+     *
      * @return transport certificate nickname.
      */
     public String getNickname();
 
     /**
      * Sets the nickname of the transport certificate.
-     * 
+     *
      * @param str nickname
      */
     public void setNickname(String str);
 
     /**
      * Returns the new nickname of the transport certifiate.
-     * 
+     *
      * @return new nickname
      */
     public String getNewNickName() throws EBaseException;
 
     /**
      * Sets the new nickname of the transport certifiate.
-     * 
+     *
      * @param name new nickname
      */
     public void setNewNickName(String name);
 
     /**
      * Logs event into key recovery authority logging.
-     * 
+     *
      * @param level log level
      * @param msg log message
      */
@@ -253,7 +253,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
      * framework will try to serialize all the attribute into
      * persistent storage. Things like passwords are not
      * desirable to be stored.
-     * 
+     *
      * @param id request id
      * @return volatile requests
      */
@@ -261,7 +261,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Retrieves the request object.
-     * 
+     *
      * @param id request id
      * @return volatile requests
      */
@@ -269,7 +269,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Destroys the request object.
-     * 
+     *
      * @param id request id
      */
     public void destroyVolatileRequest(RequestId id);
@@ -279,7 +279,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Creates error for a specific recovery operation.
-     * 
+     *
      * @param recoveryID recovery id
      * @param error error
      * @exception EBaseException failed to create error
@@ -289,7 +289,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Retrieves error by recovery identifier.
-     * 
+     *
      * @param recoveryID recovery id
      * @return error message
      */
@@ -298,7 +298,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Retrieves PKCS12 package by recovery identifier.
-     * 
+     *
      * @param recoveryID recovery id
      * @return pkcs12 package in bytes
      */
@@ -307,7 +307,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Creates PKCS12 package in memory.
-     * 
+     *
      * @param recoveryID recovery id
      * @param pk12 package in bytes
      */
diff --git a/base/common/src/com/netscape/certsrv/kra/IKeyService.java b/base/common/src/com/netscape/certsrv/kra/IKeyService.java
index 13748f2d1..9118bc935 100644
--- a/base/common/src/com/netscape/certsrv/kra/IKeyService.java
+++ b/base/common/src/com/netscape/certsrv/kra/IKeyService.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.security.Credential;
 /**
  * An interface representing a recovery service.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IKeyService {
@@ -36,7 +36,7 @@ public interface IKeyService {
     /**
      * Retrieves number of agent required to perform
      * key recovery operation.
-     * 
+     *
      * @return number of required recovery agents
      * @exception EBaseException failed to retrieve value
      */
@@ -45,7 +45,7 @@ public interface IKeyService {
     /**
      * is async recovery request status APPROVED -
      * i.e. all required # of recovery agents approved
-     * 
+     *
      * @param reqID request id
      * @return true if # of recovery required agents approved; false otherwise
      */
@@ -54,7 +54,7 @@ public interface IKeyService {
 
     /**
      * get async recovery request initiating agent
-     * 
+     *
      * @param reqID request id
      * @return agentUID
      */
@@ -63,7 +63,7 @@ public interface IKeyService {
 
     /**
      * Initiate asynchronous key recovery
-     * 
+     *
      * @param kid key identifier
      * @param cert certificate embedded in PKCS12
      * @return requestId
@@ -74,7 +74,7 @@ public interface IKeyService {
 
     /**
      * add approving agent in asynchronous key recovery
-     * 
+     *
      * @param reqID request id
      * @param agentID agent id
      * @exception EBaseException failed to initiate async recovery
@@ -84,7 +84,7 @@ public interface IKeyService {
 
     /**
      * Performs administrator-initiated key recovery.
-     * 
+     *
      * @param kid key identifier
      * @param creds list of credentials (id and password)
      * @param pwd password to protect PKCS12
@@ -101,14 +101,14 @@ public interface IKeyService {
      * Async Recovers key for administrators. This method is
      * invoked by the agent operation of the key recovery servlet.
      * 

-     * 
+     *
      * 
    
      * 
  • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is
      * made (this is when the DRM receives the request)
      * 
  • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery
      * request is processed (this is when the DRM processes the request)
      * 

-     * 
+     *
      * @param reqID request id
      * @param password password of the PKCS12 package
      *            subsystem
@@ -122,14 +122,14 @@ public interface IKeyService {
 
     /**
      * Retrieves recovery identifier.
-     * 
+     *
      * @return recovery id
      */
     public String getRecoveryID();
 
     /**
      * Creates recovery parameters for the given recovery operation.
-     * 
+     *
      * @param recoveryID recovery id
      * @return recovery parameters
      * @exception EBaseException failed to create
@@ -139,7 +139,7 @@ public interface IKeyService {
 
     /**
      * Destroys recovery parameters for the given recovery operation.
-     * 
+     *
      * @param recoveryID recovery id
      * @exception EBaseException failed to destroy
      */
@@ -148,7 +148,7 @@ public interface IKeyService {
 
     /**
      * Retrieves recovery parameters for the given recovery operation.
-     * 
+     *
      * @param recoveryID recovery id
      * @return recovery parameters
      * @exception EBaseException failed to retrieve
@@ -158,7 +158,7 @@ public interface IKeyService {
 
     /**
      * Adds password in the distributed recovery operation.
-     * 
+     *
      * @param recoveryID recovery id
      * @param uid agent uid
      * @param pwd agent password
@@ -169,7 +169,7 @@ public interface IKeyService {
 
     /**
      * Retrieves credentials in the distributed recovery operation.
-     * 
+     *
      * @param recoveryID recovery id
      * @return agent's credentials
      * @exception EBaseException failed to retrieve
diff --git a/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java b/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java
index 20ac336e5..119e199bd 100644
--- a/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java
+++ b/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java
@@ -24,7 +24,7 @@ import java.util.Date;
  * An interface represents a proof of archival.
  * 

  * Here is the ASN1 definition of a proof of escrow:
- * 
+ *
  * 
  * ProofOfArchival ::= SIGNED {
  *   SEQUENCE {
@@ -38,42 +38,42 @@ import java.util.Date;
  * }
  * 

  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProofOfArchival {
 
     /**
      * Retrieves version of this proof.
-     * 
+     *
      * @return version
      */
     public BigInteger getVersion();
 
     /**
      * Retrieves the serial number.
-     * 
+     *
      * @return serial number
      */
     public BigInteger getSerialNumber();
 
     /**
      * Retrieves the subject name.
-     * 
+     *
      * @return subject name
      */
     public String getSubjectName();
 
     /**
      * Retrieves the issuer name.
-     * 
+     *
      * @return issuer name
      */
     public String getIssuerName();
 
     /**
      * Returns the beginning of the escrowed perioid.
-     * 
+     *
      * @return date of archival
      */
     public Date getDateOfArchival();
diff --git a/base/common/src/com/netscape/certsrv/kra/IShare.java b/base/common/src/com/netscape/certsrv/kra/IShare.java
index 19e7d7ce2..14d9952b8 100644
--- a/base/common/src/com/netscape/certsrv/kra/IShare.java
+++ b/base/common/src/com/netscape/certsrv/kra/IShare.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.kra;
 /**
  * Use Java's reflection API to leverage CMS's
  * old Share and JoinShares implementations.
- * 
+ *
  * @deprecated
  * @version $Revision$ $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/kra/KRAResources.java b/base/common/src/com/netscape/certsrv/kra/KRAResources.java
index 14b686e63..7eecf9ead 100644
--- a/base/common/src/com/netscape/certsrv/kra/KRAResources.java
+++ b/base/common/src/com/netscape/certsrv/kra/KRAResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for KRA subsystem.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KRAResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java b/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java
index df05c882f..7774ca400 100644
--- a/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java
+++ b/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java
@@ -51,7 +51,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * presented.
  * 

  * Here is the ASN1 definition of a proof of escrow:
- * 
+ *
  * 
  * ProofOfEscrow ::= SIGNED {
  *   SEQUENCE {
@@ -65,7 +65,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * }
  * 

  * 

- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
@@ -105,7 +105,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Constructs a proof of escrow.
      * 

-     * 
+     *
      * @param serialNo serial number of proof
      * @param subject subject name
      * @param issuer issuer name
@@ -123,7 +123,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Constructs proof of escrow from input stream.
      * 

-     * 
+     *
      * @param in encoding source
      * @exception EBaseException failed to decode
      */
@@ -134,7 +134,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Sets an attribute value.
      * 

-     * 
+     *
      * @param name attribute name
      * @param obj attribute value
      * @exception EBaseException failed to set attribute
@@ -159,7 +159,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the value of an named attribute.
      * 

-     * 
+     *
      * @param name attribute name
      * @return attribute value
      * @exception EBaseException failed to get attribute
@@ -184,7 +184,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Deletes an attribute.
      * 

-     * 
+     *
      * @param name attribute name
      * @exception EBaseException failed to get attribute
      */
@@ -196,7 +196,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves a list of possible attribute names.
      * 

-     * 
+     *
      * @return a list of names
      */
     public Enumeration getElements() {
@@ -205,7 +205,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
 
     /**
      * Retrieves serializable attribute names.
-     * 
+     *
      * @return a list of serializable attribute names
      */
     public Enumeration getSerializableAttrNames() {
@@ -215,7 +215,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves version of this proof.
      * 

-     * 
+     *
      * @return version
      */
     public BigInteger getVersion() {
@@ -225,7 +225,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the serial number.
      * 

-     * 
+     *
      * @return serial number
      */
     public BigInteger getSerialNumber() {
@@ -235,7 +235,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the subject name.
      * 

-     * 
+     *
      * @return subject name
      */
     public String getSubjectName() {
@@ -245,7 +245,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the issuer name.
      * 

-     * 
+     *
      * @return issuer name
      */
     public String getIssuerName() {
@@ -255,7 +255,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Returns the beginning of the escrowed perioid.
      * 

-     * 
+     *
      * @return date of archival
      */
     public Date getDateOfArchival() {
diff --git a/base/common/src/com/netscape/certsrv/ldap/ELdapException.java b/base/common/src/com/netscape/certsrv/ldap/ELdapException.java
index 8c1d2d4a5..57d7ca958 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ELdapException.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ELdapException.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.EBaseException;
  * A class that represents a Ldap exception. Various
  * errors can occur when interacting with a Ldap directory server.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ELdapException extends EBaseException {
@@ -39,7 +39,7 @@ public class ELdapException extends EBaseException {
 
     /**
      * Constructs a Ldap exception.
-     * 
+     *
      * @param msgFormat Resource Key, if key not present, serves as the message.
      *            

      */
@@ -49,7 +49,7 @@ public class ELdapException extends EBaseException {
 
     /**
      * Constructs a Ldap exception.
-     * 
+     *
      * @param msgFormat Resource Key, if key not present, serves as the message.
      *            Include a message string parameter for variable content.
      * @param param Message string parameter.
@@ -61,7 +61,7 @@ public class ELdapException extends EBaseException {
 
     /**
      * Constructs a Ldap exception.
-     * 
+     *
      * @param msgFormat Resource Key, if key not present, serves as the message.
      * @param e Common exception.
      *            

@@ -72,7 +72,7 @@ public class ELdapException extends EBaseException {
 
     /**
      * Constructs a Ldap exception.
-     * 
+     *
      * @param msgFormat Resource Key, if key not present, serves as the message.
      * @param params Array of Message string parameters.
      *            

@@ -83,7 +83,7 @@ public class ELdapException extends EBaseException {
 
     /**
      * Gets the resource bundle name
-     * 
+     *
      * @return Name of the Ldap Exception resource bundle name.
      *         

      */
diff --git a/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java b/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java
index f347b1714..30ce8d28a 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.ldap;
 
 /**
  * This represents exception which indicates Ldap server is down.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ELdapServerDownException extends ELdapException {
@@ -31,7 +31,7 @@ public class ELdapServerDownException extends ELdapException {
 
     /**
      * Constructs a ldap server down exception with host & port info.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public ELdapServerDownException(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java b/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java
index 4325f077c..c163c7f0f 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.IConfigStore;
 /**
  * Class for obtaining ldap authentication info from the configuration store.
  * Two types of authentication is basic and SSL client authentication.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILdapAuthInfo {
@@ -43,10 +43,10 @@ public interface ILdapAuthInfo {
 
     /**
      * Initialize this class from the config store.
-     * 
+     *
      * @param config The config store from which to initialize.
      * @exception EBaseException Due to failure of the initialization process.
-     * 
+     *
      */
     public void init(IConfigStore config) throws EBaseException;
 
@@ -54,10 +54,10 @@ public interface ILdapAuthInfo {
      * Initialize this class from the config store.
      * Based on host, port, and secure boolean info.
      * which allows an actual attempt on the server to verify credentials.
-     * 
+     *
      * @param config The config store from which to initialize.
      * @exception EBaseException Due to failure of the initialization process.
-     * 
+     *
      */
     public void init(IConfigStore config, String host, int port, boolean secure)
             throws EBaseException;
@@ -69,7 +69,7 @@ public interface ILdapAuthInfo {
 
     /**
      * Get authentication type.
-     * 
+     *
      * @return one of: 

      *         LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or
      *         LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH
@@ -78,14 +78,14 @@ public interface ILdapAuthInfo {
 
     /**
      * Get params for authentication.
-     * 
+     *
      * @return array of parameters for this authentication as an array of Strings.
      */
     public String[] getParms();
 
     /**
      * Add password to private password data structure.
-     * 
+     *
      * @param prompt Password prompt.
      * @param pw Password itself.
      */
@@ -93,7 +93,7 @@ public interface ILdapAuthInfo {
 
     /**
      * Remove password from private password data structure.
-     * 
+     *
      * @param prompt Identify password to remove with prompt.
      */
     public void removePassword(String prompt);
diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java b/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java
index 846f51749..36cb6204c 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java
@@ -25,7 +25,7 @@ package com.netscape.certsrv.ldap;
  * max size of this connection pool should be configurable. Once
  * the maximum limit of connections is exceeded, the factory
  * should provide proper synchronization to resolve contention issues.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILdapBoundConnFactory extends ILdapConnFactory {
diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java b/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java
index 738f5832d..74e0394ca 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java
@@ -26,14 +26,14 @@ import com.netscape.certsrv.base.IConfigStore;
  * Maintains a pool of connections to the LDAP server.
  * Multiple threads use this interface to utilize and release
  * the Ldap connection resources.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILdapConnFactory {
 
     /**
      * Initialize the poll from the config store.
-     * 
+     *
      * @param config The configuration substore.
      * @exception EBaseException On configuration error.
      * @exception ELdapException On all other errors.
@@ -42,11 +42,11 @@ public interface ILdapConnFactory {
             throws EBaseException, ELdapException;
 
     /**
-     * 
+     *
      * Used for disconnecting all connections.
      * Used just before a subsystem
      * shutdown or process exit.
-     * 
+     *
      * @exception EldapException on Ldap failure when closing connections.
      */
     public void reset()
@@ -54,7 +54,7 @@ public interface ILdapConnFactory {
 
     /**
      * Returns the number of free connections available from this pool.
-     * 
+     *
      * @return Integer number of free connections.
      */
 
@@ -63,21 +63,21 @@ public interface ILdapConnFactory {
     /**
      * Returns the number of total connections available from this pool.
      * Includes sum of free and in use connections.
-     * 
+     *
      * @return Integer number of total connections.
      */
     public int totalConn();
 
     /**
      * Returns the maximum number of connections available from this pool.
-     * 
+     *
      * @return Integer maximum number of connections.
      */
     public int maxConn();
 
     /**
      * Request access to a Ldap connection from the pool.
-     * 
+     *
      * @exception ELdapException if any error occurs, such as a
      * @return Ldap connection object.
      *         connection is not available
@@ -87,7 +87,7 @@ public interface ILdapConnFactory {
 
     /**
      * Return connection to the factory. mandatory after a getConn().
-     * 
+     *
      * @param conn Ldap connection object to be returned to the free list of the pool.
      * @exception ELdapException On any failure to return the connection.
      */
diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java b/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java
index aa5b388a3..e74cc489b 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.IConfigStore;
 /**
  * Class for reading ldap connection information from the config store.
  * Ldap connection info: host name, port number,whether of not it is a secure connection.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILdapConnInfo {
@@ -40,7 +40,7 @@ public interface ILdapConnInfo {
 
     /**
      * Initializes an instance from a config store.
-     * 
+     *
      * @param config Configuration store.
      * @exception ELdapException Ldap related error found.
      * @exception EBaseException Other errors and errors with params included in the config store.
@@ -49,14 +49,14 @@ public interface ILdapConnInfo {
 
     /**
      * Return the name of the Host.
-     * 
+     *
      */
 
     public String getHost();
 
     /**
      * Return the port number of the host.
-     * 
+     *
      */
     public int getPort();
 
diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java b/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java
index efa1c271e..5ee09028b 100644
--- a/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java
+++ b/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * Class on behalf of the Publishing system that controls an instance of an ILdapConnFactory.
  * Allows a factory to be intialized and grants access
  * to the factory to other interested parties.
- * 
+ *
  * @version $Revision$, $Date$
  */
 
@@ -33,7 +33,7 @@ public interface ILdapConnModule {
 
     /**
      * Initialize ldap publishing module with config store.
-     * 
+     *
      * @param owner Entity that is interested in this instance of Publishing.
      * @param config Config store containing the info needed to set up Publishing.
      * @exception ELdapException Due to Ldap error.
@@ -51,7 +51,7 @@ public interface ILdapConnModule {
      * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap
      * publishing directory.
      * Use ILdapConnFactory.returnConn() to return the connection.
-     * 
+     *
      * @return Instance of ILdapConnFactory.
      */
 
diff --git a/base/common/src/com/netscape/certsrv/ldap/LdapResources.java b/base/common/src/com/netscape/certsrv/ldap/LdapResources.java
index 332fcaddf..c7139e931 100644
--- a/base/common/src/com/netscape/certsrv/ldap/LdapResources.java
+++ b/base/common/src/com/netscape/certsrv/ldap/LdapResources.java
@@ -21,7 +21,7 @@ import java.util.ListResourceBundle;
 
 /**
  * A resource bundle for ldap subsystem.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/listeners/EListenersException.java b/base/common/src/com/netscape/certsrv/listeners/EListenersException.java
index 6aee21ff4..1169de0b1 100644
--- a/base/common/src/com/netscape/certsrv/listeners/EListenersException.java
+++ b/base/common/src/com/netscape/certsrv/listeners/EListenersException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a listener exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EListenersException extends EBaseException {
@@ -39,7 +39,7 @@ public class EListenersException extends EBaseException {
     /**
      * Constructs a listeners exception.
      * 

-     * 
+     *
      * @param msgFormat The error message resource key.
      */
     public EListenersException(String msgFormat) {
@@ -49,7 +49,7 @@ public class EListenersException extends EBaseException {
     /**
      * Constructs a listeners exception.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format.
      * @param param message string parameter.
      */
@@ -60,7 +60,7 @@ public class EListenersException extends EBaseException {
     /**
      * Constructs a Listeners exception.
      * 

-     * 
+     *
      * @param msgFormat The resource key.
      * @param e The parameter as an exception.
      */
@@ -71,7 +71,7 @@ public class EListenersException extends EBaseException {
     /**
      * Constructs a Listeners exception.
      * 

-     * 
+     *
      * @param msgFormat The resource key.
      * @param params Array of params.
      */
@@ -82,7 +82,7 @@ public class EListenersException extends EBaseException {
     /**
      * get the listener resource class name.
      * 

-     * 
+     *
      * @return the class name of the resource.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java b/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java
index c615586db..3f7863248 100644
--- a/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java
+++ b/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IConfigStore;
  * This interface represents a plug-in listener. Implement this class to
  * add the listener to an ARequestNotifier of a subsystem.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestListenerPlugin {
@@ -32,7 +32,7 @@ public interface IRequestListenerPlugin {
     /**
      * get the registered class name set in the init() method.
      * 

-     * 
+     *
      * @return the Name.
      */
     public String getName();
@@ -40,7 +40,7 @@ public interface IRequestListenerPlugin {
     /**
      * get the plugin implementaion name set in the init() method.
      * 

-     * 
+     *
      * @return the plugin implementation name.
      */
     public String getImplName();
@@ -48,7 +48,7 @@ public interface IRequestListenerPlugin {
     /**
      * the subsystem call this method to initialize the plug-in.
      * 

-     * 
+     *
      * @param name the registered class name of the plug-in.
      * @param implName the implemetnation name of the plug-in.
      * @param config the configuration store where the.
@@ -66,7 +66,7 @@ public interface IRequestListenerPlugin {
     /**
      * get the configuration parameters of the plug-in.
      * 

-     * 
+     *
      * @return the configuration parameters.
      * @exception EBaseException throws base exception in the certificate server.
      */
@@ -77,7 +77,7 @@ public interface IRequestListenerPlugin {
      * get the configuration store of the plugin where the
      * configuration parameters of the plug-in are stored.
      * 

-     * 
+     *
      * @return the configuration store.
      */
 
diff --git a/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java b/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java
index 9eaf41371..0eccf2f19 100644
--- a/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java
+++ b/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the
  * listeners package.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ListenersResources extends ListResourceBundle {
@@ -30,7 +30,7 @@ public class ListenersResources extends ListResourceBundle {
     /**
      * get the content of the resource.
      * 

-     * 
+     *
      * @return the content of this resource is a value pairs array of keys and values.
      */
     public Object[][] getContents() {
diff --git a/base/common/src/com/netscape/certsrv/logging/AuditEvent.java b/base/common/src/com/netscape/certsrv/logging/AuditEvent.java
index aa0077b06..8ae5cd669 100644
--- a/base/common/src/com/netscape/certsrv/logging/AuditEvent.java
+++ b/base/common/src/com/netscape/certsrv/logging/AuditEvent.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.base.MessageFormatter;
  * that goes into the Transaction log. Note that the name of this
  * class "AuditEvent" is legacy and has nothing to do with the signed
  * audit log events, whcih are represented by SignedAuditEvent.
- * 
+ *
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.logging.LogResources
@@ -59,7 +59,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Constructs a message event
      * 

-     * 
+     *
      * @param msgFormat the message string
      */
     public AuditEvent(String msgFormat) {
@@ -69,12 +69,12 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Constructs a message with a parameter. For example,
-     * 
+     *
      * 
      * new AuditEvent("failed to load {0}", fileName);
      * 

      * 

-     * 
+     *
      * @param msgFormat details in message string format
      * @param param message string parameter
      */
@@ -88,7 +88,7 @@ public class AuditEvent implements IBundleLogEvent {
      * Constructs a message from an exception. It can be used to carry
      * a system exception that may contain information about
      * the context. For example,
-     * 
+     *
      * 
      *         try {
      *          ...
@@ -97,7 +97,7 @@ public class AuditEvent implements IBundleLogEvent {
      *      }
      * 

      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -110,7 +110,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Constructs a message from a base exception. This will use the msgFormat
      * from the exception itself.
-     * 
+     *
      * 
      *         try {
      *          ...
@@ -119,7 +119,7 @@ public class AuditEvent implements IBundleLogEvent {
      *      }
      * 

      * 

-     * 
+     *
      * @param e CMS exception
      */
     public AuditEvent(Exception e) {
@@ -136,7 +136,7 @@ public class AuditEvent implements IBundleLogEvent {
      * Constructs a message event with a list of parameters
      * that will be substituted into the message format.
      * 

-     * 
+     *
      * @param msgFormat message string format
      * @param params list of message format parameters
      */
@@ -148,7 +148,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Returns the current message format string.
      * 

-     * 
+     *
      * @return details message
      */
     public String getMessage() {
@@ -158,7 +158,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Returns a list of parameters.
      * 

-     * 
+     *
      * @return list of message format parameters
      */
     public Object[] getParameters() {
@@ -169,7 +169,7 @@ public class AuditEvent implements IBundleLogEvent {
      * Returns localized message string. This method should
      * only be called if a localized string is necessary.
      * 

-     * 
+     *
      * @return details message
      */
     public String toContent() {
@@ -179,7 +179,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Returns the string based on the given locale.
      * 

-     * 
+     *
      * @param locale locale
      * @return details message
      */
@@ -192,7 +192,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Gets the resource bundle name for this class instance. This should
      * be overridden by subclasses who have their own resource bundles.
-     * 
+     *
      * @param bundle String that represents the resource bundle name to be set
      */
     public void setBundleName(String bundle) {
@@ -201,7 +201,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves bundle name.
-     * 
+     *
      * @return a String that represents the resource bundle name
      */
     protected String getBundleName() {
@@ -210,7 +210,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves log source.
-     * 
+     *
      * @return an integer that indicates the component source
      *         where this message event was triggered
      */
@@ -220,7 +220,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Sets log source.
-     * 
+     *
      * @param source an integer that represents the component source
      *            where this message event was triggered
      */
@@ -232,7 +232,7 @@ public class AuditEvent implements IBundleLogEvent {
      * Retrieves log level.
      * The log level of an event represents its relative importance
      * or severity within CMS.
-     * 
+     *
      * @return Integer log level value.
      */
     public int getLevel() {
@@ -241,7 +241,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves NT specific log event type.
-     * 
+     *
      * @return Integer NTEventType value.
      */
     public int getNTEventType() {
@@ -252,7 +252,7 @@ public class AuditEvent implements IBundleLogEvent {
      * Sets log level, NT log event type.
      * For certain log levels the NT log event type gets
      * set as well.
-     * 
+     *
      * @param level Integer log level value.
      */
     public void setLevel(int level) {
@@ -283,7 +283,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves log multiline attribute.
-     * 
+     *
      * @return Boolean whether or not this event is multiline.
      *         A multiline message simply consists of more than one line.
      */
@@ -294,7 +294,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Sets log multiline attribute. A multiline message consists of
      * more than one line.
-     * 
+     *
      * @param multiline Boolean multiline value.
      */
     public void setMultiline(boolean multiline) {
@@ -303,7 +303,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves event time stamp.
-     * 
+     *
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp() {
@@ -313,7 +313,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Retrieves log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @return String containing the type of event.
      */
     public String getEventType() {
@@ -323,7 +323,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Sets log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType) {
@@ -332,7 +332,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Return string representation of log message.
-     * 
+     *
      * @return String containing log message.
      */
     public String toString() {
diff --git a/base/common/src/com/netscape/certsrv/logging/AuditFormat.java b/base/common/src/com/netscape/certsrv/logging/AuditFormat.java
index e5f8726f7..72980aa5a 100644
--- a/base/common/src/com/netscape/certsrv/logging/AuditFormat.java
+++ b/base/common/src/com/netscape/certsrv/logging/AuditFormat.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.logging;
  * Define audit log message format. Note that the name of this
  * class "AuditFormat" is legacy and has nothing to do with the signed
  * audit log events format
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuditFormat {
diff --git a/base/common/src/com/netscape/certsrv/logging/ConsoleError.java b/base/common/src/com/netscape/certsrv/logging/ConsoleError.java
index 13e0f3d45..c12887628 100644
--- a/base/common/src/com/netscape/certsrv/logging/ConsoleError.java
+++ b/base/common/src/com/netscape/certsrv/logging/ConsoleError.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.logging;
 
 /**
  * A static class to log error messages to the Console
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ConsoleError {
@@ -27,7 +27,7 @@ public class ConsoleError {
 
     /**
      * Send the given event to the Console.
-     * 
+     *
      * @param ev log event to be sent to the console
      */
     public static void send(ILogEvent ev) {
diff --git a/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java b/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java
index 2e87fc92c..df0179c95 100644
--- a/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java
+++ b/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java
@@ -30,14 +30,14 @@ import com.netscape.certsrv.common.NameValuePairs;
 
 /**
  * A log event listener which sends all log events to the system console/tty
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ConsoleLog implements ILogEventListener {
 
     /**
      * Log the given event. Usually called from a log manager.
-     * 
+     *
      * @param ev log event
      */
     public void log(ILogEvent ev) {
@@ -46,7 +46,7 @@ public class ConsoleLog implements ILogEventListener {
 
     /**
      * Flush the system output stream.
-     * 
+     *
      */
     public void flush() {
         System.err.flush();
@@ -61,7 +61,7 @@ public class ConsoleLog implements ILogEventListener {
     /**
      * get the configuration store that is associated with this
      * log listener
-     * 
+     *
      * @return the configuration store that is associated with this
      *         log listener
      */
@@ -80,7 +80,7 @@ public class ConsoleLog implements ILogEventListener {
      * Retrieve last "maxLine" number of system log with log lever >"level"
      * and from source "source". If the parameter is omitted. All entries
      * are sent back.
-     * 
+     *
      * @param req a Hashtable containing the required information such as
      *            log entry, log level, log source, and log name
      * @return the content of the log that match the criteria in req
diff --git a/base/common/src/com/netscape/certsrv/logging/ELogException.java b/base/common/src/com/netscape/certsrv/logging/ELogException.java
index 717dbdfe2..f049e2e12 100644
--- a/base/common/src/com/netscape/certsrv/logging/ELogException.java
+++ b/base/common/src/com/netscape/certsrv/logging/ELogException.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.base.MessageFormatter;
  * This class implements a Log exception. LogExceptions
  * should be caught by LogSubsystem managers.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  */
@@ -44,7 +44,7 @@ public class ELogException extends EBaseException {
     /**
      * Constructs a log exception.
      * 

-     * 
+     *
      * @param msgFormat Exception details.
      */
     public ELogException(String msgFormat) {
@@ -54,12 +54,12 @@ public class ELogException extends EBaseException {
 
     /**
      * Constructs a log exception with a parameter. For example,
-     * 
+     *
      * 
      * new ELogException("failed to load {0}", fileName);
      * 

      * 

-     * 
+     *
      * @param msgFormat Exception details in message string format.
      * @param param Message string parameter.
      */
@@ -73,7 +73,7 @@ public class ELogException extends EBaseException {
      * Constructs a log exception. It can be used to carry
      * a system exception that may contain information about
      * the context. For example,
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -82,7 +82,7 @@ public class ELogException extends EBaseException {
      *      }
      * 

      * 

-     * 
+     *
      * @param msgFormat Exception details in message string format.
      * @param param System exception.
      */
@@ -96,7 +96,7 @@ public class ELogException extends EBaseException {
      * Constructs a log exception with a list of parameters
      * that will be substituted into the message format.
      * 

-     * 
+     *
      * @param msgFormat Exception details in message string format.
      * @param params List of message format parameters.
      */
@@ -108,7 +108,7 @@ public class ELogException extends EBaseException {
     /**
      * Returns a list of parameters.
      * 

-     * 
+     *
      * @return list of message format parameters.
      */
     public Object[] getParameters() {
@@ -119,7 +119,7 @@ public class ELogException extends EBaseException {
      * Returns localized exception string. This method should
      * only be called if a localized string is necessary.
      * 

-     * 
+     *
      * @return Details message.
      */
     public String toString() {
@@ -129,7 +129,7 @@ public class ELogException extends EBaseException {
     /**
      * Returns the string based on the given locale.
      * 

-     * 
+     *
      * @param locale Locale.
      * @return Details message.
      */
@@ -141,7 +141,7 @@ public class ELogException extends EBaseException {
     /**
      * Retrieves resource bundle name.
      * Subclasses should override this as necessary
-     * 
+     *
      * @return String containing name of resource bundle.
      */
 
diff --git a/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java b/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java
index 7de84733c..5dc574e3a 100644
--- a/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java
+++ b/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.logging;
 
 /**
  * Exception for log not found.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ELogNotFound extends ELogException {
@@ -31,7 +31,7 @@ public class ELogNotFound extends ELogException {
 
     /**
      * Constructs a exception for a missing required log.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public ELogNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java b/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java
index 6c434aff9..138dd0831 100644
--- a/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java
+++ b/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.logging;
 
 /**
  * Exception for log plugin not found.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ELogPluginNotFound extends ELogException {
@@ -31,7 +31,7 @@ public class ELogPluginNotFound extends ELogException {
 
     /**
      * Constructs a exception for a missing log plugin.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public ELogPluginNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java b/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java
index 9dd8595cf..a0aa8455d 100644
--- a/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java
+++ b/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.logging;
  * See ILogEvent class.
  * This class maintains a resource bundle name for given
  * event type.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IBundleLogEvent extends ILogEvent {
@@ -30,7 +30,7 @@ public interface IBundleLogEvent extends ILogEvent {
     /**
      * Sets the name of the resource bundle to be associated
      * with this event type.
-     * 
+     *
      * @param bundle name of resource bundle.
      */
     public void setBundleName(String bundle);
diff --git a/base/common/src/com/netscape/certsrv/logging/ILogEvent.java b/base/common/src/com/netscape/certsrv/logging/ILogEvent.java
index 423918983..865d3dc9a 100644
--- a/base/common/src/com/netscape/certsrv/logging/ILogEvent.java
+++ b/base/common/src/com/netscape/certsrv/logging/ILogEvent.java
@@ -27,14 +27,14 @@ import java.util.Locale;
  * A log event represents a certain kind of log message designed for a specific purpose.
  * For instance, an audit type event represents messages having to do with auditable CMS
  * actions. The resulting message will ultimately appear into a specific log file.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILogEvent extends Serializable {
 
     /**
      * Retrieves event time stamp.
-     * 
+     *
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp();
@@ -43,7 +43,7 @@ public interface ILogEvent extends Serializable {
      * Retrieves log source.
      * This is an id of the subsystem responsible
      * for creating the log event.
-     * 
+     *
      * @return Integer source id.
      */
     public int getSource();
@@ -52,14 +52,14 @@ public interface ILogEvent extends Serializable {
      * Retrieves log level.
      * The log level of an event represents its relative importance
      * or severity within CMS.
-     * 
+     *
      * @return Integer log level value.
      */
     public int getLevel();
 
     /**
      * Retrieves NT specific log event type.
-     * 
+     *
      * @return Integer NTEventType value.
      */
     public int getNTEventType();
@@ -67,7 +67,7 @@ public interface ILogEvent extends Serializable {
     /**
      * Retrieves multiline attribute.
      * Does this message consiste of more than one line.
-     * 
+     *
      * @return Boolean of multiline status.
      */
     public boolean getMultiline();
@@ -75,7 +75,7 @@ public interface ILogEvent extends Serializable {
     /**
      * Retrieves log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @return String containing the type of event.
      */
     public String getEventType();
@@ -83,7 +83,7 @@ public interface ILogEvent extends Serializable {
     /**
      * Sets log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType);
@@ -92,7 +92,7 @@ public interface ILogEvent extends Serializable {
      * Returns localized message string. This method should
      * only be called if a localized string is necessary.
      * 

-     * 
+     *
      * @return Details message.
      */
     public String toContent();
@@ -100,7 +100,7 @@ public interface ILogEvent extends Serializable {
     /**
      * Returns the string based on the given locale.
      * 

-     * 
+     *
      * @param locale locale
      * @return Details message.
      */
diff --git a/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java b/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java
index bfd5be930..ea61d0f2f 100644
--- a/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java
+++ b/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java
@@ -23,14 +23,14 @@ import java.util.Properties;
  * An interface represents a log event factory. This
  * factory will be responsible for creating and returning ILogEvent objects
  * on demand.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILogEventFactory {
 
     /**
      * Creates an event of a particular event type/class.
-     * 
+     *
      * @param evtClass The event type.
      * @param prop The resource bundle.
      * @param source The subsystem ID who creates the log event.
@@ -45,7 +45,7 @@ public interface ILogEventFactory {
 
     /**
      * Releases previously created event.
-     * 
+     *
      * @param event The log event.
      */
     public void release(ILogEvent event);
diff --git a/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java b/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java
index 15ff08ad5..a2d468955 100644
--- a/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java
+++ b/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java
@@ -37,14 +37,14 @@ import com.netscape.certsrv.common.NameValuePairs;
  * of the logged event. The listener will then proceed to
  * process the event accordingly which will result in a log
  * message existing in some file.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILogEventListener extends EventListener {
 
     /**
      * The event notification method: Logs event.
-     * 
+     *
      * @param event The log event to be processed.
      */
     public void log(ILogEvent event) throws ELogException;
@@ -62,14 +62,14 @@ public interface ILogEventListener extends EventListener {
 
     /**
      * Get the configuration store for the log event listener.
-     * 
+     *
      * @return The configuration store of this log event listener.
      */
     public IConfigStore getConfigStore();
 
     /**
      * Initialize this log listener
-     * 
+     *
      * @param owner The subsystem.
      * @param config Configuration store for this log listener.
      * @exception initialization error.
@@ -87,7 +87,7 @@ public interface ILogEventListener extends EventListener {
      * Retrieve last "maxLine" number of system logs with log level >"level"
      * and from source "source". If the parameter is omitted. All entries
      * are sent back.
-     * 
+     *
      * @param req a Hashtable containing the required information such as
      *            log entry, log level, log source, and log name.
      * @return NameValue pair list of log messages.
@@ -100,35 +100,35 @@ public interface ILogEventListener extends EventListener {
 
     /**
      * Retrieve list of log files.
-     * 
+     *
      */
     public NameValuePairs retrieveLogList(Hashtable req) throws ServletException,
             IOException, EBaseException;
 
     /**
      * Returns implementation name.
-     * 
+     *
      * @return String name of event listener implementation.
      */
     public String getImplName();
 
     /**
      * Returns the description of this log event listener.
-     * 
+     *
      * @return String with listener description.
      */
     public String getDescription();
 
     /**
      * Return list of default config parameters for this log event listener.
-     * 
+     *
      * @return Vector of default parameters.
      */
     public Vector getDefaultParams();
 
     /**
      * Return list of instance config parameters for this log event listener.
-     * 
+     *
      * @return Vector of instance parameters.
      */
     public Vector getInstanceParams();
diff --git a/base/common/src/com/netscape/certsrv/logging/ILogQueue.java b/base/common/src/com/netscape/certsrv/logging/ILogQueue.java
index bca7a93df..9cdcb8a36 100644
--- a/base/common/src/com/netscape/certsrv/logging/ILogQueue.java
+++ b/base/common/src/com/netscape/certsrv/logging/ILogQueue.java
@@ -21,14 +21,14 @@ package com.netscape.certsrv.logging;
  * An interface represents a log queue. A log queue
  * is a queue of pending log events to be dispatched
  * to a set of registered ILogEventListeners.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILogQueue {
 
     /**
      * Dispatch the log event to all registered log event listeners.
-     * 
+     *
      * @param evt the log event
      */
     public void log(ILogEvent evt);
@@ -41,7 +41,7 @@ public interface ILogQueue {
 
     /**
      * Registers an event listener.
-     * 
+     *
      * @param listener The log event listener to be registered
      *            to this queue.
      */
@@ -49,7 +49,7 @@ public interface ILogQueue {
 
     /**
      * Removes an event listener.
-     * 
+     *
      * @param listener The log event listener to be removed from this queue.
      */
     public void removeLogEventListener(ILogEventListener listener);
@@ -57,7 +57,7 @@ public interface ILogQueue {
     /**
      * Initializes the log queue.
      * 

-     * 
+     *
      */
     public void init();
 
diff --git a/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java b/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java
index ce317a5b8..313f2688e 100644
--- a/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * instances. Each log instance can be individually configured and is
  * associated with its own configuration entries in the configuration file.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILogSubsystem extends ISubsystem {
@@ -45,7 +45,7 @@ public interface ILogSubsystem extends ISubsystem {
     /**
      * Retrieve plugin name (implementation name) of the log event
      * listener. If no plug name found, an empty string is returned
-     * 
+     *
      * @param log the log event listener
      * @return the log event listener's plugin name
      */
@@ -53,7 +53,7 @@ public interface ILogSubsystem extends ISubsystem {
 
     /**
      * Retrieve the log event listener by instance name
-     * 
+     *
      * @param insName the log instance name in String
      * @return the log instance in ILogEventListener
      */
@@ -61,7 +61,7 @@ public interface ILogSubsystem extends ISubsystem {
 
     /**
      * get the list of log plugins that are available
-     * 
+     *
      * @return log plugins in a Hashtable. Each entry in the
      *         Hashtable contains the name/value pair of pluginName/LogPlugin
      * @see LogPlugin
@@ -70,7 +70,7 @@ public interface ILogSubsystem extends ISubsystem {
 
     /**
      * get the list of log instances that are available
-     * 
+     *
      * @return log instances in a Hashtable. Each entry in the
      *         Hashtable contains the name/value pair of instName/ILogEventListener
      * @see LogPlugin
@@ -82,7 +82,7 @@ public interface ILogSubsystem extends ISubsystem {
      * plugin. It is used by
      * administration servlet to handle log configuration when a new
      * log instance is added.
-     * 
+     *
      * @param implName The implementation name for which the
      *            configuration parameters are to be configured
      * @return a Vector of default configuration paramter names
@@ -97,7 +97,7 @@ public interface ILogSubsystem extends ISubsystem {
      * Get the default configuration parameter names associated with a
      * log instance. It is used by administration servlet to handle
      * log instance configuration.
-     * 
+     *
      * @param insName The instance name for which the configuration
      *            parameters are to be configured
      * @return a Vector of default configuration paramter names
diff --git a/base/common/src/com/netscape/certsrv/logging/ILogger.java b/base/common/src/com/netscape/certsrv/logging/ILogger.java
index 4cdb4b80f..10ec35337 100644
--- a/base/common/src/com/netscape/certsrv/logging/ILogger.java
+++ b/base/common/src/com/netscape/certsrv/logging/ILogger.java
@@ -26,7 +26,7 @@ import java.util.Properties;
  * written to the destination log file. This object also maintains a collection of ILogFactory objects
  * which are used to create the supported types of ILogEvents. CMS comes out of the box with three event
  * types: "signedAudit", "system", and "audit".
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILogger {
@@ -269,7 +269,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
@@ -278,7 +278,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -288,7 +288,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
@@ -298,7 +298,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -309,7 +309,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
@@ -320,7 +320,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
@@ -331,7 +331,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -342,7 +342,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -355,7 +355,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param prop The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -370,7 +370,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
@@ -380,7 +380,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -391,7 +391,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
@@ -402,7 +402,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -414,7 +414,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
@@ -426,7 +426,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source TTTTsource of the log event.
@@ -438,7 +438,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
@@ -452,7 +452,7 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
      * @param prop The resource bundle used for the detailed message.
      * @param source The source of the log event.
diff --git a/base/common/src/com/netscape/certsrv/logging/LogPlugin.java b/base/common/src/com/netscape/certsrv/logging/LogPlugin.java
index 9d7a5cc45..152ad4841 100644
--- a/base/common/src/com/netscape/certsrv/logging/LogPlugin.java
+++ b/base/common/src/com/netscape/certsrv/logging/LogPlugin.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.Plugin;
 /**
  * This class represents a registered logger plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LogPlugin extends Plugin {
diff --git a/base/common/src/com/netscape/certsrv/logging/LogResources.java b/base/common/src/com/netscape/certsrv/logging/LogResources.java
index 899bf1893..005428d79 100644
--- a/base/common/src/com/netscape/certsrv/logging/LogResources.java
+++ b/base/common/src/com/netscape/certsrv/logging/LogResources.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.BaseResources;
 /**
  * This is the fallback resource bundle for all log events.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
@@ -35,7 +35,7 @@ public class LogResources extends ListResourceBundle {
     /**
      * Contructs a log resource bundle and sets it's parent to the base
      * resource bundle.
-     * 
+     *
      * @see com.netscape.certsrv.base.BaseResources
      */
     public LogResources() {
@@ -45,7 +45,7 @@ public class LogResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
-     * 
+     *
      * @return Array of objects making up the contents of this resource.
      */
     public Object[][] getContents() {
diff --git a/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java b/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java
index 8541eda34..b5483eb9f 100644
--- a/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java
+++ b/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java
@@ -27,8 +27,8 @@ import com.netscape.certsrv.base.MessageFormatter;
  * The log event object that carries message detail of a log event
  * that goes into the Signed Audit Event log. This log has the
  * property of being digitally signed for security considerations.
- * 
- * 
+ *
+ *
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.logging.LogResources
@@ -61,7 +61,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Constructs a SignedAuditEvent message event.
      * 

-     * 
+     *
      * @param msgFormat The message string.
      */
     public SignedAuditEvent(String msgFormat) {
@@ -71,12 +71,12 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Constructs a message with a parameter. For example,
-     * 
+     *
      * 
      * new SignedAuditEvent("failed to load {0}", fileName);
      * 

      * 

-     * 
+     *
      * @param msgFormat Details in message string format.
      * @param param Message string parameter.
      */
@@ -90,7 +90,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Constructs a message from an exception. It can be used to carry
      * a signed audit exception that may contain information about
      * the context. For example,
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -99,7 +99,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      *      }
      * 

      * 

-     * 
+     *
      * @param msgFormat Exception details in message string format.
      * @param exception System exception.
      */
@@ -112,7 +112,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Constructs a message from a base exception. This will use the msgFormat
      * from the exception itself.
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -121,7 +121,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      *      }
      * 

      * 

-     * 
+     *
      * @param e CMS exception.
      */
     public SignedAuditEvent(Exception e) {
@@ -138,7 +138,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Constructs a message event with a list of parameters
      * that will be substituted into the message format.
      * 

-     * 
+     *
      * @param msgFormat Message string format.
      * @param params List of message format parameters.
      */
@@ -150,7 +150,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Returns the current message format string.
      * 

-     * 
+     *
      * @return Details message.
      */
     public String getMessage() {
@@ -161,7 +161,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Returns a list of parameters. These parameters can be
      * used to assist in formatting the message.
      * 

-     * 
+     *
      * @return List of message format parameters.
      */
     public Object[] getParameters() {
@@ -172,7 +172,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Returns localized message string. This method should
      * only be called if a localized string is necessary.
      * 

-     * 
+     *
      * @return Details message.
      */
     public String toContent() {
@@ -182,7 +182,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Returns the string based on the given locale.
      * 

-     * 
+     *
      * @param locale Locale.
      * @return Details message.
      */
@@ -195,7 +195,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Sets the resource bundle name for this class instance. This should
      * be overridden by subclasses who have their own resource bundles.
-     * 
+     *
      * @param bundle String with name of resource bundle.
      */
     public void setBundleName(String bundle) {
@@ -204,7 +204,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves bundle name.
-     * 
+     *
      * @return String with name of resource bundle.
      */
     protected String getBundleName() {
@@ -215,7 +215,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Retrieves log source.
      * This is an id of the subsystem responsible
      * for creating the log event.
-     * 
+     *
      * @return Integer source id.
      */
     public int getSource() {
@@ -224,7 +224,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Sets log source.
-     * 
+     *
      * @param source Integer id of log source.
      */
     public void setSource(int source) {
@@ -235,7 +235,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Retrieves log level.
      * The log level of an event represents its relative importance
      * or severity within CMS.
-     * 
+     *
      * @return Integer log level value.
      */
     public int getLevel() {
@@ -244,7 +244,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves NT specific log event type.
-     * 
+     *
      * @return Integer NTEventType value.
      */
     public int getNTEventType() {
@@ -255,7 +255,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      * Sets log level, NT log event type.
      * For certain log levels the NT log event type gets
      * set as well.
-     * 
+     *
      * @param level Integer log level value.
      */
     public void setLevel(int level) {
@@ -286,7 +286,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves log multiline attribute.
-     * 
+     *
      * @return Boolean whether or not this event is multiline.
      *         A multiline message simply consists of more than one line.
      */
@@ -297,7 +297,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Sets log multiline attribute. A multiline message consists of
      * more than one line.
-     * 
+     *
      * @param multiline Boolean multiline value.
      */
     public void setMultiline(boolean multiline) {
@@ -306,7 +306,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves event time stamp.
-     * 
+     *
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp() {
@@ -316,7 +316,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Retrieves log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @return String containing the type of event.
      */
     public String getEventType() {
@@ -326,7 +326,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Sets log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType) {
@@ -335,7 +335,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Return string representation of log message.
-     * 
+     *
      * @return String containing log message.
      */
     public String toString() {
diff --git a/base/common/src/com/netscape/certsrv/logging/SystemEvent.java b/base/common/src/com/netscape/certsrv/logging/SystemEvent.java
index 9f625cdfd..3704e60ca 100644
--- a/base/common/src/com/netscape/certsrv/logging/SystemEvent.java
+++ b/base/common/src/com/netscape/certsrv/logging/SystemEvent.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.base.MessageFormatter;
  * The log event object that carries a log message.
  * This class represents System events which are CMS events
  * which need to be logged to a log file.
- * 
+ *
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.logging.LogResources
@@ -59,7 +59,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Constructs a SystemEvent message event.
      * 

-     * 
+     *
      * @param msgFormat The message string.
      */
     public SystemEvent(String msgFormat) {
@@ -69,12 +69,12 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Constructs a SystemEvent message with a parameter. For example,
-     * 
+     *
      * 
      * new SystemEvent("failed to load {0}", fileName);
      * 

      * 

-     * 
+     *
      * @param msgFormat Details in message string format.
      * @param param Message string parameter.
      */
@@ -88,7 +88,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Constructs a SystemEvent message from an exception. It can be used to carry
      * a system exception that may contain information about
      * the context. For example,
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -97,7 +97,7 @@ public class SystemEvent implements IBundleLogEvent {
      *      }
      * 

      * 

-     * 
+     *
      * @param msgFormat Exception details in message string format.
      * @param exception System exception.
      */
@@ -110,7 +110,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Constructs a SystemEvent message from a base exception. This will use the msgFormat
      * from the exception itself.
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -119,7 +119,7 @@ public class SystemEvent implements IBundleLogEvent {
      *      }
      * 

      * 

-     * 
+     *
      * @param e CMS exception.
      */
     public SystemEvent(Exception e) {
@@ -136,7 +136,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Constructs a SystemEvent message event with a list of parameters
      * that will be substituted into the message format.
      * 

-     * 
+     *
      * @param msgFormat Message string format.
      * @param params List of message format parameters.
      */
@@ -148,7 +148,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Returns the current message format string.
      * 

-     * 
+     *
      * @return Details message.
      */
     public String getMessage() {
@@ -159,7 +159,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Returns a list of parameters. These parameters can be
      * used to assist in formatting the message.
      * 

-     * 
+     *
      * @return List of message format parameters.
      */
     public Object[] getParameters() {
@@ -170,7 +170,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Returns localized message string. This method should
      * only be called if a localized string is necessary.
      * 

-     * 
+     *
      * @return Details message.
      */
     public String toContent() {
@@ -180,7 +180,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Returns the string based on the given locale.
      * 

-     * 
+     *
      * @param locale Locale.
      * @return Details message.
      */
@@ -193,7 +193,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Sets the resource bundle name for this class instance. This should
      * be overridden by subclasses who have their own resource bundles.
-     * 
+     *
      * @param bundle String with the name of resource bundle.
      */
     public void setBundleName(String bundle) {
@@ -202,7 +202,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves bundle name.
-     * 
+     *
      * @return String with name of resource bundle.
      */
     protected String getBundleName() {
@@ -213,7 +213,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Retrieves log source.
      * This is an id of the subsystem responsible
      * for creating the log event.
-     * 
+     *
      * @return Integer source id.
      */
     public int getSource() {
@@ -223,7 +223,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Sets log source.
      * Sets the id of the subsystem issuing the event.
-     * 
+     *
      * @param source Integer source id.
      */
     public void setSource(int source) {
@@ -234,7 +234,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Retrieves log level.
      * The log level of an event represents its relative importance
      * or severity within CMS.
-     * 
+     *
      * @return Integer log level value.
      */
     public int getLevel() {
@@ -243,7 +243,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves NT specific log event type.
-     * 
+     *
      * @return Integer NTEventType value.
      */
     public int getNTEventType() {
@@ -254,7 +254,7 @@ public class SystemEvent implements IBundleLogEvent {
      * Sets log level, NT log event type.
      * For certain log levels the NT log event type gets
      * set as well.
-     * 
+     *
      * @param level Integer log level value.
      */
     public void setLevel(int level) {
@@ -285,7 +285,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves log multiline attribute.
-     * 
+     *
      * @return Boolean whether or not this event is multiline.
      *         A multiline message simply consists of more than one line.
      */
@@ -296,7 +296,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Sets log multiline attribute. A multiline message consists of
      * more than one line.
-     * 
+     *
      * @param multiline Boolean multiline value.
      */
     public void setMultiline(boolean multiline) {
@@ -305,7 +305,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves event time stamp.
-     * 
+     *
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp() {
@@ -315,7 +315,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Retrieves log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @return String containing the type of event.
      */
     public String getEventType() {
@@ -325,7 +325,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Sets log event type. Each type of event
      * has an associated String type value.
-     * 
+     *
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType) {
@@ -334,7 +334,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Return string representation of log message.
-     * 
+     *
      * @return String containing log message.
      */
     public String toString() {
diff --git a/base/common/src/com/netscape/certsrv/notification/ENotificationException.java b/base/common/src/com/netscape/certsrv/notification/ENotificationException.java
index fffc8edeb..096d6e3a5 100644
--- a/base/common/src/com/netscape/certsrv/notification/ENotificationException.java
+++ b/base/common/src/com/netscape/certsrv/notification/ENotificationException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a notification exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ENotificationException extends EBaseException {
diff --git a/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java b/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java
index 40114bd1e..74d29ecde 100644
--- a/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java
+++ b/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java
@@ -25,7 +25,7 @@ import java.util.Vector;
  * '$' is used preceeding a token name. A token name should not be a
  * substring of any other token name
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IEmailFormProcessor {
diff --git a/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java b/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java
index 39e5bed37..c16307127 100644
--- a/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java
+++ b/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.EBaseException;
  * An email resolver that first checks the request email, if none,
  * then follows by checking the subjectDN of the certificate
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IEmailResolver {
@@ -31,7 +31,7 @@ public interface IEmailResolver {
     /**
      * returns an email address by using the resolver keys. The
      * return value can possibly be null
-     * 
+     *
      * @param keys list of keys used for resolving the email address
      */
     public String getEmail(IEmailResolverKeys keys)
diff --git a/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java b/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java
index 1363a9e09..f74d9d6e6 100644
--- a/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java
+++ b/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IAttrSet;
  * emails
  * e.g. request/cert, cert/request, request, request/cert/subjectalternatename etc.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IEmailResolverKeys extends IAttrSet {
diff --git a/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java b/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java
index cbdea8436..dac8b9ab9 100644
--- a/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java
+++ b/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.notification;
 /**
  * Files to be processed and returned to the requested parties. It
  * is a template with $tokens to be used by the form/template processor.
- * 
+ *
  * @version $Revision$, $Date$
  */
 
diff --git a/base/common/src/com/netscape/certsrv/notification/IMailNotification.java b/base/common/src/com/netscape/certsrv/notification/IMailNotification.java
index 356a6bba3..bc4664886 100644
--- a/base/common/src/com/netscape/certsrv/notification/IMailNotification.java
+++ b/base/common/src/com/netscape/certsrv/notification/IMailNotification.java
@@ -25,7 +25,7 @@ import java.util.Vector;
  * This class uses smtp.host in the configuration for smtp
  * host. The port default (25) is used. If no smtp specified, local
  * host is used
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IMailNotification {
@@ -37,42 +37,42 @@ public interface IMailNotification {
 
     /**
      * sets the "From" field
-     * 
+     *
      * @param from email address of the sender
      */
     public void setFrom(String from);
 
     /**
      * sets the "Subject" field
-     * 
+     *
      * @param subject subject of the email
      */
     public void setSubject(String subject);
 
     /**
      * sets the "Content-Type" field
-     * 
+     *
      * @param contentType content type of the email
      */
     public void setContentType(String contentType);
 
     /**
      * sets the content of the email
-     * 
+     *
      * @param content the message content
      */
     public void setContent(String content);
 
     /**
      * sets the recipients' email addresses
-     * 
+     *
      * @param addresses a list of email addresses of the recipients
      */
     public void setTo(Vector addresses);
 
     /**
      * sets the recipient's email address
-     * 
+     *
      * @param to address of the recipient email address
      */
     public void setTo(String to);
diff --git a/base/common/src/com/netscape/certsrv/notification/NotificationResources.java b/base/common/src/com/netscape/certsrv/notification/NotificationResources.java
index b81443999..07ceebd0b 100644
--- a/base/common/src/com/netscape/certsrv/notification/NotificationResources.java
+++ b/base/common/src/com/netscape/certsrv/notification/NotificationResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the
  * Mail Notification package
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NotificationResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java b/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java
index ee4c76a08..76ece7510 100644
--- a/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java
+++ b/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java
@@ -30,14 +30,14 @@ import com.netscape.certsrv.dbs.repository.IRepositoryRecord;
  * This class defines an Online Certificate Status Protocol (OCSP) store which
  * has been extended to provide information from the internal database.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDefStore extends IOCSPStore {
     /**
      * This method retrieves the number of CRL updates since startup.
      * 

-     * 
+     *
      * @return count the number of OCSP default stores
      */
     public int getStateCount();
@@ -45,7 +45,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method retrieves the number of OCSP requests since startup.
      * 

-     * 
+     *
      * @param id a string associated with an OCSP request
      * @return count the number of this type of OCSP requests
      */
@@ -54,7 +54,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method creates a an OCSP default store repository record.
      * 

-     * 
+     *
      * @return IRepositoryRecord an instance of the repository record object
      */
     public IRepositoryRecord createRepositoryRecord();
@@ -62,7 +62,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method adds a request to the default OCSP store repository.
      * 

-     * 
+     *
      * @param name a string representing the name of this request
      * @param thisUpdate the current request
      * @param rec an instance of the repository record object
@@ -77,7 +77,7 @@ public interface IDefStore extends IOCSPStore {
      * This method specifies whether or not to wait for the Certificate
      * Revocation List (CRL) to be updated.
      * 

-     * 
+     *
      * @return boolean true or false
      */
     public boolean waitOnCRLUpdate();
@@ -85,7 +85,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method updates the specified CRL.
      * 

-     * 
+     *
      * @param crl the CRL to be updated
      * @exception EBaseException occurs when the CRL cannot be updated
      */
@@ -94,7 +94,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method attempts to read the CRL issuing point.
      * 

-     * 
+     *
      * @param name the name of the CRL to be read
      * @return ICRLIssuingPointRecord the CRL issuing point
      * @exception EBaseException occurs when the specified CRL cannot be located
@@ -105,7 +105,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method searches all CRL issuing points.
      * 

-     * 
+     *
      * @param maxSize specifies the largest number of hits from the search
      * @return Enumeration a list of the CRL issuing points
      * @exception EBaseException occurs when no CRL issuing point exists
@@ -118,7 +118,7 @@ public interface IDefStore extends IOCSPStore {
      * This method searches all CRL issuing points constrained by the specified
      * filtering mechanism.
      * 

-     * 
+     *
      * @param filter a string which constrains the search
      * @param maxSize specifies the largest number of hits from the search
      * @return Enumeration a list of the CRL issuing points
@@ -131,7 +131,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method creates a CRL issuing point record.
      * 

-     * 
+     *
      * @param name a string representation of this CRL issuing point record
      * @param crlNumber the number of this CRL issuing point record
      * @param crlSize the size of this CRL issuing point record
@@ -146,7 +146,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method adds a CRL issuing point
      * 

-     * 
+     *
      * @param name a string representation of this CRL issuing point record
      * @param rec this CRL issuing point record
      * @exception EBaseException occurs when the specified CRL issuing point
@@ -158,7 +158,7 @@ public interface IDefStore extends IOCSPStore {
     /**
      * This method deletes a CRL issuing point record
      * 

-     * 
+     *
      * @param id a string representation of this CRL issuing point record
      * @exception EBaseException occurs when the specified CRL issuing point
      *                record cannot be deleted
@@ -170,7 +170,7 @@ public interface IDefStore extends IOCSPStore {
      * This method checks to see if the OCSP response should return good
      * when the certificate is not found.
      * 

-     * 
+     *
      * @return boolean true or false
      */
     public boolean isNotFoundGood();
diff --git a/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java b/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java
index 0219d357d..6164b4917 100644
--- a/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java
+++ b/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java
@@ -33,7 +33,7 @@ import com.netscape.cmsutil.ocsp.ResponseData;
  * This class represents the primary interface for the Online Certificate
  * Status Protocol (OCSP) server.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IOCSPAuthority extends ISubsystem {
@@ -50,7 +50,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves the OCSP store given its name.
      * 

-     * 
+     *
      * @param id the string representation of an OCSP store
      * @return IOCSPStore an instance of an OCSP store object
      */
@@ -59,7 +59,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves the signing unit.
      * 

-     * 
+     *
      * @return ISigningUnit an instance of a signing unit object
      */
     public ISigningUnit getSigningUnit();
@@ -67,7 +67,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves the responder ID by its name.
      * 

-     * 
+     *
      * @return ResponderID an instance of a responder ID
      */
     public ResponderID getResponderIDByName();
@@ -75,7 +75,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves the responder ID by its hash.
      * 

-     * 
+     *
      * @return ResponderID an instance of a responder ID
      */
     public ResponderID getResponderIDByHash();
@@ -84,7 +84,7 @@ public interface IOCSPAuthority extends ISubsystem {
      * This method retrieves the default OCSP store
      * (i. e. - information from the internal database).
      * 

-     * 
+     *
      * @return IDefStore an instance of the default OCSP store
      */
     public IDefStore getDefaultStore();
@@ -92,7 +92,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method sets the supplied algorithm as the default signing algorithm.
      * 

-     * 
+     *
      * @param algorithm a string representing the requested algorithm
      * @exception EBaseException if the algorithm is unknown or disallowed
      */
@@ -102,7 +102,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves the default signing algorithm.
      * 

-     * 
+     *
      * @return String the name of the default signing algorithm
      */
     public String getDefaultAlgorithm();
@@ -110,7 +110,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves all potential OCSP signing algorithms.
      * 

-     * 
+     *
      * @return String[] the names of all potential OCSP signing algorithms
      */
     public String[] getOCSPSigningAlgorithms();
@@ -118,7 +118,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method logs the specified message at the specified level.
      * 

-     * 
+     *
      * @param level the log level
      * @param msg the log message
      */
@@ -128,7 +128,7 @@ public interface IOCSPAuthority extends ISubsystem {
      * This method logs the specified message at the specified level given
      * the specified event.
      * 

-     * 
+     *
      * @param event the log event
      * @param level the log message
      * @param msg the log message
@@ -138,7 +138,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves the X500Name of an OCSP server instance.
      * 

-     * 
+     *
      * @return X500Name an instance of the X500 name object
      */
     public X500Name getName();
@@ -146,7 +146,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method retrieves an OCSP server instance digest name as a string.
      * 

-     * 
+     *
      * @param alg the signing algorithm
      * @return String the digest name of the related OCSP server
      */
@@ -155,7 +155,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method signs the basic OCSP response data provided as a parameter.
      * 

-     * 
+     *
      * @param rd response data
      * @return BasicOCSPResponse signed response data
      * @exception EBaseException error associated with an inability to sign
@@ -167,7 +167,7 @@ public interface IOCSPAuthority extends ISubsystem {
     /**
      * This method compares two byte arrays to see if they are equivalent.
      * 

-     * 
+     *
      * @param bytes the first byte array
      * @param ints the second byte array
      * @return boolean true or false
diff --git a/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java b/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java
index 574289c29..b379ba42c 100644
--- a/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java
+++ b/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java
@@ -24,7 +24,7 @@ import com.netscape.cmsutil.ocsp.OCSPResponse;
 /**
  * This class represents the servlet that serves the Online Certificate
  * Status Protocol (OCSP) requests.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface IOCSPService {
@@ -32,7 +32,7 @@ public interface IOCSPService {
      * This method validates the information associated with the specified
      * OCSP request and returns an OCSP response.
      * 

-     * 
+     *
      * @param r an OCSP request
      * @return OCSPResponse the OCSP response associated with the specified
      *         OCSP request
@@ -44,7 +44,7 @@ public interface IOCSPService {
 
     /**
      * Returns the in-memory count of the processed OCSP requests.
-     * 
+     *
      * @return number of processed OCSP requests in memory
      */
     public long getNumOCSPRequest();
@@ -52,7 +52,7 @@ public interface IOCSPService {
     /**
      * Returns the in-memory time (in mini-second) of
      * the processed time for OCSP requests.
-     * 
+     *
      * @return processed times for OCSP requests
      */
     public long getOCSPRequestTotalTime();
@@ -60,7 +60,7 @@ public interface IOCSPService {
     /**
      * Returns the in-memory time (in mini-second) of
      * the signing time for OCSP requests.
-     * 
+     *
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalSignTime();
@@ -70,7 +70,7 @@ public interface IOCSPService {
     /**
      * Returns the total data signed
      * for OCSP requests.
-     * 
+     *
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalData();
diff --git a/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java b/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java
index 676122105..b94038473 100644
--- a/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java
+++ b/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java
@@ -31,7 +31,7 @@ import com.netscape.cmsutil.ocsp.OCSPResponse;
  * would merely create a new class that extends this class (e. g. -
  * "public interface ICorporateLDAPStore extends IOCSPStore").
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IOCSPStore extends ISubsystem {
@@ -39,7 +39,7 @@ public interface IOCSPStore extends ISubsystem {
      * This method validates the information associated with the specified
      * OCSP request and returns an OCSP response.
      * 

-     * 
+     *
      * @param req an OCSP request
      * @return OCSPResponse the OCSP response associated with the specified
      *         OCSP request
@@ -53,7 +53,7 @@ public interface IOCSPStore extends ISubsystem {
      * This method retrieves the configuration parameters associated with this
      * OCSP store.
      * 

-     * 
+     *
      * @return NameValuePairs all configuration items
      */
     public NameValuePairs getConfigParameters();
@@ -62,7 +62,7 @@ public interface IOCSPStore extends ISubsystem {
      * This method stores the configuration parameters specified by the
      * passed-in Name Value pairs object.
      * 

-     * 
+     *
      * @param pairs a name-value pair object
      * @exception EBaseException an illegal name-value pair
      */
diff --git a/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java b/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java
index 3dc028ffb..6b2459759 100644
--- a/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java
+++ b/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.PasswordResources;
 /**
  * A class represents a password checker exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EPasswordCheckException extends EBaseException {
@@ -40,7 +40,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception
      * 

-     * 
+     *
      * @param msgFormat exception details
      */
     public EPasswordCheckException(String msgFormat) {
@@ -50,7 +50,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -61,7 +61,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -72,7 +72,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception.
      * 

-     * 
+     *
      * @param msgFormat the message format.
      * @param params list of message format parameters
      */
@@ -82,7 +82,7 @@ public class EPasswordCheckException extends EBaseException {
 
     /**
      * Retrieves bundle name.
-     * 
+     *
      * @return resource bundle name.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java b/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java
index 8b23fa513..208f644d7 100644
--- a/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java
+++ b/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java
@@ -20,14 +20,14 @@ package com.netscape.certsrv.password;
 /**
  * Configuration Wizard Password quality checker interface.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConfigPasswordCheck {
 
     /**
      * Check if the password meets the quality requirement
-     * 
+     *
      * @param pwd the given password
      * @return true if the password meets the quality requirement; otherwise false
      */
@@ -35,7 +35,7 @@ public interface IConfigPasswordCheck {
 
     /**
      * Returns a reason if the password doesnt meet the quality requirement.
-     * 
+     *
      * @param pwd the given password
      * @return a reason if the password quality requirement is not met.
      */
diff --git a/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java b/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java
index d885d3fce..642cf6fc3 100644
--- a/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java
+++ b/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java
@@ -20,14 +20,14 @@ package com.netscape.certsrv.password;
 /**
  * Password quality checker interface.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPasswordCheck {
 
     /**
      * Check if the password meets the quality requirement
-     * 
+     *
      * @param pwd the given password
      * @return true if the password meets the quality requirement; otherwise false
      */
@@ -35,7 +35,7 @@ public interface IPasswordCheck {
 
     /**
      * Returns a reason if the password doesnt meet the quality requirement.
-     * 
+     *
      * @param pwd the given password
      * @return a reason if the password quality requirement is not met.
      */
diff --git a/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java b/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java
index 5f73fc257..036840633 100644
--- a/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java
+++ b/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IAttrSet;
 /**
  * This class represents a collection of attribute
  * sets.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AttrSetCollection extends Hashtable {
@@ -43,7 +43,7 @@ public class AttrSetCollection extends Hashtable {
 
     /**
      * Retrieves a attribute set from this collection.
-     * 
+     *
      * @param name name of the attribute set
      * @return attribute set
      */
@@ -53,7 +53,7 @@ public class AttrSetCollection extends Hashtable {
 
     /**
      * Sets attribute set in this collection.
-     * 
+     *
      * @param name set of the attribute set
      * @param set attribute set
      */
diff --git a/base/common/src/com/netscape/certsrv/pattern/Pattern.java b/base/common/src/com/netscape/certsrv/pattern/Pattern.java
index bce3a426b..3d33bcae8 100644
--- a/base/common/src/com/netscape/certsrv/pattern/Pattern.java
+++ b/base/common/src/com/netscape/certsrv/pattern/Pattern.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.base.IAttrSet;
  * 

  * $request.requestor_email$ $ctx.user_id$
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Pattern {
@@ -41,7 +41,7 @@ public class Pattern {
 
     /**
      * Constructs a pattern object with the given string.
-     * 
+     *
      * @param s string with pattern (i.e. $request.requestor_email$)
      */
     public Pattern(String s) {
@@ -50,7 +50,7 @@ public class Pattern {
 
     /**
      * Subtitutes this pattern with the given attribute set.
-     * 
+     *
      * @param key key name of the given attribute set
      * @param attrSet attribute set
      * @return substituted string
@@ -61,7 +61,7 @@ public class Pattern {
 
     /**
      * Subtitutes this pattern with the given attribute set.
-     * 
+     *
      * @param attrSetCollection attribute set collection
      * @return substituted string
      */
@@ -82,7 +82,7 @@ public class Pattern {
 
     /**
      * Subtitutes this pattern with the given attribute set.
-     * 
+     *
      * This is an extended version of the substitute() method.
      * It takes a more flexible pattern format that could have
      * non-token ($...$) format. e.g.
@@ -90,7 +90,7 @@ public class Pattern {
      * where "@redhat.com" is not in token pattern format, and will be
      * literally put in place. e.g.
      * TomRiddle@redhat.com
-     * 
+     *
      * @param key key name of the given attribute set
      * @param attrSet attribute set
      * @return substituted string
diff --git a/base/common/src/com/netscape/certsrv/policy/EPolicyException.java b/base/common/src/com/netscape/certsrv/policy/EPolicyException.java
index f32f4f64f..c4de0e726 100644
--- a/base/common/src/com/netscape/certsrv/policy/EPolicyException.java
+++ b/base/common/src/com/netscape/certsrv/policy/EPolicyException.java
@@ -26,15 +26,15 @@ import com.netscape.certsrv.base.MessageFormatter;
  * This class represents Exceptions used by the policy package.
  * The policies themselves do not raise exceptions but use them
  * to format error messages.
- * 
+ *
  * Adapted from EBasException
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
@@ -53,7 +53,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Constructs a base exception.
      * 

-     * 
+     *
      * @param msgFormat exception details
      */
     public EPolicyException(String msgFormat) {
@@ -63,12 +63,12 @@ public class EPolicyException extends EBaseException {
 
     /**
      * Constructs a base exception with a parameter. For example,
-     * 
+     *
      * 
      * new EPolicyException("failed to load {0}", fileName);
      * 

      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -81,7 +81,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Constructs a base exception with two String parameters. For example,
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param1 message string parameter
      * @param param2 message string parameter
@@ -97,7 +97,7 @@ public class EPolicyException extends EBaseException {
      * Constructs a base exception. It can be used to carry
      * a system exception that may contain information about
      * the context. For example,
-     * 
+     *
      * 
      * 		try {
      *  		...
@@ -106,7 +106,7 @@ public class EPolicyException extends EBaseException {
      *      }
      * 

      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param system exception
      */
@@ -120,7 +120,7 @@ public class EPolicyException extends EBaseException {
      * Constructs a base exception with a list of parameters
      * that will be substituted into the message format.
      * 

-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param params list of message format parameters
      */
@@ -132,7 +132,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Returns a list of parameters.
      * 

-     * 
+     *
      * @return list of message format parameters
      */
     public Object[] getParameters() {
@@ -143,7 +143,7 @@ public class EPolicyException extends EBaseException {
      * Returns localized exception string. This method should
      * only be called if a localized string is necessary.
      * 

-     * 
+     *
      * @return details message
      */
     public String toString() {
@@ -153,7 +153,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Returns the string based on the given locale.
      * 

-     * 
+     *
      * @param locale locale
      * @return details message
      */
diff --git a/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java b/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java
index 7c789932a..96da142ba 100644
--- a/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java
+++ b/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java
@@ -22,12 +22,12 @@ package com.netscape.certsrv.policy;
  * typing for rules so that a policy processor can group rules
  * based on a particular type.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/policy/IExpression.java b/base/common/src/com/netscape/certsrv/policy/IExpression.java
index 4075e8683..9bfe34611 100644
--- a/base/common/src/com/netscape/certsrv/policy/IExpression.java
+++ b/base/common/src/com/netscape/certsrv/policy/IExpression.java
@@ -22,12 +22,12 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * Interface for a policy expression.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -47,7 +47,7 @@ public interface IExpression {
 
     /**
      * Evaluate the Expression.
-     * 
+     *
      * @param req The PKIRequest on which we are applying the condition.
      * @return The return value.
      */
diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java
index 78ec31198..1e8a66666 100644
--- a/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java
+++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java
@@ -25,12 +25,12 @@ import netscape.security.x509.GeneralName;
  * Class that can be used to form general names from configuration file.
  * Used by policies and extension commands.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -38,14 +38,14 @@ public interface IGeneralNameAsConstraintsConfig {
 
     /**
      * Retrieves instance parameters.
-     * 
+     *
      * @param params parameters
      */
     public void getInstanceParams(Vector params);
 
     /**
      * Retrieves the general name.
-     * 
+     *
      * @return general name
      */
     public GeneralName getGeneralName();
diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java
index 193269bbd..f4f7362cc 100644
--- a/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java
+++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java
@@ -27,12 +27,12 @@ import com.netscape.certsrv.base.EBaseException;
  * Class that can be used to form general names from configuration file.
  * Used by policies and extension commands.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -40,7 +40,7 @@ public interface IGeneralNameConfig {
 
     /**
      * Forms a general name from string.
-     * 
+     *
      * @param value general name in string
      * @return general name object
      * @exception EBaseException failed to form general name
@@ -50,7 +50,7 @@ public interface IGeneralNameConfig {
 
     /**
      * Forms general names from the given value.
-     * 
+     *
      * @param value general name in string
      * @return a vector of general names
      * @exception EBaseException failed to form general name
@@ -60,7 +60,7 @@ public interface IGeneralNameConfig {
 
     /**
      * Retrieves the instance parameters.
-     * 
+     *
      * @param params parameters
      */
     public void getInstanceParams(Vector params);
diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java
index 102b25ccd..125a88511 100644
--- a/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java
+++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java
@@ -21,12 +21,12 @@ package com.netscape.certsrv.policy;
  * Class that can be used to form general names from configuration file.
  * Used by policies and extension commands.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java
index aeb7867e3..c3a35f913 100644
--- a/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java
+++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java
@@ -25,12 +25,12 @@ import netscape.security.x509.GeneralNames;
  * Class that can be used to form general names from configuration file.
  * Used by policies and extension commands.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -38,14 +38,14 @@ public interface IGeneralNamesAsConstraintsConfig {
 
     /**
      * Retrieves a list of configured general names.
-     * 
+     *
      * @return a list of general names
      */
     public GeneralNames getGeneralNames();
 
     /**
      * Retrieves instance parameters.
-     * 
+     *
      * @param params instance parameters
      */
     public void getInstanceParams(Vector params);
diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java
index 2074b9d19..e799195db 100644
--- a/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java
+++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java
@@ -25,12 +25,12 @@ import netscape.security.x509.GeneralNames;
  * Class that can be used to form general names from configuration file.
  * Used by policies and extension commands.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -38,14 +38,14 @@ public interface IGeneralNamesConfig {
 
     /**
      * Retrieves a list of configured general names.
-     * 
+     *
      * @return general names
      */
     public GeneralNames getGeneralNames();
 
     /**
      * Retrieves the instance parameters.
-     * 
+     *
      * @param params instance parameters
      */
     public void getInstanceParams(Vector params);
diff --git a/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java b/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java
index 14a29256f..bdf8e12e5 100644
--- a/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java
+++ b/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java
@@ -20,12 +20,12 @@ package com.netscape.certsrv.policy;
 /**
  * Interface for a key recovery policy rule.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java b/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java
index 6de615673..42d3e38e1 100644
--- a/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java
+++ b/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java
@@ -20,12 +20,12 @@ package com.netscape.certsrv.policy;
 /**
  * Interface for a key recovery policy rule.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java b/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java
index 0992beaeb..f56de9811 100644
--- a/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java
+++ b/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java
@@ -20,12 +20,12 @@ package com.netscape.certsrv.policy;
 /**
  * Interface for policy predicate parsers.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -33,7 +33,7 @@ public interface IPolicyPredicateParser {
 
     /**
      * Parse the predicate expression and return a vector of expressions.
-     * 
+     *
      * @param predicateExpression The predicate expression as read from the
      *            config file.
      * @return expVector The vector of expressions.
diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java b/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java
index 11927a03f..5ee591e86 100644
--- a/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java
+++ b/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java
@@ -30,16 +30,16 @@ import com.netscape.certsrv.base.ISubsystem;
  * which makes sense because a processor may be based on some rule
  * such as evaluate all policies before returning the final result or
  * return as soon as one of the policies return a failure and so on.
- * 
+ *
  * By making both processor and policy rules implement a common
  * interface, one can write rules that are processors as well.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -60,14 +60,14 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns the policy substore id.
-     * 
+     *
      * @return storeID The policy store id used by this processor.
      */
     String getPolicySubstoreId();
 
     /**
      * Returns information on Policy impls.
-     * 
+     *
      * @return An enumeration of strings describing the information
      *         about policy implementations. Currently only the
      *         the implementation id is expected.
@@ -76,7 +76,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns the rule implementations registered with this processor.
-     * 
+     *
      * @return An Enumeration of uninitialized IPolicyRule
      *         objects.
      */
@@ -84,7 +84,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns an implementation identified by a given id.
-     * 
+     *
      * @param id The implementation id.
      * @return The uninitialized instance of the policy rule.
      */
@@ -92,7 +92,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns configuration for an implmentation.
-     * 
+     *
      * @param id The implementation id.
      * @return A vector of name/value pairs in the form of
      *         name=value.
@@ -101,8 +101,8 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Deletes a policy implementation identified by an impl id.
-     * 
-     * 
+     *
+     *
      * @param id The impl id of the policy to be deleted.
      *            There shouldn't be any active instance for this
      *            implementation.
@@ -113,7 +113,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Adds a policy implementation identified by an impl id.
-     * 
+     *
      * @param id The impl id of the policy to be added.
      *            The id should be unique.
      * @param classPath The fully qualified path for the implementation.
@@ -124,7 +124,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns information on Policy instances.
-     * 
+     *
      * @return An Enumeration of Strings describing the information
      *         about policy rule instances.
      */
@@ -132,14 +132,14 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns policy instances registered with this processor.
-     * 
+     *
      * @return An Enumeration of policy instances.
      */
     Enumeration getPolicyInstances();
 
     /**
      * Returns instance configuration for a given instance id.
-     * 
+     *
      * @param id The rule id.
      * @return A vector of name/value pairs in the form of
      *         name=value.
@@ -148,7 +148,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns instance configuration for a given instance id.
-     * 
+     *
      * @param id The rule id.
      * @return the policy instance identified by the id.
      */
@@ -156,7 +156,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Deletes a policy instance identified by an instance id.
-     * 
+     *
      * @param id The instance id of the policy to be deleted.
      * @exception EBaseException is thrown if an error occurs in deletion.
      */
@@ -165,7 +165,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Adds a policy instance
-     * 
+     *
      * @param id The impl id of the policy to be added.
      *            The id should be unique.
      * @param ht a Hashtable of config params.
@@ -176,7 +176,7 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Modifies a policy instance
-     * 
+     *
      * @param id The impl id of the policy to be modified.
      *            The policy instance with this id should be present.
      * @param ht a Hashtable of config params.
@@ -187,9 +187,9 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Modifies policy ordering.
-     * 
+     *
      * @param policyOrderStr The comma separated list of instance ids.
-     * 
+     *
      */
     void changePolicyInstanceOrdering(String policyOrderStr)
             throws EBaseException;
diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java b/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java
index 7f7f888f6..601369813 100644
--- a/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java
+++ b/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java
@@ -28,12 +28,12 @@ import com.netscape.certsrv.request.PolicyResult;
 /**
  * Interface for a policy rule.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -46,7 +46,7 @@ public interface IPolicyRule
     /**
      * Initializes the policy rule.
      * 

-     * 
+     *
      * @param config The config store reference
      */
     void init(ISubsystem owner, IConfigStore config)
@@ -55,7 +55,7 @@ public interface IPolicyRule
     /**
      * Gets the description for this policy rule.
      * 

-     * 
+     *
      * @return The Description for this rule.
      */
     String getDescription();
@@ -63,7 +63,7 @@ public interface IPolicyRule
     /**
      * Returns the name of the policy rule class.
      * 

-     * 
+     *
      * @return The name of the policy class.
      */
     String getName();
@@ -71,17 +71,17 @@ public interface IPolicyRule
     /**
      * Returns the name of the policy rule instance.
      * 

-     * 
+     *
      * @return The name of the policy rule instance. If none
      *         is set the name of the implementation will be returned.
-     * 
+     *
      */
     String getInstanceName();
 
     /**
      * Sets a predicate expression for rule matching.
      * 

-     * 
+     *
      * @param exp The predicate expression for the rule.
      */
     void setPredicate(IExpression exp);
@@ -89,7 +89,7 @@ public interface IPolicyRule
     /**
      * Returns the predicate expression for the rule.
      * 

-     * 
+     *
      * @return The predicate expression for the rule.
      */
     IExpression getPredicate();
@@ -98,7 +98,7 @@ public interface IPolicyRule
      * Applies the policy on the given Request. This may modify
      * the request appropriately.
      * 

-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The PolicyResult object.
      */
@@ -106,7 +106,7 @@ public interface IPolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs. Each name/value
      *         pair is constructed as a String in name=value format.
      */
@@ -114,7 +114,7 @@ public interface IPolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs. Each name/value
      *         pair is constructed as a String in name=value.
      */
diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicySet.java b/base/common/src/com/netscape/certsrv/policy/IPolicySet.java
index a9fb6a2d2..5170153ff 100644
--- a/base/common/src/com/netscape/certsrv/policy/IPolicySet.java
+++ b/base/common/src/com/netscape/certsrv/policy/IPolicySet.java
@@ -32,12 +32,12 @@ import com.netscape.certsrv.request.PolicyResult;
  * them in increasing order of priority and presenting an ordered vector of rules
  * via the IPolicySet interface.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -46,7 +46,7 @@ public interface IPolicySet {
     /**
      * Returns the name of the rule set.
      * 

-     * 
+     *
      * @return The name of the rule set.
      */
     String getName();
@@ -54,7 +54,7 @@ public interface IPolicySet {
     /**
      * Returns the no of rules in a set.
      * 

-     * 
+     *
      * @return the no of rules.
      */
     int count();
@@ -62,7 +62,7 @@ public interface IPolicySet {
     /**
      * Add a policy rule.
      * 

-     * 
+     *
      * @param ruleName The name of the rule to be added.
      * @param rule The rule to be added.
      */
@@ -70,7 +70,7 @@ public interface IPolicySet {
 
     /**
      * Removes a policy rule identified by the given name.
-     * 
+     *
      * @param ruleName The name of the rule to be removed.
      */
     void removeRule(String ruleName);
@@ -78,7 +78,7 @@ public interface IPolicySet {
     /**
      * Returns the rule identified by a given name.
      * 

-     * 
+     *
      * @param ruleName The name of the rule to be return.
      * @return The rule identified by the given name or null if none exists.
      */
@@ -87,7 +87,7 @@ public interface IPolicySet {
     /**
      * Returns an enumeration of rules.
      * 

-     * 
+     *
      * @return An enumeration of rules.
      */
     Enumeration getRules();
@@ -95,9 +95,9 @@ public interface IPolicySet {
     /**
      * Apply policy rules on a request. This call may modify
      * the request content.
-     * 
+     *
      * @param req The request to apply policies on.
-     * 
+     *
      *            

      * @return The policy result.
      */
diff --git a/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java b/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java
index 28f56fe73..6f47ff6d9 100644
--- a/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java
+++ b/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java
@@ -20,12 +20,12 @@ package com.netscape.certsrv.policy;
 /**
  * Interface for a renewal policy rule.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java b/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java
index 7e6084c76..d573c4bd2 100644
--- a/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java
+++ b/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java
@@ -20,12 +20,12 @@ package com.netscape.certsrv.policy;
 /**
  * Interface for a revocation policy rule.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java b/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java
index 0fee01be2..be6e5f214 100644
--- a/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java
+++ b/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java
@@ -21,12 +21,12 @@ package com.netscape.certsrv.policy;
  * Class that can be used to form general names from configuration file.
  * Used by policies and extension commands.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -34,14 +34,14 @@ public interface ISubjAltNameConfig extends IGeneralNameConfig {
 
     /**
      * Retrieves configuration prefix.
-     * 
+     *
      * @return prefix
      */
     public String getPfx();
 
     /**
      * Retrieves configuration attribute.
-     * 
+     *
      * @return attribute
      */
     public String getAttr();
diff --git a/base/common/src/com/netscape/certsrv/policy/PolicyResources.java b/base/common/src/com/netscape/certsrv/policy/PolicyResources.java
index d330b719f..acaf6d92b 100644
--- a/base/common/src/com/netscape/certsrv/policy/PolicyResources.java
+++ b/base/common/src/com/netscape/certsrv/policy/PolicyResources.java
@@ -22,12 +22,12 @@ import java.util.ListResourceBundle;
 /**
  * Error messages for Policies.
  * 

- * 
+ *
  * 
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 

  * 

- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
diff --git a/base/common/src/com/netscape/certsrv/profile/EDeferException.java b/base/common/src/com/netscape/certsrv/profile/EDeferException.java
index c92630b97..f3f4e5c1a 100644
--- a/base/common/src/com/netscape/certsrv/profile/EDeferException.java
+++ b/base/common/src/com/netscape/certsrv/profile/EDeferException.java
@@ -24,7 +24,7 @@ package com.netscape.certsrv.profile;
  * 

  * A deferred request will not be processed immediately. Manual approval is required for processing the request again.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EDeferException extends EProfileException {
@@ -36,7 +36,7 @@ public class EDeferException extends EProfileException {
 
     /**
      * Creates a defer exception.
-     * 
+     *
      * @param msg localized message that will be
      *            displayed to end user. This message
      *            should indicate the reason why a request
diff --git a/base/common/src/com/netscape/certsrv/profile/EProfileException.java b/base/common/src/com/netscape/certsrv/profile/EProfileException.java
index 37f968a67..0363139cb 100644
--- a/base/common/src/com/netscape/certsrv/profile/EProfileException.java
+++ b/base/common/src/com/netscape/certsrv/profile/EProfileException.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.EBaseException;
  * 

  * This is the base class for all profile-specific exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EProfileException extends EBaseException {
@@ -36,7 +36,7 @@ public class EProfileException extends EBaseException {
 
     /**
      * Creates a profile exception.
-     * 
+     *
      * @param msg additional message for the handler
      *            of the exception. The message may
      *            or may not be localized.
diff --git a/base/common/src/com/netscape/certsrv/profile/ERejectException.java b/base/common/src/com/netscape/certsrv/profile/ERejectException.java
index 59b35bcdb..cceeb12ab 100644
--- a/base/common/src/com/netscape/certsrv/profile/ERejectException.java
+++ b/base/common/src/com/netscape/certsrv/profile/ERejectException.java
@@ -23,7 +23,7 @@ package com.netscape.certsrv.profile;
  * 

  * A rejected request cannot be reprocessed. Rejected request is considered as a request in its terminal state.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ERejectException extends EProfileException {
@@ -35,7 +35,7 @@ public class ERejectException extends EProfileException {
 
     /**
      * Creates a rejection exception.
-     * 
+     *
      * @param msg localized message that indicates
      *            the reason why a request is
      *            rejected.
diff --git a/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java b/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
index 189530f7a..cc61f0a86 100644
--- a/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
+++ b/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.request.IRequest;
  * This interface also defines a set of enrollment specific attribute names that can be used to retrieve values from an
  * enrollment request.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IEnrollProfile extends IProfile {
@@ -149,7 +149,7 @@ public interface IEnrollProfile extends IProfile {
 
     /**
      * Set Default X509CertInfo in the request.
-     * 
+     *
      * @param request profile-based certificate request.
      * @exception EProfileException failed to set the X509CertInfo.
      */
diff --git a/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java b/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java
index bf2374652..320b211c3 100644
--- a/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java
+++ b/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java
@@ -28,14 +28,14 @@ import com.netscape.certsrv.request.IRequest;
  * validates if the given request conforms to the set
  * rules.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPolicyConstraint extends IConfigTemplate {
 
     /**
      * Initializes this constraint policy.
-     * 
+     *
      * @param profile owner of this policy
      * @param config configuration store for this constraint
      * @exception EProfileException failed to initialize
@@ -46,7 +46,7 @@ public interface IPolicyConstraint extends IConfigTemplate {
     /**
      * Returns the corresponding configuration store
      * of this constraint policy.
-     * 
+     *
      * @return config store of this constraint
      */
     public IConfigStore getConfigStore();
@@ -54,7 +54,7 @@ public interface IPolicyConstraint extends IConfigTemplate {
     /**
      * Validates the request. The request is not modified
      * during the validation.
-     * 
+     *
      * @param request request to be validated
      * @exception ERejectException reject the given request
      */
@@ -63,7 +63,7 @@ public interface IPolicyConstraint extends IConfigTemplate {
 
     /**
      * Returns localized description of this constraint.
-     * 
+     *
      * @param locale locale of the end-user
      * @return localized description of this constraint
      */
@@ -71,7 +71,7 @@ public interface IPolicyConstraint extends IConfigTemplate {
 
     /**
      * Returns localized name of this constraint.
-     * 
+     *
      * @param locale locale of the end-user
      * @return localized name of this constraint
      */
@@ -80,7 +80,7 @@ public interface IPolicyConstraint extends IConfigTemplate {
     /**
      * Checks if this constraint is applicable to the
      * given default policy.
-     * 
+     *
      * @param def default policy to be checked
      * @return true if this constraint can be applied to
      *         the given default policy
diff --git a/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java b/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
index 469d6dded..e18534d66 100644
--- a/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
+++ b/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
@@ -30,28 +30,28 @@ import com.netscape.certsrv.request.IRequest;
  * This represents a default policy that populates
  * the request with additional values.
  * 

- * 
+ *
  * During request submission process, a default policy is invoked to populate the default values in the request. The
  * default values will later on be used for execution. The default values are like the parameters for the request.
  * 

- * 
+ *
  * This policy is called in 2 places. For automated enrollment request, this policy is invoked to populate the HTTP
  * parameters into the request. For request that cannot be executed immediately, this policy will be invoked again right
  * after the agent's approval.
  * 

- * 
+ *
  * Each default policy may contain zero or more properties that describe the default value. For example, a X509 Key can
  * be described by its key type, key length, and key data. The properties help to describe the default value into human
  * readable values.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     * 
+     *
      * @param profile owner of this default policy
      * @param config configuration store for this default
      * @exception EProfileException failed to initialize
@@ -61,14 +61,14 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Retrieves the configuration store of this default.
-     * 
+     *
      * @return configuration store of this default policy
      */
     public IConfigStore getConfigStore();
 
     /**
      * Populates the request with this policy default.
-     * 
+     *
      * @param request request to be populated
      * @exception EProfileException failed to populate
      */
@@ -77,7 +77,7 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale locale of the end user
      * @return localized name of this default policy
      */
@@ -85,7 +85,7 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale locale of the end user
      * @return localized description of this default policy
      */
@@ -93,7 +93,7 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Retrieves a list of names of the property.
-     * 
+     *
      * @return a list of property names. The values are
      *         of type java.lang.String
      */
@@ -103,7 +103,7 @@ public interface IPolicyDefault extends IConfigTemplate {
      * Retrieves the descriptor of the given property
      * by name. The descriptor contains syntax
      * information.
-     * 
+     *
      * @param locale locale of the end user
      * @param name name of property
      * @return descriptor of the property
@@ -112,7 +112,7 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Sets the value of the given value property by name.
-     * 
+     *
      * @param name name of property
      * @param locale locale of the end user
      * @param request request
@@ -125,7 +125,7 @@ public interface IPolicyDefault extends IConfigTemplate {
     /**
      * Retrieves the value of the given value
      * property by name.
-     * 
+     *
      * @param name name of property
      * @param locale locale of the end user
      * @param request request
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfile.java b/base/common/src/com/netscape/certsrv/profile/IProfile.java
index 0cd39c091..9125b2f69 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfile.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfile.java
@@ -33,30 +33,30 @@ import com.netscape.cms.profile.common.ProfilePolicy;
  * a list of input policies, default policies, constraint
  * policies and output policies.
  * 

- * 
+ *
  * The input policy is for building the enrollment page.
  * 

- * 
+ *
  * The default policy is for populating user-supplied and system-supplied values into the request.
  * 

- * 
+ *
  * The constraint policy is for validating the request before processing.
  * 

- * 
+ *
  * The output policy is for building the result page.
  * 

- * 
+ *
  * Each profile can have multiple policy set. Each set is composed of zero or more default policies and zero or more
  * constraint policies.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfile {
 
     /**
      * Initializes this profile.
-     * 
+     *
      * @param owner profile subsystem
      * @param config configuration store for this profile
      * @exception EBaseException failed to initialize
@@ -68,21 +68,21 @@ public interface IProfile {
      * Retrieves the request queue that is associated with
      * this profile. The request queue is for creating
      * new requests.
-     * 
+     *
      * @return request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Sets id of this profile.
-     * 
+     *
      * @param id profile identifier
      */
     public void setId(String id);
 
     /**
      * Returns the identifier of this profile.
-     * 
+     *
      * @return profile id
      */
     public String getId();
@@ -91,7 +91,7 @@ public interface IProfile {
      * Retrieves a localized string that represents
      * requestor's distinguished name. This string
      * displayed in the request listing user interface.
-     * 
+     *
      * @param request request
      * @return distringuished name of the request owner
      */
@@ -99,14 +99,14 @@ public interface IProfile {
 
     /**
      * Retrieves the configuration store of this profile.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Retrieves the instance id of the authenticator for this profile.
-     * 
+     *
      * @return authenticator instance id
      */
     public String getAuthenticatorId();
@@ -115,14 +115,14 @@ public interface IProfile {
 
     /**
      * Sets the instance id of the authenticator for this profile.
-     * 
+     *
      * @param id authenticator instance id
      */
     public void setAuthenticatorId(String id);
 
     /**
      * Retrieves the associated authenticator instance.
-     * 
+     *
      * @return profile authenticator instance.
      *         if no associated authenticator, null is returned
      * @exception EProfileException failed to retrieve
@@ -132,14 +132,14 @@ public interface IProfile {
 
     /**
      * Retrieves a list of input policy IDs.
-     * 
+     *
      * @return input policy id list
      */
     public Enumeration getProfileInputIds();
 
     /**
      * Retrieves input policy by id.
-     * 
+     *
      * @param id input policy id
      * @return input policy instance
      */
@@ -147,14 +147,14 @@ public interface IProfile {
 
     /**
      * Retrieves a list of output policy IDs.
-     * 
+     *
      * @return output policy id list
      */
     public Enumeration getProfileOutputIds();
 
     /**
      * Retrieves output policy by id.
-     * 
+     *
      * @param id output policy id
      * @return output policy instance
      */
@@ -165,14 +165,14 @@ public interface IProfile {
      * End-user profile will be displayed to the end user.
      * Non end-user profile mainly is for registration
      * manager.
-     * 
+     *
      * @return end-user profile or not
      */
     public boolean isVisible();
 
     /**
      * Sets this profile end-user profile or not.
-     * 
+     *
      * @param v end-user profile or not
      */
     public void setVisible(boolean v);
@@ -180,7 +180,7 @@ public interface IProfile {
     /**
      * Retrieves the user id of the person who
      * approves this profile.
-     * 
+     *
      * @return user id of the approver of this profile
      */
     public String getApprovedBy();
@@ -197,7 +197,7 @@ public interface IProfile {
 
     /**
      * Returns the profile name.
-     * 
+     *
      * @param locale end-user locale
      * @param name profile name
      */
@@ -205,7 +205,7 @@ public interface IProfile {
 
     /**
      * Retrieves the profile name.
-     * 
+     *
      * @param locale end-user locale
      * @return localized profile name
      */
@@ -213,7 +213,7 @@ public interface IProfile {
 
     /**
      * Returns the profile description.
-     * 
+     *
      * @param locale end-user locale
      * @param desc profile description
      */
@@ -221,7 +221,7 @@ public interface IProfile {
 
     /**
      * Retrieves the profile description.
-     * 
+     *
      * @param locale end-user locale
      * @return localized profile description
      */
@@ -231,21 +231,21 @@ public interface IProfile {
      * Retrieves profile context. The context stores
      * information about the requestor before the
      * actual request is created.
-     * 
+     *
      * @return profile context.
      */
     public IProfileContext createContext();
 
     /**
      * Returns the profile policy set identifiers.
-     * 
+     *
      * @return a list of policy set id
      */
     public Enumeration getProfilePolicySetIds();
 
     /**
      * Creates a profile policy.
-     * 
+     *
      * @param setId id of the policy set that owns this policy
      * @param id policy id
      * @param defaultClassId id of the registered default implementation
@@ -259,7 +259,7 @@ public interface IProfile {
 
     /**
      * Deletes input policy by id.
-     * 
+     *
      * @param inputId id of the input policy
      * @exception EProfileException failed to delete
      */
@@ -267,7 +267,7 @@ public interface IProfile {
 
     /**
      * Deletes output policy by id.
-     * 
+     *
      * @param outputId id of the output policy
      * @exception EProfileException failed to delete
      */
@@ -275,7 +275,7 @@ public interface IProfile {
 
     /**
      * Creates a input policy.
-     * 
+     *
      * @param id input policy id
      * @param inputClassId id of the registered input implementation
      * @param nvp default parameters
@@ -288,7 +288,7 @@ public interface IProfile {
 
     /**
      * Creates a output policy.
-     * 
+     *
      * @param id output policy id
      * @param outputClassId id of the registered output implementation
      * @param nvp default parameters
@@ -300,7 +300,7 @@ public interface IProfile {
 
     /**
      * Deletes a policy.
-     * 
+     *
      * @param setId id of the policy set
      * @param policyId id of policy to delete
      * @exception EProfileException failed to delete
@@ -310,7 +310,7 @@ public interface IProfile {
 
     /**
      * Retrieves a policy.
-     * 
+     *
      * @param setId set id
      * @param id policy id
      * @return profile policy
@@ -319,7 +319,7 @@ public interface IProfile {
 
     /**
      * Retrieves all the policy id within a set.
-     * 
+     *
      * @param setId set id
      * @return a list of policy id
      */
@@ -329,7 +329,7 @@ public interface IProfile {
      * Retrieves a default set id for the given request.
      * It is the profile's responsibility to return
      * an appropriate set id for the request.
-     * 
+     *
      * @param req request
      * @return policy set id
      */
@@ -337,7 +337,7 @@ public interface IProfile {
 
     /**
      * Returns a list of profile policies.
-     * 
+     *
      * @param setId set id
      * @return a list of policies
      */
@@ -347,7 +347,7 @@ public interface IProfile {
      * Creates one or more requests. Normally, only one request will
      * be created. In case of CRMF request, multiple requests may be
      * created for one submission.
-     * 
+     *
      * @param ctx profile context
      * @param locale user locale
      * @return a list of requests
@@ -358,7 +358,7 @@ public interface IProfile {
 
     /**
      * Populates user-supplied input values into the requests.
-     * 
+     *
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
@@ -369,7 +369,7 @@ public interface IProfile {
     /**
      * Passes the request to the set of default policies that
      * populate the profile information against the profile.
-     * 
+     *
      * @param request request
      * @exception EProfileException failed to populate default values
      */
@@ -379,7 +379,7 @@ public interface IProfile {
     /**
      * Passes the request to the set of constraint policies
      * that validate the request against the profile.
-     * 
+     *
      * @param request request
      * @exception ERejectException validation violation
      */
@@ -388,7 +388,7 @@ public interface IProfile {
 
     /**
      * Process a request after validation.
-     * 
+     *
      * @param request request to be processed
      * @exception EProfileException failed to process
      */
@@ -397,7 +397,7 @@ public interface IProfile {
 
     /**
      * Handles end-user request submission.
-     * 
+     *
      * @param token authentication token
      * @param request request to be processed
      * @exception EDeferException defer request
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java b/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java
index 98546c601..2d8a7d0b3 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.request.IRequest;
  * the end-user. If authentication is successful, request
  * can be processed immediately. Otherwise, the request will
  * be defered and manual approval is then required.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileAuthenticator extends IAuthManager {
@@ -41,7 +41,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Initializes this default policy.
-     * 
+     *
      * @param profile owner of this authenticator
      * @param config configuration store
      * @exception EProfileException failed to initialize
@@ -51,7 +51,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Retrieves the configuration store.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
@@ -59,7 +59,7 @@ public interface IProfileAuthenticator extends IAuthManager {
     /**
      * Populates authentication specific information into the
      * request for auditing purposes.
-     * 
+     *
      * @param token authentication token
      * @param request request
      * @exception EProfileException failed to populate
@@ -69,7 +69,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale end user locale
      * @return localized authenticator name
      */
@@ -77,7 +77,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale end user locale
      * @return localized authenticator description
      */
@@ -85,7 +85,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Retrieves a list of names of the property.
-     * 
+     *
      * @return a list of property names
      */
     public Enumeration getValueNames();
@@ -95,7 +95,7 @@ public interface IProfileAuthenticator extends IAuthManager {
      * serializable into the request. Passsword or other
      * security-related value may not be desirable for
      * storage.
-     * 
+     *
      * @param name property name
      * @return true if the property is not security related
      */
@@ -104,7 +104,7 @@ public interface IProfileAuthenticator extends IAuthManager {
     /**
      * Retrieves the descriptor of the given value
      * property by name.
-     * 
+     *
      * @param locale user locale
      * @param name property name
      * @return descriptor of the requested property
@@ -113,7 +113,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Checks if this authenticator requires SSL client authentication.
-     * 
+     *
      * @return client authentication required or not
      */
     public boolean isSSLClientRequired();
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileContext.java b/base/common/src/com/netscape/certsrv/profile/IProfileContext.java
index b3c27d040..981365173 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileContext.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileContext.java
@@ -21,14 +21,14 @@ package com.netscape.certsrv.profile;
  * This interface represents a profile context which
  * stores system-wide and user-provided information for
  * assisting request creation.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileContext {
 
     /**
      * Sets a value into the context.
-     * 
+     *
      * @param name property name
      * @param value property value
      */
@@ -36,7 +36,7 @@ public interface IProfileContext {
 
     /**
      * Retrieves a value from the context.
-     * 
+     *
      * @param name property name
      * @return property value
      */
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileEx.java b/base/common/src/com/netscape/certsrv/profile/IProfileEx.java
index 79e4f4175..8ce3262ec 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileEx.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileEx.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.EBaseException;
  * This interface represents the extension version of
  * profile.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileEx extends IProfile {
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileInput.java b/base/common/src/com/netscape/certsrv/profile/IProfileInput.java
index 4ef598698..09b42806d 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileInput.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileInput.java
@@ -30,14 +30,14 @@ import com.netscape.certsrv.request.IRequest;
  * This interface represents a input policy which
  * provides information on how to create the
  * end-user enrollment page.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     * 
+     *
      * @param profile owner of this input
      * @param config configuration store
      * @exception EProfileException failed to initialize
@@ -47,14 +47,14 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Returns configuration store.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Populates the request with this policy default.
-     * 
+     *
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
@@ -64,7 +64,7 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale user locale
      * @return localized input name
      */
@@ -72,7 +72,7 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale user locale
      * @return localized input description
      */
@@ -80,7 +80,7 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves a list of names of the property.
-     * 
+     *
      * @return a list of property names
      */
     public Enumeration getValueNames();
@@ -88,7 +88,7 @@ public interface IProfileInput extends IConfigTemplate {
     /**
      * Retrieves the descriptor of the given value
      * property by name.
-     * 
+     *
      * @param locale user locale
      * @param name property name
      * @return descriptor of the property
@@ -97,7 +97,7 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves value from the request.
-     * 
+     *
      * @param name property name
      * @param locale user locale
      * @param request request
@@ -108,7 +108,7 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Sets the value of the given property by name.
-     * 
+     *
      * @param name property name
      * @param locale user locale
      * @param request request
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java b/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java
index b60e4475b..dd3b47c54 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java
@@ -30,14 +30,14 @@ import com.netscape.certsrv.request.IRequest;
  * This interface represents a output policy which
  * provides information on how to build the result
  * page for the enrollment.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     * 
+     *
      * @param profile owner of this policy
      * @param config configuration store
      * @exception EProfileException failed to initialize
@@ -47,14 +47,14 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves configuration store.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Populates the request with this policy default.
-     * 
+     *
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
@@ -64,7 +64,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale user locale
      * @return output policy name
      */
@@ -72,7 +72,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale user locale
      * @return output policy description
      */
@@ -80,7 +80,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves a list of names of the value parameter.
-     * 
+     *
      * @return a list of property names
      */
     public Enumeration getValueNames();
@@ -88,7 +88,7 @@ public interface IProfileOutput extends IConfigTemplate {
     /**
      * Retrieves the descriptor of the given value
      * parameter by name.
-     * 
+     *
      * @param locale user locale
      * @param name property name
      * @return property descriptor
@@ -97,7 +97,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves the value of the given value parameter by name.
-     * 
+     *
      * @param name property name
      * @param locale user locale
      * @param request request
@@ -109,7 +109,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Sets the value of the given value parameter by name.
-     * 
+     *
      * @param name property name
      * @param locale user locale
      * @param request request
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java b/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java
index d231f8d55..2dd7b3787 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java
@@ -21,28 +21,28 @@ package com.netscape.certsrv.profile;
  * This interface represents a profile policy
  * which consists a default policy and a
  * constraint policy.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfilePolicy {
 
     /**
      * Retrieves the policy id
-     * 
+     *
      * @return policy id
      */
     public String getId();
 
     /**
      * Retrieves the default policy.
-     * 
+     *
      * @return default policy
      */
     public IPolicyDefault getDefault();
 
     /**
      * Retrieves the constraint policy.
-     * 
+     *
      * @return constraint policy
      */
     public IPolicyConstraint getConstraint();
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java b/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java
index b7a68445b..3238fb2e6 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * This represents the profile subsystem that manages
  * a list of profiles.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileSubsystem extends ISubsystem {
@@ -32,7 +32,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Retrieves a profile by id.
-     * 
+     *
      * @return profile
      * @exception EProfileException failed to retrieve
      */
@@ -41,7 +41,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Checks if a profile is approved by an agent or not.
-     * 
+     *
      * @param id profile id
      * @return true if profile is approved
      */
@@ -49,7 +49,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Retrieves the approver of the given profile.
-     * 
+     *
      * @param id profile id
      * @return user id of the agent who has approved the profile
      */
@@ -57,7 +57,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Creates new profile.
-     * 
+     *
      * @param id profile id
      * @param classid implementation id
      * @param className class Name
@@ -70,7 +70,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Deletes profile.
-     * 
+     *
      * @param id profile id
      * @param configFile configuration file
      * @exception EProfileException failed to delete profile
@@ -80,7 +80,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Creates a new profile configuration file.
-     * 
+     *
      * @param id profile id
      * @param classId implementation id
      * @param configPath location to create the configuration file
@@ -91,7 +91,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Enables a profile.
-     * 
+     *
      * @param id profile id
      * @param enableBy agent's user id
      * @exception EProfileException failed to enable profile
@@ -101,7 +101,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Disables a profile.
-     * 
+     *
      * @param id profile id
      * @exception EProfileException failed to disable
      */
@@ -110,7 +110,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Retrieves the id of the implementation of the given profile.
-     * 
+     *
      * @param id profile id
      * @return implementation id managed by the registry
      */
@@ -119,14 +119,14 @@ public interface IProfileSubsystem extends ISubsystem {
     /**
      * Retrieves a list of profile ids. The return
      * list is of type String.
-     * 
+     *
      * @return a list of profile ids
      */
     public Enumeration getProfileIds();
 
     /**
      * Checks if owner id should be enforced during profile approval.
-     * 
+     *
      * @return true if approval should be checked
      */
     public boolean checkOwner();
diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java b/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java
index 3749cd1d2..7c6084363 100644
--- a/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java
+++ b/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java
@@ -27,14 +27,14 @@ import com.netscape.certsrv.request.RequestStatus;
 /**
  * This interface represents an updater that will be
  * called when the request's state changes.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IProfileUpdater extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     * 
+     *
      * @param profile owner of this policy
      * @param config configuration store
      * @exception EProfileException failed to initialize
@@ -44,14 +44,14 @@ public interface IProfileUpdater extends IConfigTemplate {
 
     /**
      * Retrieves configuration store.
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Notifies of state change.
-     * 
+     *
      * @param req request
      * @param status The status to check for.
      * @exception EProfileException failed to populate
@@ -61,7 +61,7 @@ public interface IProfileUpdater extends IConfigTemplate {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale user locale
      * @return output policy name
      */
@@ -69,7 +69,7 @@ public interface IProfileUpdater extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale user locale
      * @return output policy description
      */
diff --git a/base/common/src/com/netscape/certsrv/property/Descriptor.java b/base/common/src/com/netscape/certsrv/property/Descriptor.java
index bd2b56340..4b2baf561 100644
--- a/base/common/src/com/netscape/certsrv/property/Descriptor.java
+++ b/base/common/src/com/netscape/certsrv/property/Descriptor.java
@@ -22,7 +22,7 @@ import java.util.Locale;
 /**
  * This interface represents a property descriptor. A descriptor
  * includes information that describe a property.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Descriptor implements IDescriptor {
@@ -34,7 +34,7 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Constructs a descriptor.
-     * 
+     *
      * @param syntax syntax
      * @param constraint constraint
      * @param defValue default value
@@ -49,7 +49,7 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Returns the syntax of the property.
-     * 
+     *
      * @return syntax
      */
     public String getSyntax() {
@@ -58,7 +58,7 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Returns the default value of the property.
-     * 
+     *
      * @return default value
      */
     public String getDefaultValue() {
@@ -74,7 +74,7 @@ public class Descriptor implements IDescriptor {
      * 

      * If null, no constraint shall be enforced.
      * 

-     * 
+     *
      * @return constraint
      */
     public String getConstraint() {
@@ -83,7 +83,7 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Retrieves the description of the property.
-     * 
+     *
      * @param locale user locale
      * @return description
      */
diff --git a/base/common/src/com/netscape/certsrv/property/EPropertyException.java b/base/common/src/com/netscape/certsrv/property/EPropertyException.java
index 23f59a25f..ad0617b5f 100644
--- a/base/common/src/com/netscape/certsrv/property/EPropertyException.java
+++ b/base/common/src/com/netscape/certsrv/property/EPropertyException.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * This is the base exception for property handling.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EPropertyException extends EBaseException {
@@ -33,7 +33,7 @@ public class EPropertyException extends EBaseException {
 
     /**
      * Constructs property exception
-     * 
+     *
      * @param msg exception message
      */
     public EPropertyException(String msg) {
diff --git a/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java b/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java
index 431c90de9..70d4040ae 100644
--- a/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java
+++ b/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java
@@ -28,21 +28,21 @@ import java.util.Locale;
  * 

  * A plugin, for example, can be described as a property template.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IConfigTemplate {
 
     /**
      * Returns a list of configuration parameter names.
-     * 
+     *
      * @return parameter names
      */
     public Enumeration getConfigNames();
 
     /**
      * Returns the descriptors of configuration parameter.
-     * 
+     *
      * @param locale user locale
      * @param name configuration parameter name
      * @return descriptor
@@ -51,7 +51,7 @@ public interface IConfigTemplate {
 
     /**
      * Sets configuration parameter.
-     * 
+     *
      * @param name parameter name
      * @param value parameter value
      * @exception EPropertyException failed to set parameter
@@ -61,7 +61,7 @@ public interface IConfigTemplate {
 
     /**
      * Retrieves configuration parameter by name.
-     * 
+     *
      * @return parameter
      */
     public String getConfig(String name);
diff --git a/base/common/src/com/netscape/certsrv/property/IDescriptor.java b/base/common/src/com/netscape/certsrv/property/IDescriptor.java
index 727c1130d..830ecdb27 100644
--- a/base/common/src/com/netscape/certsrv/property/IDescriptor.java
+++ b/base/common/src/com/netscape/certsrv/property/IDescriptor.java
@@ -21,7 +21,7 @@ import java.util.Locale;
 
 /**
  * This interface represents a property descriptor.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IDescriptor {
@@ -56,7 +56,7 @@ public interface IDescriptor {
 
     /**
      * Returns the syntax of the property.
-     * 
+     *
      * @return syntax
      */
     public String getSyntax();
@@ -68,14 +68,14 @@ public interface IDescriptor {
      * - choice(cert,crl): cert,crl is the constraint
      * for choice
      * If null, no constraint shall be enforced.
-     * 
+     *
      * @return constraint
      */
     public String getConstraint();
 
     /**
      * Retrieves the description of the property.
-     * 
+     *
      * @param locale user locale
      * @return localized description
      */
@@ -83,7 +83,7 @@ public interface IDescriptor {
 
     /**
      * Retrieves the default value of the property.
-     * 
+     *
      * @return default value
      */
     public String getDefaultValue();
diff --git a/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java b/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java
index a3a109900..81e8a9a84 100644
--- a/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java
+++ b/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.ldap.ELdapException;
  * error is found while evaluating a PKI component. An example
  * would be in trying to evaluate a PKI authentication message and
  * the parsing operation fails due to a missing token.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class ECompSyntaxErr extends ELdapException {
@@ -36,7 +36,7 @@ public class ECompSyntaxErr extends ELdapException {
 
     /**
      * Construct a ECompSyntaxErr
-     * 
+     *
      * @param errorString The descriptive error condition.
      */
 
diff --git a/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java b/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java
index fdf4a1b9f..39738bb72 100644
--- a/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java
+++ b/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Exception for Publish Mapper not found.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class EMapperNotFound extends ELdapException {
@@ -33,7 +33,7 @@ public class EMapperNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing required mapper
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EMapperNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java b/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java
index f8f18c5ff..dfa710578 100644
--- a/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java
+++ b/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Exception for Mapper Plugin not found.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class EMapperPluginNotFound extends ELdapException {
@@ -33,7 +33,7 @@ public class EMapperPluginNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing mapper plugin
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EMapperPluginNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java b/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java
index 176001e99..2f25afd95 100644
--- a/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java
+++ b/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Exception for Publisher not found. Required for successful publishing.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class EPublisherNotFound extends ELdapException {
@@ -33,7 +33,7 @@ public class EPublisherNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing required publisher.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EPublisherNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java b/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java
index 56076863a..a6385b187 100644
--- a/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java
+++ b/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Exception for Publisher Plugin not found. Plugin implementation is required to actually publish.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class EPublisherPluginNotFound extends ELdapException {
@@ -33,7 +33,7 @@ public class EPublisherPluginNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing publisher plugin.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public EPublisherPluginNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java b/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java
index 01c9897eb..4a975e512 100644
--- a/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java
+++ b/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Exception for Ldap Publishing Rule not found.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class ERuleNotFound extends ELdapException {
@@ -33,7 +33,7 @@ public class ERuleNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing required rule, which links a publisher and mapper.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public ERuleNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java b/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java
index f619e7f4a..ca66dbaf5 100644
--- a/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java
+++ b/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Exception for Publisher Rule plugin not found. Plugin required to implement Ldap Rule.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class ERulePluginNotFound extends ELdapException {
@@ -33,7 +33,7 @@ public class ERulePluginNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing rule plugin.
-     * 
+     *
      * @param errorString Detailed error message.
      */
     public ERulePluginNotFound(String errorString) {
diff --git a/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java b/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java
index cd5763cdb..ca13886e0 100644
--- a/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java
+++ b/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java
@@ -31,57 +31,57 @@ import com.netscape.certsrv.base.ISubsystem;
  * Certificiate Manager/LDAP Publishing panel. This
  * interface provides administrator additional capability
  * of publishing CRL to different destinations.
- * 
+ *
  * The CRL publishing frequency is configured via
  * Netscape Certificate Server Console's
  * Certificate Manager/Revocation List panel.
  * The CRL publishing may occur either everytime a
  * certificate is revoked or at a pre-defined interval.
- * 
+ *
  * To try out this new CRL publisher mechanism, do
  * the following:
  * (1) Write a sample CRL publisher class that implements
  * ICRLPublisher interface. For example,
- * 
+ *
  * 
  * public class CRLPublisher implements ICRLPublisher
  * {
- * 	public void init(ISubsystem owner, IConfigStore config) 
+ * 	public void init(ISubsystem owner, IConfigStore config)
  * 		throws EBaseException
  * 	{
  * 		log(ILogger.LL_DEBUG, "CRLPublisher: Initialized");
  * 	}
- * 
- * 	public void publish(String issuingPointId, X509CRLImpl crl) 
- * 		throws EBaseException 
+ *
+ * 	public void publish(String issuingPointId, X509CRLImpl crl)
+ * 		throws EBaseException
  *      {
- * 		log(ILogger.LL_DEBUG, "CRLPublisher: " + issuingPointId + 
+ * 		log(ILogger.LL_DEBUG, "CRLPublisher: " + issuingPointId +
  *                " crl=" + crl);
  * 	}
- * 
+ *
  *      public void log(int level, String msg)
  *      {
- *              Logger.getLogger().log(ILogger.EV_SYSTEM, 
+ *              Logger.getLogger().log(ILogger.EV_SYSTEM,
  *                      null, ILogger.S_OTHER, level,
  *                      msg);
  *      }
  * }
  * 
- * 
+ *
  * (2) Compile the class and place the class into
  * \bin\cert\classes directory.
  * (3) Add the following parameter to CMS.cfg
  * ca.crlPublisher.class=
  * For example,
  * ca.crlPublisher.class=myCRLPublisher
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICRLPublisher {
 
     /**
      * Initializes this CRL publisher.
-     * 
+     *
      * @param owner parent of the publisher. An object of type
      *            CertificateAuthority.
      * @param config config store for this publisher. If this
@@ -96,7 +96,7 @@ public interface ICRLPublisher {
     /**
      * Publishes CRL. This method is invoked by CMS based
      * on the configured CRL publishing frequency.
-     * 
+     *
      * @param issuingPointId CRL issuing point identifier
      *            (i.e. MasterCRL)
      * @param crl CRL that is publishing
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java b/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java
index 3acaeb580..edf28de90 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Interface for mapping a X509 certificate to a LDAP entry.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapCertMapper extends ILdapPlugin {
@@ -54,7 +54,7 @@ public interface ILdapCertMapper extends ILdapPlugin {
     /**
      * maps a certificate to a LDAP entry.
      * returns dn of the mapped LDAP entry.
-     * 
+     *
      * @param conn the LDAP connection
      * @param cert the certificate to map
      * @param checkForCert whether to check for the presence of the cert
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java b/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java
index 252a09ec3..93133c552 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Interface for mapping a CRL to a LDAP entry.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapCrlMapper {
@@ -34,7 +34,7 @@ public interface ILdapCrlMapper {
     /**
      * maps a crl to a LDAP entry.
      * returns dn of the mapped LDAP entry.
-     * 
+     *
      * @param conn the LDAP connection
      * @param crl the CRL to map
      * @param checkForCrl whether to check for the presence of the CRL
@@ -50,7 +50,7 @@ public interface ILdapCrlMapper {
 
     /**
      * initialize from config store.
-     * 
+     *
      * @param config the configuration store to initialize from.
      * @exception ELdapException Initialization failed due to Ldap error.
      * @exception EBaseException Initialization failed.
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java b/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java
index 4537636c1..068507e9e 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * Interface for a Ldap predicate expression.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ILdapExpression {
@@ -42,7 +42,7 @@ public interface ILdapExpression {
 
     /**
      * Evaluate the Expression.
-     * 
+     *
      * @param sc The SessionContext on which we are applying the condition.
      * @return The return value.
      * @exception ELdapExeption Failed to evaluate expression.
@@ -52,7 +52,7 @@ public interface ILdapExpression {
 
     /**
      * Evaluate the Expression.
-     * 
+     *
      * @param req The PKIRequest on which we are applying the condition.
      * @return The return value.
      * @exception ELdapExeption Failed to evaluate expression.
@@ -62,7 +62,7 @@ public interface ILdapExpression {
 
     /**
      * Convert to a string.
-     * 
+     *
      * @return String representation of expression.
      */
     public String toString();
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java b/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java
index 09238421f..186af8825 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * Interface for mapping a X509 certificate to a LDAP entry.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapMapper extends ILdapPlugin {
@@ -54,7 +54,7 @@ public interface ILdapMapper extends ILdapPlugin {
     /**
      * maps a certificate to a LDAP entry.
      * returns dn of the mapped LDAP entry.
-     * 
+     *
      * @param conn the LDAP connection
      * @param obj the object to map
      * @return dn indicates whether a mapping was successful
@@ -67,7 +67,7 @@ public interface ILdapMapper extends ILdapPlugin {
     /**
      * maps a certificate to a LDAP entry.
      * returns dn of the mapped LDAP entry.
-     * 
+     *
      * @param conn the LDAP connection
      * @param r the request to map
      * @param obj the object to map
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java b/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java
index b0a9fe73b..f0c53f804 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java
@@ -23,14 +23,14 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Interface for any Ldap plugin.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapPlugin {
 
     /**
      * Initialize from config store.
-     * 
+     *
      * @param config the configuration store to initialize from.
      * @exception ELdapException initialization failed due to Ldap error.
      * @exception EBaseException initialization failed.
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java b/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java
index db52a9106..5287383b4 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java
@@ -25,14 +25,14 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Interface for any ldap plugin. Plugin implementation is defined here.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapPluginImpl extends IPluginImpl {
 
     /**
      * initialize from config store.
-     * 
+     *
      * @param config the configuration store to initialize from.
      * @exception ELdapException initializtion failed due to Ldap error.
      * @exception EBaseException initialization failed.
@@ -42,7 +42,7 @@ public interface ILdapPluginImpl extends IPluginImpl {
 
     /**
      * initialize from config store and Isubsystem.
-     * 
+     *
      * @param config the configuration store to initialize from.
      * @exception ELdapException initializtion failed due to Ldap error.
      * @exception EBaseException initialization failed.
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java b/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java
index 81e5be952..e918973cd 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.request.IRequestListener;
 
 /**
  * Handles requests to perform Ldap publishing.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapPublishModule extends IRequestListener {
@@ -30,13 +30,13 @@ public interface ILdapPublishModule extends IRequestListener {
     /**
      * initialize ldap publishing module with config store
      */
-    //	public void init(ICertAuthority owner, IConfigStore config) 
+    //	public void init(ICertAuthority owner, IConfigStore config)
     //		throws EBaseException, ELdapException;
 
     /**
      * Accepts completed requests from an authority and
      * performs ldap publishing.
-     * 
+     *
      * @param request The publishing request.
      */
     public void accept(IRequest request);
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java b/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java
index 398d86453..38b278634 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.ldap.ELdapException;
 
 /**
  * Interface for publishing certificate or crl to database store.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapPublisher extends ILdapPlugin {
@@ -55,7 +55,7 @@ public interface ILdapPublisher extends ILdapPlugin {
 
     /**
      * Publish an object.
-     * 
+     *
      * @param conn a Ldap connection
      *            (null for non-LDAP publishing)
      * @param dn dn of the ldap entry to publish cert
@@ -70,7 +70,7 @@ public interface ILdapPublisher extends ILdapPlugin {
 
     /**
      * Unpublish an object.
-     * 
+     *
      * @param conn the Ldap connection
      *            (null for non-LDAP publishing)
      * @param dn dn of the ldap entry to unpublish cert
diff --git a/base/common/src/com/netscape/certsrv/publish/ILdapRule.java b/base/common/src/com/netscape/certsrv/publish/ILdapRule.java
index 7bf19b070..69aae10f4 100644
--- a/base/common/src/com/netscape/certsrv/publish/ILdapRule.java
+++ b/base/common/src/com/netscape/certsrv/publish/ILdapRule.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IConfigStore;
 
 /**
  * Interface for publishing rule which associates a Publisher with a Mapper.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface ILdapRule extends ILdapPlugin {
@@ -34,7 +34,7 @@ public interface ILdapRule extends ILdapPlugin {
 
     /**
      * Initialize the plugin.
-     * 
+     *
      * @exception EBaseException Initialization failed.
      */
     public void init(IPublisherProcessor processor, IConfigStore
diff --git a/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java b/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java
index 911d4e132..affe35132 100644
--- a/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java
+++ b/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java
@@ -41,7 +41,7 @@ import com.netscape.certsrv.request.IRequest;
  * checked in the order to find the first matched publishing rule as the
  * mapping rule to (un)publish the object.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPublishRuleSet {
@@ -50,7 +50,7 @@ public interface IPublishRuleSet {
     /**
      * Returns the name of the publishing rule set.
      * 

-     * 
+     *
      * @return The name of the publishing rule set.
      */
     String getName();
@@ -58,7 +58,7 @@ public interface IPublishRuleSet {
     /**
      * Returns the no of publishing rules in a set.
      * 

-     * 
+     *
      * @return the no of publishing rules.
      */
     int count();
@@ -66,7 +66,7 @@ public interface IPublishRuleSet {
     /**
      * Add a publishing rule
      * 

-     * 
+     *
      * @param aliasName The name of the publishing rule to be added.
      * @param rule rule The publishing rule to be added.
      */
@@ -74,7 +74,7 @@ public interface IPublishRuleSet {
 
     /**
      * Removes a publishing rule identified by the given name.
-     * 
+     *
      * @param ruleName The name of the publishing rule to be removed.
      */
     void removeRule(String ruleName);
@@ -82,7 +82,7 @@ public interface IPublishRuleSet {
     /**
      * Get the publishing rule identified by a given name.
      * 

-     * 
+     *
      * @param ruleName The name of the publishing rule to be return.
      * @return The publishing rule identified by the given name or null if none exists.
      */
@@ -91,7 +91,7 @@ public interface IPublishRuleSet {
     /**
      * Get the publishing rule identified by a corresponding request.
      * 

-     * 
+     *
      * @param req The request from which rule will be identified.
      * @return The publishing rule or null if none exists.
      */
@@ -100,7 +100,7 @@ public interface IPublishRuleSet {
     /**
      * Get an enumeration of publishing rules.
      * 

-     * 
+     *
      * @return An enumeration of publishing rules.
      */
     Enumeration getRules();
@@ -112,7 +112,7 @@ public interface IPublishRuleSet {
      * Use the mapper to find the dn of the LDAP entry and use the publisher
      * to publish the object in the request.
      * 

-     * 
+     *
      * @param conn The Ldap connection
      * @param req The request to apply policies on.
      * @exception ELdapException publish failed due to Ldap error.
diff --git a/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java b/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java
index 3ed985403..a2f8fcc71 100644
--- a/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java
+++ b/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * Controls the publishing process from the top level. Maintains
  * a collection of Publishers , Mappers, and Publish Rules.
- * 
+ *
  * @version $Revision$ $Date$
  */
 
@@ -62,66 +62,66 @@ public interface IPublisherProcessor extends ISubsystem {
     public static final String PROP_TYPE = "type";
 
     /**
-     * 
+     *
      * Returns Hashtable of rule plugins.
      */
 
     public Hashtable getRulePlugins();
 
     /**
-     * 
+     *
      * Returns Hashtable of rule instances.
      */
 
     public Hashtable getRuleInsts();
 
     /**
-     * 
+     *
      * Returns Hashtable of mapper plugins.
      */
 
     public Hashtable getMapperPlugins();
 
     /**
-     * 
+     *
      * Returns Hashtable of publisher plugins.
      */
     public Hashtable getPublisherPlugins();
 
     /**
-     * 
+     *
      * Returns Hashtable of rule mapper instances.
      */
     public Hashtable getMapperInsts();
 
     /**
-     * 
+     *
      * Returns Hashtable of rule publisher instances.
      */
     public Hashtable getPublisherInsts();
 
     /**
-     * 
+     *
      * Returns list of rules based on publishing type.
-     * 
+     *
      * @param publishingType Type for which to retrieve rule list.
      */
 
     public Enumeration getRules(String publishingType);
 
     /**
-     * 
+     *
      * Returns list of rules based on publishing type and publishing request.
-     * 
+     *
      * @param publishingType Type for which to retrieve rule list.
      * @param req Corresponding publish request.
      */
     public Enumeration getRules(String publishingType, IRequest req);
 
     /**
-     * 
+     *
      * Returns mapper initial default parameters.
-     * 
+     *
      * @param implName name of MapperPlugin.
      */
 
@@ -129,9 +129,9 @@ public interface IPublisherProcessor extends ISubsystem {
             ELdapException;
 
     /**
-     * 
+     *
      * Returns mapper current instance parameters.
-     * 
+     *
      * @param insName name of MapperProxy.
      * @exception ELdapException failed due to Ldap error.
      */
@@ -140,9 +140,9 @@ public interface IPublisherProcessor extends ISubsystem {
             ELdapException;
 
     /**
-     * 
+     *
      * Returns publisher initial default parameters.
-     * 
+     *
      * @param implName name of PublisherPlugin.
      * @exception ELdapException failed due to Ldap error.
      */
@@ -150,9 +150,9 @@ public interface IPublisherProcessor extends ISubsystem {
             ELdapException;
 
     /**
-     * 
+     *
      * Returns true if MapperInstance is enabled.
-     * 
+     *
      * @param insName name of MapperProxy.
      * @return true if enabled. false if disabled.
      */
@@ -160,54 +160,54 @@ public interface IPublisherProcessor extends ISubsystem {
     public boolean isMapperInstanceEnable(String insName);
 
     /**
-     * 
+     *
      * Returns ILdapMapper instance that is currently active.
-     * 
+     *
      * @param insName name of MapperProxy.
      * @return instance of ILdapMapper.
      */
     public ILdapMapper getActiveMapperInstance(String insName);
 
     /**
-     * 
+     *
      * Returns ILdapMapper instance based on name of MapperProxy.
-     * 
+     *
      * @param insName name of MapperProxy.
      * @return instance of ILdapMapper.
      */
     public ILdapMapper getMapperInstance(String insName);
 
     /**
-     * 
+     *
      * Returns true publisher instance is currently enabled.
-     * 
+     *
      * @param insName name of PublisherProxy.
      * @return true if enabled.
      */
     public boolean isPublisherInstanceEnable(String insName);
 
     /**
-     * 
+     *
      * Returns ILdapPublisher instance that is currently active.
-     * 
+     *
      * @param insName name of PublisherProxy.
      * @return instance of ILdapPublisher.
      */
     public ILdapPublisher getActivePublisherInstance(String insName);
 
     /**
-     * 
+     *
      * Returns ILdapPublisher instance.
-     * 
+     *
      * @param insName name of PublisherProxy.
      * @return instance of ILdapPublisher.
      */
     public ILdapPublisher getPublisherInstance(String insName);
 
     /**
-     * 
+     *
      * Returns Vector of PublisherIntance's current instance parameters.
-     * 
+     *
      * @param insName name of PublisherProxy.
      * @return Vector of current instance parameters.
      */
@@ -215,9 +215,9 @@ public interface IPublisherProcessor extends ISubsystem {
             ELdapException;
 
     /**
-     * 
+     *
      * Returns Vector of RulePlugin's initial default parameters.
-     * 
+     *
      * @param implName name of RulePlugin.
      * @return Vector of initial default parameters.
      * @exception ELdapException failed due to Ldap error.
@@ -226,9 +226,9 @@ public interface IPublisherProcessor extends ISubsystem {
             ELdapException;
 
     /**
-     * 
+     *
      * Returns Vector of RulePlugin's current instance parameters.
-     * 
+     *
      * @param implName name of RulePlugin.
      * @return Vector of current instance parameters.
      * @exception ELdapException failed due to Ldap error.
@@ -239,7 +239,7 @@ public interface IPublisherProcessor extends ISubsystem {
     /**
      * Set published flag - true when published, false when unpublished.
      * Not exist means not published.
-     * 
+     *
      * @param serialNo serial number of publishable object.
      * @param published true for published, false for not.
      */
@@ -247,7 +247,7 @@ public interface IPublisherProcessor extends ISubsystem {
 
     /**
      * Publish ca cert, UpdateDir.java, jobs, request listeners
-     * 
+     *
      * @param cert X509 certificate to be published.
      * @exception ELdapException publish failed due to Ldap error.
      */
@@ -264,7 +264,7 @@ public interface IPublisherProcessor extends ISubsystem {
     /**
      * Publishs regular user certificate based on the criteria
      * set in the request.
-     * 
+     *
      * @param cert X509 certificate to be published.
      * @param req request which provides the criteria
      * @exception ELdapException publish failed due to Ldap error.
@@ -275,7 +275,7 @@ public interface IPublisherProcessor extends ISubsystem {
     /**
      * Unpublish user certificate. This is used by
      * UnpublishExpiredJob.
-     * 
+     *
      * @param cert X509 certificate to be unpublished.
      * @param req request which provides the criteria
      * @exception ELdapException unpublish failed due to Ldap error.
@@ -287,7 +287,7 @@ public interface IPublisherProcessor extends ISubsystem {
      * publishes a crl by mapping the issuer name in the crl to an entry
      * and publishing it there. entry must be a certificate authority.
      * Note that this is used by cmsgateway/cert/UpdateDir.java
-     * 
+     *
      * @param crl Certificate Revocation List
      * @param crlIssuingPointId name of the issuing point.
      * @exception ELdapException publish failed due to Ldap error.
@@ -298,7 +298,7 @@ public interface IPublisherProcessor extends ISubsystem {
     /**
      * publishes a crl by mapping the issuer name in the crl to an entry
      * and publishing it there. entry must be a certificate authority.
-     * 
+     *
      * @param dn Distinguished name to publish.
      * @param crl Certificate Revocation List
      * @exception ELdapException publish failed due to Ldap error.
@@ -307,36 +307,36 @@ public interface IPublisherProcessor extends ISubsystem {
             throws ELdapException;
 
     /**
-     * 
+     *
      * Return true if Ldap is enabled.
-     * 
+     *
      * @return true if Ldap is enabled,otherwise false.
      */
 
     public boolean ldapEnabled();
 
     /**
-     * 
+     *
      * Return true of PublisherProcessor is enabled.
-     * 
+     *
      * @return true if is enabled, otherwise false.
-     * 
+     *
      */
     public boolean enabled();
 
     /**
-     * 
+     *
      * Return Authority for which this Processor operates.
-     * 
+     *
      * @return Authority.
      */
 
     public ISubsystem getAuthority();
 
     /**
-     * 
+     *
      * Perform logging function for this Processor.
-     * 
+     *
      * @param level Log level to be used for this message
      * @param msg Message to be logged.
      */
@@ -344,16 +344,16 @@ public interface IPublisherProcessor extends ISubsystem {
     public void log(int level, String msg);
 
     /**
-     * 
+     *
      * Returns LdapConnModule belonging to this Processor.
-     * 
+     *
      * @return LdapConnModule.
      */
     public ILdapConnModule getLdapConnModule();
 
     /**
      * Sets the LdapConnModule belonging to this Processor.
-     * 
+     *
      * @param m ILdapConnModule.
      */
     public void setLdapConnModule(ILdapConnModule m);
diff --git a/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java b/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java
index b70a0626d..352ec02a8 100644
--- a/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java
+++ b/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java
@@ -22,14 +22,14 @@ import com.netscape.certsrv.ldap.ELdapException;
 /**
  * Interface for a publisher that has the capability of publishing
  * cross certs
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IXcertPublisherProcessor extends IPublisherProcessor {
 
     /**
      * Publish crossCertificatePair.
-     * 
+     *
      * @param pair Byte array representing cert pair.
      * @exception EldapException publish failed due to Ldap error.
      */
diff --git a/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java b/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java
index 84a866095..1c2286a0d 100644
--- a/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java
+++ b/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.publish;
  * Class that represents the result of a Ldap Mapping operation.
  * certificate map result:
  * Represented by a mapped entry as a DN and whether entry has the certificate.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class LdapCertMapResult {
@@ -38,7 +38,7 @@ public class LdapCertMapResult {
 
     /**
      * Gets DN from the result.
-     * 
+     *
      * @return Distinguished Name.
      */
     public String getDn() {
@@ -47,7 +47,7 @@ public class LdapCertMapResult {
 
     /**
      * Gets whether the ldap entry had a certificate from result.
-     * 
+     *
      * @return true if cert is present, false otherwise.
      */
     public boolean hasCert() {
diff --git a/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java b/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java
index b193e1b5f..3a489bce7 100644
--- a/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java
+++ b/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java
@@ -22,14 +22,14 @@ import com.netscape.certsrv.base.Plugin;
 /**
  * This class represents a registered mapper plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class MapperPlugin extends Plugin {
 
     /**
      * Constructs a MapperPlugin based on a name and a path.
-     * 
+     *
      * @param id Name of plugin.
      * @param path Classpath of plugin.
      */
diff --git a/base/common/src/com/netscape/certsrv/publish/MapperProxy.java b/base/common/src/com/netscape/certsrv/publish/MapperProxy.java
index 95dc98d9c..df549e354 100644
--- a/base/common/src/com/netscape/certsrv/publish/MapperProxy.java
+++ b/base/common/src/com/netscape/certsrv/publish/MapperProxy.java
@@ -18,9 +18,9 @@
 package com.netscape.certsrv.publish;
 
 /**
- * 
+ *
  * Class representing a LdapMapper.
- * 
+ *
  * @version $Revision$ $Date$
  */
 
@@ -29,9 +29,9 @@ public class MapperProxy {
     private ILdapMapper mMapper;
 
     /**
-     * 
+     *
      * Contructs MapperProxy .
-     * 
+     *
      * @param enable Enabled or not.
      * @param mapper Corresponding ILdapMapper object.
      */
@@ -41,9 +41,9 @@ public class MapperProxy {
     }
 
     /**
-     * 
+     *
      * Returns if enabled.
-     * 
+     *
      * @return true if enabled, otherwise false.
      */
     public boolean isEnable() {
@@ -51,9 +51,9 @@ public class MapperProxy {
     }
 
     /**
-     * 
+     *
      * Returns ILdapMapper object.
-     * 
+     *
      * @return Intance of ILdapMapper object.
      */
     public ILdapMapper getMapper() {
diff --git a/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java b/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java
index 5a163b80c..173643a6b 100644
--- a/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java
+++ b/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java
@@ -22,15 +22,15 @@ import com.netscape.certsrv.base.Plugin;
 /**
  * This class represents a registered publisher plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PublisherPlugin extends Plugin {
 
     /**
-     * 
+     *
      * Constructs a PublisherPlugin based on name and classpath.
-     * 
+     *
      * @param id name of plugin.
      * @param path Classpath of plugin.
      */
diff --git a/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java b/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java
index eb71f3e56..8c05d7ce9 100644
--- a/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java
+++ b/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java
@@ -18,9 +18,9 @@
 package com.netscape.certsrv.publish;
 
 /**
- * 
+ *
  * Class representing a proxy for a ILdapPublisher.
- * 
+ *
  * @version $Revision$ $Date$
  */
 
@@ -29,9 +29,9 @@ public class PublisherProxy {
     private ILdapPublisher mPublisher;
 
     /**
-     * 
+     *
      * Constructs a PublisherProxy based on a ILdapPublisher object and enabled boolean.
-     * 
+     *
      * @param enable Proxy is enabled or not.
      * @param publisher Corresponding ILdapPublisher object.
      */
@@ -42,7 +42,7 @@ public class PublisherProxy {
 
     /**
      * Return if enabled or not.
-     * 
+     *
      * @return true if enabled, otherwise false.
      */
     public boolean isEnable() {
@@ -51,7 +51,7 @@ public class PublisherProxy {
 
     /**
      * Return ILdapPublisher object.
-     * 
+     *
      * @return Instance of ILdapPublisher.
      */
     public ILdapPublisher getPublisher() {
diff --git a/base/common/src/com/netscape/certsrv/publish/RulePlugin.java b/base/common/src/com/netscape/certsrv/publish/RulePlugin.java
index b37a24d51..7856fc7d3 100644
--- a/base/common/src/com/netscape/certsrv/publish/RulePlugin.java
+++ b/base/common/src/com/netscape/certsrv/publish/RulePlugin.java
@@ -22,15 +22,15 @@ import com.netscape.certsrv.base.Plugin;
 /**
  * This class represents a registered Publishing Rule plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RulePlugin extends Plugin {
 
     /**
-     * 
+     *
      * Constructs a RulePlugin based on name and classpath.
-     * 
+     *
      * @param id name of RulePlugin.
      * @param path Classpath of RulePlugin.
      */
diff --git a/base/common/src/com/netscape/certsrv/ra/IRAService.java b/base/common/src/com/netscape/certsrv/ra/IRAService.java
index 4bab4745c..8a851d918 100644
--- a/base/common/src/com/netscape/certsrv/ra/IRAService.java
+++ b/base/common/src/com/netscape/certsrv/ra/IRAService.java
@@ -25,21 +25,21 @@ import com.netscape.certsrv.request.IService;
 /**
  * An interface representing a RA request services.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRAService extends IService {
 
     /**
      * Services request.
-     * 
+     *
      * @param req request data
      */
     public boolean serviceRequest(IRequest req);
 
     /**
      * Services profile request.
-     * 
+     *
      * @param request profile enrollment request information
      * @exception EBaseException failed to service profile enrollment request
      */
@@ -48,14 +48,14 @@ public interface IRAService extends IService {
 
     /**
      * Returns CA connector.
-     * 
+     *
      * @return CA connector
      */
     public IConnector getCAConnector();
 
     /**
      * Returns KRA connector.
-     * 
+     *
      * @return KRA connector
      */
     public IConnector getKRAConnector();
diff --git a/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java b/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java
index 8302e2d23..4f121378b 100644
--- a/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java
+++ b/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.request.IRequestQueue;
  * An interface represents a Registration Authority that is
  * responsible for certificate enrollment operations.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRegistrationAuthority extends ISubsystem {
@@ -55,14 +55,14 @@ public interface IRegistrationAuthority extends ISubsystem {
 
     /**
      * Retrieves the request queue of this registration authority.
-     * 
+     *
      * @return RA's request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Retrieves the publishing processor of this registration authority.
-     * 
+     *
      * @return RA's publishing processor
      */
     public IPublisherProcessor getPublisherProcessor();
@@ -76,42 +76,42 @@ public interface IRegistrationAuthority extends ISubsystem {
 
     /**
      * Retrieves the RA certificate.
-     * 
+     *
      * @return the RA certificate
      */
     public org.mozilla.jss.crypto.X509Certificate getRACert();
 
     /**
      * Retrieves the request in queue listener.
-     * 
+     *
      * @return the request in queue listener
      */
     public IRequestListener getRequestInQListener();
 
     /**
      * Retrieves the request listener for issued certificates.
-     * 
+     *
      * @return the request listener for issued certificates
      */
     public IRequestListener getCertIssuedListener();
 
     /**
      * Retrieves the request listener for revoked certificates.
-     * 
+     *
      * @return the request listener for revoked certificates
      */
     public IRequestListener getCertRevokedListener();
 
     /**
      * Returns the nickname of the RA certificate.
-     * 
+     *
      * @return the nickname of the RA certificate
      */
     public String getNickname();
 
     /**
      * Retrieves the nickname of the RA certificate from configuration store.
-     * 
+     *
      * @return the nickname of the RA certificate
      * @exception EBaseException failed to get nickname
      */
@@ -119,28 +119,28 @@ public interface IRegistrationAuthority extends ISubsystem {
 
     /**
      * Sets the new nickname of the RA certifiate.
-     * 
+     *
      * @param name new nickname
      */
     public void setNewNickName(String name);
 
     /**
      * Sets the nickname of the RA certifiate.
-     * 
+     *
      * @param str nickname
      */
     public void setNickname(String str);
 
     /**
      * Retrieves the default validity period.
-     * 
+     *
      * @return the default validity length in days
      */
     public long getDefaultValidity();
 
     /**
      * Retrieves the issuer name of this registration authority.
-     * 
+     *
      * @return the issuer name of this registration authority
      */
     public X500Name getX500Name();
@@ -148,14 +148,14 @@ public interface IRegistrationAuthority extends ISubsystem {
     /**
      * Retrieves the RA service object that is responsible for
      * processing requests.
-     * 
+     *
      * @return RA service object
      */
     public IRAService getRAService();
 
     /**
      * Retrieves the request listener by name.
-     * 
+     *
      * @param name request listener name
      * @return the request listener
      */
@@ -163,7 +163,7 @@ public interface IRegistrationAuthority extends ISubsystem {
 
     /**
      * Retrieves all request listeners.
-     * 
+     *
      * @return name enumeration of all request listeners
      */
     public Enumeration getRequestListenerNames();
diff --git a/base/common/src/com/netscape/certsrv/registry/ERegistryException.java b/base/common/src/com/netscape/certsrv/registry/ERegistryException.java
index 5d2e2c91c..fe09f8d4b 100644
--- a/base/common/src/com/netscape/certsrv/registry/ERegistryException.java
+++ b/base/common/src/com/netscape/certsrv/registry/ERegistryException.java
@@ -21,7 +21,7 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * This represents a registry exception.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ERegistryException extends EBaseException {
@@ -33,7 +33,7 @@ public class ERegistryException extends EBaseException {
 
     /**
      * Constructs a registry exception.
-     * 
+     *
      * @param msg message carried along with the exception
      */
     public ERegistryException(String msg) {
diff --git a/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java b/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java
index 8e6a87365..ff1aa574a 100644
--- a/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java
+++ b/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java
@@ -25,17 +25,17 @@ import java.util.Locale;
  * name and description are information
  * for end-users.
  * 

- * 
+ *
  * The class name can be used to create an instance of the plugin.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPluginInfo {
 
     /**
      * Retrieves the localized plugin name.
-     * 
+     *
      * @param locale end-user locale
      * @return plugin name
      */
@@ -43,7 +43,7 @@ public interface IPluginInfo {
 
     /**
      * Retrieves the localized plugin description.
-     * 
+     *
      * @param locale end-user locale
      * @return plugin description
      */
@@ -54,7 +54,7 @@ public interface IPluginInfo {
      * Instance of plugin can be created with
      * 

      * Class.forName(info.getClassName());
-     * 
+     *
      * @return java class name
      */
     public String getClassName();
diff --git a/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java b/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java
index 1c85aeba9..4f014d3f3 100644
--- a/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java
+++ b/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java
@@ -25,10 +25,10 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * This represents the registry subsystem that manages
  * mulitple types of plugin information.
- * 
+ *
  * The plugin information includes id, name,
  * classname, and description.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPluginRegistry extends ISubsystem {
@@ -37,21 +37,21 @@ public interface IPluginRegistry extends ISubsystem {
 
     /**
      * Returns handle to the registry configuration file.
-     * 
+     *
      * @return configuration store of registry subsystem
      */
     public IConfigStore getFileConfigStore();
 
     /**
      * Returns all type names.
-     * 
+     *
      * @return a list of String-based names
      */
     public Enumeration getTypeNames();
 
     /**
      * Returns a list of plugin identifiers of the given type.
-     * 
+     *
      * @param type plugin type
      * @return a list of plugin IDs
      */
@@ -59,7 +59,7 @@ public interface IPluginRegistry extends ISubsystem {
 
     /**
      * Retrieves the plugin information.
-     * 
+     *
      * @param type plugin type
      * @param id plugin id
      * @return plugin info
@@ -68,7 +68,7 @@ public interface IPluginRegistry extends ISubsystem {
 
     /**
      * Adds plugin info.
-     * 
+     *
      * @param type plugin type
      * @param id plugin id
      * @param info plugin info
diff --git a/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java b/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
index a50996f2b..98338601a 100644
--- a/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
+++ b/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.publish.IPublisherProcessor;
 /**
  * The ARequestNotifier class implements the IRequestNotifier interface,
  * which notifies all registered request listeners.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ARequestNotifier implements IRequestNotifier {
@@ -106,18 +106,18 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Registers a request listener.
-     * 
+     *
      * @param listener listener to be registered
      */
     public void registerListener(IRequestListener listener) {
         // XXX should check for duplicates here or allow listeners
-        // to register twice and call twice ? 
+        // to register twice and call twice ?
         mListeners.put(listener.getClass().getName(), listener);
     }
 
     /**
      * Registers a request listener.
-     * 
+     *
      * @param name listener name
      * @param listener listener to be registered
      */
@@ -127,18 +127,18 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Removes listener from the list of registered listeners.
-     * 
+     *
      * @param listener listener to be removed from the list
      */
     public void removeListener(IRequestListener listener) {
         // XXX should check for duplicates here or allow listeners
-        // to register twice and call twice ? 
+        // to register twice and call twice ?
         mListeners.remove(listener.getClass().getName());
     }
 
     /**
      * Gets list of listener names.
-     * 
+     *
      * @return enumeration of listener names
      */
     public Enumeration getListenerNames() {
@@ -147,7 +147,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Removes listener from the list of registered listeners.
-     * 
+     *
      * @param name listener name to be removed from the list
      */
     public void removeListener(String name) {
@@ -156,7 +156,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets listener from the list of registered listeners.
-     * 
+     *
      * @param name listener name
      * @return listener
      */
@@ -166,7 +166,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets list of listeners.
-     * 
+     *
      * @return enumeration of listeners
      */
     public Enumeration getListeners() {
@@ -196,7 +196,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets request from publishing queue.
-     * 
+     *
      * @return request
      */
     public synchronized IRequest getRequest() {
@@ -232,7 +232,7 @@ public class ARequestNotifier implements IRequestNotifier {
                     if (!(requestType.equals(IRequest.ENROLLMENT_REQUEST) ||
                             requestType.equals(IRequest.RENEWAL_REQUEST) ||
                             requestType.equals(IRequest.REVOCATION_REQUEST) ||
-                            requestType.equals(IRequest.CMCREVOKE_REQUEST) || 
+                            requestType.equals(IRequest.CMCREVOKE_REQUEST) ||
                             requestType.equals(IRequest.UNREVOCATION_REQUEST))) {
                         continue;
                     }
@@ -287,7 +287,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets number of requests in publishing queue.
-     * 
+     *
      * @return number of requests in publishing queue
      */
     public int getNumberOfRequests() {
@@ -296,7 +296,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Checks if publishing queue is enabled.
-     * 
+     *
      * @return true if publishing queue is enabled, false otherwise
      */
     public boolean isPublishingQueueEnabled() {
@@ -305,7 +305,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Removes a notifier thread from the pool of publishing queue threads.
-     * 
+     *
      * @param notifierThread Thread
      */
     public void removeNotifierThread(Thread notifierThread) {
@@ -320,7 +320,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Notifies all registered listeners about request.
-     * 
+     *
      * @param r request
      */
     public void notify(IRequest r) {
@@ -345,7 +345,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
                 /*
                  CMS.getLogger().log(
-                 ILogger.EV_SYSTEM, ILogger.S_REQQUEUE, ILogger.LL_FAILURE, 
+                 ILogger.EV_SYSTEM, ILogger.S_REQQUEUE, ILogger.LL_FAILURE,
                  "Could not run listeners for request " + r.getRequestId() +
                  ". Error " + e + ";" + e.getMessage());
                  */
@@ -355,7 +355,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Checks for available publishing connections
-     * 
+     *
      * @return true if there are available publishing connections, false otherwise
      */
     private boolean checkAvailablePublishingConnections() {
@@ -390,7 +390,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Checks if more publishing threads can be added.
-     * 
+     *
      * @return true if more publishing threads can be added, false otherwise
      */
     private boolean morePublishingThreads() {
@@ -417,7 +417,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Notifies all registered listeners about request.
-     * 
+     *
      * @param r request
      */
     public synchronized void addToNotify(IRequest r) {
@@ -449,7 +449,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Recovers publishing queue.
-     * 
+     *
      * @param id request request
      */
     public void recoverPublishingQueue(String id) {
@@ -490,7 +490,7 @@ class RunListeners implements Runnable {
 
     /**
      * RunListeners class constructor.
-     * 
+     *
      * @param r request
      * @param listeners list of listeners
      */
@@ -501,7 +501,7 @@ class RunListeners implements Runnable {
 
     /**
      * RunListeners class constructor.
-     * 
+     *
      * @param r request
      * @param listeners list of listeners
      */
diff --git a/base/common/src/com/netscape/certsrv/request/AgentApproval.java b/base/common/src/com/netscape/certsrv/request/AgentApproval.java
index eb3ca06a8..cfe52b3b0 100644
--- a/base/common/src/com/netscape/certsrv/request/AgentApproval.java
+++ b/base/common/src/com/netscape/certsrv/request/AgentApproval.java
@@ -23,7 +23,7 @@ import java.util.Date;
 /**
  * The AgentApproval class contains the record of a
  * single agent approval.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AgentApproval
@@ -36,7 +36,7 @@ public class AgentApproval
 
     /**
      * Returns the approving agent's user name.
-     * 
+     *
      * @return an identifier for the agent
      */
     public String getUserName() {
@@ -45,7 +45,7 @@ public class AgentApproval
 
     /**
      * Returns the date of the approval
-     * 
+     *
      * @return date and time of the approval
      */
     public Date getDate() {
@@ -54,7 +54,7 @@ public class AgentApproval
 
     /**
      * AgentApproval class constructor
-     * 
+     *
      * @param userName user name of the approving agent
      */
     AgentApproval(String userName) {
diff --git a/base/common/src/com/netscape/certsrv/request/AgentApprovals.java b/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
index d6fa41b8f..2c957b6ee 100644
--- a/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
+++ b/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
@@ -25,7 +25,7 @@ import java.util.Vector;
 /**
  * A collection of AgentApproval objects.
  * 
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AgentApprovals
@@ -41,7 +41,7 @@ public class AgentApprovals
      * 

      * If an approval is already present for this user, it is updated with a new date. Otherwise a new value is
      * inserted.
-     * 
+     *
      * @param userName user name of the approving agent
      */
     public void addApproval(String userName) {
@@ -61,7 +61,7 @@ public class AgentApprovals
      * Removes an approval from approval's list.
      * 

      * If there is no approval for this userName, this call does nothing.
-     * 
+     *
      * @param userName user name of the approving agent
      */
     public void removeApproval(String userName) {
@@ -73,7 +73,7 @@ public class AgentApprovals
 
     /**
      * Finds an existing AgentApproval for the named user.
-     * 
+     *
      * @param userName user name of the approving agent
      * @return an AgentApproval object
      */
@@ -93,7 +93,7 @@ public class AgentApprovals
 
     /**
      * Returns an enumeration of the agent approvals
-     * 
+     *
      * @return an enumeration of the agent approvals
      */
     public Enumeration elements() {
@@ -107,7 +107,7 @@ public class AgentApprovals
      * where epoch is the date.getTime()
      * 

      * This is used for serialization in Request.setExtData().
-     * 
+     *
      * @return The string vector.
      */
     public Vector toStringVector() {
@@ -123,7 +123,7 @@ public class AgentApprovals
     /**
      * Recreates an AgentApprovals instance from a Vector of strings that
      * was created by toStringVector().
-     * 
+     *
      * @param stringVector The vector of strings to translate
      * @return the AgentApprovals instance or null if it can't be translated.
      */
diff --git a/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java b/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
index 32c3f53a9..f63fc0076 100644
--- a/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
+++ b/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
@@ -22,7 +22,7 @@ package com.netscape.certsrv.request;
  * This version (currently) doesn't supply any additional
  * data, but is implementated only for testing and
  * demonstration purposes.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IEnrollmentRequest
diff --git a/base/common/src/com/netscape/certsrv/request/INotify.java b/base/common/src/com/netscape/certsrv/request/INotify.java
index 938cd855b..aaeb44051 100644
--- a/base/common/src/com/netscape/certsrv/request/INotify.java
+++ b/base/common/src/com/netscape/certsrv/request/INotify.java
@@ -23,7 +23,7 @@ package com.netscape.certsrv.request;
  * this interface may be registered with a IRequestQueue.
  * The interface will be invoked when a request is completely
  * serviced by the IService object.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface INotify {
@@ -33,7 +33,7 @@ public interface INotify {
      * The implementation may use values stored in the IRequest
      * object, and may implement any type publishing (such as email
      * or writing values into a directory)
-     * 
+     *
      * @param request the request that is completed.
      */
     public void notify(IRequest request);
diff --git a/base/common/src/com/netscape/certsrv/request/IPolicy.java b/base/common/src/com/netscape/certsrv/request/IPolicy.java
index 9998abee7..647d8f0c8 100644
--- a/base/common/src/com/netscape/certsrv/request/IPolicy.java
+++ b/base/common/src/com/netscape/certsrv/request/IPolicy.java
@@ -28,7 +28,7 @@ package com.netscape.certsrv.request;
  * of agents allowed to perform further processing. If none
  * is set, a default value ("defaultAgentGroup") will be
  * set instead.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPolicy {
@@ -41,7 +41,7 @@ public interface IPolicy {
      * The policy can update fields in the request, to add additional values or to restrict the values to pre-determined
      * ranges.
      * 

-     * 
+     *
      * @param request
      *            the request to check
      * @return
diff --git a/base/common/src/com/netscape/certsrv/request/IRequest.java b/base/common/src/com/netscape/certsrv/request/IRequest.java
index 8759c1490..ded0145ab 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequest.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequest.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.base.IAttrSet;
 
 /**
  * An interface that defines abilities of request objects,
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequest {
@@ -75,7 +75,7 @@ public interface IRequest {
     public static final String REQUESTOR_EMAIL = "csrRequestorEmail";
     public static final String REQUESTOR_COMMENTS = "csrRequestorComments";
 
-    // request attributes for all 
+    // request attributes for all
     public static final String AUTH_TOKEN = "AUTH_TOKEN";
     public static final String HTTP_PARAMS = "HTTP_PARAMS";
     public static final String HTTP_HEADERS = "HTTP_HEADERS";
@@ -111,7 +111,7 @@ public interface IRequest {
     public static final String REQUEST_TRUSTEDMGR_PRIVILEGE = "requestTrustedManagerPrivilege";
     public static final String FINGERPRINTS = "fingerprints";
 
-    // enrollment request values 
+    // enrollment request values
     public static final String SERVER_CERT = "server";
     public static final String CLIENT_CERT = "client";
     public static final String CA_CERT = "ca";
@@ -185,14 +185,14 @@ public interface IRequest {
 
     /**
      * Gets the primary identifier for this request.
-     * 
+     *
      * @return request id
      */
     RequestId getRequestId();
 
     /**
      * Gets the current state of this request.
-     * 
+     *
      * @return request status
      */
     RequestStatus getRequestStatus();
@@ -205,7 +205,7 @@ public interface IRequest {
      * The sourceId should be unique so that it can be used to retrieve request later without knowing the locally
      * assigned primary id (RequestID)
      * 

-     * 
+     *
      * @return
      *         the sourceId value (or null if none has been set)
      */
@@ -216,21 +216,21 @@ public interface IRequest {
      * in the database for this change to take effect. This can be done
      * by calling IRequestQueue.update() or by performing one of the
      * other operations like processRequest or approveRequest.
-     * 
+     *
      * @param id source id for this request
      */
     public void setSourceId(String id);
 
     /**
      * Gets the current owner of this request.
-     * 
+     *
      * @return request owner
      */
     public String getRequestOwner();
 
     /**
      * Sets the current owner of this request.
-     * 
+     *
      * @param owner
      *            The new owner of this request. If this value is set to null
      *            there will be no current owner
@@ -239,28 +239,28 @@ public interface IRequest {
 
     /**
      * Gets the type of this request.
-     * 
+     *
      * @return request type
      */
     public String getRequestType();
 
     /**
      * Sets the type or this request.
-     * 
+     *
      * @param type request type
      */
     public void setRequestType(String type);
 
     /**
      * Gets the version of this request.
-     * 
+     *
      * @return request version
      */
     public String getRequestVersion();
 
     /**
      * Gets the time this request was created.
-     * 
+     *
      * @return request creation time
      */
     Date getCreationTime();
@@ -268,7 +268,7 @@ public interface IRequest {
     /**
      * Gets the time this request was last modified (defined
      * as updated in the queue) (See IRequestQueue.update)
-     * 
+     *
      * @return request last modification time
      */
     Date getModificationTime();
@@ -291,42 +291,42 @@ public interface IRequest {
     /**
      * Copies meta attributes (excluding request Id, etc.) of another request
      * to this request.
-     * 
+     *
      * @param req another request
      */
     public void copyContents(IRequest req);
 
     /**
      * Gets context of this request.
-     * 
+     *
      * @return request context
      */
     public String getContext();
 
     /**
      * Sets context of this request.
-     * 
+     *
      * @param ctx request context
      */
     public void setContext(String ctx);
 
     /**
      * Sets status of this request.
-     * 
+     *
      * @param s request status
      */
     public void setRequestStatus(RequestStatus s);
 
     /**
      * Gets status of connector transfer.
-     * 
+     *
      * @return status of connector transfer
      */
     public boolean isSuccess();
 
     /**
      * Gets localized error message from connector transfer.
-     * 
+     *
      * @param locale request locale
      * @return error message from connector transfer
      */
@@ -334,15 +334,15 @@ public interface IRequest {
 
     /**************************************************************
      * ExtData data methods:
-     * 
+     *
      * These methods should be used in place of the mAttrData methods
      * deprecated above.
-     * 
+     *
      * These methods all store Strings in LDAP. This means they can no longer
      * be used as a garbage dump for all sorts of objects. A limited number
      * of helper methods are provided for Vectors/Arrays/Hashtables but the
      * keys and values for all of these should be Strings.
-     * 
+     *
      * The keys are used in the LDAP attribute names, and so much obey LDAP
      * key syntax rules: A-Za-z0-9 and hyphen.
      */
@@ -350,7 +350,7 @@ public interface IRequest {
     /**
      * Sets an Extended Data string-key string-value pair.
      * All keys are lower cased because LDAP does not preserve case.
-     * 
+     *
      * @param key The extended data key
      * @param value The extended data value
      * @return false if key is invalid.
@@ -361,7 +361,7 @@ public interface IRequest {
      * Sets an Extended Data string-key string-value pair.
      * The key and hashtable keys are all lowercased because LDAP does not
      * preserve case.
-     * 
+     *
      * @param key The extended data key
      * @param value The extended data value
      *            the Hashtable contains an illegal key.
@@ -372,7 +372,7 @@ public interface IRequest {
     /**
      * Checks whether the key is storing a simple String value, or a complex
      * (Vector/hashtable) structure.
-     * 
+     *
      * @param key The key to check for.
      * @return True if the key maps to a string. False if it maps to a
      *         hashtable.
@@ -383,7 +383,7 @@ public interface IRequest {
      * Returns the String value stored for the String key. Returns null
      * if not found. Throws exception if key stores a complex data structure
      * (Vector/Hashtable).
-     * 
+     *
      * @param key The key to lookup (case-insensitive)
      * @return The value associated with the key. null if not found or if the
      *         key is associated with a non-string value.
@@ -393,12 +393,12 @@ public interface IRequest {
     /**
      * Returns the Hashtable value for the String key. Returns null if not
      * found. Throws exception if the key stores a String value.
-     * 
+     *
      * The Hashtable returned is actually a subclass of Hashtable that
      * lowercases all keys used to access the hashtable. Its purpose is to
      * to make lookups seemless, but be aware it is not a normal hashtable and
      * might behave strangely in some cases (e.g., iterating keys)
-     * 
+     *
      * @param key The key to lookup (case-insensitive)
      * @return The hashtable value associated with the key. null if not found
      *         or if the key is associated with a string-value.
@@ -407,7 +407,7 @@ public interface IRequest {
 
     /**
      * Returns all the keys stored in ExtData
-     * 
+     *
      * @return Enumeration of all the keys.
      */
     public Enumeration getExtDataKeys();
@@ -415,7 +415,7 @@ public interface IRequest {
     /**
      * Stores an array of Strings in ExtData.
      * The indices of the array are used as subkeys.
-     * 
+     *
      * @param key the ExtData key
      * @param values the array of string values to store
      * @return False if the key is invalid
@@ -426,7 +426,7 @@ public interface IRequest {
      * Retrieves an array of Strings stored with the key.
      * This only works if the data was stored as an array. If the data
      * is not correct, this method will return null.
-     * 
+     *
      * @param key The ExtData key
      * @return The value. Null if not found or the data isn't an array.
      */
@@ -434,7 +434,7 @@ public interface IRequest {
 
     /**
      * Removes the value of an extdata attribute.
-     * 
+     *
      * @param type key to delete
      */
     void deleteExtData(String type);
@@ -447,9 +447,9 @@ public interface IRequest {
      * Helper method to add subkey/value pair to a ExtData hashtable.
      * If the hashtable it exists, the subkey/value are added to it. Otherwise
      * a new hashtable is created.
-     * 
+     *
      * The key and subkey are lowercased because LDAP does not preserve case.
-     * 
+     *
      * @param key The top level key
      * @param subkey The hashtable data key
      * @param value The hashtable value
@@ -459,7 +459,7 @@ public interface IRequest {
 
     /**
      * Helper method to retrieve an individual value from a Hashtable value.
-     * 
+     *
      * @param key the ExtData key
      * @param subkey the key in the Hashtable value (case insensitive)
      * @return the value corresponding to the key/subkey
@@ -469,7 +469,7 @@ public interface IRequest {
     /**
      * Helper method to store an Integer value. It converts the integer value
      * to a String and stores it.
-     * 
+     *
      * @param key the ExtData key
      * @param value the Integer to store (as a String)
      * @return False if the key or value are invalid
@@ -479,7 +479,7 @@ public interface IRequest {
     /**
      * Retrieves an integer value. Returns null if not found or
      * the value can't be represented as an Integer.
-     * 
+     *
      * @param key The ExtData key to lookup
      * @return The integer value or null if not possible.
      */
@@ -487,7 +487,7 @@ public interface IRequest {
 
     /**
      * Stores an array of Integers
-     * 
+     *
      * @param key The extdata key
      * @param values The array of Integers to store
      * @return false if the key is invalid
@@ -496,7 +496,7 @@ public interface IRequest {
 
     /**
      * Retrieves an array of Integers
-     * 
+     *
      * @param key The extdata key
      * @return The array of Integers or null on error.
      */
@@ -505,7 +505,7 @@ public interface IRequest {
     /**
      * Helper method to store a BigInteger value. It converts the integer value
      * to a String and stores it.
-     * 
+     *
      * @param key the ExtData key
      * @param value the BigInteger to store (as a String)
      * @return False if the key or value are invalid
@@ -515,7 +515,7 @@ public interface IRequest {
     /**
      * Retrieves a BigInteger value. Returns null if not found or
      * the value can't be represented as a BigInteger.
-     * 
+     *
      * @param key The ExtData key to lookup
      * @return The integer value or null if not possible.
      */
@@ -523,7 +523,7 @@ public interface IRequest {
 
     /**
      * Stores an array of BigIntegers
-     * 
+     *
      * @param key The extdata key
      * @param values The array of BigIntegers to store
      * @return false if the key is invalid
@@ -532,7 +532,7 @@ public interface IRequest {
 
     /**
      * Retrieves an array of BigIntegers
-     * 
+     *
      * @param key The extdata key
      * @return The array of BigIntegers or null on error.
      */
@@ -541,7 +541,7 @@ public interface IRequest {
     /**
      * Helper method to store an exception.
      * It actually stores the e.toString() value.
-     * 
+     *
      * @param key The ExtData key to store under
      * @param e The throwable to store
      * @return False if the key is invalid.
@@ -550,7 +550,7 @@ public interface IRequest {
 
     /**
      * Stores a byte array as base64 encoded text
-     * 
+     *
      * @param key The ExtData key
      * @param data The byte array to store
      * @return False if the key is invalid.
@@ -559,7 +559,7 @@ public interface IRequest {
 
     /**
      * Retrieves the data, which should be base64 encoded as a byte array.
-     * 
+     *
      * @param key The ExtData key
      * @return The data, or null if an error occurs.
      */
@@ -568,7 +568,7 @@ public interface IRequest {
     /**
      * Stores a X509CertImpl as base64 encoded text using the getEncode()
      * method.
-     * 
+     *
      * @param key The ExtData key
      * @param data certificate
      * @return False if the key is invalid.
@@ -577,7 +577,7 @@ public interface IRequest {
 
     /**
      * Retrieves the data, which should be base64 encoded as a byte array.
-     * 
+     *
      * @param key The ExtData key
      * @return The data, or null if an error occurs.
      */
@@ -585,7 +585,7 @@ public interface IRequest {
 
     /**
      * Stores an array of X509CertImpls as a base64 encoded text.
-     * 
+     *
      * @param key The ExtData key
      * @param data The array of certs to store
      * @return False if the key or data is invalid.
@@ -594,7 +594,7 @@ public interface IRequest {
 
     /**
      * Retrieves an array of X509CertImpl.
-     * 
+     *
      * @param key The ExtData key
      * @return Array of certs, or null if not found or invalid data.
      */
@@ -603,7 +603,7 @@ public interface IRequest {
     /**
      * Stores a X509CertInfo as base64 encoded text using the getEncodedInfo()
      * method.
-     * 
+     *
      * @param key The ExtData key
      * @param data certificate
      * @return False if the key is invalid.
@@ -612,7 +612,7 @@ public interface IRequest {
 
     /**
      * Retrieves the data, which should be base64 encoded as a byte array.
-     * 
+     *
      * @param key The ExtData key
      * @return The data, or null if an error occurs.
      */
@@ -620,7 +620,7 @@ public interface IRequest {
 
     /**
      * Stores an array of X509CertInfos as a base64 encoded text.
-     * 
+     *
      * @param key The ExtData key
      * @param data The array of cert infos to store
      * @return False if the key or data is invalid.
@@ -629,7 +629,7 @@ public interface IRequest {
 
     /**
      * Retrieves an array of X509CertInfo.
-     * 
+     *
      * @param key The ExtData key
      * @return Array of cert infos, or null if not found or invalid data.
      */
@@ -637,7 +637,7 @@ public interface IRequest {
 
     /**
      * Stores an array of RevokedCertImpls as a base64 encoded text.
-     * 
+     *
      * @param key The ExtData key
      * @param data The array of cert infos to store
      * @return False if the key or data is invalid.
@@ -646,7 +646,7 @@ public interface IRequest {
 
     /**
      * Retrieves an array of RevokedCertImpl.
-     * 
+     *
      * @param key The ExtData key
      * @return Array of cert infos, or null if not found or invalid data.
      */
@@ -656,10 +656,10 @@ public interface IRequest {
      * Stores the contents of the String Vector in ExtData.
      * TODO - as soon as we're allowed to use JDK5 this should be changed
      * to use Vector data.
-     * 
+     *
      * Note that modifications to the Vector are not automatically reflected
      * after it is stored. You must call set() again to make the changes.
-     * 
+     *
      * @param key The extdata key to store
      * @param data A vector of Strings to store
      * @return False on key error or invalid data.
@@ -671,7 +671,7 @@ public interface IRequest {
      * Note that the returned vector, if modified, does not make changes
      * in ExtData. You must call setExtData() to propogate changes back
      * into ExtData.
-     * 
+     *
      * @param key The extdata key
      * @return A Vector of strings, or null on error.
      */
@@ -680,7 +680,7 @@ public interface IRequest {
     /**
      * Gets boolean value for given type or default value
      * if attribute is absent.
-     * 
+     *
      * @param type attribute type
      * @param defVal default attribute value
      * @return attribute value
@@ -690,7 +690,7 @@ public interface IRequest {
     /**
      * Gets extdata boolean value for given type or default value
      * if attribute is absent for this request with this prefix.
-     * 
+     *
      * @param prefix request prefix
      * @param type attribute type
      * @param defVal default attribute value
@@ -700,7 +700,7 @@ public interface IRequest {
 
     /**
      * Stores an AuthToken the same as a Hashtable.
-     * 
+     *
      * @param key The ExtData key
      * @param data The authtoken to store
      * @return False if the key or data is invalid.
@@ -709,7 +709,7 @@ public interface IRequest {
 
     /**
      * Retrieves an authtoken.
-     * 
+     *
      * @param key The ExtData key
      * @return AuthToken, or null if not found or invalid data.
      */
@@ -717,7 +717,7 @@ public interface IRequest {
 
     /**
      * Stores a CertificateExtensions in extdata.
-     * 
+     *
      * @param key The ExtData key
      * @param data The CertificateExtensions to store
      * @return False if the key or data is invalid.
@@ -726,7 +726,7 @@ public interface IRequest {
 
     /**
      * Retrieves the CertificateExtensions associated with the key.
-     * 
+     *
      * @param key The ExtData key
      * @return the object, or null if not found or invalid data.
      */
@@ -734,7 +734,7 @@ public interface IRequest {
 
     /**
      * Stores a CertificateSubjectName in extdata.
-     * 
+     *
      * @param key The ExtData key
      * @param data The CertificateSubjectName to store
      * @return False if the key or data is invalid.
@@ -743,7 +743,7 @@ public interface IRequest {
 
     /**
      * Retrieves the CertificateSubjectName associated with the key.
-     * 
+     *
      * @param key The ExtData key
      * @return the object, or null if not found or invalid data.
      */
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestList.java b/base/common/src/com/netscape/certsrv/request/IRequestList.java
index 5f265941a..6c3d113ea 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestList.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestList.java
@@ -23,7 +23,7 @@ import java.util.Enumeration;
  * An interface providing a list of RequestIds that match
  * some criteria. It could be a list of all elements in a
  * queue, or just some defined sub-set.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestList
@@ -35,21 +35,21 @@ public interface IRequestList
      * 

      * Callers should be sure there is another element in the list by calling hasMoreElements first.
      * 

-     * 
+     *
      * @return next request id
      */
     RequestId nextRequestId();
 
     /**
      * Gets next request from the list.
-     * 
+     *
      * @return next request
      */
     public Object nextRequest();
 
     /**
      * Gets next request Object from the list.
-     * 
+     *
      * @return next request
      */
     public IRequest nextRequestObject();
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestListener.java b/base/common/src/com/netscape/certsrv/request/IRequestListener.java
index 8dc8a42a9..9afe0cd73 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestListener.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestListener.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.ISubsystem;
 
 /**
  * An interface that defines abilities of request listener,
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestListener {
@@ -31,7 +31,7 @@ public interface IRequestListener {
     /**
      * Initializes request listener for the specific subsystem
      * and configuration store.
-     * 
+     *
      * @param sub subsystem
      * @param config configuration store
      */
@@ -39,14 +39,14 @@ public interface IRequestListener {
 
     /**
      * Accepts request.
-     * 
+     *
      * @param request request
      */
     public void accept(IRequest request);
 
     /**
      * Sets attribute.
-     * 
+     *
      * @param name attribute name
      * @param val attribute value
      */
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java b/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
index 66bd35432..02e0e814a 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
@@ -21,21 +21,21 @@ import java.util.Enumeration;
 
 /**
  * IRequestNotifier interface defines methods to register listeners,
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestNotifier extends INotify {
 
     /**
      * Registers a request listener.
-     * 
+     *
      * @param listener listener to be registered
      */
     public void registerListener(IRequestListener listener);
 
     /**
      * Registers a request listener.
-     * 
+     *
      * @param name listener name
      * @param listener listener to be registered
      */
@@ -43,28 +43,28 @@ public interface IRequestNotifier extends INotify {
 
     /**
      * Removes listener from the list of registered listeners.
-     * 
+     *
      * @param listener listener to be removed from the list
      */
     public void removeListener(IRequestListener listener);
 
     /**
      * Removes listener from the list of registered listeners.
-     * 
+     *
      * @param name listener name to be removed from the list
      */
     public void removeListener(String name);
 
     /**
      * Gets list of listener names.
-     * 
+     *
      * @return enumeration of listener names
      */
     public Enumeration getListenerNames();
 
     /**
      * Gets listener from the list of registered listeners.
-     * 
+     *
      * @param name listener name
      * @return listener
      */
@@ -72,49 +72,49 @@ public interface IRequestNotifier extends INotify {
 
     /**
      * Gets list of listeners.
-     * 
+     *
      * @return enumeration of listeners
      */
     public Enumeration getListeners();
 
     /**
      * Gets request from publishing queue.
-     * 
+     *
      * @return request
      */
     public IRequest getRequest();
 
     /**
      * Gets number of requests in publishing queue.
-     * 
+     *
      * @return number of requests in publishing queue
      */
     public int getNumberOfRequests();
 
     /**
      * Checks if publishing queue is enabled.
-     * 
+     *
      * @return true if publishing queue is enabled, false otherwise
      */
     public boolean isPublishingQueueEnabled();
 
     /**
      * Removes a notifier thread from the pool of publishing queue threads.
-     * 
+     *
      * @param notifierThread Thread
      */
     public void removeNotifierThread(Thread notifierThread);
 
     /**
      * Notifies all registered listeners about request.
-     * 
+     *
      * @param r request
      */
     public void addToNotify(IRequest r);
 
     /**
      * Sets publishing queue parameters.
-     * 
+     *
      * @param isPublishingQueueEnabled publishing queue switch
      * @param publishingQueuePriorityLevel publishing queue priority level
      * @param maxNumberOfPublishingThreads maximum number of publishing threads
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestQueue.java b/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
index a8f5f7332..844f90f18 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.dbs.repository.IRepository;
  * provides an interface for creating and viewing requests,
  * as well as performing operations on them.
  * 

- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface IRequestQueue {
@@ -45,7 +45,7 @@ public interface IRequestQueue {
      * The request is LOCKED. The caller MUST release the request object by calling releaseRequest().
      * 

      * TODO: provide other required values (such as type and sourceId)
-     * 
+     *
      * @param requestType request type
      * @return new request
      * @exception EBaseException failed to create new request
@@ -61,7 +61,7 @@ public interface IRequestQueue {
      * 

      * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling
      * releaseRequest().
-     * 
+     *
      * @param r request to be cloned
      * @return cloned request
      * @exception EBaseException failed to clone request
@@ -75,7 +75,7 @@ public interface IRequestQueue {
      * to a valid request id.
      * 

      * Errors may be generated for other conditions.
-     * 
+     *
      * @param id request id
      * @return found request
      * @exception EBaseException failed to access request queue
@@ -87,7 +87,7 @@ public interface IRequestQueue {
      * Begins processing for this request. This call
      * is valid only on requests with status BEGIN
      * An error is generated for other cases.
-     * 
+     *
      * @param req request to be processed
      * @exception EBaseException failed to process request
      */
@@ -96,14 +96,14 @@ public interface IRequestQueue {
 
     /**
      * Sets request scheduler.
-     * 
+     *
      * @param scheduler request scheduler
      */
     public void setRequestScheduler(IRequestScheduler scheduler);
 
     /**
      * Gets request scheduler.
-     * 
+     *
      * @return request scheduler
      */
     public IRequestScheduler getRequestScheduler();
@@ -115,7 +115,7 @@ public interface IRequestQueue {
      * 

      * This call might be used by agent servlets that want to copy a previous request, and resubmit it. By putting it
      * into PENDING state, the normal agent screens can be used for further processing.
-     * 
+     *
      * @param req
      *            the request to mark PENDING
      * @exception EBaseException failed to mark request as pending
@@ -131,7 +131,7 @@ public interface IRequestQueue {
      * 

      * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling
      * releaseRequest().
-     * 
+     *
      * @param r request to be cloned
      * @return cloned request mark PENDING
      * @exception EBaseException failed to clone or mark request
@@ -149,7 +149,7 @@ public interface IRequestQueue {
      * 

      * The request processing code adds an AgentApproval to this request that contains the authentication id of the
      * agent. This data is retrieved from the Session object (qv).
-     * 
+     *
      * @param request
      *            the request that is being approved
      * @exception EBaseException failed to approve request
@@ -164,7 +164,7 @@ public interface IRequestQueue {
      * 

      * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the
      * action
-     * 
+     *
      * @param request
      *            the request that is being rejected
      * @exception EBaseException failed to reject request
@@ -179,7 +179,7 @@ public interface IRequestQueue {
      * 

      * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the
      * action
-     * 
+     *
      * @param request
      *            the request that is being canceled
      * @exception EBaseException failed to cancel request
@@ -193,7 +193,7 @@ public interface IRequestQueue {
      * This call can be made after changing a value like source id or owner, to force the new value to be written.
      * 

      * The request must be locked to make this call.
-     * 
+     *
      * @param request
      *            the request that is being updated
      * @exception EBaseException failed to update request
@@ -208,7 +208,7 @@ public interface IRequestQueue {
      * 

      * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
      * object.
-     * 
+     *
      * @return request list
      */
     public IRequestList listRequests();
@@ -221,7 +221,7 @@ public interface IRequestQueue {
      * 

      * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
      * object.
-     * 
+     *
      * @param status request status
      * @return request list
      */
@@ -233,7 +233,7 @@ public interface IRequestQueue {
      * 

      * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
      * object.
-     * 
+     *
      * @param filter search filter
      * @return request list
      */
@@ -245,7 +245,7 @@ public interface IRequestQueue {
      * 

      * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
      * object.
-     * 
+     *
      * @param filter search filter
      * @param maxSize max size to return
      * @return request list
@@ -258,7 +258,7 @@ public interface IRequestQueue {
      * 

      * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search
      * object.
-     * 
+     *
      * @param filter search filter
      * @param maxSize max size to return
      * @param timeLimit timeout value for the search
@@ -269,14 +269,14 @@ public interface IRequestQueue {
     /**
      * Gets requests that are pending on handling by the service
      * 

-     * 
+     *
      * @return list of pending requests
      */
     // public IRequestList listServicePendingRequests();
 
     /**
      * Locates a request from the SourceId.
-     * 
+     *
      * @param id
      *            a unique identifier for the record that is based on the source
      *            of the request, and possibly an identify assigned by the source.
@@ -289,7 +289,7 @@ public interface IRequestQueue {
     /**
      * Locates all requests with a particular SourceId.
      * 

-     * 
+     *
      * @param id
      *            an identifier for the record that is based on the source
      *            of the request
@@ -303,7 +303,7 @@ public interface IRequestQueue {
      * Releases the LOCK on a request obtained from findRequest() or
      * newRequest()
      * 

-     * 
+     *
      * @param r request
      */
     public void releaseRequest(IRequest r);
@@ -311,7 +311,7 @@ public interface IRequestQueue {
     /**
      * Marks as serviced after destination authority has serviced request.
      * Used by connector.
-     * 
+     *
      * @param r request
      */
     public void markAsServiced(IRequest r);
@@ -323,7 +323,7 @@ public interface IRequestQueue {
 
     /**
      * Gets a pageable list of IRequest entries in this queue.
-     * 
+     *
      * @param pageSize page size
      * @return request list
      */
@@ -331,7 +331,7 @@ public interface IRequestQueue {
 
     /**
      * Gets a pageable list of IRequest entries in this queue.
-     * 
+     *
      * @param filter search filter
      * @param pageSize page size
      * @param sortKey the attributes to sort by
@@ -343,7 +343,7 @@ public interface IRequestQueue {
 
     /**
      * Gets a pageable list of IRequest entries in this queue.
-     * 
+     *
      * @param fromId request id to start with
      * @param filter search filter
      * @param pageSize page size
@@ -358,7 +358,7 @@ public interface IRequestQueue {
     /**
      * Gets a pageable list of IRequest entries in this queue. This
      * jumps right to the end of the list
-     * 
+     *
      * @param fromId request id to start with
      * @param jumpToEnd jump to end of list (set fromId to null)
      * @param filter search filter
@@ -373,7 +373,7 @@ public interface IRequestQueue {
 
     /**
      * Retrieves the notifier for pending request.
-     * 
+     *
      * @return notifier for pending request
      */
     public INotify getPendingNotify();
@@ -392,7 +392,7 @@ public interface IRequestQueue {
 
     /**
      * Gets request repository.
-     * 
+     *
      * @return request repository
      */
     public IRepository getRequestRepository();
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestRecord.java b/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
index 53531b133..eba6cabb8 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * It has a set of attributes that are mapped into LDAP
  * attributes for actual directory operations.
  * 

- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface IRequestRecord
@@ -63,21 +63,21 @@ public interface IRequestRecord
 
     /**
      * Gets the request id.
-     * 
+     *
      * @return request id
      */
     public RequestId getRequestId();
 
     /**
      * Gets attribute names of the request.
-     * 
+     *
      * @return list of attribute names
      */
     public Enumeration getAttrNames();
 
     /**
      * Gets the request attribute value by the name.
-     * 
+     *
      * @param name attribute name
      * @return attribute value
      */
@@ -85,7 +85,7 @@ public interface IRequestRecord
 
     /**
      * Sets new attribute for the request.
-     * 
+     *
      * @param name attribute name
      * @param o attribute value
      */
@@ -93,7 +93,7 @@ public interface IRequestRecord
 
     /**
      * Removes attribute from the request.
-     * 
+     *
      * @param name attribute name
      */
     public void delete(String name)
@@ -101,7 +101,7 @@ public interface IRequestRecord
 
     /**
      * Gets attribute list of the request.
-     * 
+     *
      * @return attribute list
      */
     public Enumeration getElements();
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java b/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
index 5012f5b0c..72216fcd3 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
@@ -24,21 +24,21 @@ package com.netscape.certsrv.request;
  * the threads based on the request processing order.
  * The request that enters the request queue first should
  * be processed first.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public interface IRequestScheduler {
 
     /**
      * Request entered the request queue processing.
-     * 
+     *
      * @param r request
      */
     public void requestIn(IRequest r);
 
     /**
      * Request exited the request queue processing.
-     * 
+     *
      * @param r request
      */
     public void requestOut(IRequest r);
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java b/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
index 164e84a37..969be8713 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.EBaseException;
  * This interface defines storage of request objects
  * in the local database.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestSubsystem {
@@ -34,7 +34,7 @@ public interface IRequestSubsystem {
      * (Currently unimplemented. Just use getRequestQueue to create
      * an in-memory queue.)
      * 

-     * 
+     *
      * @param name The name of the queue object. This name can be used
      *            in getRequestQueue to retrieve the queue later.
      * @exception EBaseException failed to create request queue
@@ -50,7 +50,7 @@ public interface IRequestSubsystem {
      * 

      * WARNING: retrieving the same queue twice with result in multi-thread race conditions.
      * 

-     * 
+     *
      * @param name
      *            the name of the request queue. (Ex: "ca" "ra")
      * @param p
@@ -78,7 +78,7 @@ public interface IRequestSubsystem {
      * 

      * WARNING: retrieving the same queue twice with result in multi-thread race conditions.
      * 

-     * 
+     *
      * @param name
      *            the name of the request queue. (Ex: "ca" "ra")
      * @param p
diff --git a/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java b/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
index 540ec679c..23bfd2732 100644
--- a/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
+++ b/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.request;
 /**
  * This interface defines access to request virtual list.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestVirtualList {
@@ -28,14 +28,14 @@ public interface IRequestVirtualList {
     /**
      * Gets the total size of the result set. Elements of the
      * list are numbered from 0..(size-1)
-     * 
+     *
      * @return size of the result set
      */
     int getSize();
 
     /**
      * Gets the element at the specified index
-     * 
+     *
      * @param index index of the element
      * @return specified request
      */
@@ -43,7 +43,7 @@ public interface IRequestVirtualList {
 
     /**
      * Gets the current index
-     * 
+     *
      * @return current index
      */
     int getCurrentIndex();
diff --git a/base/common/src/com/netscape/certsrv/request/IService.java b/base/common/src/com/netscape/certsrv/request/IService.java
index adf2c5095..0756be893 100644
--- a/base/common/src/com/netscape/certsrv/request/IService.java
+++ b/base/common/src/com/netscape/certsrv/request/IService.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.EBaseException;
  * This covers certificate generation, revocation, renewals,
  * revocation checking, and much more.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IService {
@@ -33,7 +33,7 @@ public interface IService {
      * Performs the service (such as certificate generation)
      * represented by this request.
      * 

-     * 
+     *
      * @param request
      *            The request that needs service. The service may use
      *            attributes stored in the request, and may update the
diff --git a/base/common/src/com/netscape/certsrv/request/PolicyMessage.java b/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
index c21b8ca4d..396603f50 100644
--- a/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
+++ b/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.EBaseException;
  * A (localizable) message recorded by a policy module that describes
  * the reason for rejecting a request.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PolicyMessage
@@ -37,7 +37,7 @@ public class PolicyMessage
     /**
      * Class constructor that registers policy message.
      * 

-     * 
+     *
      * @param message message string
      */
     public PolicyMessage(String message) {
diff --git a/base/common/src/com/netscape/certsrv/request/PolicyResult.java b/base/common/src/com/netscape/certsrv/request/PolicyResult.java
index c7cad94f2..79b378390 100644
--- a/base/common/src/com/netscape/certsrv/request/PolicyResult.java
+++ b/base/common/src/com/netscape/certsrv/request/PolicyResult.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.request;
 
 /**
  * This class defines results for policy actions.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public final class PolicyResult {
diff --git a/base/common/src/com/netscape/certsrv/request/RequestId.java b/base/common/src/com/netscape/certsrv/request/RequestId.java
index b643fa30d..795fdaa2a 100644
--- a/base/common/src/com/netscape/certsrv/request/RequestId.java
+++ b/base/common/src/com/netscape/certsrv/request/RequestId.java
@@ -24,7 +24,7 @@ import java.math.BigInteger;
  * request within a request queue. This identifier may be used to
  * retrieve the request object itself from the request queue.
  * 

- * 
+ *
  * @version $Revision$ $Date$
  */
 public class RequestId {
@@ -34,7 +34,7 @@ public class RequestId {
     /**
      * Creates a new RequestId from its string representation.
      * 

-     * 
+     *
      * @param id
      *            a string containing the decimal or hex value for the identifier.
      */
@@ -86,7 +86,7 @@ public class RequestId {
      * Converts the RequestId into its string representation. The string
      * form can be stored in a database (such as the LDAP directory)
      * 

-     * 
+     *
      * @return
      *         a string containing the decimal (base 10) value for the identifier.
      */
diff --git a/base/common/src/com/netscape/certsrv/request/RequestStatus.java b/base/common/src/com/netscape/certsrv/request/RequestStatus.java
index f58a568d8..fd501ef0f 100644
--- a/base/common/src/com/netscape/certsrv/request/RequestStatus.java
+++ b/base/common/src/com/netscape/certsrv/request/RequestStatus.java
@@ -21,16 +21,16 @@ package com.netscape.certsrv.request;
  * The RequestStatus class represents the current state of a request
  * in a request queue. The state of the request changes as actions
  * are performed on it.
- * 
+ *
  * The request is created in the BEGIN state, then general progresses
  * through the PENDING, APPROVED, SVC_PENDING, and COMPLETE states.
  * Some requests may bypass the PENDING state if no agent action is
  * required.
- * 
+ *
  * Requests may be CANCELED (not implemented) or REJECTED. These are
  * error conditions, and usually result because the request was invalid
  * or was not approved by an agent.
- * 
+ *
  * @version $Revision$ $Date$
  */
 public final class RequestStatus {
@@ -45,7 +45,7 @@ public final class RequestStatus {
     /**
      * The initial state of a request. Requests in this state have not
      * been review by policy.
-     * 
+     *
      * While in this state the source of the request (usually the servlet,
      * but it could be some other protocol module, such as email)
      * should populate the request with data need to service it.
@@ -56,7 +56,7 @@ public final class RequestStatus {
      * The state of a request that is waiting for action by an agent.
      * When the agent approves or rejects the request, process will
      * continue as appropriate.
-     * 
+     *
      * In this state there may be PolicyMessages present that indicate
      * the reason for the pending status.
      */
@@ -66,7 +66,7 @@ public final class RequestStatus {
      * The state of a request that has been approved by an agent, or
      * automatically by the policy engine, but have not been successfully
      * transmitted to the service module.
-     * 
+     *
      * These requests are resent to the service during the recovery
      * process that runs at server startup.
      */
@@ -91,7 +91,7 @@ public final class RequestStatus {
      * The state of a request after it is rejected. When a request is
      * rejected, the notifier is called prior to making the finl status
      * change.
-     * 
+     *
      * Rejected requests may have PolicyMessages indicating the reason for
      * the rejection, or AgentMessages, which allow the agent to give
      * reasons for the action.
@@ -110,7 +110,7 @@ public final class RequestStatus {
      * Converts a string name for a request status into the
      * request status enum object.
      * 

-     * 
+     *
      * @param s
      *            The string representation of the state.
      * @return
@@ -138,7 +138,7 @@ public final class RequestStatus {
     /**
      * Returns the string form of the RequestStatus, which may be used
      * to record the status in a database.
-     * 
+     *
      * @return request status
      */
     public String toString() {
@@ -147,7 +147,7 @@ public final class RequestStatus {
 
     /**
      * Class constructor. Creates request status from the string.
-     * 
+     *
      * @param string string describing request status
      */
     private RequestStatus(String string) {
@@ -158,7 +158,7 @@ public final class RequestStatus {
 
     /**
      * Compares request status with specified string.
-     * 
+     *
      * @param string string describing request status
      */
     public boolean equals(String string) {
@@ -170,7 +170,7 @@ public final class RequestStatus {
 
     /**
      * Compares current request status with request status.
-     * 
+     *
      * @param rs request status
      */
     public boolean equals(RequestStatus rs) {
diff --git a/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java b/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
index c1e153a81..9da90e774 100644
--- a/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
+++ b/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
@@ -25,13 +25,13 @@ import com.netscape.certsrv.request.RequestStatus;
 /**
  * This interface defines how to update request record.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRequestMod {
     /**
      * Modifies request status.
-     * 
+     *
      * @param r request
      * @param s request status
      */
@@ -39,7 +39,7 @@ public interface IRequestMod {
 
     /**
      * Modifies request creation time.
-     * 
+     *
      * @param r request
      * @param d date
      */
@@ -47,7 +47,7 @@ public interface IRequestMod {
 
     /**
      * Modifies request modification time.
-     * 
+     *
      * @param r request
      * @param d date
      */
diff --git a/base/common/src/com/netscape/certsrv/security/Credential.java b/base/common/src/com/netscape/certsrv/security/Credential.java
index 48038a40b..4d8d30bb8 100644
--- a/base/common/src/com/netscape/certsrv/security/Credential.java
+++ b/base/common/src/com/netscape/certsrv/security/Credential.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.security;
  * A class represents a credential. A credential contains
  * information that identifies a user. In this case,
  * identifier and password are used.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Credential implements java.io.Serializable {
@@ -35,7 +35,7 @@ public class Credential implements java.io.Serializable {
 
     /**
      * Constructs credential object.
-     * 
+     *
      * @param id user id
      * @param password user password
      */
@@ -46,7 +46,7 @@ public class Credential implements java.io.Serializable {
 
     /**
      * Retrieves identifier.
-     * 
+     *
      * @return user id
      */
     public String getIdentifier() {
@@ -55,7 +55,7 @@ public class Credential implements java.io.Serializable {
 
     /**
      * Retrieves password.
-     * 
+     *
      * @return user password
      */
     public String getPassword() {
diff --git a/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java b/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java
index 3d26d6f3a..32b6a212f 100644
--- a/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java
@@ -39,7 +39,7 @@ import com.netscape.certsrv.common.NameValuePairs;
 /**
  * This interface represents the cryptographics subsystem
  * that provides all the security related functions.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICryptoSubsystem extends ISubsystem {
@@ -49,7 +49,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves a list of nicknames of certificates that are
      * in the installed tokens.
-     * 
+     *
      * @return a list of comma-separated nicknames
      * @exception EBaseException failed to retrieve nicknames
      */
@@ -57,7 +57,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves certificate in pretty-print format by the nickname.
-     * 
+     *
      * @param nickname nickname of certificate
      * @param date not after of the returned certificate must be date
      * @param locale user locale
@@ -78,7 +78,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves the certificate in the pretty print format.
-     * 
+     *
      * @param b64E certificate in mime-64 encoded format
      * @param locale end user locale
      * @return certificate in pretty-print format
@@ -89,7 +89,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Imports certificate into the server.
-     * 
+     *
      * @param b64E certificate in mime-64 encoded format
      * @param nickname nickname for the importing certificate
      * @param certType certificate type
@@ -100,7 +100,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Imports certificate into the server.
-     * 
+     *
      * @param signedCert certificate
      * @param nickname nickname for the importing certificate
      * @param certType certificate type
@@ -111,7 +111,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates a key pair based on the given parameters.
-     * 
+     *
      * @param properties key parameters
      * @return key pair
      * @exception EBaseException failed to generate key pair
@@ -120,7 +120,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves the key pair based on the given nickname.
-     * 
+     *
      * @param nickname nickname of the public key
      * @exception EBaseException failed to retrieve key pair
      */
@@ -128,7 +128,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates a key pair based on the given parameters.
-     * 
+     *
      * @param tokenName name of token where key is generated
      * @param alg key algorithm
      * @param keySize key size
@@ -140,7 +140,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates a key pair based on the given parameters.
-     * 
+     *
      * @param tokenName name of token where key is generated
      * @param alg key algorithm
      * @param keySize key size
@@ -153,7 +153,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates an ECC key pair based on the given parameters.
-     * 
+     *
      * @param properties key parameters
      * @return key pair
      * @exception EBaseException failed to generate key pair
@@ -162,7 +162,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates an ECC key pair based on the given parameters.
-     * 
+     *
      * @param token token name
      * @param curveName curve name
      * @param certType type of cert(sslserver etc..)
@@ -174,7 +174,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves the signature algorithm of the certificate named
      * by the given nickname.
-     * 
+     *
      * @param nickname nickname of the certificate
      * @return signature algorithm
      * @exception EBaseException failed to retrieve signature
@@ -183,7 +183,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Checks if the given dn is a valid distinguished name.
-     * 
+     *
      * @param dn distinguished name
      * @exception EBaseException failed to check
      */
@@ -193,7 +193,7 @@ public interface ICryptoSubsystem extends ISubsystem {
      * Retrieves CA's signing algorithm id. If it is DSA algorithm,
      * algorithm is constructed by reading the parameters
      * ca.dsaP, ca.dsaQ, ca.dsaG.
-     * 
+     *
      * @param algname DSA or RSA
      * @param store configuration store.
      * @return algorithm id
@@ -204,7 +204,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves subject name of the certificate that is identified by
      * the given nickname.
-     * 
+     *
      * @param tokenname name of token where the nickname is valid
      * @param nickname nickname of the certificate
      * @return subject name
@@ -216,7 +216,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves extensions of the certificate that is identified by
      * the given nickname.
-     * 
+     *
      * @param tokenname name of token where the nickname is valid
      * @param nickname nickname of the certificate
      * @return certificate extensions
@@ -228,7 +228,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Deletes certificate of the given nickname.
-     * 
+     *
      * @param nickname nickname of the certificate
      * @param pathname path where a copy of the deleted certificate is stored
      * @exception EBaseException failed to delete certificate
@@ -238,7 +238,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Delete certificate of the given nickname.
-     * 
+     *
      * @param nickname nickname of the certificate
      * @param notAfterTime The notAfter of the certificate. It
      *            is possible to ge t multiple certificates under
@@ -254,7 +254,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves the subject DN of the certificate identified by
      * the nickname.
-     * 
+     *
      * @param nickname nickname of the certificate
      * @return subject distinguished name
      * @exception EBaseException failed to retrieve subject DN
@@ -263,7 +263,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Trusts a certificate for all available purposes.
-     * 
+     *
      * @param nickname nickname of the certificate
      * @param date certificate's not before
      * @param trust "Trust" or other
@@ -275,7 +275,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Checks if the given base-64 encoded string contains an extension
      * or a sequence of extensions.
-     * 
+     *
      * @param ext extension or sequence of extension encoded in base-64
      * @exception EBaseException failed to check encoding
      */
@@ -283,7 +283,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Gets all certificates on all tokens for Certificate Database Management.
-     * 
+     *
      * @return all certificates
      * @exception EBaseException failed to retrieve certificates
      */
@@ -293,7 +293,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Gets all CA certificates on all tokens.
-     * 
+     *
      * @return all CA certificates
      * @exception EBaseException failed to retrieve certificates
      */
@@ -312,7 +312,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves PQG parameters based on key size.
-     * 
+     *
      * @param keysize key size
      * @return pqg parameters
      */
@@ -320,7 +320,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves PQG parameters based on key size.
-     * 
+     *
      * @param keysize key size
      * @param store configuration store
      * @return pqg parameters
@@ -331,7 +331,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves extensions of the certificate that is identified by
      * the given nickname.
-     * 
+     *
      * @param tokenname token name
      * @param nickname nickname
      * @return certificate extensions
@@ -344,7 +344,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Checks if the given token is logged in.
-     * 
+     *
      * @param name token name
      * @return true if token is logged in
      * @exception EBaseException failed to login
@@ -353,7 +353,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Logs into token.
-     * 
+     *
      * @param tokenName name of the token
      * @param pwd token password
      * @exception EBaseException failed to login
@@ -363,7 +363,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates certificate request from the given key pair.
-     * 
+     *
      * @param subjectName subject name to use in the request
      * @param kp key pair that contains public key material
      * @return certificate request in base-64 encoded format
@@ -374,28 +374,28 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Checks if fortezza is enabled.
-     * 
+     *
      * @return "true" if fortezza is enabled
      */
     public String isCipherFortezza() throws EBaseException;
 
     /**
      * Retrieves the SSL cipher version.
-     * 
+     *
      * @return cipher version (i.e. "cipherdomestic")
      */
     public String getCipherVersion() throws EBaseException;
 
     /**
      * Retrieves the cipher preferences.
-     * 
+     *
      * @return cipher preferences (i.e. "rc4export,rc2export,...")
      */
     public String getCipherPreferences() throws EBaseException;
 
     /**
      * Sets the current SSL cipher preferences.
-     * 
+     *
      * @param cipherPrefs cipher preferences (i.e. "rc4export,rc2export,...")
      * @exception EBaseException failed to set cipher preferences
      */
@@ -404,7 +404,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves a list of currently registered token names.
-     * 
+     *
      * @return list of token names
      * @exception EBaseException failed to retrieve token list
      */
@@ -413,7 +413,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Retrieves all certificates. The result list will not
      * contain the token tag.
-     * 
+     *
      * @param name token name
      * @return list of certificates without token tag
      * @exception EBaseException failed to retrieve
@@ -422,7 +422,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves the token name of the internal (software) token.
-     * 
+     *
      * @return the token name
      * @exception EBaseException failed to retrieve token name
      */
@@ -431,7 +431,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Checks to see if the certificate of the given nickname is a
      * CA certificate.
-     * 
+     *
      * @param fullNickname nickname of the certificate to check
      * @return true if it is a CA certificate
      * @exception EBaseException failed to check
@@ -444,7 +444,7 @@ public interface ICryptoSubsystem extends ISubsystem {
      * The default token is set using the modutil command.
      * Note that the system entropy generator (usually /dev/random)
      * will block until sufficient entropy is collected.
-     * 
+     *
      * @param bits number of bits of entropy
      * @exception org.mozilla.jss.util.NotImplementedException If the Crypto device does not support
      *                adding entropy
@@ -460,7 +460,7 @@ public interface ICryptoSubsystem extends ISubsystem {
     /**
      * Signs the certificate template into the given data and returns
      * a signed certificate.
-     * 
+     *
      * @param data data that contains certificate template
      * @param certType certificate type
      * @param priKey CA signing key
diff --git a/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java b/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java
index 0a526e582..6b96dbc11 100644
--- a/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java
+++ b/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java
@@ -26,14 +26,14 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * An interface represents a encryption unit.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IEncryptionUnit extends IToken {
 
     /**
      * Retrieves the public key in this unit.
-     * 
+     *
      * @return public key
      */
     public PublicKey getPublicKey();
@@ -41,7 +41,7 @@ public interface IEncryptionUnit extends IToken {
     /**
      * Wraps data. The given key will be wrapped by the
      * private key in this unit.
-     * 
+     *
      * @param priKey private key to be wrapped
      * @return wrapped data
      * @exception EBaseException failed to wrap
@@ -60,7 +60,7 @@ public interface IEncryptionUnit extends IToken {
 
     /**
      * Verifies the given key pair.
-     * 
+     *
      * @param publicKey public key
      * @param privateKey private key
      */
@@ -70,7 +70,7 @@ public interface IEncryptionUnit extends IToken {
     /**
      * Unwraps data. This method rebuilds the private key by
      * unwrapping the private key data.
-     * 
+     *
      * @param sessionKey session key that unwrap the private key
      * @param symmAlgOID symmetric algorithm
      * @param symmAlgParams symmetric algorithm parameters
@@ -127,7 +127,7 @@ public interface IEncryptionUnit extends IToken {
     /**
      * Unwraps data. This method rebuilds the private key by
      * unwrapping the private key data.
-     * 
+     *
      * @param privateKey private key data
      * @param pubKey public key object
      * @return private key object
@@ -139,7 +139,7 @@ public interface IEncryptionUnit extends IToken {
     /**
      * Encrypts the internal private key (private key to the KRA's
      * internal storage).
-     * 
+     *
      * @param rawPrivate user's private key (key to be archived)
      * @return encrypted data
      * @exception EBaseException failed to encrypt
@@ -150,7 +150,7 @@ public interface IEncryptionUnit extends IToken {
     /**
      * Decrypts the internal private key (private key from the KRA's
      * internal storage).
-     * 
+     *
      * @param wrappedPrivateData unwrapped private key data (key to be recovered)
      * @return raw private key
      * @exception EBaseException failed to decrypt
@@ -160,7 +160,7 @@ public interface IEncryptionUnit extends IToken {
 
     /**
      * Decrypts the external private key (private key from the end-user).
-     * 
+     *
      * @param sessionKey session key that protects the user private
      * @param symmAlgOID symmetric algorithm
      * @param symmAlgParams symmetric algorithm parameters
diff --git a/base/common/src/com/netscape/certsrv/security/ISigningUnit.java b/base/common/src/com/netscape/certsrv/security/ISigningUnit.java
index 7fbed0b6c..34d2a5109 100644
--- a/base/common/src/com/netscape/certsrv/security/ISigningUnit.java
+++ b/base/common/src/com/netscape/certsrv/security/ISigningUnit.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents the signing unit which is
  * capable of signing data.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISigningUnit {
@@ -49,7 +49,7 @@ public interface ISigningUnit {
 
     /**
      * Retrieves the new nickname in the renewal process.
-     * 
+     *
      * @return new nickname
      * @exception EBaseException failed to get new nickname
      */
@@ -57,28 +57,28 @@ public interface ISigningUnit {
 
     /**
      * Sets new nickname of the signing certificate.
-     * 
+     *
      * @param name nickname
      */
     public void setNewNickName(String name);
 
     /**
      * Retrieves the signing certificate.
-     * 
+     *
      * @return signing certificate
      */
     public X509Certificate getCert();
 
     /**
      * Retrieves the signing certificate.
-     * 
+     *
      * @return signing certificate
      */
     public X509CertImpl getCertImpl();
 
     /**
      * Signs the given data in specific algorithm.
-     * 
+     *
      * @param data data to be signed
      * @param algname signing algorithm to be used
      * @return signed data
@@ -89,7 +89,7 @@ public interface ISigningUnit {
 
     /**
      * Verifies the signed data.
-     * 
+     *
      * @param data signed data
      * @param signature signature
      * @param algname signing algorithm
@@ -101,21 +101,21 @@ public interface ISigningUnit {
 
     /**
      * Retrieves the default algorithm.
-     * 
+     *
      * @return default signing algorithm
      */
     public SignatureAlgorithm getDefaultSignatureAlgorithm();
 
     /**
      * Retrieves the default algorithm name.
-     * 
+     *
      * @return default signing algorithm name
      */
     public String getDefaultAlgorithm();
 
     /**
      * Set default signing algorithm.
-     * 
+     *
      * @param algorithm signing algorithm
      * @exception EBaseException failed to set default signing algorithm
      */
@@ -123,7 +123,7 @@ public interface ISigningUnit {
 
     /**
      * Retrieves all supported signing algorithm of this unit.
-     * 
+     *
      * @return a list of signing algorithms
      * @exception EBaseException failed to list
      */
@@ -131,7 +131,7 @@ public interface ISigningUnit {
 
     /**
      * Retrieves the token name of this unit.
-     * 
+     *
      * @return token name
      * @exception EBaseException failed to retrieve name
      */
@@ -139,7 +139,7 @@ public interface ISigningUnit {
 
     /**
      * Updates new nickname and tokename in the configuration file.
-     * 
+     *
      * @param nickname new nickname
      * @param tokenname new tokenname
      */
@@ -147,7 +147,7 @@ public interface ISigningUnit {
 
     /**
      * Checks if the given algorithm name is supported.
-     * 
+     *
      * @param algname algorithm name
      * @return signing algorithm
      * @exception EBaseException failed to check signing algorithm
@@ -157,7 +157,7 @@ public interface ISigningUnit {
 
     /**
      * Retrieves the public key associated in this unit.
-     * 
+     *
      * @return public key
      */
     public PublicKey getPublicKey();
diff --git a/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java b/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java
index 5f3b0ec48..4e651d394 100644
--- a/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java
+++ b/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java
@@ -27,14 +27,14 @@ import com.netscape.certsrv.base.EBaseException;
  * An interface represents a storage key unit. This storage
  * unit contains a storage key pair that is used for
  * encrypting the user private key for long term storage.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IStorageKeyUnit extends IEncryptionUnit {
 
     /**
      * Retrieves total number of recovery agents.
-     * 
+     *
      * @return total number of recovery agents
      */
     public int getNoOfAgents() throws EBaseException;
@@ -42,28 +42,28 @@ public interface IStorageKeyUnit extends IEncryptionUnit {
     /**
      * Retrieves number of recovery agents required to
      * perform recovery operation.
-     * 
+     *
      * @return required number of recovery agents for recovery operation
      */
     public int getNoOfRequiredAgents() throws EBaseException;
 
     /**
      * Sets the numer of required recovery agents
-     * 
+     *
      * @param number number of required agents
      */
     public void setNoOfRequiredAgents(int number);
 
     /**
      * Retrieves a list of agents in this unit.
-     * 
+     *
      * @return a list of string-based agent identifiers
      */
     public Enumeration getAgentIdentifiers();
 
     /**
      * Changes agent password.
-     * 
+     *
      * @param id agent id
      * @param oldpwd old password
      * @param newpwd new password
@@ -75,7 +75,7 @@ public interface IStorageKeyUnit extends IEncryptionUnit {
 
     /**
      * Changes M-N recovery scheme.
-     * 
+     *
      * @param n total number of agents
      * @param m required number of agents for recovery operation
      * @param oldcreds all old credentials
@@ -88,7 +88,7 @@ public interface IStorageKeyUnit extends IEncryptionUnit {
 
     /**
      * Logins to this unit.
-     * 
+     *
      * @param ac agent's credentials
      * @exception EBaseException failed to login
      */
diff --git a/base/common/src/com/netscape/certsrv/security/IToken.java b/base/common/src/com/netscape/certsrv/security/IToken.java
index 05aff64f9..a27514f31 100644
--- a/base/common/src/com/netscape/certsrv/security/IToken.java
+++ b/base/common/src/com/netscape/certsrv/security/IToken.java
@@ -21,14 +21,14 @@ import com.netscape.certsrv.base.EBaseException;
 
 /**
  * An interface represents a generic token unit.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IToken {
 
     /**
      * Logins to the token unit.
-     * 
+     *
      * @param pin password to access the token
      * @exception EBaseException failed to login to this token
      */
diff --git a/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java b/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java
index 6e1c7ab4a..e7bf77b49 100644
--- a/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java
+++ b/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java
@@ -29,14 +29,14 @@ import com.netscape.certsrv.base.EBaseException;
  * An interface represents the transport key pair.
  * This key pair is used to protected EE's private
  * key in transit.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ITransportKeyUnit extends IEncryptionUnit {
 
     /**
      * Retrieves public key.
-     * 
+     *
      * @return certificate
      */
     public org.mozilla.jss.crypto.X509Certificate getCertificate();
diff --git a/base/common/src/com/netscape/certsrv/security/KeyCertData.java b/base/common/src/com/netscape/certsrv/security/KeyCertData.java
index dbcc0118f..af09d3598 100644
--- a/base/common/src/com/netscape/certsrv/security/KeyCertData.java
+++ b/base/common/src/com/netscape/certsrv/security/KeyCertData.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.common.Constants;
 /**
  * This class represents a container for storaging
  * data in the security package.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyCertData extends Properties {
@@ -52,7 +52,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves the key pair from this container.
-     * 
+     *
      * @return key pair
      */
     public KeyPair getKeyPair() {
@@ -61,7 +61,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key pair into this container.
-     * 
+     *
      * @param keypair key pair
      */
     public void setKeyPair(KeyPair keypair) {
@@ -70,7 +70,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves the issuer name from this container.
-     * 
+     *
      * @return issuer name
      */
     public String getIssuerName() {
@@ -79,7 +79,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets the issuer name in this container.
-     * 
+     *
      * @param name issuer name
      */
     public void setIssuerName(String name) {
@@ -88,7 +88,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves certificate server instance name.
-     * 
+     *
      * @return instance name
      */
     public String getCertInstanceName() {
@@ -97,7 +97,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets certificate server instance name.
-     * 
+     *
      * @param name instance name
      */
     public void setCertInstanceName(String name) {
@@ -106,7 +106,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves certificate nickname.
-     * 
+     *
      * @return certificate nickname
      */
     public String getCertNickname() {
@@ -115,7 +115,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets certificate nickname.
-     * 
+     *
      * @param nickname certificate nickname
      */
     public void setCertNickname(String nickname) {
@@ -124,7 +124,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key length.
-     * 
+     *
      * @return key length
      */
     public String getKeyLength() {
@@ -133,7 +133,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key length.
-     * 
+     *
      * @param len key length
      */
     public void setKeyLength(String len) {
@@ -142,7 +142,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key type.
-     * 
+     *
      * @return key type
      */
     public String getKeyType() {
@@ -151,7 +151,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key type.
-     * 
+     *
      * @param type key type
      */
     public void setKeyType(String type) {
@@ -160,7 +160,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key curve name.
-     * 
+     *
      * @return key curve name
      */
     public String getKeyCurveName() {
@@ -169,7 +169,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key curvename.
-     * 
+     *
      * @param len key curvename
      */
     public void setKeyCurveName(String len) {
@@ -178,7 +178,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves signature algorithm.
-     * 
+     *
      * @return signature algorithm
      */
     public SignatureAlgorithm getSignatureAlgorithm() {
@@ -187,7 +187,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets signature algorithm
-     * 
+     *
      * @param alg signature algorithm
      */
     public void setSignatureAlgorithm(SignatureAlgorithm alg) {
@@ -196,7 +196,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves algorithm used to sign the root CA Cert.
-     * 
+     *
      * @return signature algorithm
      */
     public String getSignedBy() {
@@ -205,7 +205,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets signature algorithm used to sign root CA cert
-     * 
+     *
      * @param alg signature algorithm
      */
     public void setSignedBy(String alg) {
@@ -214,7 +214,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves signature algorithm.
-     * 
+     *
      * @return signature algorithm
      */
     public AlgorithmId getAlgorithmId() {
@@ -223,7 +223,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets algorithm identifier
-     * 
+     *
      * @param id signature algorithm
      */
     public void setAlgorithmId(AlgorithmId id) {
@@ -232,7 +232,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves serial number.
-     * 
+     *
      * @return serial number
      */
     public BigInteger getSerialNumber() {
@@ -241,7 +241,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets serial number.
-     * 
+     *
      * @param num serial number
      */
     public void setSerialNumber(BigInteger num) {
@@ -250,7 +250,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves configuration file.
-     * 
+     *
      * @return configuration file
      */
     public IConfigStore getConfigFile() {
@@ -259,7 +259,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets configuration file.
-     * 
+     *
      * @param file configuration file
      */
     public void setConfigFile(IConfigStore file) {
@@ -268,7 +268,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves begining year of validity.
-     * 
+     *
      * @return begining year
      */
     public String getBeginYear() {
@@ -277,7 +277,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets begining year of validity.
-     * 
+     *
      * @param year begining year
      */
     public void setBeginYear(String year) {
@@ -286,7 +286,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending year of validity.
-     * 
+     *
      * @return ending year
      */
     public String getAfterYear() {
@@ -295,7 +295,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending year of validity.
-     * 
+     *
      * @param year ending year
      */
     public void setAfterYear(String year) {
@@ -304,7 +304,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves begining month of validity.
-     * 
+     *
      * @return begining month
      */
     public String getBeginMonth() {
@@ -313,7 +313,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets begining month of validity.
-     * 
+     *
      * @param month begining month
      */
     public void setBeginMonth(String month) {
@@ -322,7 +322,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending month of validity.
-     * 
+     *
      * @return ending month
      */
     public String getAfterMonth() {
@@ -331,7 +331,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending month of validity.
-     * 
+     *
      * @param month ending month
      */
     public void setAfterMonth(String month) {
@@ -340,7 +340,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves begining date of validity.
-     * 
+     *
      * @return begining date
      */
     public String getBeginDate() {
@@ -349,7 +349,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets begining date of validity.
-     * 
+     *
      * @param date begining date
      */
     public void setBeginDate(String date) {
@@ -358,7 +358,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending date of validity.
-     * 
+     *
      * @return ending date
      */
     public String getAfterDate() {
@@ -367,7 +367,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending date of validity.
-     * 
+     *
      * @param date ending date
      */
     public void setAfterDate(String date) {
@@ -376,7 +376,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves starting hour of validity.
-     * 
+     *
      * @return starting hour
      */
     public String getBeginHour() {
@@ -385,7 +385,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets starting hour of validity.
-     * 
+     *
      * @param hour starting hour
      */
     public void setBeginHour(String hour) {
@@ -394,7 +394,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending hour of validity.
-     * 
+     *
      * @return ending hour
      */
     public String getAfterHour() {
@@ -403,7 +403,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending hour of validity.
-     * 
+     *
      * @param hour ending hour
      */
     public void setAfterHour(String hour) {
@@ -412,7 +412,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves starting minute of validity.
-     * 
+     *
      * @return starting minute
      */
     public String getBeginMin() {
@@ -421,7 +421,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets starting minute of validity.
-     * 
+     *
      * @param min starting minute
      */
     public void setBeginMin(String min) {
@@ -430,7 +430,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending minute of validity.
-     * 
+     *
      * @return ending minute
      */
     public String getAfterMin() {
@@ -439,7 +439,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending minute of validity.
-     * 
+     *
      * @param min ending minute
      */
     public void setAfterMin(String min) {
@@ -448,7 +448,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves starting second of validity.
-     * 
+     *
      * @return starting second
      */
     public String getBeginSec() {
@@ -457,7 +457,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets starting second of validity.
-     * 
+     *
      * @param sec starting second
      */
     public void setBeginSec(String sec) {
@@ -466,7 +466,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending second of validity.
-     * 
+     *
      * @return ending second
      */
     public String getAfterSec() {
@@ -475,7 +475,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending second of validity.
-     * 
+     *
      * @param sec ending second
      */
     public void setAfterSec(String sec) {
@@ -484,7 +484,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves CA key pair
-     * 
+     *
      * @return CA key pair
      */
     public KeyPair getCAKeyPair() {
@@ -493,7 +493,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets CA key pair
-     * 
+     *
      * @param keypair key pair
      */
     public void setCAKeyPair(KeyPair keypair) {
@@ -502,7 +502,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves extensions
-     * 
+     *
      * @return extensions
      */
     public String getDerExtension() {
@@ -511,7 +511,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets extensions
-     * 
+     *
      * @param ext extensions
      */
     public void setDerExtension(String ext) {
@@ -520,7 +520,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves isCA
-     * 
+     *
      * @return "true" if it is CA
      */
     public String isCA() {
@@ -529,7 +529,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets isCA
-     * 
+     *
      * @param ext "true" if it is CA
      */
     public void setCA(String ext) {
@@ -538,7 +538,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key length
-     * 
+     *
      * @return certificate's key length
      */
     public String getCertLen() {
@@ -547,7 +547,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key length
-     * 
+     *
      * @param len certificate's key length
      */
     public void setCertLen(String len) {
@@ -556,7 +556,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Client bit
-     * 
+     *
      * @return SSL Client bit
      */
     public String getSSLClientBit() {
@@ -565,7 +565,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Client bit
-     * 
+     *
      * @param sslClientBit SSL Client bit
      */
     public void setSSLClientBit(String sslClientBit) {
@@ -574,7 +574,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Server bit
-     * 
+     *
      * @return SSL Server bit
      */
     public String getSSLServerBit() {
@@ -583,7 +583,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Server bit
-     * 
+     *
      * @param sslServerBit SSL Server bit
      */
     public void setSSLServerBit(String sslServerBit) {
@@ -592,7 +592,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Mail bit
-     * 
+     *
      * @return SSL Mail bit
      */
     public String getSSLMailBit() {
@@ -601,7 +601,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Mail bit
-     * 
+     *
      * @param sslMailBit SSL Mail bit
      */
     public void setSSLMailBit(String sslMailBit) {
@@ -610,7 +610,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL CA bit
-     * 
+     *
      * @return SSL CA bit
      */
     public String getSSLCABit() {
@@ -619,7 +619,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL CA bit
-     * 
+     *
      * @param cabit SSL CA bit
      */
     public void setSSLCABit(String cabit) {
@@ -628,7 +628,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Signing bit
-     * 
+     *
      * @return SSL Signing bit
      */
     public String getObjectSigningBit() {
@@ -637,7 +637,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Time Stamping bit
-     * 
+     *
      * @return Time Stamping bit
      */
     public String getTimeStampingBit() {
@@ -646,7 +646,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Signing bit
-     * 
+     *
      * @param objectSigningBit SSL Signing bit
      */
     public void setObjectSigningBit(String objectSigningBit) {
@@ -655,7 +655,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Mail CA bit
-     * 
+     *
      * @return SSL Mail CA bit
      */
     public String getMailCABit() {
@@ -664,7 +664,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Mail CA bit
-     * 
+     *
      * @param mailCABit SSL Mail CA bit
      */
     public void setMailCABit(String mailCABit) {
@@ -673,7 +673,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Object Signing bit
-     * 
+     *
      * @return SSL Object Signing bit
      */
     public String getObjectSigningCABit() {
@@ -682,7 +682,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Object Signing bit
-     * 
+     *
      * @param bit SSL Object Signing bit
      */
     public void setObjectSigningCABit(String bit) {
@@ -691,7 +691,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves OCSP Signing flag
-     * 
+     *
      * @return OCSP Signing flag
      */
     public String getOCSPSigning() {
@@ -700,7 +700,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets OCSP Signing flag
-     * 
+     *
      * @param aki OCSP Signing flag
      */
     public void setOCSPSigning(String aki) {
@@ -709,7 +709,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves OCSP No Check flag
-     * 
+     *
      * @return OCSP No Check flag
      */
     public String getOCSPNoCheck() {
@@ -718,7 +718,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets OCSP No Check flag
-     * 
+     *
      * @param noCheck OCSP No Check flag
      */
     public void setOCSPNoCheck(String noCheck) {
@@ -727,7 +727,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Authority Information Access flag
-     * 
+     *
      * @return Authority Information Access flag
      */
     public String getAIA() {
@@ -736,7 +736,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets Authority Information Access flag
-     * 
+     *
      * @param aia Authority Information Access flag
      */
     public void setAIA(String aia) {
@@ -745,7 +745,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Authority Key Identifier flag
-     * 
+     *
      * @return Authority Key Identifier flag
      */
     public String getAKI() {
@@ -754,7 +754,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets Authority Key Identifier flag
-     * 
+     *
      * @param aki Authority Key Identifier flag
      */
     public void setAKI(String aki) {
@@ -763,7 +763,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Subject Key Identifier flag
-     * 
+     *
      * @return Subject Key Identifier flag
      */
     public String getSKI() {
@@ -772,7 +772,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets Subject Key Identifier flag
-     * 
+     *
      * @param ski Subject Key Identifier flag
      */
     public void setSKI(String ski) {
@@ -781,7 +781,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key usage extension
-     * 
+     *
      * @return true if key usage extension set
      */
     public boolean getKeyUsageExtension() {
@@ -794,7 +794,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets CA extensions
-     * 
+     *
      * @param ext CA extensions
      */
     public void setCAExtensions(CertificateExtensions ext) {
@@ -803,7 +803,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves CA extensions
-     * 
+     *
      * @return CA extensions
      */
     public CertificateExtensions getCAExtensions() {
@@ -812,7 +812,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves hash type
-     * 
+     *
      * @return hash type
      */
     public String getHashType() {
diff --git a/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java b/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java
index 958919e1e..3233f0bed 100644
--- a/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java
+++ b/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java
@@ -32,10 +32,10 @@ package com.netscape.certsrv.selftests;
  * This class implements a duplicate self test exception.
  * EDuplicateSelfTestExceptions are derived from ESelfTestExceptions
  * in order to allow users to easily do self tests without try-catch clauses.
- * 
+ *
  * EDuplicateSelfTestExceptions should be caught by SelfTestSubsystem managers.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EDuplicateSelfTestException
@@ -72,7 +72,7 @@ public class EDuplicateSelfTestException
     /**
      * Constructs a "duplicate" self test exception.
      * 

-     * 
+     *
      * @param instanceName duplicate "instanceName" exception details
      */
     public EDuplicateSelfTestException(String instanceName) {
@@ -94,7 +94,7 @@ public class EDuplicateSelfTestException
      * Constructs a "duplicate" self test exception where the value is always
      * a duplicate from a name/value pair
      * 

-     * 
+     *
      * @param instanceName duplicate "instanceName" exception details
      * @param instanceValue duplicate "instanceValue" exception details
      */
@@ -125,7 +125,7 @@ public class EDuplicateSelfTestException
      * duplicate from a substore.parameter/value pair; (the value passed in may
      * be null).
      * 

-     * 
+     *
      * @param instanceStore duplicate "instanceStore" exception details
      * @param instanceParameter duplicate "instanceParameter" exception details
      * @param instanceValue duplicate "instanceValue" exception details
@@ -163,7 +163,7 @@ public class EDuplicateSelfTestException
     /**
      * Returns the instance name associated with this self test.
      * 

-     * 
+     *
      * @return name portion of the name/value pair
      */
     public String getInstanceName() {
@@ -173,7 +173,7 @@ public class EDuplicateSelfTestException
     /**
      * Returns the store associated with this self test.
      * 

-     * 
+     *
      * @return substore portion of the substore.parameter/value pair
      */
     public String getInstanceStore() {
@@ -183,7 +183,7 @@ public class EDuplicateSelfTestException
     /**
      * Returns the parameter associated with this self test.
      * 

-     * 
+     *
      * @return parameter portion of the substore.parameter/value pair
      */
     public String getInstanceParameter() {
@@ -193,7 +193,7 @@ public class EDuplicateSelfTestException
     /**
      * Returns the value associated with this self test.
      * 

-     * 
+     *
      * @return value portion of the name/value pair
      */
     public String getInstanceValue() {
diff --git a/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java b/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java
index 58592b89b..fcb4948d7 100644
--- a/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java
+++ b/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java
@@ -32,10 +32,10 @@ package com.netscape.certsrv.selftests;
  * This class implements an invalid self test exception.
  * EInvalidSelfTestExceptions are derived from ESelfTestExceptions
  * in order to allow users to easily do self tests without try-catch clauses.
- * 
+ *
  * EInvalidSelfTestExceptions should be caught by SelfTestSubsystem managers.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EInvalidSelfTestException
@@ -72,7 +72,7 @@ public class EInvalidSelfTestException
     /**
      * Constructs an "invalid" self test exception.
      * 

-     * 
+     *
      * @param instanceName invalid "instanceName" exception details
      */
     public EInvalidSelfTestException(String instanceName) {
@@ -94,7 +94,7 @@ public class EInvalidSelfTestException
      * Constructs a "invalid" self test exception where the value is always
      * invalid from a name/value pair
      * 

-     * 
+     *
      * @param instanceName invalid "instanceName" exception details
      * @param instanceValue invalid "instanceValue" exception details
      */
@@ -125,7 +125,7 @@ public class EInvalidSelfTestException
      * invalid from a substore.parameter/value pair; (the value passed in may
      * be null).
      * 

-     * 
+     *
      * @param instanceStore invalid "instanceStore" exception details
      * @param instanceParameter invalid "instanceParameter" exception details
      * @param instanceValue invalid "instanceValue" exception details
@@ -163,7 +163,7 @@ public class EInvalidSelfTestException
     /**
      * Returns the instance name associated with this self test.
      * 

-     * 
+     *
      * @return name portion of the name/value pair
      */
     public String getInstanceName() {
@@ -173,7 +173,7 @@ public class EInvalidSelfTestException
     /**
      * Returns the store associated with this self test.
      * 

-     * 
+     *
      * @return substore portion of the substore.parameter/value pair
      */
     public String getInstanceStore() {
@@ -183,7 +183,7 @@ public class EInvalidSelfTestException
     /**
      * Returns the parameter associated with this self test.
      * 

-     * 
+     *
      * @return parameter portion of the substore.parameter/value pair
      */
     public String getInstanceParameter() {
@@ -193,7 +193,7 @@ public class EInvalidSelfTestException
     /**
      * Returns the value associated with this self test.
      * 

-     * 
+     *
      * @return value portion of the name/value pair
      */
     public String getInstanceValue() {
diff --git a/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java b/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java
index c15852f4f..ea5be7b77 100644
--- a/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java
+++ b/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java
@@ -32,10 +32,10 @@ package com.netscape.certsrv.selftests;
  * This class implements a missing self test exception.
  * EMissingSelfTestExceptions are derived from ESelfTestExceptions
  * in order to allow users to easily do self tests without try-catch clauses.
- * 
+ *
  * EMissingSelfTestExceptions should be caught by SelfTestSubsystem managers.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EMissingSelfTestException
@@ -72,7 +72,7 @@ public class EMissingSelfTestException
     /**
      * Constructs a "missing" self test exception where the name is null
      * 

-     * 
+     *
      */
     public EMissingSelfTestException() {
         super("The self test plugin property name is null.");
@@ -82,7 +82,7 @@ public class EMissingSelfTestException
      * Constructs a "missing" self test exception where the name is always
      * missing from a name/value pair.
      * 

-     * 
+     *
      * @param instanceName missing "instanceName" exception details
      */
     public EMissingSelfTestException(String instanceName) {
@@ -104,7 +104,7 @@ public class EMissingSelfTestException
      * Constructs a "missing" self test exception where the value is always
      * missing from a name/value pair; (the value passed in is always null).
      * 

-     * 
+     *
      * @param instanceName missing "instanceName" exception details
      * @param instanceValue missing "instanceValue" exception details
      *            (always null)
@@ -134,7 +134,7 @@ public class EMissingSelfTestException
      * missing from a substore.parameter/value pair; (the value passed in may
      * be null).
      * 

-     * 
+     *
      * @param instanceStore missing "instanceStore" exception details
      * @param instanceParameter missing "instanceParameter" exception details
      * @param instanceValue missing "instanceValue" exception details
@@ -172,7 +172,7 @@ public class EMissingSelfTestException
     /**
      * Returns the instance name associated with this self test.
      * 

-     * 
+     *
      * @return name portion of the name/value pair
      */
     public String getInstanceName() {
@@ -182,7 +182,7 @@ public class EMissingSelfTestException
     /**
      * Returns the store associated with this self test.
      * 

-     * 
+     *
      * @return substore portion of the substore.parameter/value pair
      */
     public String getInstanceStore() {
@@ -192,7 +192,7 @@ public class EMissingSelfTestException
     /**
      * Returns the parameter associated with this self test.
      * 

-     * 
+     *
      * @return parameter portion of the substore.parameter/value pair
      */
     public String getInstanceParameter() {
@@ -202,7 +202,7 @@ public class EMissingSelfTestException
     /**
      * Returns the value associated with this self test.
      * 

-     * 
+     *
      * @return value portion of the name/value pair
      */
     public String getInstanceValue() {
diff --git a/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java b/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java
index 6c4f6bf2f..ed97a83a1 100644
--- a/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java
+++ b/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java
@@ -34,10 +34,10 @@ import com.netscape.certsrv.base.EBaseException;
  * This class implements a self test exception. ESelfTestExceptions
  * are derived from EBaseExceptions in order to allow users
  * to easily do self tests without try-catch clauses.
- * 
+ *
  * ESelfTestExceptions should be caught by SelfTestSubsystem managers.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ESelfTestException
@@ -73,7 +73,7 @@ public class ESelfTestException
     /**
      * Constructs a self test exception.
      * 

-     * 
+     *
      * @param msg exception details
      */
     public ESelfTestException(String msg) {
@@ -87,7 +87,7 @@ public class ESelfTestException
     /**
      * Returns the bundle file name.
      * 

-     * 
+     *
      * @return name of bundle class associated with this exception.
      */
     protected String getBundleName() {
diff --git a/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java b/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java
index 04285a9dc..24ad623e4 100644
--- a/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java
+++ b/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.logging.ILogEventListener;
 /**
  * This class defines the interface of an individual self test.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISelfTest {
@@ -62,7 +62,7 @@ public interface ISelfTest {
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 

-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -80,7 +80,7 @@ public interface ISelfTest {
     /**
      * Notifies this subsystem if it is in execution mode.
      * 

-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -97,7 +97,7 @@ public interface ISelfTest {
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 

-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName();
@@ -106,7 +106,7 @@ public interface ISelfTest {
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 

-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore();
@@ -115,7 +115,7 @@ public interface ISelfTest {
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 

-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -124,7 +124,7 @@ public interface ISelfTest {
     /**
      * Execute an individual self test.
      * 

-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java b/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java
index d16627ab5..214ee1764 100644
--- a/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.logging.ILogEventListener;
 /**
  * This class defines the interface of a container for self tests.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ISelfTestSubsystem
@@ -76,7 +76,7 @@ public interface ISelfTestSubsystem
      * List the instance names of all the self tests enabled to run on demand
      * (in execution order); may return null.
      * 

-     * 
+     *
      * @return list of self test instance names run on demand
      */
     public String[] listSelfTestsEnabledOnDemand();
@@ -84,7 +84,7 @@ public interface ISelfTestSubsystem
     /**
      * Enable the specified self test to be executed on demand.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -98,7 +98,7 @@ public interface ISelfTestSubsystem
     /**
      * Disable the specified self test from being able to be executed on demand.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -108,7 +108,7 @@ public interface ISelfTestSubsystem
     /**
      * Determine if the specified self test is enabled to be executed on demand.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if the specified self test is enabled on demand
      * @exception EMissingSelfTestException subsystem has missing name
@@ -120,7 +120,7 @@ public interface ISelfTestSubsystem
      * Determine if failure of the specified self test is fatal when
      * it is executed on demand.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if failure of the specified self test is fatal when
      *         it is executed on demand
@@ -132,7 +132,7 @@ public interface ISelfTestSubsystem
     /**
      * Execute all self tests specified to be run on demand.
      * 

-     * 
+     *
      * @exception EMissingSelfTestException subsystem has missing name
      * @exception ESelfTestException self test exception
      */
@@ -147,7 +147,7 @@ public interface ISelfTestSubsystem
      * List the instance names of all the self tests enabled to run
      * at server startup (in execution order); may return null.
      * 

-     * 
+     *
      * @return list of self test instance names run at server startup
      */
     public String[] listSelfTestsEnabledAtStartup();
@@ -155,7 +155,7 @@ public interface ISelfTestSubsystem
     /**
      * Enable the specified self test at server startup.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -169,7 +169,7 @@ public interface ISelfTestSubsystem
     /**
      * Disable the specified self test at server startup.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -180,7 +180,7 @@ public interface ISelfTestSubsystem
      * Determine if the specified self test is executed automatically
      * at server startup.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if the specified self test is executed at server startup
      * @exception EMissingSelfTestException subsystem has missing name
@@ -192,7 +192,7 @@ public interface ISelfTestSubsystem
      * Determine if failure of the specified self test is fatal to
      * server startup.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if failure of the specified self test is fatal to
      *         server startup
@@ -204,7 +204,7 @@ public interface ISelfTestSubsystem
     /**
      * Execute all self tests specified to be run at server startup.
      * 

-     * 
+     *
      * @exception EMissingSelfTestException subsystem has missing name
      * @exception ESelfTestException self test exception
      */
@@ -219,7 +219,7 @@ public interface ISelfTestSubsystem
      * Retrieve an individual self test from the instances list
      * given its instance name.
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @return individual self test
      */
@@ -233,7 +233,7 @@ public interface ISelfTestSubsystem
      * Returns the ILogEventListener of this subsystem.
      * This method may return null.
      * 

-     * 
+     *
      * @return ILogEventListener of this subsystem
      */
     public ILogEventListener getSelfTestLogger();
@@ -241,7 +241,7 @@ public interface ISelfTestSubsystem
     /**
      * This method represents the log interface for the self test subsystem.
      * 

-     * 
+     *
      * @param logger log event listener
      * @param msg self test log message
      */
@@ -252,7 +252,7 @@ public interface ISelfTestSubsystem
      * on the "on demand" list (note that the specified self test
      * will be appended to the end of each list).
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -273,7 +273,7 @@ public interface ISelfTestSubsystem
      * on the "on demand" list (note that the specified self test
      * will be removed from each list).
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -285,7 +285,7 @@ public interface ISelfTestSubsystem
      * on the "startup" list (note that the specified self test
      * will be appended to the end of each list).
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -306,7 +306,7 @@ public interface ISelfTestSubsystem
      * on the "startup" list (note that the specified self test
      * will be removed from each list).
      * 

-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
diff --git a/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java b/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java
index c7c4d372d..4107bfbb2 100644
--- a/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java
+++ b/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for Self Tests.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SelfTestResources extends ListResourceBundle {
diff --git a/base/common/src/com/netscape/certsrv/template/ArgList.java b/base/common/src/com/netscape/certsrv/template/ArgList.java
index 586bf7663..03b2b5645 100644
--- a/base/common/src/com/netscape/certsrv/template/ArgList.java
+++ b/base/common/src/com/netscape/certsrv/template/ArgList.java
@@ -24,7 +24,7 @@ import java.util.Vector;
  * that will be returned to the end-user via
  * the template framework.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ArgList implements IArgValue {
@@ -39,7 +39,7 @@ public class ArgList implements IArgValue {
 
     /**
      * Adds an argument to the list.
-     * 
+     *
      * @param arg argument to be added
      */
     public void add(IArgValue arg) {
@@ -48,7 +48,7 @@ public class ArgList implements IArgValue {
 
     /**
      * Returns the number of arguments in the list.
-     * 
+     *
      * @return size of the list
      */
     public int size() {
@@ -58,7 +58,7 @@ public class ArgList implements IArgValue {
     /**
      * Returns the argument at the given position
      * Position starts from 0.
-     * 
+     *
      * @param pos position
      * @return argument
      */
diff --git a/base/common/src/com/netscape/certsrv/template/ArgSet.java b/base/common/src/com/netscape/certsrv/template/ArgSet.java
index 333a51e50..8f3ff8b04 100644
--- a/base/common/src/com/netscape/certsrv/template/ArgSet.java
+++ b/base/common/src/com/netscape/certsrv/template/ArgSet.java
@@ -27,7 +27,7 @@ import java.util.Hashtable;
  * 

  * Each argument in the set is tagged with a name (key).
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ArgSet implements IArgValue {
@@ -35,7 +35,7 @@ public class ArgSet implements IArgValue {
 
     /**
      * Returns a list of argument names.
-     * 
+     *
      * @return list of argument names
      */
     public Enumeration getNames() {
@@ -44,7 +44,7 @@ public class ArgSet implements IArgValue {
 
     /**
      * Sets string argument into the set with the given name.
-     * 
+     *
      * @param name argument name
      * @param arg argument in string
      */
@@ -54,7 +54,7 @@ public class ArgSet implements IArgValue {
 
     /**
      * Sets argument into the set with the given name.
-     * 
+     *
      * @param name argument name
      * @param arg argument value
      */
@@ -64,7 +64,7 @@ public class ArgSet implements IArgValue {
 
     /**
      * Retrieves argument from the set.
-     * 
+     *
      * @param name argument name
      * @return argument value
      */
diff --git a/base/common/src/com/netscape/certsrv/template/ArgString.java b/base/common/src/com/netscape/certsrv/template/ArgString.java
index 4fb982eb6..e37ee3fc3 100644
--- a/base/common/src/com/netscape/certsrv/template/ArgString.java
+++ b/base/common/src/com/netscape/certsrv/template/ArgString.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.template;
 
 /**
  * This class represents a string-based argument.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ArgString implements IArgValue {
@@ -27,7 +27,7 @@ public class ArgString implements IArgValue {
 
     /**
      * Constructs a string-based argument value.
-     * 
+     *
      * @param value argument value
      */
     public ArgString(String value) {
@@ -36,7 +36,7 @@ public class ArgString implements IArgValue {
 
     /**
      * Returns the argument value.
-     * 
+     *
      * @return argument value
      */
     public String getValue() {
diff --git a/base/common/src/com/netscape/certsrv/template/IArgValue.java b/base/common/src/com/netscape/certsrv/template/IArgValue.java
index e820ce69f..30589b26b 100644
--- a/base/common/src/com/netscape/certsrv/template/IArgValue.java
+++ b/base/common/src/com/netscape/certsrv/template/IArgValue.java
@@ -21,7 +21,7 @@ package com.netscape.certsrv.template;
  * This interface presents a generic argument value.
  * Argument value can be in string, in a list, or
  * in a set.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IArgValue {
diff --git a/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java b/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java
index 0a045a6fb..fe77607b7 100644
--- a/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java
+++ b/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.request.IRequestQueue;
  * An interface represents a Registration Authority that is
  * responsible for certificate enrollment operations.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ITKSAuthority extends ISubsystem {
@@ -41,14 +41,14 @@ public interface ITKSAuthority extends ISubsystem {
 
     /**
      * Retrieves the request queue of this registration authority.
-     * 
+     *
      * @return RA's request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Returns the nickname of the RA certificate.
-     * 
+     *
      * @return the nickname of the RA certificate
      */
     public String getNickname();
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java b/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java
index fdfa3cd38..c8719b509 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java
@@ -22,7 +22,7 @@ import java.security.cert.X509Certificate;
 /**
  * This class defines the strong authentication basic elements,
  * the X509 certificates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Certificates {
@@ -31,7 +31,7 @@ public class Certificates {
 
     /**
      * Constructs strong authenticator.
-     * 
+     *
      * @param certs a list of X509Certificates
      */
     public Certificates(X509Certificate certs[]) {
@@ -40,7 +40,7 @@ public class Certificates {
 
     /**
      * Retrieves certificates.
-     * 
+     *
      * @return a list of X509Certificates
      */
     public X509Certificate[] getCertificates() {
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java b/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java
index a25a1a6b3..bae8ba085 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a Identity exception.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EUsrGrpException extends EBaseException {
@@ -38,7 +38,7 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a usr/grp management exception
-     * 
+     *
      * @param msgFormat exception details in message string format
      *            

      */
@@ -48,7 +48,7 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a Identity exception.
-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      *            

@@ -59,7 +59,7 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a Identity exception.
-     * 
+     *
      * @param e system exception
      *            

      */
@@ -69,7 +69,7 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a Identity exception.
-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param params list of message format parameters
      *            

diff --git a/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java b/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java
index dbbd068c4..ccf504229 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java
@@ -24,14 +24,14 @@ import com.netscape.certsrv.ldap.ELdapException;
 /**
  * This interface defines a certificate mapping strategy to locate
  * a user
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICertUserLocator {
 
     /**
      * Returns a user whose certificates match with the given certificates
-     * 
+     *
      * @return an user interface
      * @exception EUsrGrpException thrown when failed to build user
      * @exception LDAPException thrown when LDAP internal database is not available
@@ -42,7 +42,7 @@ public interface ICertUserLocator {
 
     /**
      * Retrieves description.
-     * 
+     *
      * @return description
      */
     public String getDescription();
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java b/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java
index 522d0fc89..86bf5c878 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java
@@ -24,35 +24,35 @@ import com.netscape.certsrv.base.IAttrSet;
 /**
  * This interface defines the basic interfaces for
  * an identity group. (get/set methods for a group entry attributes)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IGroup extends IAttrSet, IGroupConstants {
 
     /**
      * Retrieves the group name.
-     * 
+     *
      * @return the group name
      */
     public String getName();
 
     /**
      * Retrieves group identifier.
-     * 
+     *
      * @return the group id
      */
     public String getGroupID();
 
     /**
      * Retrieves group description.
-     * 
+     *
      * @return description
      */
     public String getDescription();
 
     /**
      * Checks if the given name is member of this group.
-     * 
+     *
      * @param name the given name
      * @return true if the given name is the member of this group; otherwise false.
      */
@@ -60,14 +60,14 @@ public interface IGroup extends IAttrSet, IGroupConstants {
 
     /**
      * Adds new member.
-     * 
+     *
      * @param name the given name.
      */
     public void addMemberName(String name);
 
     /**
      * Retrieves a list of member names.
-     * 
+     *
      * @return a list of member names for this group.
      */
     public Enumeration getMemberNames();
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java b/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java
index 22d89455c..7118db230 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.usrgrp;
 
 /**
  * This interface defines the attribute names for a group entry
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IGroupConstants {
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java b/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java
index 41209b4b9..5c4885573 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java
@@ -20,7 +20,7 @@ package com.netscape.certsrv.usrgrp;
 /**
  * A class represents an ID evaluator.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IIdEvaluator {
@@ -28,7 +28,7 @@ public interface IIdEvaluator {
     /**
      * Evaluates if the given value satisfies the ID evaluation:
      * is a user a member of a group
-     * 
+     *
      * @param type the type of evaluator, in this case, it is group
      * @param id the user id for the given user
      * @param op operator, only "=" and "!=" are supported
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java b/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java
index 282d672f1..aa8b65575 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * This class defines low-level LDAP usr/grp management
  * usr/grp information is located remotely on another
  * LDAP server.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IUGSubsystem extends ISubsystem, IUsrGrp {
@@ -45,7 +45,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Retrieves a user from LDAP
-     * 
+     *
      * @param userid the given user id
      * @exception EUsrGrpException thrown when failed to find the user
      */
@@ -53,7 +53,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Searches for users that matches the filter.
-     * 
+     *
      * @param filter search filter for efficiency
      * @return list of users
      * @exception EUsrGrpException thrown when any internal error occurs
@@ -62,7 +62,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Adds the given user to the internal database
-     * 
+     *
      * @param identity the given user
      * @exception EUsrGrpException thrown when failed to add user to the group
      * @exception LDAPException thrown when the LDAP internal database is not available
@@ -71,7 +71,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Adds a user certificate to user
-     * 
+     *
      * @param identity user interface
      * @exception EUsrGrpException thrown when failed to add the user certificate to the given user
      * @exception LDAPException thrown when the LDAP internal database is not available
@@ -91,7 +91,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
      * Removes a user certificate for a user entry
      * given a user certificate DN (actually, a combination of version,
      * serialNumber, issuerDN, and SubjectDN), and it gets removed
-     * 
+     *
      * @param identity the given user whose user certificate is going to be
      *            be removed.
      * @exception EUsrGrpException thrown when failed to remove user certificate
@@ -100,7 +100,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Removes identity.
-     * 
+     *
      * @param userid the given user id
      * @exception EUsrGrpException thrown when failed to remove user
      */
@@ -108,7 +108,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Modifies user attributes. Certs are handled separately
-     * 
+     *
      * @param identity the given identity which contains all the user
      *            attributes being modified
      * @exception EUsrGrpException thrown when modification failed
@@ -117,7 +117,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Finds groups that match the filter.
-     * 
+     *
      * @param filter the search filter
      * @return a list of groups that match the given search filter
      */
@@ -125,7 +125,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Find a group for the given name
-     * 
+     *
      * @param name the given name
      * @return a group that matched the given name
      */
@@ -135,7 +135,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
      * List groups. This method is more efficient than findGroups because
      * this method retrieves group names and description only. Each
      * retrieved group just contains group name and description.
-     * 
+     *
      * @param filter the search filter
      * @return a list of groups, each group just contains group name and
      *         its description.
@@ -145,7 +145,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Retrieves a group from LDAP for the given group name
-     * 
+     *
      * @param name the given group name
      * @return a group interface
      */
@@ -153,7 +153,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Retrieves a group from LDAP for the given DN.
-     * 
+     *
      * @param DN the given DN
      * @return a group interface for the given DN.
      */
@@ -161,7 +161,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Checks if the given group exists.
-     * 
+     *
      * @param name the given group name
      * @return true if the given group exists in the internal database; otherwise false.
      */
@@ -169,7 +169,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Checks if the given context is a member of the given group
-     * 
+     *
      * @param uid the given user id
      * @param name the given group name
      * @return true if the user with the given user id is a member of the given
@@ -181,7 +181,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Adds a group of identities.
-     * 
+     *
      * @param group the given group
      * @exception EUsrGrpException thrown when failed to add group.
      */
@@ -189,7 +189,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Removes a group. Can't remove SUPER_CERT_ADMINS
-     * 
+     *
      * @param name the given group name
      * @exception EUsrGrpException thrown when the given group failed to remove
      */
@@ -197,7 +197,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Modifies a group.
-     * 
+     *
      * @param group the given group which contain all group attributes being
      *            modified.
      * @exception EUsrGrpException thrown when failed to modify group.
@@ -206,7 +206,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Removes the user with the given id from the given group
-     * 
+     *
      * @param grp the given group
      * @param userid the given user id
      * @exception EUsrGrpException thrown when failed to remove the user from
@@ -217,7 +217,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Create user with the given id.
-     * 
+     *
      * @param id the user with the given id.
      * @return a new user
      */
@@ -225,7 +225,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Create group with the given id.
-     * 
+     *
      * @param id the group with the given id.
      * @return a new group
      */
@@ -233,7 +233,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Get string representation of the given certificate
-     * 
+     *
      * @param cert given certificate
      * @return the string representation of the given certificate
      */
@@ -242,7 +242,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
     /**
      * Searchs for identities that matches the certificate locater
      * generated filter.
-     * 
+     *
      * @param filter search filter
      * @return an user
      * @exception EUsrGrpException thrown when failed to find user
@@ -253,7 +253,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Get user locator which does the mapping between the user and the certificate.
-     * 
+     *
      * @return CertUserLocator
      */
     public ICertUserLocator getCertUserLocator();
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IUser.java b/base/common/src/com/netscape/certsrv/usrgrp/IUser.java
index 9370a6718..7c957fd8a 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IUser.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IUser.java
@@ -24,147 +24,147 @@ import com.netscape.certsrv.base.IAttrSet;
 /**
  * This interface defines the basic interfaces for
  * a user identity. (get/set methods for a user entry attributes)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IUser extends IAttrSet, IUserConstants {
 
     /**
      * Retrieves name.
-     * 
+     *
      * @return user name
      */
     public String getName();
 
     /**
      * Retrieves user identifier.
-     * 
+     *
      * @return user id
      */
     public String getUserID();
 
     /**
      * Retrieves user full name.
-     * 
+     *
      * @return user fullname
      */
     public String getFullName();
 
     /**
      * Retrieves user phonenumber.
-     * 
+     *
      * @return user phonenumber
      */
     public String getPhone();
 
     /**
      * Retrieves user state
-     * 
+     *
      * @return user state
      */
     public String getState();
 
     /**
      * Sets user full name.
-     * 
+     *
      * @param name the given full name
      */
     public void setFullName(String name);
 
     /**
      * Sets user ldap DN.
-     * 
+     *
      * @param userdn the given user DN
      */
     public void setUserDN(String userdn);
 
     /**
      * Gets user ldap dn
-     * 
+     *
      * @return user DN
      */
     public String getUserDN();
 
     /**
      * Retrieves user password.
-     * 
+     *
      * @return user password
      */
     public String getPassword();
 
     /**
      * Sets user password.
-     * 
+     *
      * @param p the given password
      */
     public void setPassword(String p);
 
     /**
      * Sets user phonenumber
-     * 
+     *
      * @param p user phonenumber
      */
     public void setPhone(String p);
 
     /**
      * Sets user state
-     * 
+     *
      * @param p the given user state
      */
     public void setState(String p);
 
     /**
      * Sets user type
-     * 
+     *
      * @param userType the given user type
      */
     public void setUserType(String userType);
 
     /**
      * Gets user email address.
-     * 
+     *
      * @return email address
      */
     public String getEmail();
 
     /**
      * Sets user email address.
-     * 
+     *
      * @param email the given email address
      */
     public void setEmail(String email);
 
     /**
      * Gets list of certificates from this user
-     * 
+     *
      * @return list of certificates
      */
     public X509Certificate[] getX509Certificates();
 
     /**
      * Sets list of certificates in this user
-     * 
+     *
      * @param certs list of certificates
      */
     public void setX509Certificates(X509Certificate certs[]);
 
     /**
      * Get certificate DN
-     * 
+     *
      * @return certificate DN
      */
     public String getCertDN();
 
     /**
      * Set certificate DN
-     * 
+     *
      * @param userdn the given DN
      */
     public void setCertDN(String userdn);
 
     /**
      * Get user type
-     * 
+     *
      * @return user type.
      */
     public String getUserType();
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java b/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java
index f66f01c73..dbfe9a38b 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java
@@ -19,7 +19,7 @@ package com.netscape.certsrv.usrgrp;
 
 /**
  * This interface defines the attribute names for a user entry
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IUserConstants {
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java b/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java
index f6cef0d46..d5d37614e 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java
@@ -22,28 +22,28 @@ import netscape.ldap.LDAPException;
 /**
  * This interface defines the basic capabilities of
  * a usr/group manager. (get/add/modify/remove users or groups)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Retrieves usr/grp manager identifier.
-     * 
+     *
      * @return id
      */
     public String getId();
 
     /**
      * Retrieves the description
-     * 
+     *
      * @return description
      */
     public String getDescription();
 
     /**
      * Retrieves an identity
-     * 
+     *
      * @param userid the user id for the given user
      * @return user interface
      */
@@ -56,7 +56,7 @@ public interface IUsrGrp extends IIdEvaluator {
      *   user.setPassword("secret");
      *   usrgrp.addUser(user);
      * 
-     * 
+     *
      * @param user an user interface
      * @exception EUsrGrpException thrown when some of the user attribute values
      *                are null
@@ -67,7 +67,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Removes a user.
-     * 
+     *
      * @param userid the user id for the given user
      * @exception EUsrGrpException thrown when failed to remove user
      */
@@ -75,7 +75,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Modifies user.
-     * 
+     *
      * @param user the user interface which contains the modified information
      * @exception EUsrGrpException thrown when failed to modify user
      */
@@ -83,7 +83,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Retrieves an identity group
-     * 
+     *
      * @param groupid the given group id.
      * @return the group interface
      */
@@ -91,7 +91,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Adds a group
-     * 
+     *
      * @param group the given group
      * @exception EUsrGrpException thrown when failed to add the group.
      */
@@ -99,7 +99,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Modifies a group
-     * 
+     *
      * @param group the given group contains the new information for modification.
      * @exception EUsrGrpException thrown when failed to modify the group.
      */
@@ -107,7 +107,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Removes a group
-     * 
+     *
      * @param name the group name
      * @exception EUsrGrpException thrown when failed to remove the given
      *                group.
diff --git a/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java b/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java
index 11a3da23b..f85f7116c 100644
--- a/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java
+++ b/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the
  * user/group manager
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -30,7 +30,7 @@ public class UsrGrpResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
-     * 
+     *
      * @return the content of this resource.
      */
     public Object[][] getContents() {
diff --git a/base/common/src/com/netscape/certsrv/util/HttpInput.java b/base/common/src/com/netscape/certsrv/util/HttpInput.java
index 7e7fe7c4a..e5ae780c8 100644
--- a/base/common/src/com/netscape/certsrv/util/HttpInput.java
+++ b/base/common/src/com/netscape/certsrv/util/HttpInput.java
@@ -175,7 +175,7 @@ public class HttpInput {
             }
             /*
 
-                      if (i.equals("256") || i.equals("384") || i.equals("521")) { 
+                      if (i.equals("256") || i.equals("384") || i.equals("521")) {
                         return i;
                       } else {
                         throw new IOException("Invalid key length '" + i + "'. Currently supported ECC key lengths are 256, 384, 521.");
diff --git a/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java b/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java
index 989d7a4a1..bee1661b1 100644
--- a/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java
+++ b/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * can be loaded into cert server kernel to perform
  * statistics collection.
  * 

- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/certsrv/util/StatsEvent.java b/base/common/src/com/netscape/certsrv/util/StatsEvent.java
index eafd90d05..3ee6e0d30 100644
--- a/base/common/src/com/netscape/certsrv/util/StatsEvent.java
+++ b/base/common/src/com/netscape/certsrv/util/StatsEvent.java
@@ -23,7 +23,7 @@ import java.util.Vector;
 /**
  * A statistics transaction.
  * 

- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cms/authentication/AVAPattern.java b/base/common/src/com/netscape/cms/authentication/AVAPattern.java
index 6a8bbcbf2..55c62eeb1 100644
--- a/base/common/src/com/netscape/cms/authentication/AVAPattern.java
+++ b/base/common/src/com/netscape/cms/authentication/AVAPattern.java
@@ -39,45 +39,45 @@ import com.netscape.certsrv.authentication.ECompSyntaxErr;
  * class for parsing a DN pattern used to construct a certificate
  * subject name from ldap attributes and dn.
  * 

- * 
+ *
  * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If
  * empty or not set, the ldap entry DN will be used as the certificate subject name.
  * 

- * 
+ *
  * The syntax is
- * 
+ *
  * 
  * 	dnPattern := rdnPattern *[ "," rdnPattern ]
  * 	rdnPattern := avaPattern *[ "+" avaPattern ]
- * 		avaPattern := name "=" value | 
- * 			      name "=" "$attr" "." attrName [ "." attrNumber ] | 
- * 			      name "=" "$dn" "." attrName [ "." attrNumber ] | 
+ * 		avaPattern := name "=" value |
+ * 			      name "=" "$attr" "." attrName [ "." attrNumber ] |
+ * 			      name "=" "$dn" "." attrName [ "." attrNumber ] |
  * 			 	  "$dn" "." "$rdn" "." number
  * 

- * 
+ *
  * 
  * Example1: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US 
  * Ldap entry: dn:  UID=jjames, OU=IS, OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     E = the first 'mail' ldap attribute value in user's entry. 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     OU = the second 'ou' value in the user's entry DN. 

  *     O = the (first) 'o' value in the user's entry DN. 

- *     C = the string "US" 
+ *     C = the string "US"
  * 

  * Example2: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     E = the first 'mail' ldap attribute value in user's entry. 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     OU = the second 'ou' value in the user's entry DN. note multiple AVAs
@@ -86,40 +86,40 @@ import com.netscape.certsrv.authentication.ECompSyntaxErr;
  *     C = the string "US"
  * 

  * 

- * 
+ *
  * 
  * Example3: CN=$attr.cn, $rdn.2, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     CN=Jesse James, OU=IS+OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     followed by the second RDN in the user's entry DN. 

  *     O = the (first) 'o' value in the user's entry DN. 

- *     C = the string "US" 
+ *     C = the string "US"
  * 

  * Example4: CN=$attr.cn, OU=$dn.ou.2+OU=$dn.ou.1, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     CN=Jesse James, OU=people+OU=IS, O=acme.org, C=US
- * 
	
+ * 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

- *     OU = the second 'ou' value in the user's entry DN followed by the 
+ *     OU = the second 'ou' value in the user's entry DN followed by the
  * 		first 'ou' value in the user's entry. note multiple AVAs
  * 	    in a RDN in this example. 

  *     O = the (first) 'o' value in the user's entry DN. 

  *     C = the string "US"
  * 

  * 

- * 
+ *
  * If an attribute or subject DN component does not exist the attribute is skipped.
- * 
+ *
  * @version $Revision$, $Date$
  */
 class AVAPattern {
@@ -184,7 +184,7 @@ class AVAPattern {
         if (c == -1)
             throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", "All blank"));
 
-        // $rdn "." number syntax. 
+        // $rdn "." number syntax.
 
         if (c == '$') {
             //System.out.println("$rdn syntax");
@@ -228,9 +228,9 @@ class AVAPattern {
             return;
         }
 
-        // name "=" ... syntax. 
+        // name "=" ... syntax.
 
-        // read name 
+        // read name
         //System.out.println("reading name");
 
         StringBuffer attrBuf = new StringBuffer();
@@ -250,10 +250,10 @@ class AVAPattern {
             throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX",
                     "Missing \"=\" in ava pattern"));
 
-        // read value 
+        // read value
         //System.out.println("reading value");
 
-        // skip spaces 
+        // skip spaces
         //System.out.println("skip spaces for value");
         try {
             while ((c = in.read()) == ' ' || c == '\t') {//System.out.println("spaces2 read "+(char)c);
@@ -267,7 +267,7 @@ class AVAPattern {
                     "no value after = in ava pattern"));
 
         if (c == '$') {
-            // check for $dn or $attr 
+            // check for $dn or $attr
             try {
                 c = in.read();
                 //System.out.println("check $dn or $attr read "+(char)c);
@@ -306,7 +306,7 @@ class AVAPattern {
                             "unknown keyword. expecting $dn or $attr."));
             }
 
-            // get attr name of dn pattern from above. 
+            // get attr name of dn pattern from above.
             String attrName = attrBuf.toString().trim();
 
             //System.out.println("----- attrName "+attrName);
@@ -333,7 +333,7 @@ class AVAPattern {
                     valueBuf.append((char) c);
                 }
                 if (c == '+' || c == ',') // either ',' or '+'
-                    in.unread(c); // pushback last , or + 
+                    in.unread(c); // pushback last , or +
             } catch (IOException e) {
                 throw new EAuthException(CMS.getUserMessage("CMS_AUTHENTICATION_INTERNAL_ERROR", e.toString()));
             }
@@ -375,7 +375,7 @@ class AVAPattern {
             // value is constant. treat as regular ava.
             mType = TYPE_CONSTANT;
             //System.out.println("----- mType constant");
-            // parse ava value. 
+            // parse ava value.
             StringBuffer valueBuf = new StringBuffer();
 
             valueBuf.append((char) c);
diff --git a/base/common/src/com/netscape/cms/authentication/AgentCertAuthentication.java b/base/common/src/com/netscape/cms/authentication/AgentCertAuthentication.java
index 65ef434a9..03428102d 100644
--- a/base/common/src/com/netscape/cms/authentication/AgentCertAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/AgentCertAuthentication.java
@@ -52,7 +52,7 @@ import com.netscape.certsrv.usrgrp.IUser;
  * Maps a SSL client authenticate certificate to a user (agent) entry in the
  * internal database.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AgentCertAuthentication implements IAuthManager,
@@ -90,7 +90,7 @@ public class AgentCertAuthentication implements IAuthManager,
      * initializes the CertUserDBAuthentication auth manager
      * 

      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param name The name of this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config The configuration store for this authentication manager.
@@ -127,11 +127,11 @@ public class AgentCertAuthentication implements IAuthManager,
      * authenticates user(agent) by certificate
      * 

      * called by other subsystems or their servlets to authenticate users (agents)
-     * 
+     *
      * @param authCred - authentication credential that contains
      *            an usrgrp.Certificates of the user (agent)
      * @return the authentication token that contains the following
-     * 
+     *
      * @exception EMissingCredential If a required credential for this
      *                authentication manager is missing.
      * @exception EInvalidCredentials If credentials cannot be authenticated.
@@ -207,7 +207,7 @@ public class AgentCertAuthentication implements IAuthManager,
                         e.toString()));
         }
 
-        // any unexpected error occurs like internal db down, 
+        // any unexpected error occurs like internal db down,
         // UGSubsystem only returns null for user.
         if (user == null) {
             throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL"));
@@ -248,7 +248,7 @@ public class AgentCertAuthentication implements IAuthManager,
      * the servlets that handle agent operations to authenticate its
      * users. It calls this method to know which are the
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -261,7 +261,7 @@ public class AgentCertAuthentication implements IAuthManager,
      * the Certificate Server Console to display the table for
      * configuration purposes. CertUserDBAuthentication is currently not
      * exposed in this case, so this method is not to be used.
-     * 
+     *
      * @return configuration parameter names in Hashtable of Vectors
      *         where each hashtable entry's key is the substore name, value is a
      *         Vector of parameter names. If no substore, the parameter name
@@ -280,7 +280,7 @@ public class AgentCertAuthentication implements IAuthManager,
     /**
      * gets the configuretion substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cms/authentication/Crypt.java b/base/common/src/com/netscape/cms/authentication/Crypt.java
index e6dd7087d..867181138 100644
--- a/base/common/src/com/netscape/cms/authentication/Crypt.java
+++ b/base/common/src/com/netscape/cms/authentication/Crypt.java
@@ -178,7 +178,7 @@ public class Crypt {
     /**
      * Create a Crypt object with specified salt. Use setPasswd() before
      * getEncryptedPasswd().
-     * 
+     *
      * @param salt the salt string for encryption
      */
     public Crypt(String salt) {
@@ -191,7 +191,7 @@ public class Crypt {
      * Create a Crypt object with specified passwd and salt (often the
      * already encypted passwd). Get the encrypted result with
      * getEncryptedPasswd().
-     * 
+     *
      * @param passwd the passwd to encrypt
      * @param salt the salt string for encryption
      */
@@ -203,7 +203,7 @@ public class Crypt {
 
     /**
      * Retrieve the passwd string currently being encrypted.
-     * 
+     *
      * @return the current passwd string
      */
     public String getPasswd() {
@@ -212,7 +212,7 @@ public class Crypt {
 
     /**
      * Retrieve the salt string currently being used for encryption.
-     * 
+     *
      * @return the current salt string
      */
     public String getSalt() {
@@ -222,7 +222,7 @@ public class Crypt {
     /**
      * Retrieve the resulting encrypted string from the current passwd and
      * salt settings.
-     * 
+     *
      * @return the encrypted passwd
      */
     public String getEncryptedPasswd() {
@@ -232,7 +232,7 @@ public class Crypt {
     /**
      * Set a new passwd string for encryption. Use getEncryptedPasswd() to
      * retrieve the new result.
-     * 
+     *
      * @param passwd the new passwd string
      */
     public void setPasswd(String passwd) {
@@ -243,7 +243,7 @@ public class Crypt {
     /**
      * Set a new salt string for encryption. Use getEncryptedPasswd() to
      * retrieve the new result.
-     * 
+     *
      * @param salt the new salt string
      */
     public void setSalt(String salt) {
diff --git a/base/common/src/com/netscape/cms/authentication/DNPattern.java b/base/common/src/com/netscape/cms/authentication/DNPattern.java
index 480b5b909..e44f40e9d 100644
--- a/base/common/src/com/netscape/cms/authentication/DNPattern.java
+++ b/base/common/src/com/netscape/cms/authentication/DNPattern.java
@@ -31,45 +31,45 @@ import com.netscape.certsrv.base.EBaseException;
  * class for parsing a DN pattern used to construct a certificate
  * subject name from ldap attributes and dn.
  * 

- * 
+ *
  * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If
  * empty or not set, the ldap entry DN will be used as the certificate subject name.
  * 

- * 
+ *
  * The syntax is
- * 
+ *
  * 
  * 	dnPattern := rdnPattern *[ "," rdnPattern ]
  * 	rdnPattern := avaPattern *[ "+" avaPattern ]
- * 		avaPattern := name "=" value | 
- * 			      name "=" "$attr" "." attrName [ "." attrNumber ] | 
- * 			      name "=" "$dn" "." attrName [ "." attrNumber ] | 
+ * 		avaPattern := name "=" value |
+ * 			      name "=" "$attr" "." attrName [ "." attrNumber ] |
+ * 			      name "=" "$dn" "." attrName [ "." attrNumber ] |
  * 			 	  "$dn" "." "$rdn" "." number
  * 

- * 
+ *
  * 
  * Example1: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US 
  * Ldap entry: dn:  UID=jjames, OU=IS, OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     E = the first 'mail' ldap attribute value in user's entry. 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     OU = the second 'ou' value in the user's entry DN. 

  *     O = the (first) 'o' value in the user's entry DN. 

- *     C = the string "US" 
+ *     C = the string "US"
  * 

  * Example2: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     E = the first 'mail' ldap attribute value in user's entry. 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     OU = the second 'ou' value in the user's entry DN. note multiple AVAs
@@ -78,40 +78,40 @@ import com.netscape.certsrv.base.EBaseException;
  *     C = the string "US"
  * 

  * 

- * 
+ *
  * 
  * Example3: CN=$attr.cn, $rdn.2, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     CN=Jesse James, OU=IS+OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     followed by the second RDN in the user's entry DN. 

  *     O = the (first) 'o' value in the user's entry DN. 

- *     C = the string "US" 
+ *     C = the string "US"
  * 

  * Example4: CN=$attr.cn, OU=$dn.ou.2+OU=$dn.ou.1, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     CN=Jesse James, OU=people+OU=IS, O=acme.org, C=US
- * 
	
+ * 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

- *     OU = the second 'ou' value in the user's entry DN followed by the 
+ *     OU = the second 'ou' value in the user's entry DN followed by the
  * 		first 'ou' value in the user's entry. note multiple AVAs
  * 	    in a RDN in this example. 

  *     O = the (first) 'o' value in the user's entry DN. 

  *     C = the string "US"
  * 

  * 

- * 
+ *
  * If an attribute or subject DN component does not exist the attribute is skipped.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DNPattern {
@@ -129,14 +129,14 @@ public class DNPattern {
 
     /**
      * Construct a DN pattern by parsing a pattern string.
-     * 
+     *
      * @param pattern the DN pattern
      * @exception EBaseException If parsing error occurs.
      */
     public DNPattern(String pattern)
             throws EAuthException {
         if (pattern == null || pattern.equals("")) {
-            // create an attribute list that is the dn. 
+            // create an attribute list that is the dn.
             mLdapAttrs = new String[] { "dn" };
         } else {
             mPatternString = pattern;
@@ -185,7 +185,7 @@ public class DNPattern {
 
     /**
      * Form a Ldap v3 DN string from results of a ldap search.
-     * 
+     *
      * @param entry LDAPentry from a ldap search
      * @return Ldap v3 DN string to use for a subject name.
      */
diff --git a/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java b/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java
index da8d5bd51..f52904718 100644
--- a/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java
@@ -61,9 +61,9 @@ import com.netscape.cmsutil.util.Utils;
  * Uses a pattern for formulating subject names.
  * The pattern is read from configuration file.
  * Syntax of the pattern is described in the init() method.
- * 
+ *
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class DirBasedAuthentication
@@ -78,7 +78,7 @@ public abstract class DirBasedAuthentication
     protected static final String PROP_LDAPSTRINGATTRS = "ldapStringAttributes";
     protected static final String PROP_LDAPBYTEATTRS = "ldapByteAttributes";
 
-    // members 
+    // members
 
     /* name of this authentication manager instance */
     protected String mName = null;
@@ -104,11 +104,11 @@ public abstract class DirBasedAuthentication
     /* the subject DN pattern */
     protected DNPattern mPattern = null;
 
-    /* the list of LDAP attributes with string values to retrieve to 
+    /* the list of LDAP attributes with string values to retrieve to
      * save in the auth token including ones from the dn pattern. */
     protected String[] mLdapStringAttrs = null;
 
-    /* the list of LDAP attributes with byte[] values to retrive to save 
+    /* the list of LDAP attributes with byte[] values to retrive to save
      * in authtoken. */
     protected String[] mLdapByteAttrs = null;
 
@@ -160,14 +160,14 @@ public abstract class DirBasedAuthentication
 
     /**
      * Initializes the UidPwdDirBasedAuthentication auth manager.
-     * 
+     *
      * Takes the following configuration parameters: 

-     * 
+     *
      * 
      * 	ldap.basedn             - the ldap base dn.
      * 	ldap.ldapconn.host      - the ldap host.
-     * 	ldap.ldapconn.port      - the ldap port 
-     * 	ldap.ldapconn.secureConn - whether port should be secure 
+     * 	ldap.ldapconn.port      - the ldap port
+     * 	ldap.ldapconn.secureConn - whether port should be secure
      * 	ldap.minConns           - minimum connections
      * 	ldap.maxConns           - max connections
      * 	dnpattern               - dn pattern.
@@ -177,33 +177,33 @@ public abstract class DirBasedAuthentication
      * attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name.
      * 

      * The syntax is
-     * 
+     *
      * 
      *     dnpattern = SubjectNameComp *[ "," SubjectNameComp ]
-     * 
-     *     SubjectNameComponent = DnComp | EntryComp | ConstantComp  
+     *
+     *     SubjectNameComponent = DnComp | EntryComp | ConstantComp
      *     DnComp = CertAttr "=" "$dn" "." DnAttr "." Num
      *     EntryComp = CertAttr "=" "$attr" "." EntryAttr "." Num
      *     ConstantComp = CertAttr "=" Constant
      *     DnAttr    =  an attribute in the Ldap entry dn
-     *     EntryAttr =  an attribute in the Ldap entry 
+     *     EntryAttr =  an attribute in the Ldap entry
      *     CertAttr  =  a Component in the Certificate Subject Name
-     *                  (multiple AVA in one RDN not supported) 
+     *                  (multiple AVA in one RDN not supported)
      *     Num       =  the nth value of tha attribute  in the dn or entry.
      *     Constant  =  Constant String, with any accepted ldap string value.
-     * 
+     *
      * 

      * 

      * Example:
-     * 
+     *
      * 
-     * dnpattern: 
+     * dnpattern:
      *     E=$attr.mail.1, CN=$attr.cn, OU=$attr.ou.2, O=$dn.o, C=US
      * 

-     * Ldap entry dn: 
+     * Ldap entry dn:
      *     UID=joesmith, OU=people, O=Acme.com
      * 

-     * Ldap attributes: 
+     * Ldap attributes:
      *     cn: Joe Smith
      *     sn: Smith
      *     mail: joesmith@acme.com
@@ -214,17 +214,17 @@ public abstract class DirBasedAuthentication
      * 

      * 

      * The subject name formulated in the cert will be : 

-     * 
+     *
      * 
      *   E=joesmith@acme.com, CN=Joe Smith, OU=Human Resources, O=Acme.com, C=US
-     *   
-     *      E = the first 'mail' ldap attribute value in user's entry - joesmithe@acme.com 
-     *      CN = the (first) 'cn' ldap attribute value in the user's entry - Joe Smith 
+     *
+     *      E = the first 'mail' ldap attribute value in user's entry - joesmithe@acme.com
+     *      CN = the (first) 'cn' ldap attribute value in the user's entry - Joe Smith
      *      OU = the second 'ou' value in the ldap entry - IS
-     *      O = the (first) 'o' value in the user's entry DN - "Acme.com" 
+     *      O = the (first) 'o' value in the user's entry DN - "Acme.com"
      *      C = the constant string "US"
      * 

-     * 
+     *
      * @param name The name for this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config - The configuration store for this instance.
@@ -326,7 +326,7 @@ public abstract class DirBasedAuthentication
      * Authenticates user through LDAP by a set of credentials.
      * Resulting AuthToken a TOKEN_CERTINFO field of a X509CertInfo
      * 

-     * 
+     *
      * @param authCred Authentication credentials, CRED_UID and CRED_PWD.
      * @return A AuthToken with a TOKEN_SUBJECT of X500name type.
      * @exception com.netscape.certsrv.authentication.EMissingCredential
@@ -374,14 +374,14 @@ public abstract class DirBasedAuthentication
             } catch (IOException e) {
             }
 
-            // set validity if any 
+            // set validity if any
             try {
                 CertificateValidity validity = (CertificateValidity)
                         certInfo.get(X509CertInfo.VALIDITY);
 
                 if (validity != null) {
-                    // the gets throws IOException but only if attribute 
-                    // not recognized. In these cases they are always. 
+                    // the gets throws IOException but only if attribute
+                    // not recognized. In these cases they are always.
                     authToken.set(AuthToken.TOKEN_CERT_NOTBEFORE,
                             (Date) validity.get(CertificateValidity.NOT_BEFORE));
                     authToken.set(AuthToken.TOKEN_CERT_NOTAFTER,
@@ -414,7 +414,7 @@ public abstract class DirBasedAuthentication
 
     /**
      * get the list of required credentials.
-     * 
+     *
      * @return list of required credentials as strings.
      */
     public abstract String[] getRequiredCreds();
@@ -423,7 +423,7 @@ public abstract class DirBasedAuthentication
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public abstract String[] getConfigParams();
@@ -445,7 +445,7 @@ public abstract class DirBasedAuthentication
 
     /**
      * Gets the configuration substore used by this authentication manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -454,7 +454,7 @@ public abstract class DirBasedAuthentication
 
     /**
      * Authenticates a user through directory based a set of credentials.
-     * 
+     *
      * @param authCreds The authentication credentials.
      * @return The user's ldap entry dn.
      * @exception EInvalidCredentials If the uid and password are not valid
@@ -466,7 +466,7 @@ public abstract class DirBasedAuthentication
 
     /**
      * Formulate the cert info.
-     * 
+     *
      * @param conn A LDAP Connection authenticated to user to use.
      * @param userdn The user's dn.
      * @param certinfo A certinfo object to fill.
@@ -482,7 +482,7 @@ public abstract class DirBasedAuthentication
         // get ldap attributes to retrieve.
         String[] attrs = getLdapAttrs();
 
-        // retrieve the attributes. 
+        // retrieve the attributes.
         try {
             if (conn != null) {
                 LDAPEntry entry = null;
@@ -496,7 +496,7 @@ public abstract class DirBasedAuthentication
                 }
                 entry = results.next();
 
-                // formulate the subject dn 
+                // formulate the subject dn
                 try {
                     dn = formSubjectName(entry);
                 } catch (EBaseException e) {
@@ -510,7 +510,7 @@ public abstract class DirBasedAuthentication
             }
 
             // add anything else in cert info such as validity, extensions
-            // (nothing now) 
+            // (nothing now)
 
             // pack the dn into X500name and set subject name.
             if (dn.length() == 0) {
@@ -610,7 +610,7 @@ public abstract class DirBasedAuthentication
     /**
      * Return a list of LDAP attributes with String values to retrieve.
      * Subclasses can override to return any set of attributes.
-     * 
+     *
      * @return Array of LDAP attributes to retrieve from the directory.
      */
     protected String[] getLdapAttrs() {
@@ -620,7 +620,7 @@ public abstract class DirBasedAuthentication
     /**
      * Return a list of LDAP attributes with byte[] values to retrieve.
      * Subclasses can override to return any set of attributes.
-     * 
+     *
      * @return Array of LDAP attributes to retrieve from the directory.
      */
     protected String[] getLdapByteAttrs() {
@@ -629,7 +629,7 @@ public abstract class DirBasedAuthentication
 
     /**
      * Formulate the subject name
-     * 
+     *
      * @param entry The LDAP entry
      * @return The subject name string.
      * @exception EBaseException If an internal error occurs.
@@ -654,7 +654,7 @@ public abstract class DirBasedAuthentication
 
     /**
      * Logs a message for this class in the system log file.
-     * 
+     *
      * @param level The log level.
      * @param msg The message to log.
      * @see com.netscape.certsrv.logging.ILogger
diff --git a/base/common/src/com/netscape/cms/authentication/FlatFileAuth.java b/base/common/src/com/netscape/cms/authentication/FlatFileAuth.java
index f60110b0b..2394ede4c 100644
--- a/base/common/src/com/netscape/cms/authentication/FlatFileAuth.java
+++ b/base/common/src/com/netscape/cms/authentication/FlatFileAuth.java
@@ -51,7 +51,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This represents the authentication manager that authenticates
  * user against a file where id, and password are stored.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class FlatFileAuth
@@ -110,7 +110,7 @@ public class FlatFileAuth
 
     /**
      * This array is created as to include all the requested attributes
-     * 
+     *
      */
     String[] reqCreds = null;
 
@@ -127,7 +127,7 @@ public class FlatFileAuth
      * Get the named property
      * If the property is not set, use s as the default, and create
      * a new value for the property in the config file.
-     * 
+     *
      * @param propertyName Property name
      * @param s The default value of the property
      */
@@ -152,7 +152,7 @@ public class FlatFileAuth
      * Get the named property,
      * If the property is not set, use b as the default, and create
      * a new value for the property in the config file.
-     * 
+     *
      * @param propertyName Property name
      * @param b The default value of the property
      */
@@ -220,7 +220,7 @@ public class FlatFileAuth
 
     /**
      * Log a message.
-     * 
+     *
      * @param level The logging level.
      * @param msg The message to log.
      */
@@ -398,7 +398,7 @@ public class FlatFileAuth
     /**
      * Read a file with the following format:
      * 

-     * 
+     *
      * 
      * param1: valuea
      * param2: valueb
@@ -406,7 +406,7 @@ public class FlatFileAuth
      * param1: valuec
      * param2: valued
      * 

-     * 
+     *
      * @param f The file to read
      * @param keys The parameters to concat together to form the hash
      *            key
@@ -506,7 +506,7 @@ public class FlatFileAuth
     /**
      * Compare attributes provided by the user with those in
      * in flat file.
-     * 
+     *
      */
 
     private IAuthToken doAuthentication(Hashtable user, IAuthCredentials authCred)
@@ -543,7 +543,7 @@ public class FlatFileAuth
 
     /**
      * Authenticate the request
-     * 
+     *
      */
     public IAuthToken authenticate(IAuthCredentials authCred)
             throws EMissingCredential, EInvalidCredentials, EBaseException {
@@ -586,7 +586,7 @@ public class FlatFileAuth
             }
         }
 
-        // if a dn was specified in the password file for this user, 
+        // if a dn was specified in the password file for this user,
         // replace the requested dn with the one in the pwfile
         if (user != null) {
             String dn = (String) user.get("dn");
@@ -610,7 +610,7 @@ public class FlatFileAuth
     /**
      * Return a list of HTTP parameters which will be taken from the
      * request posting and placed into the AuthCredentials block
-     * 
+     *
      * Note that this method will not be called until after the
      * init() method is called
      */
diff --git a/base/common/src/com/netscape/cms/authentication/HashAuthData.java b/base/common/src/com/netscape/cms/authentication/HashAuthData.java
index 3a447d282..0635c445a 100644
--- a/base/common/src/com/netscape/cms/authentication/HashAuthData.java
+++ b/base/common/src/com/netscape/cms/authentication/HashAuthData.java
@@ -26,7 +26,7 @@ import java.util.Vector;
  * the agent-initiated user enrollment, and whom agents enable this feature,
  * and the value of the timeout.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class HashAuthData extends Hashtable> {
diff --git a/base/common/src/com/netscape/cms/authentication/HashAuthentication.java b/base/common/src/com/netscape/cms/authentication/HashAuthentication.java
index 2537efa10..b9808e639 100644
--- a/base/common/src/com/netscape/cms/authentication/HashAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/HashAuthentication.java
@@ -42,7 +42,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * Hash uid/pwd directory based authentication manager
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class HashAuthentication implements IAuthManager, IExtendedPluginInfo {
@@ -210,7 +210,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo {
 
     /**
      * Authenticates a user based on uid, pwd in the directory.
-     * 
+     *
      * @param authCreds The authentication credentials.
      * @return The user's ldap entry dn.
      * @exception EInvalidCredentials If the uid and password are not valid
@@ -238,7 +238,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo {
 
     /**
      * Returns array of required credentials for this authentication manager.
-     * 
+     *
      * @return Array of required credentials.
      */
     public String[] getRequiredCreds() {
@@ -247,7 +247,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo {
 
     /**
      * Gets the configuration substore used by this authentication manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -279,7 +279,7 @@ public class HashAuthentication implements IAuthManager, IExtendedPluginInfo {
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
diff --git a/base/common/src/com/netscape/cms/authentication/PortalEnroll.java b/base/common/src/com/netscape/cms/authentication/PortalEnroll.java
index 38a3e6fcf..2e5b9d394 100644
--- a/base/common/src/com/netscape/cms/authentication/PortalEnroll.java
+++ b/base/common/src/com/netscape/cms/authentication/PortalEnroll.java
@@ -51,7 +51,7 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * uid/pwd directory based authentication manager
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PortalEnroll extends DirBasedAuthentication {
@@ -125,7 +125,7 @@ public class PortalEnroll extends DirBasedAuthentication {
     /**
      * Initializes the PortalEnrollment auth manager.
      * 

-     * 
+     *
      * @param name - The name for this authentication manager instance.
      * @param implName - The name of the authentication manager plugin.
      * @param config - The configuration store for this instance.
@@ -161,7 +161,7 @@ public class PortalEnroll extends DirBasedAuthentication {
 
     /**
      * Authenticates a user based on uid, pwd in the directory.
-     * 
+     *
      * @param authCreds The authentication credentials.
      * @return The user's ldap entry dn.
      * @exception EInvalidCredentials If the uid and password are not valid
@@ -259,7 +259,7 @@ public class PortalEnroll extends DirBasedAuthentication {
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
@@ -306,7 +306,7 @@ public class PortalEnroll extends DirBasedAuthentication {
 
     /**
      * Returns array of required credentials for this authentication manager.
-     * 
+     *
      * @return Array of required credentials.
      */
     public String[] getRequiredCreds() {
@@ -315,7 +315,7 @@ public class PortalEnroll extends DirBasedAuthentication {
 
     /**
      * adds a user to the directory.
-     * 
+     *
      * @return dn upon success and null upon failure.
      * @param token authentication token
      * @param uid the user's id.
diff --git a/base/common/src/com/netscape/cms/authentication/RDNPattern.java b/base/common/src/com/netscape/cms/authentication/RDNPattern.java
index 722aefbc3..35e3eb59a 100644
--- a/base/common/src/com/netscape/cms/authentication/RDNPattern.java
+++ b/base/common/src/com/netscape/cms/authentication/RDNPattern.java
@@ -32,45 +32,45 @@ import com.netscape.certsrv.base.EBaseException;
  * class for parsing a DN pattern used to construct a certificate
  * subject name from ldap attributes and dn.
  * 

- * 
+ *
  * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If
  * empty or not set, the ldap entry DN will be used as the certificate subject name.
  * 

- * 
+ *
  * The syntax is
- * 
+ *
  * 
  * 	dnPattern := rdnPattern *[ "," rdnPattern ]
  * 	rdnPattern := avaPattern *[ "+" avaPattern ]
- * 		avaPattern := name "=" value | 
- * 			      name "=" "$attr" "." attrName [ "." attrNumber ] | 
- * 			      name "=" "$dn" "." attrName [ "." attrNumber ] | 
+ * 		avaPattern := name "=" value |
+ * 			      name "=" "$attr" "." attrName [ "." attrNumber ] |
+ * 			      name "=" "$dn" "." attrName [ "." attrNumber ] |
  * 			 	  "$dn" "." "$rdn" "." number
  * 

- * 
+ *
  * 
  * Example1: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US 
  * Ldap entry: dn:  UID=jjames, OU=IS, OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     E = the first 'mail' ldap attribute value in user's entry. 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     OU = the second 'ou' value in the user's entry DN. 

  *     O = the (first) 'o' value in the user's entry DN. 

- *     C = the string "US" 
+ *     C = the string "US"
  * 

  * Example2: E=$attr.mail.1, CN=$attr.cn, OU=$dn.ou.2, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     E=jjames@acme.org, CN=Jesse James, OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     E = the first 'mail' ldap attribute value in user's entry. 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     OU = the second 'ou' value in the user's entry DN. note multiple AVAs
@@ -79,40 +79,40 @@ import com.netscape.certsrv.base.EBaseException;
  *     C = the string "US"
  * 

  * 

- * 
+ *
  * 
  * Example3: CN=$attr.cn, $rdn.2, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     CN=Jesse James, OU=IS+OU=people, O=acme.org, C=US
- * 
	
+ * 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

  *     followed by the second RDN in the user's entry DN. 

  *     O = the (first) 'o' value in the user's entry DN. 

- *     C = the string "US" 
+ *     C = the string "US"
  * 

  * Example4: CN=$attr.cn, OU=$dn.ou.2+OU=$dn.ou.1, O=$dn.o, C=US
  * Ldap entry: dn:  UID=jjames, OU=IS+OU=people, O=acme.org
- * Ldap attributes: cn: Jesse James 
+ * Ldap attributes: cn: Jesse James
  * Ldap attributes: mail: jjames@acme.org
  * 

  * The subject name formulated will be : 

  *     CN=Jesse James, OU=people+OU=IS, O=acme.org, C=US
- * 
	
+ * 

  *     CN = the (first) 'cn' ldap attribute value in the user's entry. 

- *     OU = the second 'ou' value in the user's entry DN followed by the 
+ *     OU = the second 'ou' value in the user's entry DN followed by the
  * 		first 'ou' value in the user's entry. note multiple AVAs
  * 	    in a RDN in this example. 

  *     O = the (first) 'o' value in the user's entry DN. 

  *     C = the string "US"
  * 

  * 

- * 
+ *
  * If an attribute or subject DN component does not exist the attribute is skipped.
- * 
+ *
  * @version $Revision$, $Date$
  */
 class RDNPattern {
@@ -130,14 +130,14 @@ class RDNPattern {
 
     /**
      * Construct a DN pattern by parsing a pattern string.
-     * 
+     *
      * @param pattenr the DN pattern
      * @exception EBaseException If parsing error occurs.
      */
     public RDNPattern(String pattern)
             throws EAuthException {
         if (pattern == null || pattern.equals("")) {
-            // create an attribute list that is the dn. 
+            // create an attribute list that is the dn.
             mLdapAttrs = new String[] { "dn" };
         } else {
             mPatternString = pattern;
@@ -179,7 +179,7 @@ class RDNPattern {
 
         if (lastChar != -1) {
             try {
-                in.unread(lastChar); // pushback last , 
+                in.unread(lastChar); // pushback last ,
             } catch (IOException e) {
                 throw new EAuthException(CMS.getUserMessage("CMS_AUTHENTICATION_INTERNAL_ERROR", e.toString()));
             }
@@ -203,7 +203,7 @@ class RDNPattern {
 
     /**
      * Form a Ldap v3 DN string from results of a ldap search.
-     * 
+     *
      * @param entry LDAPentry from a ldap search
      * @return Ldap v3 DN string to use for a subject name.
      */
diff --git a/base/common/src/com/netscape/cms/authentication/SSLclientCertAuthentication.java b/base/common/src/com/netscape/cms/authentication/SSLclientCertAuthentication.java
index 35c23bd0f..dbae4a1ca 100644
--- a/base/common/src/com/netscape/cms/authentication/SSLclientCertAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/SSLclientCertAuthentication.java
@@ -48,10 +48,10 @@ import com.netscape.certsrv.usrgrp.Certificates;
 
 /**
  * Certificate server SSL client authentication.
- * 
+ *
  * @author Christina Fu
  *         

- * 
+ *
  */
 public class SSLclientCertAuthentication implements IAuthManager,
         IProfileAuthenticator {
@@ -85,7 +85,7 @@ public class SSLclientCertAuthentication implements IAuthManager,
      * initializes the SSLClientCertAuthentication auth manager
      * 

      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param name The name of this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config The configuration store for this authentication manager.
@@ -119,11 +119,11 @@ public class SSLclientCertAuthentication implements IAuthManager,
      * authenticates user by certificate
      * 

      * called by other subsystems or their servlets to authenticate users
-     * 
+     *
      * @param authCred - authentication credential that contains
      *            an usrgrp.Certificates of the user (agent)
      * @return the authentication token that contains the following
-     * 
+     *
      * @exception EMissingCredential If a required credential for this
      *                authentication manager is missing.
      * @exception EInvalidCredentials If credentials cannot be authenticated.
@@ -270,7 +270,7 @@ public class SSLclientCertAuthentication implements IAuthManager,
      * the servlets that handle agent operations to authenticate its
      * users. It calls this method to know which are the
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -283,7 +283,7 @@ public class SSLclientCertAuthentication implements IAuthManager,
      * the Certificate Server Console to display the table for
      * configuration purposes. CertUserDBAuthentication is currently not
      * exposed in this case, so this method is not to be used.
-     * 
+     *
      * @return configuration parameter names in Hashtable of Vectors
      *         where each hashtable entry's key is the substore name, value is a
      *         Vector of parameter names. If no substore, the parameter name
@@ -302,7 +302,7 @@ public class SSLclientCertAuthentication implements IAuthManager,
     /**
      * gets the configuretion substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cms/authentication/TokenAuthentication.java b/base/common/src/com/netscape/cms/authentication/TokenAuthentication.java
index f8e0669e9..10cb94299 100644
--- a/base/common/src/com/netscape/cms/authentication/TokenAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/TokenAuthentication.java
@@ -49,7 +49,7 @@ import com.netscape.cmsutil.xml.XMLObject;
  * Token authentication.
  * Checked if the given token is valid.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class TokenAuthentication implements IAuthManager,
@@ -80,7 +80,7 @@ public class TokenAuthentication implements IAuthManager,
      * initializes the TokenAuthentication auth manager
      * 

      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param name The name of this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config The configuration store for this authentication manager.
@@ -116,7 +116,7 @@ public class TokenAuthentication implements IAuthManager,
      * authenticates user(agent) by certificate
      * 

      * called by other subsystems or their servlets to authenticate users (agents)
-     * 
+     *
      * @param authCred - authentication credential that contains
      *            an usrgrp.Certificates of the user (agent)
      * @return the authentication token that contains the following
@@ -217,7 +217,7 @@ public class TokenAuthentication implements IAuthManager,
      * the servlets that handle agent operations to authenticate its
      * users. It calls this method to know which are the
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -230,7 +230,7 @@ public class TokenAuthentication implements IAuthManager,
      * the Certificate Server Console to display the table for
      * configuration purposes. CertUserDBAuthentication is currently not
      * exposed in this case, so this method is not to be used.
-     * 
+     *
      * @return configuration parameter names in Hashtable of Vectors
      *         where each hashtable entry's key is the substore name, value is a
      *         Vector of parameter names. If no substore, the parameter name
@@ -249,7 +249,7 @@ public class TokenAuthentication implements IAuthManager,
     /**
      * gets the configuretion substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cms/authentication/UdnPwdDirAuthentication.java b/base/common/src/com/netscape/cms/authentication/UdnPwdDirAuthentication.java
index c9fbbf9ac..2f9fc43bd 100644
--- a/base/common/src/com/netscape/cms/authentication/UdnPwdDirAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/UdnPwdDirAuthentication.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * udn/pwd directory based authentication manager
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UdnPwdDirAuthentication extends DirBasedAuthentication {
@@ -81,7 +81,7 @@ public class UdnPwdDirAuthentication extends DirBasedAuthentication {
     /**
      * Initializes the UdnPwdDirAuthentication auth manager.
      * 

-     * 
+     *
      * @param name - The name for this authentication manager instance.
      * @param implName - The name of the authentication manager plugin.
      * @param config - The configuration store for this instance.
@@ -94,7 +94,7 @@ public class UdnPwdDirAuthentication extends DirBasedAuthentication {
 
     /**
      * Authenticates a user based on udn, pwd in the directory.
-     * 
+     *
      * @param authCreds The authentication credentials.
      * @return The user's ldap entry dn.
      * @exception EInvalidCredentials If the udn and password are not valid
@@ -170,7 +170,7 @@ public class UdnPwdDirAuthentication extends DirBasedAuthentication {
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
@@ -179,7 +179,7 @@ public class UdnPwdDirAuthentication extends DirBasedAuthentication {
 
     /**
      * Returns array of required credentials for this authentication manager.
-     * 
+     *
      * @return Array of required credentials.
      */
     public String[] getRequiredCreds() {
diff --git a/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java b/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java
index d4a9de108..ffa8ea42f 100644
--- a/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java
@@ -49,7 +49,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * uid/pwd directory based authentication manager
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UidPwdDirAuthentication extends DirBasedAuthentication
@@ -96,7 +96,7 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication
 
     /**
      * Authenticates a user based on uid, pwd in the directory.
-     * 
+     *
      * @param authCreds The authentication credentials.
      * @return The user's ldap entry dn.
      * @exception EInvalidCredentials If the uid and password are not valid
@@ -185,7 +185,7 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
@@ -194,7 +194,7 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication
 
     /**
      * Returns array of required credentials for this authentication manager.
-     * 
+     *
      * @return Array of required credentials.
      */
     public String[] getRequiredCreds() {
diff --git a/base/common/src/com/netscape/cms/authentication/UidPwdPinDirAuthentication.java b/base/common/src/com/netscape/cms/authentication/UidPwdPinDirAuthentication.java
index 880b7c767..65cf75651 100644
--- a/base/common/src/com/netscape/cms/authentication/UidPwdPinDirAuthentication.java
+++ b/base/common/src/com/netscape/cms/authentication/UidPwdPinDirAuthentication.java
@@ -55,7 +55,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * uid/pwd/pin directory based authentication manager
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UidPwdPinDirAuthentication extends DirBasedAuthentication
@@ -179,7 +179,7 @@ public class UidPwdPinDirAuthentication extends DirBasedAuthentication
 
     /**
      * Authenticates a user based on its uid, pwd, pin in the directory.
-     * 
+     *
      * @param authCreds The authentication credentials with uid, pwd, pin.
      * @return The user's ldap entry dn.
      * @exception EInvalidCredentials If the uid and password are not valid
@@ -242,7 +242,7 @@ public class UidPwdPinDirAuthentication extends DirBasedAuthentication
             log(ILogger.LL_SECURITY, CMS.getLogMessage("CMS_AUTH_AUTHENTICATED", uid));
             // log(ILogger.LL_SECURITY, "found user : " + userdn);
 
-            // check pin. 
+            // check pin.
             checkpin(conn, userdn, uid, pin);
 
             // set uid in the token.
@@ -376,7 +376,7 @@ public class UidPwdPinDirAuthentication extends DirBasedAuthentication
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
@@ -385,7 +385,7 @@ public class UidPwdPinDirAuthentication extends DirBasedAuthentication
 
     /**
      * Returns array of required credentials for this authentication manager.
-     * 
+     *
      * @return Array of required credentials.
      */
     public String[] getRequiredCreds() {
diff --git a/base/common/src/com/netscape/cms/authorization/AAclAuthz.java b/base/common/src/com/netscape/cms/authorization/AAclAuthz.java
index 570fe3a88..2e6636f27 100644
--- a/base/common/src/com/netscape/cms/authorization/AAclAuthz.java
+++ b/base/common/src/com/netscape/cms/authorization/AAclAuthz.java
@@ -45,19 +45,19 @@ import com.netscape.cmsutil.util.Utils;
  * actions.
  * 

  * Here is a sample resourceACLS for a resource
- * 
+ *
  * 
  *   certServer.UsrGrpAdminServlet:
  *       execute:
  *           deny (execute) user="tempAdmin";
  *           allow (execute) group="Administrators";
  * 

- * 
+ *
  * To perform permission checking, code call authz mgr authorize() method to verify access. See AuthzMgr for calling
  * example.
  * 

  * default "evaluators" are used to evaluate the "group=.." or "user=.." rules. See evaluator for more info
- * 
+ *
  * @version $Revision$, $Date$
  * @see ACL Files
  */
@@ -122,7 +122,7 @@ public abstract class AAclAuthz {
                             type + "." + PROP_CLASS));
             }
 
-            // instantiate evaluator 
+            // instantiate evaluator
             try {
                 evaluator =
                         (IAccessEvaluator) Class.forName(evalClassPath).newInstance();
@@ -152,7 +152,7 @@ public abstract class AAclAuthz {
      * :right-1[,right-n]:[allow,deny](right(s))=:
      * Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties
-     * 
+     *
      * @param resACLs same format as the resourceACLs attribute
      * @throws EBaseException parsing error from parseACL
      */
@@ -200,7 +200,7 @@ public abstract class AAclAuthz {
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
@@ -244,7 +244,7 @@ public abstract class AAclAuthz {
      * 

      * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks,
      * will the eventual access be granted.
-     * 
+     *
      * @param name resource name
      * @param perm permission requested
      * @exception EACLsException access permission denied
@@ -301,7 +301,7 @@ public abstract class AAclAuthz {
      * negative ("deny") aclEntries are treated differently than positive ("allow") statements. If a negative aclEntries
      * fails the acl check, the permission check will return "false" right away; while in the case of a positive
      * aclEntry, if the the aclEntry fails the acl check, the next aclEntry will be evaluated.
-     * 
+     *
      * @param name resource name
      * @param perm permission requested
      * @return true if access allowed
@@ -463,7 +463,7 @@ public abstract class AAclAuthz {
      * 

      * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks,
      * will the eventual access be granted.
-     * 
+     *
      * @param authToken authentication token gotten from authentication
      * @param name resource name
      * @param perm permission requested
@@ -768,7 +768,7 @@ public abstract class AAclAuthz {
 
     /**
      * gets an enumeration of resources
-     * 
+     *
      * @return an enumeration of resources contained in the ACL table
      */
     public Enumeration aclResElements() {
@@ -777,7 +777,7 @@ public abstract class AAclAuthz {
 
     /**
      * gets an enumeration of access evaluators
-     * 
+     *
      * @return an enumeraton of access evaluators
      */
     public Enumeration aclEvaluatorElements() {
@@ -786,7 +786,7 @@ public abstract class AAclAuthz {
 
     /**
      * gets the access evaluators
-     * 
+     *
      * @return handle to the access evaluators table
      */
     public Hashtable getAccessEvaluators() {
@@ -795,7 +795,7 @@ public abstract class AAclAuthz {
 
     /**
      * is this resource name unique
-     * 
+     *
      * @return true if unique; false otherwise
      */
     public boolean isTypeUnique(String type) {
@@ -828,7 +828,7 @@ public abstract class AAclAuthz {
      * an abstract class that enforces implementation of the
      * authorize() method that will authorize an operation on a
      * particular resource
-     * 
+     *
      * @param authToken the authToken associated with a user
      * @param resource - the protected resource name
      * @param operation - the protected resource operation name
diff --git a/base/common/src/com/netscape/cms/authorization/BasicAclAuthz.java b/base/common/src/com/netscape/cms/authorization/BasicAclAuthz.java
index f6b1b6713..dae24678d 100644
--- a/base/common/src/com/netscape/cms/authorization/BasicAclAuthz.java
+++ b/base/common/src/com/netscape/cms/authorization/BasicAclAuthz.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * A class for basic acls authorization manager
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class BasicAclAuthz extends AAclAuthz
@@ -112,7 +112,7 @@ public class BasicAclAuthz extends AAclAuthz
      * Example:
      * 

      * For example, if UsrGrpAdminServlet needs to authorize the caller it would do be done in the following fashion:
-     * 
+     *
      * 
      * try {
      *     authzTok = mAuthz.authorize("DirACLBasedAuthz", authToken, RES_GROUP, "read");
@@ -120,7 +120,7 @@ public class BasicAclAuthz extends AAclAuthz
      *     log(ILogger.LL_FAILURE, "authorize call: " + e.toString());
      * }
      * 

-     * 
+     *
      * @param authToken the authToken associated with a user
      * @param resource - the protected resource name
      * @param operation - the protected resource operation name
@@ -143,7 +143,7 @@ public class BasicAclAuthz extends AAclAuthz
             authzToken.set(AuthzToken.TOKEN_AUTHZ_STATUS,
                     AuthzToken.AUTHZ_STATUS_SUCCESS);
         } catch (EACLsException e) {
-            // audit here later 
+            // audit here later
             log(ILogger.LL_FAILURE, CMS.getLogMessage("AUTHZ_EVALUATOR_AUTHORIZATION_FAILED"));
             String params[] = { resource, operation };
 
@@ -165,7 +165,7 @@ public class BasicAclAuthz extends AAclAuthz
 
     /**
      * This currently does not flush to permanent storage
-     * 
+     *
      * @param id is the resource id
      * @param strACLs
      */
@@ -203,7 +203,7 @@ public class BasicAclAuthz extends AAclAuthz
 
     /**
      * Logs a message for this class in the system log file.
-     * 
+     *
      * @param level The log level.
      * @param msg The message to log.
      * @see com.netscape.certsrv.logging.ILogger
diff --git a/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java b/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java
index acc3ffbb7..040ff5297 100644
--- a/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java
+++ b/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java
@@ -46,7 +46,7 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * A class for ldap acls based authorization manager
  * The ldap server used for acls is the cms internal ldap db.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DirAclAuthz extends AAclAuthz
@@ -203,7 +203,7 @@ public class DirAclAuthz extends AAclAuthz
      * Example:
      * 

      * For example, if UsrGrpAdminServlet needs to authorize the caller it would do be done in the following fashion:
-     * 
+     *
      * 
      * try {
      *     authzTok = mAuthz.authorize("DirAclAuthz", authToken, RES_GROUP, "read");
@@ -211,7 +211,7 @@ public class DirAclAuthz extends AAclAuthz
      *     log(ILogger.LL_FAILURE, "authorize call: " + e.toString());
      * }
      * 

-     * 
+     *
      * @param authToken the authToken associated with a user
      * @param resource - the protected resource name
      * @param operation - the protected resource operation name
@@ -230,7 +230,7 @@ public class DirAclAuthz extends AAclAuthz
             authzToken.set(AuthzToken.TOKEN_AUTHZ_STATUS, AuthzToken.AUTHZ_STATUS_SUCCESS);
             CMS.debug("DirAclAuthz: authorization passed");
         } catch (EACLsException e) {
-            // audit here later 
+            // audit here later
             log(ILogger.LL_FAILURE, CMS.getLogMessage("AUTHZ_EVALUATOR_AUTHORIZATION_FAILED"));
             String params[] = { resource, operation };
 
@@ -256,7 +256,7 @@ public class DirAclAuthz extends AAclAuthz
      * Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates
      * lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts
      * down, another flush will be attempted.
-     * 
+     *
      * @param id is the resource id
      * @param rights The allowable rights for this resource
      * @param strACLs has the same format as a resourceACLs entry acis
@@ -352,7 +352,7 @@ public class DirAclAuthz extends AAclAuthz
 
     /**
      * Logs a message for this class in the system log file.
-     * 
+     *
      * @param level The log level.
      * @param msg The message to log.
      * @see com.netscape.certsrv.logging.ILogger
diff --git a/base/common/src/com/netscape/cms/crl/CMSAuthInfoAccessExtension.java b/base/common/src/com/netscape/cms/crl/CMSAuthInfoAccessExtension.java
index d4cef0148..8a8de4174 100644
--- a/base/common/src/com/netscape/cms/crl/CMSAuthInfoAccessExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSAuthInfoAccessExtension.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a Authority Information Access CRL extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSAuthInfoAccessExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java b/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
index 26c8c1d0e..3f5ea2399 100644
--- a/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents an authority key identifier extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSAuthorityKeyIdentifierExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSCRLNumberExtension.java b/base/common/src/com/netscape/cms/crl/CMSCRLNumberExtension.java
index e7f4e7b3f..4e51b5c9b 100644
--- a/base/common/src/com/netscape/cms/crl/CMSCRLNumberExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSCRLNumberExtension.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a CRL number extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSCRLNumberExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSCRLReasonExtension.java b/base/common/src/com/netscape/cms/crl/CMSCRLReasonExtension.java
index 6ed993d54..02bd40927 100644
--- a/base/common/src/com/netscape/cms/crl/CMSCRLReasonExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSCRLReasonExtension.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a CRL reason extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSCRLReasonExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSCertificateIssuerExtension.java b/base/common/src/com/netscape/cms/crl/CMSCertificateIssuerExtension.java
index b0bf20856..84181a8dd 100644
--- a/base/common/src/com/netscape/cms/crl/CMSCertificateIssuerExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSCertificateIssuerExtension.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a certificate issuer extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSCertificateIssuerExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSDeltaCRLIndicatorExtension.java b/base/common/src/com/netscape/cms/crl/CMSDeltaCRLIndicatorExtension.java
index 8672502ab..e3e8d2311 100644
--- a/base/common/src/com/netscape/cms/crl/CMSDeltaCRLIndicatorExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSDeltaCRLIndicatorExtension.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a delta CRL indicator extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSDeltaCRLIndicatorExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSFreshestCRLExtension.java b/base/common/src/com/netscape/cms/crl/CMSFreshestCRLExtension.java
index 72dbe5502..50031c61a 100644
--- a/base/common/src/com/netscape/cms/crl/CMSFreshestCRLExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSFreshestCRLExtension.java
@@ -40,7 +40,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a freshest CRL extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSFreshestCRLExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSHoldInstructionExtension.java b/base/common/src/com/netscape/cms/crl/CMSHoldInstructionExtension.java
index 4023e3b2f..b7945c0b6 100644
--- a/base/common/src/com/netscape/cms/crl/CMSHoldInstructionExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSHoldInstructionExtension.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a hold instruction extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSHoldInstructionExtension
@@ -116,7 +116,7 @@ public class CMSHoldInstructionExtension
         }
         if (instruction != null) {
             if (!(instruction.equalsIgnoreCase(PROP_INSTR_NONE) ||
-                    instruction.equalsIgnoreCase(PROP_INSTR_CALLISSUER) || 
+                    instruction.equalsIgnoreCase(PROP_INSTR_CALLISSUER) ||
                     instruction.equalsIgnoreCase(PROP_INSTR_REJECT))) {
                 instruction = PROP_INSTR_NONE;
             }
diff --git a/base/common/src/com/netscape/cms/crl/CMSInvalidityDateExtension.java b/base/common/src/com/netscape/cms/crl/CMSInvalidityDateExtension.java
index 083873c31..6ff61fb44 100644
--- a/base/common/src/com/netscape/cms/crl/CMSInvalidityDateExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSInvalidityDateExtension.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a invalidity date extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSInvalidityDateExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSIssuerAlternativeNameExtension.java b/base/common/src/com/netscape/cms/crl/CMSIssuerAlternativeNameExtension.java
index 64252a0b9..fb2a6e0d5 100644
--- a/base/common/src/com/netscape/cms/crl/CMSIssuerAlternativeNameExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSIssuerAlternativeNameExtension.java
@@ -48,7 +48,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * This represents a issuer alternative name extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSIssuerAlternativeNameExtension
diff --git a/base/common/src/com/netscape/cms/crl/CMSIssuingDistributionPointExtension.java b/base/common/src/com/netscape/cms/crl/CMSIssuingDistributionPointExtension.java
index 4253584ce..02cc129c4 100644
--- a/base/common/src/com/netscape/cms/crl/CMSIssuingDistributionPointExtension.java
+++ b/base/common/src/com/netscape/cms/crl/CMSIssuingDistributionPointExtension.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This represents a issuing distribution point extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSIssuingDistributionPointExtension
diff --git a/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java b/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java
index 530ca9447..e8a32d752 100644
--- a/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java
+++ b/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java
@@ -30,7 +30,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * A class represents a group acls evaluator.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GroupAccessEvaluator implements IAccessEvaluator {
@@ -60,7 +60,7 @@ public class GroupAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the type name for this acl evaluator
-     * 
+     *
      * @return type for this acl evaluator: "group" or "at_group"
      */
     public String getType() {
@@ -69,7 +69,7 @@ public class GroupAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the description for this acl evaluator
-     * 
+     *
      * @return description for this acl evaluator
      */
     public String getDescription() {
@@ -87,7 +87,7 @@ public class GroupAccessEvaluator implements IAccessEvaluator {
     /**
      * evaluates uid in AuthToken to see if it has membership in
      * group value
-     * 
+     *
      * @param authToken authentication token
      * @param type must be "at_group"
      * @param op must be "="
@@ -145,7 +145,7 @@ public class GroupAccessEvaluator implements IAccessEvaluator {
     /**
      * evaluates uid in SessionContext to see if it has membership in
      * group value
-     * 
+     *
      * @param type must be "group"
      * @param op must be "="
      * @param value the group name
diff --git a/base/common/src/com/netscape/cms/evaluators/IPAddressAccessEvaluator.java b/base/common/src/com/netscape/cms/evaluators/IPAddressAccessEvaluator.java
index 17d383688..fe784f3a9 100644
--- a/base/common/src/com/netscape/cms/evaluators/IPAddressAccessEvaluator.java
+++ b/base/common/src/com/netscape/cms/evaluators/IPAddressAccessEvaluator.java
@@ -27,7 +27,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * A class represents a IP address acls evaluator.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class IPAddressAccessEvaluator implements IAccessEvaluator {
@@ -49,7 +49,7 @@ public class IPAddressAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the type name for this acl evaluator
-     * 
+     *
      * @return type for this acl evaluator: ipaddress
      */
     public String getType() {
@@ -58,7 +58,7 @@ public class IPAddressAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the description for this acl evaluator
-     * 
+     *
      * @return description for this acl evaluator
      */
     public String getDescription() {
@@ -75,7 +75,7 @@ public class IPAddressAccessEvaluator implements IAccessEvaluator {
 
     /**
      * Gets the IP address from session context
-     * 
+     *
      * @param authToken authentication token
      * @param type must be "ipaddress"
      * @param op must be "=" or "!="
@@ -89,7 +89,7 @@ public class IPAddressAccessEvaluator implements IAccessEvaluator {
     /**
      * evaluates uid in SessionContext to see if it has membership in
      * group value
-     * 
+     *
      * @param type must be "group"
      * @param op must be "="
      * @param value the group name
diff --git a/base/common/src/com/netscape/cms/evaluators/UserAccessEvaluator.java b/base/common/src/com/netscape/cms/evaluators/UserAccessEvaluator.java
index bf7727c92..c343b110a 100644
--- a/base/common/src/com/netscape/cms/evaluators/UserAccessEvaluator.java
+++ b/base/common/src/com/netscape/cms/evaluators/UserAccessEvaluator.java
@@ -28,7 +28,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * A class represents a user acls evaluator.
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserAccessEvaluator implements IAccessEvaluator {
@@ -54,7 +54,7 @@ public class UserAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the type name for this acl evaluator
-     * 
+     *
      * @return type for this acl evaluator: "user" or "at_user"
      */
     public String getType() {
@@ -63,7 +63,7 @@ public class UserAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the description for this acl evaluator
-     * 
+     *
      * @return description for this acl evaluator
      */
     public String getDescription() {
@@ -80,7 +80,7 @@ public class UserAccessEvaluator implements IAccessEvaluator {
 
     /**
      * Evaluates the user in AuthToken to see if it's equal to value
-     * 
+     *
      * @param authToken AuthToken from authentication
      * @param type must be "at_user"
      * @param op must be "="
@@ -116,7 +116,7 @@ public class UserAccessEvaluator implements IAccessEvaluator {
 
     /**
      * Evaluates the user in session context to see if it's equal to value
-     * 
+     *
      * @param type must be "user"
      * @param op must be "="
      * @param value the user id
diff --git a/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java b/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java
index 442828e75..d3f004619 100644
--- a/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java
+++ b/base/common/src/com/netscape/cms/evaluators/UserOrigReqAccessEvaluator.java
@@ -31,7 +31,7 @@ import com.netscape.cmsutil.util.Utils;
  * uid is placed in the SessionContext of the renewal session context
  * to be evaluated by this evaluator
  * 

- * 
+ *
  * @author Christina Fu
  * @version $Revision$, $Date$
  */
@@ -58,7 +58,7 @@ public class UserOrigReqAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the type name for this acl evaluator
-     * 
+     *
      * @return type for this acl evaluator: "user_origreq" or "at_user_origreq"
      */
     public String getType() {
@@ -67,7 +67,7 @@ public class UserOrigReqAccessEvaluator implements IAccessEvaluator {
 
     /**
      * gets the description for this acl evaluator
-     * 
+     *
      * @return description for this acl evaluator
      */
     public String getDescription() {
@@ -84,7 +84,7 @@ public class UserOrigReqAccessEvaluator implements IAccessEvaluator {
 
     /**
      * Evaluates the user in AuthToken to see if it's equal to value
-     * 
+     *
      * @param authToken AuthToken from authentication
      * @param type must be "at_userreq"
      * @param op must be "="
@@ -132,7 +132,7 @@ public class UserOrigReqAccessEvaluator implements IAccessEvaluator {
 
     /**
      * Evaluates the user in session context to see if it's equal to value
-     * 
+     *
      * @param type must be "user_origreq"
      * @param op must be "="
      * @param value the user id
diff --git a/base/common/src/com/netscape/cms/jobs/AJobBase.java b/base/common/src/com/netscape/cms/jobs/AJobBase.java
index 0da5d2028..bd319b94e 100644
--- a/base/common/src/com/netscape/cms/jobs/AJobBase.java
+++ b/base/common/src/com/netscape/cms/jobs/AJobBase.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This abstract class is a base job for real job extentions for the
  * Jobs Scheduler.
- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.jobs.IJob
  */
@@ -55,7 +55,7 @@ public abstract class AJobBase implements IJob, Runnable {
     protected static final String STATUS_FAILURE = "failed";
     protected static final String STATUS_SUCCESS = "succeeded";
 
-    // variables used by the Job Scheduler Daemon 
+    // variables used by the Job Scheduler Daemon
     protected String mImplName = null;
     protected IConfigStore mConfig;
     protected String mId = null;
@@ -81,7 +81,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * tells if the job is enabled
-     * 
+     *
      * @return a boolean value indicating whether the job is enabled
      *         or not
      */
@@ -109,7 +109,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * get instance id.
-     * 
+     *
      * @return a String identifier
      */
     public String getId() {
@@ -118,7 +118,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * set instance id.
-     * 
+     *
      * @param id String id of the instance
      */
     public void setId(String id) {
@@ -127,7 +127,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * get cron string associated with this job
-     * 
+     *
      * @return a JobCron object that represents the schedule of this job
      */
     public IJobCron getJobCron() {
@@ -136,7 +136,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * gets the plugin name of this job.
-     * 
+     *
      * @return a String that is the name of this implementation
      */
     public String getImplName() {
@@ -145,7 +145,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * Gets the configuration substore used by this job
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -265,7 +265,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * logs an entry in the log file. Used by classes extending this class.
-     * 
+     *
      * @param level log level
      * @param msg log message in String
      */
@@ -278,7 +278,7 @@ public abstract class AJobBase implements IJob, Runnable {
 
     /**
      * capable of logging multiline entry in the log file. Used by classes extending this class.
-     * 
+     *
      * @param level log level
      * @param msg log message in String
      * @param multiline boolean indicating whether the message is a
diff --git a/base/common/src/com/netscape/cms/jobs/PublishCertsJob.java b/base/common/src/com/netscape/cms/jobs/PublishCertsJob.java
index 28268dfab..25c80817b 100644
--- a/base/common/src/com/netscape/cms/jobs/PublishCertsJob.java
+++ b/base/common/src/com/netscape/cms/jobs/PublishCertsJob.java
@@ -56,7 +56,7 @@ import com.netscape.certsrv.request.RequestId;
  * 
    
  * $SerialNumber $IssuerDN $SubjectDN $NotAfter $NotBefore $RequestorEmail $CertType
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PublishCertsJob extends AJobBase
@@ -383,7 +383,7 @@ public class PublishCertsJob extends AJobBase
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
diff --git a/base/common/src/com/netscape/cms/jobs/RenewalNotificationJob.java b/base/common/src/com/netscape/cms/jobs/RenewalNotificationJob.java
index 5ca581445..2f1d479a4 100644
--- a/base/common/src/com/netscape/cms/jobs/RenewalNotificationJob.java
+++ b/base/common/src/com/netscape/cms/jobs/RenewalNotificationJob.java
@@ -50,7 +50,7 @@ import com.netscape.certsrv.request.RequestId;
  * A job for the Jobs Scheduler. This job checks in the internal ldap
  * db for certs about to expire within the next configurable days and
  * sends email notifications to the appropriate recipients.
- * 
+ *
  * the $TOKENS that are available for the this jobs's summary outer form are:

  * 
    
@@ -75,7 +75,7 @@ import com.netscape.certsrv.request.RequestId;
  * 
  • $HttpHost
  * 
  • $HttpPort
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.jobs.IJob
  * @see com.netscape.cms.jobs.AJobBase
@@ -248,7 +248,7 @@ public class RenewalNotificationJob
 
     /**
      * Initialize from the configuration file.
-     * 
+     *
      * @param id String name of this instance
      * @param implName string name of this implementation
      * @param config configuration store for this instance
@@ -289,7 +289,7 @@ public class RenewalNotificationJob
         mHttpHost = CMS.getEEHost();
         mHttpPort = CMS.getEESSLPort();
 
-        // read from the configuration file				
+        // read from the configuration file
         try {
             mPreDays = mConfig.getInteger(PROP_NOTIFYTRIGGEROFFSET, 30); // in days
             mPostDays = mConfig.getInteger(PROP_NOTIFYENDOFFSET, 15); // in days
@@ -354,7 +354,7 @@ public class RenewalNotificationJob
             // All cert records which:
             //   1) expire before the deadline
             //   2) have not already been renewed
-            // filter format: 
+            // filter format:
             // (& (notafter<='time')(!(certAutoRenew=DONE))(!certAutoRenew=DISABLED))
 
             StringBuffer f = new StringBuffer();
@@ -480,7 +480,7 @@ public class RenewalNotificationJob
 
     /**
      * get instance id.
-     * 
+     *
      * @return a String identifier
      */
     public String getId() {
@@ -489,7 +489,7 @@ public class RenewalNotificationJob
 
     /**
      * set instance id.
-     * 
+     *
      * @param id String id of the instance
      */
     public void setId(String id) {
@@ -498,7 +498,7 @@ public class RenewalNotificationJob
 
     /**
      * get cron string associated with this job
-     * 
+     *
      * @return a JobCron object that represents the schedule of this job
      */
     public IJobCron getJobCron() {
@@ -507,7 +507,7 @@ public class RenewalNotificationJob
 
     /**
      * gets the plugin name of this job.
-     * 
+     *
      * @return a String that is the name of this implementation
      */
     public String getImplName() {
@@ -516,7 +516,7 @@ public class RenewalNotificationJob
 
     /**
      * Gets the configuration substore used by this job
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -585,7 +585,7 @@ public class RenewalNotificationJob
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
diff --git a/base/common/src/com/netscape/cms/jobs/RequestInQueueJob.java b/base/common/src/com/netscape/cms/jobs/RequestInQueueJob.java
index b04461941..5d1ea2f2b 100644
--- a/base/common/src/com/netscape/cms/jobs/RequestInQueueJob.java
+++ b/base/common/src/com/netscape/cms/jobs/RequestInQueueJob.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.request.RequestStatus;
  * 
    
  * $InstanceID $SummaryTotalNum $ExecutionTime
  * 

- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.jobs.IJob
  * @see com.netscape.cms.jobs.AJobBase
@@ -104,7 +104,7 @@ public class RequestInQueueJob extends AJobBase
 
     /**
      * initialize from the configuration file
-     * 
+     *
      * @param id String name of this instance
      * @param implName string name of this implementation
      * @param config configuration store for this instance
@@ -208,7 +208,7 @@ public class RequestInQueueJob extends AJobBase
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
diff --git a/base/common/src/com/netscape/cms/jobs/UnpublishExpiredJob.java b/base/common/src/com/netscape/cms/jobs/UnpublishExpiredJob.java
index 2f4a6ad75..cddb8d56a 100644
--- a/base/common/src/com/netscape/cms/jobs/UnpublishExpiredJob.java
+++ b/base/common/src/com/netscape/cms/jobs/UnpublishExpiredJob.java
@@ -57,7 +57,7 @@ import com.netscape.certsrv.request.RequestId;
  * 
    
  * $SerialNumber $IssuerDN $SubjectDN $NotAfter $NotBefore $RequestorEmail $CertType
  * 

- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UnpublishExpiredJob extends AJobBase
@@ -376,7 +376,7 @@ public class UnpublishExpiredJob extends AJobBase
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
diff --git a/base/common/src/com/netscape/cms/listeners/CertificateIssuedListener.java b/base/common/src/com/netscape/cms/listeners/CertificateIssuedListener.java
index 91526d583..dc0222dda 100644
--- a/base/common/src/com/netscape/cms/listeners/CertificateIssuedListener.java
+++ b/base/common/src/com/netscape/cms/listeners/CertificateIssuedListener.java
@@ -68,7 +68,7 @@ import com.netscape.certsrv.request.RequestId;
  * 
  • $RequestId
  * 
  • $InstanceID
  * 
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertificateIssuedListener implements IRequestListener {
diff --git a/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java b/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
index da041b85d..ad91738e9 100644
--- a/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
+++ b/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java
@@ -70,7 +70,7 @@ import com.netscape.certsrv.request.RequestId;
  * 
  • $RequestId
  * 
  • $InstanceID
  * 
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertificateRevokedListener implements IRequestListener {
diff --git a/base/common/src/com/netscape/cms/listeners/PinRemovalListener.java b/base/common/src/com/netscape/cms/listeners/PinRemovalListener.java
index 662e762b0..2f82307f2 100644
--- a/base/common/src/com/netscape/cms/listeners/PinRemovalListener.java
+++ b/base/common/src/com/netscape/cms/listeners/PinRemovalListener.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.RequestId;
 
 /**
  * This represnets a listener that removes pin from LDAP directory.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PinRemovalListener implements IRequestListener {
diff --git a/base/common/src/com/netscape/cms/listeners/RequestInQListener.java b/base/common/src/com/netscape/cms/listeners/RequestInQListener.java
index 7ff13db54..3d236baea 100644
--- a/base/common/src/com/netscape/cms/listeners/RequestInQListener.java
+++ b/base/common/src/com/netscape/cms/listeners/RequestInQListener.java
@@ -52,7 +52,7 @@ import com.netscape.cms.profile.input.SubmitterInfoInput;
  * 
  • $SenderEmail
  * 
  • $RecipientEmail
  * 
- * 
+ *
  */
 public class RequestInQListener implements IRequestListener {
     protected static final String PROP_ENABLED = "enabled";
@@ -127,7 +127,7 @@ public class RequestInQListener implements IRequestListener {
 
     /**
      * carries out the operation when the listener is triggered.
-     * 
+     *
      * @param r IRequest structure holding the request information
      * @see com.netscape.certsrv.request.IRequest
      */
@@ -203,8 +203,8 @@ public class RequestInQListener implements IRequestListener {
         if (profileId == null) {
             val = r.getExtDataInString(IRequest.HTTP_PARAMS, "csrRequestorEmail");
         } else {
-            // use the submitter info if available, otherwise, use the 
-            // subject name input email 
+            // use the submitter info if available, otherwise, use the
+            // subject name input email
             val = r.getExtDataInString(SubmitterInfoInput.EMAIL);
 
             if ((val == null) || (((String) val).compareTo("") == 0)) {
@@ -250,7 +250,7 @@ public class RequestInQListener implements IRequestListener {
 
     /**
      * sets the configurable parameters
-     * 
+     *
      * @param name a String represents the name of the configuration parameter to be set
      * @param val a String containing the value to be set for name
      */
diff --git a/base/common/src/com/netscape/cms/logging/LogEntry.java b/base/common/src/com/netscape/cms/logging/LogEntry.java
index d91bd7406..ac8d16f54 100644
--- a/base/common/src/com/netscape/cms/logging/LogEntry.java
+++ b/base/common/src/com/netscape/cms/logging/LogEntry.java
@@ -25,7 +25,7 @@ import java.util.Vector;
 
 /**
  * A log entry of LogFile
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LogEntry {
@@ -41,7 +41,7 @@ public class LogEntry {
 
     /**
      * Constructor for a LogEntry.
-     * 
+     *
      */
     public LogEntry(String entry) throws ParseException {
         mEntry = entry;
@@ -50,7 +50,7 @@ public class LogEntry {
 
     /**
      * parse a log entry
-     * 
+     *
      * return a vector of the segments of the entry
      */
 
diff --git a/base/common/src/com/netscape/cms/logging/LogFile.java b/base/common/src/com/netscape/cms/logging/LogFile.java
index 5144bf16d..fa5531a8e 100644
--- a/base/common/src/com/netscape/cms/logging/LogFile.java
+++ b/base/common/src/com/netscape/cms/logging/LogFile.java
@@ -80,7 +80,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * A log event listener which write logs to log files
- * 
+ *
  * @version $Revision$, $Date$
  **/
 public class LogFile implements ILogEventListener, IExtendedPluginInfo {
@@ -229,7 +229,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Constructor for a LogFile.
-     * 
+     *
      */
     public LogFile() {
     }
@@ -310,7 +310,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * add the event to the selected events list
-     * 
+     *
      * @param event to be selected
      */
     public void selectEvent(String event) {
@@ -320,7 +320,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * remove the event from the selected events list
-     * 
+     *
      * @param event to be de-selected
      */
     public void deselectEvent(String event) {
@@ -330,7 +330,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * replace the selected events list
-     * 
+     *
      * @param events comma-separated event list
      */
     public void replaceEvents(String events) {
@@ -386,7 +386,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Initialize and open the log using the parameters from a config store
-     * 
+     *
      * @param config The property config store to find values in
      */
     public void init(IConfigStore config) throws IOException,
@@ -506,7 +506,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Initialize and open the log
-     * 
+     *
      * @param bufferSize The buffer size for the output stream in bytes
      * @param flushInterval The interval in seconds to flush the log
      */
@@ -628,11 +628,11 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
     /**
      * Startup the instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUDIT_LOG_STARTUP used at audit function startup
      * 
    
-     * 
+     *
      * @exception EBaseException if an internal error occurred
      */
     public void startup() throws EBaseException {
@@ -690,12 +690,12 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
     /**
      * Record that the signed audit log has been signed
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_SIGNING used when a signature on the audit log is generated (same as
      * "flush" time)
      * 
    
-     * 
+     *
      * @exception IOException for input/output problems
      * @exception ELogException when plugin implementation fails
      * @exception SignatureException when signing fails
@@ -756,7 +756,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Open the log file. This creates the buffered FileWriter
-     * 
+     *
      */
     protected synchronized void open() throws IOException {
         RandomAccessFile out;
@@ -804,7 +804,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Flush the log file. Also update the MAC for hash protected logs
-     * 
+     *
      */
     public synchronized void flush() {
         try {
@@ -838,7 +838,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Close the log file
-     * 
+     *
      */
     protected synchronized void close() {
         try {
@@ -855,7 +855,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
     /**
      * Shutdown this log file.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUDIT_LOG_SHUTDOWN used at audit function shutdown
      * 
    
@@ -881,7 +881,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
     /**
      * Set the flush interval
      * 
    
-     * 
+     *
      * @param flushInterval The amount of time in seconds until the log
      *            is flush. A value of 0 will disable autoflush. This will also set
      *            the update period for hash protected logs.
@@ -940,7 +940,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
     /**
      * Synchronized method to write a string to the log file. All I18N
      * should take place before this call.
-     * 
+     *
      * @param entry The log entry string
      */
     protected synchronized void log(String entry) throws ELogException {
@@ -1053,7 +1053,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Write an event to the log file
-     * 
+     *
      * @param ev The event to be logged.
      */
     public void log(ILogEvent ev) throws ELogException {
@@ -1116,7 +1116,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * change multi-line log entry by replace "\n" with "\n "
-     * 
+     *
      * @param original The original multi-line log entry.
      */
     private String prepareMultiline(String original) {
@@ -1134,7 +1134,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
      * Read all entries whose logLevel>=lowLevel && log source = source
      * to at most maxLine entries(from end)
      * If the parameter is -1, it's ignored and return all entries
-     * 
+     *
      * @param maxLine The maximum lines to be returned
      * @param lowLevel The lowest log level to be returned
      * @param source The particular log source to be returned
@@ -1302,7 +1302,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
     /**
      * Retrieves the configuration store of this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -1510,11 +1510,11 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all classes that extend this "LogFile"
      * class, and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
diff --git a/base/common/src/com/netscape/cms/logging/RollingLogFile.java b/base/common/src/com/netscape/cms/logging/RollingLogFile.java
index 93455e9fe..312978fae 100644
--- a/base/common/src/com/netscape/cms/logging/RollingLogFile.java
+++ b/base/common/src/com/netscape/cms/logging/RollingLogFile.java
@@ -44,7 +44,7 @@ import com.netscape.cmsutil.util.Utils;
  * A rotating log file for Certificate log events. This class loosely follows
  * the Netscape Common Log API implementing rollover interval, size and file
  * naming conventions. It does not yet implement Disk Usage.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RollingLogFile extends LogFile {
@@ -113,7 +113,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Initialize and open a RollingLogFile using the prop config store
-     * 
+     *
      * @param config The property config store to find values in
      */
     public void init(IConfigStore config) throws IOException,
@@ -151,7 +151,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Set the rollover interval
-     * 
+     *
      * @param rolloverSeconds The amount of time in seconds until the log
      *            is rotated. A value of 0 will disable log rollover.
      **/
@@ -169,7 +169,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Get the rollover interval
-     * 
+     *
      * @return The interval in seconds in which the log is rotated
      **/
     public synchronized int getRolloverTime() {
@@ -178,7 +178,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Set the file expiration time
-     * 
+     *
      * @param expirationSeconds The amount of time in seconds until log files
      *            are deleted
      **/
@@ -203,7 +203,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Get the expiration time
-     * 
+     *
      * @return The age in seconds in which log files are delete
      **/
     public int getExpirationTime() {
@@ -280,15 +280,15 @@ public class RollingLogFile extends LogFile {
      * Remove any log files which have not been modified in the specified
      * time
      * 
    
-     * 
+     *
      * NOTE: automatic removal of log files is currently NOT supported!
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_LOG_DELETE used AFTER audit log expires (authorization should not allow,
      * but in case authorization gets compromised make sure it is written AFTER the log expiration happens)
      * 
    
-     * 
+     *
      * @param expirationSeconds The number of seconds since the expired files
      *            have been modified.
      * @return the time in milliseconds when the next file expires
@@ -496,7 +496,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Write an event to the log file
-     * 
+     *
      * @param ev The event to be logged.
      **/
     public synchronized void log(ILogEvent ev) throws ELogException {
@@ -531,7 +531,7 @@ public class RollingLogFile extends LogFile {
 
     /**
      * Get the log file list in the log directory
-     * 
+     *
      * @return an array of filenames with related path to cert server root
      */
     protected String[] fileList() {
diff --git a/base/common/src/com/netscape/cms/notification/MailNotification.java b/base/common/src/com/netscape/cms/notification/MailNotification.java
index ef09d8f71..cd4ee431c 100644
--- a/base/common/src/com/netscape/cms/notification/MailNotification.java
+++ b/base/common/src/com/netscape/cms/notification/MailNotification.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.notification.IMailNotification;
  * This class uses smtp.host in the configuration for smtp
  * host. The port default (25) is used. If no smtp specified, local
  * host is used
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class MailNotification implements IMailNotification {
@@ -134,7 +134,7 @@ public class MailNotification implements IMailNotification {
 
     /**
      * sets the "From" field
-     * 
+     *
      * @param from email address of the sender
      */
     public void setFrom(String from) {
@@ -143,7 +143,7 @@ public class MailNotification implements IMailNotification {
 
     /**
      * sets the "Subject" field
-     * 
+     *
      * @param subject subject of the email
      */
     public void setSubject(String subject) {
@@ -152,7 +152,7 @@ public class MailNotification implements IMailNotification {
 
     /**
      * sets the "Content-Type" field
-     * 
+     *
      * @param contentType content type of the email
      */
     public void setContentType(String contentType) {
@@ -161,7 +161,7 @@ public class MailNotification implements IMailNotification {
 
     /**
      * sets the content of the email
-     * 
+     *
      * @param content the message content
      */
     public void setContent(String content) {
@@ -170,7 +170,7 @@ public class MailNotification implements IMailNotification {
 
     /**
      * sets the recipients' email addresses
-     * 
+     *
      * @param addresses a list of email addresses of the recipients
      */
     public void setTo(Vector addresses) {
@@ -180,7 +180,7 @@ public class MailNotification implements IMailNotification {
 
     /**
      * sets the recipient's email address
-     * 
+     *
      * @param to address of the recipient email address
      */
     public void setTo(String to) {
diff --git a/base/common/src/com/netscape/cms/ocsp/DefStore.java b/base/common/src/com/netscape/cms/ocsp/DefStore.java
index 21f7023d8..f9798270a 100644
--- a/base/common/src/com/netscape/cms/ocsp/DefStore.java
+++ b/base/common/src/com/netscape/cms/ocsp/DefStore.java
@@ -76,13 +76,13 @@ import com.netscape.cmsutil.ocsp.UnknownInfo;
 /**
  * This is the default OCSP store that stores revocation information
  * as certificate record (CMS internal data structure).
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DefStore implements IDefStore, IExtendedPluginInfo {
 
     // refreshInSec is useful in the master-clone situation.
-    // clone does not know that the CRL has been updated in 
+    // clone does not know that the CRL has been updated in
     // the master (by default no refresh)
     private static final String PROP_USE_CACHE = "useCache";
 
diff --git a/base/common/src/com/netscape/cms/ocsp/LDAPStore.java b/base/common/src/com/netscape/cms/ocsp/LDAPStore.java
index bca02f4a6..c9f97c541 100644
--- a/base/common/src/com/netscape/cms/ocsp/LDAPStore.java
+++ b/base/common/src/com/netscape/cms/ocsp/LDAPStore.java
@@ -74,7 +74,7 @@ import com.netscape.cmsutil.ocsp.UnknownInfo;
 /**
  * This is the LDAP OCSP store. It reads CA certificate and
  * revocation list attributes from the CA entry.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LDAPStore implements IDefStore, IExtendedPluginInfo {
diff --git a/base/common/src/com/netscape/cms/password/PasswordChecker.java b/base/common/src/com/netscape/cms/password/PasswordChecker.java
index 847f3a2c1..ae379761d 100644
--- a/base/common/src/com/netscape/cms/password/PasswordChecker.java
+++ b/base/common/src/com/netscape/cms/password/PasswordChecker.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.password.IPasswordCheck;
  * For example, it can also specify the format of the password which has to
  * be 8 characters long and must be in alphanumeric.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PasswordChecker implements IPasswordCheck, IConfigPasswordCheck {
@@ -67,7 +67,7 @@ public class PasswordChecker implements IPasswordCheck, IConfigPasswordCheck {
     /**
      * Returns true if the given password meets the quality requirement;
      * otherwise returns false.
-     * 
+     *
      * @param mPassword The given password being checked.
      * @return true if the password meets the quality requirement; otherwise
      *         returns false.
@@ -83,7 +83,7 @@ public class PasswordChecker implements IPasswordCheck, IConfigPasswordCheck {
 
     /**
      * Returns a reason if the password doesnt meet the quality requirement.
-     * 
+     *
      * @return string as a reason if the password quality requirement is not met.
      */
     public String getReason(String mPassword) {
diff --git a/base/common/src/com/netscape/cms/policy/APolicyRule.java b/base/common/src/com/netscape/cms/policy/APolicyRule.java
index 0faf7591d..8ed943503 100644
--- a/base/common/src/com/netscape/cms/policy/APolicyRule.java
+++ b/base/common/src/com/netscape/cms/policy/APolicyRule.java
@@ -45,12 +45,12 @@ import com.netscape.certsrv.request.PolicyResult;
  * The abstract policy rule that concrete implementations will
  * extend.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -67,7 +67,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Initializes the policy rule.
      * 
    
-     * 
+     *
      * @param config The config store reference
      */
     public abstract void init(ISubsystem owner, IConfigStore config)
@@ -76,7 +76,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Gets the description for this policy rule.
      * 
    
-     * 
+     *
      * @return The Description for this rule.
      */
     public String getDescription() {
@@ -86,7 +86,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Sets a predicate expression for rule matching.
      * 
    
-     * 
+     *
      * @param exp The predicate expression for the rule.
      */
     public void setPredicate(IExpression exp) {
@@ -96,7 +96,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Returns the predicate expression for the rule.
      * 
    
-     * 
+     *
      * @return The predicate expression for the rule.
      */
     public IExpression getPredicate() {
@@ -106,7 +106,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Returns the name of the policy rule.
      * 
    
-     * 
+     *
      * @return The name of the policy class.
      */
     public String getName() {
@@ -116,7 +116,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Sets the instance name for a policy rule.
      * 
    
-     * 
+     *
      * @param instanceName The name of the rule instance.
      */
     public void setInstanceName(String instanceName) {
@@ -126,7 +126,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Returns the name of the policy rule instance.
      * 
    
-     * 
+     *
      * @return The name of the policy rule instance if set, else
      *         the name of the rule class.
      */
@@ -137,7 +137,7 @@ public abstract class APolicyRule implements IPolicyRule {
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -145,14 +145,14 @@ public abstract class APolicyRule implements IPolicyRule {
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public abstract Vector getInstanceParams();
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public abstract Vector getDefaultParams();
@@ -263,7 +263,7 @@ public abstract class APolicyRule implements IPolicyRule {
      * Form a byte array of octet string key identifier from the sha-1 hash of
      * the Subject Public Key INFO. (including algorithm ID, etc.)
      * 
    
-     * 
+     *
      * @param certInfo cert info of the certificate.
      * @return A Key identifier with the sha-1 hash of subject public key.
      */
@@ -314,7 +314,7 @@ public abstract class APolicyRule implements IPolicyRule {
      * Form a byte array of octet string key identifier from the sha-1 hash of
      * the Subject Public Key BIT STRING.
      * 
    
-     * 
+     *
      * @param certInfo cert info of the certificate.
      * @return A Key identifier with the sha-1 hash of subject public key.
      */
diff --git a/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java b/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java
index b7a24bd65..f8cd03f75 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java
@@ -36,12 +36,12 @@ import com.netscape.cms.policy.APolicyRule;
  * for agent approvals is done. If any are found, the request
  * is approved.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -55,13 +55,13 @@ public class AgentPolicy extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ra.Policy.rule..implName=AgentPolicy ra.Policy.rule..enable=true
      * ra.Policy.rule..predicate= ou == engineering AND o == netscape.com ra.Policy.rule..class=xxxx
      * ra.Policy.rule..params.*
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -105,7 +105,7 @@ public class AgentPolicy extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -141,7 +141,7 @@ public class AgentPolicy extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -150,7 +150,7 @@ public class AgentPolicy extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/AttributePresentConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/AttributePresentConstraints.java
index 93327445e..4ee689915 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/AttributePresentConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/AttributePresentConstraints.java
@@ -46,12 +46,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * This checks if attribute present.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java
index 387b702bf..9b5fbd152 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java
@@ -42,12 +42,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * DSAKeyConstraints policy enforces min and max size of the key.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -94,12 +94,12 @@ public class DSAKeyConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form ra.Policy.rule..implName=DSAKeyConstraints
      * ra.Policy.rule..enable=true ra.Policy.rule..minSize=512
      * ra.Policy.rule..maxSize=1024 ra.Policy.rule..predicate= ou == engineering AND o ==
      * netscape.com
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -157,7 +157,7 @@ public class DSAKeyConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -226,7 +226,7 @@ public class DSAKeyConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -243,7 +243,7 @@ public class DSAKeyConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java b/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java
index 2af145475..fecb59049 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java
@@ -34,12 +34,12 @@ import com.netscape.cms.policy.APolicyRule;
  * nothing. We can later add checks like whether or not to
  * revoke expired certs ..etc here.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -53,12 +53,12 @@ public class DefaultRevocation extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ra.Policy.rule..implName=DefaultRevocation ra.Policy.rule..enable=true
      * ra.Policy.rule..predicate= ou == engineering AND o == netscape.com
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -68,7 +68,7 @@ public class DefaultRevocation extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -78,7 +78,7 @@ public class DefaultRevocation extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -87,7 +87,7 @@ public class DefaultRevocation extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/IssuerConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/IssuerConstraints.java
index a08bde78c..43b7e1fd6 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/IssuerConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/IssuerConstraints.java
@@ -38,12 +38,12 @@ import com.netscape.cms.policy.APolicyRule;
  * IssuerConstraints is a rule for restricting the issuers of the
  * certificates used for certificate-based enrollments.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$ $Date$
  */
@@ -81,7 +81,7 @@ public class IssuerConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -108,7 +108,7 @@ public class IssuerConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -190,7 +190,7 @@ public class IssuerConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -203,7 +203,7 @@ public class IssuerConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java
index 3779b16e3..d656ed463 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java
@@ -41,12 +41,12 @@ import com.netscape.cms.policy.APolicyRule;
  * honor only the keys generated using one of the permitted algorithms
  * such as RSA, DSA or DH.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -86,11 +86,11 @@ public class KeyAlgorithmConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form ra.Policy.rule..implName=KeyAlgorithmConstraints
      * ra.Policy.rule..algorithms=RSA,DSA ra.Policy.rule..enable=true
      * ra.Policy.rule..predicate=ou==Sales
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -151,7 +151,7 @@ public class KeyAlgorithmConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -197,7 +197,7 @@ public class KeyAlgorithmConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -216,7 +216,7 @@ public class KeyAlgorithmConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java b/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java
index 3af9e636f..56b96f95f 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java
@@ -34,12 +34,12 @@ import com.netscape.cms.policy.APolicyRule;
  * is present. The policy rejects a request if any of the auth tokens
  * indicates authentication failure.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -53,12 +53,12 @@ public class ManualAuthentication extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ra.Policy.rule..implName=ManualAuthentication ra.Policy.rule..enable=true
      * ra.Policy.rule..predicate= ou == engineering AND o == netscape.com
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -68,7 +68,7 @@ public class ManualAuthentication extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -83,7 +83,7 @@ public class ManualAuthentication extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -92,7 +92,7 @@ public class ManualAuthentication extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
index 7c53808c5..a1f0805d0 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java
@@ -44,12 +44,12 @@ import com.netscape.cms.policy.APolicyRule;
  * RSAKeyConstraints policy enforces min and max size of the key.
  * Optionally checks the exponents.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -97,13 +97,13 @@ public class RSAKeyConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form:
-     * 
+     *
      * ra.Policy.rule..implName=RSAKeyConstraints ra.Policy.rule..enable=true
      * ra.Policy.rule..minSize=512 ra.Policy.rule..maxSize=2048
      * ra.Policy.rule..predicate=ou==Marketing
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -158,7 +158,7 @@ public class RSAKeyConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -249,7 +249,7 @@ public class RSAKeyConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -271,7 +271,7 @@ public class RSAKeyConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java
index f3e5efc9b..3ff977df5 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java
@@ -38,15 +38,15 @@ import com.netscape.cms.policy.APolicyRule;
 
 /**
  * Whether to allow renewal of an expired cert.
- * 
+ *
  * @version $Revision$, $Date$
  *          
    
- * 
+ *
  *          
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  *          
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -93,12 +93,12 @@ public class RenewalConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form:
-     * 
+     *
      * ra.Policy.rule..implName=ValidityConstraints ra.Policy.rule..enable=true
      * ra.Policy.rule..allowExpiredCerts=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -125,7 +125,7 @@ public class RenewalConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -218,7 +218,7 @@ public class RenewalConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -233,7 +233,7 @@ public class RenewalConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java
index 0265ff855..2810fae10 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java
@@ -42,19 +42,19 @@ import com.netscape.cmsutil.util.Utils;
  * currently active certificate can be renewed and sets new validity
  * period for the renewed certificate starting from the the ending
  * period in the old certificate.
- * 
+ *
  * The main parameters are:
- * 
+ *
  * The renewal leadtime in days: - i.e how many days before the
  * expiry of the current certificate can one request the renewal.
  * min and max validity duration.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -112,13 +112,13 @@ public class RenewalValidityConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form:
-     * 
+     *
      * ra.Policy.rule..implName=ValidityConstraints ra.Policy.rule..enable=true
      * ra.Policy.rule..minValidity=30 ra.Policy.rule..maxValidity=180
      * ra.Policy.rule..renewalInterval=15 ra.Policy.rule..predicate=ou==Sales
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -177,7 +177,7 @@ public class RenewalValidityConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -253,7 +253,7 @@ public class RenewalValidityConstraints extends APolicyRule
                 Date renewedNotAfter = new Date(notAfter.getTime() +
                         mMaxValidity);
 
-                // If the new notAfter is within renewal interval days from 
+                // If the new notAfter is within renewal interval days from
                 // today or already expired, set the notBefore to today.
                 if (renewedNotAfter.before(now) ||
                         (renewedNotAfter.getTime() - now.getTime()) <=
@@ -278,7 +278,7 @@ public class RenewalValidityConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -295,7 +295,7 @@ public class RenewalValidityConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java
index 513e199c4..88c59b2fd 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java
@@ -40,12 +40,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * Whether to allow revocation of an expired cert.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -88,12 +88,12 @@ public class RevocationConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form:
-     * 
+     *
      * ra.Policy.rule..implName=ValidityConstraints ra.Policy.rule..enable=true
      * ra.Policy.rule..allowExpiredCerts=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -115,7 +115,7 @@ public class RevocationConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -191,7 +191,7 @@ public class RevocationConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -206,7 +206,7 @@ public class RevocationConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java
index 8b504eb50..90a8cc167 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java
@@ -44,12 +44,12 @@ import com.netscape.cms.policy.APolicyRule;
  * SigningAlgorithmConstraints enforces that only a supported
  * signing algorithm be requested.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -93,11 +93,11 @@ public class SigningAlgorithmConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form ra.Policy.rule..implName=SigningAlgorithmConstraints
      * ra.Policy.rule..algorithms=SHA-1WithRSA, SHA-1WithDSA ra.Policy.rule..enable=true
      * ra.Policy.rule..predicate=ou==Sales
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -183,7 +183,7 @@ public class SigningAlgorithmConstraints extends APolicyRule
                 ((ICertAuthority) mAuthority).getCASigningAlgorithms();
 
         if (allowedByKey != null) {
-            // don't show algorithms that don't match CA's key in UI.	
+            // don't show algorithms that don't match CA's key in UI.
             mDefaultAllowedAlgs = new String[allowedByKey.length];
             for (int i = 0; i < allowedByKey.length; i++)
                 mDefaultAllowedAlgs[i] = allowedByKey[i];
@@ -200,7 +200,7 @@ public class SigningAlgorithmConstraints extends APolicyRule
     /**
      * Winnows out of mAllowedAlgorithms those algorithms that aren't allowed
      * for some reason.
-     * 
+     *
      * @param allowed An array of allowed algorithms. Only algorithms in this
      *            list will survive the winnowing process.
      * @param reason A string describing the problem with an algorithm
@@ -247,7 +247,7 @@ public class SigningAlgorithmConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -321,7 +321,7 @@ public class SigningAlgorithmConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -340,7 +340,7 @@ public class SigningAlgorithmConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java
index da63f6f24..07cc3b956 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java
@@ -44,12 +44,12 @@ import com.netscape.cms.policy.APolicyRule;
  * This simple policy checks the subordinate CA CSR to see
  * if it is the same as the local CA.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -77,11 +77,11 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form ra.Policy.rule..implName=KeyAlgorithmConstraints
      * ra.Policy.rule..algorithms=RSA,DSA ra.Policy.rule..enable=true
      * ra.Policy.rule..predicate=ou==Sales
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -121,7 +121,7 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -154,7 +154,7 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli
 
                 if (certSubjectName.equalsIgnoreCase(mIssuerNameStr)) {
                     log(ILogger.LL_FAILURE, CMS.getLogMessage("POLICY_SUBJECT_NAME_EXIST_1", mIssuerNameStr));
-                    setError(req, 
+                    setError(req,
                             CMS.getUserMessage("CMS_POLICY_SUBJECT_NAME_EXIST", NAME + ":" + "Same As Issuer Name "
                                     + mIssuerNameStr), "");
                     result = PolicyResult.REJECTED;
@@ -173,7 +173,7 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -184,7 +184,7 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectName.java b/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectName.java
index 9afbf7650..27b5d1a92 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectName.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectName.java
@@ -20,12 +20,12 @@ package com.netscape.cms.policy.constraints;
 /**
  * This class is used to help migrate CMS4.1 to CMS4.2.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java
index 8c106800a..fb52b1302 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java
@@ -47,22 +47,22 @@ import com.netscape.cms.policy.APolicyRule;
  * Checks the uniqueness of the subject name. This policy
  * can only be used (installed) in Certificate Authority
  * subsystem.
- * 
+ *
  * This policy can perform pre-agent-approval checking or
  * post-agent-approval checking based on configuration
  * setting.
- * 
+ *
  * In some situations, user may want to have 2 certificates with
  * the same subject name. For example, one key for encryption,
  * and one for signing. This policy does not deal with this case
  * directly. But it can be easily extended to do that.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -103,13 +103,13 @@ public class UniqueSubjectNameConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form:
-     * 
+     *
      * ca.Policy.rule..implName=UniqueSubjectName ca.Policy.rule..enable=true
      * ca.Policy.rule..enable=true ca.Policy.rule..enablePreAgentApprovalChecking=true
      * ca.Policy.rule..enableKeyUsageExtensionChecking=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -146,7 +146,7 @@ public class UniqueSubjectNameConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -195,15 +195,15 @@ public class UniqueSubjectNameConstraints extends APolicyRule
                     if (status.equals(ICertRecord.STATUS_REVOKED)
                             || status.equals(ICertRecord.STATUS_EXPIRED)
                             || status.equals(ICertRecord.STATUS_REVOKED_EXPIRED)) {
-                        // accept this only if we have a REVOKED, 
+                        // accept this only if we have a REVOKED,
                         // EXPIRED or REVOKED_EXPIRED certificate
                         continue;
 
                     }
                     // you already have an VALID or INVALID (not yet valid) certificate
                     if (mKeyUsageExtensionChecking && agentApproved(req)) {
-                        // This request is agent approved which 
-                        // means all requested extensions are finalized 
+                        // This request is agent approved which
+                        // means all requested extensions are finalized
                         // to the request,
                         // We will accept duplicated subject name with
                         // different keyUsage extension if
@@ -285,7 +285,7 @@ public class UniqueSubjectNameConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -300,7 +300,7 @@ public class UniqueSubjectNameConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java b/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java
index 0409f3c33..72be9d75a 100644
--- a/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java
+++ b/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java
@@ -38,17 +38,17 @@ import com.netscape.cms.policy.APolicyRule;
  * ValidityConstraints is a default rule for Enrollment and
  * Renewal that enforces minimum and maximum validity periods
  * and changes them if not met.
- * 
+ *
  * Optionally the lead and lag times - i.e how far back into the
  * front or back the notBefore date could go in minutes can also
  * be specified.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -115,13 +115,13 @@ public class ValidityConstraints extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries probably are of the form:
-     * 
+     *
      * ra.Policy.rule..implName=ValidityConstraints ra.Policy.rule..enable=true
      * ra.Policy.rule..minValidity=30 ra.Policy.rule..maxValidity=180
      * ra.Policy.rule..predicate=ou==Sales
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -171,7 +171,7 @@ public class ValidityConstraints extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -257,7 +257,7 @@ public class ValidityConstraints extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -278,7 +278,7 @@ public class ValidityConstraints extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
@@ -287,10 +287,10 @@ public class ValidityConstraints extends APolicyRule
 
     /**
      * Create a default validity value for a request
-     * 
+     *
      * This code can be easily overridden in a derived class, if the
      * calculations here aren't accepatble.
-     * 
+     *
      * TODO: it might be good to base this calculation on the creation
      * time of the request.
      */
diff --git a/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java b/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java
index fea126567..21e4ad920 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java
@@ -47,9 +47,9 @@ import com.netscape.cms.policy.APolicyRule;
  * Authority Information Access extension policy.
  * If this policy is enabled, it adds an authority
  * information access extension to the certificate.
- * 
+ *
  * The following listed sample configuration parameters:
- * 
+ *
  * ca.Policy.impl.AuthInfoAccess.class=com.netscape.certsrv.policy.AuthInfoAccessExt
  * ca.Policy.rule.aia.ad0_location=uriName:http://ocsp1.netscape.com
  * ca.Policy.rule.aia.ad0_method=ocsp
@@ -66,16 +66,16 @@ import com.netscape.cms.policy.APolicyRule;
  * ca.Policy.rule.aia.enable=true
  * ca.Policy.rule.aia.implName=AuthInfoAccess
  * ca.Policy.rule.aia.predicate=
- * 
+ *
  * Currently, this policy only supports the following location:
  * uriName:[URI], dirName:[DN]
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -134,12 +134,12 @@ public class AuthInfoAccessExt extends APolicyRule implements
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..implName=AuthInfoAccessExt ca.Policy.rule..enable=true
      * ca.Policy.rule..predicate=
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -214,7 +214,7 @@ public class AuthInfoAccessExt extends APolicyRule implements
      * If this policy is enabled, add the authority information
      * access extension to the certificate.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -305,7 +305,7 @@ public class AuthInfoAccessExt extends APolicyRule implements
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -367,7 +367,7 @@ public class AuthInfoAccessExt extends APolicyRule implements
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/AuthorityKeyIdentifierExt.java b/base/common/src/com/netscape/cms/policy/extensions/AuthorityKeyIdentifierExt.java
index 971379a46..d7e058bf8 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/AuthorityKeyIdentifierExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/AuthorityKeyIdentifierExt.java
@@ -48,12 +48,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Authority Public Key Extension Policy
  * Adds the subject public key id extension to certificates.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -76,7 +76,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
     protected boolean mCritical = DEF_CRITICAL;
     protected String mAltKeyIdType = DEF_ALT_KEYID_TYPE;
 
-    // the extension to add to certs. 
+    // the extension to add to certs.
     protected AuthorityKeyIdentifierExtension mTheExtension = null;
 
     // instance params for console
@@ -105,13 +105,13 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
      * (what communicator expects if the CA does not have a subject key
      * identifier extension) or (2) No extension set (3) Empty sequence
      * in Authority Key Identifier extension.
-     * 
+     *
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..predicate= ca.Policy.rule..implName= ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -181,7 +181,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
         } else {
         }
 
-        // form instance params 
+        // form instance params
         mInstanceParams.addElement(PROP_CRITICAL + "=" + mCritical);
         mInstanceParams.addElement(PROP_ALT_KEYID_TYPE + "=" + mAltKeyIdType);
     }
@@ -190,7 +190,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
      * Adds Authority Key Identifier Extension to a certificate.
      * If the extension is already there, accept it if it's from the agent,
      * else replace it.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -216,7 +216,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
     public PolicyResult applyCert(IRequest req, X509CertInfo certInfo) {
 
         try {
-            // if authority key id extension already exists, leave it if 
+            // if authority key id extension already exists, leave it if
             // from agent. else replace it.
             AuthorityKeyIdentifierExtension authorityKeyIdExt = null;
             CertificateExtensions extensions = (CertificateExtensions)
@@ -228,7 +228,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
                             extensions.get(AuthorityKeyIdentifierExtension.NAME);
                 }
             } catch (IOException e) {
-                // extension isn't there. 
+                // extension isn't there.
             }
             if (authorityKeyIdExt != null) {
                 if (agentApproved(req)) {
@@ -245,8 +245,8 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
                 }
             }
 
-            // if no authority key identifier should be set b/c CA does not 
-            // have a subject key identifier, return here. 
+            // if no authority key identifier should be set b/c CA does not
+            // have a subject key identifier, return here.
             if (mTheExtension == null)
                 return PolicyResult.ACCEPTED;
 
@@ -281,7 +281,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
      * Form the Key Identifier in the Authority Key Identifier extension.
      * from the CA's cert.
      * 
    
-     * 
+     *
      * @param caCertImpl Certificate Info
      * @return A Key Identifier.
      * @throws com.netscape.certsrv.base.EBaseException on error
@@ -335,7 +335,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
     /**
      * Get the Key Identifier in a subject key identifier extension from a
      * CertInfo.
-     * 
+     *
      * @param certInfo the CertInfo structure.
      * @return Key Identifier in a Subject Key Identifier extension if any.
      */
@@ -375,7 +375,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
             keyId = (KeyIdentifier) subjKeyIdExt.get(
                         SubjectKeyIdentifierExtension.KEY_ID);
         } catch (IOException e) {
-            // no key identifier in subject key id extension. 
+            // no key identifier in subject key id extension.
             String msg = NAME + ": " +
                     "Bad Subject Key Identifier Extension found. Error: " + e;
 
@@ -387,7 +387,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -396,7 +396,7 @@ public class AuthorityKeyIdentifierExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java b/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java
index f830b7e3d..eeee26994 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java
@@ -50,12 +50,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Basic Constraints policy.
  * Adds the Basic constraints extension.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -95,10 +95,10 @@ public class BasicConstraintsExt extends APolicyRule
      * Initializes this policy rule.
      * 
    
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..implName=BasicConstraintsExtImpl ca.Policy.rule..pathLen=, -1 for
      * undefined. ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -127,21 +127,21 @@ public class BasicConstraintsExt extends APolicyRule
 
             mCAPathLen = caCert.getBasicConstraints();
         }
-        // set default to one less than the CA's pathlen or 0 if CA's 
-        // pathlen is 0. 
+        // set default to one less than the CA's pathlen or 0 if CA's
+        // pathlen is 0.
         // If it's unlimited default the max pathlen also to unlimited.
         if (mCAPathLen < 0)
             mDefaultMaxPathLen = -1;
         else if (mCAPathLen > 0)
             mDefaultMaxPathLen = mCAPathLen - 1;
-        else // (mCAPathLen == 0)  
+        else // (mCAPathLen == 0)
         {
             log(ILogger.LL_WARN,
                     CMS.getLogMessage("POLICY_PATHLEN_ZERO"));
             //return;
         }
 
-        // get configured max path len, use defaults if not configured. 
+        // get configured max path len, use defaults if not configured.
         boolean pathLenConfigured = true;
 
         try {
@@ -173,9 +173,9 @@ public class BasicConstraintsExt extends APolicyRule
 
         // check if configured path len is valid.
         if (pathLenConfigured) {
-            // if CA's pathlen is unlimited, any max pathlen is ok. 
-            // else maxPathlen must be at most one less than the CA's 
-            // pathlen or 0 if CA's pathlen is 0. 
+            // if CA's pathlen is unlimited, any max pathlen is ok.
+            // else maxPathlen must be at most one less than the CA's
+            // pathlen or 0 if CA's pathlen is 0.
 
             if (mCAPathLen > 0 &&
                     (mMaxPathLen >= mCAPathLen || mMaxPathLen < 0)) {
@@ -205,7 +205,7 @@ public class BasicConstraintsExt extends APolicyRule
      * Checks if the basic contraints extension in certInfo is valid and
      * add the basic constraints extension for CA certs if none exists.
      * Non-CA certs do not get a basic constraints extension.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -263,7 +263,7 @@ public class BasicConstraintsExt extends APolicyRule
             // no extensions or basic constraints extension.
         }
 
-        // for non-CA certs, pkix says it SHOULD NOT have the extension 
+        // for non-CA certs, pkix says it SHOULD NOT have the extension
         // so remove it.
         if (!isCA) {
             if (extensions == null) {
@@ -275,7 +275,7 @@ public class BasicConstraintsExt extends APolicyRule
                     certInfo.set(X509CertInfo.EXTENSIONS, extensions);
                 } catch (CertificateException e) {
                 } catch (IOException e) {
-                    // not possible 
+                    // not possible
                 }
             }
             if (basicExt != null) {
@@ -309,11 +309,11 @@ public class BasicConstraintsExt extends APolicyRule
         }
 
         // For CA certs, check if existing extension is valid, and adjust.
-        // Extension must be marked critial and pathlen must be < CA's pathlen. 
+        // Extension must be marked critial and pathlen must be < CA's pathlen.
         // if CA's pathlen is 0 all ca certs are rejected.
 
         if (mCAPathLen == 0) {
-            // reject all subordinate CA cert requests because CA's 
+            // reject all subordinate CA cert requests because CA's
             // path length is 0.
             log(ILogger.LL_FAILURE,
                     CMS.getLogMessage("POLICY_NO_SUB_CA_CERTS_ALLOWED_1", NAME));
@@ -399,7 +399,7 @@ public class BasicConstraintsExt extends APolicyRule
             } catch (CertificateException e) {
                 // not possible
             } catch (IOException e) {
-                // not possible 
+                // not possible
             }
         }
 
@@ -460,7 +460,7 @@ public class BasicConstraintsExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -476,7 +476,7 @@ public class BasicConstraintsExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/CRLDistributionPointsExt.java b/base/common/src/com/netscape/cms/policy/extensions/CRLDistributionPointsExt.java
index 1ede3d5d0..7cf50385e 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/CRLDistributionPointsExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/CRLDistributionPointsExt.java
@@ -55,12 +55,12 @@ import com.netscape.cms.policy.APolicyRule;
  * to tell whether the simple string should be stored in an X.500 Name,
  * a URL, or an RDN.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -475,7 +475,7 @@ public class CRLDistributionPointsExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java b/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java
index 597357318..4124d430d 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java
@@ -53,12 +53,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Certificate Policies.
  * Adds certificate policies extension.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -90,12 +90,12 @@ public class CertificatePoliciesExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..predicate=certType==ca ca.Policy.rule..implName=
      * ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -115,7 +115,7 @@ public class CertificatePoliciesExt extends APolicyRule
                         "value must be greater than or equal to 1"));
         }
 
-        // init Policy Mappings, check values if enabled. 
+        // init Policy Mappings, check values if enabled.
         mCertPolicies = new CertPolicy[mNumCertPolicies];
         for (int i = 0; i < mNumCertPolicies; i++) {
             String subtreeName = PROP_CERTPOLICY + i;
@@ -147,7 +147,7 @@ public class CertificatePoliciesExt extends APolicyRule
             }
         }
 
-        // form instance params 
+        // form instance params
         mInstanceParams.addElement(PROP_CRITICAL + "=" + mCritical);
         mInstanceParams.addElement(
                 PROP_NUM_CERTPOLICIES + "=" + mNumCertPolicies);
@@ -159,7 +159,7 @@ public class CertificatePoliciesExt extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -203,7 +203,7 @@ public class CertificatePoliciesExt extends APolicyRule
                     extensions.delete(CertificatePoliciesExtension.NAME);
                 } catch (IOException e) {
                     // this is the hack: for some reason, the key which is the name
-                    // of the policy has been converted into the OID 
+                    // of the policy has been converted into the OID
                     try {
                         extensions.delete("2.5.29.32");
                     } catch (IOException ee) {
@@ -236,7 +236,7 @@ public class CertificatePoliciesExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -271,7 +271,7 @@ public class CertificatePoliciesExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
@@ -335,7 +335,7 @@ class CertPolicy {
 
     /**
      * forms policy map parameters.
-     * 
+     *
      * @param name name of this policy map, for example certPolicy0
      * @param config parent's config from where we find this configuration.
      * @param enabled whether policy was enabled.
diff --git a/base/common/src/com/netscape/cms/policy/extensions/CertificateRenewalWindowExt.java b/base/common/src/com/netscape/cms/policy/extensions/CertificateRenewalWindowExt.java
index 28366ade8..58ce112f3 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/CertificateRenewalWindowExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/CertificateRenewalWindowExt.java
@@ -42,12 +42,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * Certificate Renewal Window Extension Policy
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -74,7 +74,7 @@ public class CertificateRenewalWindowExt extends APolicyRule
 
     /**
      * Initializes this policy rule.
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -88,7 +88,7 @@ public class CertificateRenewalWindowExt extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -139,7 +139,7 @@ public class CertificateRenewalWindowExt extends APolicyRule
 
             } catch (IOException e) {
                 // this is the hack: for some reason, the key which is the name
-                // of the policy has been converted into the OID 
+                // of the policy has been converted into the OID
                 try {
                     extensions.delete("2.16.840.1.113730.1.15");
                 } catch (IOException ee) {
@@ -218,7 +218,7 @@ public class CertificateRenewalWindowExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -240,7 +240,7 @@ public class CertificateRenewalWindowExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java b/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java
index b385923af..779be165b 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java
@@ -46,12 +46,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Certificate Scope Of Use extension policy. This extension
  * is defined in draft-thayes-cert-scope-00.txt
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -100,12 +100,12 @@ public class CertificateScopeOfUseExt extends APolicyRule implements
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..implName=AuthInfoAccessExt ca.Policy.rule..enable=true
      * ca.Policy.rule..predicate=
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -157,7 +157,7 @@ public class CertificateScopeOfUseExt extends APolicyRule implements
      * If this policy is enabled, add the authority information
      * access extension to the certificate.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -244,7 +244,7 @@ public class CertificateScopeOfUseExt extends APolicyRule implements
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -300,7 +300,7 @@ public class CertificateScopeOfUseExt extends APolicyRule implements
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java b/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
index 65ef6b937..93267bd1e 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/ExtendedKeyUsageExt.java
@@ -42,12 +42,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * This implements the extended key usage extension.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java b/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java
index 0202ee784..eb8ab2285 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java
@@ -49,9 +49,9 @@ import com.netscape.cms.policy.APolicyRule;
  * Private Integer extension policy.
  * If this policy is enabled, it adds an Private Integer
  * extension to the certificate.
- * 
+ *
  * The following listed sample configuration parameters:
- * 
+ *
  * ca.Policy.impl.privateInteger.class=com.netscape.certsrv.policy.genericASNExt
  * ca.Policy.rule.genericASNExt.enable=true
  * ca.Policy.rule.genericASNExt.name=myIntegerExtension
@@ -76,12 +76,12 @@ import com.netscape.cms.policy.APolicyRule;
  * ca.Policy.rule.genericASNExt.implName=genericASNExt
  * ca.Policy.rule.genericASNExt.predicate=
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -210,12 +210,12 @@ public class GenericASN1Ext extends APolicyRule implements
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..implName=genericASNExt ca.Policy.rule..enable=true
      * ca.Policy.rule..predicate=
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -256,7 +256,7 @@ public class GenericASN1Ext extends APolicyRule implements
             log(ILogger.LL_FAILURE, "" + e.toString());
         }
 
-        // Check OID value 
+        // Check OID value
         CMS.checkOID(name, oid);
         pattern = mConfig.getString(PROP_PATTERN, null);
         checkOID(0);
@@ -341,7 +341,7 @@ public class GenericASN1Ext extends APolicyRule implements
      * If this policy is enabled, add the private Integer
      * information extension to the certificate.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -453,7 +453,7 @@ public class GenericASN1Ext extends APolicyRule implements
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -485,7 +485,7 @@ public class GenericASN1Ext extends APolicyRule implements
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/IssuerAltNameExt.java b/base/common/src/com/netscape/cms/policy/extensions/IssuerAltNameExt.java
index bb9abd9cf..9ceaf99bd 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/IssuerAltNameExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/IssuerAltNameExt.java
@@ -42,16 +42,16 @@ import com.netscape.cms.policy.APolicyRule;
 
 /**
  * Issuer Alt Name Extension policy.
- * 
+ *
  * This extension is used to associate Internet-style identities
  * with the Certificate issuer.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -101,7 +101,7 @@ public class IssuerAltNameExt extends APolicyRule
 
     /**
      * Initializes this policy rule.
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -139,7 +139,7 @@ public class IssuerAltNameExt extends APolicyRule
 
     /**
      * Adds a extension if none exists.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -224,7 +224,7 @@ public class IssuerAltNameExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return Empty Vector since this policy has no configuration parameters.
      *         for this policy instance.
      */
@@ -234,7 +234,7 @@ public class IssuerAltNameExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return Empty Vector since this policy implementation has no
      *         configuration parameters.
      */
diff --git a/base/common/src/com/netscape/cms/policy/extensions/KeyUsageExt.java b/base/common/src/com/netscape/cms/policy/extensions/KeyUsageExt.java
index 6594cc4a2..24e5f45ed 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/KeyUsageExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/KeyUsageExt.java
@@ -47,12 +47,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Policy to add Key Usage Extension.
  * Adds the key usage extension based on what's requested.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -96,11 +96,11 @@ public class KeyUsageExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..implName=KeyUsageExt ca.Policy.rule..enable=true ca.Policy.rule..
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -120,9 +120,9 @@ public class KeyUsageExt extends APolicyRule
             CertificateChain caChain = certAuthority.getCACertChain();
             X509Certificate caCert = null;
 
-            // Note that in RA the chain could be null if CA was not up when 
-            // RA was started. In that case just set the length to -1 and let 
-            // CA reject if it does not allow any subordinate CA certs. 
+            // Note that in RA the chain could be null if CA was not up when
+            // RA was started. In that case just set the length to -1 and let
+            // CA reject if it does not allow any subordinate CA certs.
             if (caChain != null) {
                 caCert = caChain.getFirstCertificate();
                 mCAPathLen = caCert.getBasicConstraints();
@@ -147,14 +147,14 @@ public class KeyUsageExt extends APolicyRule
      * or RA could have set the extension.)
      * If not set, set from http input parameters or use default if
      * no http input parameters are set.
-     * 
+     *
      * Note: this allows any bits requested - does not check if user
      * authenticated is allowed to have a Key Usage Extension with
      * those bits. Unless the CA's certificate path length is 0, then
      * we do not allow CA sign or CRL sign bits in any request.
-     * 
+     *
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -191,7 +191,7 @@ public class KeyUsageExt extends APolicyRule
                     // extension isn't there.
                     ext = null;
                 }
-                // check if CA does not allow subordinate CA certs. 
+                // check if CA does not allow subordinate CA certs.
                 // otherwise accept existing key usage extension.
                 if (ext != null) {
                     if (mCAPathLen == 0) {
@@ -239,7 +239,7 @@ public class KeyUsageExt extends APolicyRule
             bits[KeyUsageExtension.DECIPHER_ONLY_BIT] = getBit("decipher_only",
                         mDecipherOnly, req);
 
-            // don't allow no bits set or the extension does not 
+            // don't allow no bits set or the extension does not
             // encode/decode properlly.
             boolean bitset = false;
 
@@ -278,7 +278,7 @@ public class KeyUsageExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -344,7 +344,7 @@ public class KeyUsageExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java b/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java
index ecc084d29..ca18b8023 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java
@@ -47,12 +47,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Netscape comment
  * Adds Netscape comment policy
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -89,10 +89,10 @@ public class NSCCommentExt extends APolicyRule
      * Initializes this policy rule.
      * 
    
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..implName=NSCCommentExtImpl ca.Policy.rule..displayText=
      * ca.Policy.rule..commentFile= ca.Policy.rule..enable=false
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -147,7 +147,7 @@ public class NSCCommentExt extends APolicyRule
     /**
      * Applies the policy on the given Request.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -199,7 +199,7 @@ public class NSCCommentExt extends APolicyRule
 
             } catch (IOException e) {
                 // this is the hack: for some reason, the key which is the name
-                // of the policy has been converted into the OID 
+                // of the policy has been converted into the OID
                 try {
                     extensions.delete("2.16.840.1.113730.1.13");
                 } catch (IOException ee) {
@@ -269,7 +269,7 @@ public class NSCCommentExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -278,7 +278,7 @@ public class NSCCommentExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/NSCertTypeExt.java b/base/common/src/com/netscape/cms/policy/extensions/NSCertTypeExt.java
index 2fb09b2b7..c5daabed9 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/NSCertTypeExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/NSCertTypeExt.java
@@ -49,12 +49,12 @@ import com.netscape.cms.policy.APolicyRule;
  * NS Cert Type policy.
  * Adds the ns cert type extension depending on cert type requested.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -70,20 +70,20 @@ public class NSCertTypeExt extends APolicyRule
     protected static final boolean[] DEF_BITS =
             new boolean[NSCertTypeExtension.NBITS];
 
-    // XXX for future use. currenlty always allow. 
+    // XXX for future use. currenlty always allow.
     protected static final String PROP_AGENT_OVERR = "allowAgentOverride";
     protected static final String PROP_EE_OVERR = "AllowEEOverride";
 
-    // XXX for future use. currently always critical 
-    // (standard says SHOULD be marked critical if included.) 
+    // XXX for future use. currently always critical
+    // (standard says SHOULD be marked critical if included.)
     protected static final String PROP_CRITICAL = "critical";
 
-    // XXX for future use to allow overrides from forms. 
+    // XXX for future use to allow overrides from forms.
     // request must be agent approved or authenticated.
     protected boolean mAllowAgentOverride = false;
     protected boolean mAllowEEOverride = false;
 
-    // XXX for future use. currently always non-critical 
+    // XXX for future use. currently always non-critical
     protected boolean mCritical = false;
 
     protected int mCAPathLen = -1;
@@ -111,11 +111,11 @@ public class NSCertTypeExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ra.Policy.rule..implName=nsCertTypeExt ra.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -153,7 +153,7 @@ public class NSCertTypeExt extends APolicyRule
      * reads ns cert type choices from form. If no choices from form
      * will defaults to all.
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -224,7 +224,7 @@ public class NSCertTypeExt extends APolicyRule
 
             bits = getBitsFromRequest(req, mSetDefaultBits);
 
-            // check if ca doesn't allow any subordinate ca 
+            // check if ca doesn't allow any subordinate ca
             if (mCAPathLen == 0 && bits != null) {
                 if (bits[NSCertTypeExtension.SSL_CA_BIT] ||
                         bits[NSCertTypeExtension.EMAIL_CA_BIT] ||
@@ -283,7 +283,7 @@ public class NSCertTypeExt extends APolicyRule
         // always return false for now to make sure minimum is set.
         // agents and ee can add others.
 
-        // must be agent approved or authenticated for allowing extensions 
+        // must be agent approved or authenticated for allowing extensions
         // which is always the case if we get to this point.
         IAuthToken token = req.getExtDataInAuthToken(IRequest.AUTH_TOKEN);
 
@@ -448,7 +448,7 @@ public class NSCertTypeExt extends APolicyRule
 
         if (certType.equals(IRequest.CLIENT_CERT)) {
             CMS.debug("NSCertTypeExt: setting bits for client cert");
-            // we can only guess here when it's client. 
+            // we can only guess here when it's client.
             // sets all client bit for default.
             bits[NSCertTypeExtension.SSL_CLIENT_BIT] = true;
             bits[NSCertTypeExtension.EMAIL_BIT] = true;
@@ -488,7 +488,7 @@ public class NSCertTypeExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -526,7 +526,7 @@ public class NSCertTypeExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java b/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java
index f010bf3f1..1b132e835 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java
@@ -47,12 +47,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Adds the name constraints extension to a (CA) certificate.
  * Filtering of CA certificates is done through predicates.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -89,21 +89,21 @@ public class NameConstraintsExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..predicate=certType==ca ca.Policy.rule..implName=
      * ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
             throws EBaseException {
         mConfig = config;
 
-        // XXX should do do this ? 
-        // if CA does not allow subordinate CAs by way of basic constraints, 
-        // this policy always rejects 
+        // XXX should do do this ?
+        // if CA does not allow subordinate CAs by way of basic constraints,
+        // this policy always rejects
         /*****
          * ICertAuthority certAuthority = (ICertAuthority)
          * ((IPolicyProcessor)owner).getAuthority();
@@ -192,7 +192,7 @@ public class NameConstraintsExt extends APolicyRule
             }
         }
 
-        // form instance params 
+        // form instance params
         mInstanceParams.addElement(PROP_CRITICAL + "=" + mCritical);
         mInstanceParams.addElement(
                 PROP_NUM_PERMITTEDSUBTREES + "=" + mNumPermittedSubtrees);
@@ -225,15 +225,15 @@ public class NameConstraintsExt extends APolicyRule
 
     /**
      * Adds Name Constraints Extension to a (CA) certificate.
-     * 
+     *
      * If a Name constraints Extension is already there, accept it if
      * it's been approved by agent, else replace it.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
     public PolicyResult apply(IRequest req) {
-        // if extension hasn't been properly configured reject requests until 
+        // if extension hasn't been properly configured reject requests until
         // it has been resolved (or disabled).
         if (mNameConstraintsExtension == null) {
             //setError(req, PolicyResources.EXTENSION_NOT_INITED_1, NAME);
@@ -275,7 +275,7 @@ public class NameConstraintsExt extends APolicyRule
                             extensions.get(NameConstraintsExtension.NAME);
                 }
             } catch (IOException e) {
-                // extension isn't there. 
+                // extension isn't there.
             }
 
             if (nameConstraintsExt != null) {
@@ -320,7 +320,7 @@ public class NameConstraintsExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -350,7 +350,7 @@ public class NameConstraintsExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/OCSPNoCheckExt.java b/base/common/src/com/netscape/cms/policy/extensions/OCSPNoCheckExt.java
index 33f2f85e0..aece9664a 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/OCSPNoCheckExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/OCSPNoCheckExt.java
@@ -42,12 +42,12 @@ import com.netscape.cms.policy.APolicyRule;
  * This implements an OCSP Signing policy, it
  * adds the OCSP Signing extension to the certificate.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$ $Date$
  */
diff --git a/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java b/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java
index 861107b8e..0bb77e207 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java
@@ -44,12 +44,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Adds the policy constraints extension to (CA) certificates.
  * Filtering of CA certificates is done through predicates.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -90,21 +90,21 @@ public class PolicyConstraintsExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..predicate=certType==ca ca.Policy.rule..implName=
      * ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
             throws EBaseException {
         mConfig = config;
 
-        // XXX should do do this ? 
-        // if CA does not allow subordinate CAs by way of basic constraints, 
-        // this policy always rejects 
+        // XXX should do do this ?
+        // if CA does not allow subordinate CAs by way of basic constraints,
+        // this policy always rejects
         /*****
          * ICertAuthority certAuthority = (ICertAuthority)
          * ((GenericPolicyProcessor)owner).mAuthority;
@@ -136,7 +136,7 @@ public class PolicyConstraintsExt extends APolicyRule
         if (mInhibitPolicyMapping < -1)
             mInhibitPolicyMapping = -1;
 
-        // create instance of policy constraings extension 
+        // create instance of policy constraings extension
         try {
             mPolicyConstraintsExtension =
                     new PolicyConstraintsExtension(mCritical,
@@ -152,7 +152,7 @@ public class PolicyConstraintsExt extends APolicyRule
                             "Could not init Policy Constraints Extension. Error: " + e));
         }
 
-        // form instance params 
+        // form instance params
         mInstanceParams.addElement(PROP_CRITICAL + "=" + mCritical);
         mInstanceParams.addElement(
                 PROP_REQ_EXPLICIT_POLICY + "=" + mReqExplicitPolicy);
@@ -162,15 +162,15 @@ public class PolicyConstraintsExt extends APolicyRule
 
     /**
      * Adds Policy Constraints Extension to a (CA) certificate.
-     * 
+     *
      * If a Policy constraints Extension is already there, accept it if
      * it's been approved by agent, else replace it.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
     public PolicyResult apply(IRequest req) {
-        // if extension hasn't been properly configured reject requests until 
+        // if extension hasn't been properly configured reject requests until
         // it has been resolved (or disabled).
         if (mPolicyConstraintsExtension == null) {
             return PolicyResult.ACCEPTED;
@@ -210,7 +210,7 @@ public class PolicyConstraintsExt extends APolicyRule
                             extensions.get(PolicyConstraintsExtension.NAME);
                 }
             } catch (IOException e) {
-                // extension isn't there. 
+                // extension isn't there.
             }
 
             if (policyConstraintsExt != null) {
@@ -247,7 +247,7 @@ public class PolicyConstraintsExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -256,7 +256,7 @@ public class PolicyConstraintsExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java b/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java
index 7623f455f..0af8b86ca 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java
@@ -47,12 +47,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Adds the Policy Mappings extension to a (CA) certificate.
  * Filtering of CA certificates is done through predicates.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -84,21 +84,21 @@ public class PolicyMappingsExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..predicate=certType==ca ca.Policy.rule..implName=
      * ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
             throws EBaseException {
         mConfig = config;
 
-        // XXX should do do this ? 
-        // if CA does not allow subordinate CAs by way of basic constraints, 
-        // this policy always rejects 
+        // XXX should do do this ?
+        // if CA does not allow subordinate CAs by way of basic constraints,
+        // this policy always rejects
         /*****
          * ICertAuthority certAuthority = (ICertAuthority)
          * ((IPolicyProcessor)owner).getAuthority();
@@ -129,7 +129,7 @@ public class PolicyMappingsExt extends APolicyRule
                         "value must be greater than or equal to 1"));
         }
 
-        // init Policy Mappings, check values if enabled. 
+        // init Policy Mappings, check values if enabled.
         mPolicyMaps = new PolicyMap[mNumPolicyMappings];
         for (int i = 0; i < mNumPolicyMappings; i++) {
             String subtreeName = PROP_POLICYMAP + i;
@@ -161,7 +161,7 @@ public class PolicyMappingsExt extends APolicyRule
             }
         }
 
-        // form instance params 
+        // form instance params
         mInstanceParams.addElement(PROP_CRITICAL + "=" + mCritical);
         mInstanceParams.addElement(
                 PROP_NUM_POLICYMAPPINGS + "=" + mNumPolicyMappings);
@@ -172,15 +172,15 @@ public class PolicyMappingsExt extends APolicyRule
 
     /**
      * Adds policy mappings Extension to a (CA) certificate.
-     * 
+     *
      * If a policy mappings Extension is already there, accept it if
      * it's been approved by agent, else replace it.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
     public PolicyResult apply(IRequest req) {
-        // if extension hasn't been properly configured reject requests until 
+        // if extension hasn't been properly configured reject requests until
         // it has been resolved (or disabled).
         if (mPolicyMappingsExtension == null) {
             //setError(req, PolicyResources.EXTENSION_NOT_INITED_1, NAME);
@@ -221,7 +221,7 @@ public class PolicyMappingsExt extends APolicyRule
                             extensions.get(PolicyMappingsExtension.NAME);
                 }
             } catch (IOException e) {
-                // extension isn't there. 
+                // extension isn't there.
             }
 
             if (policyMappingsExt != null) {
@@ -258,7 +258,7 @@ public class PolicyMappingsExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -286,7 +286,7 @@ public class PolicyMappingsExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
@@ -338,7 +338,7 @@ class PolicyMap {
 
     /**
      * forms policy map parameters.
-     * 
+     *
      * @param name name of this policy map, for example policyMap0
      * @param config parent's config from where we find this configuration.
      * @param enabled whether policy was enabled.
diff --git a/base/common/src/com/netscape/cms/policy/extensions/PresenceExt.java b/base/common/src/com/netscape/cms/policy/extensions/PresenceExt.java
index e13a7a84c..b586c8bdf 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/PresenceExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/PresenceExt.java
@@ -31,12 +31,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * Checks extension presence.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -148,7 +148,7 @@ public class PresenceExt extends APolicyRule {
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/PrivateKeyUsagePeriodExt.java b/base/common/src/com/netscape/cms/policy/extensions/PrivateKeyUsagePeriodExt.java
index 3b80246a9..fd52e9bb1 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/PrivateKeyUsagePeriodExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/PrivateKeyUsagePeriodExt.java
@@ -44,12 +44,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * PrivateKeyUsagePeriod Identifier Extension policy.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -124,7 +124,7 @@ public class PrivateKeyUsagePeriodExt extends APolicyRule
      * ra.Policy.rule..notAfter=180
      * ra.Policy.rule..critical=false
      * ra.Policy.rule..predicate=ou==Sales
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -151,7 +151,7 @@ public class PrivateKeyUsagePeriodExt extends APolicyRule
 
     /**
      * Adds a private key usage extension if none exists.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -222,7 +222,7 @@ public class PrivateKeyUsagePeriodExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return Empty Vector since this policy has no configuration parameters.
      *         for this policy instance.
      */
@@ -237,7 +237,7 @@ public class PrivateKeyUsagePeriodExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return Empty Vector since this policy implementation has no
      *         configuration parameters.
      */
diff --git a/base/common/src/com/netscape/cms/policy/extensions/RemoveBasicConstraintsExt.java b/base/common/src/com/netscape/cms/policy/extensions/RemoveBasicConstraintsExt.java
index 2a5af4240..b5d6d8eec 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/RemoveBasicConstraintsExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/RemoveBasicConstraintsExt.java
@@ -40,12 +40,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Remove Basic Constraints policy.
  * Adds the Basic constraints extension.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -109,7 +109,7 @@ public class RemoveBasicConstraintsExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -120,7 +120,7 @@ public class RemoveBasicConstraintsExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java b/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java
index 63bd8804c..e1ae7d074 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java
@@ -42,50 +42,50 @@ import com.netscape.certsrv.request.PolicyResult;
 import com.netscape.cms.policy.APolicyRule;
 
 /**
- * 
+ *
  * THIS POLICY HAS BEEN DEPRECATED SINCE CMS 4.2.
  * New Policy is com.netscape.certsrv.policy.SubjectAltNameExt.
  * 
    
- * 
+ *
  * Subject Alternative Name extension policy in CMS 4.1.
- * 
+ *
  * Adds the subject alternative name extension depending on the certificate type requested.
- * 
+ *
  * Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by
  * the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative
  * forms may be certified. Only the primary goes in the subjectName position (which should be phased out).
- * 
+ *
  * e mailAlternateAddress
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
 public class SubjAltNameExt extends APolicyRule
         implements IEnrollmentPolicy, IExtendedPluginInfo {
-    // for future use. currently always allow. 
+    // for future use. currently always allow.
     protected static final String PROP_AGENT_OVERR = "allowAgentOverride";
     protected static final String PROP_EE_OVERR = "AllowEEOverride";
     protected static final String PROP_ENABLE_MANUAL_VALUES =
             "enableManualValues";
 
-    // for future use. currently always non-critical 
-    // (standard says SHOULD be marked critical if included.) 
+    // for future use. currently always non-critical
+    // (standard says SHOULD be marked critical if included.)
     protected static final String PROP_CRITICAL = "critical";
 
-    // for future use to allow overrides from forms. 
+    // for future use to allow overrides from forms.
     // request must be agent approved or authenticated.
     protected boolean mAllowAgentOverride = false;
     protected boolean mAllowEEOverride = false;
     protected boolean mEnableManualValues = false;
 
-    // for future use. currently always critical 
-    // (standard says SHOULD be marked critical if included.) 
+    // for future use. currently always critical
+    // (standard says SHOULD be marked critical if included.)
     protected boolean mCritical = false;
 
     public SubjAltNameExt() {
@@ -116,11 +116,11 @@ public class SubjAltNameExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ra.Policy.rule..implName=SubjAltNameExt ra.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -134,9 +134,9 @@ public class SubjAltNameExt extends APolicyRule
 
     /**
      * Adds the subject alternative names extension if not set already.
-     * 
+     *
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -303,7 +303,7 @@ public class SubjAltNameExt extends APolicyRule
     /**
      * Create a new SET of extensions in the certificate info
      * object.
-     * 
+     *
      * This should be a method in the X509CertInfo object
      */
     protected CertificateExtensions
@@ -323,7 +323,7 @@ public class SubjAltNameExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -339,7 +339,7 @@ public class SubjAltNameExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/SubjectAltNameExt.java b/base/common/src/com/netscape/cms/policy/extensions/SubjectAltNameExt.java
index 62f0b21da..0d89d8876 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/SubjectAltNameExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/SubjectAltNameExt.java
@@ -46,31 +46,31 @@ import com.netscape.cms.policy.APolicyRule;
 
 /**
  * Subject Alternative Name extension policy.
- * 
+ *
  * Adds the subject alternative name extension as configured.
- * 
+ *
  * Two forms are supported. 1) For S/MIME certificates, email
  * addresses are copied from data stored in the request by the
  * authentication component. Both 'e' and 'altEmail' are supported
  * so that both the primary address and alternative forms may be
  * certified. Only the primary goes in the subjectName position (which
  * should be phased out).
- * 
+ *
  * e
  * mailAlternateAddress
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
 public class SubjectAltNameExt extends APolicyRule
         implements IEnrollmentPolicy, IExtendedPluginInfo {
-    // (standard says SHOULD be marked critical if included.) 
+    // (standard says SHOULD be marked critical if included.)
     protected static final String PROP_CRITICAL = "critical";
     protected static final boolean DEF_CRITICAL = false;
 
@@ -106,11 +106,11 @@ public class SubjectAltNameExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ra.Policy.rule..implName=SubjectAltNameExt ra.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -150,9 +150,9 @@ public class SubjectAltNameExt extends APolicyRule
 
     /**
      * Adds the subject alternative names extension if not set already.
-     * 
+     *
      * 
    
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -187,7 +187,7 @@ public class SubjectAltNameExt extends APolicyRule
                     certInfo.get(X509CertInfo.EXTENSIONS);
 
             // Remove any previously computed version of the extension
-            // unless it is from RA. If from RA, accept what RA put in 
+            // unless it is from RA. If from RA, accept what RA put in
             // request and don't add our own.
             if (extensions != null) {
                 String sourceId = req.getSourceId();
@@ -232,7 +232,7 @@ public class SubjectAltNameExt extends APolicyRule
                 curCritical = true;
             }
 
-            // make the extension 
+            // make the extension
             SubjectAlternativeNameExtension sa = new SubjectAlternativeNameExtension(curCritical, gns);
 
             // add it to certInfo.
@@ -265,7 +265,7 @@ public class SubjectAltNameExt extends APolicyRule
     /**
      * Create a new SET of extensions in the certificate info
      * object.
-     * 
+     *
      * This should be a method in the X509CertInfo object
      */
     protected CertificateExtensions
@@ -285,7 +285,7 @@ public class SubjectAltNameExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -294,7 +294,7 @@ public class SubjectAltNameExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java b/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java
index 6b4e7ead9..bcd9c9885 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/SubjectDirectoryAttributesExt.java
@@ -47,12 +47,12 @@ import com.netscape.cms.policy.APolicyRule;
 /**
  * Policy to add the subject directory attributes extension.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cms/policy/extensions/SubjectKeyIdentifierExt.java b/base/common/src/com/netscape/cms/policy/extensions/SubjectKeyIdentifierExt.java
index 32d254c40..16fc73347 100644
--- a/base/common/src/com/netscape/cms/policy/extensions/SubjectKeyIdentifierExt.java
+++ b/base/common/src/com/netscape/cms/policy/extensions/SubjectKeyIdentifierExt.java
@@ -49,12 +49,12 @@ import com.netscape.cms.policy.APolicyRule;
  * Subject Public Key Extension Policy
  * Adds the subject public key id extension to certificates.
  * 
    
- * 
+ *
  * 
      * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -101,11 +101,11 @@ public class SubjectKeyIdentifierExt extends APolicyRule
     /**
      * Initializes this policy rule.
      * 
    
-     * 
+     *
      * The entries may be of the form:
-     * 
+     *
      * ca.Policy.rule..predicate= ca.Policy.rule..implName= ca.Policy.rule..enable=true
-     * 
+     *
      * @param config The config store reference
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -145,7 +145,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
                                 KEYID_TYPE_SPKISHA1));
         }
 
-        // form instance params 
+        // form instance params
         mInstanceParams.addElement(PROP_CRITICAL + "=" + mCritical);
         mInstanceParams.addElement(PROP_KEYID_TYPE + "=" + mKeyIdType);
 
@@ -157,7 +157,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
     /**
      * Adds Subject Key identifier Extension to a certificate.
      * If the extension is already there, accept it.
-     * 
+     *
      * @param req The request on which to apply policy.
      * @return The policy result object.
      */
@@ -194,7 +194,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
                             extensions.get(SubjectKeyIdentifierExtension.NAME);
                 }
             } catch (IOException e) {
-                // extension isn't there. 
+                // extension isn't there.
             }
             if (subjectKeyIdExt != null) {
                 if (agentApproved(req)) {
@@ -253,7 +253,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
     /**
      * Form the Key Identifier in the Subject Key Identifier extension.
      * 
    
-     * 
+     *
      * @param certInfo Certificate Info
      * @param req request
      * @return A Key Identifier.
@@ -284,7 +284,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
      * the least significate 60 bits of the sha-1 hash of the subject
      * public key BIT STRING in accordance with RFC 2459.
      * 
    
-     * 
+     *
      * @param certInfo - certificate info
      * @return A Key Identifier with value formulatd as described.
      */
@@ -339,7 +339,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
 
     /**
      * Return configured parameters for a policy rule instance.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getInstanceParams() {
@@ -348,7 +348,7 @@ public class SubjectKeyIdentifierExt extends APolicyRule
 
     /**
      * Return default parameters for a policy implementation.
-     * 
+     *
      * @return nvPairs A Vector of name/value pairs.
      */
     public Vector getDefaultParams() {
diff --git a/base/common/src/com/netscape/cms/profile/common/BasicProfile.java b/base/common/src/com/netscape/cms/profile/common/BasicProfile.java
index 696d0cd13..0c60f081c 100644
--- a/base/common/src/com/netscape/cms/profile/common/BasicProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/BasicProfile.java
@@ -50,7 +50,7 @@ import com.netscape.certsrv.request.RequestStatus;
 
 /**
  * This class implements a basic profile.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class BasicProfile implements IProfile {
@@ -206,7 +206,7 @@ public abstract class BasicProfile implements IProfile {
         // policy.p1.constraint.params.x1=x1
         // policy.p1.constraint.params.x2=x2
 
-        // handle profile authentication plugins 
+        // handle profile authentication plugins
         try {
             mAuthInstanceId = config.getString("auth." + PROP_INSTANCE_ID, null);
             mAuthzAcl = config.getString("authz.acl", "");
@@ -742,7 +742,7 @@ public abstract class BasicProfile implements IProfile {
             throws EProfileException {
 
         // String setId ex: policyset.set1
-        // String id    Id of policy : examples: p1,p2,p3 
+        // String id    Id of policy : examples: p1,p2,p3
         // String defaultClassId : id of the default plugin ex: validityDefaultImpl
         // String constraintClassId : if of the constraint plugin ex: basicConstraintsExtConstraintImpl
         // boolean createConfig : true : being called from the console. false: being called from server startup code
@@ -847,7 +847,7 @@ public abstract class BasicProfile implements IProfile {
                 // noDefaultImpl, genericExtDefaultImpl
 
                 if ((curDefaultClassId.equals(defaultClassId) &&
-                        !curDefaultClassId.equals(PROP_NO_DEFAULT) && 
+                        !curDefaultClassId.equals(PROP_NO_DEFAULT) &&
                         !curDefaultClassId.equals(PROP_GENERIC_EXT_DEFAULT))) {
 
                     matches++;
@@ -1110,11 +1110,11 @@ public abstract class BasicProfile implements IProfile {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all extended "BasicProfile"s,
      * and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
@@ -1134,12 +1134,12 @@ public abstract class BasicProfile implements IProfile {
 
     /**
      * Signed Audit Log Subject ID
-     * 
+     *
      * This method is inherited by all extended "BasicProfile"s,
      * and is called to obtain the "SubjectID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message SubjectID
      */
     protected String auditSubjectID() {
diff --git a/base/common/src/com/netscape/cms/profile/common/CACertCAEnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/CACertCAEnrollProfile.java
index b95b22339..1ae2f0853 100644
--- a/base/common/src/com/netscape/cms/profile/common/CACertCAEnrollProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/CACertCAEnrollProfile.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.profile.IProfilePolicy;
 /**
  * This class implements a Certificate Manager enrollment
  * profile for CA Certificates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CACertCAEnrollProfile extends CAEnrollProfile
@@ -44,7 +44,7 @@ public class CACertCAEnrollProfile extends CAEnrollProfile
         NameValuePairs inputParams2 = new NameValuePairs();
         createProfileInput("i2", "submitterInfoInputImpl", inputParams2);
 
-        // create outputs 
+        // create outputs
         NameValuePairs outputParams1 = new NameValuePairs();
         createProfileOutput("o1", "certOutputImpl", outputParams1);
 
diff --git a/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java
index c03f90a4b..46bc1a787 100644
--- a/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.request.RequestStatus;
 /**
  * This class implements a Certificate Manager enrollment
  * profile.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CAEnrollProfile extends EnrollProfile {
@@ -181,7 +181,7 @@ public class CAEnrollProfile extends EnrollProfile {
         X509CertInfo info = request.getExtDataInCertInfo(REQUEST_CERTINFO);
         X509CertImpl theCert = null;
 
-        // #615460 - added audit log (transaction) 
+        // #615460 - added audit log (transaction)
         SessionContext sc = SessionContext.getExistingContext();
         sc.put("profileId", getId());
         String setId = request.getExtDataInString("profileSetId");
diff --git a/base/common/src/com/netscape/cms/profile/common/EnrollProfileContext.java b/base/common/src/com/netscape/cms/profile/common/EnrollProfileContext.java
index 3610520fd..444024b94 100644
--- a/base/common/src/com/netscape/cms/profile/common/EnrollProfileContext.java
+++ b/base/common/src/com/netscape/cms/profile/common/EnrollProfileContext.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.profile.IProfileContext;
 /**
  * This class implements an enrollment profile context
  * that carries information for request creation.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EnrollProfileContext extends ProfileContext
diff --git a/base/common/src/com/netscape/cms/profile/common/ProfileContext.java b/base/common/src/com/netscape/cms/profile/common/ProfileContext.java
index 7d0686378..d07cdfc27 100644
--- a/base/common/src/com/netscape/cms/profile/common/ProfileContext.java
+++ b/base/common/src/com/netscape/cms/profile/common/ProfileContext.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.profile.IProfileContext;
 
 /**
  * This class implements the profile context.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileContext implements IProfileContext {
diff --git a/base/common/src/com/netscape/cms/profile/common/ProfilePolicy.java b/base/common/src/com/netscape/cms/profile/common/ProfilePolicy.java
index a8a90aef9..157914927 100644
--- a/base/common/src/com/netscape/cms/profile/common/ProfilePolicy.java
+++ b/base/common/src/com/netscape/cms/profile/common/ProfilePolicy.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.profile.IProfilePolicy;
  * This class implements a profile policy that
  * contains a default policy and a constraint
  * policy.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfilePolicy implements IProfilePolicy {
diff --git a/base/common/src/com/netscape/cms/profile/common/RAEnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/RAEnrollProfile.java
index 36bac1fa7..8bcb59c86 100644
--- a/base/common/src/com/netscape/cms/profile/common/RAEnrollProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/RAEnrollProfile.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.RequestStatus;
 /**
  * This class implements a Registration Manager
  * enrollment profile.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RAEnrollProfile extends EnrollProfile {
diff --git a/base/common/src/com/netscape/cms/profile/common/ServerCertCAEnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/ServerCertCAEnrollProfile.java
index 9be1e43c4..a1a83a49f 100644
--- a/base/common/src/com/netscape/cms/profile/common/ServerCertCAEnrollProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/ServerCertCAEnrollProfile.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.profile.IProfilePolicy;
 /**
  * This class implements a Certificate Manager enrollment
  * profile for Server Certificates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ServerCertCAEnrollProfile extends CAEnrollProfile
diff --git a/base/common/src/com/netscape/cms/profile/common/UserCertCAEnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/UserCertCAEnrollProfile.java
index 3f1cdfb21..710a4616d 100644
--- a/base/common/src/com/netscape/cms/profile/common/UserCertCAEnrollProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/UserCertCAEnrollProfile.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.profile.IProfilePolicy;
 /**
  * This class implements a Certificate Manager enrollment
  * profile for User Certificates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserCertCAEnrollProfile extends CAEnrollProfile
diff --git a/base/common/src/com/netscape/cms/profile/constraint/BasicConstraintsExtConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/BasicConstraintsExtConstraint.java
index f924c587f..ca2668f7d 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/BasicConstraintsExtConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/BasicConstraintsExtConstraint.java
@@ -42,7 +42,7 @@ import com.netscape.cms.profile.def.UserExtensionDefault;
  * This class implements the basic constraints extension constraint.
  * It checks if the basic constraint in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class BasicConstraintsExtConstraint extends EnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java
index e118fa215..a7a159de3 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/CAValidityConstraint.java
@@ -41,7 +41,7 @@ import com.netscape.cms.profile.def.ValidityDefault;
  * This class implements the validity constraint.
  * It checks if the validity in the certificate
  * template is within the CA's validity.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CAValidityConstraint extends CAEnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/EnrollConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/EnrollConstraint.java
index 40c2153a8..eb3eb14f6 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/EnrollConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/EnrollConstraint.java
@@ -40,7 +40,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 
 /**
  * This class implements the generic enrollment constraint.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class EnrollConstraint implements IPolicyConstraint {
@@ -114,7 +114,7 @@ public abstract class EnrollConstraint implements IPolicyConstraint {
     /**
      * Validates the request. The request is not modified
      * during the validation.
-     * 
+     *
      * @param request enrollment request
      * @param info certificate template
      * @exception ERejectException request is rejected due
@@ -126,11 +126,11 @@ public abstract class EnrollConstraint implements IPolicyConstraint {
     /**
      * Validates the request. The request is not modified
      * during the validation.
-     * 
+     *
      * The current implementation of this method calls
      * into the subclass's validate(request, info)
      * method for validation checking.
-     * 
+     *
      * @param request request
      * @exception ERejectException request is rejected due
      *                to violation of constraint
diff --git a/base/common/src/com/netscape/cms/profile/constraint/ExtendedKeyUsageExtConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/ExtendedKeyUsageExtConstraint.java
index 3c737e8a5..7821964b9 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/ExtendedKeyUsageExtConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/ExtendedKeyUsageExtConstraint.java
@@ -43,7 +43,7 @@ import com.netscape.cms.profile.def.UserExtensionDefault;
  * This class implements the extended key usage extension constraint.
  * It checks if the extended key usage extension in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ExtendedKeyUsageExtConstraint extends EnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/ExtensionConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/ExtensionConstraint.java
index 1562fddb8..97dc358e3 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/ExtensionConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/ExtensionConstraint.java
@@ -40,7 +40,7 @@ import com.netscape.cms.profile.def.UserExtensionDefault;
  * This class implements the general extension constraint.
  * It checks if the extension in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ExtensionConstraint extends EnrollConstraint {
@@ -110,7 +110,7 @@ public class ExtensionConstraint extends EnrollConstraint {
                             getConfig(CONFIG_OID)));
         }
 
-        // check criticality 
+        // check criticality
         String value = getConfig(CONFIG_CRITICAL);
 
         if (!isOptional(value)) {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java
index e6f5019a0..2d1f44751 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java
@@ -46,7 +46,7 @@ import com.netscape.cms.profile.def.UserKeyDefault;
 /**
  * This constraint is to check the key type and
  * key length.
- * 
+ *
  * @version $Revision$, $Date$
  */
 @SuppressWarnings("serial")
@@ -454,7 +454,7 @@ public class KeyConstraint extends EnrollConstraint {
 
                 CMS.debug("algId: " + algid);
 
-                //Get raw string representation of alg parameters, will give 
+                //Get raw string representation of alg parameters, will give
                 //us the curve OID.
 
                 String params = null;
@@ -582,7 +582,7 @@ public class KeyConstraint extends EnrollConstraint {
             if (keyType.equals(""))
                 return;
         }
-        // All the params we need for validation have been collected, 
+        // All the params we need for validation have been collected,
         // we don't know which order they will show up
         if (keyType.length() > 0 && keyParams.length() > 0) {
             String[] params = keyParams.split(",");
diff --git a/base/common/src/com/netscape/cms/profile/constraint/KeyUsageExtConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/KeyUsageExtConstraint.java
index 927c64ec2..f7ec42215 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/KeyUsageExtConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/KeyUsageExtConstraint.java
@@ -40,7 +40,7 @@ import com.netscape.cms.profile.def.UserExtensionDefault;
  * This class implements the key usage extension constraint.
  * It checks if the key usage constraint in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyUsageExtConstraint extends EnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/NSCertTypeExtConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/NSCertTypeExtConstraint.java
index 843360542..066553275 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/NSCertTypeExtConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/NSCertTypeExtConstraint.java
@@ -39,7 +39,7 @@ import com.netscape.cms.profile.def.UserExtensionDefault;
  * This class implements the Netscape certificate type extension constraint.
  * It checks if the Netscape certificate type extension in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NSCertTypeExtConstraint extends EnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/NoConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/NoConstraint.java
index 459e9f219..17f6e0b37 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/NoConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/NoConstraint.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * This class implements no constraint.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NoConstraint implements IPolicyConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java
index fb01d7d14..d1403962e 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/RenewGracePeriodConstraint.java
@@ -38,13 +38,13 @@ import com.netscape.cms.profile.def.NoDefault;
 /**
  * This class supports renewal grace period, which has two
  * parameters: graceBefore and graceAfter
- * 
+ *
  * @author Christina Fu
  * @version $Revision$, $Date$
  */
 public class RenewGracePeriodConstraint extends EnrollConstraint {
 
-    // for renewal: # of days before the orig cert expiration date 
+    // for renewal: # of days before the orig cert expiration date
     public static final String CONFIG_RENEW_GRACE_BEFORE = "renewal.graceBefore";
     // for renewal: # of days after the orig cert expiration date
     public static final String CONFIG_RENEW_GRACE_AFTER = "renewal.graceAfter";
diff --git a/base/common/src/com/netscape/cms/profile/constraint/SigningAlgConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/SigningAlgConstraint.java
index 4dbe329b3..4ccb9ad8f 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/SigningAlgConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/SigningAlgConstraint.java
@@ -43,7 +43,7 @@ import com.netscape.cms.profile.def.UserSigningAlgDefault;
  * This class implements the signing algorithm constraint.
  * It checks if the signing algorithm in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SigningAlgConstraint extends EnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/SubjectNameConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/SubjectNameConstraint.java
index 477e99b98..6ecac885b 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/SubjectNameConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/SubjectNameConstraint.java
@@ -41,7 +41,7 @@ import com.netscape.cms.profile.def.UserSubjectNameDefault;
  * This class implements the subject name constraint.
  * It checks if the subject name in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectNameConstraint extends EnrollConstraint {
diff --git a/base/common/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java
index f10130aa6..8d7a67a77 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/UniqueKeyConstraint.java
@@ -46,13 +46,13 @@ import com.netscape.cms.profile.def.NoDefault;
  * The config param "allowSameKeyRenewal" enables the
  * situation where if the publickey is not unique, and if
  * the subject DN is the same, that is a "renewal".
- * 
+ *
  * Another "feature" that is quoted out of this code is the
  * "revokeDupKeyCert" option, which enables the revocation
  * of certs that bear the same publickey as the enrolling
  * request. Since this can potentially be abused, it is taken
  * out and preserved in comments to allow future refinement.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UniqueKeyConstraint extends EnrollConstraint {
@@ -166,7 +166,7 @@ public class UniqueKeyConstraint extends EnrollConstraint {
             				BigInteger serialNum = cert.getSerialNumber();
             				ICAService service = (ICAService) mCA.getCAService();
 
-            				RevokedCertImpl crlEntry = 
+					RevokedCertImpl crlEntry =
             					formCRLEntry(serialNum, RevocationReason.KEY_COMPROMISE);
             				service.revokeCert(crlEntry);
             				CMS.debug("UniqueKeyConstraint: certificate with duplicate publickey revoked successfully");
@@ -234,28 +234,28 @@ public class UniqueKeyConstraint extends EnrollConstraint {
 
     /**
      * make a CRL entry from a serial number and revocation reason.
-     * 
+     *
      * @return a RevokedCertImpl that can be entered in a CRL.
-     * 
+     *
      *         protected RevokedCertImpl formCRLEntry(
      *         BigInteger serialNo, RevocationReason reason)
      *         throws EBaseException {
      *         CRLReasonExtension reasonExt = new CRLReasonExtension(reason);
      *         CRLExtensions crlentryexts = new CRLExtensions();
-     * 
+     *
      *         try {
      *         crlentryexts.set(CRLReasonExtension.NAME, reasonExt);
      *         } catch (IOException e) {
      *         CMS.debug("CMSGW_ERR_CRL_REASON "+e.toString());
-     * 
+     *
      *         // throw new ECMSGWException(
      *         // CMS.getLogMessage("CMSGW_ERROR_SETTING_CRLREASON"));
-     * 
+     *
      *         }
      *         RevokedCertImpl crlentry =
      *         new RevokedCertImpl(serialNo, CMS.getCurrentDate(),
      *         crlentryexts);
-     * 
+     *
      *         return crlentry;
      *         }
      */
diff --git a/base/common/src/com/netscape/cms/profile/constraint/UniqueSubjectNameConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/UniqueSubjectNameConstraint.java
index 7a985b631..6545b81fd 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/UniqueSubjectNameConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/UniqueSubjectNameConstraint.java
@@ -55,7 +55,7 @@ import com.netscape.cms.profile.def.UserSubjectNameDefault;
  * It checks if the subject name in the certificate is
  * unique in the internal database, ie, no two certificates
  * have the same subject name.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UniqueSubjectNameConstraint extends EnrollConstraint {
@@ -143,7 +143,7 @@ public class UniqueSubjectNameConstraint extends EnrollConstraint {
     /**
      * Validates the request. The request is not modified
      * during the validation.
-     * 
+     *
      * Rules are as follows:
      * If the subject name is not unique, then the request will be rejected unless:
      * 1. the certificate is expired or expired_revoked
diff --git a/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java b/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
index 98a7b4f96..b7588aa4d 100644
--- a/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
+++ b/base/common/src/com/netscape/cms/profile/constraint/ValidityConstraint.java
@@ -43,7 +43,7 @@ import com.netscape.cms.profile.def.ValidityDefault;
  * This class implements the validity constraint.
  * It checks if the validity in the certificate
  * template satisfies the criteria.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ValidityConstraint extends EnrollConstraint {
@@ -154,11 +154,11 @@ public class ValidityConstraint extends EnrollConstraint {
                         Integer.toString(days)));
         }
 
-        // 613828 
-        // The validity field shall specify a notBefore value 
-        // that does not precede the current time and a notAfter 
-        // value that does not precede the value specified in 
-        // notBefore (test can be automated; try entering violating 
+        // 613828
+        // The validity field shall specify a notBefore value
+        // that does not precede the current time and a notAfter
+        // value that does not precede the value specified in
+        // notBefore (test can be automated; try entering violating
         // time values and check result).
         String notBeforeCheckStr = getConfig(CONFIG_CHECK_NOT_BEFORE);
         boolean notBeforeCheck;
diff --git a/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java b/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java
index 4e4f951f7..36818a907 100644
--- a/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java
@@ -42,7 +42,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class implements an enrollment default policy
  * that populates Authuority Info Access extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthInfoAccessExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/AuthTokenSubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/AuthTokenSubjectNameDefault.java
index 6c0f6e9fc..e789625e4 100644
--- a/base/common/src/com/netscape/cms/profile/def/AuthTokenSubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/AuthTokenSubjectNameDefault.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy that
  * populates subject name based on the attribute values
  * in the authentication token (AuthToken) object.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthTokenSubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java b/base/common/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java
index 6ec75990c..77fd0a5fd 100644
--- a/base/common/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/AuthorityKeyIdentifierExtDefault.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates Authority Key Identifier extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthorityKeyIdentifierExtDefault extends CAEnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/AutoAssignDefault.java b/base/common/src/com/netscape/cms/profile/def/AutoAssignDefault.java
index 043cf029b..f685a4f59 100644
--- a/base/common/src/com/netscape/cms/profile/def/AutoAssignDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/AutoAssignDefault.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class implements an enrollment default policy
  * that automatically assign request to agent.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AutoAssignDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/BasicConstraintsExtDefault.java b/base/common/src/com/netscape/cms/profile/def/BasicConstraintsExtDefault.java
index c442bf576..a827b7eaf 100644
--- a/base/common/src/com/netscape/cms/profile/def/BasicConstraintsExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/BasicConstraintsExtDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates Basic Constraint extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class BasicConstraintsExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/CAEnrollDefault.java b/base/common/src/com/netscape/cms/profile/def/CAEnrollDefault.java
index 872e32960..1d1d05ed5 100644
--- a/base/common/src/com/netscape/cms/profile/def/CAEnrollDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/CAEnrollDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.ca.ICertificateAuthority;
  * This class implements an abstract CA specific
  * Enrollment default. This policy can only be
  * used with CA subsystem.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class CAEnrollDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java b/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java
index d1def3d5d..4bbd215a2 100644
--- a/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java
@@ -48,7 +48,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a CRL Distribution points extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CRLDistributionPointsExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java b/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java
index 8d4ae2288..e68ffca07 100644
--- a/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java
@@ -50,7 +50,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a policy mappings extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertificatePoliciesExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/CertificateVersionDefault.java b/base/common/src/com/netscape/cms/profile/def/CertificateVersionDefault.java
index d30f971dd..752d99cbb 100644
--- a/base/common/src/com/netscape/cms/profile/def/CertificateVersionDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/CertificateVersionDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a Netscape comment extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertificateVersionDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java b/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java
index 67ebadbe4..162d1647c 100644
--- a/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java
@@ -62,7 +62,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 
 /**
  * This class implements an enrollment default policy.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDefault {
@@ -125,7 +125,7 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale locale of the end user
      * @return localized description of this default policy
      */
@@ -145,7 +145,7 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
 
     /**
      * Populates attributes into the certificate template.
-     * 
+     *
      * @param request enrollment request
      * @param info certificate template
      * @exception EProfileException failed to populate attributes
@@ -156,7 +156,7 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
 
     /**
      * Sets values from the approval page into certificate template.
-     * 
+     *
      * @param name name of the attribute
      * @param locale user locale
      * @param info certificate template
@@ -171,7 +171,7 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
     /**
      * Retrieves certificate template values and returns them to
      * the approval page.
-     * 
+     *
      * @param name name of the attribute
      * @param locale user locale
      * @param info certificate template
@@ -184,10 +184,10 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
 
     /**
      * Populates the request with this policy default.
-     * 
+     *
      * The current implementation extracts enrollment specific attributes
      * and calls the populate() method of the subclass.
-     * 
+     *
      * @param request request to be populated
      * @exception EProfileException failed to populate
      */
@@ -220,10 +220,10 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
 
     /**
      * Sets the value of the given value property by name.
-     * 
+     *
      * The current implementation extracts enrollment specific attributes
      * and calls the setValue() method of the subclass.
-     * 
+     *
      * @param name name of property
      * @param locale locale of the end user
      * @param request request
@@ -244,10 +244,10 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
     /**
      * Retrieves the value of the given value
      * property by name.
-     * 
+     *
      * The current implementation extracts enrollment specific attributes
      * and calls the getValue() method of the subclass.
-     * 
+     *
      * @param name name of property
      * @param locale locale of the end user
      * @param request request
@@ -604,7 +604,7 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
     /**
      * Check if a object identifier in string form is valid,
      * that is a string in the form n.n.n.n and der encode and decode-able.
-     * 
+     *
      * @param oid object identifier string.
      * @return true if the oid is valid
      */
diff --git a/base/common/src/com/netscape/cms/profile/def/EnrollExtDefault.java b/base/common/src/com/netscape/cms/profile/def/EnrollExtDefault.java
index 24f79cdec..da395871b 100644
--- a/base/common/src/com/netscape/cms/profile/def/EnrollExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/EnrollExtDefault.java
@@ -21,7 +21,7 @@ package com.netscape.cms.profile.def;
  * This class implements an enrollment extension
  * default policy that extension into the certificate
  * template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class EnrollExtDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/ExtendedKeyUsageExtDefault.java b/base/common/src/com/netscape/cms/profile/def/ExtendedKeyUsageExtDefault.java
index f1d63a348..22f00eb94 100644
--- a/base/common/src/com/netscape/cms/profile/def/ExtendedKeyUsageExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/ExtendedKeyUsageExtDefault.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates Extended Key Usage extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ExtendedKeyUsageExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java b/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java
index acbbd1089..b78f0e6cf 100644
--- a/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates Freshest CRL extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class FreshestCRLExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/GenericExtDefault.java b/base/common/src/com/netscape/cms/profile/def/GenericExtDefault.java
index 1797091b7..d5d88c29e 100644
--- a/base/common/src/com/netscape/cms/profile/def/GenericExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/GenericExtDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a Netscape comment extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenericExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/ImageDefault.java b/base/common/src/com/netscape/cms/profile/def/ImageDefault.java
index 16a7ac402..c1e69c9f4 100644
--- a/base/common/src/com/netscape/cms/profile/def/ImageDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/ImageDefault.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class implements an enrollment default policy
  * that shows an image in the approval page.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ImageDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/InhibitAnyPolicyExtDefault.java b/base/common/src/com/netscape/cms/profile/def/InhibitAnyPolicyExtDefault.java
index 97cfb3ff4..cba06023f 100644
--- a/base/common/src/com/netscape/cms/profile/def/InhibitAnyPolicyExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/InhibitAnyPolicyExtDefault.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * This class implements an inhibit Any-Policy extension
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class InhibitAnyPolicyExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/IssuerAltNameExtDefault.java b/base/common/src/com/netscape/cms/profile/def/IssuerAltNameExtDefault.java
index 251d8a3e7..3feddd628 100644
--- a/base/common/src/com/netscape/cms/profile/def/IssuerAltNameExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/IssuerAltNameExtDefault.java
@@ -42,7 +42,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a issuer alternative name extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class IssuerAltNameExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/KeyUsageExtDefault.java b/base/common/src/com/netscape/cms/profile/def/KeyUsageExtDefault.java
index 1bfda9ad9..bbc4f5227 100644
--- a/base/common/src/com/netscape/cms/profile/def/KeyUsageExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/KeyUsageExtDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a Key Usage extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyUsageExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/NSCCommentExtDefault.java b/base/common/src/com/netscape/cms/profile/def/NSCCommentExtDefault.java
index cc96f3e90..f6da8aede 100644
--- a/base/common/src/com/netscape/cms/profile/def/NSCCommentExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/NSCCommentExtDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a Netscape comment extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NSCCommentExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/NSCertTypeExtDefault.java b/base/common/src/com/netscape/cms/profile/def/NSCertTypeExtDefault.java
index 0677ef69f..1ad86ea5f 100644
--- a/base/common/src/com/netscape/cms/profile/def/NSCertTypeExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/NSCertTypeExtDefault.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a Netscape Certificate Type extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NSCertTypeExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java b/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java
index e57d04067..929878de3 100644
--- a/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a name constraint extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NameConstraintsExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/NoDefault.java b/base/common/src/com/netscape/cms/profile/def/NoDefault.java
index 4678f4487..2e80aee2f 100644
--- a/base/common/src/com/netscape/cms/profile/def/NoDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/NoDefault.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * This class implements no default policy.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NoDefault implements IPolicyDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/OCSPNoCheckExtDefault.java b/base/common/src/com/netscape/cms/profile/def/OCSPNoCheckExtDefault.java
index 382f3cec3..ab5b8c62b 100644
--- a/base/common/src/com/netscape/cms/profile/def/OCSPNoCheckExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/OCSPNoCheckExtDefault.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates an OCSP No Check extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class OCSPNoCheckExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/PolicyConstraintsExtDefault.java b/base/common/src/com/netscape/cms/profile/def/PolicyConstraintsExtDefault.java
index db9b95a04..ced6096a3 100644
--- a/base/common/src/com/netscape/cms/profile/def/PolicyConstraintsExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/PolicyConstraintsExtDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a policy constraints extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PolicyConstraintsExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java b/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java
index 712641c0d..55a9e420e 100644
--- a/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a policy mappings extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PolicyMappingsExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/PrivateKeyUsagePeriodExtDefault.java b/base/common/src/com/netscape/cms/profile/def/PrivateKeyUsagePeriodExtDefault.java
index 20285567e..6532a13f0 100644
--- a/base/common/src/com/netscape/cms/profile/def/PrivateKeyUsagePeriodExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/PrivateKeyUsagePeriodExtDefault.java
@@ -40,7 +40,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a Private Key Usage Period extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PrivateKeyUsagePeriodExtDefault extends EnrollExtDefault {
@@ -290,7 +290,7 @@ public class PrivateKeyUsagePeriodExtDefault extends EnrollExtDefault {
         try {
             boolean critical = getConfigBoolean(CONFIG_CRITICAL);
 
-            // always + 60 seconds 
+            // always + 60 seconds
             String startTimeStr = getConfig(CONFIG_START_TIME);
 
             if (startTimeStr == null || startTimeStr.equals("")) {
diff --git a/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java b/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java
index d3838577e..0aa92937f 100644
--- a/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java
@@ -45,7 +45,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a subject alternative name extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectAltNameExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java b/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java
index cca5ab234..813e92a28 100644
--- a/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java
@@ -46,7 +46,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a subject directory attributes extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectDirAttributesExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java b/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java
index 8ea7533cc..d850147a4 100644
--- a/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java
@@ -42,7 +42,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class implements an enrollment default policy
  * that populates Subject Info Access extension.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectInfoAccessExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/SubjectKeyIdentifierExtDefault.java b/base/common/src/com/netscape/cms/profile/def/SubjectKeyIdentifierExtDefault.java
index 9476e45f6..a8f6a7415 100644
--- a/base/common/src/com/netscape/cms/profile/def/SubjectKeyIdentifierExtDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/SubjectKeyIdentifierExtDefault.java
@@ -42,7 +42,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a subject key identifier extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectKeyIdentifierExtDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/SubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/SubjectNameDefault.java
index 479219b84..31aee6dd6 100644
--- a/base/common/src/com/netscape/cms/profile/def/SubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/SubjectNameDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates server-side configurable subject name
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java b/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java
index 46a78c731..a78992a74 100644
--- a/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a user-supplied extension
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserExtensionDefault extends EnrollExtDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java b/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java
index b1dc9d116..f6bc488b2 100644
--- a/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/UserKeyDefault.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a user supplied key
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserKeyDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/UserSigningAlgDefault.java b/base/common/src/com/netscape/cms/profile/def/UserSigningAlgDefault.java
index 4aeed6ba3..7625f9a34 100644
--- a/base/common/src/com/netscape/cms/profile/def/UserSigningAlgDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/UserSigningAlgDefault.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a user-supplied signing algorithm
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserSigningAlgDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/UserSubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/UserSubjectNameDefault.java
index 65456e256..77d743334 100644
--- a/base/common/src/com/netscape/cms/profile/def/UserSubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/UserSubjectNameDefault.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a user-supplied subject name
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserSubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/UserValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/UserValidityDefault.java
index 3fadb81fd..8d5ca7d55 100644
--- a/base/common/src/com/netscape/cms/profile/def/UserValidityDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/UserValidityDefault.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a user-supplied validity
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserValidityDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java
index ad06400f3..0c31fb0a8 100644
--- a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java
@@ -39,7 +39,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates a server-side configurable validity
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ValidityDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/nsHKeySubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/nsHKeySubjectNameDefault.java
index 6b5ab6bc0..bd935fb53 100644
--- a/base/common/src/com/netscape/cms/profile/def/nsHKeySubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/nsHKeySubjectNameDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates server-side configurable subject name
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsHKeySubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/nsNKeySubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/nsNKeySubjectNameDefault.java
index cc1a8de81..c90b76c5d 100644
--- a/base/common/src/com/netscape/cms/profile/def/nsNKeySubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/nsNKeySubjectNameDefault.java
@@ -45,7 +45,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates server-side configurable subject name
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsNKeySubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/nsTokenDeviceKeySubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/nsTokenDeviceKeySubjectNameDefault.java
index 77fa417f6..9dfda47b5 100644
--- a/base/common/src/com/netscape/cms/profile/def/nsTokenDeviceKeySubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/nsTokenDeviceKeySubjectNameDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates server-side configurable subject name
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsTokenDeviceKeySubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
index 65adabfad..dff36748c 100644
--- a/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
@@ -45,7 +45,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements an enrollment default policy
  * that populates server-side configurable subject name
  * into the certificate template.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsTokenUserKeySubjectNameDefault extends EnrollDefault {
diff --git a/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java b/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java
index 77d4b1ce0..901cf5c71 100644
--- a/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java
@@ -39,9 +39,9 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * This input populates 2 main fields to the enrollment page:
  * 1/ Certificate Request Type, 2/ Certificate Request
  * 
    
- * 
+ *
  * This input usually is used by an enrollment profile for certificate requests.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMCCertReqInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/CertReqInput.java b/base/common/src/com/netscape/cms/profile/input/CertReqInput.java
index 0b7e9f071..50fac5a41 100644
--- a/base/common/src/com/netscape/cms/profile/input/CertReqInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/CertReqInput.java
@@ -42,9 +42,9 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * This input populates 2 main fields to the enrollment page:
  * 1/ Certificate Request Type, 2/ Certificate Request
  * 
    
- * 
+ *
  * This input usually is used by an enrollment profile for certificate requests.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertReqInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java
index 18b9ecf52..3205fca0a 100644
--- a/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java
@@ -42,10 +42,10 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * pages so that a CRMF request containing 2 certificate
  * requests will be generated.
  * 
    
- * 
+ *
  * This input can only be used with Netscape 7.x or later clients.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DualKeyGenInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java
index d59629f78..63c18483c 100644
--- a/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java
@@ -42,10 +42,10 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * populates parameters to the enrollment page for
  * key generation.
  * 
    
- * 
+ *
  * This input normally is used with user-based or non certificate request profile.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EncryptionKeyGenInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/EnrollInput.java b/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
index c4269ba7d..b4ed31223 100644
--- a/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
@@ -42,7 +42,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 
 /**
  * This class implements the base enrollment input.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class EnrollInput implements IProfileInput {
@@ -72,7 +72,7 @@ public abstract class EnrollInput implements IProfileInput {
 
     /**
      * Populates the request with this policy default.
-     * 
+     *
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
@@ -82,7 +82,7 @@ public abstract class EnrollInput implements IProfileInput {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale user locale
      * @return localized input name
      */
@@ -90,7 +90,7 @@ public abstract class EnrollInput implements IProfileInput {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale user locale
      * @return localized input description
      */
@@ -99,7 +99,7 @@ public abstract class EnrollInput implements IProfileInput {
     /**
      * Retrieves the descriptor of the given value
      * property by name.
-     * 
+     *
      * @param locale user locale
      * @param name property name
      * @return descriptor of the property
@@ -242,11 +242,11 @@ public abstract class EnrollInput implements IProfileInput {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
@@ -266,12 +266,12 @@ public abstract class EnrollInput implements IProfileInput {
 
     /**
      * Signed Audit Log Subject ID
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to obtain the "SubjectID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message SubjectID
      */
     protected String auditSubjectID() {
diff --git a/base/common/src/com/netscape/cms/profile/input/FileSigningInput.java b/base/common/src/com/netscape/cms/profile/input/FileSigningInput.java
index 357488186..f62a5964c 100644
--- a/base/common/src/com/netscape/cms/profile/input/FileSigningInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/FileSigningInput.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements the image
  * input that collects a picture.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class FileSigningInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/GenericInput.java b/base/common/src/com/netscape/cms/profile/input/GenericInput.java
index e8edfaa6d..e92fbe93e 100644
--- a/base/common/src/com/netscape/cms/profile/input/GenericInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/GenericInput.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class implements a generic input.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenericInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/ImageInput.java b/base/common/src/com/netscape/cms/profile/input/ImageInput.java
index 30570b56c..5874cc07f 100644
--- a/base/common/src/com/netscape/cms/profile/input/ImageInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/ImageInput.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements the image
  * input that collects a picture.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ImageInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java
index c2b3cf0d5..8be954024 100644
--- a/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java
@@ -42,10 +42,10 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * populates parameters to the enrollment page for
  * key generation.
  * 
    
- * 
+ *
  * This input normally is used with user-based or non certificate request profile.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyGenInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/SerialNumRenewInput.java b/base/common/src/com/netscape/cms/profile/input/SerialNumRenewInput.java
index 542a2c940..c2566139a 100644
--- a/base/common/src/com/netscape/cms/profile/input/SerialNumRenewInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/SerialNumRenewInput.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.request.IRequest;
  * This class implements the serial number input
  * for renewal
  * 
    
- * 
+ *
  * @author Christina Fu
  */
 public class SerialNumRenewInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java
index aa471d4f6..d60ed551f 100644
--- a/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java
@@ -42,10 +42,10 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * populates parameters to the enrollment page for
  * key generation.
  * 
    
- * 
+ *
  * This input normally is used with user-based or non certificate request profile.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SigningKeyGenInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/SubjectNameInput.java b/base/common/src/com/netscape/cms/profile/input/SubjectNameInput.java
index db70da666..2c0de4486 100644
--- a/base/common/src/com/netscape/cms/profile/input/SubjectNameInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/SubjectNameInput.java
@@ -44,7 +44,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * 
    
  * The collected parameters could be used for fomulating the subject name in the certificate.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubjectNameInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/SubmitterInfoInput.java b/base/common/src/com/netscape/cms/profile/input/SubmitterInfoInput.java
index 984706f42..e15e13e91 100644
--- a/base/common/src/com/netscape/cms/profile/input/SubmitterInfoInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/SubmitterInfoInput.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.request.IRequest;
  * input that collects certificate requestor's
  * information such as name, email and phone.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubmitterInfoInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/nsHKeyCertReqInput.java b/base/common/src/com/netscape/cms/profile/input/nsHKeyCertReqInput.java
index 3c6067891..15f296a9e 100644
--- a/base/common/src/com/netscape/cms/profile/input/nsHKeyCertReqInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/nsHKeyCertReqInput.java
@@ -37,9 +37,9 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * This input populates 2 main fields to the enrollment "page":
  * 1/ token cuid, 2/ publickey
  * 
    
- * 
+ *
  * This input usually is used by an enrollment profile for certificate requests coming from TPS.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsHKeyCertReqInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/input/nsNKeyCertReqInput.java b/base/common/src/com/netscape/cms/profile/input/nsNKeyCertReqInput.java
index 196798683..f14df1a80 100644
--- a/base/common/src/com/netscape/cms/profile/input/nsNKeyCertReqInput.java
+++ b/base/common/src/com/netscape/cms/profile/input/nsNKeyCertReqInput.java
@@ -37,9 +37,9 @@ import com.netscape.cms.profile.common.EnrollProfile;
  * This input populates 2 main fields to the enrollment "page":
  * 1/ id, 2/ publickey
  * 
    
- * 
+ *
  * This input usually is used by an enrollment profile for certificate requests coming from TPS.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsNKeyCertReqInput extends EnrollInput implements IProfileInput {
diff --git a/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java b/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java
index 2253460b1..9c04e6962 100644
--- a/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java
+++ b/base/common/src/com/netscape/cms/profile/output/CMMFOutput.java
@@ -47,7 +47,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 /**
  * This class implements the output plugin that outputs
  * CMMF response for the issued certificate.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMMFOutput extends EnrollOutput implements IProfileOutput {
diff --git a/base/common/src/com/netscape/cms/profile/output/CertOutput.java b/base/common/src/com/netscape/cms/profile/output/CertOutput.java
index 1293c055c..a556d4a44 100644
--- a/base/common/src/com/netscape/cms/profile/output/CertOutput.java
+++ b/base/common/src/com/netscape/cms/profile/output/CertOutput.java
@@ -36,7 +36,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 /**
  * This class implements the pretty print certificate output
  * that displays the issued certificate in a pretty print format.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertOutput extends EnrollOutput implements IProfileOutput {
diff --git a/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java b/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java
index 25a4b4908..06c940e8c 100644
--- a/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java
+++ b/base/common/src/com/netscape/cms/profile/output/EnrollOutput.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * This class implements the basic enrollment output.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class EnrollOutput implements IProfileOutput {
@@ -58,7 +58,7 @@ public abstract class EnrollOutput implements IProfileOutput {
 
     /**
      * Populates the request with this policy default.
-     * 
+     *
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
@@ -69,7 +69,7 @@ public abstract class EnrollOutput implements IProfileOutput {
     /**
      * Retrieves the descriptor of the given value
      * parameter by name.
-     * 
+     *
      * @param locale user locale
      * @param name property name
      * @return property descriptor
@@ -78,7 +78,7 @@ public abstract class EnrollOutput implements IProfileOutput {
 
     /**
      * Retrieves the localizable name of this policy.
-     * 
+     *
      * @param locale user locale
      * @return output policy name
      */
@@ -86,7 +86,7 @@ public abstract class EnrollOutput implements IProfileOutput {
 
     /**
      * Retrieves the localizable description of this policy.
-     * 
+     *
      * @param locale user locale
      * @return output policy description
      */
diff --git a/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java b/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java
index 0e01e15dd..c412eb2fd 100644
--- a/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java
+++ b/base/common/src/com/netscape/cms/profile/output/PKCS7Output.java
@@ -44,7 +44,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 /**
  * This class implements the output plugin that outputs
  * PKCS7 for the issued certificate.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PKCS7Output extends EnrollOutput implements IProfileOutput {
diff --git a/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java b/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java
index 6bf03f436..571022ad8 100644
--- a/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java
+++ b/base/common/src/com/netscape/cms/profile/output/nsNKeyOutput.java
@@ -35,7 +35,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 /**
  * This class implements the output plugin that outputs
  * DER for the issued certificate for token keys
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class nsNKeyOutput extends EnrollOutput implements IProfileOutput {
diff --git a/base/common/src/com/netscape/cms/profile/updater/SubsystemGroupUpdater.java b/base/common/src/com/netscape/cms/profile/updater/SubsystemGroupUpdater.java
index 52c87113d..cfe35df39 100644
--- a/base/common/src/com/netscape/cms/profile/updater/SubsystemGroupUpdater.java
+++ b/base/common/src/com/netscape/cms/profile/updater/SubsystemGroupUpdater.java
@@ -45,7 +45,7 @@ import com.netscape.cms.profile.common.EnrollProfile;
 /**
  * This updater class will create the new user to the subsystem group and
  * then add the subsystem certificate to the user.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SubsystemGroupUpdater implements IProfileUpdater {
diff --git a/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java b/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java
index 7f70722d0..acac975cb 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/AVAPattern.java
@@ -57,16 +57,16 @@ import com.netscape.certsrv.request.IRequest;
  * attribute formulated from the certificate
  * subject name, extension or request attributes.
  * 
    
- * 
+ *
  * The syntax is
- * 
+ *
  * 
    - *     avaPattern := constant-value | 
- *                   "$subj" "." attrName [ "." attrNumber ] | 
- *                   "$req" "." [ prefix .] attrName [ "." attrNumber ] | 
+ *     avaPattern := constant-value |
+ *                   "$subj" "." attrName [ "." attrNumber ] |
+ *                   "$req" "." [ prefix .] attrName [ "." attrNumber ] |
  *                   "$ext" "." extName [ "." nameType ] [ "." attrNumber ]
  * 
    
- * 
+ *
  * 
      * Example: $ext.SubjectAlternativeName.RFC822Name.1
  * cert subjectAltName is rfc822Name: jjames@mcom.com
@@ -77,9 +77,9 @@ import com.netscape.certsrv.request.IRequest;
  *     The first rfc822name value in the subjAltName extension.  
    
  * 
    
  * 
    
- * 
+ *
  * If a request attribute or subject DN component does not exist, the attribute is skipped.
- * 
+ *
  * @version $Revision$, $Date$
  */
 class AVAPattern {
@@ -117,12 +117,12 @@ class AVAPattern {
     /* value type */
     protected String mType = null;
 
-    /* value - could be name of a request  attribute or 
+    /* value - could be name of a request  attribute or
      * cert subject attribute or extension name.
      */
     protected String mValue = null;
 
-    /* value type - general name type of an 
+    /* value type - general name type of an
      *              extension attribute if any.
      */
     protected String mGNType = null;
@@ -174,7 +174,7 @@ class AVAPattern {
         }
 
         if (c == '$') {
-            // check for $subj $ext or $req 
+            // check for $subj $ext or $req
             try {
                 c = in.read();
             } catch (IOException e) {
@@ -252,7 +252,7 @@ class AVAPattern {
                 }
 
                 if (c == '+' || c == ',') { // either ',' or '+'
-                    in.unread(c); // pushback last , or + 
+                    in.unread(c); // pushback last , or +
                 }
             } catch (IOException e) {
                 throw new ELdapException(
@@ -350,7 +350,7 @@ class AVAPattern {
             // value is constant. treat as regular ava.
             mType = TYPE_CONSTANT;
 
-            // parse ava value. 
+            // parse ava value.
             StringBuffer valueBuf = new StringBuffer();
 
             valueBuf.append((char) c);
@@ -362,7 +362,7 @@ class AVAPattern {
                 }
 
                 if (c == '+' || c == ',') { // either ',' or '+'
-                    in.unread(c); // pushback last , or + 
+                    in.unread(c); // pushback last , or +
                 }
             } catch (IOException e) {
                 throw new ELdapException(
@@ -371,9 +371,9 @@ class AVAPattern {
 
             mValue = valueBuf.toString().trim();
 
-            /*  try { 
+            /*  try {
              *      AVA ava = mLdapDNStrConverter.parseAVA(
-             *                    valueBuf.toString()); 
+             *                    valueBuf.toString());
              *      mValue = ava.toLdapDNString();
              *      //System.out.println("----- mValue "+mValue);
              *  } catch (IOException e) {
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapCaSimpleMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapCaSimpleMap.java
index bbf641540..a1a65a342 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapCaSimpleMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapCaSimpleMap.java
@@ -54,7 +54,7 @@ import com.netscape.certsrv.request.IRequest;
  * in the directory to publish the cert or crl.
  * The restriction of this mapper is that the ldap dn components must
  * be part of certificate subject name or request attributes or constant.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCaSimpleMap implements ILdapMapper, IExtendedPluginInfo {
@@ -82,7 +82,7 @@ public class LdapCaSimpleMap implements ILdapMapper, IExtendedPluginInfo {
 
     /**
      * Constructor.
-     * 
+     *
      * @param dnPattern The base DN.
      */
     public LdapCaSimpleMap(String dnPattern) {
@@ -157,7 +157,7 @@ public class LdapCaSimpleMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Maps a X500 subject name to LDAP entry.
      * Uses DN pattern to form a DN for a LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param obj the object to map.
      * @exception ELdapException if any LDAP exceptions occured.
@@ -170,7 +170,7 @@ public class LdapCaSimpleMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Maps a X500 subject name to LDAP entry.
      * Uses DN pattern to form a DN for a LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param req the request to map.
      * @param obj the object to map.
@@ -277,7 +277,7 @@ public class LdapCaSimpleMap implements ILdapMapper, IExtendedPluginInfo {
 
     /**
      * form a dn from component in the request and cert subject name
-     * 
+     *
      * @param req The request
      * @param obj The certificate or crl
      */
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapCertCompsMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapCertCompsMap.java
index 2373e3c66..d1a734b82 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapCertCompsMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapCertCompsMap.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.request.IRequest;
  * If the baseDN is null and none of the DN comps matched, it is an error.
  * If none of the DN comps and filter comps matched, it is an error.
  * If just the filter comps is null, a base search is performed.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCertCompsMap
@@ -57,14 +57,14 @@ public class LdapCertCompsMap
 
     /**
      * Constructor.
-     * 
+     *
      * The DN comps are used to form a LDAP entry to begin a subtree search.
      * The filter comps are used to form a search filter for the subtree.
      * If none of the DN comps matched, baseDN is used for the subtree.
      * If the baseDN is null and none of the DN comps matched, it is an error.
      * If none of the DN comps and filter comps matched, it is an error.
      * If just the filter comps is null, a base search is performed.
-     * 
+     *
      * @param baseDN The base DN.
      * @param dnComps Components to form the LDAP base dn for search.
      * @param filterComps Components to form the LDAP search filter.
@@ -116,7 +116,7 @@ public class LdapCertCompsMap
      * If the formed DN is null and baseDN is null an error is thrown.
      * If the filter is null a base search is performed.
      * If both are null an error is thrown.
-     * 
+     *
      * @param conn - the LDAP connection.
      * @param obj - the X509Certificate.
      */
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java
index 11b53a797..5c085481d 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapCertExactMap.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * Maps a X509 certificate to a LDAP entry by using the subject name
  * of the certificate as the LDAP entry DN.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo {
@@ -103,7 +103,7 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Finds the entry for the certificate by looking for the cert
      * subject name in the subject name attribute.
-     * 
+     *
      * @param conn - the LDAP connection.
      * @param obj - the X509Certificate.
      */
@@ -172,13 +172,13 @@ public class LdapCertExactMap implements ILdapMapper, IExtendedPluginInfo {
 
         /*
          catch (IOException e) {
-         log(ILogger.LL_FAILURE, 
+         log(ILogger.LL_FAILURE,
          CMS.getLogMessage("PUBLISH_CANT_GET_SUBJECT", e.toString()));
          throw new ELdapException(
          LdapResources.GET_CERT_SUBJECT_DN_FAILED, e);
          }
          catch (CertificateEncodingException e) {
-         log(ILogger.LL_FAILURE, 
+         log(ILogger.LL_FAILURE,
          CMS.getLogMessage("PUBLISH_CANT_DECODE_CERT", e.toString()));
          throw new ELdapException(
          LdapResources.GET_DER_ENCODED_CERT_FAILED, e);
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapCertSubjMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapCertSubjMap.java
index 4d5ff38c8..61ffef947 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapCertSubjMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapCertSubjMap.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * Maps a X509 certificate to a LDAP entry by finding an LDAP entry
  * which has an attribute whose contents are equal to the cert subject name.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCertSubjMap implements ILdapMapper, IExtendedPluginInfo {
@@ -62,7 +62,7 @@ public class LdapCertSubjMap implements ILdapMapper, IExtendedPluginInfo {
 
     /**
      * constructs a certificate subject name mapper with search base.
-     * 
+     *
      * @param searchBase the dn to start searching for the certificate
      *            subject name.
      */
@@ -76,7 +76,7 @@ public class LdapCertSubjMap implements ILdapMapper, IExtendedPluginInfo {
 
     /**
      * Constructor using non-ES cert map attribute name.
-     * 
+     *
      * @param searchBase entry to start search.
      * @param certSubjNameAttr attribute for certificate subject names.
      * @param certAttr attribute to find certificate.
@@ -172,7 +172,7 @@ public class LdapCertSubjMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Finds the entry for the certificate by looking for the cert
      * subject name in the subject name attribute.
-     * 
+     *
      * @param conn - the LDAP connection.
      * @param obj - the X509Certificate.
      */
@@ -242,13 +242,13 @@ public class LdapCertSubjMap implements ILdapMapper, IExtendedPluginInfo {
 
         /*
          catch (IOException e) {
-         log(ILogger.LL_FAILURE, 
+         log(ILogger.LL_FAILURE,
          CMS.getLogMessage("PUBLISH_CANT_GET_SUBJECT", e.toString()));
          throw new ELdapException(
          LdapResources.GET_CERT_SUBJECT_DN_FAILED, e);
          }
          catch (CertificateEncodingException e) {
-         log(ILogger.LL_FAILURE, 
+         log(ILogger.LL_FAILURE,
          CMS.getLogMessage("PUBLISH_CANT_DECODE_CERT", e.toString()));
          throw new ELdapException(
          LdapResources.GET_DER_ENCODED_CERT_FAILED, e);
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapCrlIssuerCompsMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapCrlIssuerCompsMap.java
index 654de5d30..7c4c3c4b0 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapCrlIssuerCompsMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapCrlIssuerCompsMap.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.request.IRequest;
  * Default crl mapper.
  * maps the crl to a ldap entry by using components in the issuer name
  * to find the CA's entry.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCrlIssuerCompsMap
@@ -49,14 +49,14 @@ public class LdapCrlIssuerCompsMap
 
     /**
      * Constructor.
-     * 
+     *
      * The DN comps are used to form a LDAP entry to begin a subtree search.
      * The filter comps are used to form a search filter for the subtree.
      * If none of the DN comps matched, baseDN is used for the subtree.
      * If the baseDN is null and none of the DN comps matched, it is an error.
      * If none of the DN comps and filter comps matched, it is an error.
      * If just the filter comps is null, a base search is performed.
-     * 
+     *
      * @param baseDN The base DN.
      * @param dnComps Components to form the LDAP base dn for search.
      * @param filterComps Components to form the LDAP search filter.
@@ -110,7 +110,7 @@ public class LdapCrlIssuerCompsMap
      * If the formed DN is null and baseDN is null an error is thrown.
      * If the filter is null a base search is performed.
      * If both are null an error is thrown.
-     * 
+     *
      * @param conn - the LDAP connection.
      * @param obj - the X509Certificate.
      * @return the result. LdapCertMapResult is also used for CRL.
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
index 73549f1b5..1f7f06f69 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapDNCompsMap.java
@@ -55,7 +55,7 @@ import com.netscape.certsrv.publish.ILdapPlugin;
  * If the baseDN is null and none of the DN comps matched, it is an error.
  * If none of the DN comps and filter comps matched, it is an error.
  * If just the filter comps is null, a base search is performed.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapDNCompsMap
@@ -71,14 +71,14 @@ public class LdapDNCompsMap
 
     /**
      * Constructor.
-     * 
+     *
      * The DN comps are used to form a LDAP entry to begin a subtree search.
      * The filter comps are used to form a search filter for the subtree.
      * If none of the DN comps matched, baseDN is used for the subtree.
      * If the baseDN is null and none of the DN comps matched, it is an error.
      * If none of the DN comps and filter comps matched, it is an error.
      * If just the filter comps is null, a base search is performed.
-     * 
+     *
      * @param baseDN The base DN.
      * @param dnComps Components to form the LDAP base dn for search.
      * @param filterComps Components to form the LDAP search filter.
@@ -209,7 +209,7 @@ public class LdapDNCompsMap
      * If the formed DN is null and baseDN is null an error is thrown.
      * If the filter is null a base search is performed.
      * If both are null an error is thrown.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param x500name the dn to map.
      * @param obj the object
@@ -234,8 +234,8 @@ public class LdapDNCompsMap
                 // if (filter == null) {
                 //	log(ILogger.LL_FAILURE, "No dn and filter formed");
                 //	throw new ELdapException(
-                //		LdapResources.NO_DN_AND_FILTER_COMPS, 
-                //		x500name.toString()); 
+                //		LdapResources.NO_DN_AND_FILTER_COMPS,
+                //		x500name.toString());
                 // }
                 if (mBaseDN == null) {
                     log(ILogger.LL_FAILURE,
@@ -302,7 +302,7 @@ public class LdapDNCompsMap
 
     /**
      * form a dn and filter from component in the cert subject name
-     * 
+     *
      * @param subjName subject name
      */
     public String[] formDNandFilter(X500Name subjName)
@@ -359,7 +359,7 @@ public class LdapDNCompsMap
                     }
                 }
 
-                // XXX should be an error when string is null? 
+                // XXX should be an error when string is null?
                 // return to caller to decide.
                 if (dnRdns.size() != 0) {
                     dnStr = new X500Name(dnRdns).toLdapDNString();
@@ -417,7 +417,7 @@ public class LdapDNCompsMap
      * arrays of objectidentifiers.
      * The string is expected to be comma separated AVA attribute names.
      * For example, "uid,cn,o,ou". Attribute names are case insensitive.
-     * 
+     *
      * @param val the string specifying the comps
      * @exception ELdapException if any error occurs.
      */
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapEnhancedMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapEnhancedMap.java
index c9a7f867c..d94032071 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapEnhancedMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapEnhancedMap.java
@@ -72,7 +72,7 @@ import com.netscape.certsrv.request.IRequest;
  * entry is not found, it has the option to create
  * the ldap entry given the dn and attributes
  * formulated.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapEnhancedMap
@@ -105,7 +105,7 @@ public class LdapEnhancedMap
     /* mapper plug-in fields */
     protected static final String PROP_DNPATTERN = "dnPattern";
     protected static final String PROP_CREATE = "createEntry";
-    // the object class of the entry to be created. xxxx not done yet  
+    // the object class of the entry to be created. xxxx not done yet
     protected static final String PROP_OBJCLASS = "objectClass";
     // req/cert/ext attribute --> directory attribute table
     protected static final String PROP_ATTRNUM = "attrNum";
@@ -206,7 +206,7 @@ public class LdapEnhancedMap
 
     /**
      * form a dn from component in the request and cert subject name
-     * 
+     *
      * @param req The request
      * @param obj The certificate or crl
      */
@@ -332,7 +332,7 @@ public class LdapEnhancedMap
 
     /**
      * for initializing from config store.
-     * 
+     *
      * implementation for extended
      * ILdapPlugin interface method
      */
@@ -439,7 +439,7 @@ public class LdapEnhancedMap
     /**
      * Maps an X500 subject name to an LDAP entry.
      * Uses DN pattern to form a DN for an LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param obj the object to map.
      * @exception ELdapException if any LDAP exceptions occurred.
@@ -452,7 +452,7 @@ public class LdapEnhancedMap
     /**
      * Maps an X500 subject name to an LDAP entry.
      * Uses DN pattern to form a DN for an LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param req the request to map.
      * @param obj the object to map.
diff --git a/base/common/src/com/netscape/cms/publish/mappers/LdapSimpleMap.java b/base/common/src/com/netscape/cms/publish/mappers/LdapSimpleMap.java
index 642729673..67d98f4cc 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/LdapSimpleMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/LdapSimpleMap.java
@@ -51,7 +51,7 @@ import com.netscape.certsrv.request.IRequest;
  * in the directory to publish the cert or crl.
  * The restriction of this mapper is that the ldap dn components must
  * be part of certificate subject name or request attributes or constant.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapSimpleMap implements ILdapMapper, IExtendedPluginInfo {
@@ -77,7 +77,7 @@ public class LdapSimpleMap implements ILdapMapper, IExtendedPluginInfo {
 
     /**
      * Constructor.
-     * 
+     *
      * @param dnPattern The base DN.
      */
     public LdapSimpleMap(String dnPattern) {
@@ -151,7 +151,7 @@ public class LdapSimpleMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Maps a X500 subject name to LDAP entry.
      * Uses DN pattern to form a DN for a LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param obj the object to map.
      * @exception ELdapException if any LDAP exceptions occured.
@@ -164,7 +164,7 @@ public class LdapSimpleMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Maps a X500 subject name to LDAP entry.
      * Uses DN pattern to form a DN for a LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param req the request to map.
      * @param obj the object to map.
@@ -201,7 +201,7 @@ public class LdapSimpleMap implements ILdapMapper, IExtendedPluginInfo {
             LDAPEntry entry = results.next();
 
             if (results.hasMoreElements()) {
-                log(ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_MORE_THAN_ONE_ENTRY", dn, ((req == null) ? "" : 
+                log(ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_MORE_THAN_ONE_ENTRY", dn, ((req == null) ? "" :
                         req.getRequestId().toString())));
                 throw new ELdapException(CMS.getUserMessage("CMS_LDAP_MORE_THAN_ONE_ENTRY",
                             ((req == null) ? "" : req.getRequestId().toString())));
@@ -237,7 +237,7 @@ public class LdapSimpleMap implements ILdapMapper, IExtendedPluginInfo {
 
     /**
      * form a dn from component in the request and cert subject name
-     * 
+     *
      * @param req The request
      * @param obj The certificate or crl
      */
diff --git a/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java b/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java
index 7aeb672d0..ef7fa9d13 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java
@@ -45,41 +45,41 @@ import com.netscape.certsrv.request.IRequest;
  * class for parsing a DN pattern used to construct a ldap dn from
  * request attributes and cert subject name.
  * 
    
- * 
+ *
  * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and
  * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
  * 
    
- * 
+ *
  * The syntax is
- * 
+ *
  * 
      * 	dnPattern := rdnPattern *[ "," rdnPattern ]
  * 	rdnPattern := avaPattern *[ "+" avaPattern ]
- * 		avaPattern := name "=" value | 
- * 			      name "=" "$subj" "." attrName [ "." attrNumber ] | 
- * 			      name "=" "$ext" "." extName [ "." nameType ] [ "." attrNumber ] 
- * 			      name "=" "$req" "." attrName [ "." attrNumber ] | 
+ * 		avaPattern := name "=" value |
+ * 			      name "=" "$subj" "." attrName [ "." attrNumber ] |
+ * 			      name "=" "$ext" "." extName [ "." nameType ] [ "." attrNumber ]
+ * 			      name "=" "$req" "." attrName [ "." attrNumber ] |
  * 			 	  "$rdn" "." number
  * 
    
- * 
+ *
  * 
      * Example1: cn=Certificate Manager,ou=people,o=mcom.com
  * cert subject name: dn:  CN=Certificate Manager, OU=people, O=mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     CN=Certificate Manager, OU=people, O=mcom.com
  * 
    
  * note: Subordinate ca enrollment will use ca mapper. Use predicate
  * to distinguish the ca itself and the subordinates.
- * 
+ *
  * Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, OU=people, , O=mcom.com
  * cert subject name: dn:  UID=jjames, OU=IS, OU=people, , O=mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     UID=jjames, OU=IS, OU=people, O=mcom.com
- * 
    	
+ * 
    
  *     UID = the 'uid' attribute value in the request. 
    
  *     OU = the 'ou' value in the cert subject name.  
    
  *     O = the string mcom.com. 
    
@@ -87,20 +87,20 @@ import com.netscape.certsrv.request.IRequest;
  * Example3: UID=$req.HTTP_PARAMS.uid, E=$ext.SubjectAlternativeName.RFC822Name.1, O=mcom.com
  * cert subject name: dn:  UID=jjames, OU=IS, OU=people, O=mcom.com
  * cert subjectAltName is rfc822Name: jjames@mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     UID=jjames, E=jjames@mcom.com, O=mcom.com
- * 
    	
+ * 
    
  *     UID = the 'uid' attribute value in the request. 
    
  *     E = The first rfc822name value in the subjAltName extension.  
    
  *     O = the string mcom.com. 
    
  * 
    
  * 
    
- * 
+ *
  * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk
  * that a wrong dn will be mapped into.
- * 
+ *
  * @version $Revision$, $Date$
  */
 class MapAVAPattern {
@@ -138,7 +138,7 @@ class MapAVAPattern {
     /* the attribute in the AVA pair */
     protected String mAttr = null;
 
-    /* value - could be name of a request  attribute or 
+    /* value - could be name of a request  attribute or
      * cert subject dn attribute. */
     protected String mValue = null;
 
@@ -185,7 +185,7 @@ class MapAVAPattern {
         if (c == -1)
             throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX", "All blank"));
 
-        // $rdn "." number syntax. 
+        // $rdn "." number syntax.
 
         if (c == '$') {
             //System.out.println("$rdn syntax");
@@ -230,9 +230,9 @@ class MapAVAPattern {
             return;
         }
 
-        // name "=" ... syntax. 
+        // name "=" ... syntax.
 
-        // read name 
+        // read name
         //System.out.println("reading name");
 
         StringBuffer attrBuf = new StringBuffer();
@@ -253,10 +253,10 @@ class MapAVAPattern {
             throw new ECompSyntaxErr(CMS.getUserMessage("CMS_AUTHENTICATION_COMPONENT_SYNTAX",
                     "Missing \"=\" in ava pattern"));
 
-        // read value 
+        // read value
         //System.out.println("reading value");
 
-        // skip spaces 
+        // skip spaces
         //System.out.println("skip spaces for value");
         try {
             while ((c = in.read()) == ' ' || c == '\t') {//System.out.println("spaces2 read "+(char)c);
@@ -271,7 +271,7 @@ class MapAVAPattern {
                     "no value after = in ava pattern"));
 
         if (c == '$') {
-            // check for $subj $ext or $req 
+            // check for $subj $ext or $req
             try {
                 c = in.read();
                 //System.out.println("check $dn or $attr read "+(char)c);
@@ -327,7 +327,7 @@ class MapAVAPattern {
                             "unknown keyword. expecting $subj $ext or $req."));
             }
 
-            // get request attr name of subject dn pattern from above. 
+            // get request attr name of subject dn pattern from above.
             String attrName = attrBuf.toString().trim();
 
             //System.out.println("----- attrName "+attrName);
@@ -337,10 +337,10 @@ class MapAVAPattern {
             mAttr = attrName;
 
             /*
-             try { 
-             ObjectIdentifier attrOid = 
-             mLdapDNStrConverter.parseAVAKeyword(attrName); 
-             mAttr = mLdapDNStrConverter.encodeOID(attrOid);		
+             try {
+             ObjectIdentifier attrOid =
+             mLdapDNStrConverter.parseAVAKeyword(attrName);
+             mAttr = mLdapDNStrConverter.encodeOID(attrOid);
              //System.out.println("----- mAttr "+mAttr);
              }
              catch (IOException e) {
@@ -359,7 +359,7 @@ class MapAVAPattern {
                     valueBuf.append((char) c);
                 }
                 if (c == '+' || c == ',') // either ',' or '+'
-                    in.unread(c); // pushback last , or + 
+                    in.unread(c); // pushback last , or +
             } catch (IOException e) {
                 throw new ELdapException(
                         CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString()));
@@ -439,7 +439,7 @@ class MapAVAPattern {
             // value is constant. treat as regular ava.
             mType = TYPE_CONSTANT;
             //System.out.println("----- mType constant");
-            // parse ava value. 
+            // parse ava value.
             StringBuffer valueBuf = new StringBuffer();
 
             valueBuf.append((char) c);
@@ -450,7 +450,7 @@ class MapAVAPattern {
                     valueBuf.append((char) c);
                 }
                 if (c == '+' || c == ',') { // either ',' or '+'
-                    in.unread(c); // pushback last , or + 
+                    in.unread(c); // pushback last , or +
                 }
             } catch (IOException e) {
                 throw new ELdapException(
diff --git a/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java b/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java
index 7a9025b1d..dc446a7b7 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java
@@ -34,49 +34,49 @@ import com.netscape.certsrv.request.IRequest;
  * class for parsing a DN pattern used to construct a ldap dn from
  * request attributes and cert subject name.
  * 
    
- * 
+ *
  * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and
  * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
  * 
    
- * 
+ *
  * The syntax is
- * 
+ *
  * 
      * 	dnPattern := rdnPattern *[ "," rdnPattern ]
  * 	rdnPattern := avaPattern *[ "+" avaPattern ]
- * 		avaPattern := name "=" value | 
- * 			      name "=" "$subj" "." attrName [ "." attrNumber ] | 
- * 			      name "=" "$req" "." attrName [ "." attrNumber ] | 
+ * 		avaPattern := name "=" value |
+ * 			      name "=" "$subj" "." attrName [ "." attrNumber ] |
+ * 			      name "=" "$req" "." attrName [ "." attrNumber ] |
  *     		 	  "$rdn" "." number
  * 
    
- * 
+ *
  * 
      * Example1: cn=Certificate Manager,ou=people,o=mcom.com
  * cert subject name: dn:  CN=Certificate Manager, OU=people, O=mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     CN=Certificate Manager, OU=people, O=mcom.com
  * 
    
  * note: Subordinate ca enrollment will use ca mapper. Use predicate
  * to distinguish the ca itself and the subordinates.
- * 
+ *
  * Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com
  * cert subject name: dn:  UID=jjames, OU=IS, O=people, , O=mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     UID=jjames, OU=IS, OU=people, O=mcom.com
- * 
    	
+ * 
    
  *     UID = the 'uid' attribute value in the request. 
    
  *     OU = the 'ou' value in the cert subject name.  
    
  *     O = the string people, mcom.com. 
    
  * 
    
  * 
    
- * 
+ *
  * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk
  * that a wrong dn will be mapped into.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class MapDNPattern {
@@ -97,7 +97,7 @@ public class MapDNPattern {
 
     /**
      * Construct a DN pattern by parsing a pattern string.
-     * 
+     *
      * @param pattern the DN pattern
      * @exception EBaseException If parsing error occurs.
      */
@@ -166,7 +166,7 @@ public class MapDNPattern {
 
     /**
      * Form a Ldap v3 DN string from a request and a cert subject name.
-     * 
+     *
      * @param req the request for (un)publish
      * @param subject the subjectDN of the certificate
      * @return Ldap v3 DN string to use for base ldap search.
diff --git a/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java b/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java
index c1688345b..61da1d7d2 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java
@@ -33,49 +33,49 @@ import com.netscape.certsrv.request.IRequest;
  * class for parsing a DN pattern used to construct a ldap dn from
  * request attributes and cert subject name.
  * 
    
- * 
+ *
  * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and
  * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn.
  * 
    
- * 
+ *
  * The syntax is
- * 
+ *
  * 
      * 	dnPattern := rdnPattern *[ "," rdnPattern ]
  * 	rdnPattern := avaPattern *[ "+" avaPattern ]
- * 		avaPattern := name "=" value | 
- * 			      name "=" "$subj" "." attrName [ "." attrNumber ] | 
- * 			      name "=" "$req" "." attrName [ "." attrNumber ] | 
+ * 		avaPattern := name "=" value |
+ * 			      name "=" "$subj" "." attrName [ "." attrNumber ] |
+ * 			      name "=" "$req" "." attrName [ "." attrNumber ] |
  * 			 	  "$rdn" "." number
  * 
    
- * 
+ *
  * 
      * Example1: cn=Certificate Manager,ou=people,o=mcom.com
  * cert subject name: dn:  CN=Certificate Manager, OU=people, O=mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     CN=Certificate Manager, OU=people, O=mcom.com
  * 
    
  * note: Subordinate ca enrollment will use ca mapper. Use predicate
  * to distinguish the ca itself and the subordinates.
- * 
+ *
  * Example2: UID=$req.HTTP_PARAMS.uid, OU=$subj.ou, O=people, , O=mcom.com
  * cert subject name: dn:  UID=jjames, OU=IS, O=people, , O=mcom.com
- * request attributes: uid: cmanager 
+ * request attributes: uid: cmanager
  * 
    
  * The dn formulated will be : 
    
  *     UID=jjames, OU=IS, OU=people, O=mcom.com
- * 
    	
+ * 
    
  *     UID = the 'uid' attribute value in the request. 
    
  *     OU = the 'ou' value in the cert subject name.  
    
  *     O = the string people, mcom.com. 
    
  * 
    
  * 
    
- * 
+ *
  * If an request attribute or subject DN component does not exist, the attribute is skipped.There is potential risk that
  * a wrong dn will be mapped into.
- * 
+ *
  * @version $Revision$, $Date$
  */
 class MapRDNPattern {
@@ -96,7 +96,7 @@ class MapRDNPattern {
 
     /**
      * Construct a DN pattern by parsing a pattern string.
-     * 
+     *
      * @param pattenr the DN pattern
      * @exception ELdapException If parsing error occurs.
      */
@@ -146,7 +146,7 @@ class MapRDNPattern {
 
         if (lastChar != -1) {
             try {
-                in.unread(lastChar); // pushback last , 
+                in.unread(lastChar); // pushback last ,
             } catch (IOException e) {
                 throw new ELdapException(
                         CMS.getUserMessage("CMS_LDAP_INTERNAL_ERROR", e.toString()));
@@ -183,7 +183,7 @@ class MapRDNPattern {
 
     /**
      * Form a Ldap v3 DN string from a request and a cert subject name.
-     * 
+     *
      * @param req the request for (un)publish
      * @param subject the subjectDN of the certificate
      * @return Ldap v3 DN string to use for base ldap search.
diff --git a/base/common/src/com/netscape/cms/publish/mappers/NoMap.java b/base/common/src/com/netscape/cms/publish/mappers/NoMap.java
index 155c54ce0..cc12714e2 100644
--- a/base/common/src/com/netscape/cms/publish/mappers/NoMap.java
+++ b/base/common/src/com/netscape/cms/publish/mappers/NoMap.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * No Map
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class NoMap implements ILdapMapper, IExtendedPluginInfo {
@@ -68,7 +68,7 @@ public class NoMap implements ILdapMapper, IExtendedPluginInfo {
     /**
      * Maps a X500 subject name to LDAP entry.
      * Uses DN pattern to form a DN for a LDAP base search.
-     * 
+     *
      * @param conn the LDAP connection.
      * @param obj the object to map.
      * @exception ELdapException if any LDAP exceptions occured.
diff --git a/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
index cb13b2452..c41025b54 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
@@ -50,7 +50,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * This publisher writes certificate and CRL into
  * a directory.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
@@ -257,7 +257,7 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
                 oldLink.delete();
             }
             File link = new File(linkName);
-            if (link.exists()) { // current link becomes an old link 
+            if (link.exists()) { // current link becomes an old link
                 link.renameTo(new File(linkName + ".old"));
             }
             File newLink = new File(linkName + ".new");
@@ -275,7 +275,7 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
 
     /**
      * Publishs a object to the ldap directory.
-     * 
+     *
      * @param conn a Ldap connection
      *            (null if LDAP publishing is not enabled)
      * @param dn dn of the ldap entry to publish cert
@@ -391,7 +391,7 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
 
     /**
      * Unpublishs a object to the ldap directory.
-     * 
+     *
      * @param conn the Ldap connection
      *            (null if LDAP publishing is not enabled)
      * @param dn dn of the ldap entry to unpublish cert
diff --git a/base/common/src/com/netscape/cms/publish/publishers/LdapCaCertPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/LdapCaCertPublisher.java
index e47318b76..cbc77560f 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/LdapCaCertPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/LdapCaCertPublisher.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.publish.ILdapPublisher;
 
 /**
  * Interface for publishing a CA certificate to
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCaCertPublisher
@@ -152,7 +152,7 @@ public class LdapCaCertPublisher
      * Adds the cert to the multi-valued certificate attribute as a
      * DER encoded binary blob. Does not check if cert already exists.
      * Converts the class to certificateAuthority.
-     * 
+     *
      * @param conn the LDAP connection
      * @param dn dn of the entry to publish the certificate
      * @param certObj the certificate object.
diff --git a/base/common/src/com/netscape/cms/publish/publishers/LdapCertSubjPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/LdapCertSubjPublisher.java
index 9000f6834..ac2b64973 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/LdapCertSubjPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/LdapCertSubjPublisher.java
@@ -47,7 +47,7 @@ import com.netscape.certsrv.publish.ILdapPublisher;
  * Interface for mapping a X509 certificate to a LDAP entry
  * Publishes a certificate as binary and its subject name.
  * there is one subject name value for each certificate.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCertSubjPublisher implements ILdapPublisher {
@@ -136,7 +136,7 @@ public class LdapCertSubjPublisher implements ILdapPublisher {
      * Adds the cert to the multi-valued certificate attribute as a
      * DER encoded binary blob. Does not check if cert already exists.
      * Then adds the subject name of the cert to the subject name attribute.
-     * 
+     *
      * @param conn the LDAP connection
      * @param dn dn of the entry to publish the certificate
      * @param certObj the certificate object.
@@ -298,7 +298,7 @@ public class LdapCertSubjPublisher implements ILdapPublisher {
                 return;
             }
 
-            // delete cert if there. 
+            // delete cert if there.
             LDAPModificationSet modSet = new LDAPModificationSet();
 
             if (hasCert) {
diff --git a/base/common/src/com/netscape/cms/publish/publishers/LdapCertificatePairPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/LdapCertificatePairPublisher.java
index c65ff79d5..014cc0e5e 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/LdapCertificatePairPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/LdapCertificatePairPublisher.java
@@ -41,7 +41,7 @@ import com.netscape.certsrv.publish.ILdapPublisher;
 /**
  * module for publishing a cross certificate pair to ldap
  * crossCertificatePair attribute
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCertificatePairPublisher
@@ -153,7 +153,7 @@ public class LdapCertificatePairPublisher
     /**
      * publish a certificatePair
      * -should not be called from listeners.
-     * 
+     *
      * @param conn the LDAP connection
      * @param dn dn of the entry to publish the XcertificatePair
      * @param pair the Xcertificate bytes object.
@@ -166,7 +166,7 @@ public class LdapCertificatePairPublisher
     /**
      * publish a certificatePair
      * -should not be called from listeners.
-     * 
+     *
      * @param conn the LDAP connection
      * @param dn dn of the entry to publish the XcertificatePair
      * @param pair the cross cert bytes
diff --git a/base/common/src/com/netscape/cms/publish/publishers/LdapCrlPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/LdapCrlPublisher.java
index 6826cc801..51bebe236 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/LdapCrlPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/LdapCrlPublisher.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.publish.ILdapPublisher;
 /**
  * For publishing master or global CRL.
  * Publishes (replaces) the CRL in the CA's LDAP entry.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapCrlPublisher implements ILdapPublisher, IExtendedPluginInfo {
diff --git a/base/common/src/com/netscape/cms/publish/publishers/LdapEncryptCertPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/LdapEncryptCertPublisher.java
index d2c488620..8dada61fb 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/LdapEncryptCertPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/LdapEncryptCertPublisher.java
@@ -52,7 +52,7 @@ import com.netscape.certsrv.publish.ILdapPublisher;
 
 /**
  * Interface for mapping a X509 certificate to a LDAP entry
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapEncryptCertPublisher implements ILdapPublisher, IExtendedPluginInfo {
@@ -125,7 +125,7 @@ public class LdapEncryptCertPublisher implements ILdapPublisher, IExtendedPlugin
      * publish a user certificate
      * Adds the cert to the multi-valued certificate attribute as a
      * DER encoded binary blob. Does not check if cert already exists.
-     * 
+     *
      * @param conn the LDAP connection
      * @param dn dn of the entry to publish the certificate
      * @param certObj the certificate object.
@@ -155,7 +155,7 @@ public class LdapEncryptCertPublisher implements ILdapPublisher, IExtendedPlugin
                 return;
             }
 
-            // publish 
+            // publish
             LDAPModification mod = new LDAPModification(LDAPModification.REPLACE, attr);
 
             conn.modify(dn, mod);
diff --git a/base/common/src/com/netscape/cms/publish/publishers/LdapUserCertPublisher.java b/base/common/src/com/netscape/cms/publish/publishers/LdapUserCertPublisher.java
index e31ce674c..020c25552 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/LdapUserCertPublisher.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/LdapUserCertPublisher.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.publish.ILdapPublisher;
 
 /**
  * Interface for mapping a X509 certificate to a LDAP entry
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LdapUserCertPublisher implements ILdapPublisher, IExtendedPluginInfo {
@@ -114,7 +114,7 @@ public class LdapUserCertPublisher implements ILdapPublisher, IExtendedPluginInf
      * publish a user certificate
      * Adds the cert to the multi-valued certificate attribute as a
      * DER encoded binary blob. Does not check if cert already exists.
-     * 
+     *
      * @param conn the LDAP connection
      * @param dn dn of the entry to publish the certificate
      * @param certObj the certificate object.
@@ -176,7 +176,7 @@ public class LdapUserCertPublisher implements ILdapPublisher, IExtendedPluginInf
                 return;
             }
 
-            // publish 
+            // publish
             LDAPModification mod = null;
             if (deleteCert) {
                 mod = new LDAPModification(LDAPModification.REPLACE,
diff --git a/base/common/src/com/netscape/cms/publish/publishers/PublisherUtils.java b/base/common/src/com/netscape/cms/publish/publishers/PublisherUtils.java
index af8d283dd..280a0ce97 100644
--- a/base/common/src/com/netscape/cms/publish/publishers/PublisherUtils.java
+++ b/base/common/src/com/netscape/cms/publish/publishers/PublisherUtils.java
@@ -30,7 +30,7 @@ import java.util.Vector;
 
 /**
  * Publisher utility class.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PublisherUtils {
@@ -105,7 +105,7 @@ public class PublisherUtils {
 
     /**
      * strips out double quotes around String parameter
-     * 
+     *
      * @param s the string potentially bracketed with double quotes
      * @return string stripped of surrounding double quotes
      */
diff --git a/base/common/src/com/netscape/cms/request/RequestScheduler.java b/base/common/src/com/netscape/cms/request/RequestScheduler.java
index e0ebaefc4..073bdcce4 100644
--- a/base/common/src/com/netscape/cms/request/RequestScheduler.java
+++ b/base/common/src/com/netscape/cms/request/RequestScheduler.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.request.IRequestScheduler;
  * the threads based on the request processing order.
  * The request that enters the request queue first should
  * be processed first.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RequestScheduler implements IRequestScheduler {
@@ -35,7 +35,7 @@ public class RequestScheduler implements IRequestScheduler {
 
     /**
      * Request entered the request queue processing.
-     * 
+     *
      * @param r request
      */
     public synchronized void requestIn(IRequest r) {
@@ -49,7 +49,7 @@ public class RequestScheduler implements IRequestScheduler {
 
     /**
      * Request exited the request queue processing.
-     * 
+     *
      * @param r request
      */
     public synchronized void requestOut(IRequest r) {
diff --git a/base/common/src/com/netscape/cms/selftests/ASelfTest.java b/base/common/src/com/netscape/cms/selftests/ASelfTest.java
index cdd86ccaf..6857f3c46 100644
--- a/base/common/src/com/netscape/cms/selftests/ASelfTest.java
+++ b/base/common/src/com/netscape/cms/selftests/ASelfTest.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.selftests.ISelfTestSubsystem;
 /**
  * This class implements an individual self test.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -79,7 +79,7 @@ public abstract class ASelfTest
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -136,7 +136,7 @@ public abstract class ASelfTest
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public abstract void startupSelfTest()
@@ -153,7 +153,7 @@ public abstract class ASelfTest
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -164,7 +164,7 @@ public abstract class ASelfTest
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -175,7 +175,7 @@ public abstract class ASelfTest
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -184,7 +184,7 @@ public abstract class ASelfTest
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/ca/CAPresence.java b/base/common/src/com/netscape/cms/selftests/ca/CAPresence.java
index c9c12bb42..83caa0099 100644
--- a/base/common/src/com/netscape/cms/selftests/ca/CAPresence.java
+++ b/base/common/src/com/netscape/cms/selftests/ca/CAPresence.java
@@ -49,7 +49,7 @@ import com.netscape.cms.selftests.ASelfTest;
 /**
  * This class implements a self test to check for CA presence.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -80,7 +80,7 @@ public class CAPresence
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -134,7 +134,7 @@ public class CAPresence
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -155,7 +155,7 @@ public class CAPresence
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -166,7 +166,7 @@ public class CAPresence
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -177,7 +177,7 @@ public class CAPresence
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -189,7 +189,7 @@ public class CAPresence
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/ca/CAValidity.java b/base/common/src/com/netscape/cms/selftests/ca/CAValidity.java
index 9325208f9..b1751ecb4 100644
--- a/base/common/src/com/netscape/cms/selftests/ca/CAValidity.java
+++ b/base/common/src/com/netscape/cms/selftests/ca/CAValidity.java
@@ -49,7 +49,7 @@ import com.netscape.cms.selftests.ASelfTest;
 /**
  * This class implements a self test to check the validity of the CA.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -80,7 +80,7 @@ public class CAValidity
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -134,7 +134,7 @@ public class CAValidity
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -155,7 +155,7 @@ public class CAValidity
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -166,7 +166,7 @@ public class CAValidity
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -177,7 +177,7 @@ public class CAValidity
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -189,7 +189,7 @@ public class CAValidity
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/common/SystemCertsVerification.java b/base/common/src/com/netscape/cms/selftests/common/SystemCertsVerification.java
index 57afffdf2..f5b0939f1 100644
--- a/base/common/src/com/netscape/cms/selftests/common/SystemCertsVerification.java
+++ b/base/common/src/com/netscape/cms/selftests/common/SystemCertsVerification.java
@@ -45,7 +45,7 @@ import com.netscape.cms.selftests.ASelfTest;
  * This class implements a self test to check the system certs
  * of the subsystem
  * 
    
- * 
+ *
  * @version $Revision: $, $Date: $
  */
 public class SystemCertsVerification
@@ -74,7 +74,7 @@ public class SystemCertsVerification
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -128,7 +128,7 @@ public class SystemCertsVerification
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -149,7 +149,7 @@ public class SystemCertsVerification
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -160,7 +160,7 @@ public class SystemCertsVerification
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -171,7 +171,7 @@ public class SystemCertsVerification
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -183,7 +183,7 @@ public class SystemCertsVerification
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/kra/KRAPresence.java b/base/common/src/com/netscape/cms/selftests/kra/KRAPresence.java
index 01f5609bf..7183db613 100644
--- a/base/common/src/com/netscape/cms/selftests/kra/KRAPresence.java
+++ b/base/common/src/com/netscape/cms/selftests/kra/KRAPresence.java
@@ -46,7 +46,7 @@ import com.netscape.cms.selftests.ASelfTest;
 /**
  * This class implements a self test to check for KRA presence.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -77,7 +77,7 @@ public class KRAPresence
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -131,7 +131,7 @@ public class KRAPresence
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -152,7 +152,7 @@ public class KRAPresence
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -163,7 +163,7 @@ public class KRAPresence
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -174,7 +174,7 @@ public class KRAPresence
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -186,7 +186,7 @@ public class KRAPresence
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java b/base/common/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java
index c862362a2..a3d9e3ad3 100644
--- a/base/common/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java
+++ b/base/common/src/com/netscape/cms/selftests/ocsp/OCSPPresence.java
@@ -50,7 +50,7 @@ import com.netscape.cms.selftests.ASelfTest;
 /**
  * This class implements a self test to check for OCSP presence.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -81,7 +81,7 @@ public class OCSPPresence
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -135,7 +135,7 @@ public class OCSPPresence
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -156,7 +156,7 @@ public class OCSPPresence
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -167,7 +167,7 @@ public class OCSPPresence
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -178,7 +178,7 @@ public class OCSPPresence
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -190,7 +190,7 @@ public class OCSPPresence
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java b/base/common/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java
index 478746827..383779d22 100644
--- a/base/common/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java
+++ b/base/common/src/com/netscape/cms/selftests/ocsp/OCSPValidity.java
@@ -50,7 +50,7 @@ import com.netscape.cms.selftests.ASelfTest;
 /**
  * This class implements a self test to check the validity of the OCSP.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -81,7 +81,7 @@ public class OCSPValidity
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -135,7 +135,7 @@ public class OCSPValidity
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -156,7 +156,7 @@ public class OCSPValidity
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -167,7 +167,7 @@ public class OCSPValidity
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -178,7 +178,7 @@ public class OCSPValidity
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -190,7 +190,7 @@ public class OCSPValidity
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/ra/RAPresence.java b/base/common/src/com/netscape/cms/selftests/ra/RAPresence.java
index 9790bf619..e279cf608 100644
--- a/base/common/src/com/netscape/cms/selftests/ra/RAPresence.java
+++ b/base/common/src/com/netscape/cms/selftests/ra/RAPresence.java
@@ -46,7 +46,7 @@ import com.netscape.cms.selftests.ASelfTest;
 /**
  * This class implements a self test to check for RA presence.
  * 
    
- * 
+ *
  * 
      * NOTE:  This self-test is for Registration Authorities prior to
  *        Netscape Certificate Management System 7.0.  It does NOT
@@ -55,7 +55,7 @@ import com.netscape.cms.selftests.ASelfTest;
  *        ALL versions of Dogtag Certificate System).
  * 
    
  * 
    
- * 
+ *
  * @deprecated
  * @author mharmsen
  * @author thomask
@@ -87,7 +87,7 @@ public class RAPresence
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -141,7 +141,7 @@ public class RAPresence
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -162,7 +162,7 @@ public class RAPresence
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -173,7 +173,7 @@ public class RAPresence
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -184,7 +184,7 @@ public class RAPresence
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -196,7 +196,7 @@ public class RAPresence
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java b/base/common/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java
index 69edeb24f..bee89a59c 100644
--- a/base/common/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java
+++ b/base/common/src/com/netscape/cms/selftests/tks/TKSKnownSessionKey.java
@@ -47,7 +47,7 @@ import com.netscape.symkey.SessionKey;
 /**
  * This class implements a self test to check for TKS known session key.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @author awnuk
@@ -72,7 +72,7 @@ public class TKSKnownSessionKey
      * Initializes this subsystem with the configuration store
      * associated with this instance name.
      * 
    
-     * 
+     *
      * @param subsystem the associated subsystem
      * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
@@ -216,7 +216,7 @@ public class TKSKnownSessionKey
     /**
      * Notifies this subsystem if it is in execution mode.
      * 
    
-     * 
+     *
      * @exception ESelfTestException failed to start
      */
     public void startupSelfTest()
@@ -237,7 +237,7 @@ public class TKSKnownSessionKey
      * Returns the name associated with this self test. This method may
      * return null if the self test has not been intialized.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -248,7 +248,7 @@ public class TKSKnownSessionKey
      * Returns the root configuration storage (self test parameters)
      * associated with this subsystem.
      * 
    
-     * 
+     *
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore() {
@@ -259,7 +259,7 @@ public class TKSKnownSessionKey
      * Retrieves description associated with an individual self test.
      * This method may return null.
      * 
    
-     * 
+     *
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -270,7 +270,7 @@ public class TKSKnownSessionKey
     /**
      * Execute an individual self test.
      * 
    
-     * 
+     *
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
diff --git a/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java
index 12575675c..7a08ce966 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem;
 
 /**
  * Manage Access Control List configuration
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ACLAdminServlet extends AdminServlet {
@@ -80,7 +80,7 @@ public class ACLAdminServlet extends AdminServlet {
      * 
  • "evaluatorTypes" ACL evaluators.
      * 
      * 
-     * 
+     *
      * @param config servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig config) throws ServletException {
@@ -97,7 +97,7 @@ public class ACLAdminServlet extends AdminServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param req the object holding the request information
      * @param resp the object holding the response information
      */
@@ -320,11 +320,11 @@ public class ACLAdminServlet extends AdminServlet {
     /**
      * modify acls information for a resource
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ACL used when configuring Access Control List (ACL) information
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -484,11 +484,11 @@ public class ACLAdminServlet extends AdminServlet {
     /**
      * add access evaluators
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ACL used when configuring Access Control List (ACL) information
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this ACL evaluator's
@@ -721,11 +721,11 @@ public class ACLAdminServlet extends AdminServlet {
     /**
      * remove access evaluators
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ACL used when configuring Access Control List (ACL) information
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this ACL evaluator's
@@ -876,7 +876,7 @@ public class ACLAdminServlet extends AdminServlet {
      */
 
     /*
-     private void getACLs(HttpServletRequest req, 
+     private void getACLs(HttpServletRequest req,
      HttpServletResponse resp) throws ServletException, IOException,
      EBaseException {
      NameValuePairs params = new NameValuePairs();
diff --git a/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java b/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java
index a36c859d9..19b537854 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java
@@ -21,7 +21,7 @@ import java.util.ListResourceBundle;
 
 /**
  * A class represents a resource bundle for the remote admin.
- * 
+ *
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
diff --git a/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java
index ce4c966ad..5e6e7889f 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java
@@ -62,27 +62,27 @@ import com.netscape.cmsutil.util.Utils;
  * A class represents an administration servlet that
  * is responsible to serve administrative
  * operation such as configuration parameter updates.
- * 
+ *
  * Since each administration servlet needs to perform
  * authentication information parsing and response
  * formulation, it makes sense to encapsulate the
  * commonalities into this class.
- * 
+ *
  * By extending this serlvet, the subclass does not
  * need to re-implement the request parsing code
  * (i.e. authentication information parsing).
- * 
+ *
  * If a subsystem needs to expose configuration
  * parameters management, it should create an
  * administration servlet (i.e. CAAdminServlet)
  * and register it to RemoteAdmin subsystem.
- * 
+ *
  * 
  * public class CAAdminServlet extends AdminServlet {
  *   ...
  * }
  * 
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AdminServlet extends HttpServlet {
@@ -214,7 +214,7 @@ public class AdminServlet extends HttpServlet {
         while (paramNames.hasMoreElements()) {
             String pn = paramNames.nextElement();
             // added this facility so that password can be hidden,
-            // all sensitive parameters should be prefixed with 
+            // all sensitive parameters should be prefixed with
             // __ (double underscores); however, in the event that
             // a security parameter slips through, we perform multiple
             // additional checks to insure that it is NOT displayed
@@ -280,13 +280,13 @@ public class AdminServlet extends HttpServlet {
      * Authenticates to the identity scope with the given
      * userid and password via identity manager.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only
      * webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
      * 
    
-     * 
+     *
      * @exception IOException an input/output error has occurred
      */
     protected void authenticate(HttpServletRequest req) throws
@@ -611,14 +611,14 @@ public class AdminServlet extends HttpServlet {
     /**
      * Authorize must occur after Authenticate
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one
      * accesses a role port)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @return the authorization token
      */
@@ -773,7 +773,7 @@ public class AdminServlet extends HttpServlet {
 
     /**
      * Sends response.
-     * 
+     *
      * @param returnCode return code
      * @param errorMsg localized error message
      * @param params result parameters
@@ -1007,11 +1007,11 @@ public class AdminServlet extends HttpServlet {
 
     /**
      * FileConfigStore functionality
-     * 
+     *
      * The original config file is moved to ..
      * Commits the current properties to the configuration file.
      * 
    
-     * 
+     *
      * @param createBackup true if a backup file should be created
      */
     protected void commit(boolean createBackup) throws EBaseException {
@@ -1027,11 +1027,11 @@ public class AdminServlet extends HttpServlet {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all extended admin servlets
      * and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
@@ -1051,12 +1051,12 @@ public class AdminServlet extends HttpServlet {
 
     /**
      * Signed Audit Log Subject ID
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to obtain the "SubjectID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message SubjectID
      */
     protected String auditSubjectID() {
@@ -1088,13 +1088,13 @@ public class AdminServlet extends HttpServlet {
 
     /**
      * Signed Audit Parameters
-     * 
+     *
      * This method is inherited by all extended admin servlets and
      * is called to extract parameters from the HttpServletRequest
      * and return a string of name;;value pairs separated by a '+'
      * if more than one name;;value pair exists.
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @return a delimited string of one or more delimited name/value pairs
      */
@@ -1213,11 +1213,11 @@ public class AdminServlet extends HttpServlet {
 
     /**
      * Signed Audit Groups
-     * 
+     *
      * This method is called to extract all "groups" associated
      * with the "auditSubjectID()".
      * 
    
-     * 
+     *
      * @param SubjectID string containing the signed audit log message SubjectID
      * @return a delimited string of groups associated
      *         with the "auditSubjectID()"
diff --git a/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java
index cacd0b5d0..6ccfcdca9 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java
@@ -49,8 +49,8 @@ import com.netscape.certsrv.logging.ILogger;
  * A class representing an administration servlet for the
  * Authentication Management subsystem. This servlet is responsible
  * to serve configuration requests for the Auths Management subsystem.
- * 
- * 
+ *
+ *
  * @version $Revision$, $Date$
  */
 public class AuthAdminServlet extends AdminServlet {
@@ -198,7 +198,7 @@ public class AuthAdminServlet extends AdminServlet {
                     null, resp);
             return;
         }
-        // for the rest					
+        // for the rest
         try {
             super.authenticate(req);
             if (op.equals(OpDef.OP_AUTH)) { // for admin authentication only
@@ -354,11 +354,11 @@ public class AuthAdminServlet extends AdminServlet {
     /**
      * Add authentication manager plug-in
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring authentication
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this authentication
@@ -611,11 +611,11 @@ public class AuthAdminServlet extends AdminServlet {
     /**
      * Add authentication manager instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring authentication
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this authentication
@@ -960,11 +960,11 @@ public class AuthAdminServlet extends AdminServlet {
     /**
      * Delete authentication manager plug-in
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring authentication
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this authentication
@@ -1132,11 +1132,11 @@ public class AuthAdminServlet extends AdminServlet {
     /**
      * Delete authentication manager instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring authentication
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this authentication
@@ -1203,7 +1203,7 @@ public class AuthAdminServlet extends AdminServlet {
 
             // only remove from memory
             // cannot shutdown because we don't keep track of whether it's
-            // being used. 
+            // being used.
             mAuths.getInstances().remove(id);
 
             // remove the configuration.
@@ -1382,11 +1382,11 @@ public class AuthAdminServlet extends AdminServlet {
      * The old instance is left running, so this is very expensive.
      * Restart of server recommended.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring authentication
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of this authentication
@@ -1469,7 +1469,7 @@ public class AuthAdminServlet extends AdminServlet {
                 return;
             }
 
-            // get plugin for implementation 
+            // get plugin for implementation
             AuthMgrPlugin plugin =
                     (AuthMgrPlugin) mAuths.getPlugins().get(implname);
 
@@ -1491,7 +1491,7 @@ public class AuthAdminServlet extends AdminServlet {
                 return;
             }
 
-            // save old instance substore params in case new one fails. 
+            // save old instance substore params in case new one fails.
 
             IAuthManager oldinst =
                     (IAuthManager) mAuths.get(id);
diff --git a/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java b/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java
index 69cfd9aaf..42c8da175 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.base.IArgBlock;
 /**
  * Authentication Credentials as input to the authMgr
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthCredentials implements IAuthCredentials {
@@ -36,7 +36,7 @@ public class AuthCredentials implements IAuthCredentials {
      */
     private static final long serialVersionUID = -6938644716486895814L;
     private Hashtable authCreds = null;
-    // Inserted by bskim 
+    // Inserted by bskim
     private IArgBlock argblk = null;
 
     // Insert end
@@ -47,7 +47,7 @@ public class AuthCredentials implements IAuthCredentials {
 
     /**
      * sets a credential with credential name and the credential
-     * 
+     *
      * @param name credential name
      * @param cred credential
      * @exception com.netscape.certsrv.base.EBaseException NullPointerException
@@ -63,7 +63,7 @@ public class AuthCredentials implements IAuthCredentials {
     /**
      * returns the credential to which the specified name is mapped in this
      * credential set
-     * 
+     *
      * @param name credential name
      * @return the named authentication credential
      */
@@ -75,7 +75,7 @@ public class AuthCredentials implements IAuthCredentials {
      * removes the name and its corresponding credential from this
      * credential set. This method does nothing if the named
      * credential is not in the credential set.
-     * 
+     *
      * @param name credential name
      */
     public void delete(String name) {
@@ -86,7 +86,7 @@ public class AuthCredentials implements IAuthCredentials {
      * returns an enumeration of the credential names in this credential
      * set. Use the Enumeration methods on the returned object to
      * fetch the elements sequentially.
-     * 
+     *
      * @return an enumeration of the names in this credential set
      * @see java.util.Enumeration
      */
diff --git a/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
index e7b32e844..27cd91c30 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java
@@ -48,7 +48,7 @@ import com.netscape.cmsutil.util.Utils;
  * Authority. This servlet is responsible to serve CA
  * administrative operations such as configuration parameter
  * updates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CAAdminServlet extends AdminServlet {
@@ -514,12 +514,12 @@ public class CAAdminServlet extends AdminServlet {
     /**
      * Add CRL issuing points configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
      * frequency, CRL format)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -670,12 +670,12 @@ public class CAAdminServlet extends AdminServlet {
     /**
      * Set CRL issuing points configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
      * frequency, CRL format)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -831,12 +831,12 @@ public class CAAdminServlet extends AdminServlet {
     /**
      * Delete CRL issuing points configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
      * frequency, CRL format)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -974,12 +974,12 @@ public class CAAdminServlet extends AdminServlet {
     /**
      * Delete CRL extensions configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
      * frequency, CRL format)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1193,12 +1193,12 @@ public class CAAdminServlet extends AdminServlet {
     /**
      * Set CRL configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions,
      * frequency, CRL format)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1472,11 +1472,11 @@ public class CAAdminServlet extends AdminServlet {
         String value = "false";
 
         /*
-         ISubsystem eeGateway = 
+         ISubsystem eeGateway =
          SubsystemRegistry.getInstance().get("eeGateway");
          if (eeGateway != null) {
          IConfigStore eeConfig = eeGateway.getConfigStore();
-         if (eeConfig != null) 
+         if (eeConfig != null)
          value = eeConfig.getString("enabled", "true");
          String ocspValue = "true";
          ocspValue = eeConfig.getString("enableOCSP", "true");
@@ -1529,7 +1529,7 @@ public class CAAdminServlet extends AdminServlet {
             IOException, EBaseException {
 
         /*
-         ISubsystem eeGateway = 
+         ISubsystem eeGateway =
          SubsystemRegistry.getInstance().get("eeGateway");
          */
 
@@ -1547,7 +1547,7 @@ public class CAAdminServlet extends AdminServlet {
                 /*
                  if (eeConfig != null) {
                  if (((EEGateway)eeGateway).isEnabled() &&
-                 value.equals("false") || 
+                 value.equals("false") ||
                  !((EEGateway)eeGateway).isEnabled() &&
                  value.equals("true")) {
                  restart=true;;
diff --git a/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
index 3a2ae0a11..5aa422730 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
@@ -85,7 +85,7 @@ import com.netscape.symkey.SessionKey;
  * servlet is responsible to serve Certificate Server
  * level administrative operations such as configuration
  * parameter updates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public final class CMSAdminServlet extends AdminServlet {
@@ -505,12 +505,12 @@ public final class CMSAdminServlet extends AdminServlet {
     /**
      * Modify encryption configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION used when configuring encryption (cert settings and SSL
      * cipher preferences)
      * 
    
-     * 
+     *
      * @exception ServletException a servlet error has occurred
      * @exception IOException an input/output error has occurred
      * @exception EBaseException failed to modify encryption configuration
@@ -935,7 +935,7 @@ public final class CMSAdminServlet extends AdminServlet {
                         }
                     }
                 }
-                // String symKeys = new String("key1,key2"); 
+                // String symKeys = new String("key1,key2");
                 String symKeys = SessionKey.ListSymmetricKeys(selectedToken);
                 params.put(Constants.PR_TOKEN_LIST, symKeys);
 
@@ -1072,11 +1072,11 @@ public final class CMSAdminServlet extends AdminServlet {
     /**
      * Retrieve a certificate request
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC used when asymmetric keys are generated
      * 
    
-     * 
+     *
      * @exception ServletException a servlet error has occurred
      * @exception IOException an input/output error has occurred
      * @exception EBaseException failed to retrieve certificate request
@@ -1444,12 +1444,12 @@ public final class CMSAdminServlet extends AdminServlet {
     /**
      * Issue import certificate
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to
      * import CA certs into the certificate database
      * 
    
-     * 
+     *
      * @exception ServletException a servlet error has occurred
      * @exception IOException an input/output error has occurred
      * @exception EBaseException failed to issue an import certificate
@@ -1860,12 +1860,12 @@ public final class CMSAdminServlet extends AdminServlet {
     /**
      * Install certificates
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to
      * import CA certs into the certificate database
      * 
    
-     * 
+     *
      * @exception ServletException a servlet error has occurred
      * @exception IOException an input/output error has occurred
      * @exception EBaseException failed to install a certificate
@@ -2018,15 +2018,15 @@ public final class CMSAdminServlet extends AdminServlet {
             // 600124 - renewal of SSL crash the server
             // we now do not delete previously installed certificates.
 
-            // Same Subject   | Same Nickname |  Same Key  |     Legal 
-            // ----------------------------------------------------------- 
-            // 1.   Yes             Yes            No              Yes 
-            // 2.   Yes             Yes            Yes             Yes 
-            // 3.   No              No             Yes             Yes 
-            // 4.   No              No             No              Yes 
-            // 5.   No              Yes            Yes             No 
-            // 6.   No              Yes            No              No 
-            // 7.   Yes             No             Yes             No 
+            // Same Subject   | Same Nickname |  Same Key  |     Legal
+            // -----------------------------------------------------------
+            // 1.   Yes             Yes            No              Yes
+            // 2.   Yes             Yes            Yes             Yes
+            // 3.   No              No             Yes             Yes
+            // 4.   No              No             No              Yes
+            // 5.   No              Yes            Yes             No
+            // 6.   No              Yes            No              No
+            // 7.   Yes             No             Yes             No
             // 8.   Yes             No             No              No
 
             // Based on above table, the following cases are permitted:
@@ -2280,12 +2280,12 @@ public final class CMSAdminServlet extends AdminServlet {
      * For "importing" cross-signed cert into internal db for further
      * cross pair matching and publishing
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to
      * import a CA cross-signed certificate into the database
      * 
    
-     * 
+     *
      * @exception ServletException a servlet error has occurred
      * @exception IOException an input/output error has occurred
      * @exception EBaseException failed to import a cross-certificate pair
@@ -2809,7 +2809,7 @@ public final class CMSAdminServlet extends AdminServlet {
 
             nickname = value.substring(0, index);
             date = value.substring(index + 1);
-            // cant use this one now since jss doesnt have the interface to 
+            // cant use this one now since jss doesnt have the interface to
             // do it.
             jssSubSystem.deleteCert(nickname, date);
             //            jssSubsystem.deleteCACert(nickname, date);
@@ -2997,12 +2997,12 @@ public final class CMSAdminServlet extends AdminServlet {
     /**
      * Establish trust of a CA certificate
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Manage Certificate" is used to edit
      * the trustness of certs and deletion of certs
      * 
    
-     * 
+     *
      * @exception ServletException a servlet error has occurred
      * @exception IOException an input/output error has occurred
      * @exception EBaseException failed to establish CA certificate trust
@@ -3092,11 +3092,11 @@ public final class CMSAdminServlet extends AdminServlet {
     /**
      * Execute all self tests specified to be run on demand.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION used when self tests are run on demand
      * 
    
-     * 
+     *
      * @exception EMissingSelfTestException a self test plugin instance
      *                property name was missing
      * @exception ESelfTestException a self test is missing a required
@@ -3394,11 +3394,11 @@ public final class CMSAdminServlet extends AdminServlet {
 
     /**
      * Signed Audit Log Public Key
-     * 
+     *
      * This method is called to obtain the public key from the passed in
      * "KeyPair" object for a signed audit log message.
      * 
    
-     * 
+     *
      * @param object a Key Pair Object
      * @return key string containing the public key
      */
diff --git a/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java
index 42ff32ebe..a89933c69 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * A class representing an administration servlet for the
  * Jobs Scheduler and it's scheduled jobs.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class JobsAdminServlet extends AdminServlet {
@@ -639,7 +639,7 @@ public class JobsAdminServlet extends AdminServlet {
 
         // only remove from memory
         // cannot shutdown because we don't keep track of whether it's
-        // being used. 
+        // being used.
         mJobsSched.getInstances().remove(id);
 
         // remove the configuration.
@@ -791,7 +791,7 @@ public class JobsAdminServlet extends AdminServlet {
             return;
         }
 
-        // get plugin for implementation 
+        // get plugin for implementation
         JobPlugin plugin =
                 (JobPlugin) mJobsSched.getPlugins().get(implname);
 
@@ -803,7 +803,7 @@ public class JobsAdminServlet extends AdminServlet {
             return;
         }
 
-        // save old instance substore params in case new one fails. 
+        // save old instance substore params in case new one fails.
 
         IJob oldinst =
                 (IJob) mJobsSched.getInstances().get((Object) id);
diff --git a/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java
index eaa5a95c4..c6e6f9e1c 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java
@@ -39,7 +39,7 @@ import com.netscape.certsrv.logging.ILogger;
  * Recovery Authority. This servlet is responsible to serve
  * KRA administrative operation such as configuration
  * parameter updates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KRAAdminServlet extends AdminServlet {
@@ -71,7 +71,7 @@ public class KRAAdminServlet extends AdminServlet {
 
     /**
      * Returns serlvet information.
-     * 
+     *
      * @return name of this servlet
      */
     public String getServletInfo() {
@@ -80,7 +80,7 @@ public class KRAAdminServlet extends AdminServlet {
 
     /**
      * Serves HTTP admin request.
-     * 
+     *
      * @param req HTTP request
      * @param resp HTTP response
      */
@@ -153,7 +153,7 @@ public class KRAAdminServlet extends AdminServlet {
                 } else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) {
                     setNotificationRIQConfig(req, resp);
                     return;
-                } else 
+                } else
                 */
                 if (scope.equals(ScopeDef.SC_GENERAL)) {
                     setGeneralConfig(req, resp);
diff --git a/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
index 1b32018bc..fb73cec98 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java
@@ -49,7 +49,7 @@ import com.netscape.certsrv.logging.LogPlugin;
  * subsystem. This servlet is responsible to serve
  * logging administrative operation such as configuration
  * parameter updates and log retriever.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class LogAdminServlet extends AdminServlet {
@@ -407,11 +407,11 @@ public class LogAdminServlet extends AdminServlet {
     /**
      * Add log plug-in
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of the log's substore
@@ -680,11 +680,11 @@ public class LogAdminServlet extends AdminServlet {
     /**
      * Add log instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of the log's substore
@@ -1072,11 +1072,11 @@ public class LogAdminServlet extends AdminServlet {
     /**
      * Delete log instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of the log's substore
@@ -1146,7 +1146,7 @@ public class LogAdminServlet extends AdminServlet {
 
             // only remove from memory
             // cannot shutdown because we don't keep track of whether it's
-            // being used. 
+            // being used.
             mSys.getLogInsts().remove(id);
 
             // remove the configuration.
@@ -1234,11 +1234,11 @@ public class LogAdminServlet extends AdminServlet {
     /**
      * Delete log plug-in
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of the log's substore
@@ -1415,7 +1415,7 @@ public class LogAdminServlet extends AdminServlet {
     /**
      * Modify log instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE used when log file name (including any path changes) for
@@ -1424,7 +1424,7 @@ public class LogAdminServlet extends AdminServlet {
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE used when log expiration time change is attempted
      * (authorization should not allow, but make sure it's written after the attempt)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @param scope string used to obtain the contents of the log's substore
@@ -1716,7 +1716,7 @@ public class LogAdminServlet extends AdminServlet {
                                                     newExpirationTime = val;
                                                     if (!val.equals(origVal.trim())) {
                                                         if (id.equals(SIGNED_AUDIT_LOG_TYPE)) {
-                                                            AUTHZ_RES_NAME = 
+                                                            AUTHZ_RES_NAME =
                                                                     "certServer.log.configuration.signedAudit.expirationTime";
                                                         }
                                                         mOp = "modify";
@@ -2284,10 +2284,10 @@ public class LogAdminServlet extends AdminServlet {
 
     /**
      * Signed Audit Check Log Path
-     * 
+     *
      * This method is called to extract the log file path.
      * 
    
-     * 
+     *
      * @param req http servlet request
      * @return a string containing the log file path
      */
diff --git a/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
index 0e6784413..4149fae94 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.ocsp.IOCSPStore;
  * Authority. This servlet is responsible to serve OCSP
  * administrative operations such as configuration parameter
  * updates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class OCSPAdminServlet extends AdminServlet {
@@ -227,12 +227,12 @@ public class OCSPAdminServlet extends AdminServlet {
     /**
      * Set default OCSP store
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under
      * Online Certificate Status Manager)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -317,12 +317,12 @@ public class OCSPAdminServlet extends AdminServlet {
     /**
      * Set OCSP store configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under
      * Online Certificate Status Manager)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -467,12 +467,12 @@ public class OCSPAdminServlet extends AdminServlet {
     /**
      * Set general OCSP configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under
      * Online Certificate Status Manager)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
diff --git a/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java
index 0bcb962ea..c1da868c8 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java
@@ -45,11 +45,11 @@ import com.netscape.certsrv.ra.IRegistrationAuthority;
 
 /**
  * This class is an administration servlet for policy management.
- * 
+ *
  * Each service (CA, KRA, RA) should be responsible
  * for registering an instance of this with the remote
  * administration subsystem.
- * 
+ *
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -114,14 +114,14 @@ public class PolicyAdminServlet extends AdminServlet {
         // NOTE:  The "Certificate Policies" framework ONLY applied to
         //        to CA, KRA, and legacy RA (pre-CMS 7.0) subsystems.
         //
-        //        Further, the "PolicyAdminServlet.java" servlet is ONLY used 
+        //        Further, the "PolicyAdminServlet.java" servlet is ONLY used
         //        by the CA Console for the following:
         //
         //            SERVLET-NAME           URL-PATTERN
         //            ====================================================
         //            capolicy               ca/capolicy
         //
-        //        Finally, the "PolicyAdminServlet.java" servlet is ONLY used 
+        //        Finally, the "PolicyAdminServlet.java" servlet is ONLY used
         //        by the KRA Console for the following:
         //
         //            SERVLET-NAME           URL-PATTERN
@@ -480,12 +480,12 @@ public class PolicyAdminServlet extends AdminServlet {
     /**
      * Delete policy implementation
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
      * extensions
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -602,12 +602,12 @@ public class PolicyAdminServlet extends AdminServlet {
     /**
      * Add policy implementation
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
      * extensions
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -709,12 +709,12 @@ public class PolicyAdminServlet extends AdminServlet {
     /**
      * Delete policy instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
      * extensions
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -849,12 +849,12 @@ public class PolicyAdminServlet extends AdminServlet {
     /**
      * Add policy instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
      * extensions
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1006,12 +1006,12 @@ public class PolicyAdminServlet extends AdminServlet {
     /**
      * Change ordering of policy instances
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
      * extensions
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1097,12 +1097,12 @@ public class PolicyAdminServlet extends AdminServlet {
     /**
      * Modify policy instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and
      * extensions
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1182,7 +1182,7 @@ public class PolicyAdminServlet extends AdminServlet {
                 sendResponse(ERROR, INVALID_POLICY_IMPL_ID, null, resp);
                 return;
             }
-            // XXX 
+            // XXX
             for (@SuppressWarnings("unchecked")
             Enumeration n = req.getParameterNames(); n.hasMoreElements();) {
                 String p = n.nextElement();
diff --git a/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
index 94235f532..3ca222135 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
@@ -54,11 +54,11 @@ import com.netscape.cms.profile.common.ProfilePolicy;
 
 /**
  * This class is an administration servlet for policy management.
- * 
+ *
  * Each service (CA, KRA, RA) should be responsible
  * for registering an instance of this with the remote
  * administration subsystem.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileAdminServlet extends AdminServlet {
@@ -396,12 +396,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Add policy profile
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -539,12 +539,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Add profile input
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -665,12 +665,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Add profile output
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -792,12 +792,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Delete policy profile
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -913,12 +913,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Delete profile input
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1031,12 +1031,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Delete profile output
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1149,12 +1149,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Add default policy profile configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1286,12 +1286,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Add policy constraints profile configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1425,12 +1425,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Modify default policy profile configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1557,12 +1557,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Modify profile input configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1677,12 +1677,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Modify profile output configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1798,12 +1798,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Modify policy constraints profile configuration
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -2272,12 +2272,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Delete profile instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -2410,12 +2410,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Add profile instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -2573,12 +2573,12 @@ public class ProfileAdminServlet extends AdminServlet {
     /**
      * Modify profile instance
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
      * and cert profile; obsoletes extensions and constraints policies)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
diff --git a/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java
index 483ac42ef..8daadbce0 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java
@@ -71,7 +71,7 @@ import com.netscape.cmsutil.password.IPasswordStore;
  * A class representing an publishing servlet for the
  * Publishing subsystem. This servlet is responsible
  * to serve configuration requests for the Publishing subsystem.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PublisherAdminServlet extends AdminServlet {
@@ -138,7 +138,7 @@ public class PublisherAdminServlet extends AdminServlet {
             return;
         }
 
-        // for the rest					
+        // for the rest
         try {
             super.authenticate(req);
 
@@ -571,7 +571,7 @@ public class PublisherAdminServlet extends AdminServlet {
 
         commit(true);
 
-        /* Do a "PUT" of the new pw to the watchdog" 
+        /* Do a "PUT" of the new pw to the watchdog"
          ** do not remove - cfu
         if (pwd != null)
             CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd);
@@ -921,7 +921,7 @@ public class PublisherAdminServlet extends AdminServlet {
                             CMS.debug("PublisherAdminServlet: testSetLDAPDest(): authInfo null");
             */
         }
-        //params.add(Constants.PR_SAVE_OK, 
+        //params.add(Constants.PR_SAVE_OK,
         //		   "\n \nConfiguration changes are now committed.");
 
         mProcessor.shutdown();
@@ -1322,7 +1322,7 @@ public class PublisherAdminServlet extends AdminServlet {
 
         // only remove from memory
         // cannot shutdown because we don't keep track of whether it's
-        // being used. 
+        // being used.
         mProcessor.getMapperInsts().remove(id);
 
         // remove the configuration.
@@ -2014,7 +2014,7 @@ public class PublisherAdminServlet extends AdminServlet {
 
         // only remove from memory
         // cannot shutdown because we don't keep track of whether it's
-        // being used. 
+        // being used.
         mProcessor.getRuleInsts().remove(id);
 
         // remove the configuration.
@@ -2140,7 +2140,7 @@ public class PublisherAdminServlet extends AdminServlet {
             return;
         }
 
-        // get plugin for implementation 
+        // get plugin for implementation
         RulePlugin plugin =
                 (RulePlugin) mProcessor.getRulePlugins().get(implname);
 
@@ -2152,7 +2152,7 @@ public class PublisherAdminServlet extends AdminServlet {
             return;
         }
 
-        // save old instance substore params in case new one fails. 
+        // save old instance substore params in case new one fails.
 
         ILdapRule oldinst =
                 (ILdapRule) mProcessor.getRuleInsts().get((Object) id);
@@ -2666,7 +2666,7 @@ public class PublisherAdminServlet extends AdminServlet {
 
         // only remove from memory
         // cannot shutdown because we don't keep track of whether it's
-        // being used. 
+        // being used.
         mProcessor.getPublisherInsts().remove(id);
 
         // remove the configuration.
@@ -2818,7 +2818,7 @@ public class PublisherAdminServlet extends AdminServlet {
             return;
         }
 
-        // get plugin for implementation 
+        // get plugin for implementation
         PublisherPlugin plugin =
                 (PublisherPlugin) mProcessor.getPublisherPlugins().get(implname);
 
@@ -2831,7 +2831,7 @@ public class PublisherAdminServlet extends AdminServlet {
             return;
         }
 
-        // save old instance substore params in case new one fails. 
+        // save old instance substore params in case new one fails.
 
         ILdapPublisher oldinst = mProcessor.getPublisherInstance(id);
         Vector oldConfigParms = oldinst.getInstanceParams();
diff --git a/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java
index 5bdb14177..b2e271236 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java
@@ -40,7 +40,7 @@ import com.netscape.certsrv.request.IRequestListener;
  * Authority. This servlet is responsible to serve RA
  * administrative operations such as configuration parameter
  * updates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RAAdminServlet extends AdminServlet {
@@ -571,10 +571,10 @@ public class RAAdminServlet extends AdminServlet {
          while (enum.hasMoreElements()) {
          String key = (String)enum.nextElement();
          if (key.equals(Constants.PR_EE_ENABLED)) {
-         if (eeConfig != null) 
+         if (eeConfig != null)
          eeConfig.putString("enabled",
          req.getParameter(Constants.PR_EE_ENABLED));
-         } 
+         }
          }
 
          */
diff --git a/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java
index 4bebe85d3..4f5afbb20 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java
@@ -40,7 +40,7 @@ import com.netscape.certsrv.registry.IPluginRegistry;
 
 /**
  * This implements the administration servlet for registry subsystem.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RegistryAdminServlet extends AdminServlet {
diff --git a/base/common/src/com/netscape/cms/servlet/admin/SystemCertificateResourceService.java b/base/common/src/com/netscape/cms/servlet/admin/SystemCertificateResourceService.java
index 4dccb141f..72106a903 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/SystemCertificateResourceService.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/SystemCertificateResourceService.java
@@ -31,9 +31,9 @@ import com.netscape.cms.servlet.cert.model.CertificateData;
 
 /**
  * This is the class used to list, retrieve and modify system certificates for all Java subsystems.
- * 
+ *
  * @author alee
- * 
+ *
  */
 public class SystemCertificateResourceService extends CMSResourceService implements SystemCertificateResource {
 
diff --git a/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
index e5a6dd3c4..90dc92221 100644
--- a/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
@@ -63,10 +63,10 @@ import com.netscape.cmsutil.util.Utils;
  * User/Group Manager. It communicates with client
  * SDK to allow remote administration of User/Group
  * manager.
- * 
+ *
  * This servlet will be registered to remote
  * administration subsystem by usrgrp manager.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UsrGrpAdminServlet extends AdminServlet {
@@ -167,11 +167,11 @@ public class UsrGrpAdminServlet extends AdminServlet {
 
          log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS"));
 
-         sendResponse(ERROR, 
+         sendResponse(ERROR,
          MessageFormatter.getLocalizedString(
          getLocale(req),
          AdminResources.class.getName(),
-         AdminResources.SRVLT_FAIL_AUTHS), 
+         AdminResources.SRVLT_FAIL_AUTHS),
          null, resp);
          return;
          }
@@ -333,7 +333,7 @@ public class UsrGrpAdminServlet extends AdminServlet {
 
     /**
      * Searches for users in LDAP directory. List uids only
-     * 
+     *
      * Request/Response Syntax:
      * http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
@@ -381,7 +381,7 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * List user information. Certificates covered in a separate
      * protocol for findUserCerts(). List of group memberships are
      * also provided.
-     * 
+     *
      * Request/Response Syntax:
      * http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
@@ -462,7 +462,7 @@ public class UsrGrpAdminServlet extends AdminServlet {
 
     /**
      * List user certificate(s)
-     * 
+     *
      * Request/Response Syntax:
      * http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
@@ -542,7 +542,7 @@ public class UsrGrpAdminServlet extends AdminServlet {
 
     /**
      * Searchess for groups in LDAP server
-     * 
+     *
      * Request/Response Syntax:
      * http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#group
@@ -648,16 +648,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * Adds a new user to LDAP server
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -973,16 +973,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * Adds a certificate to a user
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1327,19 +1327,19 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * Removes a certificate for a user
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
      * 
    
-     * 
+     *
      * In this method, "certDN" is actually a combination of version, serialNumber, issuerDN, and SubjectDN.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1473,16 +1473,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
      * any group he/she belongs to before trying to remove the user
      * itself.
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1643,16 +1643,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * Adds a new group in local scope.
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#group
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1783,16 +1783,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * removes a group
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#group
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -1886,18 +1886,18 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * modifies a group
      * 
    
-     * 
+     *
      * last person of the super power group "Certificate Server Administrators" can never be removed.
      * 
    
-     * 
+     *
      * http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#group
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
@@ -2126,16 +2126,16 @@ public class UsrGrpAdminServlet extends AdminServlet {
     /**
      * Modifies an existing user in local scope.
      * 
    
-     * 
+     *
      * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/
      * ui/admin-protocol-definition.html#user-admin
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under
      * users/groups)
      * 
    
-     * 
+     *
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
      * @exception ServletException a servlet error has occurred
diff --git a/base/common/src/com/netscape/cms/servlet/base/CMSResourceService.java b/base/common/src/com/netscape/cms/servlet/base/CMSResourceService.java
index 24c3cd74d..36f33b6f8 100644
--- a/base/common/src/com/netscape/cms/servlet/base/CMSResourceService.java
+++ b/base/common/src/com/netscape/cms/servlet/base/CMSResourceService.java
@@ -32,9 +32,9 @@ import com.netscape.cms.servlet.cert.model.CertificateData;
 
 /**
  * Base class for CMS RESTful resources
- * 
+ *
  * @author alee
- * 
+ *
  */
 public class CMSResourceService {
 
diff --git a/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
index c0931ee2f..f1de3ce4a 100644
--- a/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
@@ -101,7 +101,7 @@ import com.netscape.cmsutil.xml.XMLObject;
 
 /**
  * This is the base class of all CS servlet.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public abstract class CMSServlet extends HttpServlet {
@@ -132,7 +132,7 @@ public abstract class CMSServlet extends HttpServlet {
     private final static String FAILED = "1";
     private final static String HDR_LANG = "accept-language";
 
-    // final error message - if error and exception templates don't work 
+    // final error message - if error and exception templates don't work
     // send out this text string directly to output.
 
     public final static String PROP_FINAL_ERROR_MSG = "finalErrorMsg";
@@ -206,7 +206,7 @@ public abstract class CMSServlet extends HttpServlet {
     public static final String CERT_ATTR =
             "javax.servlet.request.X509Certificate";
 
-    // members. 
+    // members.
 
     protected boolean mRenderResult = true;
     protected String mFinalErrorMsg = FINAL_ERROR_MSG;
@@ -222,7 +222,7 @@ public abstract class CMSServlet extends HttpServlet {
     protected String mId = null;
     protected IConfigStore mConfig = null;
 
-    // the authority, RA, CA, KRA this servlet is serving. 
+    // the authority, RA, CA, KRA this servlet is serving.
     protected IAuthority mAuthority = null;
     protected IRequestQueue mRequestQueue = null;
 
@@ -317,7 +317,7 @@ public abstract class CMSServlet extends HttpServlet {
         }
 
         try {
-            // get final error message. 
+            // get final error message.
             // used when templates can't even be loaded.
             String eMsg =
                     sc.getInitParameter(PROP_FINAL_ERROR_MSG);
@@ -350,12 +350,12 @@ public abstract class CMSServlet extends HttpServlet {
                 }
             }
 
-            // get http params NOT to store in a IRequest and  
-            // get http headers TO store in a IRequest. 
+            // get http params NOT to store in a IRequest and
+            // get http headers TO store in a IRequest.
             getDontSaveHttpParams(sc);
             getSaveHttpHeaders(sc);
         } catch (Exception e) {
-            // should never occur since we provide defaults above. 
+            // should never occur since we provide defaults above.
             log(ILogger.LL_FAILURE,
                     CMS.getLogMessage("CMSGW_ERR_CONF_TEMP_PARAMS",
                             e.toString()));
@@ -393,7 +393,7 @@ public abstract class CMSServlet extends HttpServlet {
         while (paramNames.hasMoreElements()) {
             String pn = (String) paramNames.nextElement();
             // added this facility so that password can be hidden,
-            // all sensitive parameters should be prefixed with 
+            // all sensitive parameters should be prefixed with
             // __ (double underscores); however, in the event that
             // a security parameter slips through, we perform multiple
             // additional checks to insure that it is NOT displayed
@@ -447,10 +447,10 @@ public abstract class CMSServlet extends HttpServlet {
         }
         CMS.debug("CMSServlet: " + mId + " start to service.");
 
-        // get a cms request 
+        // get a cms request
         CMSRequest cmsRequest = newCMSRequest();
 
-        // set argblock 
+        // set argblock
         cmsRequest.setHttpParams(CMS.createArgBlock("http-request-params", toHashtable(httpReq)));
 
         // set http request
@@ -522,7 +522,7 @@ public abstract class CMSServlet extends HttpServlet {
     /**
      * Create a new CMSRequest object. This should be overriden by servlets
      * implementing different types of request
-     * 
+     *
      * @return a new CMSRequest object
      */
     protected CMSRequest newCMSRequest() {
@@ -532,7 +532,7 @@ public abstract class CMSServlet extends HttpServlet {
     /**
      * process an HTTP request. Servlets must override this with their
      * own implementation
-     * 
+     *
      * @throws EBaseException if the servlet was unable to satisfactorily
      *             process the request
      */
@@ -544,7 +544,7 @@ public abstract class CMSServlet extends HttpServlet {
      * Output a template.
      * If an error occurs while outputing the template the exception template
      * is used to display the error.
-     * 
+     *
      * @param cmsReq the CS request
      */
     protected void renderResult(CMSRequest cmsReq)
@@ -688,7 +688,7 @@ public abstract class CMSServlet extends HttpServlet {
      * In others if an exception occurs while rendering the template the
      * exception template (this) is called.
      * 
    
-     * 
+     *
      * @param cmsReq the CS request to pass to template filler if any.
      * @param e the unexpected exception
      */
@@ -705,8 +705,8 @@ public abstract class CMSServlet extends HttpServlet {
 
             // When an exception occurs the exit is non-local which probably
             // will leave the requestStatus value set to something other
-            // than CMSRequest.EXCEPTION, so force the requestStatus to 
-            // EXCEPTION since it must be that if we're here. 
+            // than CMSRequest.EXCEPTION, so force the requestStatus to
+            // EXCEPTION since it must be that if we're here.
             cmsReq.setStatus(CMSRequest.EXCEPTION);
 
             if (filler != null) {
@@ -743,14 +743,14 @@ public abstract class CMSServlet extends HttpServlet {
 
     public void renderFinalError(CMSRequest cmsReq, Exception ex)
             throws IOException {
-        // this template is the last resort for all other unexpected 
-        // errors in other templates so we can only output text. 
+        // this template is the last resort for all other unexpected
+        // errors in other templates so we can only output text.
         HttpServletResponse httpResp = cmsReq.getHttpResp();
 
         httpResp.setContentType("text/html");
         ServletOutputStream out = httpResp.getOutputStream();
 
-        // replace $ERRORMSG with exception message if included. 
+        // replace $ERRORMSG with exception message if included.
         String finalErrMsg = mFinalErrorMsg;
         int tokenIdx = mFinalErrorMsg.indexOf(ERROR_MSG_TOKEN);
 
@@ -772,10 +772,10 @@ public abstract class CMSServlet extends HttpServlet {
 
         /*
          try {
-         s = (SSLSocket) ((HTTPRequest) httpReq).getConnection().getSocket(); 
+         s = (SSLSocket) ((HTTPRequest) httpReq).getConnection().getSocket();
          } catch (ClassCastException e) {
          CMS.getLogger().log(
-         ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_WARN, 
+         ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_WARN,
          CMS.getLogMessage("CMSGW_SSL_NO_INVALIDATE"));
          // ignore.
          return;
@@ -831,7 +831,7 @@ public abstract class CMSServlet extends HttpServlet {
         mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_INFO,
                 CMS.getLogMessage("CMSGW_GETTING_SSL_CLIENT_CERT"));
 
-        // iws60 support Java Servlet Spec V2.2, attribute 
+        // iws60 support Java Servlet Spec V2.2, attribute
         // javax.servlet.request.X509Certificate now contains array
         // of X509Certificates instead of one X509Certificate object
         X509Certificate[] allCerts = (X509Certificate[]) httpReq.getAttribute(CERT_ATTR);
@@ -1125,7 +1125,7 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * instantiate a new filler from a class name,
-     * 
+     *
      * @return null if can't be instantiated, new instance otherwise.
      */
     protected ICMSTemplateFiller newFillerObject(String fillerClass) {
@@ -1153,12 +1153,12 @@ public abstract class CMSServlet extends HttpServlet {
      */
     protected void setDefaultTemplates(ServletConfig sc) {
         // Subclasses should override these for diff templates and params in
-        // their constructors. 
-        // Set a template name to null to not use these standard ones. 
-        // When template name is set to null nothing will be displayed. 
+        // their constructors.
+        // Set a template name to null to not use these standard ones.
+        // When template name is set to null nothing will be displayed.
         // Servlet is assumed to have rendered its own output.
-        // The only exception is the unexpected error template where the 
-        // default one will always be used if template name is null. 
+        // The only exception is the unexpected error template where the
+        // default one will always be used if template name is null.
         String successTemplate = null;
         String errorTemplate = null;
         String unauthorizedTemplate = null;
@@ -1237,7 +1237,7 @@ public abstract class CMSServlet extends HttpServlet {
                     unexpectedErrorTemplate = "/" + gateway + unexpectedErrorTemplate;
             }
         } catch (Exception e) {
-            // this should never happen. 
+            // this should never happen.
             log(ILogger.LL_FAILURE,
                     CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(),
                             mId));
@@ -1319,7 +1319,7 @@ public abstract class CMSServlet extends HttpServlet {
     private static final String IMPORT_CERT = "importCert";
     private static final String IMPORT_CHAIN = "importCAChain";
     private static final String IMPORT_CERT_MIME_TYPE = "importCertMimeType";
-    // default mime type 
+    // default mime type
     private static final String NS_X509_USER_CERT = "application/x-x509-user-cert";
     private static final String NS_X509_EMAIL_CERT = "application/x-x509-email-cert";
 
@@ -1391,7 +1391,7 @@ public abstract class CMSServlet extends HttpServlet {
                 caChain = ((ICertAuthority) mAuthority).getCACertChain();
                 caCerts = caChain.getChain();
 
-                // set user + CA cert chain in pkcs7 
+                // set user + CA cert chain in pkcs7
                 X509CertImpl[] userChain =
                         new X509CertImpl[caCerts.length + 1];
 
@@ -1511,7 +1511,7 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * make a CRL entry from a serial number and revocation reason.
-     * 
+     *
      * @return a RevokedCertImpl that can be entered in a CRL.
      */
     protected RevokedCertImpl formCRLEntry(
@@ -1536,7 +1536,7 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * check if a certificate (serial number) is revoked on a CA.
-     * 
+     *
      * @return true if cert is marked revoked in the CA's database.
      * @return false if cert is not marked revoked.
      */
@@ -1676,13 +1676,13 @@ public abstract class CMSServlet extends HttpServlet {
     /**
      * Authentication
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only
      * webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
      * 
    
-     * 
+     *
      * @exception EBaseException an error has occurred
      */
     public IAuthToken authenticate(HttpServletRequest httpReq, String authMgrName)
@@ -1724,7 +1724,7 @@ public abstract class CMSServlet extends HttpServlet {
 
             //
             // check authentication by auth manager if any.
-            // 
+            //
             if (authMgrName == null) {
 
                 // Fixed Blackflag Bug #613900:  Since this code block does
@@ -1873,14 +1873,14 @@ public abstract class CMSServlet extends HttpServlet {
     /**
      * Authorize must occur after Authenticate
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one
      * accesses a role port)
      * 
    
-     * 
+     *
      * @param authzMgrName string representing the name of the authorization
      *            manager
      * @param authToken the authentication token
@@ -2033,11 +2033,11 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
@@ -2057,12 +2057,12 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * Signed Audit Log Subject ID
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to obtain the "SubjectID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message SubjectID
      */
     protected String auditSubjectID() {
@@ -2097,12 +2097,12 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * Signed Audit Log Group ID
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to obtain the "gid" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message SubjectID
      */
     protected String auditGroupID() {
@@ -2137,11 +2137,11 @@ public abstract class CMSServlet extends HttpServlet {
 
     /**
      * Signed Audit Groups
-     * 
+     *
      * This method is called to extract all "groups" associated
      * with the "auditSubjectID()".
      * 
    
-     * 
+     *
      * @param SubjectID string containing the signed audit log message SubjectID
      * @return a delimited string of groups associated
      *         with the "auditSubjectID()"
diff --git a/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java b/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java
index 4bfc74607..6f9f43d3a 100644
--- a/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java
@@ -34,7 +34,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * This servlet is started by the web server at startup, and
  * it starts the CMS framework.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSStartServlet extends HttpServlet {
diff --git a/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java b/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java
index 54e453f30..a6cb97908 100644
--- a/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java
@@ -33,7 +33,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * This is the servlet that displays the html page for the corresponding input id.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayHtmlServlet extends CMSServlet {
diff --git a/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java b/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java
index 0bf726879..ceba2fc72 100644
--- a/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java
@@ -43,7 +43,7 @@ import com.netscape.certsrv.base.IConfigStore;
  * 
    
  * This allows the requestor (browser) to make decisions about what to present in the UI, depending on how CMS is
  * configured
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DynamicVariablesServlet extends CMSServlet {
@@ -137,7 +137,7 @@ public class DynamicVariablesServlet extends CMSServlet {
      * 
  • clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. This is defined in the CMS
      * configuration parameter 'cloning.cloneMasterCrlUrl'
      * 
-     * 
+     *
      * @see javax.servlet.Servlet#init(ServletConfig)
      */
 
diff --git a/base/common/src/com/netscape/cms/servlet/base/GetStats.java b/base/common/src/com/netscape/cms/servlet/base/GetStats.java
index c21b56835..8c32e78c3 100644
--- a/base/common/src/com/netscape/cms/servlet/base/GetStats.java
+++ b/base/common/src/com/netscape/cms/servlet/base/GetStats.java
@@ -44,7 +44,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Retrieve information.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetStats extends CMSServlet {
@@ -62,7 +62,7 @@ public class GetStats extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template
      * file "getOCSPInfo.template" to render the result page.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -79,7 +79,7 @@ public class GetStats extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java b/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java
index 95dbf2abf..b5f94bd19 100644
--- a/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java
@@ -34,7 +34,7 @@ import com.netscape.cms.servlet.common.IndexTemplateFiller;
 /**
  * This is the servlet that builds the index page in
  * various ports.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class IndexServlet extends CMSServlet {
diff --git a/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java b/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java
index fced583a2..a0587229a 100644
--- a/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java
@@ -33,7 +33,7 @@ import com.netscape.cmsutil.xml.XMLObject;
 
 /**
  * This servlet returns port information.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PortsServlet extends CMSServlet {
@@ -49,7 +49,7 @@ public class PortsServlet extends CMSServlet {
 
     public void init(ServletConfig sc) throws ServletException {
         super.init(sc);
-        // override these to output directly ourselves. 
+        // override these to output directly ourselves.
         mTemplates.remove(CMSRequest.SUCCESS);
         mTemplates.remove(CMSRequest.ERROR);
     }
diff --git a/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java b/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java
index 41666ab31..4d7ff24f5 100644
--- a/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java
@@ -22,31 +22,31 @@ import com.netscape.certsrv.apps.CMS;
 
 /**
  * This is a servlet that proxies request to another servlet.
- * 
+ *
  * SERVLET REDIRECTION
  * Specify the URL of a servlet to forward the request to
  * destServlet: /ee/ca/newservlet
- * 
+ *
  * PARAMETER MAPPING
  * In the servlet configuration (as an init-param in web.xml) you
  * can optionally specify a value for the parameter 'parameterMap'
  * which contains a list of HTTP parameters which should be
  * translated to new names.
- * 
+ *
  * parameterMap: name1->newname1,name2->newname2
- * 
+ *
  * Optionally, names can be set to static values:
- * 
+ *
  * parameterMap: name1->name2=value
- * 
+ *
  * Examples:
  * Consider the following HTTP input parameters:
  * vehicle:car make:ford model:explorer
- * 
+ *
  * The following config strings will have this effect:
  * parameterMap: make->manufacturer,model->name=expedition,->suv=true
  * output: vehicle:car manufactuer:ford model:expedition suv:true
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProxyServlet extends HttpServlet {
@@ -222,7 +222,7 @@ class ProxyWrapper extends HttpServletRequestWrapper {
                         }
                     }
                 }
-                // Now, deal with static values set in the config 
+                // Now, deal with static values set in the config
                 // which weren't set in the HTTP request
                 Set> s2 = mValueMap.entrySet();
                 Iterator> i2 = s2.iterator();
diff --git a/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java b/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java
index f883fd373..24210f377 100644
--- a/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.apps.CMS;
  * thread.
  * 
    
  * Also allows user to trigger a new garbage collection
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SystemInfoServlet extends HttpServlet {
@@ -62,7 +62,7 @@ public class SystemInfoServlet extends HttpServlet {
      * 
  • op = general - display information about memory, and other JVM informatino
      * 
  • op = thread - display details about each thread.
      * 
-     * 
+     *
      * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse)
      */
     public void service(HttpServletRequest request,
diff --git a/base/common/src/com/netscape/cms/servlet/base/UserInfo.java b/base/common/src/com/netscape/cms/servlet/base/UserInfo.java
index dd8f69613..b509409da 100644
--- a/base/common/src/com/netscape/cms/servlet/base/UserInfo.java
+++ b/base/common/src/com/netscape/cms/servlet/base/UserInfo.java
@@ -20,7 +20,7 @@ package com.netscape.cms.servlet.base;
 /**
  * This class represents information about the client e.g. version,
  * langauge, vendor.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UserInfo {
@@ -35,7 +35,7 @@ public class UserInfo {
 
     /**
      * Returns the user language.
-     * 
+     *
      * @param s user language info from the browser
      * @return user language
      */
@@ -52,7 +52,7 @@ public class UserInfo {
 
     /**
      * Returns the user country.
-     * 
+     *
      * @param s user language info from the browser
      * @return user country
      */
@@ -69,7 +69,7 @@ public class UserInfo {
 
     /**
      * Returns the users agent.
-     * 
+     *
      * @param s user language info from the browser
      * @return user agent
      */
diff --git a/base/common/src/com/netscape/cms/servlet/base/model/Link.java b/base/common/src/com/netscape/cms/servlet/base/model/Link.java
index 7fd850a22..336092abe 100644
--- a/base/common/src/com/netscape/cms/servlet/base/model/Link.java
+++ b/base/common/src/com/netscape/cms/servlet/base/model/Link.java
@@ -22,7 +22,7 @@ import javax.xml.bind.annotation.XmlRootElement;
 
 /**
  * @author alee
- * 
+ *
  */
 @XmlRootElement(name = "Link")
 public class Link {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
index 5af09ad0d..fc9a97be2 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
@@ -69,7 +69,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Revoke a certificate with a CMC-formatted revocation request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMCRevReqServlet extends CMSServlet {
@@ -96,7 +96,7 @@ public class CMCRevReqServlet extends CMSServlet {
     private final static String LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED =
             "LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED_7";
 
-    // http params 
+    // http params
     public static final String SERIAL_NO = TOKEN_CERT_SERIAL;
     public static final String REASON_CODE = "reasonCode";
     public static final String CHALLENGE_PHRASE = "challengePhrase";
@@ -110,7 +110,7 @@ public class CMCRevReqServlet extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -136,11 +136,11 @@ public class CMCRevReqServlet extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * 
      
      * 
    • http.param cmcRequest the base-64 encoded CMC request
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
@@ -315,20 +315,20 @@ public class CMCRevReqServlet extends CMSServlet {
      * Process cert status change request using the Certificate Management
      * protocol using CMS (CMC)
      * 
    
-     * 
+     *
      * (Certificate Request - an "EE" cert status change request)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - an "EE" cert status change request)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
      * "revocation") is made (before approval process)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
      * changed (revoked, expired, on-hold, off-hold)
      * 
    
-     * 
+     *
      * @param argSet CMS template parameters
      * @param header argument block
      * @param reason revocation reason (0 - Unspecified, 1 - Key compromised,
@@ -965,11 +965,11 @@ public class CMCRevReqServlet extends CMSServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -995,11 +995,11 @@ public class CMCRevReqServlet extends CMSServlet {
 
     /**
      * Signed Audit Log Serial Number
-     * 
+     *
      * This method is called to obtain the serial number of the certificate
      * whose status is to be changed for a signed audit log message.
      * 
    
-     * 
+     *
      * @param eeSerialNumber a string containing the un-normalized serialNumber
      * @return id string containing the signed audit log message RequesterID
      */
@@ -1028,11 +1028,11 @@ public class CMCRevReqServlet extends CMSServlet {
 
     /**
      * Signed Audit Log Request Type
-     * 
+     *
      * This method is called to obtain the "Request Type" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param reason an integer denoting the revocation reason
      * @return string containing REVOKE or ON_HOLD
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java b/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
index f056047cc..94c8f1207 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
@@ -69,7 +69,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * Takes the certificate info (serial number) and optional challenge phrase, creates a
  * revocation request and submits it to the authority subsystem for processing
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ChallengeRevocationServlet1 extends CMSServlet {
@@ -88,7 +88,7 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
     private IPublisherProcessor mPublisherProcessor = null;
     private String mRequestID = null;
 
-    // http params 
+    // http params
     public static final String SERIAL_NO = TOKEN_CERT_SERIAL;
     public static final String REASON_CODE = "reasonCode";
     public static final String CHALLENGE_PHRASE = "challengePhrase";
@@ -103,7 +103,7 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
     /**
      * Initialize the servlet. This servlet uses the file
      * revocationResult.template for the response
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -130,7 +130,7 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
      * 
  • http.param REASON_CODE the revocation reason
      * 
  • http.param b64eCertificate the base-64 encoded certificate to revoke
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
@@ -370,7 +370,7 @@ public class ChallengeRevocationServlet1 extends CMSServlet {
                 Vector serialNumbers = new Vector();
 
                 if (revokeAll != null && revokeAll.length() > 0) {
-                    for (int i = revokeAll.indexOf('='); i < revokeAll.length() && i > -1; 
+                    for (int i = revokeAll.indexOf('='); i < revokeAll.length() && i > -1;
                             i = revokeAll.indexOf('=', i)) {
                         if (i > -1) {
                             i++;
diff --git a/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java b/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
index d17fd959b..aa7abc92e 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
@@ -42,7 +42,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
  * Redirect a request to the Master. This servlet is used in
  * a clone when a requested service (such as CRL) is not available.
  * It redirects the user to the master.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CloneRedirect extends CMSServlet {
@@ -69,7 +69,7 @@ public class CloneRedirect extends CMSServlet {
 
     /**
      * Initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DirAuthServlet.java b/base/common/src/com/netscape/cms/servlet/cert/DirAuthServlet.java
index ced92ba85..aa48a7ca9 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DirAuthServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DirAuthServlet.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * 'Face-to-face' certificate enrollment.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DirAuthServlet extends CMSServlet {
@@ -64,7 +64,7 @@ public class DirAuthServlet extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -83,7 +83,7 @@ public class DirAuthServlet extends CMSServlet {
     /**
      * Process the HTTP request. This servlet reads configuration information
      * from the hashDirEnrollment configuration substore
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DisableEnrollResult.java b/base/common/src/com/netscape/cms/servlet/cert/DisableEnrollResult.java
index a5cdc98e8..46863c098 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DisableEnrollResult.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DisableEnrollResult.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * For Face-to-face enrollment, disable EE enrollment feature
- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.cms.servlet.cert.EnableEnrollResult
  */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java b/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
index 5a1e4ed65..105fc66a1 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
@@ -69,10 +69,10 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Display detailed information about a certificate
- * 
+ *
  * The template 'displayBySerial.template' is used to
  * render the response for this servlet.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayBySerial extends CMSServlet {
@@ -98,7 +98,7 @@ public class DisplayBySerial extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -118,7 +118,7 @@ public class DisplayBySerial extends CMSServlet {
         if (mOutputTemplatePath != null)
             mForm1Path = mOutputTemplatePath;
 
-        // override success and error templates to null - 
+        // override success and error templates to null -
         // handle templates locally.
         mTemplates.remove(CMSRequest.SUCCESS);
     }
@@ -353,11 +353,11 @@ public class DisplayBySerial extends CMSServlet {
 
             /*
              String scheme = req.getScheme();
-             if (scheme.equals("http") && connectionIsSSL(req)) 
+             if (scheme.equals("http") && connectionIsSSL(req))
              scheme = "https";
              String requestURI = req.getRequestURI();
              int i = requestURI.indexOf('?');
-             String newRequestURI = 
+             String newRequestURI =
              (i > -1)? requestURI.substring(0, i): requestURI;
              header.addStringValue("serviceURL", scheme +"://"+
              req.getServerName() + ":"+
@@ -384,7 +384,7 @@ public class DisplayBySerial extends CMSServlet {
 
             /*
              String userAgent = req.getHeader("user-agent");
-             String agent = 
+             String agent =
              (userAgent != null)? UserInfo.getUserAgent(userAgent): "";
              */
             // Now formulate a PKCS#7 blob
@@ -428,7 +428,7 @@ public class DisplayBySerial extends CMSServlet {
                 p7Str = Utils.base64encode(p7Bytes);
                 header.addStringValue("pkcs7ChainBase64", p7Str);
             } catch (Exception e) {
-                //p7Str = "PKCS#7 B64 Encoding error - " + e.toString() 
+                //p7Str = "PKCS#7 B64 Encoding error - " + e.toString()
                 //+ "; Please contact your administrator";
                 log(ILogger.LL_FAILURE,
                         CMS.getLogMessage("CMSGW_ERROR_FORMING_PKCS7_1", e.toString()));
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java b/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
index ad503272a..61a606cae 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
@@ -52,7 +52,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Decode the CRL and display it to the requester.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayCRL extends CMSServlet {
@@ -79,7 +79,7 @@ public class DisplayCRL extends CMSServlet {
     /**
      * Initialize the servlet. This servlet uses the 'displayCRL.template' file to
      * to render the response to the client.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -103,7 +103,7 @@ public class DisplayCRL extends CMSServlet {
      * 
  • http.param pageStart which page to start displaying from
      * 
  • http.param pageSize number of entries to show per page
      * 
-     * 
+     *
      * @param cmsReq the Request to service.
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DisplayHashUserEnroll.java b/base/common/src/com/netscape/cms/servlet/cert/DisplayHashUserEnroll.java
index 99082d4c5..e65082f4d 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DisplayHashUserEnroll.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DisplayHashUserEnroll.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Servlet to report the status, ie, the agent-initiated user
  * enrollment is enabled or disabled.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayHashUserEnroll extends CMSServlet {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java b/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
index 1594c5323..afd958abf 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
@@ -73,7 +73,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Revoke a Certificate
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DoRevoke extends CMSServlet {
@@ -109,7 +109,7 @@ public class DoRevoke extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template
      * file "revocationResult.template" to render the result
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -144,18 +144,18 @@ public class DoRevoke extends CMSServlet {
 
     /**
      * Serves HTTP request. The http parameters used by this request are as follows:
-     * 
+     *
      * 
          * serialNumber Serial number of certificate to revoke (in HEX)
      * revocationReason Revocation reason (Described below)
      * totalRecordCount [number]
      * verifiedRecordCount [number]
      * invalidityDate [number of seconds in Jan 1,1970]
-     * 
+     *
      * 
    
-     * 
+     *
      * revocationReason can be one of these values:
-     * 
+     *
      * 
          * 0 = Unspecified   (default)
      * 1 = Key compromised
@@ -375,21 +375,21 @@ public class DoRevoke extends CMSServlet {
     /**
      * Process cert status change request
      * 
    
-     * 
+     *
      * (Certificate Request - either an "agent" cert status change request, or an "EE" cert status change request)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change
      * request)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
      * "revocation") is made (before approval process)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
      * changed (revoked, expired, on-hold, off-hold)
      * 
    
-     * 
+     *
      * @param argSet CMS template parameters
      * @param header argument block
      * @param reason revocation reason (0 - Unspecified, 1 - Key compromised,
@@ -535,7 +535,7 @@ public class DoRevoke extends CMSServlet {
                 Vector serialNumbers = new Vector();
 
                 if (revokeAll != null && revokeAll.length() > 0) {
-                    for (int i = revokeAll.indexOf('='); i < revokeAll.length() && i > -1; 
+                    for (int i = revokeAll.indexOf('='); i < revokeAll.length() && i > -1;
                             i = revokeAll.indexOf('=', i)) {
                         if (i > -1) {
                             i++;
@@ -564,7 +564,7 @@ public class DoRevoke extends CMSServlet {
                         boolean addToList = false;
 
                         for (int j = 0; j < serialNumbers.size(); j++) {
-                            //xxxxx serial number in decimal? 
+                            //xxxxx serial number in decimal?
                             if (certs[i].getSerialNumber().toString().equals((String) serialNumbers.elementAt(j)) &&
                                     eeSubjectDN != null && eeSubjectDN.equals(certs[i].getSubjectDN().toString())) {
                                 addToList = true;
@@ -707,7 +707,7 @@ public class DoRevoke extends CMSServlet {
             // the request is complete
             if ((stat == RequestStatus.COMPLETE)
                     || ((type.equals(IRequest.CLA_CERT4CRL_REQUEST)) && (stat == RequestStatus.SVC_PENDING))) {
-                // audit log the error 
+                // audit log the error
                 Integer result = revReq.getExtDataInInteger(IRequest.RESULT);
 
                 if (result.equals(IRequest.RES_ERROR)) {
@@ -832,7 +832,7 @@ public class DoRevoke extends CMSServlet {
                 }
 
                 if (mAuthority instanceof ICertificateAuthority) {
-                    // let known update and publish status of all crls. 
+                    // let known update and publish status of all crls.
                     Enumeration otherCRLs =
                             ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
 
@@ -906,7 +906,7 @@ public class DoRevoke extends CMSServlet {
                     header.addIntegerValue("certsUpdated", certsUpdated);
                     header.addIntegerValue("certsToUpdate", certsToUpdate);
 
-                    // add crl publishing status. 
+                    // add crl publishing status.
                     String publError =
                             revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
 
@@ -1110,11 +1110,11 @@ public class DoRevoke extends CMSServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -1140,11 +1140,11 @@ public class DoRevoke extends CMSServlet {
 
     /**
      * Signed Audit Log Serial Number
-     * 
+     *
      * This method is called to obtain the serial number of the certificate
      * whose status is to be changed for a signed audit log message.
      * 
    
-     * 
+     *
      * @param eeSerialNumber a string containing the un-normalized serialNumber
      * @return id string containing the signed audit log message RequesterID
      */
@@ -1164,7 +1164,7 @@ public class DoRevoke extends CMSServlet {
 
             BigInteger value = BigInteger.ONE.negate();
 
-            //try int 
+            //try int
             try {
                 value = new BigInteger(serialNumber, 10);
             } catch (NumberFormatException e) {
@@ -1193,11 +1193,11 @@ public class DoRevoke extends CMSServlet {
 
     /**
      * Signed Audit Log Request Type
-     * 
+     *
      * This method is called to obtain the "Request Type" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param reason an integer denoting the revocation reason
      * @return string containing REVOKE or ON_HOLD
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java b/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java
index c4603dd51..83cefa6f6 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java
@@ -64,7 +64,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Revoke a Certificate
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DoRevokeTPS extends CMSServlet {
@@ -99,7 +99,7 @@ public class DoRevokeTPS extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template
      * file "revocationResult.template" to render the result
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -129,18 +129,18 @@ public class DoRevokeTPS extends CMSServlet {
 
     /**
      * Serves HTTP request. The http parameters used by this request are as follows:
-     * 
+     *
      * 
          * serialNumber Serial number of certificate to revoke (in HEX)
      * revocationReason Revocation reason (Described below)
      * totalRecordCount [number]
      * verifiedRecordCount [number]
      * invalidityDate [number of seconds in Jan 1,1970]
-     * 
+     *
      * 
    
-     * 
+     *
      * revocationReason can be one of these values:
-     * 
+     *
      * 
          * 0 = Unspecified   (default)
      * 1 = Key compromised
@@ -278,21 +278,21 @@ public class DoRevokeTPS extends CMSServlet {
     /**
      * Process cert status change request
      * 
    
-     * 
+     *
      * (Certificate Request - either an "agent" cert status change request, or an "EE" cert status change request)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change
      * request)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
      * "revocation") is made (before approval process)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
      * changed (revoked, expired, on-hold, off-hold)
      * 
    
-     * 
+     *
      * @param argSet CMS template parameters
      * @param header argument block
      * @param reason revocation reason (0 - Unspecified, 1 - Key compromised,
@@ -510,7 +510,7 @@ public class DoRevokeTPS extends CMSServlet {
             // the request is complete
             if ((stat == RequestStatus.COMPLETE)
                     || ((type.equals(IRequest.CLA_CERT4CRL_REQUEST)) && (stat == RequestStatus.SVC_PENDING))) {
-                // audit log the error 
+                // audit log the error
                 Integer result = revReq.getExtDataInInteger(IRequest.RESULT);
 
                 if (result.equals(IRequest.RES_ERROR)) {
@@ -629,7 +629,7 @@ public class DoRevokeTPS extends CMSServlet {
                 }
 
                 if (mAuthority instanceof ICertificateAuthority) {
-                    // let known update and publish status of all crls. 
+                    // let known update and publish status of all crls.
                     Enumeration otherCRLs =
                             ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
 
@@ -682,7 +682,7 @@ public class DoRevokeTPS extends CMSServlet {
                 if (mPublisherProcessor != null && mPublisherProcessor.ldapEnabled()) {
                     header.addStringValue("dirEnabled", "yes");
 
-                    // add crl publishing status. 
+                    // add crl publishing status.
                     String publError =
                             revReq.getExtDataInString(IRequest.CRL_PUBLISH_ERROR);
 
@@ -851,11 +851,11 @@ public class DoRevokeTPS extends CMSServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -881,11 +881,11 @@ public class DoRevokeTPS extends CMSServlet {
 
     /**
      * Signed Audit Log Serial Number
-     * 
+     *
      * This method is called to obtain the serial number of the certificate
      * whose status is to be changed for a signed audit log message.
      * 
    
-     * 
+     *
      * @param eeSerialNumber a string containing the un-normalized serialNumber
      * @return id string containing the signed audit log message RequesterID
      */
@@ -912,11 +912,11 @@ public class DoRevokeTPS extends CMSServlet {
 
     /**
      * Signed Audit Log Request Type
-     * 
+     *
      * This method is called to obtain the "Request Type" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param reason an integer denoting the revocation reason
      * @return string containing REVOKE or ON_HOLD
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java b/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
index c6b6065b4..cd9a0196b 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
@@ -58,7 +58,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * 'Unrevoke' a certificate. (For certificates that are on-hold only,
  * take them off-hold)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DoUnrevoke extends CMSServlet {
@@ -89,7 +89,7 @@ public class DoUnrevoke extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -115,7 +115,7 @@ public class DoUnrevoke extends CMSServlet {
      * with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex
      * number by prefixing '0x' to the serialNumber string
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -214,20 +214,20 @@ public class DoUnrevoke extends CMSServlet {
     /**
      * Process X509 cert status change request
      * 
    
-     * 
+     *
      * (Certificate Request - an "agent" cert status change request to take a certificate off-hold)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - an "agent" cert status change request to take a certificate off-hold)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
      * "revocation") is made (before approval process)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
      * changed (taken off-hold)
      * 
    
-     * 
+     *
      * @param argSet CMS template parameters
      * @param header argument block
      * @param serialNumbers the serial number of the certificate
@@ -409,7 +409,7 @@ public class DoUnrevoke extends CMSServlet {
                     }
                 }
 
-                // let known update and publish status of all crls. 
+                // let known update and publish status of all crls.
                 Enumeration otherCRLs =
                         ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
 
@@ -610,11 +610,11 @@ public class DoUnrevoke extends CMSServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -640,11 +640,11 @@ public class DoUnrevoke extends CMSServlet {
 
     /**
      * Signed Audit Log Serial Number
-     * 
+     *
      * This method is called to obtain the serial number of the certificate
      * whose status is to be changed for a signed audit log message.
      * 
    
-     * 
+     *
      * @param eeSerialNumber a string containing the un-normalized serialNumber
      * @return id string containing the signed audit log message RequesterID
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java b/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java
index 5d096aff3..e56eece2c 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java
@@ -55,7 +55,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * 'Unrevoke' a certificate. (For certificates that are on-hold only,
  * take them off-hold)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DoUnrevokeTPS extends CMSServlet {
@@ -88,7 +88,7 @@ public class DoUnrevokeTPS extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -113,7 +113,7 @@ public class DoUnrevokeTPS extends CMSServlet {
      * with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex
      * number by prefixing '0x' to the serialNumber string
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -129,7 +129,7 @@ public class DoUnrevokeTPS extends CMSServlet {
                 try {
                     form = getTemplate(mFormPath, req, locale);
                 } catch (IOException e) {
-                    log(ILogger.LL_FAILURE, 
+                    log(ILogger.LL_FAILURE,
                         CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString()));
                     throw new ECMSGWException(
                       CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
@@ -217,20 +217,20 @@ public class DoUnrevokeTPS extends CMSServlet {
     /**
      * Process X509 cert status change request
      * 
    
-     * 
+     *
      * (Certificate Request - an "agent" cert status change request to take a certificate off-hold)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - an "agent" cert status change request to take a certificate off-hold)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. -
      * "revocation") is made (before approval process)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is
      * changed (taken off-hold)
      * 
    
-     * 
+     *
      * @param serialNumbers the serial number of the certificate
      * @param req HTTP servlet request
      * @param resp HTTP servlet response
@@ -365,7 +365,7 @@ public class DoUnrevokeTPS extends CMSServlet {
                     }
                 }
 
-                // let known update and publish status of all crls. 
+                // let known update and publish status of all crls.
                 Enumeration otherCRLs =
                         ((ICertificateAuthority) mAuthority).getCRLIssuingPoints();
 
@@ -557,11 +557,11 @@ public class DoUnrevokeTPS extends CMSServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -587,11 +587,11 @@ public class DoUnrevokeTPS extends CMSServlet {
 
     /**
      * Signed Audit Log Serial Number
-     * 
+     *
      * This method is called to obtain the serial number of the certificate
      * whose status is to be changed for a signed audit log message.
      * 
    
-     * 
+     *
      * @param eeSerialNumber a string containing the un-normalized serialNumber
      * @return id string containing the signed audit log message RequesterID
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/EnableEnrollResult.java b/base/common/src/com/netscape/cms/servlet/cert/EnableEnrollResult.java
index 2a143b668..cbb233251 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/EnableEnrollResult.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/EnableEnrollResult.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * For Face-to-face enrollment, enable EE enrollment feature
- * 
+ *
  * @version $Revision$, $Date$
  * @see com.netscape.cms.servlet.cert.DisableEnrollResult
  */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java b/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
index a73a8146c..50eaaa94b 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
@@ -77,7 +77,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Submit a Certificate Enrollment request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class EnrollServlet extends CMSServlet {
@@ -91,7 +91,7 @@ public class EnrollServlet extends CMSServlet {
     // enrollment templates.
     public static final String ENROLL_SUCCESS_TEMPLATE = "EnrollSuccess.template";
 
-    // http params 
+    // http params
     public static final String OLD_CERT_TYPE = "csrCertType";
     public static final String CERT_TYPE = "certType";
     // same as in ConfigConstant.java
@@ -171,7 +171,7 @@ public class EnrollServlet extends CMSServlet {
      * 
      
      * 
    • CMSServlet.PROP_ID - ID for signed audit log messages
      * 
    • CMSServlet.PROP_SUCCESS_TEMPLATE - success template file
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -288,7 +288,7 @@ public class EnrollServlet extends CMSServlet {
 
                 init_testbed_hack(mConfig);
             } catch (Exception e) {
-                // this should never happen. 
+                // this should never happen.
                 log(ILogger.LL_FAILURE,
                         CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR",
                                 e.toString(), mId));
@@ -304,7 +304,7 @@ public class EnrollServlet extends CMSServlet {
      * Getter method to see if Proof of Posession checking is enabled.
      * this value is set in the CMS.cfg filem with the parameter
      * "enrollment.enforcePop". It defaults to false
-     * 
+     *
      * @return true if user is required to Prove that they possess the
      *         private key corresponding to the public key in the certificate
      *         request they are submitting
@@ -323,7 +323,7 @@ public class EnrollServlet extends CMSServlet {
      * 
    • The request is preprocessed, then processed further in one of the cert request processor classes:
      * KeyGenProcessor, PKCS10Processor, CMCProcessor, CRMFProcessor
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
@@ -693,23 +693,23 @@ public class EnrollServlet extends CMSServlet {
     /**
      * Process X509 certificate enrollment request
      * 
    
-     * 
+     *
      * (Certificate Request - either an "admin" cert request for an admin certificate, an "agent" cert request for
      * "bulk enrollment", or an "EE" standard cert request)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - either an automated "admin" non-profile based CA admin cert acceptance, an
      * automated "admin" non-profile based CA admin cert rejection, an automated "EE" non-profile based cert acceptance,
      * or an automated "EE" non-profile based cert rejection)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made
      * (before approval process)
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
      * through the approval process
      * 
    
-     * 
+     *
      * @param cmsReq a certificate enrollment request
      * @exception EBaseException an error has occurred
      */
@@ -806,7 +806,7 @@ public class EnrollServlet extends CMSServlet {
              * === certAuth based enroll ===
              * "certAuthEnroll" is on.
              * "certauthEnrollType can be one of the three:
-             *       single - it's for single cert enrollment 
+             *       single - it's for single cert enrollment
              *       dual - it's for dual certs enrollment
              *       encryption - getting the encryption cert only via
              *                    authentication of the signing cert
@@ -938,8 +938,8 @@ public class EnrollServlet extends CMSServlet {
             if (authToken != null) {
                 authMgr =
                         authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
-                // don't store agent token in request. 
-                // agent currently used for bulk issuance. 
+                // don't store agent token in request.
+                // agent currently used for bulk issuance.
                 // if (!authMgr.equals(AuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
                 log(ILogger.LL_INFO,
                         "Enrollment request was authenticated by " +
@@ -1355,9 +1355,9 @@ public class EnrollServlet extends CMSServlet {
         // ensure that any low-level exceptions are reported
         // to the signed audit log and stored as failures
         try {
-            // send request to request queue. 
+            // send request to request queue.
             mRequestQueue.processRequest(req);
-            // process result. 
+            // process result.
 
             // render OLD_CERT_TYPE's response differently, we
             // do not want any javascript in HTML, and need to
@@ -1693,11 +1693,11 @@ public class EnrollServlet extends CMSServlet {
         out.println("");
     }
 
-    // XXX ALERT !! 
-    // Remove the following and calls to them when we bundle a cartman 
-    // later than alpha1. 
-    // These are here to cover up problem in cartman where the 
-    // key usage extension always ends up being digital signature only 
+    // XXX ALERT !!
+    // Remove the following and calls to them when we bundle a cartman
+    // later than alpha1.
+    // These are here to cover up problem in cartman where the
+    // key usage extension always ends up being digital signature only
     // and for rsa-ex ends up having no bits set.
 
     private boolean mIsTestBed = false;
@@ -1709,11 +1709,11 @@ public class EnrollServlet extends CMSServlet {
 
     /**
      * Signed Audit Log Info Certificate Value
-     * 
+     *
      * This method is called to obtain the certificate from the passed in
      * "X509CertImpl" for a signed audit log message.
      * 
    
-     * 
+     *
      * @param x509cert an X509CertImpl
      * @return cert string containing the certificate
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetBySerial.java b/base/common/src/com/netscape/cms/servlet/cert/GetBySerial.java
index 663397f54..bf985c93e 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/GetBySerial.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/GetBySerial.java
@@ -59,7 +59,7 @@ import com.netscape.cmsutil.crypto.CryptoUtil;
 
 /**
  * Retrieve certificate by serial number.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetBySerial extends CMSServlet {
@@ -85,7 +85,7 @@ public class GetBySerial extends CMSServlet {
      * Initialize the servlet. This servlet uses the template file
      * "ImportCert.template" to import the cert to the users browser,
      * if that is what the user requested
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -101,7 +101,7 @@ public class GetBySerial extends CMSServlet {
         }
         mImportTemplateFiller = new ImportCertsTemplateFiller();
 
-        // override success and error templates to null - 
+        // override success and error templates to null -
         // handle templates locally.
         mTemplates.remove(CMSRequest.SUCCESS);
 
@@ -118,7 +118,7 @@ public class GetBySerial extends CMSServlet {
      * 
      
      * 
    • http.param serialNumber serial number of certificate in HEX
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -279,7 +279,7 @@ public class GetBySerial extends CMSServlet {
             cmsReq.setStatus(CMSRequest.SUCCESS);
 
             // XXX follow request in cert record to set certtype, which will
-            // import cert only if it's client. For now assume "client" if 
+            // import cert only if it's client. For now assume "client" if
             // someone clicked to import this cert.
             cmsReq.getHttpParams().set("certType", "client");
 
diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java b/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
index fe55f335b..da4959268 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
@@ -50,7 +50,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Retrieve the Certificates comprising the CA Chain for this CA.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetCAChain extends CMSServlet {
@@ -67,7 +67,7 @@ public class GetCAChain extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -85,7 +85,7 @@ public class GetCAChain extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java b/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java
index 4c8661359..e9e3c809a 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java
@@ -50,7 +50,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Retrieve CRL for a Certificate Authority
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetCRL extends CMSServlet {
@@ -67,7 +67,7 @@ public class GetCRL extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -81,7 +81,7 @@ public class GetCRL extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      * @see DisplayCRL#process
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java b/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java
index 71b0004cd..ce60fabc1 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java
@@ -54,7 +54,7 @@ import com.netscape.cms.servlet.common.ICMSTemplateFiller;
 
 /**
  * Gets a issued certificate from a request id.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetCertFromRequest extends CMSServlet {
@@ -82,7 +82,7 @@ public class GetCertFromRequest extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template files
      * "displayCertFromRequest.template" and "ImportCert.template"
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -134,7 +134,7 @@ public class GetCertFromRequest extends CMSServlet {
      * 
      
      * 
    • http.param requestId The request ID to search on
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
@@ -206,7 +206,7 @@ public class GetCertFromRequest extends CMSServlet {
             }
         }
 
-        if (!((r.getRequestType().equals(IRequest.ENROLLMENT_REQUEST)) || 
+        if (!((r.getRequestType().equals(IRequest.ENROLLMENT_REQUEST)) ||
                 (r.getRequestType().equals(IRequest.RENEWAL_REQUEST)))) {
             log(ILogger.LL_FAILURE,
                     CMS.getLogMessage("CMSGW_REQUEST_NOT_ENROLLMENT_1", requestId));
diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetEnableStatus.java b/base/common/src/com/netscape/cms/servlet/cert/GetEnableStatus.java
index d0dfb8f9a..99bdf2486 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/GetEnableStatus.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/GetEnableStatus.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Servlet to get the enrollment status, enable or disable.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetEnableStatus extends CMSServlet {
@@ -63,7 +63,7 @@ public class GetEnableStatus extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -83,7 +83,7 @@ public class GetEnableStatus extends CMSServlet {
      * 
      
      * 
    • http.param
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetInfo.java b/base/common/src/com/netscape/cms/servlet/cert/GetInfo.java
index 6af5c0c39..30f0b0c40 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/GetInfo.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/GetInfo.java
@@ -50,7 +50,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Get detailed information about CA CRL processing
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetInfo extends CMSServlet {
@@ -74,7 +74,7 @@ public class GetInfo extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -93,7 +93,7 @@ public class GetInfo extends CMSServlet {
      * 
      
      * 
    • http.param template filename of template to use to render the result
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java b/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
index 5e6207e1a..0d4b52672 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
@@ -85,7 +85,7 @@ import com.netscape.cms.servlet.common.ICMSTemplateFiller;
 
 /**
  * performs face-to-face enrollment.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class HashEnrollServlet extends CMSServlet {
@@ -99,7 +99,7 @@ public class HashEnrollServlet extends CMSServlet {
     // enrollment templates.
     public static final String ENROLL_SUCCESS_TEMPLATE = "/ra/HashEnrollSuccess.template";
 
-    // http params 
+    // http params
     public static final String OLD_CERT_TYPE = "csrCertType";
     public static final String CERT_TYPE = "certType";
     // same as in ConfigConstant.java
@@ -130,7 +130,7 @@ public class HashEnrollServlet extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -157,7 +157,7 @@ public class HashEnrollServlet extends CMSServlet {
 
             init_testbed_hack(mConfig);
         } catch (Exception e) {
-            // this should never happen. 
+            // this should never happen.
             log(ILogger.LL_FAILURE,
                     CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(), mId));
         }
@@ -165,7 +165,7 @@ public class HashEnrollServlet extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
@@ -281,7 +281,7 @@ public class HashEnrollServlet extends CMSServlet {
          * === certAuth based enroll ===
          * "certAuthEnroll" is on.
          * "certauthEnrollType can be one of the three:
-         *		 single - it's for single cert enrollment 
+         *		 single - it's for single cert enrollment
          *		 dual - it's for dual certs enrollment
          *		 encryption - getting the encryption cert only via
          *                    authentication of the signing cert
@@ -349,8 +349,8 @@ public class HashEnrollServlet extends CMSServlet {
         String certBasedOldSubjectDN = null;
         BigInteger certBasedOldSerialNum = null;
 
-        // check if request was authenticated, if so set authtoken & certInfo. 
-        // also if authenticated, take certInfo from authToken. 
+        // check if request was authenticated, if so set authtoken & certInfo.
+        // also if authenticated, take certInfo from authToken.
         X509CertInfo certInfo = null;
 
         if (certAuthEnroll == true) {
@@ -399,14 +399,14 @@ public class HashEnrollServlet extends CMSServlet {
         } else {
             authMgr =
                     authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
-            // don't store agent token in request. 
-            // agent currently used for bulk issuance. 
+            // don't store agent token in request.
+            // agent currently used for bulk issuance.
             // if (!authMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
             log(ILogger.LL_INFO,
                     "Enrollment request was authenticated by " +
                             authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME));
             fillCertInfoFromAuthToken(certInfo, authToken);
-            // save authtoken attrs to request directly (for policy use) 
+            // save authtoken attrs to request directly (for policy use)
             saveAuthToken(authToken, req);
             // req.set(IRequest.AUTH_TOKEN, authToken);
             // }
@@ -606,9 +606,9 @@ public class HashEnrollServlet extends CMSServlet {
             req.setExtData(CHALLENGE_PASSWORD, pwd);
         }
 
-        // send request to request queue. 
+        // send request to request queue.
         mRequestQueue.processRequest(req);
-        // process result. 
+        // process result.
 
         // render OLD_CERT_TYPE's response differently, we
         // dont want any javascript in HTML, and need to
@@ -628,7 +628,7 @@ public class HashEnrollServlet extends CMSServlet {
         String agentID = null;
 
         if (!authMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
-            // request is from eegateway, so fromUser. 
+            // request is from eegateway, so fromUser.
             initiative = AuditFormat.FROMUSER;
         } else {
             agentID = authToken.getInString("userid");
@@ -640,7 +640,7 @@ public class HashEnrollServlet extends CMSServlet {
 
         if (status != RequestStatus.COMPLETE) {
             cmsReq.setIRequestStatus(); // set status acc. to IRequest status.
-            // audit log the status 
+            // audit log the status
             try {
                 if (status == RequestStatus.REJECTED) {
                     Vector messages = req.getExtDataInStringVector(IRequest.ERRORS);
@@ -680,7 +680,7 @@ public class HashEnrollServlet extends CMSServlet {
                                         certInfo.get(X509CertInfo.SUBJECT), "" }
                                 );
                     }
-                } else { // other imcomplete status 
+                } else { // other imcomplete status
                     mLogger.log(ILogger.EV_AUDIT,
                             ILogger.S_OTHER,
                             AuditFormat.LEVEL,
@@ -802,7 +802,7 @@ public class HashEnrollServlet extends CMSServlet {
             throws EBaseException {
         // override subject, validity and extensions from auth token
         // CA determines algorithm, version and issuer.
-        // take key from keygen, cmc, pkcs10 or crmf. 
+        // take key from keygen, cmc, pkcs10 or crmf.
 
         // subject name.
         try {
@@ -953,14 +953,14 @@ public class HashEnrollServlet extends CMSServlet {
                             new CertificateSubjectName(subject));
                 } else if (authToken == null ||
                         authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) == null) {
-                    // No subject name - error! 
+                    // No subject name - error!
                     log(ILogger.LL_FAILURE,
                             CMS.getLogMessage("CMSGW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN"));
                     throw new ECMSGWException(
                             CMS.getUserMessage("CMS_GW_MISSING_SUBJECT_NAME_FROM_AUTHTOKEN"));
                 }
 
-                // get extensions 
+                // get extensions
                 CertificateExtensions extensions = null;
 
                 try {
@@ -972,8 +972,8 @@ public class HashEnrollServlet extends CMSServlet {
                     extensions = null;
                 }
                 if (certTemplate.hasExtensions()) {
-                    // put each extension from CRMF into CertInfo. 
-                    // index by extension name, consistent with 
+                    // put each extension from CRMF into CertInfo.
+                    // index by extension name, consistent with
                     // CertificateExtensions.parseExtension() method.
                     if (extensions == null)
                         extensions = new CertificateExtensions();
@@ -1013,7 +1013,7 @@ public class HashEnrollServlet extends CMSServlet {
 
                 }
 
-                // Added a new configuration parameter 
+                // Added a new configuration parameter
                 // eeGateway.Enrollment.authTokenOverride=[true|false]
                 // By default, it is set to true. In most
                 // of the case, administrator would want
@@ -1022,7 +1022,7 @@ public class HashEnrollServlet extends CMSServlet {
                 // -- CRMFfillCert
                 if (authToken != null &&
                         authToken.getInString(AuthToken.TOKEN_CERT_SUBJECT) != null) {
-                    // if authenticated override subect name, validity and 
+                    // if authenticated override subect name, validity and
                     // extensions if any from authtoken.
                     fillCertInfoFromAuthToken(certInfo, authToken);
                 }
@@ -1161,11 +1161,11 @@ public class HashEnrollServlet extends CMSServlet {
         out.println("");
     }
 
-    // XXX ALERT !! 
-    // Remove the following and calls to them when we bundle a cartman 
-    // later than alpha1. 
-    // These are here to cover up problem in cartman where the 
-    // key usage extension always ends up being digital signature only 
+    // XXX ALERT !!
+    // Remove the following and calls to them when we bundle a cartman
+    // later than alpha1.
+    // These are here to cover up problem in cartman where the
+    // key usage extension always ends up being digital signature only
     // and for rsa-ex ends up having no bits set.
 
     private boolean mIsTestBed = false;
@@ -1196,7 +1196,7 @@ public class HashEnrollServlet extends CMSServlet {
                         exts.get(KeyUsageExtension.NAME);
 
                 if (ext == null)
-                    // should not happen 
+                    // should not happen
                     continue;
                 byte[] value = ext.getExtensionValue();
 
@@ -1207,7 +1207,7 @@ public class HashEnrollServlet extends CMSServlet {
                     newvalue[1] = 0x03;
                     newvalue[2] = 0x07;
                     newvalue[3] = value[3];
-                    // force encryption certs to have digitial signature 
+                    // force encryption certs to have digitial signature
                     // set too so smime can find the cert for encryption.
                     if (value[3] == 0x20) {
 
@@ -1229,10 +1229,10 @@ public class HashEnrollServlet extends CMSServlet {
                     exts.set(KeyUsageExtension.NAME, newext);
                 }
             } catch (IOException e) {
-                // should never happen 
+                // should never happen
                 continue;
             } catch (CertificateException e) {
-                // should never happen 
+                // should never happen
                 continue;
             }
         }
diff --git a/base/common/src/com/netscape/cms/servlet/cert/ImportCertsTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/cert/ImportCertsTemplateFiller.java
index 2f551d3f5..016d5a124 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/ImportCertsTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/ImportCertsTemplateFiller.java
@@ -60,24 +60,24 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Set up HTTP response to import certificate into browsers
- * 
+ *
  * The result must have been populate with the set of certificates
  * to return.
- * 
+ *
  * 
      * inputs: certtype.
- * outputs: 
+ * outputs:
  * 	- cert type from http input (if any)
- *      - CA chain 
+ *      - CA chain
  * 	- authority name (RM, CM, DRM)
  *      - scheme:host:port of server.
- *  array of one or more 
+ *  array of one or more
  *      - cert serial number
  *      - cert pretty print
  * 	- cert in base 64 encoding.
  * 	- cmmf blob to import
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ImportCertsTemplateFiller implements ICMSTemplateFiller {
@@ -118,7 +118,7 @@ public class ImportCertsTemplateFiller implements ICMSTemplateFiller {
         IArgBlock fixed = CMS.createArgBlock();
         CMSTemplateParams params = new CMSTemplateParams(header, fixed);
 
-        // set host name and port. 
+        // set host name and port.
         HttpServletRequest httpReq = cmsReq.getHttpReq();
         String host = httpReq.getServerName();
         int port = httpReq.getServerPort();
@@ -169,14 +169,14 @@ public class ImportCertsTemplateFiller implements ICMSTemplateFiller {
         if (replyTo != null)
             fixed.set("replyTo", replyTo);
 
-        // set user + CA cert chain and pkcs7 for MSIE. 
+        // set user + CA cert chain and pkcs7 for MSIE.
         X509CertImpl[] userChain = new X509CertImpl[cacerts.length + 1];
         int m = 1, n = 0;
 
         for (; n < cacerts.length; m++, n++)
             userChain[m] = (X509CertImpl) cacerts[n];
 
-        // certs. 
+        // certs.
         X509CertImpl[] certs = (X509CertImpl[]) cmsReq.getResult();
 
         // expose CRMF request id
@@ -190,7 +190,7 @@ public class ImportCertsTemplateFiller implements ICMSTemplateFiller {
             fixed.set(CRMF_REQID, crmfReqId);
         }
 
-        // set CA certs in cmmf, initialize CertRepContent 
+        // set CA certs in cmmf, initialize CertRepContent
         // note cartman can't trust ca certs yet but it'll import them.
         // also set cert nickname for cartman.
         CertRepContent certRepContent = null;
@@ -212,7 +212,7 @@ public class ImportCertsTemplateFiller implements ICMSTemplateFiller {
                 fixed.set(CERT_NICKNAME, certnickname);
         }
 
-        // make pkcs7 for MSIE 
+        // make pkcs7 for MSIE
         if (CMSServlet.clientIsMSIE(cmsReq.getHttpReq()) &&
                 (certType == null || certType.equals("client"))) {
             userChain[0] = certs[0];
@@ -308,7 +308,7 @@ public class ImportCertsTemplateFiller implements ICMSTemplateFiller {
                 p7Str = CMS.BtoA(p7Bytes);
                 repeat.addStringValue("pkcs7ChainBase64", p7Str);
             } catch (Exception ex) {
-                //p7Str = "PKCS#7 B64 Encoding error - " + ex.toString() 
+                //p7Str = "PKCS#7 B64 Encoding error - " + ex.toString()
                 //+ "; Please contact your administrator";
                 throw new ECMSGWException(
                         CMS.getUserMessage("CMS_GW_FORMING_PKCS7_ERROR"));
diff --git a/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java b/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
index b93a82fb8..4185113f4 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
@@ -58,7 +58,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Retrieve a paged list of certs matching the specified query
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ListCerts extends CMSServlet {
@@ -93,7 +93,7 @@ public class ListCerts extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "queryCert.template" to render the response
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -400,7 +400,7 @@ public class ListCerts extends CMSServlet {
         int toCurIndex = 0;
 
         if (!serialToVal.equals(MINUS_ONE)) {
-            // if user specify a range, we need to 
+            // if user specify a range, we need to
             // calculate the totalRecordCount
             tolist = (ICertRecordList) mCertDB.findCertRecordsInList(
                         filter,
@@ -456,7 +456,7 @@ public class ListCerts extends CMSServlet {
                 }
 
                 // DS has a problem where last record will be returned
-                // even though the filter is not matched. 
+                // even though the filter is not matched.
                 /*cfu -  is this necessary?  it breaks when paging up
                 if (curSerial.compareTo(sentinel) == -1) {
                 	com.netscape.certsrv.apps.CMS.debug("curSerial compare sentinel -1 break...");
diff --git a/base/common/src/com/netscape/cms/servlet/cert/Monitor.java b/base/common/src/com/netscape/cms/servlet/cert/Monitor.java
index ac531caca..7f626a83f 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/Monitor.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/Monitor.java
@@ -52,7 +52,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Provide statistical queries of request and certificate records.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class Monitor extends CMSServlet {
@@ -82,7 +82,7 @@ public class Monitor extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * 'monitor.template' to render the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
 
diff --git a/base/common/src/com/netscape/cms/servlet/cert/ReasonToRevoke.java b/base/common/src/com/netscape/cms/servlet/cert/ReasonToRevoke.java
index 0f21e1921..5b9cd7741 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/ReasonToRevoke.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/ReasonToRevoke.java
@@ -49,7 +49,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Specify the RevocationReason when revoking a certificate
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ReasonToRevoke extends CMSServlet {
@@ -75,7 +75,7 @@ public class ReasonToRevoke extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * 'reasonToRevoke.template' to render the response
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -112,7 +112,7 @@ public class ReasonToRevoke extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java b/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java
index 478df161d..2783656ae 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java
@@ -53,7 +53,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Allow agent to turn on/off authentication managers
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RemoteAuthConfig extends CMSServlet {
@@ -85,7 +85,7 @@ public class RemoteAuthConfig extends CMSServlet {
 
     /**
      * Initializes the servlet.
-     * 
+     *
      * Presence of "auths.enableRemoteConfiguration=true" in CMS.cfg
      * enables remote configuration for authentication plugins.
      * List of remotely set instances can be found in CMS.cfg
diff --git a/base/common/src/com/netscape/cms/servlet/cert/RenewalServlet.java b/base/common/src/com/netscape/cms/servlet/cert/RenewalServlet.java
index 223121577..3b2a8c3e9 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/RenewalServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/RenewalServlet.java
@@ -58,7 +58,7 @@ import com.netscape.cms.servlet.common.ICMSTemplateFiller;
 
 /**
  * Certificate Renewal
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RenewalServlet extends CMSServlet {
@@ -70,12 +70,12 @@ public class RenewalServlet extends CMSServlet {
     // renewal templates.
     public static final String RENEWAL_SUCCESS_TEMPLATE = "RenewalSuccess.template";
 
-    // http params 
+    // http params
     public static final String CERT_TYPE = "certType";
     public static final String SERIAL_NO = "serialNo";
-    // XXX can't do pkcs10 cause it's got no serial no. 
+    // XXX can't do pkcs10 cause it's got no serial no.
     // (unless put serial no in pki attributes)
-    // public static final String PKCS10 = "pkcs10";	
+    // public static final String PKCS10 = "pkcs10";
     public static final String IMPORT_CERT = "importCert";
 
     private String mRenewalSuccessTemplate = RENEWAL_SUCCESS_TEMPLATE;
@@ -89,7 +89,7 @@ public class RenewalServlet extends CMSServlet {
      * initialize the servlet. This servlet makes use of the
      * template file "RenewalSuccess.template" to render the
      * response
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -111,7 +111,7 @@ public class RenewalServlet extends CMSServlet {
                     mRenewalSuccessFiller = filler;
             }
         } catch (Exception e) {
-            // this should never happen. 
+            // this should never happen.
             log(ILogger.LL_FAILURE,
                     CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(),
                             mId));
@@ -121,7 +121,7 @@ public class RenewalServlet extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
@@ -130,12 +130,12 @@ public class RenewalServlet extends CMSServlet {
         IArgBlock httpParams = cmsReq.getHttpParams();
         HttpServletRequest httpReq = cmsReq.getHttpReq();
 
-        // renewal requires either: 
-        //  - coming from ee: 
-        //		- old cert from ssl client auth 
+        // renewal requires either:
+        //  - coming from ee:
+        //		- old cert from ssl client auth
         //		- old certs from auth manager
-        // 	- coming from agent or trusted RA: 
-        //  	- serial no of cert to be renewed. 
+        // 	- coming from agent or trusted RA:
+        //  	- serial no of cert to be renewed.
 
         BigInteger old_serial_no = null;
         X509CertImpl old_cert = null;
@@ -171,7 +171,7 @@ public class RenewalServlet extends CMSServlet {
                     authToken.getInString(AuthToken.TOKEN_AUTHMGR_INST_NAME);
         }
 
-        // coming from agent 
+        // coming from agent
         if (mAuthMgr != null && mAuthMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
             X509Certificate[] cert = new X509Certificate[1];
 
@@ -196,7 +196,7 @@ public class RenewalServlet extends CMSServlet {
             }
         } // coming from client
         else {
-            // from auth manager 
+            // from auth manager
             X509CertImpl[] cert = new X509CertImpl[1];
 
             old_serial_no = getCertFromAuthMgr(authToken, cert);
@@ -215,15 +215,15 @@ public class RenewalServlet extends CMSServlet {
                 req.setExtData(IRequest.OLD_CERTS,
                         new X509CertImpl[] { old_cert }
                         );
-                // create new certinfo from old_cert contents. 
+                // create new certinfo from old_cert contents.
                 X509CertInfo old_certInfo = (X509CertInfo)
                         ((X509CertImpl) old_cert).get(
                                 X509CertImpl.NAME + "." + X509CertImpl.INFO);
 
                 new_certInfo = new X509CertInfo(old_certInfo.getEncodedInfo());
             } else {
-                // if no old cert (came from RA agent) create new cert info 
-                // (serializable) to pass through policies. And set the old 
+                // if no old cert (came from RA agent) create new cert info
+                // (serializable) to pass through policies. And set the old
                 // serial number to pick up.
                 new_certInfo = new CertInfo();
                 new_certInfo.set(X509CertInfo.SERIAL_NUMBER,
@@ -256,7 +256,7 @@ public class RenewalServlet extends CMSServlet {
             saveAuthToken(authToken, req);
         cmsReq.setIRequest(req);
 
-        // send request to request queue. 
+        // send request to request queue.
         mRequestQueue.processRequest(req);
 
         // for audit log
@@ -271,7 +271,7 @@ public class RenewalServlet extends CMSServlet {
             initiative = AuditFormat.FROMUSER;
         }
 
-        // check resulting status 
+        // check resulting status
         RequestStatus status = req.getRequestStatus();
 
         if (status != RequestStatus.COMPLETE) {
@@ -320,7 +320,7 @@ public class RenewalServlet extends CMSServlet {
                                     "" }
                             );
                 }
-            } else { // other imcomplete status 
+            } else { // other imcomplete status
                 mLogger.log(ILogger.EV_AUDIT,
                         ILogger.S_OTHER,
                         AuditFormat.LEVEL,
@@ -338,7 +338,7 @@ public class RenewalServlet extends CMSServlet {
             return;
         }
 
-        // service error 
+        // service error
         Integer result = req.getExtDataInInteger(IRequest.RESULT);
 
         CMS.debug(
@@ -413,8 +413,8 @@ public class RenewalServlet extends CMSServlet {
                 );
         cmsReq.setStatus(CMSRequest.SUCCESS);
 
-        // check if cert should be imported. 
-        // browser must have input type set to nav or cartman since 
+        // check if cert should be imported.
+        // browser must have input type set to nav or cartman since
         // there's no other way to tell
 
         IArgBlock httpParams = cmsReq.getHttpParams();
diff --git a/base/common/src/com/netscape/cms/servlet/cert/RevocationServlet.java b/base/common/src/com/netscape/cms/servlet/cert/RevocationServlet.java
index 22aa29eda..2c1709145 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/RevocationServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/RevocationServlet.java
@@ -59,7 +59,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * Perform the first step in revoking a certificate
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RevocationServlet extends CMSServlet {
@@ -71,11 +71,11 @@ public class RevocationServlet extends CMSServlet {
     // revocation templates.
     private final static String TPL_FILE = "reasonToRevoke.template";
 
-    // http params 
+    // http params
     public static final String SERIAL_NO = "serialNo";
-    // XXX can't do pkcs10 cause it's got no serial no. 
+    // XXX can't do pkcs10 cause it's got no serial no.
     // (unless put serial no in pki attributes)
-    // public static final String PKCS10 = "pkcs10";	
+    // public static final String PKCS10 = "pkcs10";
     public static final String REASON_CODE = "reasonCode";
 
     private String mFormPath = null;
@@ -92,7 +92,7 @@ public class RevocationServlet extends CMSServlet {
      * initialize the servlet. This servlet uses
      * the template file "reasonToRevoke.template" to render the
      * result.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -131,7 +131,7 @@ public class RevocationServlet extends CMSServlet {
      * actually perform the certificate revocation. This is the first
      * step in the multi-step revocation process. (the next step is
      * in the ReasonToRevoke servlet.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
@@ -140,12 +140,12 @@ public class RevocationServlet extends CMSServlet {
         HttpServletRequest httpReq = cmsReq.getHttpReq();
         HttpServletResponse httpResp = cmsReq.getHttpResp();
 
-        // revocation requires either: 
-        //  - coming from ee: 
-        //		- old cert from ssl client auth 
+        // revocation requires either:
+        //  - coming from ee:
+        //		- old cert from ssl client auth
         //		- old certs from auth manager
-        // 	- coming from agent or trusted RA: 
-        //  	- serial no of cert to be revoked. 
+        // 	- coming from agent or trusted RA:
+        //  	- serial no of cert to be revoked.
 
         BigInteger old_serial_no = null;
         X509CertImpl old_cert = null;
@@ -186,7 +186,7 @@ public class RevocationServlet extends CMSServlet {
             return;
         }
 
-        // coming from agent 
+        // coming from agent
         if (mAuthMgr != null && mAuthMgr.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) {
             X509Certificate[] cert = new X509Certificate[1];
 
@@ -194,7 +194,7 @@ public class RevocationServlet extends CMSServlet {
             old_cert = (X509CertImpl) cert[0];
         } // coming from client
         else {
-            // from auth manager 
+            // from auth manager
             X509CertImpl[] cert = new X509CertImpl[1];
 
             old_serial_no = getCertFromAuthMgr(authToken, cert);
diff --git a/base/common/src/com/netscape/cms/servlet/cert/RevocationSuccessTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/cert/RevocationSuccessTemplateFiller.java
index cfc562d71..00941776c 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/RevocationSuccessTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/RevocationSuccessTemplateFiller.java
@@ -44,7 +44,7 @@ import com.netscape.cms.servlet.common.ICMSTemplateFiller;
  * - cert pretty print
  * - cert in base 64 encoding.
  * - cmmf blob to import
- * 
+ *
  * @version $Revision$, $Date$
  */
 class RevocationSuccessTemplateFiller implements ICMSTemplateFiller {
@@ -65,7 +65,7 @@ class RevocationSuccessTemplateFiller implements ICMSTemplateFiller {
         IArgBlock fixed = CMS.createArgBlock();
         CMSTemplateParams params = new CMSTemplateParams(null, fixed);
 
-        // set host name and port. 
+        // set host name and port.
         HttpServletRequest httpReq = cmsReq.getHttpReq();
         String host = httpReq.getServerName();
         int port = httpReq.getServerPort();
@@ -84,7 +84,7 @@ class RevocationSuccessTemplateFiller implements ICMSTemplateFiller {
         RevokedCertImpl[] revoked =
                 (RevokedCertImpl[]) cmsReq.getResult();
 
-        // revoked certs. 
+        // revoked certs.
         for (int i = 0; i < revoked.length; i++) {
             IArgBlock repeat = CMS.createArgBlock();
 
diff --git a/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java b/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
index 3602515c9..375265331 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
@@ -62,7 +62,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Search for certificates matching complex query filter
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SrchCerts extends CMSServlet {
@@ -96,7 +96,7 @@ public class SrchCerts extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses srchCert.template
      * to render the response
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/UpdateCRL.java b/base/common/src/com/netscape/cms/servlet/cert/UpdateCRL.java
index c0298d1e7..6be6d506c 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/UpdateCRL.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/UpdateCRL.java
@@ -61,7 +61,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Force the CRL to be updated now.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UpdateCRL extends CMSServlet {
@@ -109,7 +109,7 @@ public class UpdateCRL extends CMSServlet {
      * 
  • http.param clearCRLCache true/false - should the CRL cache cleared before the CRL is generated?
      * 
  • http.param crlIssuingPoint the CRL Issuing Point to Update
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java b/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
index 707e7ff5f..df0277b54 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
@@ -59,7 +59,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Update the configured LDAP server with specified objects
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class UpdateDir extends CMSServlet {
@@ -128,7 +128,7 @@ public class UpdateDir extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/model/CertificateData.java b/base/common/src/com/netscape/cms/servlet/cert/model/CertificateData.java
index 14c537098..30623ce61 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/model/CertificateData.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/model/CertificateData.java
@@ -24,7 +24,7 @@ import javax.xml.bind.annotation.XmlElement;
 
 /**
  * @author alee
- * 
+ *
  */
 @XmlRootElement(name = "CertificateData")
 @XmlAccessorType(XmlAccessType.FIELD)
diff --git a/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java b/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
index 90a48cb4e..421381441 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/scep/CRSEnrollment.java
@@ -126,12 +126,12 @@ import com.netscape.cmsutil.util.Utils;
  * This servlet deals with PKCS#10-based certificate requests from
  * CRS, now called SCEP, and defined at:
  * http://search.ietf.org/internet-drafts/draft-nourse-scep-02.txt
- * 
+ *
  * The router is hardcoded to look for the http://host:80/cgi-bin/pkiclient.exe
- * 
+ *
  * The HTTP parameters are 'operation' and 'message'
  * operation can be either 'GetCACert' or 'PKIOperation'
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CRSEnrollment extends HttpServlet {
@@ -319,13 +319,13 @@ public class CRSEnrollment extends HttpServlet {
     }
 
     /**
-     * 
+     *
      * Service a CRS Request. It all starts here. This is where the message from the
      * router is processed
-     * 
+     *
      * @param httpReq The HttpServletRequest.
      * @param httpResp The HttpServletResponse.
-     * 
+     *
      */
     public void service(HttpServletRequest httpReq,
                       HttpServletResponse httpResp)
@@ -500,7 +500,7 @@ public class CRSEnrollment extends HttpServlet {
              * ANY cert = new ANY(chain[i].getEncoded());
              * certs.addElement(cert);
              * }
-             * 
+             *
              * SignedData crsd = new SignedData(
              * new SET(), // empty set of digestAlgorithmID's
              * new ContentInfo(
@@ -510,14 +510,14 @@ public class CRSEnrollment extends HttpServlet {
              * null, // no CRL's
              * new SET() // empty SignerInfos
              * );
-             * 
+             *
              * ContentInfo wrap = new ContentInfo(ContentInfo.SIGNED_DATA, crsd);
-             * 
+             *
              * ByteArrayOutputStream baos = new ByteArrayOutputStream();
              * wrap.encode(baos);
-             * 
+             *
              * bytes = baos.toByteArray();
-             * 
+             *
              * httpResp.setContentType("application/x-x509-ca-ra-cert");
              *****/
 
@@ -902,17 +902,17 @@ public class CRSEnrollment extends HttpServlet {
                 CMS.debug("Processing PKCSReq");
                 try {
                     // Check if there is an existing request. If this returns non-null,
-                    // then the request is 'active' (either pending or completed) in 
+                    // then the request is 'active' (either pending or completed) in
                     // which case, we compare the hash of the new request to the hash of the
-                    // one in the queue - if they are the same, I return the state of the 
+                    // one in the queue - if they are the same, I return the state of the
                     // original request - as if it was 'getCertInitial' message.
                     // If the hashes are different, then the user attempted to enroll
-                    // for a new request with the same txid, which is not allowed - 
+                    // for a new request with the same txid, which is not allowed -
                     // so we return 'failure'.
 
                     IRequest cmsRequest = findRequestByTransactionID(req.getTransactionID(), true);
 
-                    // If there was no request (with a cert) with this transaction ID, 
+                    // If there was no request (with a cert) with this transaction ID,
                     // process it as a new request
 
                     cert = handlePKCSReq(httpReq, cmsRequest, req, crsResp, cx);
@@ -1006,15 +1006,15 @@ public class CRSEnrollment extends HttpServlet {
      * Called if the router is requesting us to send it its certificate
      * Examine request queue for a request matching the transaction ID.
      * Ignore any rejected or cancelled requests.
-     * 
+     *
      * If a request is found in the pending state, the response should be
      * 'pending'
-     * 
+     *
      * If a request is found in the completed state, the response should be
      * to return the certificate
-     * 
+     *
      * If no request is found, the response should be to return null
-     * 
+     *
      */
 
     public X509CertImpl handleGetCertInitial(CRSPKIMessage req, CRSPKIMessage resp) {
@@ -1053,7 +1053,7 @@ public class CRSEnrollment extends HttpServlet {
 
     /**
      * Create an entry for this user in the publishing directory
-     * 
+     *
      */
 
     private boolean createEntry(String dn) {
@@ -1096,7 +1096,7 @@ public class CRSEnrollment extends HttpServlet {
 
     /**
      * Here we decrypt the PKCS10 message from the client
-     * 
+     *
      */
 
     public void unwrapPKCS10(CRSPKIMessage req, CryptoContext cx)
@@ -1316,7 +1316,7 @@ public class CRSEnrollment extends HttpServlet {
                 req.put(SUBJECTNAME, subject);
 
             if (key == null || subject == null) {
-                // log 
+                // log
                 //throw new ERegistrationException(RegistrationResources.ERROR_MALFORMED_P10);
             }
 
@@ -1536,7 +1536,7 @@ public class CRSEnrollment extends HttpServlet {
         return null;
     }
 
-    //////   post the request 
+    //////   post the request
 
     /*
       needed:
@@ -1604,7 +1604,7 @@ public class CRSEnrollment extends HttpServlet {
             credentials.set("PWD", p10Password);
 
             if (authenticator == null) {
-                // XXX - to help caRouterCert to work, we need to 
+                // XXX - to help caRouterCert to work, we need to
                 // add authentication to caRouterCert
                 authToken = new AuthToken(null);
             } else {
@@ -1867,7 +1867,7 @@ public class CRSEnrollment extends HttpServlet {
 
             byte[] ed = crsResp.makeEnvelopedData(0);
 
-            // 7. Make Digest of SignedData Content 
+            // 7. Make Digest of SignedData Content
             MessageDigest md = MessageDigest.getInstance(mHashAlgorithm);
             msgdigest = md.digest(ed);
 
@@ -1898,7 +1898,7 @@ public class CRSEnrollment extends HttpServlet {
             // recipientNonce and SenderNonce have already been set
 
             crsResp.makeAuthenticatedAttributes();
-            //      crsResp.makeAuthenticatedAttributes_old();                  
+            //      crsResp.makeAuthenticatedAttributes_old();
 
             // now package up the rest of the SignerInfo
             {
diff --git a/base/common/src/com/netscape/cms/servlet/cert/scep/ChallengePassword.java b/base/common/src/com/netscape/cms/servlet/cert/scep/ChallengePassword.java
index ff55dc9ce..5c7ac856f 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/scep/ChallengePassword.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/scep/ChallengePassword.java
@@ -42,7 +42,7 @@ public class ChallengePassword implements CertAttrSet {
 
     /**
      * Get the password marshalled in this object
-     * 
+     *
      * @return the challenge password
      */
     public String toString() {
@@ -51,7 +51,7 @@ public class ChallengePassword implements CertAttrSet {
 
     /**
      * Create a ChallengePassword object
-     * 
+     *
      * @param stuff (must be of type byte[]) a DER-encoded by array following
      *            The ASN.1 template for ChallenegePassword specified in the SCEP
      *            documentation
@@ -103,7 +103,7 @@ public class ChallengePassword implements CertAttrSet {
 
     /**
      * Get an attribute of this object.
-     * 
+     *
      * @param name the name of the attribute of this object to get. The only
      *            supported attribute is "password"
      */
diff --git a/base/common/src/com/netscape/cms/servlet/cert/scep/ExtensionsRequested.java b/base/common/src/com/netscape/cms/servlet/cert/scep/ExtensionsRequested.java
index 85f3938b8..3cb88f3f8 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/scep/ExtensionsRequested.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/scep/ExtensionsRequested.java
@@ -94,7 +94,7 @@ public class ExtensionsRequested implements CertAttrSet {
 
     /**
      * construct - expects this in the inputstream (from the router):
-     * 
+     *
      * 211 30 31: SEQUENCE {
      * 213 06 10: OBJECT IDENTIFIER '2 16 840 1 113733 1 9 8'
      * 225 31 17: SET {
@@ -107,9 +107,9 @@ public class ExtensionsRequested implements CertAttrSet {
      * : }
      * : }
      * : }
-     * 
+     *
      * or this (from IRE client):
-     * 
+     *
      * 262 30 51: SEQUENCE {
      * 264 06 9: OBJECT IDENTIFIER extensionReq (1 2 840 113549 1 9 14)
      * 275 31 38: SET {
diff --git a/base/common/src/com/netscape/cms/servlet/common/AuthCredentials.java b/base/common/src/com/netscape/cms/servlet/common/AuthCredentials.java
index 88369ace3..f01d75c98 100644
--- a/base/common/src/com/netscape/cms/servlet/common/AuthCredentials.java
+++ b/base/common/src/com/netscape/cms/servlet/common/AuthCredentials.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.base.IArgBlock;
 /**
  * Authentication Credentials as input to the authMgr
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class AuthCredentials implements IAuthCredentials {
@@ -36,7 +36,7 @@ public class AuthCredentials implements IAuthCredentials {
      */
     private static final long serialVersionUID = -5995164231849154265L;
     private Hashtable authCreds = null;
-    // Inserted by bskim 
+    // Inserted by bskim
     private IArgBlock argblk = null;
 
     // Insert end
@@ -47,7 +47,7 @@ public class AuthCredentials implements IAuthCredentials {
 
     /**
      * sets a credential with credential name and the credential
-     * 
+     *
      * @param name credential name
      * @param cred credential
      * @exception com.netscape.certsrv.base.EBaseException NullPointerException
@@ -63,7 +63,7 @@ public class AuthCredentials implements IAuthCredentials {
     /**
      * returns the credential to which the specified name is mapped in this
      * credential set
-     * 
+     *
      * @param name credential name
      * @return the named authentication credential
      */
@@ -75,7 +75,7 @@ public class AuthCredentials implements IAuthCredentials {
      * removes the name and its corresponding credential from this
      * credential set. This method does nothing if the named
      * credential is not in the credential set.
-     * 
+     *
      * @param name credential name
      */
     public void delete(String name) {
@@ -86,7 +86,7 @@ public class AuthCredentials implements IAuthCredentials {
      * returns an enumeration of the credential names in this credential
      * set. Use the Enumeration methods on the returned object to
      * fetch the elements sequentially.
-     * 
+     *
      * @return an enumeration of the names in this credential set
      * @see java.util.Enumeration
      */
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSFile.java b/base/common/src/com/netscape/cms/servlet/common/CMSFile.java
index 4d7c4cdd6..7f73ce8d3 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSFile.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSFile.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * CMSFile represents a file from the filesystem cached in memory
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSFile {
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSFileLoader.java b/base/common/src/com/netscape/cms/servlet/common/CMSFileLoader.java
index 808bdda78..a8d753e7c 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSFileLoader.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSFileLoader.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.base.IConfigStore;
 
 /**
  * CMSFileLoader - file cache.
- * 
+ *
  * @version $Revision$, $Date$
  */
 
@@ -43,10 +43,10 @@ public class CMSFileLoader {
     // property to cache templates only
     public final String PROP_CACHE_TEMPLATES_ONLY = "cacheTemplatesOnly";
 
-    // hash of files to their content. 
+    // hash of files to their content.
     private Hashtable mLoadedFiles = new Hashtable();
 
-    // max number of files 
+    // max number of files
     private int mMaxSize = MAX_SIZE;
 
     // number of files to clear when max is reached.
@@ -84,14 +84,14 @@ public class CMSFileLoader {
     public byte[] get(File file, String enc) throws EBaseException, IOException {
         CMSFile cmsFile = getCMSFile(file, enc);
 
-        // Change end	    
+        // Change end
         return cmsFile.getContent();
     }
 
     // Changed by bskim
     //public CMSFile getCMSFile(File file) throws EBaseException, IOException {
     public CMSFile getCMSFile(File file, String enc) throws EBaseException, IOException {
-        // Change end	    
+        // Change end
         String absPath = file.getAbsolutePath();
         long modified = file.lastModified();
         CMSFile cmsFile = (CMSFile) mLoadedFiles.get(absPath);
@@ -100,7 +100,7 @@ public class CMSFileLoader {
         // new file.
         if (cmsFile == null || modified != lastModified) {
             // Changed by bskim
-            //cmsFile = updateFile(absPath, file); 
+            //cmsFile = updateFile(absPath, file);
             cmsFile = updateFile(absPath, file, enc);
             // Change end
         }
@@ -109,7 +109,7 @@ public class CMSFileLoader {
     }
 
     // Changed by bskim
-    //private CMSFile updateFile(String absPath, File file) 
+    //private CMSFile updateFile(String absPath, File file)
     private CMSFile updateFile(String absPath, File file, String enc)
             // Change end
             throws EBaseException, IOException {
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSGWResources.java b/base/common/src/com/netscape/cms/servlet/common/CMSGWResources.java
index 7ae242ae7..32264c01e 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSGWResources.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSGWResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for cms gateway.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSGateway.java b/base/common/src/com/netscape/cms/servlet/common/CMSGateway.java
index 20743022a..157d5e3d1 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSGateway.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSGateway.java
@@ -42,7 +42,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * This class is to hold some general method for servlets.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSGateway {
@@ -345,7 +345,7 @@ public class CMSGateway {
      * epoch value passed in. If there is no header, or there is a problem
      * parsing the value, or if the file has been modified this will return
      * true, indicating the file has changed.
-     * 
+     *
      * @param lastModified The time value in milliseconds past the epoch to
      *            compare the If-Modified-Since header to.
      */
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSLoadTemplate.java b/base/common/src/com/netscape/cms/servlet/common/CMSLoadTemplate.java
index 62276df14..4e3d3c0bc 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSLoadTemplate.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSLoadTemplate.java
@@ -19,7 +19,7 @@ package com.netscape.cms.servlet.common;
 
 /**
  * handy class containing cms templates to load & fill.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSLoadTemplate {
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSRequest.java b/base/common/src/com/netscape/cms/servlet/common/CMSRequest.java
index 256c01010..d7a32d340 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSRequest.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSRequest.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.request.RequestStatus;
 
 /**
  * This represents a user request.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSRequest {
@@ -58,7 +58,7 @@ public class CMSRequest {
     // http headers & other info.
     private HttpServletRequest mHttpReq = null;
 
-    // http response. 
+    // http response.
     private HttpServletResponse mHttpResp = null;
 
     // http servlet config.
@@ -67,7 +67,7 @@ public class CMSRequest {
     // http servlet context.
     private ServletContext mServletContext = null;
 
-    // permanent request in request queue. 
+    // permanent request in request queue.
     private IRequest mRequest = null;
 
     // whether request processed successfully
@@ -90,7 +90,7 @@ public class CMSRequest {
     public CMSRequest() {
     }
 
-    // set methods use by servlets. 
+    // set methods use by servlets.
 
     /**
      * set the HTTP parameters
@@ -132,7 +132,7 @@ public class CMSRequest {
         mServletConfig = servletConfig;
     }
 
-    /* 
+    /*
      * set the servlet context. the servletcontext has detail
      * about the currently running request
      */
@@ -142,7 +142,7 @@ public class CMSRequest {
 
     /**
      * Set request status.
-     * 
+     *
      * @param status request status. Allowed values are
      *            UNAUTHORIZED, SUCCESS, REJECTED, PENDING, ERROR, SVC_PENDING
      * @throws IllegalArgumentException if status is not one of the above values
@@ -235,7 +235,7 @@ public class CMSRequest {
         return reason;
     }
 
-    // handy routines for IRequest. 
+    // handy routines for IRequest.
 
     public void setExtData(String type, String value) {
         if (mRequest != null) {
@@ -251,7 +251,7 @@ public class CMSRequest {
         }
     }
 
-    // policy errors; set on rejection or possibly deferral. 
+    // policy errors; set on rejection or possibly deferral.
     public Vector getPolicyMessages() {
         if (mRequest != null) {
             return mRequest.getExtDataInStringVector(IRequest.ERRORS);
@@ -277,11 +277,11 @@ public class CMSRequest {
             mStatus = CMSRequest.SUCCESS;
             return;
         }
-        // unexpected resulting request status. 
+        // unexpected resulting request status.
         if (status == RequestStatus.REJECTED) {
             mStatus = CMSRequest.REJECTED;
             return;
-        } // pending or service pending. 
+        } // pending or service pending.
         else if (status == RequestStatus.PENDING) {
             mStatus = CMSRequest.PENDING;
             return;
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
index 317bddbcd..055a025b2 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.logging.ILogger;
  * <CMS_TEMPLATE> and replace the tag with
  * a series of javascript variable definitions
  * (depending on the servlet)
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSTemplate extends CMSFile {
@@ -76,7 +76,7 @@ public class CMSTemplate extends CMSFile {
 
     /**
      * Constructor
-     * 
+     *
      * @param file template file to load
      * @param charset character set
      * @throws IOException if the there was an error opening the file
@@ -146,7 +146,7 @@ public class CMSTemplate extends CMSFile {
     /**
      * Write a javascript representation of 'input'
      * surrounded by SCRIPT tags to the outputstream
-     * 
+     *
      * @param rout the outputstream to write to
      * @param input the parameters to write
      */
@@ -176,7 +176,7 @@ public class CMSTemplate extends CMSFile {
             out.println("var recordSet = new Array;");
             out.println("var result = new Object();");
 
-            // hack 
+            // hack
             out.println("var httpParamsCount = 0;");
             out.println("var httpHeadersCount = 0;");
             out.println("var authTokenCount = 0;");
@@ -253,7 +253,7 @@ public class CMSTemplate extends CMSFile {
     /**
      * Ouput the pre-amble HTML Header including
      * the pre-output buffer.
-     * 
+     *
      * @param out output stream specified
      * @return success or error
      */
@@ -275,7 +275,7 @@ public class CMSTemplate extends CMSFile {
     /**
      * Output the post HTML tags and post-output
      * buffer.
-     * 
+     *
      * @param out output stream specified
      * @return success or error
      */
@@ -294,7 +294,7 @@ public class CMSTemplate extends CMSFile {
         return mAbsPath;
     }
 
-    // inherit getabspath, getContent, get last access and set last access 
+    // inherit getabspath, getContent, get last access and set last access
 
     /*==========================================================
      * private methods
diff --git a/base/common/src/com/netscape/cms/servlet/common/CMSTemplateParams.java b/base/common/src/com/netscape/cms/servlet/common/CMSTemplateParams.java
index ce2c26c3c..50c5e824f 100644
--- a/base/common/src/com/netscape/cms/servlet/common/CMSTemplateParams.java
+++ b/base/common/src/com/netscape/cms/servlet/common/CMSTemplateParams.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IArgBlock;
 
 /**
  * Holds template parameters
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CMSTemplateParams {
diff --git a/base/common/src/com/netscape/cms/servlet/common/ECMSGWException.java b/base/common/src/com/netscape/cms/servlet/common/ECMSGWException.java
index e8b848f7d..2c24c112a 100644
--- a/base/common/src/com/netscape/cms/servlet/common/ECMSGWException.java
+++ b/base/common/src/com/netscape/cms/servlet/common/ECMSGWException.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * A class represents a CMS gateway exception.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ECMSGWException extends EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenErrorTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenErrorTemplateFiller.java
index 40edb3bda..29e106ae9 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenErrorTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenErrorTemplateFiller.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.base.IArgBlock;
 
 /**
  * Default error template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenErrorTemplateFiller implements ICMSTemplateFiller {
@@ -37,7 +37,7 @@ public class GenErrorTemplateFiller implements ICMSTemplateFiller {
 
     /**
      * fill error details and description if any.
-     * 
+     *
      * @param cmsReq the CMS Request.
      * @param authority the authority
      * @param locale the locale of template.
@@ -60,11 +60,11 @@ public class GenErrorTemplateFiller implements ICMSTemplateFiller {
             return null;
         }
 
-        // error 
+        // error
         String ex = cmsReq.getError();
 
         // Changed by beomsuk
-        /*if (ex == null) 
+        /*if (ex == null)
          ex = new EBaseException(CMS.getLogMessage("BASE_UNKNOWN_ERROR"));
          fixed.set(ICMSTemplateFiller.ERROR, ex.toString(locale));
          */
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java
index 1d479fef3..60b79a81e 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenPendingTemplateFiller.java
@@ -60,7 +60,7 @@ import com.netscape.certsrv.request.RequestId;
 
 /**
  * default Pending template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenPendingTemplateFiller implements ICMSTemplateFiller {
@@ -71,7 +71,7 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller {
 
     /**
      * fill error details and description if any.
-     * 
+     *
      * @param cmsReq CMS Request
      * @param authority this authority
      * @param locale locale of template.
@@ -92,7 +92,7 @@ public class GenPendingTemplateFiller implements ICMSTemplateFiller {
         if (sts != null)
             fixed.set(ICMSTemplateFiller.REQUEST_STATUS, sts.toString());
 
-        // request id 
+        // request id
         IRequest req = cmsReq.getIRequest();
 
         if (req != null) {
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenRejectedTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenRejectedTemplateFiller.java
index 9e75cc799..95631ba5e 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenRejectedTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenRejectedTemplateFiller.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * default Service Pending template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenRejectedTemplateFiller implements ICMSTemplateFiller {
@@ -60,7 +60,7 @@ public class GenRejectedTemplateFiller implements ICMSTemplateFiller {
             return null;
         }
 
-        // request id 
+        // request id
         IRequest req = cmsReq.getIRequest();
 
         if (req != null) {
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenSuccessTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenSuccessTemplateFiller.java
index f6de38412..bf164977d 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenSuccessTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenSuccessTemplateFiller.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.IArgBlock;
 
 /**
  * default Success template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenSuccessTemplateFiller implements ICMSTemplateFiller {
@@ -35,7 +35,7 @@ public class GenSuccessTemplateFiller implements ICMSTemplateFiller {
 
     /**
      * fill error details and description if any.
-     * 
+     *
      * @param cmsReq CMS Request
      * @param authority this authority
      * @param locale locale of template.
@@ -54,7 +54,7 @@ public class GenSuccessTemplateFiller implements ICMSTemplateFiller {
                 fixed.set(ICMSTemplateFiller.REQUEST_STATUS, sts.toString());
         }
 
-        // this authority 
+        // this authority
         if (authority != null)
             fixed.set(ICMSTemplateFiller.AUTHORITY,
                     authority.getOfficialName());
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenSvcPendingTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenSvcPendingTemplateFiller.java
index ec1b97779..275980cf1 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenSvcPendingTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenSvcPendingTemplateFiller.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * default Service Pending template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenSvcPendingTemplateFiller implements ICMSTemplateFiller {
@@ -37,7 +37,7 @@ public class GenSvcPendingTemplateFiller implements ICMSTemplateFiller {
 
     /**
      * fill error details and description if any.
-     * 
+     *
      * @param cmsReq CMS Request
      * @param authority this authority
      * @param locale locale of template.
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenUnauthorizedTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenUnauthorizedTemplateFiller.java
index cab1b36e6..48a4a54ea 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenUnauthorizedTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenUnauthorizedTemplateFiller.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.base.IArgBlock;
 
 /**
  * default Unauthorized template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenUnauthorizedTemplateFiller implements ICMSTemplateFiller {
@@ -35,7 +35,7 @@ public class GenUnauthorizedTemplateFiller implements ICMSTemplateFiller {
 
     /**
      * fill error details and description if any.
-     * 
+     *
      * @param cmsReq CMS Request
      * @param authority this authority
      * @param locale locale of template.
@@ -58,7 +58,7 @@ public class GenUnauthorizedTemplateFiller implements ICMSTemplateFiller {
         fixed.set(ICMSTemplateFiller.ERROR,
                 new ECMSGWException(CMS.getLogMessage("CMSGW_UNAUTHORIZED")));
 
-        // this authority 
+        // this authority
         if (authority != null)
             fixed.set(ICMSTemplateFiller.AUTHORITY,
                     authority.getOfficialName());
diff --git a/base/common/src/com/netscape/cms/servlet/common/GenUnexpectedErrorTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/GenUnexpectedErrorTemplateFiller.java
index 8b560d7bc..1d768a88f 100644
--- a/base/common/src/com/netscape/cms/servlet/common/GenUnexpectedErrorTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/GenUnexpectedErrorTemplateFiller.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.base.IArgBlock;
 
 /**
  * default unexpected error template filler
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GenUnexpectedErrorTemplateFiller implements ICMSTemplateFiller {
@@ -36,7 +36,7 @@ public class GenUnexpectedErrorTemplateFiller implements ICMSTemplateFiller {
 
     /**
      * fill error details and description if any.
-     * 
+     *
      * @param cmsReq CMS Request
      * @param authority this authority
      * @param locale locale of template.
@@ -49,8 +49,8 @@ public class GenUnexpectedErrorTemplateFiller implements ICMSTemplateFiller {
 
         // When an exception occurs the exit is non-local which probably
         // will leave the requestStatus value set to something other
-        // than CMSRequest.EXCEPTION, so force the requestStatus to 
-        // EXCEPTION since it must be that if we're here. 
+        // than CMSRequest.EXCEPTION, so force the requestStatus to
+        // EXCEPTION since it must be that if we're here.
         Integer sts = CMSRequest.EXCEPTION;
         if (cmsReq != null)
             cmsReq.setStatus(sts);
diff --git a/base/common/src/com/netscape/cms/servlet/common/ICMSTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/ICMSTemplateFiller.java
index 2d046f0ee..27bcf308d 100644
--- a/base/common/src/com/netscape/cms/servlet/common/ICMSTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/ICMSTemplateFiller.java
@@ -23,11 +23,11 @@ import com.netscape.certsrv.authority.IAuthority;
 
 /**
  * This interface represents a template filler.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface ICMSTemplateFiller {
-    // common template variables. 
+    // common template variables.
     public final static String ERROR = "errorDetails";
     public final static String ERROR_DESCR = "errorDescription";
     public final static String EXCEPTION = "unexpectedError";
diff --git a/base/common/src/com/netscape/cms/servlet/common/IRawJS.java b/base/common/src/com/netscape/cms/servlet/common/IRawJS.java
index 827f24f1d..e5714f727 100644
--- a/base/common/src/com/netscape/cms/servlet/common/IRawJS.java
+++ b/base/common/src/com/netscape/cms/servlet/common/IRawJS.java
@@ -19,7 +19,7 @@ package com.netscape.cms.servlet.common;
 
 /**
  * This represents raw JS parameters.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IRawJS {
diff --git a/base/common/src/com/netscape/cms/servlet/common/IndexTemplateFiller.java b/base/common/src/com/netscape/cms/servlet/common/IndexTemplateFiller.java
index 59c4a0fe4..ced916541 100644
--- a/base/common/src/com/netscape/cms/servlet/common/IndexTemplateFiller.java
+++ b/base/common/src/com/netscape/cms/servlet/common/IndexTemplateFiller.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.base.ISubsystem;
  * subsystems can be loaded into this kernel by specifying
  * parameters in the configuration store.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class IndexTemplateFiller implements ICMSTemplateFiller {
@@ -101,7 +101,7 @@ public class IndexTemplateFiller implements ICMSTemplateFiller {
             count++;
         }
         // information about what is selected is provided
-        // from the caller. This parameter (selected) is used 
+        // from the caller. This parameter (selected) is used
         // by header servlet
         try {
             header.addStringValue("selected",
diff --git a/base/common/src/com/netscape/cms/servlet/common/RawJS.java b/base/common/src/com/netscape/cms/servlet/common/RawJS.java
index f936e0757..03a4e7e2b 100644
--- a/base/common/src/com/netscape/cms/servlet/common/RawJS.java
+++ b/base/common/src/com/netscape/cms/servlet/common/RawJS.java
@@ -19,7 +19,7 @@ package com.netscape.cms.servlet.common;
 
 /**
  * This represents raw JS parameters.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RawJS implements IRawJS {
diff --git a/base/common/src/com/netscape/cms/servlet/common/ServletUtils.java b/base/common/src/com/netscape/cms/servlet/common/ServletUtils.java
index 5c16b8195..1d19a0b17 100644
--- a/base/common/src/com/netscape/cms/servlet/common/ServletUtils.java
+++ b/base/common/src/com/netscape/cms/servlet/common/ServletUtils.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.base.IConfigStore;
 
 /**
  * Utility class
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ServletUtils {
diff --git a/base/common/src/com/netscape/cms/servlet/connector/CloneServlet.java b/base/common/src/com/netscape/cms/servlet/connector/CloneServlet.java
index f9085a5bc..467cc1cf4 100644
--- a/base/common/src/com/netscape/cms/servlet/connector/CloneServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/connector/CloneServlet.java
@@ -60,7 +60,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
  * Clone servlet - part of the Clone Authority (CLA)
  * processes Revoked certs from its dependant clone CAs
  * service request and return status.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CloneServlet extends CMSServlet {
@@ -123,7 +123,7 @@ public class CloneServlet extends CMSServlet {
         IPKIMessage msg = null;
         IPKIMessage replymsg = null;
 
-        // NOTE must read all bufer before redoing handshake for 
+        // NOTE must read all bufer before redoing handshake for
         // ssl client auth for client auth to work.
 
         // get request method
@@ -152,8 +152,8 @@ public class CloneServlet extends CMSServlet {
 
         // force client auth handshake, validate clone CA (CCA)
         // and get CCA's Id.
-        // NOTE must do this after all contents are read for ssl 
-        // redohandshake to work 
+        // NOTE must do this after all contents are read for ssl
+        // redohandshake to work
 
         X509Certificate peerCert;
 
@@ -231,7 +231,7 @@ public class CloneServlet extends CMSServlet {
             // decode request.
             CMS.debug("Cloneservlet: before decoding request, encodedreq= " + encodedreq);
             msg = (IPKIMessage) mReqEncoder.decode(encodedreq);
-            // process request 
+            // process request
             CMS.debug("Cloneservlet: decoded request");
             replymsg = processRequest(CCA_Id, CCAUserId, msg, token);
         } catch (IOException e) {
@@ -247,7 +247,7 @@ public class CloneServlet extends CMSServlet {
             return;
         }
 
-        // encode reply 
+        // encode reply
         String encodedrep = mReqEncoder.encode(replymsg);
 
         resp.setStatus(HttpServletResponse.SC_OK);
@@ -269,9 +269,9 @@ public class CloneServlet extends CMSServlet {
             X509Certificate peerCert)
             throws EBaseException {
         try {
-            // XXX using agent authentication now since we're only 
-            // verifying that the cert belongs to a user in the db. 
-            // XXX change this to ACL in the future. 
+            // XXX using agent authentication now since we're only
+            // verifying that the cert belongs to a user in the db.
+            // XXX change this to ACL in the future.
 
             // build JAVA X509Certificate from peerCert.
             X509CertImpl cert = new X509CertImpl(peerCert.getEncoded());
@@ -417,10 +417,10 @@ public class CloneServlet extends CMSServlet {
                 // Get the certificate(s) from the request
                 X509CertImpl issuedCerts[] =
                 (X509CertImpl[])thisreq.get(IRequest.ISSUED_CERTS);
-                // return potentially more than one certificates. 
+                // return potentially more than one certificates.
                 if (issuedCerts != null) {
                 for (int i = 0; i < issuedCerts.length; i++) {
-                mLogger.log(ILogger.EV_AUDIT, 
+                mLogger.log(ILogger.EV_AUDIT,
                 ILogger.S_OTHER,
                 AuditFormat.LEVEL,
                 AuditFormat.FORMAT,
@@ -436,7 +436,7 @@ public class CloneServlet extends CMSServlet {
                 );
                 }
                 } else {
-                mLogger.log(ILogger.EV_AUDIT, 
+                mLogger.log(ILogger.EV_AUDIT,
                 ILogger.S_OTHER,
                 AuditFormat.LEVEL,
                 AuditFormat.NODNFORMAT,
@@ -458,7 +458,7 @@ public class CloneServlet extends CMSServlet {
                 AuditFormat.LEVEL,
                 AuditFormat.RENEWALFORMAT,
                 new Object[] {
-                thisreq.getRequestId(), 
+                thisreq.getRequestId(),
                 initiative ,
                 authMgr ,
                 "completed",
@@ -468,7 +468,7 @@ public class CloneServlet extends CMSServlet {
                 renewed_cert.getSerialNumber().toString(16)}
                 );
                 } else {
-                mLogger.log(ILogger.EV_AUDIT, 
+                mLogger.log(ILogger.EV_AUDIT,
                 ILogger.S_OTHER,
                 AuditFormat.LEVEL,
                 AuditFormat.NODNFORMAT,
@@ -492,7 +492,7 @@ public class CloneServlet extends CMSServlet {
                 Extension ext = (Extension) enum.nextElement();
                 if (ext instanceof CRLReasonExtension) {
                 reason = ((CRLReasonExtension)ext).getReason().toInt
-                ();							
+                ();
                 break;
                 }
                 }
@@ -502,7 +502,7 @@ public class CloneServlet extends CMSServlet {
                 Integer result = (Integer)thisreq.get(IRequest.RESULT);
                 if (result.equals(IRequest.RES_ERROR)) {
                 EBaseException ex = (EBaseException)thisreq.get(IRequest.ERROR);
-                EBaseException[] svcErrors = 
+                EBaseException[] svcErrors =
                 (EBaseException[])thisreq.get(IRequest.SVCERRORS);
                 if (svcErrors != null && svcErrors.length > 0) {
                 for (int i = 0; i < svcErrors.length; i++) {
@@ -515,7 +515,7 @@ public class CloneServlet extends CMSServlet {
                 AuditFormat.LEVEL,
                 AuditFormat.DOREVOKEFORMAT,
                 new Object[] {
-                thisreq.getRequestId(), 
+                thisreq.getRequestId(),
                 initiative ,
                 "completed with error: " +
                 err.toString() ,
@@ -536,7 +536,7 @@ public class CloneServlet extends CMSServlet {
                 AuditFormat.LEVEL,
                 AuditFormat.DOREVOKEFORMAT,
                 new Object[] {
-                thisreq.getRequestId(), 
+                thisreq.getRequestId(),
                 initiative ,
                 "completed" ,
                 oldCerts[j].getSubjectDN() ,
@@ -547,7 +547,7 @@ public class CloneServlet extends CMSServlet {
                 }
                 }
                 } else {
-                mLogger.log(ILogger.EV_AUDIT, 
+                mLogger.log(ILogger.EV_AUDIT,
                 ILogger.S_OTHER,
                 AuditFormat.LEVEL,
                 AuditFormat.NODNFORMAT,
diff --git a/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java b/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java
index e8d4f898f..c566753b6 100644
--- a/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java
@@ -76,7 +76,7 @@ import com.netscape.cmsutil.util.Utils;
  * Connector servlet
  * process requests from remote authority -
  * service request or return status.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ConnectorServlet extends CMSServlet {
@@ -158,7 +158,7 @@ public class ConnectorServlet extends CMSServlet {
         IPKIMessage msg = null;
         IPKIMessage replymsg = null;
 
-        // NOTE must read all bufer before redoing handshake for 
+        // NOTE must read all bufer before redoing handshake for
         // ssl client auth for client auth to work.
 
         // get request method
@@ -186,8 +186,8 @@ public class ConnectorServlet extends CMSServlet {
         }
 
         // force client auth handshake, validate RA and get RA's Id.
-        // NOTE must do this after all contents are read for ssl 
-        // redohandshake to work 
+        // NOTE must do this after all contents are read for ssl
+        // redohandshake to work
 
         X509Certificate peerCert;
 
@@ -206,7 +206,7 @@ public class ConnectorServlet extends CMSServlet {
             return;
         }
 
-        // authenticate RA 
+        // authenticate RA
 
         String RA_Id = null;
         String raUserId = null;
@@ -260,7 +260,7 @@ public class ConnectorServlet extends CMSServlet {
         try {
             // decode request.
             msg = (IPKIMessage) mReqEncoder.decode(encodedreq);
-            // process request 
+            // process request
             replymsg = processRequest(RA_Id, raUserId, msg, token);
         } catch (IOException e) {
             CMS.debug("ConnectorServlet: service " + e.toString());
@@ -283,7 +283,7 @@ public class ConnectorServlet extends CMSServlet {
 
         CMS.debug("ConnectorServlet: done processRequest");
 
-        // encode reply 
+        // encode reply
         try {
             String encodedrep = mReqEncoder.encode(replymsg);
 
@@ -373,7 +373,7 @@ public class ConnectorServlet extends CMSServlet {
                 CMS.getSubsystem("profile");
         IEnrollProfile profile = null;
 
-        // profile subsystem may not be available. In case of KRA for 
+        // profile subsystem may not be available. In case of KRA for
         // example
         if (ps == null) {
             CMS.debug("ConnectorServlet: Profile Subsystem not found ");
@@ -394,13 +394,13 @@ public class ConnectorServlet extends CMSServlet {
     /**
      * Process request
      * 
    
-     * 
+     *
      * (Certificate Request - all "agent" profile cert requests made through a connector)
      * 
    
-     * 
+     *
      * (Certificate Request Processed - all automated "agent" profile based cert acceptance made through a connector)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before
      * approval process)
@@ -409,7 +409,7 @@ public class ConnectorServlet extends CMSServlet {
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is
      * successful (this is used when data does not need to be captured)
      * 
    
-     * 
+     *
      * @param source string containing source
      * @param sourceUserId string containing source user ID
      * @param msg PKI message
@@ -753,7 +753,7 @@ public class ConnectorServlet extends CMSServlet {
                             x509Certs =
                                     thisreq.getExtDataInCertArray(IRequest.ISSUED_CERTS);
 
-                        // return potentially more than one certificates. 
+                        // return potentially more than one certificates.
                         if (x509Certs != null) {
                             for (int i = 0; i < x509Certs.length; i++) {
                                 mLogger.log(ILogger.EV_AUDIT,
@@ -1003,11 +1003,11 @@ public class ConnectorServlet extends CMSServlet {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
@@ -1027,12 +1027,12 @@ public class ConnectorServlet extends CMSServlet {
 
     /**
      * Signed Audit Log Profile ID
-     * 
+     *
      * This method is inherited by all extended "EnrollProfile"s,
      * and is called to obtain the "ProfileID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message ProfileID
      */
     protected String auditProfileID() {
@@ -1054,11 +1054,11 @@ public class ConnectorServlet extends CMSServlet {
 
     /**
      * Signed Audit Log Info Certificate Value
-     * 
+     *
      * This method is called to obtain the certificate from the passed in
      * "X509CertImpl" for a signed audit log message.
      * 
    
-     * 
+     *
      * @param request a Request containing an X509CertImpl
      * @return cert string containing the certificate
      */
diff --git a/base/common/src/com/netscape/cms/servlet/connector/GenerateKeyPairServlet.java b/base/common/src/com/netscape/cms/servlet/connector/GenerateKeyPairServlet.java
index bb787c7ad..597b50741 100644
--- a/base/common/src/com/netscape/cms/servlet/connector/GenerateKeyPairServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/connector/GenerateKeyPairServlet.java
@@ -42,7 +42,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
  * GenerateKeyPairServlet
  * handles "server-side key pair generation" requests from the
  * netkey RA.
- * 
+ *
  * @author Christina Fu (cfu)
  * @version $Revision$, $Date$
  */
@@ -64,7 +64,7 @@ public class GenerateKeyPairServlet extends CMSServlet {
 
     /**
      * Constructs GenerateKeyPair servlet.
-     * 
+     *
      */
     public GenerateKeyPairServlet() {
         super();
@@ -84,7 +84,7 @@ public class GenerateKeyPairServlet extends CMSServlet {
 
     /**
      * Returns serlvet information.
-     * 
+     *
      * @return name of this servlet
      */
     public String getServletInfo() {
@@ -94,7 +94,7 @@ public class GenerateKeyPairServlet extends CMSServlet {
     /*
      * processServerSideKeyGen -
      *   handles netkey DRM serverside keygen.
-     * netkey operations: 
+     * netkey operations:
      *  1. generate keypair (archive user priv key)
      *  2. unwrap des key with transport key, then url decode it
      *  3. wrap user priv key with des key
@@ -219,8 +219,8 @@ public class GenerateKeyPairServlet extends CMSServlet {
         }
     }
 
-    /* 
-    
+    /*
+
      *   For GenerateKeyPair:
      *
      *   input:
@@ -277,9 +277,9 @@ public class GenerateKeyPairServlet extends CMSServlet {
 
     /**
      * XXX remember tocheck peer SSL cert and get RA id later
-     * 
+     *
      * Serves HTTP admin request.
-     * 
+     *
      * @param req HTTP request
      * @param resp HTTP response
      */
diff --git a/base/common/src/com/netscape/cms/servlet/connector/TokenKeyRecoveryServlet.java b/base/common/src/com/netscape/cms/servlet/connector/TokenKeyRecoveryServlet.java
index 337b24259..0f79d6394 100644
--- a/base/common/src/com/netscape/cms/servlet/connector/TokenKeyRecoveryServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/connector/TokenKeyRecoveryServlet.java
@@ -42,7 +42,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
  * TokenKeyRecoveryServlet
  * handles "key recovery service" requests from the
  * netkey TPS
- * 
+ *
  * @author Christina Fu (cfu)
  * @version $Revision$, $Date$
  */
@@ -63,7 +63,7 @@ public class TokenKeyRecoveryServlet extends CMSServlet {
 
     /**
      * Constructs TokenKeyRecovery servlet.
-     * 
+     *
      */
     public TokenKeyRecoveryServlet() {
         super();
@@ -83,7 +83,7 @@ public class TokenKeyRecoveryServlet extends CMSServlet {
 
     /**
      * Returns serlvet information.
-     * 
+     *
      * @return name of this servlet
      */
     public String getServletInfo() {
@@ -92,7 +92,7 @@ public class TokenKeyRecoveryServlet extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param s The URL to decode
      */
     protected String URLdecode(String s) {
@@ -127,7 +127,7 @@ public class TokenKeyRecoveryServlet extends CMSServlet {
      *                            wrapped with DRM transport key
      *  cert - the user cert corresponding to the key to be recovered
      *
-     * operations: 
+     * operations:
      *  1. unwrap des key with transport key, then url decode it
      *  2. retrieve user private key
      *  3. wrap user priv key with des key
@@ -269,7 +269,7 @@ public class TokenKeyRecoveryServlet extends CMSServlet {
         }
     }
 
-    /* 
+    /*
      *   For TokenKeyRecovery
      *
      *   input:
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
index 1f5a3327c..a3d933993 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
@@ -578,7 +578,7 @@ public class AdminPanel extends WizardPanelBase {
             }
             // this request is from IE. The VBScript has problem of generating
             // certificate request if the subject name has E and UID components.
-            // For now, we always hardcoded the subject DN to be cn=NAME in 
+            // For now, we always hardcoded the subject DN to be cn=NAME in
             // the IE browser.
         } else if (cert_request_type.equals("pkcs10")) {
             try {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java b/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
index 2e7682e08..e6b5f3c13 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
@@ -67,7 +67,7 @@ public class BaseServlet extends VelocityServlet {
         while (paramNames.hasMoreElements()) {
             String pn = paramNames.nextElement();
             // added this facility so that password can be hidden,
-            // all sensitive parameters should be prefixed with 
+            // all sensitive parameters should be prefixed with
             // __ (double underscores); however, in the event that
             // a security parameter slips through, we perform multiple
             // additional checks to insure that it is NOT displayed
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java
index e956edebe..71703c888 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java
@@ -490,10 +490,10 @@ public class CertUtil {
         }
 
         if (req != null) {
-            // update request with cert 
+            // update request with cert
             req.setExtData(IEnrollProfile.REQUEST_ISSUED_CERT, cert);
 
-            // store request in db 
+            // store request in db
             try {
                 CMS.debug("certUtil: before updateRequest");
                 if (queue != null) {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java b/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java
index 52a98d540..9a780cca8 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java
@@ -50,7 +50,7 @@ public class CheckIdentity extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -61,7 +61,7 @@ public class CheckIdentity extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
index dbda788f6..41249fa97 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
@@ -63,7 +63,7 @@ public abstract class ConfigBaseServlet extends BaseServlet {
         while (paramNames.hasMoreElements()) {
             String pn = paramNames.nextElement();
             // added this facility so that password can be hidden,
-            // all sensitive parameters should be prefixed with 
+            // all sensitive parameters should be prefixed with
             // __ (double underscores); however, in the event that
             // a security parameter slips through, we perform multiple
             // additional checks to insure that it is NOT displayed
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
index 82c45d1cd..ed2e4a22c 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
@@ -977,7 +977,7 @@ public class DatabasePanel extends WizardPanelBase {
 
         String remove = HttpInput.getID(request, "removeData");
         if (isPanelDone() && (remove == null || remove.equals(""))) {
-            /* if user submits the same data, they just want to skip 
+            /* if user submits the same data, they just want to skip
                to the next panel, no database population is required. */
             if (hostname1.equals(hostname2) &&
                     portStr1.equals(portStr2) &&
@@ -1055,7 +1055,7 @@ public class DatabasePanel extends WizardPanelBase {
                             (secure.equals("on") ? "true" : "false"));
             importLDIFS("preop.internaldb.post_ldif", conn);
 
-            /* For vlvtask, we need to check if the task has 
+            /* For vlvtask, we need to check if the task has
                been completed or not.  Presence of nsTaskExitCode means task is complete
              */
             String wait_dn = cs.getString("preop.internaldb.wait_dn", "");
@@ -1369,7 +1369,7 @@ public class DatabasePanel extends WizardPanelBase {
             conn.add(entry);
         } catch (LDAPException e) {
             if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS) {
-                /* BZ 470918 -we cant just add the new dn.  We need to do a replace instead 
+                /* BZ 470918 -we cant just add the new dn.  We need to do a replace instead
                  * until the DS code is fixed */
                 CMS.debug("DatabasePanel enableReplication: " + replicadn + " has already been used");
 
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java
index c6db8a8b7..19edff7ba 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java
@@ -117,7 +117,7 @@ public class DisplayCertChainPanel extends WizardPanelBase {
             Context context) {
         CMS.debug("DisplayCertChainPanel: display");
 
-        // update session id 
+        // update session id
         String session_id = request.getParameter("session_id");
         if (session_id != null) {
             CMS.debug("DisplayCertChainPanel setting session id.");
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
index 6d0e92618..7729ea40e 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
@@ -167,7 +167,7 @@ public class DonePanel extends WizardPanelBase {
             Context context) {
         CMS.debug("DonePanel: display()");
 
-        // update session id 
+        // update session id
         String session_id = request.getParameter("session_id");
         if (session_id != null) {
             CMS.debug("NamePanel setting session id.");
@@ -326,7 +326,7 @@ public class DonePanel extends WizardPanelBase {
                 }
 
                 try {
-                    // Add this host (only CA can create new domain) 
+                    // Add this host (only CA can create new domain)
                     String cn = ownhost + ":" + ownadminsport;
                     String dn = "cn=" + cn + ",cn=CAList,ou=Security Domain," + basedn;
                     LDAPEntry entry = null;
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java b/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java
index 094aa7166..808cfa523 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java
@@ -50,7 +50,7 @@ public class DownloadPKCS12 extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java
index 02fbd7643..c956e733a 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java
@@ -54,7 +54,7 @@ public class GetCertChain extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -67,7 +67,7 @@ public class GetCertChain extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java
index 33d82e9b8..a9de5a54e 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java
@@ -59,7 +59,7 @@ public class GetConfigEntries extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -73,7 +73,7 @@ public class GetConfigEntries extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
index e6810ff42..e16f99f4f 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
@@ -67,7 +67,7 @@ public class GetCookie extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -84,7 +84,7 @@ public class GetCookie extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java
index 999f13815..fc13382c9 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java
@@ -61,7 +61,7 @@ public class GetDomainXML extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -76,7 +76,7 @@ public class GetDomainXML extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
@@ -115,14 +115,14 @@ public class GetDomainXML extends CMSServlet {
                     connFactory.init(ldapConfig);
                     conn = connFactory.getConn();
 
-                    // get the security domain name 
+                    // get the security domain name
                     String secdomain = (String) conn.read(dn).getAttribute("name").getStringValues().nextElement();
 
                     XMLObject xmlObj = new XMLObject();
                     Node domainInfo = xmlObj.createRoot("DomainInfo");
                     xmlObj.addItemToContainer(domainInfo, "Name", secdomain);
 
-                    // this should return CAList, KRAList etc. 
+                    // this should return CAList, KRAList etc.
                     LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter,
                             attrs, true, cons);
 
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java
index 4dc6f0ff6..21baefcb0 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java
@@ -50,7 +50,7 @@ public class GetStatus extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -59,7 +59,7 @@ public class GetStatus extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
index 288cfad60..85f274404 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
@@ -53,7 +53,7 @@ public class GetSubsystemCert extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java
index f97d3e5e1..28c3b242d 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java
@@ -51,7 +51,7 @@ public class GetTokenInfo extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -65,7 +65,7 @@ public class GetTokenInfo extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java
index 87a1788d6..847ca3486 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java
@@ -61,7 +61,7 @@ public class GetTransportCert extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java
index 9044dec04..b42bdb7de 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java
@@ -56,7 +56,7 @@ public class HierarchyPanel extends WizardPanelBase {
 
     public boolean shouldSkip() {
 
-        // we dont need to ask the hierachy if we are 
+        // we dont need to ask the hierachy if we are
         // setting up a clone
         try {
             IConfigStore c = CMS.getConfigStore();
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java
index 93c26cdf3..a12bb164f 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java
@@ -128,7 +128,7 @@ public class ImportAdminCertPanel extends WizardPanelBase {
         if (ca == null) {
             if (type.equals("otherca")) {
                 try {
-                    // this is a non-CA system that has elected to have its certificates 
+                    // this is a non-CA system that has elected to have its certificates
                     // signed by a CA outside of the security domain.
                     // in this case, we submitted the cert request for the admin cert to
                     // to security domain host.
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java b/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java
index 66ca8a8bf..dd648e8c5 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java
@@ -60,7 +60,7 @@ public class ImportTransportCert extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java b/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java
index 1c67654b4..7732a9a3c 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java
@@ -39,7 +39,7 @@ public class ModuleServlet extends BaseServlet {
      * "preop.module=soft"
      * or
      * "preop.module=hard"
-     * 
+     *
      * 
      
      * 
    • http.param selection "soft" or "hard" for software token or hardware token
      * 
    
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java
index 916ab199b..cb37ef76d 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java
@@ -165,7 +165,7 @@ public class NamePanel extends WizardPanelBase {
         CMS.debug("NamePanel: display()");
         context.put("title", "Subject Names");
 
-        // update session id 
+        // update session id
         String session_id = request.getParameter("session_id");
         if (session_id != null) {
             CMS.debug("NamePanel setting session id.");
@@ -337,7 +337,7 @@ public class NamePanel extends WizardPanelBase {
         } // while
     }
 
-    /* 
+    /*
      * update some parameters for clones
      */
     public void updateCloneConfig(IConfigStore config)
@@ -868,7 +868,7 @@ public class NamePanel extends WizardPanelBase {
                     System.err.println("Exception caught: " + e.toString());
                 }
 
-            } // while 
+            } // while
             if (hasErr == false) {
                 config.putBoolean("preop.NamePanel.done", true);
                 config.commit(false);
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java b/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
index 0042cdb5a..2f6238304 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
@@ -75,7 +75,7 @@ public class RegisterUser extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
index 54a5ed3f6..506abdd70 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
@@ -194,7 +194,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase {
         if (!tokenname.equals("Internal Key Storage Token"))
             return;
 
-        // Path can be empty. If this case, we just want to 
+        // Path can be empty. If this case, we just want to
         // get to the next panel. Customer has HSM.
         String s = HttpInput.getString(request, "path");
         // if (s == null || s.equals("")) {
@@ -450,7 +450,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase {
                         s1.append(",");
                     s1.append("ca.connector.KRA");
                 }
-                
+
                 s1.append(",internaldb,internaldb.ldapauth,internaldb.ldapconn");
 
                 content =
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java
index f3a4169e8..a36db6439 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java
@@ -352,7 +352,7 @@ public class SecurityDomainPanel extends WizardPanelBase {
             config.putString("securitydomain.httpsadminport",
                     CMS.getAdminPort());
 
-            // make sure the subsystem certificate is issued by the security  
+            // make sure the subsystem certificate is issued by the security
             // domain
             config.putString("preop.cert.subsystem.type", "local");
             config.putString("preop.cert.subsystem.profile", "subsystemCert.profile");
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java
index bd557fa7a..e1217a460 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java
@@ -414,7 +414,7 @@ public class SizePanel extends WizardPanelBase {
             CMS.debug("SizePanel: update() Exception caught: " + e.toString());
         }
 
-        // generate key pair 
+        // generate key pair
         Enumeration c = mCerts.elements();
 
         while (c.hasMoreElements()) {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java b/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java
index 2372b3094..4c6338751 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java
@@ -51,7 +51,7 @@ public class TokenAuthenticate extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -60,7 +60,7 @@ public class TokenAuthenticate extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java
index f3df51bd1..2698da7d9 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java
@@ -60,7 +60,7 @@ public class UpdateConnector extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java
index a2b6ebc72..5dd05b2cd 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java
@@ -73,7 +73,7 @@ public class UpdateDomainXML extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -196,7 +196,7 @@ public class UpdateDomainXML extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
@@ -455,7 +455,7 @@ public class UpdateDomainXML extends CMSServlet {
                     parser.addItemToContainer(parent, "Clone", clone.toUpperCase());
                     count++;
                 }
-                //update count 
+                //update count
 
                 String countS = "";
                 NodeList nlist = n.getChildNodes();
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java
index 894afa5ff..ff3666f2a 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java
@@ -62,7 +62,7 @@ public class UpdateNumberRange extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -77,7 +77,7 @@ public class UpdateNumberRange extends CMSServlet {
      * 
  • http.param op 'downloadBIN' - return the binary certificate chain
      * 
  • http.param op 'displayIND' - display pretty-print of certificate chain components
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
@@ -158,7 +158,7 @@ public class UpdateNumberRange extends CMSServlet {
             }
 
             // checkRanges for replicaID - we do this each time a replica is created.
-            // This needs to be done beforehand to ensure that we always have enough 
+            // This needs to be done beforehand to ensure that we always have enough
             // replica numbers
             if (type.equals("replicaId")) {
                 CMS.debug("Checking replica number ranges");
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java
index 2d3e33f9a..30e0b0fce 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java
@@ -56,7 +56,7 @@ public class UpdateOCSPConfig extends CMSServlet {
 
     /**
      * initialize the servlet.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/key/ConfirmRecoverBySerial.java b/base/common/src/com/netscape/cms/servlet/key/ConfirmRecoverBySerial.java
index 59b01f26a..aa51ec35f 100644
--- a/base/common/src/com/netscape/cms/servlet/key/ConfirmRecoverBySerial.java
+++ b/base/common/src/com/netscape/cms/servlet/key/ConfirmRecoverBySerial.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
  * shows key information and presents a list of text boxes
  * so that recovery agents can type in their identifiers
  * and passwords.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ConfirmRecoverBySerial extends CMSServlet {
@@ -105,7 +105,7 @@ public class ConfirmRecoverBySerial extends CMSServlet {
     public void process(CMSRequest cmsReq) throws EBaseException {
 
         // Note that we should try to handle all the exceptions
-        // instead of passing it up back to the servlet 
+        // instead of passing it up back to the servlet
         // framework.
 
         HttpServletRequest req = cmsReq.getHttpReq();
diff --git a/base/common/src/com/netscape/cms/servlet/key/DisplayBySerial.java b/base/common/src/com/netscape/cms/servlet/key/DisplayBySerial.java
index 8876d9350..e414dde9a 100644
--- a/base/common/src/com/netscape/cms/servlet/key/DisplayBySerial.java
+++ b/base/common/src/com/netscape/cms/servlet/key/DisplayBySerial.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Display a specific Key Archival Request
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayBySerial extends CMSServlet {
@@ -76,7 +76,7 @@ public class DisplayBySerial extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "displayBySerial.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -101,7 +101,7 @@ public class DisplayBySerial extends CMSServlet {
      * 
      
      * 
    • http.param serialNumber serial number of the key archival request
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -141,7 +141,7 @@ public class DisplayBySerial extends CMSServlet {
         }
 
         // Note that we should try to handle all the exceptions
-        // instead of passing it up back to the servlet 
+        // instead of passing it up back to the servlet
         // framework.
 
         IArgBlock header = CMS.createArgBlock();
diff --git a/base/common/src/com/netscape/cms/servlet/key/DisplayBySerialForRecovery.java b/base/common/src/com/netscape/cms/servlet/key/DisplayBySerialForRecovery.java
index 29cc2b3b3..9bc1c1b4f 100644
--- a/base/common/src/com/netscape/cms/servlet/key/DisplayBySerialForRecovery.java
+++ b/base/common/src/com/netscape/cms/servlet/key/DisplayBySerialForRecovery.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Display a Specific Key Archival Request, and initiate
  * key recovery process
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayBySerialForRecovery extends CMSServlet {
@@ -78,7 +78,7 @@ public class DisplayBySerialForRecovery extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "displayBySerialForRecovery.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -103,7 +103,7 @@ public class DisplayBySerialForRecovery extends CMSServlet {
      * 
  • http.param serialNumber request ID of key archival request
      * 
  • http.param publicKeyData
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -143,7 +143,7 @@ public class DisplayBySerialForRecovery extends CMSServlet {
         }
 
         // Note that we should try to handle all the exceptions
-        // instead of passing it up back to the servlet 
+        // instead of passing it up back to the servlet
         // framework.
 
         IArgBlock header = CMS.createArgBlock();
diff --git a/base/common/src/com/netscape/cms/servlet/key/DisplayTransport.java b/base/common/src/com/netscape/cms/servlet/key/DisplayTransport.java
index dd224cc8a..5c0fc73e9 100644
--- a/base/common/src/com/netscape/cms/servlet/key/DisplayTransport.java
+++ b/base/common/src/com/netscape/cms/servlet/key/DisplayTransport.java
@@ -35,7 +35,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Retrieve Transport Certificate used to
  * wrap Private key Archival requests
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class DisplayTransport extends CMSServlet {
@@ -70,7 +70,7 @@ public class DisplayTransport extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/key/ExamineRecovery.java b/base/common/src/com/netscape/cms/servlet/key/ExamineRecovery.java
index cd440da08..630ef1b14 100644
--- a/base/common/src/com/netscape/cms/servlet/key/ExamineRecovery.java
+++ b/base/common/src/com/netscape/cms/servlet/key/ExamineRecovery.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * View the Key Recovery Request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ExamineRecovery extends CMSServlet {
@@ -107,7 +107,7 @@ public class ExamineRecovery extends CMSServlet {
      * 
      
      * 
    • http.param recoveryID recovery request ID
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
 
@@ -167,7 +167,7 @@ public class ExamineRecovery extends CMSServlet {
         /*
          catch (NumberFormatException e) {
          error = eBaseException(
-         
+
          header.addStringValue(OUT_ERROR,
          MessageFormatter.getLocalizedString(
          locale[0],
diff --git a/base/common/src/com/netscape/cms/servlet/key/GetApprovalStatus.java b/base/common/src/com/netscape/cms/servlet/key/GetApprovalStatus.java
index 55d79b1ab..4989c1245 100644
--- a/base/common/src/com/netscape/cms/servlet/key/GetApprovalStatus.java
+++ b/base/common/src/com/netscape/cms/servlet/key/GetApprovalStatus.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Check to see if a Key Recovery Request has been approved
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetApprovalStatus extends CMSServlet {
@@ -79,7 +79,7 @@ public class GetApprovalStatus extends CMSServlet {
      * initialize the servlet. This servlet uses the template files
      * "getApprovalStatus.template" and "finishRecovery.template"
      * to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -102,7 +102,7 @@ public class GetApprovalStatus extends CMSServlet {
      * 
      
      * 
    • http.param recoveryID request ID to check
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -189,7 +189,7 @@ public class GetApprovalStatus extends CMSServlet {
                      }
                      */
                 } else if (((IKeyRecoveryAuthority) mService).getError(recoveryID) != null) {
-                    // error in recovery process 
+                    // error in recovery process
                     header.addStringValue(OUT_ERROR,
                             ((IKeyRecoveryAuthority) mService).getError(recoveryID));
                     rComplete = 1;
diff --git a/base/common/src/com/netscape/cms/servlet/key/GetAsyncPk12.java b/base/common/src/com/netscape/cms/servlet/key/GetAsyncPk12.java
index 9d67cab8d..dfc7d4d3b 100644
--- a/base/common/src/com/netscape/cms/servlet/key/GetAsyncPk12.java
+++ b/base/common/src/com/netscape/cms/servlet/key/GetAsyncPk12.java
@@ -44,7 +44,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Get the recovered key in PKCS#12 format
  * - for asynchronous key recovery only
- * 
+ *
  */
 public class GetAsyncPk12 extends CMSServlet {
 
@@ -83,7 +83,7 @@ public class GetAsyncPk12 extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "finishAsyncRecovery.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -108,7 +108,7 @@ public class GetAsyncPk12 extends CMSServlet {
      * 
      
      * 
    • http.param reqID request id for recovery
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -228,7 +228,7 @@ public class GetAsyncPk12 extends CMSServlet {
                             CMS.getUserMessage(locale[0], "CMS_BASE_INTERNAL_ERROR", e.toString()));
                 }
             } else if (((IKeyRecoveryAuthority) mService).getError(reqID) != null) {
-                // error in recovery process 
+                // error in recovery process
                 header.addStringValue(OUT_ERROR,
                         ((IKeyRecoveryAuthority) mService).getError(reqID));
             } else {
diff --git a/base/common/src/com/netscape/cms/servlet/key/GetPk12.java b/base/common/src/com/netscape/cms/servlet/key/GetPk12.java
index 96fe7c85d..fdcbf40bc 100644
--- a/base/common/src/com/netscape/cms/servlet/key/GetPk12.java
+++ b/base/common/src/com/netscape/cms/servlet/key/GetPk12.java
@@ -44,7 +44,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Get the recovered key in PKCS#12 format
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetPk12 extends CMSServlet {
@@ -82,7 +82,7 @@ public class GetPk12 extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "finishRecovery.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -107,7 +107,7 @@ public class GetPk12 extends CMSServlet {
      * 
      
      * 
    • http.param recoveryID ID of request to recover
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java b/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java
index 7c0c0cb1c..fee739f29 100644
--- a/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java
+++ b/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java
@@ -42,7 +42,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Approve an asynchronous key recovery request
- * 
+ *
  */
 public class GrantAsyncRecovery extends CMSServlet {
 
@@ -80,7 +80,7 @@ public class GrantAsyncRecovery extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * 'grantAsyncRecovery.template' to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -106,9 +106,9 @@ public class GrantAsyncRecovery extends CMSServlet {
      * 
      
      * 
    • http.param reqID request ID of the request to approve
      * 
    • http.param agentID User ID of the agent approving the request
-     * 
+     *
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -183,12 +183,12 @@ public class GrantAsyncRecovery extends CMSServlet {
     /**
      * Update agent approval list
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents
      * to approve key recovery requests
      * 
    
-     * 
+     *
      * @param argSet CMS template parameters
      * @param header argument block
      * @param reqID string containing the recovery request ID
diff --git a/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java b/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java
index 02aacc31c..9c4ccc8be 100644
--- a/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java
+++ b/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java
@@ -43,7 +43,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Approve a key recovery request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GrantRecovery extends CMSServlet {
@@ -84,7 +84,7 @@ public class GrantRecovery extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * 'grantRecovery.template' to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -111,9 +111,9 @@ public class GrantRecovery extends CMSServlet {
      * 
  • http.param recoveryID ID of the request to approve
      * 
  • http.param agentID User ID of the agent approving the request
      * 
  • http.param agentPWD Password of the agent approving the request
-     * 
+     *
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -189,12 +189,12 @@ public class GrantRecovery extends CMSServlet {
      * Recovers a key. The p12 will be protected by the password
      * provided by the administrator.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents
      * to approve key recovery requests
      * 
    
-     * 
+     *
      * @param argSet CMS template parameters
      * @param header argument block
      * @param recoveryID string containing the recovery ID
diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyRecordParser.java b/base/common/src/com/netscape/cms/servlet/key/KeyRecordParser.java
index ed770ea91..b599cc7f5 100644
--- a/base/common/src/com/netscape/cms/servlet/key/KeyRecordParser.java
+++ b/base/common/src/com/netscape/cms/servlet/key/KeyRecordParser.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.dbs.keydb.IKeyRecord;
 
 /**
  * Output a 'pretty print' of a Key Archival record
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyRecordParser {
@@ -60,7 +60,7 @@ public class KeyRecordParser {
                 rec.getSerialNumber(), 10);
         rarg.addStringValue(OUT_KEY_ALGORITHM,
                 rec.getAlgorithm());
-        // Possible Enhancement: sun's BASE64Encode is not 
+        // Possible Enhancement: sun's BASE64Encode is not
         // fast. We may may to have our native implmenetation.
         IPrettyPrintFormat pp = CMS.getPrettyPrintFormat(":");
 
diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyResource.java b/base/common/src/com/netscape/cms/servlet/key/KeyResource.java
index a47c46d86..13960b23e 100644
--- a/base/common/src/com/netscape/cms/servlet/key/KeyResource.java
+++ b/base/common/src/com/netscape/cms/servlet/key/KeyResource.java
@@ -12,7 +12,7 @@ import com.netscape.cms.servlet.request.model.RecoveryRequestData;
 
 @Path("/key")
 public interface KeyResource {
-   
+
     /**
      * Used to retrieve a key
      * @param data
@@ -23,7 +23,7 @@ public interface KeyResource {
     @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
     @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
     public KeyData retrieveKey(RecoveryRequestData data);
-    
+
     // retrieval - used to test integration with a browser
     @POST
     @Path("retrieve")
diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java b/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java
index 88f2f8a82..0ec84b8f6 100644
--- a/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java
+++ b/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java
@@ -37,10 +37,10 @@ import com.netscape.certsrv.dbs.keydb.KeyId;
 
 /**
  * @author alee
- * 
+ *
  */
 public class KeyResourceService extends CMSResourceService implements KeyResource{
-    
+
     /**
      * Used to retrieve a key
      * @param data
@@ -64,15 +64,15 @@ public class KeyResourceService extends CMSResourceService implements KeyResourc
         }
         return keyData;
     }
-    
+
     // retrieval - used to test integration with a browser
     public KeyData retrieveKey(MultivaluedMap form) {
         RecoveryRequestData data = new RecoveryRequestData(form);
         return retrieveKey(data);
     }
-    
+
     private KeyId validateRequest(RecoveryRequestData data) {
-        
+
         // confirm request exists
         RequestId reqId = data.getRequestId();
         if (reqId == null) {
@@ -100,24 +100,24 @@ public class KeyResourceService extends CMSResourceService implements KeyResourc
             // request not found
             throw new WebApplicationException(Response.Status.GONE);
         }
-        
+
         //confirm request is of the right type
         String type = reqInfo.getRequestType();
         if (!type.equals(IRequest.SECURITY_DATA_RECOVERY_REQUEST)) {
             // log error
             throw new WebApplicationException(Response.Status.BAD_REQUEST);
         }
-        
-        //confirm that agent is originator of request, else throw 401 
+
+        //confirm that agent is originator of request, else throw 401
         //  TO-DO
-        
+
         // confirm request is in approved state
         String status = reqInfo.getRequestStatus();
         if (!status.equals(RequestStatus.APPROVED.toString())) {
             // log error
             throw new WebApplicationException(Response.Status.UNAUTHORIZED);
         }
-        
+
         return reqInfo.getKeyId();
     }
 
diff --git a/base/common/src/com/netscape/cms/servlet/key/KeysResource.java b/base/common/src/com/netscape/cms/servlet/key/KeysResource.java
index c93ffa4c9..67d29cc52 100644
--- a/base/common/src/com/netscape/cms/servlet/key/KeysResource.java
+++ b/base/common/src/com/netscape/cms/servlet/key/KeysResource.java
@@ -7,17 +7,17 @@ import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 import com.netscape.cms.servlet.key.model.KeyDataInfos;
- 
+
 @Path("/keys")
 public interface KeysResource {
     public static final int DEFAULT_MAXTIME = 10;
     public static final int DEFAULT_MAXRESULTS = 100;
-    
+
     @GET
     @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
     public KeyDataInfos listKeys(@QueryParam("clientID") String clientID,
                                  @QueryParam("status") String status,
                                  @DefaultValue(""+DEFAULT_MAXRESULTS) @QueryParam("maxResults") int maxResults,
                                  @DefaultValue(""+DEFAULT_MAXTIME) @QueryParam("maxTime") int maxTime);
-    
+
 }
diff --git a/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java b/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java
index d525d5a77..080d4871b 100644
--- a/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java
+++ b/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java
@@ -16,13 +16,13 @@
 // All rights reserved.
 // --- END COPYRIGHT BLOCK ---
 /**
- * 
+ *
  */
 package com.netscape.cms.servlet.key;
 
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response;
- 
+
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.cms.servlet.base.CMSResourceService;
@@ -32,20 +32,20 @@ import com.netscape.cmsutil.ldap.LDAPUtil;
 
 /**
  * @author alee
- * 
+ *
  */
 public class KeysResourceService extends CMSResourceService implements KeysResource {
 
     /**
      * Used to generate list of key infos based on the search parameters
      */
-    public KeyDataInfos listKeys(String clientID, String status, int maxResults, int maxTime) {                                 
+    public KeyDataInfos listKeys(String clientID, String status, int maxResults, int maxTime) {
         // auth and authz
-        
+
         // get ldap filter
         String filter = createSearchFilter(status, clientID);
         CMS.debug("listKeys: filter is " + filter);
-       
+
         KeyDAO dao = new KeyDAO();
         KeyDataInfos infos;
         try {
@@ -56,30 +56,30 @@ public class KeysResourceService extends CMSResourceService implements KeysResou
         }
         return infos;
     }
-    
+
     private String createSearchFilter(String status, String clientID) {
         String filter = "";
         int matches = 0;
-        
+
         if ((status == null) && (clientID == null)) {
             filter = "(serialno=*)";
             return filter;
         }
-        
+
         if (status != null) {
             filter += "(status=" + LDAPUtil.escape(status) + ")";
             matches ++;
         }
-        
+
         if (clientID != null) {
             filter += "(clientID=" + LDAPUtil.escape(clientID) + ")";
             matches ++;
         }
-        
+
         if (matches > 1) {
             filter = "(&" + filter + ")";
         }
-        
+
         return filter;
     }
 
diff --git a/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java b/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java
index 28ff30803..bedfa911d 100644
--- a/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java
+++ b/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java
@@ -50,7 +50,7 @@ import com.netscape.cmsutil.util.Cert;
 
 /**
  * A class representing a recoverBySerial servlet.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class RecoverBySerial extends CMSServlet {
diff --git a/base/common/src/com/netscape/cms/servlet/key/SrchKey.java b/base/common/src/com/netscape/cms/servlet/key/SrchKey.java
index bff14e9f2..b249b663f 100644
--- a/base/common/src/com/netscape/cms/servlet/key/SrchKey.java
+++ b/base/common/src/com/netscape/cms/servlet/key/SrchKey.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Retrieve archived keys matching search criteria
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SrchKey extends CMSServlet {
@@ -92,7 +92,7 @@ public class SrchKey extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "srchKey.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -144,7 +144,7 @@ public class SrchKey extends CMSServlet {
      * 
  • http.param querySentinel ID of first request to show
      * 
  • http.param timeLimit number of seconds to limit ldap search to
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/key/SrchKeyForRecovery.java b/base/common/src/com/netscape/cms/servlet/key/SrchKeyForRecovery.java
index 95c777701..c3e6bba53 100644
--- a/base/common/src/com/netscape/cms/servlet/key/SrchKeyForRecovery.java
+++ b/base/common/src/com/netscape/cms/servlet/key/SrchKeyForRecovery.java
@@ -47,8 +47,8 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Retrieve archived keys matching given public key material
- * 
- * 
+ *
+ *
  * @version $Revision$, $Date$
  */
 public class SrchKeyForRecovery extends CMSServlet {
@@ -93,7 +93,7 @@ public class SrchKeyForRecovery extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "srchKeyForRecovery.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -143,7 +143,7 @@ public class SrchKeyForRecovery extends CMSServlet {
      * 
  • http.param querySentinel ID of first request to show
      * 
  • http.param timeLimit number of seconds to limit ldap search to
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
 
@@ -295,7 +295,7 @@ public class SrchKeyForRecovery extends CMSServlet {
                     IKeyRecord rec = e.nextElement();
                     // rec is null when we specify maxResults
                     // DS will return an err=4, which triggers
-                    // a LDAPException.SIZE_LIMIT_ExCEEDED 
+                    // a LDAPException.SIZE_LIMIT_ExCEEDED
                     // in DSSearchResults.java
                     if (rec != null) {
                         IArgBlock rarg = CMS.createArgBlock();
diff --git a/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java b/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java
index f479c6f0d..c34c1752f 100644
--- a/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java
+++ b/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java
@@ -48,7 +48,7 @@ public class KeyDAO {
     private IKeyRepository repo;
     private IKeyRecoveryAuthority kra;
     private IRequestQueue queue;
-    
+
     public KeyDAO() {
         kra = ( IKeyRecoveryAuthority ) CMS.getSubsystem( "kra" );
         repo = kra.getKeyRepository();
@@ -57,7 +57,7 @@ public class KeyDAO {
     /**
      * Returns list of keys meeting specified search filter.
      * Currently, vlv searches are not used for keys.
-     * 
+     *
      * @param filter
      * @param maxResults
      * @param maxTime
@@ -65,29 +65,29 @@ public class KeyDAO {
      * @return
      * @throws EBaseException
      */
-    public KeyDataInfos listKeys(String filter, int maxResults, int maxTime, UriInfo uriInfo) 
+    public KeyDataInfos listKeys(String filter, int maxResults, int maxTime, UriInfo uriInfo)
         throws EBaseException {
         List  list = new ArrayList();
         Enumeration e = null;
-        
-        e = repo.searchKeys(filter, maxResults, maxTime); 
+
+        e = repo.searchKeys(filter, maxResults, maxTime);
         if (e == null) {
             throw new EBaseException("search results are null");
         }
-        
+
         while (e.hasMoreElements()) {
             IKeyRecord rec = e.nextElement();
             if (rec != null) {
                 list.add(createKeyDataInfo(rec, uriInfo));
             }
         }
-        
+
         KeyDataInfos ret = new KeyDataInfos();
         ret.setKeyInfos(list);
-        
+
         return ret;
     }
-    
+
     public KeyData getKey(KeyId keyId, RecoveryRequestData data) throws EBaseException {
         KeyData keyData;
 
@@ -105,7 +105,7 @@ public class KeyDAO {
      // get wrapped key
         IKeyRecord rec = repo.readKeyRecord(keyId.toBigInteger());
         if (rec == null) {
-            return null;  
+            return null;
         }
 
         Hashtable requestParams = kra.getVolatileRequest(
@@ -182,10 +182,10 @@ public class KeyDAO {
         kra.destroyVolatileRequest(request.getRequestId());
 
         queue.markAsServiced(request);
-        
+
         return keyData;
     }
-    
+
     public KeyDataInfo createKeyDataInfo(IKeyRecord rec, UriInfo uriInfo) throws EBaseException {
         KeyDataInfo ret = new KeyDataInfo();
 
@@ -198,5 +198,5 @@ public class KeyDAO {
 
         return ret;
     }
-    
+
 }
diff --git a/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java b/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java
index 4f303e27d..2ff2b5d0c 100644
--- a/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java
+++ b/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java
@@ -17,7 +17,7 @@
 // --- END COPYRIGHT BLOCK ---
 
 /**
- * 
+ *
  */
 package com.netscape.cms.servlet.key.model;
 
@@ -35,7 +35,7 @@ import javax.xml.bind.annotation.XmlElement;
 public class KeyData {
     @XmlElement
     String wrappedPrivateData;
-    
+
     @XmlElement
     String nonceData;
 
@@ -56,7 +56,7 @@ public class KeyData {
     public void setWrappedPrivateData(String wrappedPrivateData) {
         this.wrappedPrivateData = wrappedPrivateData;
     }
-    
+
     /**
      * @return the nonceData
      */
diff --git a/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java b/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java
index 88b31b4d1..6fd9649fb 100644
--- a/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java
+++ b/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java
@@ -16,11 +16,11 @@
 // All rights reserved.
 // --- END COPYRIGHT BLOCK ---
 /**
- * 
+ *
  */
 package com.netscape.cms.servlet.key.model;
 
- 
+
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
@@ -35,13 +35,13 @@ import com.netscape.certsrv.dbs.keydb.KeyId;
 @XmlRootElement(name="SecurityDataInfo")
 @XmlAccessorType(XmlAccessType.FIELD)
 public class KeyDataInfo {
-    
+
     @XmlElement
     protected String keyURL;
 
     @XmlElement
     protected String clientID;
-    
+
     public KeyDataInfo() {
         // required for JAXB (defaults)
     }
diff --git a/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfos.java b/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfos.java
index b01184708..79e5add95 100644
--- a/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfos.java
+++ b/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfos.java
@@ -28,10 +28,10 @@ import com.netscape.cms.servlet.base.model.Link;
 
 @XmlRootElement(name = "SecurityDataInfos")
 public class KeyDataInfos {
-    
+
     protected Collection keyInfos;
     protected List links;
-    
+
     /**
      * @return the keyInfos
      */
@@ -58,7 +58,7 @@ public class KeyDataInfos {
     public void setLinks(List links) {
         this.links = links;
     }
-    
+
     @XmlTransient
     public String getNext() {
         if (links == null) {
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java b/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
index 1ef680853..fef1a2e5c 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
@@ -47,7 +47,7 @@ import com.netscape.cmsutil.util.Cert;
 
 /**
  * Configure the CA to respond to OCSP requests for a CA
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class AddCAServlet extends CMSServlet {
@@ -80,7 +80,7 @@ public class AddCAServlet extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "addCA.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -105,7 +105,7 @@ public class AddCAServlet extends CMSServlet {
      * 
  • signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED used when an add CA request to the OCSP
      * Responder is processed
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java b/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java
index 2dec0e1f5..ff2d76029 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java
@@ -56,7 +56,7 @@ import com.netscape.cmsutil.util.Cert;
 
 /**
  * Update the OCSP responder with a new CRL
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class AddCRLServlet extends CMSServlet {
@@ -86,7 +86,7 @@ public class AddCRLServlet extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "addCRL.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -103,7 +103,7 @@ public class AddCRLServlet extends CMSServlet {
     /**
      * Process the HTTP request.
      * 
    
-     * 
+     *
      * 
      
      * 
    • http.param crl certificate revocation list, base-64, DER encoded wrapped in -----BEGIN CERTIFICATE REVOCATION
      * LIST-----, -----END CERTIFICATE REVOCATION LIST----- strings
@@ -113,7 +113,7 @@ public class AddCRLServlet extends CMSServlet {
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CRL_VALIDATION used when CRL is retrieved and validation process occurs
      * ("agent" or "EE")
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      * @exception EBaseException an error has occurred
      */
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java b/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
index dfe796366..cbe9283d3 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
@@ -49,7 +49,7 @@ import com.netscape.cmsutil.util.Cert;
 
 /**
  * Check the status of a specific certificate
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class CheckCertServlet extends CMSServlet {
@@ -83,7 +83,7 @@ public class CheckCertServlet extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "checkCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -103,7 +103,7 @@ public class CheckCertServlet extends CMSServlet {
      * 
  • http.param cert certificate to check. Base64, DER encoded, wrapped in -----BEGIN CERTIFICATE-----, -----END
      * CERTIFICATE----- strings
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/GetOCSPInfo.java b/base/common/src/com/netscape/cms/servlet/ocsp/GetOCSPInfo.java
index 3dfc1d5f3..65c16d817 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/GetOCSPInfo.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/GetOCSPInfo.java
@@ -43,7 +43,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Retrieve information about the number of OCSP requests the OCSP
  * has serviced
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class GetOCSPInfo extends CMSServlet {
@@ -61,7 +61,7 @@ public class GetOCSPInfo extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template
      * file "getOCSPInfo.template" to render the result page.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -79,7 +79,7 @@ public class GetOCSPInfo extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/ListCAServlet.java b/base/common/src/com/netscape/cms/servlet/ocsp/ListCAServlet.java
index a93512ccd..b2365d009 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/ListCAServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/ListCAServlet.java
@@ -46,7 +46,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Show the list of CA's that the OCSP responder can service
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class ListCAServlet extends CMSServlet {
@@ -71,7 +71,7 @@ public class ListCAServlet extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "listCAs.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -87,7 +87,7 @@ public class ListCAServlet extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java b/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java
index 3ab20141c..1e1b649e6 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java
@@ -51,7 +51,7 @@ import com.netscape.cmsutil.util.Utils;
 /**
  * Process OCSP messages, According to RFC 2560
  * See http://www.ietf.org/rfc/rfc2560.txt
- * 
+ *
  * @version $Revision$ $Date$
  */
 public class OCSPServlet extends CMSServlet {
@@ -74,7 +74,7 @@ public class OCSPServlet extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "ImportCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -94,7 +94,7 @@ public class OCSPServlet extends CMSServlet {
      * This method is invoked when the OCSP service receives a OCSP
      * request. Based on RFC 2560, the request should have the OCSP
      * request in the HTTP body as binary blob.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java b/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java
index 4262940d0..a5b656cb4 100644
--- a/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java
@@ -42,7 +42,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Configure the CA to no longer respond to OCSP requests for a CA
- * 
+ *
  * @version $Revision: 1274 $ $Date: 2010-09-07 22:14:41 -0700 (Tue, 07 Sep 2010) $
  */
 public class RemoveCAServlet extends CMSServlet {
@@ -70,7 +70,7 @@ public class RemoveCAServlet extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "addCA.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -95,7 +95,7 @@ public class RemoveCAServlet extends CMSServlet {
      * LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE are used when a remove CA request to the OCSP
      * Responder is processed successfully or not.
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     protected void process(CMSRequest cmsReq)
diff --git a/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java b/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java
index 2d2f1430e..4d46e8a75 100644
--- a/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java
@@ -58,7 +58,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * Process CRMF requests, according to RFC 2511
  * See http://www.ietf.org/rfc/rfc2511.txt
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CRMFProcessor extends PKIProcessor {
@@ -88,12 +88,12 @@ public class CRMFProcessor extends PKIProcessor {
     /**
      * Verify Proof of Possession (POP)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof of possession is checked during
      * certificate enrollment
      * 
    
-     * 
+     *
      * @param certReqMsg the certificate request message
      * @exception EBaseException an error has occurred
      */
diff --git a/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java b/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java
index 9139f888c..395d30ea9 100644
--- a/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/processors/IPKIProcessor.java
@@ -22,7 +22,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
 
 /**
  * This represents the request parser.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IPKIProcessor {
diff --git a/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java b/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java
index cfe9754a8..bea447abe 100644
--- a/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/processors/KeyGenProcessor.java
@@ -39,7 +39,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 /**
  * KeyGenProcess parses Certificate request matching the
  * KEYGEN tag format used by Netscape Communicator 4.x
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyGenProcessor extends PKIProcessor {
diff --git a/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java b/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java
index dad4b64ab..9ce331412 100644
--- a/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java
+++ b/base/common/src/com/netscape/cms/servlet/processors/PKCS10Processor.java
@@ -49,7 +49,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
  * PKCS10Processor process Certificate Requests in
  * PKCS10 format, as defined here:
  * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-10/index.html
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PKCS10Processor extends PKIProcessor {
diff --git a/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java b/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java
index 5b78bb42a..b3859ad2f 100644
--- a/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/processors/PKIProcessor.java
@@ -43,7 +43,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Process Certificate Requests
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PKIProcessor implements IPKIProcessor {
@@ -295,11 +295,11 @@ public class PKIProcessor implements IPKIProcessor {
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     protected void audit(String msg) {
@@ -319,12 +319,12 @@ public class PKIProcessor implements IPKIProcessor {
 
     /**
      * Signed Audit Log Subject ID
-     * 
+     *
      * This method is inherited by all extended "CMSServlet"s,
      * and is called to obtain the "SubjectID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @return id string containing the signed audit log message SubjectID
      */
     protected String auditSubjectID() {
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
index 48848695f..7b5343000 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
 
 /**
  * Toggle the approval state of a profile
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileApproveServlet extends ProfileServlet {
@@ -71,7 +71,7 @@ public class ProfileApproveServlet extends ProfileServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "ImportCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -82,13 +82,13 @@ public class ProfileApproveServlet extends ProfileServlet {
     /**
      * Process the HTTP request.
      * 
    
-     * 
+     *
      * 
      
      * 
    • http.param profileId the id of the profile to change
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL used when an agent approves/disapproves a cert
      * profile set by the administrator for automatic approval
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      * @exception EBaseException an error has occurred
      */
@@ -460,11 +460,11 @@ public class ProfileApproveServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Profile ID
-     * 
+     *
      * This method is called to obtain the "ProfileID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return id string containing the signed audit log message ProfileID
      */
@@ -490,11 +490,11 @@ public class ProfileApproveServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Profile Operation
-     * 
+     *
      * This method is called to obtain the "Profile Operation" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param req HTTP request
      * @return operation string containing either OP_APPROVE, OP_DISAPPROVE,
      *         or SIGNED_AUDIT_EMPTY_VALUE
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileListServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileListServlet.java
index 2ca5f0a5c..9556da8e3 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileListServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileListServlet.java
@@ -39,7 +39,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
 
 /**
  * List all enabled profiles.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileListServlet extends ProfileServlet {
@@ -60,7 +60,7 @@ public class ProfileListServlet extends ProfileServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "ImportCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -70,7 +70,7 @@ public class ProfileListServlet extends ProfileServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java
index e482b67da..996b65d78 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java
@@ -66,7 +66,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * This servlet approves profile-based request.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileProcessServlet extends ProfileServlet {
@@ -359,7 +359,7 @@ public class ProfileProcessServlet extends ProfileServlet {
             if (op.equals("assign")) {
                 String owner = req.getRequestOwner();
 
-                // assigned owner 
+                // assigned owner
                 if (owner != null && owner.length() > 0) {
                     if (!grantPermission(req, authToken)) {
                         CMS.debug("ProfileProcessServlet: Permission not granted to assign request.");
@@ -548,15 +548,15 @@ public class ProfileProcessServlet extends ProfileServlet {
     /**
      * Cancel request
      * 
    
-     * 
+     *
      * (Certificate Request Processed - a manual "agent" profile based cert cancellation)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
      * through the approval process
      * 
    
-     * 
+     *
      * @param request the servlet request
      * @param args argument set
      * @param req the certificate request
@@ -605,15 +605,15 @@ public class ProfileProcessServlet extends ProfileServlet {
     /**
      * Reject request
      * 
    
-     * 
+     *
      * (Certificate Request Processed - a manual "agent" profile based cert rejection)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
      * through the approval process
      * 
    
-     * 
+     *
      * @param request the servlet request
      * @param args argument set
      * @param req the certificate request
@@ -662,15 +662,15 @@ public class ProfileProcessServlet extends ProfileServlet {
     /**
      * Approve request
      * 
    
-     * 
+     *
      * (Certificate Request Processed - a manual "agent" profile based cert acceptance)
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
      * through the approval process
      * 
    
-     * 
+     *
      * @param request the servlet request
      * @param args argument set
      * @param req the certificate request
@@ -835,11 +835,11 @@ public class ProfileProcessServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param request the actual request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -865,11 +865,11 @@ public class ProfileProcessServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Info Value
-     * 
+     *
      * This method is called to obtain the "reason" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param request the actual request
      * @return reason string containing the signed audit log message reason
      */
@@ -901,11 +901,11 @@ public class ProfileProcessServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Info Certificate Value
-     * 
+     *
      * This method is called to obtain the certificate from the passed in
      * "X509CertImpl" for a signed audit log message.
      * 
    
-     * 
+     *
      * @param x509cert an X509CertImpl
      * @return cert string containing the certificate
      */
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileReviewServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileReviewServlet.java
index dd0ee7be7..61a04a630 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileReviewServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileReviewServlet.java
@@ -55,7 +55,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
 
 /**
  * This servlet allows reviewing of profile-based request.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileReviewServlet extends ProfileServlet {
@@ -77,7 +77,7 @@ public class ProfileReviewServlet extends ProfileServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "ImportCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -99,7 +99,7 @@ public class ProfileReviewServlet extends ProfileServlet {
      * 
      
      * 
    • http.param requestId the ID of the profile to review
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileSelectServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileSelectServlet.java
index 5b07951f8..a4213e3a1 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileSelectServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileSelectServlet.java
@@ -49,7 +49,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
 
 /**
  * Retrieve detailed information of a particular profile.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileSelectServlet extends ProfileServlet {
@@ -74,7 +74,7 @@ public class ProfileSelectServlet extends ProfileServlet {
      * 
      
      * 
    • http.param profileId the id of the profile to select
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java
index 457b8422b..9eac8eebd 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileServlet.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ServletUtils;
 
 /**
  * This servlet is the base class of all profile servlets.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileServlet extends CMSServlet {
@@ -168,7 +168,7 @@ public class ProfileServlet extends CMSServlet {
      * initialize the servlet. Servlets implementing this method
      * must specify the template to use as a parameter called
      * "templatePath" in the servletConfig
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
 
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java
index 16451f6dd..93e5b6a4b 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java
@@ -66,7 +66,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * This servlet submits end-user request into the profile framework.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProfileSubmitCMCServlet extends ProfileServlet {
@@ -104,9 +104,9 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
      * be set up to always issue certificates against a certain profile
      * by setting the 'profileId' configuration in the servletConfig
      * If not, the user must specify the profileID when submitting the request
-     * 
+     *
      * "ImportCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -212,17 +212,17 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
     /**
      * Process the HTTP request
      * 
    
-     * 
+     *
      * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE"
      * profile based cert rejection)
      * 
    
-     * 
+     *
      * 
      
      * 
    • http.param profileId ID of profile to use to process request
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
      * through the approval process
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      * @exception EBaseException an error has occurred
      */
@@ -267,7 +267,7 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
             while (paramNames.hasMoreElements()) {
                 String paramName = paramNames.nextElement();
                 // added this facility so that password can be hidden,
-                // all sensitive parameters should be prefixed with 
+                // all sensitive parameters should be prefixed with
                 // __ (double underscores); however, in the event that
                 // a security parameter slips through, we perform multiple
                 // additional checks to insure that it is NOT displayed
@@ -526,7 +526,7 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
             Integer nums = (Integer) (context.get("numOfControls"));
             CMCOutputTemplate template = new CMCOutputTemplate();
             // if there is only one control GetCert, then simple response
-            // must be returned. 
+            // must be returned.
             if (nums != null && nums.intValue() == 1) {
                 TaggedAttribute attr1 = (TaggedAttribute) (context.get(OBJECT_IDENTIFIER.id_cmc_getCert));
                 if (attr1 != null) {
@@ -623,7 +623,7 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
                 return;
             } catch (Throwable e) {
                 CMS.debug("ProfileSubmitCMCServlet: populate " + e.toString());
-                //  throw new IOException("Profile " + profileId + 
+                //  throw new IOException("Profile " + profileId +
                 //          " cannot populate");
                 CMCOutputTemplate template = new CMCOutputTemplate();
                 SEQUENCE seq = new SEQUENCE();
@@ -704,7 +704,7 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
                                 "CMS_PROFILE_DEFERRED",
                                 e.toString());
                 } catch (ERejectException e) {
-                    // return error to the user 
+                    // return error to the user
                     reqs[k].setRequestStatus(RequestStatus.REJECTED);
                     CMS.debug("ProfileSubmitCMCServlet: submit " + e.toString());
                     errorCode = "3";
@@ -772,7 +772,7 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
             }
 
             ///////////////////////////////////////////////
-            // output output list 
+            // output output list
             ///////////////////////////////////////////////
 
             CMS.debug("ProfileSubmitCMCServlet: done serving");
@@ -812,11 +812,11 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param request the actual request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -842,11 +842,11 @@ public class ProfileSubmitCMCServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Info Certificate Value
-     * 
+     *
      * This method is called to obtain the certificate from the passed in
      * "X509CertImpl" for a signed audit log message.
      * 
    
-     * 
+     *
      * @param request request containing an X509CertImpl
      * @return cert string containing the certificate
      */
diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
index eb3b93eb8..64ab5f82d 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
@@ -73,7 +73,7 @@ import com.netscape.cmsutil.xml.XMLObject;
 
 /**
  * This servlet submits end-user request into the profile framework.
- * 
+ *
  * @author Christina Fu (renewal support)
  * @version $Revision$, $Date$
  */
@@ -117,9 +117,9 @@ public class ProfileSubmitServlet extends ProfileServlet {
      * be set up to always issue certificates against a certain profile
      * by setting the 'profileId' configuration in the servletConfig
      * If not, the user must specify the profileID when submitting the request
-     * 
+     *
      * "ImportCert.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -154,7 +154,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
 
     }
 
-    /* 
+    /*
      * fill input info from "request" to context.
      * This is expected to be used by renewal where the request
      * is retrieved from request record
@@ -356,7 +356,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
         }
     }
 
-    /* 
+    /*
      * fill input info from orig request to the renew request.
      * This is expected to be used by renewal where the request
      * is retrieved from request record
@@ -439,17 +439,17 @@ public class ProfileSubmitServlet extends ProfileServlet {
     /**
      * Process the HTTP request
      * 
    
-     * 
+     *
      * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE"
      * profile based cert rejection)
      * 
    
-     * 
+     *
      * 
      
      * 
    • http.param profileId ID of profile to use to process request
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
      * through the approval process
      * 
    
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      * @exception EBaseException an error has occurred
      */
@@ -488,7 +488,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
             while (paramNames.hasMoreElements()) {
                 String paramName = paramNames.nextElement();
                 // added this facility so that password can be hidden,
-                // all sensitive parameters should be prefixed with 
+                // all sensitive parameters should be prefixed with
                 // __ (double underscores); however, in the event that
                 // a security parameter slips through, we perform multiple
                 // additional checks to insure that it is NOT displayed
@@ -548,7 +548,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
          * Framework.  The authentication and authorization are taken from
          * the renewal profile, while the input (with requests)  and grace
          * period constraint are taken from the original cert's request record.
-         * 
+         *
          * Things to note:
          * * the renew request will contain the original profile instead
          *   of the new
@@ -614,7 +614,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
             String serial = request.getParameter("serial_num");
             BigInteger certSerial = null;
             // if serial number is sent with request, then the authentication
-            // method is not ssl client auth.  In this case, an alternative 
+            // method is not ssl client auth.  In this case, an alternative
             // authentication method is used (default: ldap based)
             if (serial != null) {
                 CMS.debug("ProfileSubmitServlet: renewal: found serial_num");
@@ -1199,7 +1199,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
                 // no profile set found
                 CMS.debug("ProfileSubmitServlet: no profile policy set found");
                 if (xmlOutput) {
-                    outputError(response, FAILED, CMS.getUserMessage("CMS_PROFILE_NO_POLICY_SET_FOUND"), 
+                    outputError(response, FAILED, CMS.getUserMessage("CMS_PROFILE_NO_POLICY_SET_FOUND"),
                             reqs[k].getRequestId().toString());
                 } else {
                     args.set(ARG_ERROR_CODE, "1");
@@ -1246,10 +1246,10 @@ public class ProfileSubmitServlet extends ProfileServlet {
                 return;
             } catch (Throwable e) {
                 CMS.debug("ProfileSubmitServlet: populate " + e.toString());
-                //  throw new IOException("Profile " + profileId + 
+                //  throw new IOException("Profile " + profileId +
                 //          " cannot populate");
                 if (xmlOutput) {
-                    outputError(response, FAILED, CMS.getUserMessage(locale, "CMS_INTERNAL_ERROR"), 
+                    outputError(response, FAILED, CMS.getUserMessage(locale, "CMS_INTERNAL_ERROR"),
                             reqs[k].getRequestId().toString());
                 } else {
                     args.set(ARG_ERROR_CODE, "1");
@@ -1332,7 +1332,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
                                 "CMS_PROFILE_DEFERRED",
                                 e.toString());
                 } catch (ERejectException e) {
-                    // return error to the user 
+                    // return error to the user
                     reqs[k].setRequestStatus(RequestStatus.REJECTED);
                     CMS.debug("ProfileSubmitServlet: submit " + e.toString());
                     errorCode = "3";
@@ -1415,7 +1415,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
             }
 
             ///////////////////////////////////////////////
-            // output output list 
+            // output output list
             ///////////////////////////////////////////////
             if (xmlOutput) {
                 xmlOutput(response, profile, locale, reqs);
@@ -1538,11 +1538,11 @@ public class ProfileSubmitServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Requester ID
-     * 
+     *
      * This method is called to obtain the "RequesterID" for
      * a signed audit log message.
      * 
    
-     * 
+     *
      * @param request the actual request
      * @return id string containing the signed audit log message RequesterID
      */
@@ -1568,11 +1568,11 @@ public class ProfileSubmitServlet extends ProfileServlet {
 
     /**
      * Signed Audit Log Info Certificate Value
-     * 
+     *
      * This method is called to obtain the certificate from the passed in
      * "X509CertImpl" for a signed audit log message.
      * 
    
-     * 
+     *
      * @param request request containing an X509CertImpl
      * @return cert string containing the certificate
      */
diff --git a/base/common/src/com/netscape/cms/servlet/request/CertReqParser.java b/base/common/src/com/netscape/cms/servlet/request/CertReqParser.java
index d8fc68a69..b2043238b 100644
--- a/base/common/src/com/netscape/cms/servlet/request/CertReqParser.java
+++ b/base/common/src/com/netscape/cms/servlet/request/CertReqParser.java
@@ -62,7 +62,7 @@ import com.netscape.cms.servlet.common.RawJS;
 
 /**
  * Output a 'pretty print' of a certificate request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CertReqParser extends ReqParser {
@@ -82,7 +82,7 @@ public class CertReqParser extends ReqParser {
 
     /**
      * Constructs a certificate request parser.
-     * 
+     *
      * @param details return detailed information (this can be time consuming)
      */
     public CertReqParser(boolean details) {
@@ -142,7 +142,7 @@ public class CertReqParser extends ReqParser {
                 // show all http parameters stored in request.
                 if (name.equalsIgnoreCase(IRequest.HTTP_PARAMS)) {
                     Hashtable http_params = req.getExtDataInHashtable(name);
-                    // show certType specially 
+                    // show certType specially
                     String certType = http_params.get(IRequest.CERT_TYPE);
 
                     if (certType != null) {
@@ -290,12 +290,12 @@ public class CertReqParser extends ReqParser {
             }
 
             if (name.equalsIgnoreCase(IRequest.CERT_INFO)) {
-                // Get the certificate info from the request 
+                // Get the certificate info from the request
                 X509CertInfo[] certInfo =
                         req.getExtDataInCertInfoArray(IRequest.CERT_INFO);
 
                 if (certInfo != null && certInfo[0] != null) {
-                    // Get the subject name if any set. 
+                    // Get the subject name if any set.
                     CertificateSubjectName subjectName = null;
                     String signatureAlgorithm = null;
                     String signatureAlgorithmName = null;
@@ -410,7 +410,7 @@ public class CertReqParser extends ReqParser {
 
                         }
 
-                        // Get the public key 
+                        // Get the public key
                         CertificateX509Key certKey = null;
 
                         try {
@@ -436,7 +436,7 @@ public class CertReqParser extends ReqParser {
                                     pp.toHexString(key.getKey(), 0, 16));
                         }
 
-                        // Get the validity period 
+                        // Get the validity period
                         CertificateValidity validity = null;
 
                         try {
@@ -444,7 +444,7 @@ public class CertReqParser extends ReqParser {
                                     (CertificateValidity)
                                     certInfo[0].get(X509CertInfo.VALIDITY);
                             if (validity != null) {
-                                long validityLength = (((Date) validity.get(CertificateValidity.NOT_AFTER)).getTime() - 
+                                long validityLength = (((Date) validity.get(CertificateValidity.NOT_AFTER)).getTime() -
                                         ((Date) validity.get(CertificateValidity.NOT_BEFORE)).getTime()) / 1000;
                                 arg.addLongValue("validityLength", validityLength);
                             }
@@ -694,7 +694,7 @@ public class CertReqParser extends ReqParser {
                 // show all http parameters stored in request.
                 if (name.equalsIgnoreCase(IRequest.HTTP_PARAMS)) {
                     Hashtable http_params = req.getExtDataInHashtable(name);
-                    // show certType specially 
+                    // show certType specially
                     String certType = http_params.get(IRequest.CERT_TYPE);
 
                     if (certType != null) {
@@ -818,7 +818,7 @@ public class CertReqParser extends ReqParser {
             }
 
             if (name.equalsIgnoreCase(IRequest.CERT_INFO)) {
-                // Get the certificate info from the request 
+                // Get the certificate info from the request
                 RevokedCertImpl revokedCert[] = req.getExtDataInRevokedCertArray(IRequest.CERT_INFO);
 
                 if (mDetails && revokedCert != null) {
diff --git a/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java b/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
index b65c90fca..43b6d8901 100644
--- a/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
+++ b/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
@@ -83,7 +83,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Check the status of a certificate request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class CheckRequest extends CMSServlet {
@@ -123,7 +123,7 @@ public class CheckRequest extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "requestStatus.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -143,7 +143,7 @@ public class CheckRequest extends CMSServlet {
      * the 'queryPending' parameter.
      * 
  • http.param queryPending query formatted as a CMC request
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -329,7 +329,7 @@ public class CheckRequest extends CMSServlet {
         String type = r.getRequestType();
         Integer result = r.getExtDataInInteger(IRequest.RESULT);
 
-        /*        if (type.equals(IRequest.ENROLLMENT_REQUEST) && (r.get("profile") != null) && status.equals(RequestStatus.COMPLETE)) { 
+        /*        if (type.equals(IRequest.ENROLLMENT_REQUEST) && (r.get("profile") != null) && status.equals(RequestStatus.COMPLETE)) {
                     X509CertImpl cert = (X509CertImpl) r.get(IEnrollProfile.REQUEST_ISSUED_CERT);
                     IArgBlock rarg = CMS.createArgBlock();
 
diff --git a/base/common/src/com/netscape/cms/servlet/request/IReqParser.java b/base/common/src/com/netscape/cms/servlet/request/IReqParser.java
index f90e97b70..7731efcb4 100644
--- a/base/common/src/com/netscape/cms/servlet/request/IReqParser.java
+++ b/base/common/src/com/netscape/cms/servlet/request/IReqParser.java
@@ -29,7 +29,7 @@ import com.netscape.cms.servlet.common.CMSTemplateParams;
  * converts Java request object into name value
  * pairs and vice versa.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public interface IReqParser {
diff --git a/base/common/src/com/netscape/cms/servlet/request/KeyReqParser.java b/base/common/src/com/netscape/cms/servlet/request/KeyReqParser.java
index b7ddc16d4..6c863733f 100644
--- a/base/common/src/com/netscape/cms/servlet/request/KeyReqParser.java
+++ b/base/common/src/com/netscape/cms/servlet/request/KeyReqParser.java
@@ -30,7 +30,7 @@ import com.netscape.cms.servlet.key.KeyRecordParser;
 
 /**
  * Output a 'pretty print' of a Key Archival request
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class KeyReqParser extends ReqParser {
diff --git a/base/common/src/com/netscape/cms/servlet/request/KeyRequestsResourceService.java b/base/common/src/com/netscape/cms/servlet/request/KeyRequestsResourceService.java
index 82b1efa07..0ea06f983 100644
--- a/base/common/src/com/netscape/cms/servlet/request/KeyRequestsResourceService.java
+++ b/base/common/src/com/netscape/cms/servlet/request/KeyRequestsResourceService.java
@@ -15,7 +15,7 @@
 // (C) 2011 Red Hat, Inc.
 // All rights reserved.
 // --- END COPYRIGHT BLOCK ---
- 
+
 package com.netscape.cms.servlet.request;
 
 import javax.ws.rs.WebApplicationException;
@@ -41,16 +41,16 @@ public class KeyRequestsResourceService extends CMSResourceService implements Ke
     public KeyRequestInfos listRequests(String requestState, String requestType, String clientID,
             RequestId start, int pageSize, int maxResults, int maxTime) {
         // auth and authz
-        
+
         // get ldap filter
         String filter = createSearchFilter(requestState, requestType, clientID);
         CMS.debug("listRequests: filter is " + filter);
-       
+
         // get start marker
         if (start == null) {
             start = new RequestId(KeyRequestsResource.DEFAULT_START);
         }
-        
+
         KeyRequestDAO reqDAO = new KeyRequestDAO();
         KeyRequestInfos requests;
         try {
@@ -66,31 +66,31 @@ public class KeyRequestsResourceService extends CMSResourceService implements Ke
     private String createSearchFilter(String requestState, String requestType, String clientID) {
         String filter = "";
         int matches = 0;
-        
+
         if ((requestState == null) && (requestType == null) && (clientID == null)) {
             filter = "(requeststate=*)";
             return filter;
         }
-        
+
         if (requestState != null) {
             filter += "(requeststate=" + LDAPUtil.escape(requestState) + ")";
             matches ++;
         }
-        
+
         if (requestType != null) {
             filter += "(requesttype=" + LDAPUtil.escape(requestType) + ")";
             matches ++;
         }
-        
+
         if (clientID != null) {
             filter += "(clientID=" + LDAPUtil.escape(clientID) + ")";
             matches ++;
         }
-        
+
         if (matches > 1) {
             filter = "(&" + filter + ")";
         }
-        
+
         return filter;
     }
 }
diff --git a/base/common/src/com/netscape/cms/servlet/request/ProcessReq.java b/base/common/src/com/netscape/cms/servlet/request/ProcessReq.java
index 9c173d832..bf8decd69 100644
--- a/base/common/src/com/netscape/cms/servlet/request/ProcessReq.java
+++ b/base/common/src/com/netscape/cms/servlet/request/ProcessReq.java
@@ -52,7 +52,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Display Generic Request detail to the user.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ProcessReq extends CMSServlet {
@@ -94,7 +94,7 @@ public class ProcessReq extends CMSServlet {
      * 
  • CertReqParser.DETAIL_PARSER - Show certificate detail
      * 
  • KeyReqParser.PARSER - Show key archival detail
      * 
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -113,7 +113,7 @@ public class ProcessReq extends CMSServlet {
                 mParser = KeyReqParser.PARSER;
         }
 
-        // override success and error templates to null - 
+        // override success and error templates to null -
         // handle templates locally.
         mTemplates.remove(CMSRequest.SUCCESS);
         mTemplates.remove(CMSRequest.ERROR);
@@ -127,7 +127,7 @@ public class ProcessReq extends CMSServlet {
      * 
  • http.param seqNum
      * 
  • http.param doAssign reassign request. Value can be reassignToMe reassignToNobody
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
     public void process(CMSRequest cmsReq) throws EBaseException {
@@ -261,7 +261,7 @@ public class ProcessReq extends CMSServlet {
                 }
             }
 
-            // add authority names to know what privileges can be requested.	
+            // add authority names to know what privileges can be requested.
             if (CMS.getSubsystem("kra") != null)
                 header.addStringValue("localkra", "yes");
             if (CMS.getSubsystem("ca") != null)
@@ -272,8 +272,8 @@ public class ProcessReq extends CMSServlet {
             // DONT NEED TO DO THIS FOR DRM
             if (mAuthority instanceof ICertAuthority) {
                 // Check/set signing algorithms dynamically.
-                // In RA mSigningAlgorithms could be null at startup if CA is not 
-                // up and set later when CA comes back up. 
+                // In RA mSigningAlgorithms could be null at startup if CA is not
+                // up and set later when CA comes back up.
                 // Once it's set assumed that it won't change.
                 String[] allAlgorithms = mSigningAlgorithms;
 
diff --git a/base/common/src/com/netscape/cms/servlet/request/QueryReq.java b/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
index f6ae634f4..f18fabc6a 100644
--- a/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
+++ b/base/common/src/com/netscape/cms/servlet/request/QueryReq.java
@@ -47,7 +47,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Show paged list of requests matching search criteria
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class QueryReq extends CMSServlet {
@@ -118,7 +118,7 @@ public class QueryReq extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses the template file
      * "queryReq.template" to process the response.
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
@@ -143,7 +143,7 @@ public class QueryReq extends CMSServlet {
                 mParser = KeyReqParser.PARSER;
         }
 
-        // override success and error templates to null - 
+        // override success and error templates to null -
         // handle templates locally.
         mTemplates.remove(CMSRequest.SUCCESS);
         mTemplates.remove(CMSRequest.ERROR);
@@ -222,7 +222,7 @@ public class QueryReq extends CMSServlet {
      * 
  • http.param totalCount total number of records in set of pages
      * 
  • http.param direction "up", "down", "begin", or "end"
      * 
-     * 
+     *
      * @param cmsReq the object holding the request and response information
      */
 
@@ -254,7 +254,7 @@ public class QueryReq extends CMSServlet {
         Locale[] locale = new Locale[1];
 
         try {
-            // if get a EBaseException we just throw it. 
+            // if get a EBaseException we just throw it.
             form = getTemplate(mFormPath, req, locale);
         } catch (IOException e) {
             log(ILogger.LL_FAILURE,
@@ -265,9 +265,9 @@ public class QueryReq extends CMSServlet {
 
         /**
          * WARNING:
-         * 
+         *
          * PLEASE DO NOT TOUCH THE FILTER HERE. ALL FILTERS ARE INDEXED.
-         * 
+         *
          **/
         String filter = null;
         String reqState = req.getParameter("reqState");
@@ -353,7 +353,7 @@ public class QueryReq extends CMSServlet {
 
     /**
      * Perform search based on direction button pressed
-     * 
+     *
      * @param filter ldap filter indicating which VLV to search through. This can be
      *            'all requests', 'pending', etc
      * @param count the number of requests to show per page
@@ -382,7 +382,7 @@ public class QueryReq extends CMSServlet {
     }
 
     /**
-     * 
+     *
      * @param locale
      * @param filter the types of requests to return - this must match the VLV index
      * @param count maximum number of records to return
@@ -411,7 +411,7 @@ public class QueryReq extends CMSServlet {
             boolean jumptoend = false;
             if (marker.toString().equals("-1")) {
                 marker = BigInteger.ZERO; // I think this is inconsequential
-                jumptoend = true; // override  to '99' during search 
+                jumptoend = true; // override  to '99' during search
             }
 
             RequestId id = new RequestId(marker);
@@ -487,7 +487,7 @@ public class QueryReq extends CMSServlet {
 
     /**
      * If the vector contains the marker element at the end, remove it.
-     * 
+     *
      * @param v The vector to trim
      * @param marker the marker to look for.
      */
@@ -502,7 +502,7 @@ public class QueryReq extends CMSServlet {
     /**
      * Sometimes the list comes back from LDAP in reverse order. This function makes
      * sure the results are in 'forward' order.
-     * 
+     *
      * @param list
      * @return
      */
@@ -527,7 +527,7 @@ public class QueryReq extends CMSServlet {
 
     /**
      * If the requests are in backwards order, reverse the list
-     * 
+     *
      * @param list
      * @return
      */
diff --git a/base/common/src/com/netscape/cms/servlet/request/ReqParser.java b/base/common/src/com/netscape/cms/servlet/request/ReqParser.java
index 230ddb433..4a6a79072 100644
--- a/base/common/src/com/netscape/cms/servlet/request/ReqParser.java
+++ b/base/common/src/com/netscape/cms/servlet/request/ReqParser.java
@@ -29,7 +29,7 @@ import com.netscape.cms.servlet.common.CMSTemplateParams;
 /**
  * A class representing a request parser.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ReqParser implements IReqParser {
diff --git a/base/common/src/com/netscape/cms/servlet/request/SearchReqs.java b/base/common/src/com/netscape/cms/servlet/request/SearchReqs.java
index 08d5805b6..b9fa461fd 100644
--- a/base/common/src/com/netscape/cms/servlet/request/SearchReqs.java
+++ b/base/common/src/com/netscape/cms/servlet/request/SearchReqs.java
@@ -49,7 +49,7 @@ import com.netscape.cms.servlet.common.ECMSGWException;
 
 /**
  * Search for certificates matching complex query filter
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class SearchReqs extends CMSServlet {
@@ -90,7 +90,7 @@ public class SearchReqs extends CMSServlet {
     /**
      * initialize the servlet. This servlet uses queryReq.template
      * to render the response
-     * 
+     *
      * @param sc servlet configuration, read from the web.xml file
      */
     public void init(ServletConfig sc) throws ServletException {
diff --git a/base/common/src/com/netscape/cms/servlet/request/model/ArchivalRequestData.java b/base/common/src/com/netscape/cms/servlet/request/model/ArchivalRequestData.java
index 8a25c6684..bcc51bf96 100644
--- a/base/common/src/com/netscape/cms/servlet/request/model/ArchivalRequestData.java
+++ b/base/common/src/com/netscape/cms/servlet/request/model/ArchivalRequestData.java
@@ -17,7 +17,7 @@
 // --- END COPYRIGHT BLOCK ---
 
 /**
- * 
+ *
  */
 package com.netscape.cms.servlet.request.model;
 
@@ -42,21 +42,21 @@ public class ArchivalRequestData {
 
     @XmlElement
     protected String clientId;
-    
+
     @XmlElement
     protected String transWrappedSessionKey;
-    
+
     @XmlElement
     protected String dataType;
-    
+
     @XmlElement
     protected String wrappedPrivateData;
-    
+
     public ArchivalRequestData() {
         // required for JAXB (defaults)
     }
-    
-    public ArchivalRequestData(MultivaluedMap form) {        
+
+    public ArchivalRequestData(MultivaluedMap form) {
         clientId = form.getFirst(CLIENT_ID);
         transWrappedSessionKey = form.getFirst(TRANS_WRAPPED_SESSION_KEY);
         dataType = form.getFirst(DATA_TYPE);
@@ -118,6 +118,6 @@ public class ArchivalRequestData {
     public void setWrappedPrivateData(String wrappedPrivateData) {
         this.wrappedPrivateData = wrappedPrivateData;
     }
-    
+
 
 }
diff --git a/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestDAO.java b/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestDAO.java
index d1f1a27bd..aaea45398 100644
--- a/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestDAO.java
+++ b/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestDAO.java
@@ -53,20 +53,20 @@ public class KeyRequestDAO {
     private IKeyRecoveryAuthority kra;
 
     private static String REQUEST_ARCHIVE_OPTIONS = IEnrollProfile.REQUEST_ARCHIVE_OPTIONS;
-    
+
     private String[] vlvFilters = {
             "(requeststate=*)", "(requesttype=enrollment)",
             "(requesttype=recovery)", "(requeststate=canceled)",
             "(&(requeststate=canceled)(requesttype=enrollment))",
-            "(&(requeststate=canceled)(requesttype=recovery))", 
-            "(requeststate=rejected)", 
+            "(&(requeststate=canceled)(requesttype=recovery))",
+            "(requeststate=rejected)",
             "(&(requeststate=rejected)(requesttype=enrollment))",
             "(&(requeststate=rejected)(requesttype=recovery))",
             "(requeststate=complete)",
             "(&(requeststate=complete)(requesttype=enrollment))",
             "(&(requeststate=complete)(requesttype=recovery))"
     };
-    
+
     public static final String ATTR_SERIALNO = "serialNumber";
 
     public KeyRequestDAO() {
@@ -75,12 +75,12 @@ public class KeyRequestDAO {
     }
 
     /**
-     * Finds list of requests matching the specified search filter.  
-     * 
-     * If the filter corresponds to a VLV search, then that search is executed and the pageSize 
+     * Finds list of requests matching the specified search filter.
+     *
+     * If the filter corresponds to a VLV search, then that search is executed and the pageSize
      * and start parameters are used.  Otherwise, the maxResults and maxTime parameters are
      * used in the regularly indexed search.
-     * 
+     *
      * @param filter - ldap search filter
      * @param start - start position for VLV search
      * @param pageSize - page size for VLV search
@@ -96,16 +96,16 @@ public class KeyRequestDAO {
         List  links = new ArrayList();
         int totalSize = 0;
         int current = 0;
-        
+
         if (isVLVSearch(filter)) {
             IRequestVirtualList vlvlist = queue.getPagedRequestsByFilter(start, false, filter,
                                                                          pageSize +1 , "requestId");
             totalSize = vlvlist.getSize();
             current = vlvlist.getCurrentIndex();
-            
+
             int numRecords = (totalSize > (current + pageSize)) ? pageSize :
                 totalSize - current;
-            
+
             for (int i=0; i < numRecords; i++) {
                 IRequest request = vlvlist.getElementAt(i);
                 list.add(createKeyRequestInfo(request, uriInfo));
@@ -127,7 +127,7 @@ public class KeyRequestDAO {
                 }
             }
         }
-        
+
         // builder for vlv links
         MultivaluedMap params = uriInfo.getQueryParameters();
         UriBuilder builder = uriInfo.getAbsolutePathBuilder();
@@ -139,7 +139,7 @@ public class KeyRequestDAO {
         }
         builder.queryParam("start", "{start}");
         builder.queryParam("pageSize", "{pageSize}");
-        
+
         // next link
         if (totalSize > current + pageSize) {
             int next = current + pageSize + 1;
@@ -147,7 +147,7 @@ public class KeyRequestDAO {
             Link nextLink = new Link("next", nextUri.toString(), "application/xml");
             links.add(nextLink);
         }
-        
+
         // previous link
         if (current >0) {
             int previous = current - pageSize;
@@ -155,18 +155,18 @@ public class KeyRequestDAO {
             Link previousLink = new Link("previous", previousUri.toString(), "application/xml");
             links.add(previousLink);
         }
-        
+
         KeyRequestInfos ret = new KeyRequestInfos();
         ret.setRequests(list);
         ret.setLinks(links);
         return ret;
     }
-    
+
     /**
      * Gets info for a specific request
      * @param id
      * @return info for specific request
-     * @throws EBaseException 
+     * @throws EBaseException
      */
     public KeyRequestInfo getRequest(RequestId id, UriInfo uriInfo) throws EBaseException {
         IRequest request = queue.findRequest(id);
@@ -180,7 +180,7 @@ public class KeyRequestDAO {
      * Submits an archival request and processes it.
      * @param data
      * @return info for the request submitted.
-     * @throws EBaseException 
+     * @throws EBaseException
      */
     public KeyRequestInfo submitRequest(ArchivalRequestData data, UriInfo uriInfo) throws EBaseException {
         String clientId = data.getClientId();
@@ -209,9 +209,9 @@ public class KeyRequestDAO {
      * Submits a key recovery request.
      * @param data
      * @return info on the recovery request created
-     * @throws EBaseException 
+     * @throws EBaseException
      */
-    public KeyRequestInfo submitRequest(RecoveryRequestData data, UriInfo uriInfo) throws EBaseException { 
+    public KeyRequestInfo submitRequest(RecoveryRequestData data, UriInfo uriInfo) throws EBaseException {
 
         // set data using request.setExtData(field, data)
 
@@ -256,42 +256,42 @@ public class KeyRequestDAO {
         request.setRequestStatus(RequestStatus.APPROVED);
         queue.updateRequest(request);
     }
-    
+
     public void rejectRequest(RequestId id) throws EBaseException {
         IRequest request = queue.findRequest(id);
         request.setRequestStatus(RequestStatus.CANCELED);
         queue.updateRequest(request);
     }
-    
+
     public void cancelRequest(RequestId id) throws EBaseException {
         IRequest request = queue.findRequest(id);
         request.setRequestStatus(RequestStatus.REJECTED);
         queue.updateRequest(request);
     }
-    
+
     public KeyRequestInfo createKeyRequestInfo(IRequest request, UriInfo uriInfo) {
         KeyRequestInfo ret = new KeyRequestInfo();
-        
+
         ret.setRequestType(request.getRequestType());
         ret.setRequestStatus(request.getRequestStatus().toString());
-        
+
         Path keyRequestPath = KeyRequestResource.class.getAnnotation(Path.class);
         RequestId rid = request.getRequestId();
 
         UriBuilder reqBuilder = uriInfo.getBaseUriBuilder();
         reqBuilder.path(keyRequestPath.value() + "/" + rid);
         ret.setRequestURL(reqBuilder.build().toString());
-        
+
         Path keyPath = KeyResource.class.getAnnotation(Path.class);
         String kid = request.getExtDataInString("keyrecord");
 
         UriBuilder keyBuilder = uriInfo.getBaseUriBuilder();
         keyBuilder.path(keyPath.value() + "/" + kid);
         ret.setKeyURL(keyBuilder.build().toString());
-        
+
         return ret;
     }
-    
+
     private boolean isVLVSearch(String filter) {
         for (int i=0; i < vlvFilters.length; i++) {
             if (vlvFilters[i].equalsIgnoreCase(filter)) {
diff --git a/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestInfo.java b/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestInfo.java
index f07c302dd..fd3be8044 100644
--- a/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestInfo.java
+++ b/base/common/src/com/netscape/cms/servlet/request/model/KeyRequestInfo.java
@@ -32,20 +32,20 @@ public class KeyRequestInfo {
 
     @XmlElement
     protected String requestType;
-    
+
     @XmlElement
     protected String requestStatus;
-    
+
     @XmlElement
     protected String requestURL;
-    
+
     @XmlElement
     protected String keyURL;
-    
+
     public KeyRequestInfo(){
         // required to be here for JAXB (defaults)
     }
-    
+
     /**
      * @return the requestType
      */
diff --git a/base/common/src/com/netscape/cms/servlet/request/model/RecoveryRequestData.java b/base/common/src/com/netscape/cms/servlet/request/model/RecoveryRequestData.java
index 80ec6d127..335414792 100644
--- a/base/common/src/com/netscape/cms/servlet/request/model/RecoveryRequestData.java
+++ b/base/common/src/com/netscape/cms/servlet/request/model/RecoveryRequestData.java
@@ -17,7 +17,7 @@
 // --- END COPYRIGHT BLOCK ---
 
 /**
- * 
+ *
  */
 package com.netscape.cms.servlet.request.model;
 
@@ -40,7 +40,7 @@ import com.netscape.certsrv.request.RequestIdAdapter;
 @XmlRootElement(name="SecurityDataRecoveryRequest")
 @XmlAccessorType(XmlAccessType.FIELD)
 public class RecoveryRequestData {
-    
+
     private static final String KEY_ID = "keyId";
     private static final String REQUEST_ID = "requestId";
     private static final String TRANS_WRAPPED_SESSION_KEY = "transWrappedSessionKey";
@@ -50,24 +50,24 @@ public class RecoveryRequestData {
     @XmlElement
     @XmlJavaTypeAdapter(KeyIdAdapter.class)
     protected KeyId keyId;
-    
+
     @XmlElement
     @XmlJavaTypeAdapter(RequestIdAdapter.class)
     protected RequestId requestId;
-    
+
     @XmlElement
     protected String transWrappedSessionKey;
-    
+
     @XmlElement
     protected String sessionWrappedPassphrase;
-    
+
     @XmlElement
     protected String nonceData;
 
     public RecoveryRequestData() {
         // required for JAXB (defaults)
     }
-    
+
     public RecoveryRequestData(MultivaluedMap form) {
         if (form.containsKey(KEY_ID)) {
             keyId = new KeyId(form.getFirst(KEY_ID));
diff --git a/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java b/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java
index c96a30a85..d4801e794 100644
--- a/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/tks/TokenServlet.java
@@ -54,7 +54,7 @@ import com.netscape.symkey.SessionKey;
  * Service Authority. This servlet is responsible to serve
  * tks administrative operation such as configuration
  * parameter updates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class TokenServlet extends CMSServlet {
@@ -134,7 +134,7 @@ public class TokenServlet extends CMSServlet {
 
     /**
      * Returns serlvet information.
-     * 
+     *
      * @return name of this servlet
      */
     public String getServletInfo() {
@@ -143,7 +143,7 @@ public class TokenServlet extends CMSServlet {
 
     /**
      * Process the HTTP request.
-     * 
+     *
      * @param s The URL to decode.
      */
     protected String URLdecode(String s) {
@@ -455,7 +455,7 @@ public class TokenServlet extends CMSServlet {
 
                         // (1) generate DES key
                         /* applet does not support DES3
-                        org.mozilla.jss.crypto.KeyGenerator kg = 
+                        org.mozilla.jss.crypto.KeyGenerator kg =
                             internalToken.getKeyGenerator(KeyGenAlgorithm.DES3);
                             desKey = kg.generate();*/
 
@@ -1148,19 +1148,19 @@ public class TokenServlet extends CMSServlet {
         audit(auditMessage);
     }
 
-    /* 
+    /*
      *   For EncryptData:
      *   data=value1
      *   CUID=value2 // missing from RA
      *   versionID=value3  // missing from RA
      *
-     *   For ComputeSession: 
+     *   For ComputeSession:
      *   card_challenge=value1
      *   host_challenge=value2
-     
+
      *   For DiversifyKey:
      *   new_master_key_index
-     *   master_key_index   
+     *   master_key_index
      */
 
     private void processComputeRandomData(HttpServletRequest req,
@@ -1329,7 +1329,7 @@ public class TokenServlet extends CMSServlet {
 
     /**
      * Serves HTTP admin request.
-     * 
+     *
      * @param req HTTP request
      * @param resp HTTP response
      */
diff --git a/base/common/src/com/netscape/cms/servlet/wizard/WizardServlet.java b/base/common/src/com/netscape/cms/servlet/wizard/WizardServlet.java
index aee57858f..6c5211650 100644
--- a/base/common/src/com/netscape/cms/servlet/wizard/WizardServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/wizard/WizardServlet.java
@@ -222,7 +222,7 @@ public class WizardServlet extends VelocityServlet {
     public int getPanelNo(HttpServletRequest request) {
         int p = 0;
 
-        // panel number can be identified by either 
+        // panel number can be identified by either
         //   panel no (p parameter) directly, or
         //   panel name (panelname parameter).
         if (request.getParameter("panelname") != null) {
@@ -424,7 +424,7 @@ public class WizardServlet extends VelocityServlet {
         while (paramNames.hasMoreElements()) {
             String pn = paramNames.nextElement();
             // added this facility so that password can be hidden,
-            // all sensitive parameters should be prefixed with 
+            // all sensitive parameters should be prefixed with
             // __ (double underscores); however, in the event that
             // a security parameter slips through, we perform multiple
             // additional checks to insure that it is NOT displayed
diff --git a/base/common/src/com/netscape/cms/shares/OldJoinShares.java b/base/common/src/com/netscape/cms/shares/OldJoinShares.java
index f01e1e1c3..cda8dddfe 100644
--- a/base/common/src/com/netscape/cms/shares/OldJoinShares.java
+++ b/base/common/src/com/netscape/cms/shares/OldJoinShares.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.kra.IJoinShares;
 /**
  * Use Java's reflection API to leverage CMS's
  * old Share and JoinShares implementations.
- * 
+ *
  * @deprecated
  * @version $Revision$ $Date$
  */
diff --git a/base/common/src/com/netscape/cms/shares/OldShare.java b/base/common/src/com/netscape/cms/shares/OldShare.java
index 4020e759e..2bf27f5ab 100644
--- a/base/common/src/com/netscape/cms/shares/OldShare.java
+++ b/base/common/src/com/netscape/cms/shares/OldShare.java
@@ -25,7 +25,7 @@ import com.netscape.certsrv.kra.IShare;
 /**
  * Use Java's reflection API to leverage CMS's
  * old Share and JoinShares implementations.
- * 
+ *
  * @deprecated
  * @version $Revision$ $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/apps/CMSEngine.java b/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
index e1981132d..2635541fa 100644
--- a/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
+++ b/base/common/src/com/netscape/cmscore/apps/CMSEngine.java
@@ -200,7 +200,7 @@ public class CMSEngine implements ICMSEngine {
     private String mConfigSDSessionId = null;
     private Timer mSDTimer = null;
 
-    // static subsystems - must be singletons 
+    // static subsystems - must be singletons
     private static SubsystemInfo[] mStaticSubsystems = {
             new SubsystemInfo(
                     Debug.ID, Debug.getInstance()),
@@ -218,16 +218,16 @@ public class CMSEngine implements ICMSEngine {
                     OidLoaderSubsystem.ID, OidLoaderSubsystem.getInstance()),
             new SubsystemInfo(
                     X500NameSubsystem.ID, X500NameSubsystem.getInstance()),
-            // skip TP subsystem; 
+            // skip TP subsystem;
             // problem in needing dbsubsystem in constructor. and it's not used.
             new SubsystemInfo(
                     RequestSubsystem.ID, RequestSubsystem.getInstance()),
         };
 
-    // dynamic subsystems are loaded at init time, not neccessarily singletons. 
+    // dynamic subsystems are loaded at init time, not neccessarily singletons.
     private static SubsystemInfo[] mDynSubsystems = null;
 
-    // final static subsystems - must be singletons. 
+    // final static subsystems - must be singletons.
     private static SubsystemInfo[] mFinalSubsystems = {
             new SubsystemInfo(
                     AuthSubsystem.ID, AuthSubsystem.getInstance()),
@@ -328,7 +328,7 @@ public class CMSEngine implements ICMSEngine {
 
     /**
      * initialize all static, dynamic and final static subsystems.
-     * 
+     *
      * @param owner null
      * @param config main config store.
      * @exception EBaseException if any error occur in subsystems during
@@ -414,9 +414,9 @@ public class CMSEngine implements ICMSEngine {
 
     /**
      * Parse ACL resource attributes
-     * 
+     *
      * @param resACLs same format as the resourceACLs attribute:
-     * 
+     *
      *            
          *     ::
      *      () 
@@ -878,7 +878,7 @@ public class CMSEngine implements ICMSEngine {
             throws EBaseException {
         IConfigStore ssconfig = mConfig.getSubStore(PROP_SUBSYSTEM);
 
-        // count number of dyn loaded subsystems. 
+        // count number of dyn loaded subsystems.
         Enumeration ssnames = ssconfig.getSubStoreNames();
         int nsubsystems = 0;
 
@@ -973,7 +973,7 @@ public class CMSEngine implements ICMSEngine {
 
     /**
      * Starts up all subsystems. subsystems must be initialized.
-     * 
+     *
      * @exception EBaseException if any subsystem fails to startup.
      */
     public void startup() throws EBaseException {
@@ -982,7 +982,7 @@ public class CMSEngine implements ICMSEngine {
             startupSubsystems(mDynSubsystems);
         startupSubsystems(mFinalSubsystems);
 
-        // global admin servlet. (anywhere else more fit for this ?) 
+        // global admin servlet. (anywhere else more fit for this ?)
 
         mStartupTime = System.currentTimeMillis();
 
@@ -1103,7 +1103,7 @@ public class CMSEngine implements ICMSEngine {
                     while (in1.ready()) {
                         line = in1.readLine();
                         if (line != null)
-                            out1.println(lineParsing(line, newName)); 
+                            out1.println(lineParsing(line, newName));
                     }
 
                     out1.close();
@@ -1601,7 +1601,7 @@ public class CMSEngine implements ICMSEngine {
 
                 t1.setDaemon(true);
                 t1.start();
-                
+
                 // wait for command queue to emptied before proceeding to shutting down subsystems
                 Date time = new Date();
                 long startTime = time.getTime();
@@ -1764,7 +1764,7 @@ public class CMSEngine implements ICMSEngine {
             /**
              * if (!version.equals("pre4.2"))
              * return;
-             * 
+             *
              * Upgrade.perform(c);
              **/
         }
diff --git a/base/common/src/com/netscape/cmscore/apps/CommandQueue.java b/base/common/src/com/netscape/cmscore/apps/CommandQueue.java
index 6604fea5b..f3963edb8 100644
--- a/base/common/src/com/netscape/cmscore/apps/CommandQueue.java
+++ b/base/common/src/com/netscape/cmscore/apps/CommandQueue.java
@@ -56,7 +56,7 @@ public class CommandQueue implements Runnable, ICommandQueue {
      * Overrides Thread.run(), calls batchPublish().
      */
     public void run() {
-        //int  priority = Thread.MIN_PRIORITY;      
+        //int  priority = Thread.MIN_PRIORITY;
         //Thread.currentThread().setPriority(priority);
         /*-------------------------------------------------
          ** Loop until queue is empty
diff --git a/base/common/src/com/netscape/cmscore/apps/PKIServerEvent.java b/base/common/src/com/netscape/cmscore/apps/PKIServerEvent.java
index e815a9940..c49307a9e 100644
--- a/base/common/src/com/netscape/cmscore/apps/PKIServerEvent.java
+++ b/base/common/src/com/netscape/cmscore/apps/PKIServerEvent.java
@@ -20,7 +20,7 @@ package com.netscape.cmscore.apps;
 /**
  * A class represents a PKIServer event.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/apps/PKIServerListener.java b/base/common/src/com/netscape/cmscore/apps/PKIServerListener.java
index bef70ce86..9cfcb1b31 100644
--- a/base/common/src/com/netscape/cmscore/apps/PKIServerListener.java
+++ b/base/common/src/com/netscape/cmscore/apps/PKIServerListener.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.apps;
  * A class represents a listener that listens to
  * PKIServer event.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/apps/Setup.java b/base/common/src/com/netscape/cmscore/apps/Setup.java
index 3486ec40e..fecf024de 100644
--- a/base/common/src/com/netscape/cmscore/apps/Setup.java
+++ b/base/common/src/com/netscape/cmscore/apps/Setup.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.IConfigStore;
 
 /**
  * Select certificate server serices.
- * 
+ *
  * @author thomask
  * @author nicolson
  * @version $Revision$, $Date$
diff --git a/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java b/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java
index 64a09173f..5c27d8c6a 100644
--- a/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java
@@ -42,7 +42,7 @@ import com.netscape.cmscore.util.Debug;
 /**
  * Default authentication subsystem
  * 
    
- * 
+ *
  * @author cfu
  * @author lhsiao
  * @version $Revision$, $Date$
@@ -74,7 +74,7 @@ public class AuthSubsystem implements IAuthSubsystem {
      * Initializes the authentication subsystem from the config store.
      * Load Authentication manager plugins, create and initialize
      * initialize authentication manager instances.
-     * 
+     *
      * @param owner The owner of this module.
      * @param config The configuration store.
      */
@@ -84,7 +84,7 @@ public class AuthSubsystem implements IAuthSubsystem {
             mLogger = CMS.getLogger();
             mConfig = config;
 
-            // hardcode admin and agent plugins required for the server to be 
+            // hardcode admin and agent plugins required for the server to be
             // functional.
 
             AuthMgrPlugin newPlugin = null;
@@ -259,7 +259,7 @@ public class AuthSubsystem implements IAuthSubsystem {
     /**
      * Authenticate to the named authentication manager instance
      * 
    
-     * 
+     *
      * @param authCred authentication credentials subject to the
      *            requirements of each authentication manager
      * @param authMgrName name of the authentication manager instance
@@ -309,7 +309,7 @@ public class AuthSubsystem implements IAuthSubsystem {
     /**
      * Gets configuration parameters for the given
      * authentication manager plugin.
-     * 
+     *
      * @param implName Name of the authentication plugin.
      * @return Hashtable of required parameters.
      */
@@ -345,7 +345,7 @@ public class AuthSubsystem implements IAuthSubsystem {
 
     /**
      * Add an authentication manager instance.
-     * 
+     *
      * @param name name of the authentication manager instance
      * @param authMgr the authentication manager instance to be added
      */
@@ -363,7 +363,7 @@ public class AuthSubsystem implements IAuthSubsystem {
 
     /**
      * Gets the authentication manager instance of the specified name.
-     * 
+     *
      * @param name name of the authentication manager instance
      * @return the named authentication manager instance
      */
@@ -427,7 +427,7 @@ public class AuthSubsystem implements IAuthSubsystem {
 
     /**
      * Retrieves id (name) of this subsystem.
-     * 
+     *
      * @return name of the authentication subsystem
      */
     public String getId() {
@@ -438,7 +438,7 @@ public class AuthSubsystem implements IAuthSubsystem {
      * Sets id string to this subsystem.
      * 
    
      * Use with caution. Should not do it when sharing with others
-     * 
+     *
      * @param id name to be applied to an authentication sybsystem
      */
     public void setId(String id) throws EBaseException {
@@ -485,7 +485,7 @@ public class AuthSubsystem implements IAuthSubsystem {
     /**
      * Returns the root configuration storage of this system.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
@@ -494,7 +494,7 @@ public class AuthSubsystem implements IAuthSubsystem {
 
     /**
      * gets the named authentication manager
-     * 
+     *
      * @param name of the authentication manager
      * @return the named authentication manager
      */
diff --git a/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java b/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java
index 84807430f..e9fb6c891 100644
--- a/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java
+++ b/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java
@@ -42,7 +42,7 @@ import com.netscape.cmscore.usrgrp.User;
  * Maps a SSL client authenticate certificate to a user (agent) entry in the
  * internal database.
  * 
    
- * 
+ *
  * @author lhsiao
  * @author cfu
  * @version $Revision$, $Date$
@@ -80,7 +80,7 @@ public class CertUserDBAuthentication implements IAuthManager {
      * initializes the CertUserDBAuthentication auth manager
      * 
    
      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param owner - The authentication subsystem that hosts this
      *            auth manager
      * @param config - The configuration store used by the
@@ -129,11 +129,11 @@ public class CertUserDBAuthentication implements IAuthManager {
      * authenticates user(agent) by certificate
      * 
    
      * called by other subsystems or their servlets to authenticate users (agents)
-     * 
+     *
      * @param authCred - authentication credential that contains
      *            an usrgrp.Certificates of the user (agent)
      * @return the authentication token that contains the following
-     * 
+     *
      * @exception com.netscape.certsrv.base.EAuthsException any
      *                authentication failure or insufficient credentials
      * @see com.netscape.certsrv.authentication.AuthToken
@@ -183,7 +183,7 @@ public class CertUserDBAuthentication implements IAuthManager {
             throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()));
         }
 
-        // any unexpected error occurs like internal db down, 
+        // any unexpected error occurs like internal db down,
         // UGSubsystem only returns null for user.
         if (user == null) {
             CMS.debug("Authentication: cannot map certificate to user");
@@ -211,7 +211,7 @@ public class CertUserDBAuthentication implements IAuthManager {
      * the servlets that handle agent operations to authenticate its
      * users. It calls this method to know which are the
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -224,7 +224,7 @@ public class CertUserDBAuthentication implements IAuthManager {
      * the Certificate Server Console to display the table for
      * configuration purposes. CertUserDBAuthentication is currently not
      * exposed in this case, so this method is not to be used.
-     * 
+     *
      * @return configuration parameter names in Hashtable of Vectors
      *         where each hashtable entry's key is the substore name, value is a
      *         Vector of parameter names. If no substore, the parameter name
@@ -243,7 +243,7 @@ public class CertUserDBAuthentication implements IAuthManager {
     /**
      * gets the configuretion substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java b/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
index a7d5329c0..f40145938 100644
--- a/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
+++ b/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
@@ -53,7 +53,7 @@ import com.netscape.cmsutil.util.Utils;
  * internal database and further compares the challenge phrase with
  * that from the EE input.
  * 
    
- * 
+ *
  * @author cfu chrisho
  * @version $Revision$, $Date$
  */
@@ -81,7 +81,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
     private String mRequestor = null;
     private MessageDigest mSHADigest = null;
 
-    // request attributes hacks 
+    // request attributes hacks
     public static final String CHALLENGE_PHRASE = CRED_CHALLENGE;
     public static final String SUBJECTNAME = "subjectName";
     public static final String SERIALNUMBER = "serialNumber";
@@ -94,7 +94,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
      * initializes the ChallengePhraseAuthentication auth manager
      * 
    
      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param name The name of this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config The configuration store for this authentication manager.
@@ -132,11 +132,11 @@ public class ChallengePhraseAuthentication implements IAuthManager {
      * authenticates revocation of a certification by a challenge phrase
      * 
    
      * called by other subsystems or their servlets to authenticate a revocation request
-     * 
+     *
      * @param authCred - authentication credential that contains
      *            a Certificate to revoke
      * @return the authentication token that contains the request id
-     * 
+     *
      * @exception EMissingCredential If a required credential for this
      *                authentication manager is missing.
      * @exception EInvalidCredentials If credentials cannot be authenticated.
@@ -155,10 +155,10 @@ public class ChallengePhraseAuthentication implements IAuthManager {
         AuthToken authToken = new AuthToken(this);
 
         /*
-         X509Certificate[] x509Certs = 
+         X509Certificate[] x509Certs =
          (X509Certificate[]) authCred.get(CRED_CERT);
          if (x509Certs == null) {
-         log(ILogger.LL_FAILURE, 
+         log(ILogger.LL_FAILURE,
          " missing cert credential.");
          throw new EMissingCredential(CRED_CERT_SERIAL);
          }
@@ -201,7 +201,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
 
         /* maybe later
          if (mCertDB.isCertificateRevoked(cert) != null) {
-         log(ILogger.LL_FAILURE, 
+         log(ILogger.LL_FAILURE,
          "Certificate has already been revoked.");
          // throw something else...cfu
          throw new EInvalidCredentials();
@@ -336,7 +336,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
      * the servlets that handle agent operations to authenticate its
      * users. It calls this method to know which are the
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -349,7 +349,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
      * the Certificate Server Console to display the table for
      * configuration purposes. ChallengePhraseAuthentication is currently not
      * exposed in this case, so this method is not to be used.
-     * 
+     *
      * @return configuration parameter names in Hashtable of Vectors
      *         where each hashtable entry's key is the substore name, value is a
      *         Vector of parameter names. If no substore, the parameter name
@@ -368,7 +368,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
     /**
      * gets the configuretion substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java b/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java
index e124f1407..a7a1461cf 100644
--- a/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java
+++ b/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * This authentication does nothing but just returns an empty authToken.
  * 
    
- * 
+ *
  * @author chrisho
  * @version $Revision$, $Date$
  */
@@ -53,7 +53,7 @@ public class NullAuthentication implements IAuthManager {
      * initializes the NullAuthentication auth manager
      * 
    
      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param name - Name assigned to this authentication manager instance.
      * @param implName - Name of the authentication plugin.
      * @param config - The configuration store used by the
@@ -72,7 +72,7 @@ public class NullAuthentication implements IAuthManager {
      * authenticates nothing
      * 
    
      * called by other subsystems or their servlets to authenticate administrators
-     * 
+     *
      * @param authCred Authentication credentials.
      *            "uid" and "pwd" are required.
      * @return the authentication token (authToken) that contains the following
@@ -113,7 +113,7 @@ public class NullAuthentication implements IAuthManager {
      * required by this authentication manager. Generally used by
      * servlets that use this authentication manager, to retrieve
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -123,7 +123,7 @@ public class NullAuthentication implements IAuthManager {
     /**
      * Get the list of configuration parameter names
      * required by this authentication manager. In this case, an empty list.
-     * 
+     *
      * @return String array of configuration parameters.
      */
     public String[] getConfigParams() {
@@ -139,7 +139,7 @@ public class NullAuthentication implements IAuthManager {
     /**
      * gets the configuration substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -148,7 +148,7 @@ public class NullAuthentication implements IAuthManager {
 
     /**
      * Log a message.
-     * 
+     *
      * @param level The logging level.
      * @param msg The message to log.
      */
diff --git a/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java b/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java
index f20bd5f07..5b6418c00 100644
--- a/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java
+++ b/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java
@@ -48,7 +48,7 @@ import com.netscape.cmscore.util.Debug;
  * Authentications by checking the uid and password against the
  * database.
  * 
    
- * 
+ *
  * @author lhsiao, cfu
  * @version $Revision$, $Date$
  */
@@ -81,7 +81,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
      * initializes the PasswdUserDBAuthentication auth manager
      * 
    
      * called by AuthSubsystem init() method, when initializing all available authentication managers.
-     * 
+     *
      * @param name - Name assigned to this authentication manager instance.
      * @param implName - Name of the authentication plugin.
      * @param config - The configuration store used by the
@@ -110,7 +110,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
      * authenticates administratrators by LDAP uid/pwd
      * 
    
      * called by other subsystems or their servlets to authenticate administrators
-     * 
+     *
      * @param authCred Authentication credentials.
      *            "uid" and "pwd" are required.
      * @return the authentication token (authToken) that contains the following
@@ -127,7 +127,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
             throws EMissingCredential, EInvalidCredentials, EBaseException {
         AuthToken authToken = new AuthToken(this);
 
-        // make sure the required credentials are provided 
+        // make sure the required credentials are provided
         String uid = (String) authCred.get(CRED_UID);
         CMS.debug("Authentication: UID=" + uid);
         if (uid == null) {
@@ -219,7 +219,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
      * required by this authentication manager. Generally used by
      * servlets that use this authentication manager, to retrieve
      * required credentials from the user (e.g. Javascript form data)
-     * 
+     *
      * @return attribute names in Vector
      */
     public String[] getRequiredCreds() {
@@ -229,7 +229,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
     /**
      * Get the list of configuration parameter names
      * required by this authentication manager. In this case, an empty list.
-     * 
+     *
      * @return String array of configuration parameters.
      */
     public String[] getConfigParams() {
@@ -252,7 +252,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
     /**
      * gets the configuretion substore used by this authentication
      * manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -261,7 +261,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
 
     /**
      * Log a message.
-     * 
+     *
      * @param level The logging level.
      * @param msg The message to log.
      */
diff --git a/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java b/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java
index 3f0d7a87b..183cebcfb 100644
--- a/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java
+++ b/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java
@@ -49,7 +49,7 @@ import com.netscape.cmscore.util.Debug;
 /**
  * SSL client based authentication.
  * 
    
- * 
+ *
  * @author chrisho
  * @version $Revision$, $Date$
  */
@@ -224,7 +224,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
      * Returns a list of configuration parameter names.
      * The list is passed to the configuration console so instances of
      * this implementation can be configured through the console.
-     * 
+     *
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams() {
@@ -233,7 +233,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
 
     /**
      * Returns array of required credentials for this authentication manager.
-     * 
+     *
      * @return Array of required credentials.
      */
     public String[] getRequiredCreds() {
@@ -268,7 +268,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
 
     /**
      * Gets the configuration substore used by this authentication manager
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java b/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java
index 173d69f89..0ada86e75 100644
--- a/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java
+++ b/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.apps.CMS;
 
 /**
  * class storing verified certificate.
- * 
+ *
  * @version $Revision$, $Date$
  */
 
diff --git a/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java b/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java
index 52ce91fdf..01c455464 100644
--- a/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java
+++ b/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java
@@ -23,7 +23,7 @@ import netscape.security.x509.X509CertImpl;
 
 /**
  * class storing verified certificates.
- * 
+ *
  * @version $Revision$, $Date$
  */
 
diff --git a/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java b/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
index 16bc40e29..344de6cf9 100644
--- a/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java
@@ -40,7 +40,7 @@ import com.netscape.cmscore.util.Debug;
 /**
  * Default authorization subsystem
  * 
    
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -71,7 +71,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
      * Initializes the authorization subsystem from the config store.
      * Load Authorization manager plugins, create and initialize
      * initialize authorization manager instances.
-     * 
+     *
      * @param owner The owner of this module.
      * @param config The configuration store.
      */
@@ -184,7 +184,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
      * authMgrzAccessInit is for servlets who want to initialize their
      * own authorization information before full operation. It is supposed
      * to be called during the init() method of a servlet.
-     * 
+     *
      * @param authzMgrName The authorization manager name
      * @param accessInfo the access information to be initialized. currently it's acl string in the format specified in
      *            the authorization manager
@@ -211,7 +211,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
 
     /**
      * Authorization to the named authorization manager instance
-     * 
+     *
      * @param authzMgrName The authorization manager name
      * @param authToken the authenticaton token associated with a user
      * @param resource the resource protected by the authorization system
@@ -266,7 +266,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
     /**
      * Gets configuration parameters for the given
      * authorization manager plugin.
-     * 
+     *
      * @param implName Name of the authorization plugin.
      * @return Hashtable of required parameters.
      */
@@ -303,7 +303,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
 
     /**
      * Add an authorization manager instance.
-     * 
+     *
      * @param name name of the authorization manager instance
      * @param authzMgr the authorization manager instance to be added
      */
@@ -321,7 +321,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
 
     /**
      * Gets the authorization manager instance of the specified name.
-     * 
+     *
      * @param name name of the authorization manager instance
      * @return the named authorization manager instance
      */
@@ -385,7 +385,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
 
     /**
      * Retrieves id (name) of this subsystem.
-     * 
+     *
      * @return name of the authorization subsystem
      */
     public String getId() {
@@ -396,7 +396,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
      * Sets id string to this subsystem.
      * 
    
      * Use with caution. Should not do it when sharing with others
-     * 
+     *
      * @param id name to be applied to an authorization sybsystem
      */
     public void setId(String id) throws EBaseException {
@@ -444,7 +444,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
     /**
      * Returns the root configuration storage of this system.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
@@ -453,7 +453,7 @@ public class AuthzSubsystem implements IAuthzSubsystem {
 
     /**
      * gets the named authorization manager
-     * 
+     *
      * @param name of the authorization manager
      * @return the named authorization manager
      */
diff --git a/base/common/src/com/netscape/cmscore/base/ArgBlock.java b/base/common/src/com/netscape/cmscore/base/ArgBlock.java
index 62b5971a4..889ad123e 100644
--- a/base/common/src/com/netscape/cmscore/base/ArgBlock.java
+++ b/base/common/src/com/netscape/cmscore/base/ArgBlock.java
@@ -38,7 +38,7 @@ import com.netscape.cmsutil.util.Utils;
  * This class represents a set of indexed arguments.
  * Each argument is indexed by a key, which can be
  * used during the argument retrieval.
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ArgBlock implements IArgBlock {
@@ -66,7 +66,7 @@ public class ArgBlock implements IArgBlock {
      *==========================================================*/
     /**
      * Constructs an argument block with the given hashtable values.
-     * 
+     *
      * @param realm the type of argblock - used for debugging the values
      */
     public ArgBlock(String realm, Hashtable httpReq) {
@@ -76,7 +76,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Constructs an argument block with the given hashtable values.
-     * 
+     *
      * @param httpReq hashtable keys and values
      */
     public ArgBlock(Hashtable httpReq) {
@@ -109,7 +109,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Checks if this argument block contains the given key.
-     * 
+     *
      * @param n key
      * @return true if key is present
      */
@@ -124,7 +124,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Adds string-based value into this argument block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -139,7 +139,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as string.
-     * 
+     *
      * @param n key
      * @return argument value as string
      * @exception EBaseException failed to retrieve value
@@ -157,7 +157,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as string.
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as string
@@ -175,7 +175,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as integer.
-     * 
+     *
      * @param n key
      * @return argument value as int
      * @exception EBaseException failed to retrieve value
@@ -197,7 +197,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as integer.
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as int
@@ -217,7 +217,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as big integer.
-     * 
+     *
      * @param n key
      * @return argument value as big integer
      * @exception EBaseException failed to retrieve value
@@ -244,7 +244,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as big integer.
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as big integer
@@ -259,7 +259,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as object
-     * 
+     *
      * @param n key
      * @return argument value as object
      * @exception EBaseException failed to retrieve value
@@ -274,7 +274,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument value as object
-     * 
+     *
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as object
@@ -289,7 +289,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Gets boolean value. They should be "true" or "false".
-     * 
+     *
      * @param name name of the input type
      * @return boolean type: true or false
      * @exception EBaseException failed to retrieve value
@@ -311,7 +311,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Gets boolean value. They should be "true" or "false".
-     * 
+     *
      * @param name name of the input type
      * @return boolean type: true or false
      */
@@ -328,7 +328,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Gets KeyGenInfo
-     * 
+     *
      * @param name name of the input type
      * @param verify true if signature validation is required
      * @exception EBaseException
@@ -355,7 +355,7 @@ public class ArgBlock implements IArgBlock {
     /**
      * Gets PKCS10 request. This pkcs10 attribute does not
      * contain header information.
-     * 
+     *
      * @param name name of the input type
      * @return pkcs10 request
      * @exception EBaseException failed to retrieve value
@@ -389,7 +389,7 @@ public class ArgBlock implements IArgBlock {
     /**
      * Gets PKCS10 request. This pkcs10 attribute does not
      * contain header information.
-     * 
+     *
      * @param name name of the input type
      * @param def default PKCS10
      * @return pkcs10 request
@@ -420,7 +420,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves PKCS10
-     * 
+     *
      * @param name name of the input type
      * @param checkheader true if header must be present
      * @return PKCS10 object
@@ -454,7 +454,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves PKCS10
-     * 
+     *
      * @param name name of the input type
      * @param checkheader true if header must be present
      * @param def default PKCS10
@@ -489,7 +489,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves PKCS10
-     * 
+     *
      * @param name name of the input type
      * @param def default PKCS10
      * @return PKCS10 object
@@ -516,7 +516,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Sets argument into this block.
-     * 
+     *
      * @param name key
      * @param ob value
      */
@@ -526,7 +526,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves argument.
-     * 
+     *
      * @param name key
      * @return object value
      */
@@ -537,7 +537,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Deletes argument by the given key.
-     * 
+     *
      * @param name key
      */
     public void delete(String name) {
@@ -546,7 +546,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves a list of argument keys.
-     * 
+     *
      * @return a list of string-based keys
      */
     public Enumeration getElements() {
@@ -555,7 +555,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Retrieves a list of argument keys.
-     * 
+     *
      * @return a list of string-based keys
      */
     public Enumeration elements() {
@@ -564,7 +564,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Adds long-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -575,7 +575,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Adds integer-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -586,7 +586,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Adds boolean-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @return value
@@ -601,7 +601,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Adds integer-type arguments to this block.
-     * 
+     *
      * @param n key
      * @param v value
      * @param radix radix
@@ -617,7 +617,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Unwrap PKCS10 Package
-     * 
+     *
      * @param request string formated PKCS10 request
      * @exception EBaseException
      * @return Base64Encoded PKCS10 request
@@ -688,7 +688,7 @@ public class ArgBlock implements IArgBlock {
 
     /**
      * Decode Der encoded PKCS10 certifictae Request
-     * 
+     *
      * @param base64Request Base64 Encoded Certificate Request
      * @exception Exception
      * @return PKCS10
diff --git a/base/common/src/com/netscape/cmscore/base/FileConfigStore.java b/base/common/src/com/netscape/cmscore/base/FileConfigStore.java
index f0c52866e..393547f53 100644
--- a/base/common/src/com/netscape/cmscore/base/FileConfigStore.java
+++ b/base/common/src/com/netscape/cmscore/base/FileConfigStore.java
@@ -40,7 +40,7 @@ import com.netscape.cmsutil.util.Utils;
  * 
    
  * Note that a LdapConfigStore can be implemented so that it reads the configuration stores from the Ldap directory.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  * @see PropConfigStore
  */
@@ -56,7 +56,7 @@ public class FileConfigStore extends PropConfigStore implements
     /**
      * Constructs a file configuration store.
      * 
    
-     * 
+     *
      * @param fileName file name
      * @exception EBaseException failed to create file configuration
      */
@@ -73,7 +73,7 @@ public class FileConfigStore extends PropConfigStore implements
     /**
      * Loads property file into memory.
      * 
    
-     * 
+     *
      * @param fileName file name
      * @exception EBaseException failed to load configuration
      */
@@ -93,7 +93,7 @@ public class FileConfigStore extends PropConfigStore implements
      * ..
      * Commits the current properties to the configuration file.
      * 
    
-     * 
+     *
      * @param backup
      */
     public void commit(boolean createBackup) throws EBaseException {
@@ -151,7 +151,7 @@ public class FileConfigStore extends PropConfigStore implements
      * Note that the superclass's save is synchronized. It means no properties can be altered (inserted) at the saving
      * time.
      * 
    
-     * 
+     *
      * @param fileName filename
      * @exception EBaseException failed to save configuration
      */
diff --git a/base/common/src/com/netscape/cmscore/base/PropConfigStore.java b/base/common/src/com/netscape/cmscore/base/PropConfigStore.java
index 1e46d3ef3..ee4370053 100644
--- a/base/common/src/com/netscape/cmscore/base/PropConfigStore.java
+++ b/base/common/src/com/netscape/cmscore/base/PropConfigStore.java
@@ -44,18 +44,18 @@ import com.netscape.cmsutil.util.Utils;
  * property names. The current property prefix is kept in
  * mStoreName and the mSource usually points back to another
  * occurance of the same PropConfigStore, with longer mStoreName. IE
- * 
+ *
  * 
      * 	cms.ca0.http.service0 -> mSource=PropConfigStore ->
  * 		cms.ca0.http -> mSource=PropConfigStore ->
  * 			cms.ca0 -> mSource=PropConfigStore ->
  * 					cms -> mSource=SourceConfigStore -> Properties
  * 
    
- * 
+ *
  * The chain ends when the store name is reduced down to it's original
  * value.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class PropConfigStore implements IConfigStore, Cloneable {
@@ -84,7 +84,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
      * be a brand new store without properties. The subclass
      * must be a ISourceConfigStore.
      * 
    
-     * 
+     *
      * @param storeName property store name
      * @exception EBaseException failed to create configuration
      */
@@ -99,7 +99,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
      * that stores all the parameters. Each substore only
      * store a substore name, and a reference to the source.
      * 
    
-     * 
+     *
      * @param storeName store name
      * @param prop list of properties
      * @exception EBaseException failed to create configuration
@@ -112,7 +112,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Returns the name of this store.
      * 
    
-     * 
+     *
      * @return store name
      */
     public String getName() {
@@ -122,7 +122,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Retrieves a property from the configuration file.
      * 
    
-     * 
+     *
      * @param name property name
      * @return property value
      */
@@ -134,7 +134,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
      * Retrieves a property from the configuration file. Does not prepend
      * the config store name to the property.
      * 
    
-     * 
+     *
      * @param name property name
      * @return property value
      */
@@ -147,7 +147,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
      * values wont be updated to the file until save
      * method is invoked.
      * 
    
-     * 
+     *
      * @param name property name
      * @param value property value
      */
@@ -157,7 +157,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Removes a property from the configuration file.
-     * 
+     *
      * @param name property name
      */
     public void remove(String name) {
@@ -167,7 +167,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Returns an enumeration of the config store's keys, hidding the store
      * name.
-     * 
+     *
      * @see java.util.Hashtable#elements
      * @see java.util.Enumeration
      */
@@ -180,7 +180,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves the hashtable where all the properties are kept.
-     * 
+     *
      * @return hashtable
      */
     public Hashtable hashtable() {
@@ -204,7 +204,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
      * Fills the given hash table with all key/value pairs in the current
      * config store, removing the config store name prefix
      * 
    
-     * 
+     *
      * @param h the hashtable
      */
     private synchronized void enumerate(Hashtable h) {
@@ -226,7 +226,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Reads a config store from an input stream.
-     * 
+     *
      * @param in input stream where properties are located
      * @exception IOException failed to load
      */
@@ -236,7 +236,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Stores this config store to the specified output stream.
-     * 
+     *
      * @param out outputstream where the properties are saved
      * @param header optional header information to be saved
      */
@@ -246,7 +246,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves a property value.
-     * 
+     *
      * @param name property key
      * @return property value
      * @exception EBaseException failed to retrieve value
@@ -258,7 +258,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
             CMS.traceHashKey(mDebugType, getFullName(name), "");
             throw new EPropertyNotFound(CMS.getUserMessage("CMS_BASE_GET_PROPERTY_FAILED", getName() + "." + name));
         }
-        // should we check for empty string ? 
+        // should we check for empty string ?
         // if (str.length() == 0) {
         //	throw new EPropertyNotDefined(getName() + "." + name);
         // }
@@ -276,7 +276,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Retrieves a String from the configuration file.
      * 
    
-     * 
+     *
      * @param name property name
      * @param defval the default object to return if name does not exist
      * @return property value
@@ -295,7 +295,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Puts property value into this configuration store.
-     * 
+     *
      * @param name property key
      * @param value property value
      */
@@ -306,10 +306,10 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Retrieves a byte array from the configuration file.
      * 
    
-     * 
+     *
      * @param name property name
      * @exception IllegalArgumentException if name is not set or is null.
-     * 
+     *
      * @return property value
      */
     public byte[] getByteArray(String name) throws EBaseException {
@@ -325,11 +325,11 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Retrieves a byte array from the configuration file.
      * 
    
-     * 
+     *
      * @param name property name
      * @param defval the default byte array to return if name does
      *            not exist
-     * 
+     *
      * @return property value
      */
     public byte[] getByteArray(String name, byte defval[])
@@ -349,7 +349,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Puts byte array into this configuration store.
-     * 
+     *
      * @param name property key
      * @param value byte array
      */
@@ -373,7 +373,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves boolean-based property value.
-     * 
+     *
      * @param name property key
      * @return boolean value
      * @exception EBaseException failed to retrieve
@@ -401,7 +401,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves boolean-based property value.
-     * 
+     *
      * @param name property key
      * @param defval default value
      * @return boolean value
@@ -425,7 +425,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Puts boolean value into the configuration store.
-     * 
+     *
      * @param name property key
      * @param value property value
      */
@@ -439,7 +439,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves integer value.
-     * 
+     *
      * @param name property key
      * @return property value
      * @exception EBaseException failed to retrieve value
@@ -465,7 +465,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves integer value.
-     * 
+     *
      * @param name property key
      * @param defval default value
      * @return property value
@@ -488,7 +488,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Puts an integer value.
-     * 
+     *
      * @param name property key
      * @param val property value
      * @exception EBaseException failed to retrieve value
@@ -499,7 +499,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves big integer value.
-     * 
+     *
      * @param name property key
      * @return property value
      * @exception EBaseException failed to retrieve value
@@ -529,7 +529,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves integer value.
-     * 
+     *
      * @param name property key
      * @param defval default value
      * @return property value
@@ -551,7 +551,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Puts a big integer value.
-     * 
+     *
      * @param name property key
      * @param val default value
      */
@@ -562,7 +562,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Creates a new sub store.
      * 
    
-     * 
+     *
      * @param name substore name
      * @return substore
      */
@@ -585,7 +585,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Removes a sub store.
      * 
    
-     * 
+     *
      * @param name substore name
      */
     @SuppressWarnings("unchecked")
@@ -610,21 +610,21 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Retrieves a sub store. A substore contains a list
      * of properties and substores. For example,
-     * 
+     *
      * 
          *    cms.ldap.host=ds.netscape.com
      *    cms.ldap.port=389
      * 
    
-     * 
+     *
      * "ldap" is a substore in above example. If the
      * substore property itself is set, this method
      * will treat the value as a reference. For example,
-     * 
+     *
      * 
          * cms.ldap = kms.ldap
      * 
    
      * 
    
-     * 
+     *
      * @param name substore name
      * @return substore
      */
@@ -645,7 +645,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Retrieves a list of property names.
-     * 
+     *
      * @return a list of string-based property names
      */
     public Enumeration getPropertyNames() {
@@ -674,7 +674,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
     /**
      * Returns a list of sub store names.
      * 
    
-     * 
+     *
      * @return list of substore names
      */
     public Enumeration getSubStoreNames() {
@@ -704,7 +704,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
      * Retrieves the source configuration store where
      * the properties are stored.
      * 
    
-     * 
+     *
      * @return source configuration store
      */
     public ISourceConfigStore getSourceConfigStore() {
@@ -732,7 +732,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Converts the substore parameters.
-     * 
+     *
      * @param name property name
      * @return fill property name
      */
@@ -745,7 +745,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Cloning of property configuration store.
-     * 
+     *
      * @return a new configuration store
      */
     public Object clone() {
@@ -783,7 +783,7 @@ public class PropConfigStore implements IConfigStore, Cloneable {
 
     /**
      * Commits properties into the file.
-     * 
+     *
      * @param createBackup true if create backup
      * @exception EBaseException failed to commit properties
      */
diff --git a/base/common/src/com/netscape/cmscore/base/SimpleProperties.java b/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
index 7b1c6bae4..cc1bd6201 100644
--- a/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
+++ b/base/common/src/com/netscape/cmscore/base/SimpleProperties.java
@@ -38,13 +38,13 @@ import java.util.Hashtable;
  * 
    
  * A property list can contain another property list as its "defaults"; this second property list is searched if the
  * property key is not found in the original property list.
- * 
+ *
  * Because Properties inherits from Hashtable, the put and putAll
  * methods can be applied to a Properties object. Their use is strongly discouraged as they allow the
  * caller to insert entries whose keys or values are not Strings. The setProperty method
  * should be used instead. If the store or save method is called on a "compromised"
  * Properties object that contains a non- String key or value, the call will fail.
- * 
+ *
  */
 public class SimpleProperties extends Hashtable {
 
@@ -56,7 +56,7 @@ public class SimpleProperties extends Hashtable {
     /**
      * A property list that contains default values for any keys not
      * found in this property list.
-     * 
+     *
      * @serial
      */
     protected SimpleProperties defaults;
@@ -70,7 +70,7 @@ public class SimpleProperties extends Hashtable {
 
     /**
      * Creates an empty property list with the specified defaults.
-     * 
+     *
      * @param defaults the defaults.
      */
     public SimpleProperties(SimpleProperties defaults) {
@@ -81,7 +81,7 @@ public class SimpleProperties extends Hashtable {
      * Calls the hashtable method put. Provided for
      * parallelism with the getProperties method. Enforces use of
      * strings for property keys and values.
-     * 
+     *
      * @since JDK1.2
      */
     public synchronized Object setProperty(String key, String value) {
@@ -123,43 +123,43 @@ public class SimpleProperties extends Hashtable {
      * As an example, each of the following four lines specifies the key "Truth" and the associated element
      * value "Beauty":
      * 
    
-     * 
+     *
      * 
          * Truth = Beauty
      * Truth:Beauty
      * Truth			:Beauty
      * 
    
-     * 
+     *
      * As another example, the following three lines specify a single property:
      * 
    
-     * 
+     *
      * 
          * fruits				apple, banana, pear, \
      *                                  cantaloupe, watermelon, \
      *                                  kiwi, mango
      * 
    
-     * 
+     *
      * The key is "fruits" and the associated element is:
      * 
    
-     * 
+     *
      * 
          * "apple, banana, pear, cantaloupe, watermelon,kiwi, mango"
      * 
    
-     * 
+     *
      * Note that a space appears before each \ so that a space will appear after each comma in the final
      * result; the \, line terminator, and leading whitespace on the continuation line are merely discarded
      * and are not replaced by one or more other characters.
      * 
    
      * As a third example, the line:
      * 
    
-     * 
+     *
      * 
          * cheeses
      * 
    
-     * 
+     *
      * specifies that the key is "cheeses" and the associated element is the empty string.
      * 
    
-     * 
+     *
      * @param in the input stream.
      * @exception IOException if an error occurred when reading from the
      *                input stream.
@@ -262,12 +262,12 @@ public class SimpleProperties extends Hashtable {
     /**
      * Calls the store(OutputStream out, String header) method
      * and suppresses IOExceptions that were thrown.
-     * 
+     *
      * @deprecated This method does not throw an IOException if an I/O error
      *             occurs while saving the property list. As of JDK 1.2, the preferred
      *             way to save a properties list is via the store(OutputStream out,
      * String header) method.
-     * 
+     *
      * @param out an output stream.
      * @param header a description of the property list.
      * @exception ClassCastException if this Properties object
@@ -308,7 +308,7 @@ public class SimpleProperties extends Hashtable {
      * 
    
      * After the entries have been written, the output stream is flushed. The output stream remains open after this
      * method returns.
-     * 
+     *
      * @param out an output stream.
      * @param header a description of the property list.
      * @exception ClassCastException if this Properties object
@@ -343,7 +343,7 @@ public class SimpleProperties extends Hashtable {
      * If the key is not found in this property list, the default property list,
      * and its defaults, recursively, are then checked. The method returns null if the property is not
      * found.
-     * 
+     *
      * @param key the property key.
      * @return the value in this property list with the specified key value.
      * @see java.util.Properties#defaults
@@ -360,10 +360,10 @@ public class SimpleProperties extends Hashtable {
      * If the key is not found in this property list, the default property list,
      * and its defaults, recursively, are then checked. The method returns the
      * default value argument if the property is not found.
-     * 
+     *
      * @param key the hashtable key.
      * @param defaultValue a default value.
-     * 
+     *
      * @return the value in this property list with the specified key value.
      * @see java.util.Properties#defaults
      */
@@ -376,7 +376,7 @@ public class SimpleProperties extends Hashtable {
     /**
      * Returns an enumeration of all the keys in this property list, including
      * the keys in the default property list.
-     * 
+     *
      * @return an enumeration of all the keys in this property list, including
      *         the keys in the default property list.
      * @see java.util.Enumeration
@@ -392,7 +392,7 @@ public class SimpleProperties extends Hashtable {
     /**
      * Prints this property list out to the specified output stream.
      * This method is useful for debugging.
-     * 
+     *
      * @param out an output stream.
      */
     public void list(PrintStream out) {
@@ -414,7 +414,7 @@ public class SimpleProperties extends Hashtable {
     /**
      * Prints this property list out to the specified output stream.
      * This method is useful for debugging.
-     * 
+     *
      * @param out an output stream.
      * @since JDK1.1
      */
@@ -442,7 +442,7 @@ public class SimpleProperties extends Hashtable {
 
     /**
      * Enumerates all key/value pairs in the specified hastable.
-     * 
+     *
      * @param h the hashtable
      */
     private synchronized void enumerate(Hashtable h) {
diff --git a/base/common/src/com/netscape/cmscore/base/SourceConfigStore.java b/base/common/src/com/netscape/cmscore/base/SourceConfigStore.java
index 3c4ec6992..546b97591 100644
--- a/base/common/src/com/netscape/cmscore/base/SourceConfigStore.java
+++ b/base/common/src/com/netscape/cmscore/base/SourceConfigStore.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.ISourceConfigStore;
  * This class is is a wrapper to hide the Properties methods from
  * the PropConfigStore. Lucky for us, Properties already implements
  * almost every thing ISourceConfigStore requires.
- * 
+ *
  * @version $Revision$, $Date$
  * @see java.util.Properties
  */
@@ -37,7 +37,7 @@ public class SourceConfigStore extends SimpleProperties implements ISourceConfig
     /**
      * Retrieves a property from the config store
      * 
    
-     * 
+     *
      * @param name property name
      * @return property value
      */
@@ -48,7 +48,7 @@ public class SourceConfigStore extends SimpleProperties implements ISourceConfig
     /**
      * Puts a property into the config store.
      * 
    
-     * 
+     *
      * @param name property name
      * @param value property value
      * @return
diff --git a/base/common/src/com/netscape/cmscore/base/SubsystemLoader.java b/base/common/src/com/netscape/cmscore/base/SubsystemLoader.java
index a9307e858..8cd2990a1 100644
--- a/base/common/src/com/netscape/cmscore/base/SubsystemLoader.java
+++ b/base/common/src/com/netscape/cmscore/base/SubsystemLoader.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * A class represents a subsystem loader.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/cert/CertDateCompare.java b/base/common/src/com/netscape/cmscore/cert/CertDateCompare.java
index 7078c3440..30f806ea2 100644
--- a/base/common/src/com/netscape/cmscore/cert/CertDateCompare.java
+++ b/base/common/src/com/netscape/cmscore/cert/CertDateCompare.java
@@ -24,7 +24,7 @@ import netscape.security.x509.X509CertImpl;
 
 /**
  * Compares validity dates for use in sorting.
- * 
+ *
  * @author kanda
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/cert/CertPrettyPrint.java b/base/common/src/com/netscape/cmscore/cert/CertPrettyPrint.java
index 726fa5e14..ecd1a4a60 100644
--- a/base/common/src/com/netscape/cmscore/cert/CertPrettyPrint.java
+++ b/base/common/src/com/netscape/cmscore/cert/CertPrettyPrint.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.ICertPrettyPrint;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @author Jack Pan-Chen
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/cert/CertificatePair.java b/base/common/src/com/netscape/cmscore/cert/CertificatePair.java
index b8f958be5..0a68da2d9 100644
--- a/base/common/src/com/netscape/cmscore/cert/CertificatePair.java
+++ b/base/common/src/com/netscape/cmscore/cert/CertificatePair.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.cert.ICrossCertPairSubsystem;
 
 /**
  * This class implements CertificatePair used for Cross Certification
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -48,7 +48,7 @@ public class CertificatePair implements ASN1Value {
      * construct a CertificatePair. It doesn't matter which is
      * forward and which is reverse in the parameters. It will figure
      * it out
-     * 
+     *
      * @param cert1 one X509Certificate
      * @param cert2 one X509Certificate
      */
@@ -76,7 +76,7 @@ public class CertificatePair implements ASN1Value {
      * construct a CertificatePair. It doesn't matter which is
      * forward and which is reverse in the parameters. It will figure
      * it out
-     * 
+     *
      * @param cert1 one certificate byte array
      * @param cert2 one certificate byte array
      */
@@ -114,7 +114,7 @@ public class CertificatePair implements ASN1Value {
         /* It looks the DN's returned are not normalized and fail
          * comparison
 
-         if ((c1.getIssuerDN().equals((Object) caCert.getSubjectDN()))) 
+         if ((c1.getIssuerDN().equals((Object) caCert.getSubjectDN())))
          debug("myCA signed c1");
          else {
          debug("c1 issuerDN="+c1.getIssuerDN().toString());
@@ -144,7 +144,7 @@ public class CertificatePair implements ASN1Value {
 
          if ((c1.getIssuerDN().equals((Object) caCert.getSubjectDN()))
          && (caCert.getSubjectDN().equals((Object) c2.getSubjectDN())))
-         
+
          {
          return false;
          } else if ((c2.getIssuerDN().equals((Object) caCert.getSubjectDN()))
diff --git a/base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java b/base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java
index 6d838b70d..532211c42 100644
--- a/base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java
+++ b/base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.ca.ICertificateAuthority;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @author Andrew Wnuk
  * @version $Revision$, $Date$
  */
@@ -70,7 +70,7 @@ public class CrlCachePrettyPrint implements ICRLPrettyPrint {
      * This method return string representation of the certificate
      * revocation list in predefined format using specified client
      * local. I18N Support.
-     * 
+     *
      * @param clientLocale Locale to be used for localization
      * @return string representation of the certificate
      */
diff --git a/base/common/src/com/netscape/cmscore/cert/CrlPrettyPrint.java b/base/common/src/com/netscape/cmscore/cert/CrlPrettyPrint.java
index 1d6048c8d..2dc947641 100644
--- a/base/common/src/com/netscape/cmscore/cert/CrlPrettyPrint.java
+++ b/base/common/src/com/netscape/cmscore/cert/CrlPrettyPrint.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.ICRLPrettyPrint;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @author Andrew Wnuk
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java b/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java
index 8d8a337c5..9b950e239 100644
--- a/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/cert/CrossCertPairSubsystem.java
@@ -60,7 +60,7 @@ import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
  * If it happens that the above two cases finds its pairing
  * cert already there, then a CertifiatePair is created and put
  * in the internal db "crosscertificatepair;binary" attribute
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -141,7 +141,7 @@ public class CrossCertPairSubsystem implements ICrossCertPairSubsystem {
      * If it happens that it finds its pairing
      * cert already there, then a CertifiatePair is created and put
      * in the internal db "crosscertificatepair;binary" attribute
-     * 
+     *
      * @param certBytes cert in byte array to be imported
      */
     public void importCert(byte[] certBytes) throws EBaseException {
@@ -166,7 +166,7 @@ public class CrossCertPairSubsystem implements ICrossCertPairSubsystem {
      * If it happens that it finds its pairing
      * cert already there, then a CertifiatePair is created and put
      * in the internal db "crosscertificatepair;binary" attribute
-     * 
+     *
      * @param certBytes cert in byte array to be imported
      */
     public synchronized void importCert(Object certObj) throws EBaseException {
@@ -180,7 +180,7 @@ public class CrossCertPairSubsystem implements ICrossCertPairSubsystem {
         // cert
         // 2. does cert2's subject match this CA's subject?
         // 3. other valididity checks: is this a ca cert?  Is this
-        // cert still valid?  If the issuer is not yet trusted, let it 
+        // cert still valid?  If the issuer is not yet trusted, let it
         // be.
 
         // get certs from internal db to see if we find a pair
@@ -277,7 +277,7 @@ public class CrossCertPairSubsystem implements ICrossCertPairSubsystem {
 
     /**
      * are cert1 and cert2 cross-signed certs?
-     * 
+     *
      * @param cert1 the cert for comparison in our internal db
      * @param cert2 the cert that's being considered
      */
diff --git a/base/common/src/com/netscape/cmscore/cert/ExtPrettyPrint.java b/base/common/src/com/netscape/cmscore/cert/ExtPrettyPrint.java
index 5f5c66a48..10ac3fbb1 100644
--- a/base/common/src/com/netscape/cmscore/cert/ExtPrettyPrint.java
+++ b/base/common/src/com/netscape/cmscore/cert/ExtPrettyPrint.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.IExtPrettyPrint;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @author Andrew Wnuk
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java b/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java
index dfd7dbab8..c4983d7c8 100644
--- a/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.cmscore.util.Debug;
 
 /**
- * 
+ *
  * @author stevep
  * @version $Revision
  */
@@ -52,7 +52,7 @@ public class OidLoaderSubsystem implements ISubsystem {
     private static final String PROP_CLASS = "class";
 
     /**
-     * 
+     *
      */
     private OidLoaderSubsystem() {
     }
@@ -122,7 +122,7 @@ public class OidLoaderSubsystem implements ISubsystem {
      * Note that individual subsystem should be initialized in a separated thread if it has dependency on the
      * initialization of other subsystems.
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      */
diff --git a/base/common/src/com/netscape/cmscore/cert/PrettyPrintFormat.java b/base/common/src/com/netscape/cmscore/cert/PrettyPrintFormat.java
index 669200575..7b7ce64f9 100644
--- a/base/common/src/com/netscape/cmscore/cert/PrettyPrintFormat.java
+++ b/base/common/src/com/netscape/cmscore/cert/PrettyPrintFormat.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.base.IPrettyPrintFormat;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @author Andrew Wnuk
  * @version $Revision$, $Date$
  */
@@ -76,7 +76,7 @@ public class PrettyPrintFormat implements IPrettyPrintFormat {
     /**
      * Provide white space indention
      * stevep - speed improvements. Factor of 10 improvement
-     * 
+     *
      * @param numSpace number of white space to be returned
      * @return white spaces
      */
@@ -92,7 +92,7 @@ public class PrettyPrintFormat implements IPrettyPrintFormat {
     /**
      * Convert Byte Array to Hex String Format
      * stevep - speedup by factor of 8
-     * 
+     *
      * @param byte array of data to hexify
      * @param indentSize number of spaces to prepend before each line
      * @param lineLen number of bytes to output on each line (0
diff --git a/base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java b/base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java
index 361f50b47..0756664d9 100644
--- a/base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java
+++ b/base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java
@@ -24,7 +24,7 @@ import netscape.security.x509.KeyUsageExtension;
 
 /**
  * Resource Boundle for the Pretty Print
- * 
+ *
  * @author Jack Pan-Chen
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/cert/PubKeyPrettyPrint.java b/base/common/src/com/netscape/cmscore/cert/PubKeyPrettyPrint.java
index 9ea581812..5c5b13084 100644
--- a/base/common/src/com/netscape/cmscore/cert/PubKeyPrettyPrint.java
+++ b/base/common/src/com/netscape/cmscore/cert/PubKeyPrettyPrint.java
@@ -22,7 +22,7 @@ import java.security.PublicKey;
 /**
  * This class will display the certificate content in predefined
  * format.
- * 
+ *
  * @author Jack Pan-Chen
  * @author Andrew Wnuk
  * @version $Revision$, $Date$
diff --git a/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java b/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java
index de5e233c9..0d58973f8 100644
--- a/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java
@@ -41,7 +41,7 @@ import com.netscape.cmscore.util.Debug;
  * 
  • Add X500Name (string to oid) maps for attributes that are not supported by default.
  * 
  • Specify an order for encoding Directory Strings other than the default.
  * 
- * 
+ *
  * @author lhsiao
  * @version $Revision$
  */
@@ -84,12 +84,12 @@ public class X500NameSubsystem implements ISubsystem {
      * All paramters are optional.
      * 
      
      * 
    • Change encoding order of Directory Strings:
-     * 
+     *
      * 
            * X500Name.directoryStringEncodingOrder=order seperated by commas
      * For example: Printable,BMPString,UniversalString.
      * 
      
-     * 
+     *
      * Possible values are:
      * 
        
      * 
      • Printable
@@ -100,34 +100,34 @@ public class X500NameSubsystem implements ISubsystem {
      * 
      
      * 
      
      * 
    • Add X500Name attributes:
-     * 
+     *
      * 
            * X500Name.attr.attribute-name.oid=n.n.n.n
      * X500Name.attr.attribute-name.class=value converter class
      * 
      
-     * 
+     *
      * The value converter class converts a string to a ASN.1 value. It must implement
      * netscape.security.x509.AVAValueConverter interface. Converter classes provided in CMS are:
-     * 
+     *
      * 
      -     *     netscape.security.x509.PrintableConverter - 
-     * 		Converts to a Printable String value. String must have only 
-     * 		printable characters. 
-     *     netscape.security.x509.IA5StringConverter - 
+     *     netscape.security.x509.PrintableConverter -
+     * 		Converts to a Printable String value. String must have only
+     * 		printable characters.
+     *     netscape.security.x509.IA5StringConverter -
      * 		Converts to a IA5String value. String must have only IA5String
-     * 		characters. 
-     *     netscape.security.x509.DirStrConverter - 
-     * 		Converts to a Directory (v3) String. String is expected to 
+     * 		characters.
+     *     netscape.security.x509.DirStrConverter -
+     * 		Converts to a Directory (v3) String. String is expected to
      * 		be in Directory String format according to rfc2253.
-     *     netscape.security.x509.GenericValueConverter - 
+     *     netscape.security.x509.GenericValueConverter -
      * 		Converts string character by character in the following order
      * 		from smaller character sets to broadest character set.
      * 			Printable, IA5String, BMPString, Universal String.
      * 
      
-     * 
+     *
      * 
    
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      */
@@ -142,7 +142,7 @@ public class X500NameSubsystem implements ISubsystem {
         // get order for encoding directory strings if any.
         setDirStrEncodingOrder();
 
-        // load x500 name maps 
+        // load x500 name maps
         loadX500NameAttrMaps();
     }
 
diff --git a/base/common/src/com/netscape/cmscore/connector/HttpConnFactory.java b/base/common/src/com/netscape/cmscore/connector/HttpConnFactory.java
index 01bb0f879..2d8c98ee4 100644
--- a/base/common/src/com/netscape/cmscore/connector/HttpConnFactory.java
+++ b/base/common/src/com/netscape/cmscore/connector/HttpConnFactory.java
@@ -37,7 +37,7 @@ public class HttpConnFactory {
     private ILogger mLogger = CMS.getLogger();
 
     private int mNumConns = 0; // number of available conns in array
-    private int mTotal = 0; // total num conns 
+    private int mTotal = 0; // total num conns
     private IHttpConnection mMasterConn = null; // master connection object.
     private IHttpConnection mConns[];
     private IAuthority mSource = null;
@@ -59,7 +59,7 @@ public class HttpConnFactory {
 
     /**
      * Constructor for HttpConnFactory
-     * 
+     *
      * @param minConns minimum number of connections to have available
      * @param maxConns max number of connections to have available. This is
      * @param serverInfo server connection info - host, port, etc.
@@ -79,7 +79,7 @@ public class HttpConnFactory {
     /**
      * initialize parameters obtained from either constructor or
      * config store
-     * 
+     *
      * @param minConns minimum number of connection handls to have available.
      * @param maxConns maximum total number of connections to ever have.
      * @param connInfo ldap connection info.
@@ -177,7 +177,7 @@ public class HttpConnFactory {
      * returnConn() method.
      * The best thing to do is to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * IHttpConnection c = null;
      * try {
@@ -204,7 +204,7 @@ public class HttpConnFactory {
      * Returns null if maximum number of connections reached.
      * The best thing to do is to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * IHttpConnnection c = null;
      * try {
@@ -260,7 +260,7 @@ public class HttpConnFactory {
      * This is mandatory after a getConn().
      * The best thing to do is to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * IHttpConnection c = null;
      * try {
diff --git a/base/common/src/com/netscape/cmscore/connector/HttpConnection.java b/base/common/src/com/netscape/cmscore/connector/HttpConnection.java
index 95cdbc779..7a65c1760 100644
--- a/base/common/src/com/netscape/cmscore/connector/HttpConnection.java
+++ b/base/common/src/com/netscape/cmscore/connector/HttpConnection.java
@@ -73,7 +73,7 @@ public class HttpConnection implements IHttpConnection {
             CMS.debug("HttpConnection: connecting to " + dest.getHost() + ":" + dest.getPort());
             String host = dest.getHost();
             // we could have a list of host names in the host parameters
-            // the format is, for example, 
+            // the format is, for example,
             // "directory.knowledge.com:1050 people.catalog.com 199.254.1.2"
             if (host != null && host.indexOf(' ') != -1) {
                 // try to do client-side failover
@@ -116,7 +116,7 @@ public class HttpConnection implements IHttpConnection {
     // Insert end
     /**
      * sends a request to remote RA/CA, returning the result.
-     * 
+     *
      * @throws EBaseException if request could not be encoded
      */
     public IPKIMessage send(IPKIMessage tomsg)
@@ -222,8 +222,8 @@ public class HttpConnection implements IHttpConnection {
             }
         }
 
-        // decode reply. 
-        // if reply is bad, error is thrown and request will be resent 
+        // decode reply.
+        // if reply is bad, error is thrown and request will be resent
         String pcontent = p.getContent();
 
         if (Debug.ON) {
diff --git a/base/common/src/com/netscape/cmscore/connector/HttpConnector.java b/base/common/src/com/netscape/cmscore/connector/HttpConnector.java
index cdb315795..90979f870 100644
--- a/base/common/src/com/netscape/cmscore/connector/HttpConnector.java
+++ b/base/common/src/com/netscape/cmscore/connector/HttpConnector.java
@@ -70,7 +70,7 @@ public class HttpConnector implements IConnector {
         }
 
         //        mConn = CMS.getHttpConnection(dest, mFactory);
-        // this will start resending past requests in parallel. 
+        // this will start resending past requests in parallel.
         mResender = CMS.getResender(mSource, nickName, dest, resendInterval);
         mResendThread = new Thread(mResender, "HttpConnector");
     }
@@ -95,7 +95,7 @@ public class HttpConnector implements IConnector {
             CMS.debug("can't create new HttpConnFactory");
         }
 
-        // this will start resending past requests in parallel. 
+        // this will start resending past requests in parallel.
         mResender = CMS.getResender(mSource, nickName, dest, resendInterval);
         mResendThread = new Thread(mResender, "HttpConnector");
     }
@@ -140,7 +140,7 @@ public class HttpConnector implements IConnector {
             CMS.debug("reply status " + replyStatus);
 
             // non terminal states.
-            // XXX hack: don't resend get revocation info requests since 
+            // XXX hack: don't resend get revocation info requests since
             // resent results are ignored.
             if ((!r.getRequestType().equals(
                         IRequest.GETREVOCATIONINFO_REQUEST)) &&
@@ -169,7 +169,7 @@ public class HttpConnector implements IConnector {
                 r.setExtData(IRequest.RESULT, IRequest.RES_ERROR);
                 r.setExtData(IRequest.ERROR,
                         new EBaseException(CMS.getUserMessage("CMS_BASE_REMOTE_AUTHORITY_ERROR")));
-                // XXX overload svcerrors for now. 
+                // XXX overload svcerrors for now.
                 Vector policyErrors = r.getExtDataInStringVector(IRequest.ERRORS);
 
                 if (policyErrors != null && policyErrors.size() > 0) {
@@ -189,7 +189,7 @@ public class HttpConnector implements IConnector {
             CMS.debug("HttpConn:  error sending request to cert " + e.toString());
             mSource.log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CONNECTOR_SEND_REQUEST", r.getRequestId()
                     .toString(), mDest.getHost(), Integer.toString(mDest.getPort())));
-            // mSource.log(ILogger.LL_INFO, 
+            // mSource.log(ILogger.LL_INFO,
             //    "Queing " + r.getRequestId() + " for resend.");
             return false;
         } finally {
diff --git a/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java b/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java
index ea235391d..ddf23378a 100644
--- a/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java
+++ b/base/common/src/com/netscape/cmscore/connector/HttpPKIMessage.java
@@ -64,7 +64,7 @@ public class HttpPKIMessage implements IHttpPKIMessage {
      * copy contents of request to make a simple name/value message.
      */
     public void fromRequest(IRequest r) {
-        // actually don't need to copy source id since 
+        // actually don't need to copy source id since
         reqType = r.getRequestType();
         reqId = r.getRequestId().toString();
         reqStatus = r.getRequestStatus().toString();
@@ -96,7 +96,7 @@ public class HttpPKIMessage implements IHttpPKIMessage {
      */
     @SuppressWarnings("unchecked")
     public void toRequest(IRequest r) {
-        // id, type and status 
+        // id, type and status
         // type had to have been set in instantiation.
         // id is checked but not reset.
         // request status cannot be set, but can be looked at.
diff --git a/base/common/src/com/netscape/cmscore/connector/HttpRequestEncoder.java b/base/common/src/com/netscape/cmscore/connector/HttpRequestEncoder.java
index 76d39b3ed..bb18030dc 100644
--- a/base/common/src/com/netscape/cmscore/connector/HttpRequestEncoder.java
+++ b/base/common/src/com/netscape/cmscore/connector/HttpRequestEncoder.java
@@ -58,7 +58,7 @@ public class HttpRequestEncoder implements IRequestEncoder {
 
             result = is.readObject();
         } catch (ClassNotFoundException e) {
-            // XXX hack: change this 
+            // XXX hack: change this
             if (Debug.ON)
                 Debug.trace("class not found ex " + e + e.getMessage());
             throw new IOException("Class Not Found " + e.getMessage());
diff --git a/base/common/src/com/netscape/cmscore/connector/LocalConnector.java b/base/common/src/com/netscape/cmscore/connector/LocalConnector.java
index 42c6636ce..9c4825494 100644
--- a/base/common/src/com/netscape/cmscore/connector/LocalConnector.java
+++ b/base/common/src/com/netscape/cmscore/connector/LocalConnector.java
@@ -71,11 +71,11 @@ public class LocalConnector implements IConnector {
 
         CMS.debug("local connector dest req " +
                 destreq.getRequestId() + " created for source rId " + r.getRequestId());
-        //  mSource.log(ILogger.LL_DEBUG, 
+        //  mSource.log(ILogger.LL_DEBUG,
         //     "setting connector dest " + mDest.getId() +
         //    " source id to " + r.getRequestId());
 
-        // XXX set context to the real identity later. 
+        // XXX set context to the real identity later.
         destreq.setSourceId(
                 mSource.getX500Name().toString() + ":" + r.getRequestId().toString());
         //destreq.copyContents(r);  // copy meta attributes in request.
@@ -98,7 +98,7 @@ public class LocalConnector implements IConnector {
         }
 
         // Locally cache the source request so that we
-        // can update it when the dest request is 
+        // can update it when the dest request is
         // processed (when LocalConnListener is being called).
         mSourceReqs.put(r.getRequestId().toString(), r);
         try {
@@ -140,9 +140,9 @@ public class LocalConnector implements IConnector {
                     "dest " + mDest.getId() + " done with " + destreq.getRequestId());
 
             IRequestQueue sourceQ = mSource.getRequestQueue();
-            // accept requests that only belong to us. 
+            // accept requests that only belong to us.
             // XXX review death scenarios here. - If system dies anywhere
-            // here need to check all requests at next server startup. 
+            // here need to check all requests at next server startup.
             String sourceNameAndId = destreq.getSourceId();
             String sourceName = mSource.getX500Name().toString();
 
@@ -174,7 +174,7 @@ public class LocalConnector implements IConnector {
             // performance enhancement, approved request will
             // not be immediately available in the database. So
             // retrieving the request from the queue within
-            // the serviceRequest() function will have 
+            // the serviceRequest() function will have
             // diffculities.
             // You may wonder what happen if the system crashes
             // during the request servicing. Yes, the request
@@ -182,7 +182,7 @@ public class LocalConnector implements IConnector {
             // resubmit their requests again.
             // Note that the pending requests, on the other hand,
             // are persistent before the servicing.
-            // Please see stateEngine() function in 
+            // Please see stateEngine() function in
             // ARequestQueue.java for details.
             r = mSourceReqs.get(rId);
             if (r != null) {
diff --git a/base/common/src/com/netscape/cmscore/connector/Resender.java b/base/common/src/com/netscape/cmscore/connector/Resender.java
index 783caa671..e1b19749a 100644
--- a/base/common/src/com/netscape/cmscore/connector/Resender.java
+++ b/base/common/src/com/netscape/cmscore/connector/Resender.java
@@ -67,7 +67,7 @@ public class Resender implements IResender {
         mDest = dest;
         mNickName = nickName;
 
-        //mConn = new HttpConnection(dest, 
+        //mConn = new HttpConnection(dest,
         //           new JssSSLSocketFactory(nickName));
     }
 
@@ -80,7 +80,7 @@ public class Resender implements IResender {
         if (interval > 0)
             mInterval = interval * SECOND; // interval specified in seconds.
 
-        //mConn = new HttpConnection(dest, 
+        //mConn = new HttpConnection(dest,
         //           new JssSSLSocketFactory(nickName));
     }
 
@@ -96,7 +96,7 @@ public class Resender implements IResender {
 
             CMS.debug(
                     "added request Id " + rid + " in init to resend queue.");
-            // note these are added as strings 
+            // note these are added as strings
             mRequestIds.addElement(rid.toString());
         }
     }
@@ -149,7 +149,7 @@ public class Resender implements IResender {
             try {
                 r = mQueue.findRequest(rid);
             } catch (EBaseException e) {
-                // XXX bad case. should we remove the rid now ? 
+                // XXX bad case. should we remove the rid now ?
                 mAuthority.log(ILogger.LL_WARN,
                         CMS.getLogMessage("CMSCORE_CONNECTOR_REQUEST_NOT_FOUND", rid.toString()));
                 continue;
diff --git a/base/common/src/com/netscape/cmscore/crmf/CRMFParser.java b/base/common/src/com/netscape/cmscore/crmf/CRMFParser.java
index b42bc00f9..34b378bf1 100644
--- a/base/common/src/com/netscape/cmscore/crmf/CRMFParser.java
+++ b/base/common/src/com/netscape/cmscore/crmf/CRMFParser.java
@@ -41,7 +41,7 @@ public class CRMFParser {
 
     /**
      * Retrieves PKIArchiveOptions from CRMF request.
-     * 
+     *
      * @param request CRMF request
      * @return PKIArchiveOptions
      * @exception failed to extrace option
diff --git a/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java b/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java
index 3fa613198..9af436295 100644
--- a/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java BigInteger object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java b/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java
index 38362f341..1d1f218b2 100644
--- a/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java byte array object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java b/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java
index 253bd81e0..60f6b69a1 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.dbs;
  * A class represents a collection of schema information
  * for CRL.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java b/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java
index 0a3a46f14..c6d041b34 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord;
 /**
  * A class represents a CRL issuing point record.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java b/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java
index 7eb470d55..c83494984 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java
@@ -39,7 +39,7 @@ import com.netscape.certsrv.dbs.crldb.ICRLRepository;
  * A class represents a CRL repository. It stores all the
  * CRL issuing points.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java b/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java
index 67b662713..916e83a8a 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.dbs;
  * A class represents a collection of certificate record
  * specific schema information.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CertRecord.java b/base/common/src/com/netscape/cmscore/dbs/CertRecord.java
index 1981757cb..b70c8cd36 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CertRecord.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CertRecord.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.dbs.certdb.IRevocationInfo;
 /**
  * A class represents a serializable certificate record.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java b/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java
index 29792880d..c4f10a61f 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.dbs.certdb.ICertRecordList;
 /**
  * A class represents a list of certificate records.
  * 
    
- * 
+ *
  * @author thomask mzhao
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java b/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java
index f4074c213..61d823b88 100644
--- a/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java
@@ -37,7 +37,7 @@ import com.netscape.cmscore.util.Debug;
  * A class represents a mapper to serialize
  * certificate record into database.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java
index 20e40a8e3..6a4e23f19 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java
@@ -41,14 +41,14 @@ import com.netscape.certsrv.logging.ILogger;
  * A class represents a registry where all the
  * schema (object classes and attribute) information
  * is stored.
- * 
+ *
  * Attribute mappers can be registered with this
  * registry.
- * 
+ *
  * Given the schema information stored, this registry
  * has knowledge to convert a Java object into a
  * LDAPAttributeSet or vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
@@ -181,7 +181,7 @@ public class DBRegistry implements IDBRegistry, ISubsystem {
      * Creates LDAP-based search filters with help of
      * registered mappers.
      * Parses filter from filter string specified in RFC1558.
-     * 
+     *
      * 
          *  ::= '('  ')'
      *  ::=  |  |  | 
diff --git a/base/common/src/com/netscape/cmscore/dbs/DBSSession.java b/base/common/src/com/netscape/cmscore/dbs/DBSSession.java
index ddc9f1874..fd59e8d8f 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DBSSession.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DBSSession.java
@@ -49,10 +49,10 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * A class represents the database session. Operations
  * can be performed with a session.
- * 
+ *
  * Transaction and Caching support can be integrated
  * into session.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
@@ -64,7 +64,7 @@ public class DBSSession implements IDBSSession {
 
     /**
      * Constructs a database session.
-     * 
+     *
      * @param system the database subsytem
      * @param c the ldap connection
      */
@@ -95,12 +95,12 @@ public class DBSSession implements IDBSSession {
 
     /**
      * Adds object to backend database. For example,
-     * 
+     *
      * 
          * session.add("cn=123459,o=certificate repository,o=airius.com",
      *             certRec);
      * 
    
-     * 
+     *
      * @param name the name of the ldap entry
      * @param obj the DBobj that can be mapped to ldap attrubute set
      */
@@ -128,7 +128,7 @@ public class DBSSession implements IDBSSession {
     /**
      * Reads an object from the database.
      * all attributes will be returned
-     * 
+     *
      * @param name the name of the ldap entry
      */
     public IDBObj read(String name) throws EBaseException {
@@ -138,7 +138,7 @@ public class DBSSession implements IDBSSession {
     /**
      * Reads an object from the database, and only populates
      * the selected attributes.
-     * 
+     *
      * @param name the name of the ldap entry
      * @param attrs the attributes to be selected
      */
@@ -375,7 +375,7 @@ public class DBSSession implements IDBSSession {
 
             Integer version = (Integer) (mConn.getOption(LDAPv2.PROTOCOL_VERSION));
 
-            // Only version 3 protocol supports persistent search. 
+            // Only version 3 protocol supports persistent search.
             if (version.intValue() == 2) {
                 mConn.setOption(LDAPv2.PROTOCOL_VERSION, Integer.valueOf(3));
             }
diff --git a/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java b/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java
index 7c551b141..1460db969 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.dbs;
  * A class represents ann attribute mapper that maps
  * a Java BigInteger object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java b/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java
index 0621701b0..a97998916 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.logging.ILogger;
  * A class represents the search results. A search
  * results object contain a enumeration of
  * Java objects that are just read from the database.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java b/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java
index 4bc5b6471..82e688c03 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java
@@ -55,11 +55,11 @@ import com.netscape.cmscore.ldapconn.LdapConnInfo;
 /**
  * A class represents the database subsystem that manages
  * the backend data storage.
- * 
+ *
  * This subsystem maintains multiple sessions that allows
  * operations to be performed, and provide a registry
  * where all the schema information is stored.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
@@ -170,7 +170,7 @@ public class DBSubsystem implements IDBSubsystem {
     /**
      * This method is used for unit tests. It allows the underlying instance
      * to be stubbed out.
-     * 
+     *
      * @param dbSubsystem The stubbed out subsystem to override with.
      */
     public static void setInstance(IDBSubsystem dbSubsystem) {
@@ -242,7 +242,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Gets minimum serial number limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @return min serial number
      */
@@ -252,7 +252,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Gets maximum serial number limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @return max serial number
      */
@@ -262,7 +262,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Gets minimum serial number limit in next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @return min serial number in next range
      */
@@ -277,7 +277,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Gets maximum serial number limit in next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @return max serial number in next range
      */
@@ -292,7 +292,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Gets low water mark limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @return low water mark
      */
@@ -302,7 +302,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Gets range increment for next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @return range increment
      */
@@ -312,7 +312,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Sets maximum serial number limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @param serial max serial number
      * @exception EBaseException failed to set
@@ -333,7 +333,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Sets minimum serial number limit in config file
-     * 
+     *
      * @param repo repo identifier
      * @param serial min serial number
      * @exception EBaseException failed to set
@@ -354,7 +354,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Sets maximum serial number limit for next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @param serial max serial number for next range
      * @exception EBaseException failed to set
@@ -381,7 +381,7 @@ public class DBSubsystem implements IDBSubsystem {
 
     /**
      * Sets minimum serial number limit for next range in config file
-     * 
+     *
      * @param repo repo identifier
      * @param serial min serial number for next range
      * @exception EBaseException failed to set
@@ -410,7 +410,7 @@ public class DBSubsystem implements IDBSubsystem {
      * Gets start of next range from database.
      * Increments the nextRange attribute and allocates
      * this range to the current instance by creating a pkiRange object.
-     * 
+     *
      * @param repo repo identifier
      * @return start of next range
      */
@@ -429,8 +429,8 @@ public class DBSubsystem implements IDBSubsystem {
 
             BigInteger nextRangeNo = new BigInteger(nextRange);
             BigInteger incrementNo = new BigInteger((String) h.get(PROP_INCREMENT));
-            // To make sure attrNextRange always increments, first delete the current value and then 
-            // increment.  Two operations in the same transaction 
+            // To make sure attrNextRange always increments, first delete the current value and then
+            // increment.  Two operations in the same transaction
             LDAPAttribute attrNextRange = new LDAPAttribute(PROP_NEXT_RANGE, nextRangeNo.add(incrementNo).toString());
             LDAPModification[] mods = {
                     new LDAPModification(LDAPModification.DELETE, attr),
@@ -472,7 +472,7 @@ public class DBSubsystem implements IDBSubsystem {
      * If so, delete the conflict entry and remove the next range.
      * When the next number is requested, if the number of certs is still
      * below the low water mark, then a new range will be requested.
-     * 
+     *
      * @param repo repo identifier
      * @return true if range conflict, false otherwise
      */
diff --git a/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java b/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java
index 20562404b..2b60be4f6 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java Date array object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/DateMapper.java b/base/common/src/com/netscape/cmscore/dbs/DateMapper.java
index a767758f6..ab2b2e225 100644
--- a/base/common/src/com/netscape/cmscore/dbs/DateMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/DateMapper.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java Date object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java b/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java
index 8dc07e4d9..574030c42 100644
--- a/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java Integer object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java b/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java
index 50b3badc3..743176318 100644
--- a/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java
+++ b/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.dbs;
  * A class represents a collection of key record
  * specific schema information.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java b/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java
index e8122b6b8..7ae546184 100644
--- a/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java
+++ b/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.dbs.keydb.KeyState;
  * archived key. Namely, whether a key is inactive because
  * of compromise.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
@@ -88,7 +88,7 @@ public class KeyRecord implements IDBObj, IKeyRecord {
 
     /*
      *  Constructs key record.
-     * 
+     *
      * @param key key to be archived
      */
     public KeyRecord(BigInteger serialNo, byte publicData[],
@@ -213,7 +213,7 @@ public class KeyRecord implements IDBObj, IKeyRecord {
      * Retrieves serial number of the key record. Each key record
      * is uniquely identified by serial number.
      * 
    
-     * 
+     *
      * @return serial number of this key record
      */
     public BigInteger getSerialNumber() throws EBaseException {
@@ -231,7 +231,7 @@ public class KeyRecord implements IDBObj, IKeyRecord {
      * Retrieves the key state. This gives key life cycle
      * information.
      * 
    
-     * 
+     *
      * @return key state
      */
     public KeyState getState() throws EBaseException {
@@ -256,7 +256,7 @@ public class KeyRecord implements IDBObj, IKeyRecord {
     /**
      * Retrieves key.
      * 
    
-     * 
+     *
      * @return archived key
      */
     public byte[] getPrivateKeyData() throws EBaseException {
@@ -273,7 +273,7 @@ public class KeyRecord implements IDBObj, IKeyRecord {
     /**
      * Retrieves the key size.
      * 
    
-     * 
+     *
      * @return key size
      */
     public Integer getKeySize() throws EBaseException {
diff --git a/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java b/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java
index 941b0552d..732957c25 100644
--- a/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java
+++ b/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.dbs.keydb.IKeyRecordList;
 /**
  * A class represents a list of key records.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java b/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java
index 1a6103492..15e6935e2 100644
--- a/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.logging.ILogger;
  * A class represents a mapper to serialize
  * key record into database.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java b/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java
index 2622cdbc6..afb88bf66 100644
--- a/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.dbs.keydb.KeyState;
 /**
  * A class represents a key state mapper.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java b/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java
index ff867bf52..4bd31bcad 100644
--- a/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java
+++ b/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.dbs.IFilterConverter;
  * A class represents a filter converter
  * that understands how to convert a attribute
  * type from one defintion to another.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/LongMapper.java b/base/common/src/com/netscape/cmscore/dbs/LongMapper.java
index b4d6c75d6..0afa95c72 100644
--- a/base/common/src/com/netscape/cmscore/dbs/LongMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/LongMapper.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java Long object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java b/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java
index 9b224508c..f30d13bf6 100644
--- a/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java
@@ -32,14 +32,14 @@ import com.netscape.certsrv.dbs.IDBObj;
 /**
  * A class represent mapper for metainfo attribute. Metainfo
  * is in format of the following:
- * 
+ *
  * 
      * metaInfoType:metaInfoValue
  * metaInfoType:metaInfoValue
  * metaInfoType:metaInfoValue
  * metaInfoType:metaInfoValue
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java b/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java
index f77a36ed4..b6f39818a 100644
--- a/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java
@@ -39,7 +39,7 @@ import com.netscape.certsrv.logging.ILogger;
  * A class represents ann attribute mapper that maps
  * a Java object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java b/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java
index 8b66d02ca..ba5880282 100644
--- a/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java
@@ -37,7 +37,7 @@ import com.netscape.cmscore.cert.CertUtils;
  * a public key data into LDAP attribute and
  * vice versa.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java b/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java
index 46ab07385..5a6a61d20 100644
--- a/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java
+++ b/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.dbs.replicadb.IReplicaIDRepository;
  * A class represents a replica repository. It
  * creates unique managed replica IDs.
  * 
    
- * 
+ *
  * @author alee
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/Repository.java b/base/common/src/com/netscape/cmscore/dbs/Repository.java
index aadfb888a..2cfe320f6 100644
--- a/base/common/src/com/netscape/cmscore/dbs/Repository.java
+++ b/base/common/src/com/netscape/cmscore/dbs/Repository.java
@@ -39,11 +39,11 @@ import com.netscape.certsrv.dbs.repository.IRepositoryRecord;
  * 
    
  * To build domain specific repository, subclass should be created.
  * 
    
- * 
+ *
  * @author galperin
  * @author thomask
  * @version $Revision: 1.4
- * 
+ *
  *          $, $Date$
  */
 
@@ -126,7 +126,7 @@ public abstract class Repository implements IRepository {
     /**
      * Retrieves the next serial number attr in db.
      * 
    
-     * 
+     *
      * @return next serial number
      */
     protected BigInteger getSerialNumber() throws EBaseException {
@@ -152,7 +152,7 @@ public abstract class Repository implements IRepository {
         BigInteger serial = rec.getSerialNumber();
 
         if (!mInit) {
-            // cms may crash after issue a cert but before update 
+            // cms may crash after issue a cert but before update
             // the serial number record
             try {
                 IDBObj obj = s.read("cn=" +
@@ -173,7 +173,7 @@ public abstract class Repository implements IRepository {
     /**
      * Updates the serial number to the specified in db.
      * 
    
-     * 
+     *
      * @param num serial number
      */
     protected void setSerialNumber(BigInteger num) throws EBaseException {
@@ -186,7 +186,7 @@ public abstract class Repository implements IRepository {
 
     /**
      * Get the maximum serial number.
-     * 
+     *
      * @return maximum serial number
      */
     public String getMaxSerial() {
@@ -195,7 +195,7 @@ public abstract class Repository implements IRepository {
 
     /**
      * Set the maximum serial number.
-     * 
+     *
      * @param serial maximum number
      * @exception EBaseException failed to set maximum serial number
      */
@@ -212,7 +212,7 @@ public abstract class Repository implements IRepository {
 
     /**
      * Get the maximum serial number in next range.
-     * 
+     *
      * @return maximum serial number in next range
      */
     public String getNextMaxSerial() {
@@ -221,7 +221,7 @@ public abstract class Repository implements IRepository {
 
     /**
      * Set the maximum serial number in next range
-     * 
+     *
      * @param serial maximum number in next range
      * @exception EBaseException failed to set maximum serial number in next range
      */
@@ -240,7 +240,7 @@ public abstract class Repository implements IRepository {
 
     /**
      * Get the minimum serial number.
-     * 
+     *
      * @return minimum serial number
      */
     public String getMinSerial() {
@@ -337,7 +337,7 @@ public abstract class Repository implements IRepository {
     /**
      * Updates the serial number to the specified in db and cache.
      * 
    
-     * 
+     *
      * @param num serial number
      */
     public void setTheSerialNumber(BigInteger num) throws EBaseException {
@@ -364,7 +364,7 @@ public abstract class Repository implements IRepository {
      * Retrieves the next serial number, and also increase the
      * serial number by one.
      * 
    
-     * 
+     *
      * @return serial number
      */
     public synchronized BigInteger getNextSerialNumber() throws
@@ -422,7 +422,7 @@ public abstract class Repository implements IRepository {
     /**
      * Checks to see if a new range is needed, or if we have reached the end of the
      * current range, or if a range conflict has occurred.
-     * 
+     *
      * @exception EBaseException failed to check next range for conflicts
      */
     public void checkRanges() throws EBaseException {
@@ -483,7 +483,7 @@ public abstract class Repository implements IRepository {
     /**
      * Sets whether serial number management is enabled for certs
      * and requests.
-     * 
+     *
      * @param value true/false
      * @exception EBaseException failed to set
      */
diff --git a/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java b/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java
index 8f90723cd..36d5ce914 100644
--- a/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java
+++ b/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.dbs.repository.IRepositoryRecord;
 /**
  * A class represents a repository record.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java b/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java
index 4a0cf4155..4ec8da629 100644
--- a/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java
+++ b/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.dbs;
  * A class represents a collection of repository-specific
  * schema information.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java b/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java
index 00ca0034b..36f470511 100644
--- a/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java
+++ b/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.dbs.certdb.IRevocationInfo;
  * object is written as an attribute of certificate record
  * which essentially signifies a revocation act.
  * 
    
- * 
+ *
  * @author galperin
  * @version $Revision$, $Date$
  */
@@ -52,7 +52,7 @@ public class RevocationInfo implements IRevocationInfo, Serializable {
     /**
      * Constructs revocation info used by revocation
      * request implementation.
-     * 
+     *
      * @param reason if not null contains CRL entry extension
      *            that specifies revocation reason
      * @see CRLReasonExtension
diff --git a/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java b/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java
index 7cf39dcef..396067c79 100644
--- a/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java
@@ -40,7 +40,7 @@ import com.netscape.cmscore.util.Debug;
  * A class represents a mapper to serialize
  * revocation information into database.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/StringMapper.java b/base/common/src/com/netscape/cmscore/dbs/StringMapper.java
index 710a17875..d3b1ea710 100644
--- a/base/common/src/com/netscape/cmscore/dbs/StringMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/StringMapper.java
@@ -32,7 +32,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java String object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java b/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java
index 7a465231b..60dec48b7 100644
--- a/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.dbs.IDBObj;
  * A class represents ann attribute mapper that maps
  * a Java String object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java b/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java
index 0bf3bf7da..684f27c22 100644
--- a/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java
@@ -36,7 +36,7 @@ import com.netscape.certsrv.logging.ILogger;
  * A class represents ann attribute mapper that maps
  * a Java X500Name object into LDAP attribute,
  * and vice versa.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java b/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java
index 18f0c8e3d..6fbb2cfca 100644
--- a/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java
+++ b/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.dbs.certdb.ICertRecord;
 /**
  * A class represents a mapper to serialize
  * x509 certificate into database.
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java b/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java
index 213772882..ba02eff23 100644
--- a/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java
+++ b/base/common/src/com/netscape/cmscore/extensions/CMSExtensionsMap.java
@@ -54,7 +54,7 @@ public class CMSExtensionsMap implements ISubsystem {
 
     /**
      * Create extensions from configuration store.
-     * 
+     *
      * @param config the configuration store.
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -140,7 +140,7 @@ public class CMSExtensionsMap implements ISubsystem {
 
     /**
      * Get the extension class by name.
-     * 
+     *
      * @param name name of the extension
      * @return the extension class.
      */
@@ -150,7 +150,7 @@ public class CMSExtensionsMap implements ISubsystem {
 
     /**
      * Get the extension class by its OID.
-     * 
+     *
      * @param oid - the OID of the extension.
      * @return the extension class.
      */
diff --git a/base/common/src/com/netscape/cmscore/jobs/CronItem.java b/base/common/src/com/netscape/cmscore/jobs/CronItem.java
index 91574c6cc..f15e0402a 100644
--- a/base/common/src/com/netscape/cmscore/jobs/CronItem.java
+++ b/base/common/src/com/netscape/cmscore/jobs/CronItem.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.logging.ILogger;
  * an "item"...which includes both numbers and '-' separated ranges.
  * 
    
  * for each of the 5 cron fields, it's represented as a CronItem
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -55,7 +55,7 @@ public class CronItem {
 
     /**
      * parses and sets a string cron item
-     * 
+     *
      * @param sItem the string representing an item of a cron string.
      *            item can be potentially comma separated with ranges specified
      *            with '-'s
@@ -149,7 +149,7 @@ public class CronItem {
     /**
      * get the vector stuffed with elements where each element is
      * represented as CronRange
-     * 
+     *
      * @return a vector of CronRanges
      */
     public Vector getElements() {
diff --git a/base/common/src/com/netscape/cmscore/jobs/CronRange.java b/base/common/src/com/netscape/cmscore/jobs/CronRange.java
index af5ae2a51..c49a5b1b4 100644
--- a/base/common/src/com/netscape/cmscore/jobs/CronRange.java
+++ b/base/common/src/com/netscape/cmscore/jobs/CronRange.java
@@ -25,7 +25,7 @@ package com.netscape.cmscore.jobs;
  * 
    
  * an Element can contain either an integer number or a range specified as CronRange. In case of integer numbers, begin
  * and end are of the same value
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -67,7 +67,7 @@ public class CronRange {
     /**
      * checks to see if the lower and higher boundary values are
      * within the min/max.
-     * 
+     *
      * @param min the minimum value one can specify in this field
      * @param max the maximum value one can specify in this field
      * @return a boolean (true/false) on whether the begin/end values
diff --git a/base/common/src/com/netscape/cmscore/jobs/JobCron.java b/base/common/src/com/netscape/cmscore/jobs/JobCron.java
index 164c1250e..7befa611c 100644
--- a/base/common/src/com/netscape/cmscore/jobs/JobCron.java
+++ b/base/common/src/com/netscape/cmscore/jobs/JobCron.java
@@ -38,7 +38,7 @@ import com.netscape.certsrv.logging.ILogger;
  * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday
  * through Friday, at 11:30am and 11:30pm.
  * 
    
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -173,7 +173,7 @@ public class JobCron implements IJobCron {
 
     /**
      * retrieves the cron item
-     * 
+     *
      * @param item name of the item. must be one of the CRON_*
      *            strings defined in this class
      * @return an instance of the CronItem class which represents the
@@ -199,7 +199,7 @@ public class JobCron implements IJobCron {
 
     /**
      * Does the element fit any element in the item
-     * 
+     *
      * @param element the element of "now" in cron format
      * @param item the item consists of a vector of elements
      * @return boolean (true/false) on whether the element is one of
@@ -229,7 +229,7 @@ public class JobCron implements IJobCron {
     /**
      * convert the day of the week representation from Calendar to
      * cron
-     * 
+     *
      * @param time the Calendar value represents a moment of time
      * @return an integer value that represents a cron Day-Of-Week
      *         element
@@ -277,7 +277,7 @@ public class JobCron implements IJobCron {
 
     /**
      * convert the month of year representation from Calendar to cron
-     * 
+     *
      * @param time the Calendar value represents a moment of time
      * @return an integer value that represents a cron Month-Of-Year
      *         element
diff --git a/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java b/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java
index b35f8c340..feabb1f46 100644
--- a/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java
+++ b/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java
@@ -47,7 +47,7 @@ import com.netscape.cmscore.util.Debug;
  * on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that
  * hour. The inteval value is recommended at 1 minute, setting it otherwise has the potential of forever missing the
  * beat. Use with caution.
- * 
+ *
  * @author cfu
  * @see JobCron
  * @version $Revision$, $Date$
@@ -93,7 +93,7 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
      * the config params have the following formats: jobScheduler.impl.[implementation name].class=[package name]
      * jobScheduler.job.[job name].pluginName=[implementation name] jobScheduler.job.[job name].cron=[crontab format]
      * jobScheduler.job.[job name].[any job specific params]=[values]
-     * 
+     *
      * @param config jobsScheduler configStore
      */
     public void init(ISubsystem owner, IConfigStore config)
@@ -373,7 +373,7 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
 
     /**
      * Retrieves id (name) of this subsystem.
-     * 
+     *
      * @return name of the Jobs Scheduler subsystem
      */
     public String getId() {
@@ -384,7 +384,7 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
      * Sets id string to this subsystem.
      * 
    
      * Use with caution. Should not do it when sharing with others
-     * 
+     *
      * @param id name to be applied to an Jobs Scheduler subsystem
      */
     public void setId(String id) throws EBaseException {
@@ -423,7 +423,7 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
     /**
      * Returns the root configuration storage of this system.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
@@ -433,7 +433,7 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
     /**
      * Gets configuration parameters for the given
      * job plugin.
-     * 
+     *
      * @param implName Name of the job plugin.
      * @return Hashtable of required parameters.
      */
@@ -454,7 +454,7 @@ public class JobsScheduler implements Runnable, IJobsScheduler {
                     implName));
         }
 
-        // XXX can find an instance of this plugin in existing 
+        // XXX can find an instance of this plugin in existing
         // auth manager instantces to avoid instantiation just for this.
 
         // a temporary instance
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java b/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java
index 3d7e7f31d..7c1fa979e 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java
@@ -25,9 +25,9 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class represents an expression of the form
  * .
- * 
+ *
  * Expressions are used as predicates for publishing rule selection.
- * 
+ *
  * @author mzhao
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java b/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java
index 7dd282140..859e442fa 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java
@@ -108,7 +108,7 @@ public class LdapConnModule implements ILdapConnModule {
      * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap
      * publishing directory.
      * Use ILdapConnFactory.returnConn() to return the connection.
-     * 
+     *
      * @see com.netscape.certsrv.ldap.ILdapBoundConnFactory
      * @see com.netscape.certsrv.ldap.ILdapConnFactory
      */
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java b/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java
index 011e3e690..92a9b902e 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java
@@ -25,9 +25,9 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class represents an Or expression of the form
  * (var1 op val1 OR var2 op val2).
- * 
+ *
  * Expressions are used as predicates for publishing rule selection.
- * 
+ *
  * @author mzhao
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
index 469ba62a0..14263a951 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java
@@ -26,16 +26,16 @@ import com.netscape.cmscore.util.Debug;
 
 /**
  * Default implementation of predicate parser.
- * 
+ *
  * Limitations:
- * 
+ *
  * 1. Currently parentheses are not suported.
  * 2. Only ==, != <, >, <= and >= operators are supported.
  * 3. The only boolean operators supported are AND and OR. AND takes precedence
  * over OR. Example: a AND b OR e OR c AND d
  * is treated as (a AND b) OR e OR (c AND d)
  * 4. If this is n't adequate, roll your own.
- * 
+ *
  * @author mzhao
  * @version $Revision$, $Date$
  */
@@ -51,7 +51,7 @@ public class LdapPredicateParser {
 
     /**
      * Parse the predicate expression and return a vector of expressions.
-     * 
+     *
      * @param predicateExp The predicate expression as read from the config file.
      * @return expVector The vector of expressions.
      */
@@ -197,7 +197,7 @@ public class LdapPredicateParser {
          * req.set("request", "issuance");
          * req.set("id", new Integer(10));
          * req.set("dualcerts", new Boolean(true));
-         * 
+         *
          * Vector v = new Vector();
          * v.addElement("one");
          * v.addElement("two");
@@ -227,8 +227,8 @@ public class LdapPredicateParser {
          * }
          * catch (Exception e) {e.printStackTrace(); }
          * }
-         * 
-         * 
+         *
+         *
          * try
          * {
          * BufferedReader rdr = new BufferedReader(
@@ -248,7 +248,7 @@ public class LdapPredicateParser {
          * boolean result = exp.evaluate(req);
          * System.out.println("Result: " + result);
          * }
-         * 
+         *
          * }catch (Exception e){e.printStackTrace();}
          * }
          * }
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java b/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java
index bbe86e8a5..263187bf3 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java
@@ -153,7 +153,7 @@ public class LdapPublishModule implements ILdapPublishModule {
      * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap
      * publishing directory.
      * Use ILdapConnFactory.returnConn() to return the connection.
-     * 
+     *
      * @see com.netscape.certsrv.ldap.ILdapBoundConnFactory
      * @see com.netscape.certsrv.ldap.ILdapConnFactory
      */
@@ -607,7 +607,7 @@ class HandleRenewal implements IRequestListener {
     }
 
     public void accept(IRequest r) {
-        // Note we do not remove old certs from directory during renewal 
+        // Note we do not remove old certs from directory during renewal
         X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
 
         if (certs == null || certs.length == 0) {
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java b/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
index cbeeed2df..dd567efe7 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
@@ -105,7 +105,7 @@ public class LdapRequestListener implements IRequestListener {
             obj.setCerts(certs);
             return obj;
         } else if (type.equals(IRequest.RENEWAL_REQUEST)) {
-            // Note we do not remove old certs from directory during renewal 
+            // Note we do not remove old certs from directory during renewal
             X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
 
             if (certs == null || certs.length == 0) {
@@ -262,7 +262,7 @@ class LdapRenewalListener implements IRequestListener {
     }
 
     public void accept(IRequest r) {
-        // Note we do not remove old certs from directory during renewal 
+        // Note we do not remove old certs from directory during renewal
         Certificate[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
 
         if (certs == null || certs.length == 0) {
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapRule.java b/base/common/src/com/netscape/cmscore/ldap/LdapRule.java
index 0f0c3a3b9..df8153366 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapRule.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapRule.java
@@ -222,7 +222,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo {
     /**
      * Sets a predicate expression for rule matching.
      * 
    
-     * 
+     *
      * @param exp The predicate expression for the rule.
      */
     public void setPredicate(ILdapExpression exp) {
@@ -232,7 +232,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo {
     /**
      * Returns the predicate expression for the rule.
      * 
    
-     * 
+     *
      * @return The predicate expression for the rule.
      */
     public ILdapExpression getPredicate() {
diff --git a/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java b/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java
index 0a1dde49f..2c5caf2bd 100644
--- a/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java
+++ b/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java
@@ -30,9 +30,9 @@ import com.netscape.cmscore.util.AssertionException;
 /**
  * This class represents an expression of the form var = val,
  * var != val, var < val, var > val, var <= val, var >= val.
- * 
+ *
  * Expressions are used as predicates for publishing rule selection.
- * 
+ *
  * @author mzhao
  * @version $Revision$, $Date$
  */
@@ -45,7 +45,7 @@ public class LdapSimpleExpression implements ILdapExpression {
     private boolean hasWildCard;
     public static final char WILDCARD_CHAR = '*';
 
-    // This is just for indicating a null expression. 
+    // This is just for indicating a null expression.
     public static LdapSimpleExpression NULL_EXPRESSION = new LdapSimpleExpression("null", OP_EQUAL, "null");
 
     public static ILdapExpression parse(String input)
diff --git a/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java b/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java
index 453703443..74ac574da 100644
--- a/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java
+++ b/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java
@@ -360,7 +360,7 @@ public class PublisherProcessor implements
     /**
      * Retrieves LDAP connection module.
      * 
    
-     * 
+     *
      * @return LDAP connection instance
      */
     public ILdapConnModule getLdapConnModule() {
@@ -444,7 +444,7 @@ public class PublisherProcessor implements
                 mAuthority.removeRequestListener(mLdapRequestListener);
             }
         } catch (Exception e) {
-            // ignore 
+            // ignore
         }
     }
 
@@ -830,7 +830,7 @@ public class PublisherProcessor implements
                     + " published as " + published
                     + " in the ldap directory. Cert Record not found. Error: "
                     + e
-                    + " Don't be alarmed if it's a subordinate ca or clone's ca siging cert. " 
+                    + " Don't be alarmed if it's a subordinate ca or clone's ca siging cert. "
                     + "Otherwise your internal db may be corrupted.");
         }
     }
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnFactory.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnFactory.java
index dc4c86547..1edee3812 100644
--- a/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnFactory.java
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnFactory.java
@@ -48,7 +48,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
     public static final String PROP_ERROR_IF_DOWN = "errorIfDown";
 
     private int mNumConns = 0; // number of available conns in array
-    private int mTotal = 0; // total num conns 
+    private int mTotal = 0; // total num conns
     private AnonConnection mConns[] = null;
 
     private boolean mInited = false;
@@ -69,7 +69,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
 
     /**
      * Constructor for LdapAnonConnFactory
-     * 
+     *
      * @param minConns minimum number of connections to have available
      * @param maxConns max number of connections to have available. This is
      *            the maximum number of clones of this connection one wants to allow.
@@ -135,7 +135,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
     protected void init(int minConns, int maxConns, LdapConnInfo connInfo)
             throws ELdapException {
         if (mInited)
-            return; // XXX should throw exception here ? 
+            return; // XXX should throw exception here ?
 
         if (minConns <= 0 || maxConns <= 0 || minConns > maxConns)
             throw new ELdapException(
@@ -181,10 +181,10 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
             }
         } catch (LDAPException e) {
             // XXX errorCodeToString() used here so users won't see message.
-            // though why are messages from exceptions being displayed to 
+            // though why are messages from exceptions being displayed to
             // users ?
             if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) {
-                // need to intercept this because message from LDAP is 
+                // need to intercept this because message from LDAP is
                 // "DSA is unavailable" which confuses with DSA PKI.
                 log(ILogger.LL_FAILURE,
                         "Cannot connect to Ldap server. Error: " +
@@ -215,7 +215,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
      * If not the max number of connections may be reached prematurely.
      * The best thing to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * LDAPConnection c = null;
      * try {
@@ -242,7 +242,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
      * Returns null if maximum number of connections reached.
      * 
    
      * The best thing to put returnConn in a finally clause so it always gets called. For example,
-     * 
+     *
      * 
          * LDAPConnection c = null;
      * try {
@@ -292,7 +292,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
                             "to " + mConnInfo.getHost() + ":" + mConnInfo.getPort());
         }
         CMS.debug("LdapAnonConnFactory.getConn(): num avail conns now " + mNumConns);
-        //Beginning of fix for Bugzilla #630176 
+        //Beginning of fix for Bugzilla #630176
         boolean isConnected = false;
         if (conn != null) {
             isConnected = conn.isConnected();
@@ -321,7 +321,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
      * If not the max number of connections may be reached prematurely.
      * 
    
      * The best thing to put returnConn in a finally clause so it always gets called. For example,
-     * 
+     *
      * 
          * LDAPConnection c = null;
      * try {
@@ -342,7 +342,7 @@ public class LdapAnonConnFactory implements ILdapConnFactory {
         AnonConnection anon = (AnonConnection) conn;
 
         if (anon.getFacId() != mConns) {
-            // returning a connection not from this factory. 
+            // returning a connection not from this factory.
             log(ILogger.LL_WARN, "returnConn: unknown connection.");
         }
         // check if conn has already been returned.
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnection.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnection.java
index 1dc9723a8..a0d9b2466 100644
--- a/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnection.java
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapAnonConnection.java
@@ -42,7 +42,7 @@ public class LdapAnonConnection extends LDAPConnection {
             throws LDAPException {
         super(connInfo.getSecure() ? new LdapJssSSLSocketFactory() : null);
 
-        // Set option to automatically follow referrals. 
+        // Set option to automatically follow referrals.
         // rebind info is also anonymous.
         boolean followReferrals = connInfo.getFollowReferrals();
 
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
index b1af367b9..c1822113d 100644
--- a/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
@@ -108,7 +108,7 @@ public class LdapAuthInfo implements ILdapAuthInfo {
 
     /**
      * initialize this class from the config store, and verify the password.
-     * 
+     *
      * @param host The host that the directory server is running on.
      *            This will be used to verify the password by attempting to connect.
      *            If it is null, the password will not be verified.
@@ -258,7 +258,7 @@ public class LdapAuthInfo implements ILdapAuthInfo {
 
     /**
      * get authentication type.
-     * 
+     *
      * @return one of: 
    
      *         LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or
      *         LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH
@@ -269,7 +269,7 @@ public class LdapAuthInfo implements ILdapAuthInfo {
 
     /**
      * get params for authentication
-     * 
+     *
      * @return array of parameters for this authentication.
      */
     public String[] getParms() {
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapBoundConnFactory.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapBoundConnFactory.java
index b4839f7d5..1da965a3a 100644
--- a/base/common/src/com/netscape/cmscore/ldapconn/LdapBoundConnFactory.java
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapBoundConnFactory.java
@@ -51,7 +51,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
     public static final String PROP_ERROR_IF_DOWN = "errorIfDown";
 
     private int mNumConns = 0; // number of available conns in array
-    private int mTotal = 0; // total num conns 
+    private int mTotal = 0; // total num conns
 
     private boolean doCloning = true;
     private LdapBoundConnection mMasterConn = null; // master connection object.
@@ -92,7 +92,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
 
     /**
      * Constructor for LdapBoundConnFactory
-     * 
+     *
      * @param minConns minimum number of connections to have available
      * @param maxConns max number of connections to have available. This is
      *            the maximum number of clones of this connection or separate connections one wants to allow.
@@ -128,7 +128,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
     /**
      * initialize parameters obtained from either constructor or
      * config store
-     * 
+     *
      * @param minConns minimum number of connection handls to have available.
      * @param maxConns maximum total number of connections to ever have.
      * @param connInfo ldap connection info.
@@ -169,7 +169,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
 
     /**
      * makes the initial master connection used to clone others..
-     * 
+     *
      * @exception ELdapException if any error occurs.
      */
     protected void makeConnection(boolean errorIfDown) throws ELdapException {
@@ -201,7 +201,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
 
     /**
      * makes subsequent connections if cloning is not used .
-     * 
+     *
      * @exception ELdapException if any error occurs.
      */
     private LdapBoundConnection makeNewConnection(boolean errorIfDown) throws ELdapException {
@@ -268,7 +268,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
      * returnConn() method.
      * The best thing to do is to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * LDAPConnection c = null;
      * try {
@@ -295,7 +295,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
      * Returns null if maximum number of connections reached.
      * The best thing to do is to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * LDAPConnection c = null;
      * try {
@@ -396,7 +396,7 @@ public class LdapBoundConnFactory implements ILdapBoundConnFactory {
      * This is mandatory after a getConn().
      * The best thing to do is to put returnConn in a finally clause so it
      * always gets called. For example,
-     * 
+     *
      * 
          * LDAPConnection c = null;
      * try {
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapConnInfo.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapConnInfo.java
index 4ef7d804c..f05fc237e 100644
--- a/base/common/src/com/netscape/cmscore/ldapconn/LdapConnInfo.java
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapConnInfo.java
@@ -56,8 +56,8 @@ public class LdapConnInfo implements ILdapConnInfo {
         String version = (String) config.get(PROP_PROTOCOL);
 
         if (version != null && version.equals("")) {
-            // provide a default when this field is blank from the 
-            // configuration. 
+            // provide a default when this field is blank from the
+            // configuration.
             mVersion = LDAP_VERSION_3;
         } else {
             mVersion = config.getInteger(PROP_PROTOCOL, LDAP_VERSION_3);
@@ -82,7 +82,7 @@ public class LdapConnInfo implements ILdapConnInfo {
         mPort = port;
         mSecure = secure;
         if (mHost == null || mPort <= 0) {
-            // XXX log something here 
+            // XXX log something here
             throw new IllegalArgumentException("LDAP host or port is null");
         }
     }
@@ -91,7 +91,7 @@ public class LdapConnInfo implements ILdapConnInfo {
         mHost = host;
         mPort = port;
         if (mHost == null || mPort <= 0) {
-            // XXX log something here 
+            // XXX log something here
             throw new IllegalArgumentException("LDAP host or port is null");
         }
     }
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java
index 4df2fe357..bad9e3b23 100644
--- a/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.logging.ILogger;
 
 /**
  * Uses HCL ssl socket.
- * 
+ *
  * @author Lily Hsiao lhsiao@netscape.com
  */
 public class LdapJssSSLSocketFactory implements LDAPSSLSocketFactoryExt {
diff --git a/base/common/src/com/netscape/cmscore/listeners/ListenerPlugin.java b/base/common/src/com/netscape/cmscore/listeners/ListenerPlugin.java
index baedb98de..fbdeca579 100644
--- a/base/common/src/com/netscape/cmscore/listeners/ListenerPlugin.java
+++ b/base/common/src/com/netscape/cmscore/listeners/ListenerPlugin.java
@@ -20,7 +20,7 @@ package com.netscape.cmscore.listeners;
 /**
  * This class represents a registered listener plugin.
  * 
    
- * 
+ *
  * @author stevep
  * @version $Revision$, $Date$
  */
@@ -31,7 +31,7 @@ public class ListenerPlugin {
 
     /**
      * Constructs a Listener plugin.
-     * 
+     *
      * @param id listener implementation name
      * @param classPath class path
      */
diff --git a/base/common/src/com/netscape/cmscore/logging/AuditEventFactory.java b/base/common/src/com/netscape/cmscore/logging/AuditEventFactory.java
index 438b3abb9..fea638eb6 100644
--- a/base/common/src/com/netscape/cmscore/logging/AuditEventFactory.java
+++ b/base/common/src/com/netscape/cmscore/logging/AuditEventFactory.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.logging.ILogger;
 /**
  * A log event object for handling audit messages
  * 
    
- * 
+ *
  * @author mikep
  * @author mzhao
  * @version $Revision$, $Date$
@@ -48,7 +48,7 @@ public class AuditEventFactory implements ILogEventFactory {
 
     /**
      * Creates an log event.
-     * 
+     *
      * @param evtClass the event type
      * @param prop the resource bundle
      * @param source the subsystem ID who creates the log event
@@ -72,7 +72,7 @@ public class AuditEventFactory implements ILogEventFactory {
 
     /**
      * Set the resource bundle of the log event.
-     * 
+     *
      * @param prop the properties
      * @param event the log event
      */
@@ -90,7 +90,7 @@ public class AuditEventFactory implements ILogEventFactory {
 
     /**
      * Releases an log event.
-     * 
+     *
      * @param e the log event
      */
     public void release(ILogEvent e) {
diff --git a/base/common/src/com/netscape/cmscore/logging/AuditFormat.java b/base/common/src/com/netscape/cmscore/logging/AuditFormat.java
index a5ce83251..9ba62babb 100644
--- a/base/common/src/com/netscape/cmscore/logging/AuditFormat.java
+++ b/base/common/src/com/netscape/cmscore/logging/AuditFormat.java
@@ -22,7 +22,7 @@ import com.netscape.certsrv.request.IRequest;
 
 /**
  * Define audit log message format
- * 
+ *
  * @author mzhao
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/logging/LogQueue.java b/base/common/src/com/netscape/cmscore/logging/LogQueue.java
index 90ca05d81..f5b31b082 100644
--- a/base/common/src/com/netscape/cmscore/logging/LogQueue.java
+++ b/base/common/src/com/netscape/cmscore/logging/LogQueue.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.logging.ILogQueue;
 /**
  * A class represents a log queue.
  * 
    
- * 
+ *
  * @author mzhao
  * @version $Revision$, $Date$
  */
@@ -49,7 +49,7 @@ public class LogQueue implements ILogQueue {
     /**
      * Initializes the log queue.
      * 
    
-     * 
+     *
      */
     public void init() {
         mListeners = new Vector();
@@ -71,7 +71,7 @@ public class LogQueue implements ILogQueue {
 
     /**
      * Adds an event listener.
-     * 
+     *
      * @param listener the log event listener
      */
     public void addLogEventListener(ILogEventListener listener) {
@@ -82,7 +82,7 @@ public class LogQueue implements ILogQueue {
 
     /**
      * Removes an event listener.
-     * 
+     *
      * @param listener the log event listener
      */
     public void removeLogEventListener(ILogEventListener listener) {
@@ -91,7 +91,7 @@ public class LogQueue implements ILogQueue {
 
     /**
      * Logs an event, and notifies logger to reuse the event.
-     * 
+     *
      * @param event the log event
      */
     public void log(ILogEvent event) {
@@ -106,7 +106,7 @@ public class LogQueue implements ILogQueue {
                 // ConsoleError.send(new SystemEvent(CMS.getUserMessage("CMS_LOG_EVENT_FAILED",
                 //          event.getEventType(), e.toString())));
 
-                // Don't do this again.  
+                // Don't do this again.
                 removeLogEventListener((ILogEventListener) mListeners.elementAt(i));
             }
         }
diff --git a/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java b/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java
index 1cfce4e65..86e7f529c 100644
--- a/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/logging/LogSubsystem.java
@@ -35,7 +35,7 @@ import com.netscape.cmscore.util.Debug;
 /**
  * A class represents a log subsystem.
  * 
    
- * 
+ *
  * @author thomask
  * @author mzhao
  * @version $Revision$, $Date$
@@ -75,7 +75,7 @@ public class LogSubsystem implements ILogSubsystem {
     /**
      * Initializes the log subsystem.
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      */
@@ -178,7 +178,7 @@ public class LogSubsystem implements ILogSubsystem {
     /**
      * Returns the root configuration storage of this system.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cmscore/logging/Logger.java b/base/common/src/com/netscape/cmscore/logging/Logger.java
index 79895e263..b27147f20 100644
--- a/base/common/src/com/netscape/cmscore/logging/Logger.java
+++ b/base/common/src/com/netscape/cmscore/logging/Logger.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.logging.ILogger;
  * A class represents certificate server logger
  * implementation.
  * 
    
- * 
+ *
  * @author thomask
  * @author mzhao
  * @version $Revision$, $Date$
@@ -69,7 +69,7 @@ public class Logger implements ILogger {
 
     /**
      * Registers log factory.
-     * 
+     *
      * @param evtClass the event class name: ILogger.EV_SYSTEM or ILogger.EV_AUDIT
      * @param f the event factory name
      */
@@ -80,7 +80,7 @@ public class Logger implements ILogger {
     //************** default level ****************
     /**
      * Logs an event using default log level: ILogger.LL_INFO
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param source the source of the log event
      * @param msg the one line detail message to be logged
@@ -91,7 +91,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event using default log level: ILogger.LL_INFO
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -105,7 +105,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param source the source of the log event
      * @param level the level of the log event
@@ -117,7 +117,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -132,7 +132,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -145,7 +145,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event using default log level: ILogger.LL_INFO
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -158,7 +158,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -178,7 +178,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param source the source of the log event
      * @param level the level of the log event
@@ -193,7 +193,7 @@ public class Logger implements ILogger {
     //*************** the real implementation *****************
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -210,7 +210,7 @@ public class Logger implements ILogger {
     //************** default level ****************
     /**
      * Logs an event using default log level: ILogger.LL_INFO
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param source the source of the log event
      * @param msg the one line detail message to be logged
@@ -222,7 +222,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event using default log level: ILogger.LL_INFO
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -237,7 +237,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param source the source of the log event
      * @param level the level of the log event
@@ -250,7 +250,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -266,7 +266,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -280,7 +280,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event using default log level: ILogger.LL_INFO
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -294,7 +294,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -315,7 +315,7 @@ public class Logger implements ILogger {
 
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param source the source of the log event
      * @param level the level of the log event
@@ -331,7 +331,7 @@ public class Logger implements ILogger {
     //*************** the real implementation *****************
     /**
      * Logs an event to the log queue.
-     * 
+     *
      * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM.
      * @param props the resource bundle used for the detailed message
      * @param source the source of the log event
@@ -364,7 +364,7 @@ public class Logger implements ILogger {
     /**
      * Notifies logger to reuse the event. This framework
      * opens up possibility to reuse event.
-     * 
+     *
      * @param event a log event
      */
     public void release(ILogEvent event) {
diff --git a/base/common/src/com/netscape/cmscore/logging/SignedAuditEventFactory.java b/base/common/src/com/netscape/cmscore/logging/SignedAuditEventFactory.java
index 48570cada..6ba492dc3 100644
--- a/base/common/src/com/netscape/cmscore/logging/SignedAuditEventFactory.java
+++ b/base/common/src/com/netscape/cmscore/logging/SignedAuditEventFactory.java
@@ -29,7 +29,7 @@ import com.netscape.cmscore.util.Debug;
 /**
  * A log event object for handling system messages
  * 
    
- * 
+ *
  * @author mikep
  * @author mzhao
  * @author cfu
@@ -50,7 +50,7 @@ public class SignedAuditEventFactory implements ILogEventFactory {
 
     /**
      * Creates an log event.
-     * 
+     *
      * @param evtClass the event type
      * @param prop the resource bundle
      * @param source the subsystem ID who creates the log event
@@ -98,7 +98,7 @@ public class SignedAuditEventFactory implements ILogEventFactory {
 
     /**
      * Set the resource bundle of the log event.
-     * 
+     *
      * @param prop the properties
      * @param event the log event
      */
@@ -116,7 +116,7 @@ public class SignedAuditEventFactory implements ILogEventFactory {
 
     /**
      * Releases an log event.
-     * 
+     *
      * @param e the log event
      */
     public void release(ILogEvent e) {
diff --git a/base/common/src/com/netscape/cmscore/logging/SignedAuditLogger.java b/base/common/src/com/netscape/cmscore/logging/SignedAuditLogger.java
index acc2b866f..4b6fd55a2 100644
--- a/base/common/src/com/netscape/cmscore/logging/SignedAuditLogger.java
+++ b/base/common/src/com/netscape/cmscore/logging/SignedAuditLogger.java
@@ -21,7 +21,7 @@ package com.netscape.cmscore.logging;
  * A class represents certificate server logger
  * implementation.
  * 
    
- * 
+ *
  * @author thomask
  * @author mzhao
  * @version $Revision$, $Date$
diff --git a/base/common/src/com/netscape/cmscore/logging/SystemEventFactory.java b/base/common/src/com/netscape/cmscore/logging/SystemEventFactory.java
index dfe25f03f..6821fac6f 100644
--- a/base/common/src/com/netscape/cmscore/logging/SystemEventFactory.java
+++ b/base/common/src/com/netscape/cmscore/logging/SystemEventFactory.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.logging.SystemEvent;
 /**
  * A log event object for handling system messages
  * 
    
- * 
+ *
  * @author mikep
  * @author mzhao
  * @version $Revision$, $Date$
@@ -48,7 +48,7 @@ public class SystemEventFactory implements ILogEventFactory {
 
     /**
      * Creates an log event.
-     * 
+     *
      * @param evtClass the event type
      * @param prop the resource bundle
      * @param source the subsystem ID who creates the log event
@@ -72,7 +72,7 @@ public class SystemEventFactory implements ILogEventFactory {
 
     /**
      * Set the resource bundle of the log event.
-     * 
+     *
      * @param prop the properties
      * @param event the log event
      */
@@ -90,7 +90,7 @@ public class SystemEventFactory implements ILogEventFactory {
 
     /**
      * Releases an log event.
-     * 
+     *
      * @param e the log event
      */
     public void release(ILogEvent e) {
diff --git a/base/common/src/com/netscape/cmscore/notification/EmailFormProcessor.java b/base/common/src/com/netscape/cmscore/notification/EmailFormProcessor.java
index a057484cf..4848238b7 100644
--- a/base/common/src/com/netscape/cmscore/notification/EmailFormProcessor.java
+++ b/base/common/src/com/netscape/cmscore/notification/EmailFormProcessor.java
@@ -31,7 +31,7 @@ import com.netscape.certsrv.notification.IEmailFormProcessor;
  * '$' is used preceeding a token name. A token name should not be a
  * substring of any other token name
  * 
    
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/notification/EmailResolverKeys.java b/base/common/src/com/netscape/cmscore/notification/EmailResolverKeys.java
index cd63841eb..7012801c5 100644
--- a/base/common/src/com/netscape/cmscore/notification/EmailResolverKeys.java
+++ b/base/common/src/com/netscape/cmscore/notification/EmailResolverKeys.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.notification.IEmailResolverKeys;
 /**
  * Email resolver keys as input to email resolvers
  * 
    
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -43,7 +43,7 @@ public class EmailResolverKeys implements IEmailResolverKeys {
 
     /**
      * sets a key with key name and the key
-     * 
+     *
      * @param name key name
      * @param key key
      * @exception com.netscape.certsrv.base.EBaseException NullPointerException
@@ -60,7 +60,7 @@ public class EmailResolverKeys implements IEmailResolverKeys {
     /**
      * returns the key to which the specified name is mapped in this
      * key set
-     * 
+     *
      * @param name key name
      * @return the named email resolver key
      */
@@ -72,7 +72,7 @@ public class EmailResolverKeys implements IEmailResolverKeys {
      * removes the name and its corresponding key from this
      * key set. This method does nothing if the named
      * key is not in the key set.
-     * 
+     *
      * @param name key name
      */
     public void delete(String name) {
@@ -83,7 +83,7 @@ public class EmailResolverKeys implements IEmailResolverKeys {
      * returns an enumeration of the key names in this key
      * set. Use the Enumeration methods on the returned object to
      * fetch the elements sequentially.
-     * 
+     *
      * @return an enumeration of the values in this key set
      * @see java.util.Enumeration
      */
diff --git a/base/common/src/com/netscape/cmscore/notification/EmailTemplate.java b/base/common/src/com/netscape/cmscore/notification/EmailTemplate.java
index bdc16a24e..bd56ec608 100644
--- a/base/common/src/com/netscape/cmscore/notification/EmailTemplate.java
+++ b/base/common/src/com/netscape/cmscore/notification/EmailTemplate.java
@@ -30,8 +30,8 @@ import com.netscape.certsrv.notification.IEmailTemplate;
 /**
  * Files to be processed and returned to the requested parties. It
  * is a template with $tokens to be used by the form/template processor.
- * 
- * 
+ *
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -55,7 +55,7 @@ public class EmailTemplate implements IEmailTemplate {
 
     /**
      * Default Constructor
-     * 
+     *
      * @param templateFile File name of the template including the full path and
      *            file extension
      */
diff --git a/base/common/src/com/netscape/cmscore/notification/ReqCertEmailResolver.java b/base/common/src/com/netscape/cmscore/notification/ReqCertEmailResolver.java
index 330621e7a..de34f7be0 100644
--- a/base/common/src/com/netscape/cmscore/notification/ReqCertEmailResolver.java
+++ b/base/common/src/com/netscape/cmscore/notification/ReqCertEmailResolver.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.request.IRequest;
  * An email resolver that first checks the request email, if none,
  * then follows by checking the subjectDN of the certificate
  * 
    
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -53,7 +53,7 @@ public class ReqCertEmailResolver implements IEmailResolver {
     /**
      * returns an email address by using the resolver keys. The
      * return value can possibly be null
-     * 
+     *
      * @param keys list of keys used for resolving the email address
      */
     public String getEmail(IEmailResolverKeys keys)
@@ -137,7 +137,7 @@ public class ReqCertEmailResolver implements IEmailResolver {
 
     /**
      * Returns array of required keys for this email resolver
-     * 
+     *
      * @return Array of required keys.
      */
 
diff --git a/base/common/src/com/netscape/cmscore/notification/ReqCertSANameEmailResolver.java b/base/common/src/com/netscape/cmscore/notification/ReqCertSANameEmailResolver.java
index 68556dfc0..f3d5e8252 100644
--- a/base/common/src/com/netscape/cmscore/notification/ReqCertSANameEmailResolver.java
+++ b/base/common/src/com/netscape/cmscore/notification/ReqCertSANameEmailResolver.java
@@ -47,7 +47,7 @@ import com.netscape.certsrv.request.IRequest;
  * then follows by checking the subjectDN of the certificate, if none,
  * then follows by checking the subjectalternatename extension
  * 
    
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
@@ -66,7 +66,7 @@ public class ReqCertSANameEmailResolver implements IEmailResolver {
     /**
      * returns an email address by using the resolver keys. The
      * return value can possibly be null
-     * 
+     *
      * @param keys list of keys used for resolving the email address
      */
     public String getEmail(IEmailResolverKeys keys)
@@ -258,7 +258,7 @@ public class ReqCertSANameEmailResolver implements IEmailResolver {
 
     /**
      * Returns array of required keys for this email resolver
-     * 
+     *
      * @return Array of required keys.
      */
 
diff --git a/base/common/src/com/netscape/cmscore/policy/AndExpression.java b/base/common/src/com/netscape/cmscore/policy/AndExpression.java
index 459660f1e..9a2274b11 100644
--- a/base/common/src/com/netscape/cmscore/policy/AndExpression.java
+++ b/base/common/src/com/netscape/cmscore/policy/AndExpression.java
@@ -24,9 +24,9 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class represents an expression of the form
  * .
- * 
+ *
  * Expressions are used as predicates for policy selection.
- * 
+ *
  * @deprecated
  * @author kanda
  * @version $Revision$, $Date$
diff --git a/base/common/src/com/netscape/cmscore/policy/GeneralNameUtil.java b/base/common/src/com/netscape/cmscore/policy/GeneralNameUtil.java
index 7c7162d0c..a3f64915d 100644
--- a/base/common/src/com/netscape/cmscore/policy/GeneralNameUtil.java
+++ b/base/common/src/com/netscape/cmscore/policy/GeneralNameUtil.java
@@ -89,7 +89,7 @@ public class GeneralNameUtil implements IGeneralNameUtil {
      * Form a General Name from a General Name choice and value.
      * The General Name choice must be one of the General Name Choice Strings
      * defined in this class.
-     * 
+     *
      * @param generalNameChoice General Name choice. Must be one of the General
      *            Name choices defined in this class.
      * @param value String value of the general name to form.
@@ -192,7 +192,7 @@ public class GeneralNameUtil implements IGeneralNameUtil {
     /**
      * Checks if given string is a valid General Name choice and returns
      * the actual string that can be passed into form_GeneralName().
-     * 
+     *
      * @param generalNameChoice a General Name choice string.
      * @return one of General Name choices defined in this class that can be
      *         passed into form_GeneralName().
@@ -209,7 +209,7 @@ public class GeneralNameUtil implements IGeneralNameUtil {
             theGeneralNameChoice = GENNAME_CHOICE_DNSNAME;
 
         /* X400Address not supported.
-         else if (generalNameChoice.equalsIgnoreCase(GENNAME_CHOICE_X400ADDRESS)) 
+         else if (generalNameChoice.equalsIgnoreCase(GENNAME_CHOICE_X400ADDRESS))
          theGeneralNameChoice = GENNAME_CHOICE_X400ADDRESS;
          */
         else if (generalNameChoice.equalsIgnoreCase(GENNAME_CHOICE_DIRECTORYNAME))
diff --git a/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java b/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
index 05f8e111a..823c416dc 100644
--- a/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
+++ b/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java
@@ -55,11 +55,11 @@ import com.netscape.cmscore.util.Debug;
  * Renewal, Revocation and KeyRecovery and KeyArchival.
  * 2. To apply the configured policies on the given request.
  * 3. To enable policy listing/configuration via MCC console.
- * 
+ *
  * Since the policy processor also implements the IPolicy interface
  * the processor itself presents itself as one big policy to the
  * request processor.
- * 
+ *
  * @deprecated
  * @author kanda
  * @version $Revision$, $Date$
@@ -126,7 +126,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
     /**
      * Returns the configuration store.
      * 
    
-     * 
+     *
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -136,7 +136,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
     /**
      * Initializes the PolicyProcessor
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration of this subsystem
      * @exception EBaseException failed to initialize this Subsystem.
@@ -323,7 +323,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
             } catch (Throwable e) {
                 mAuthority.log(ILogger.LL_FAILURE,
                         CMS.getLogMessage("CMSCORE_POLICY_INIT_FAILED", instanceName, e.toString()));
-                // disable rule initialized if there is 
+                // disable rule initialized if there is
                 // configuration error
                 enabled = false;
                 c.putString(PROP_ENABLE, "false");
@@ -372,7 +372,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
 
     /**
      * Apply policies on the given request.
-     * 
+     *
      * @param IRequest The given request
      * @return The policy result object.
      */
@@ -384,9 +384,9 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
         if (op == null) {
             CMS.debug("GenericPolicyProcessor: apply op null");
             // throw new AssertionException("Missing operation type in request. Can't happen!");
-            // Return ACCEPTED for now. Looks like even get CA chain 
-            // is being passed in here with request type set elsewhere 
-            // on the request. 
+            // Return ACCEPTED for now. Looks like even get CA chain
+            // is being passed in here with request type set elsewhere
+            // on the request.
             return PolicyResult.ACCEPTED;
         }
         if (isProfileRequest(req)) {
@@ -920,7 +920,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
         // Predicate for the persistent rule can't be changed.
         ht.put(IPolicyRule.PROP_ENABLE, String.valueOf(active));
 
-        // put old config store parameters first. 
+        // put old config store parameters first.
         for (Enumeration oldkeys = oldStore.keys(); oldkeys.hasMoreElements();) {
             String k = (String) oldkeys.nextElement();
             String v = (String) oldStore.getString(k);
@@ -957,7 +957,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
         // Try to initialize this rule.
         newRule.init(this, newStore);
 
-        // If we are successfully initialized, replace the rule 
+        // If we are successfully initialized, replace the rule
         // instance
         policyInstance.setRule(newRule);
         policyInstance.setActive(active);
@@ -1161,26 +1161,26 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
     /**
      * Initializes the default system policies. Currently there is only
      * one policy - ManualAuthentication. More may be added later on.
-     * 
+     *
      * The default policies may be disabled - for example to over-ride
      * agent approval for testing the system by setting the following
      * property in the config file:
-     * 
+     *
      * .Policy.systemPolicies.enable=false
-     * 
+     *
      * By default the value for this property is true.
-     * 
+     *
      * Users can over-ride the default system policies by listing their
      * 'custom' system policies under the following property:
-     * 
+     *
      * .Policy.systemPolicies=,
      * 
-     * 
+     *
      * There can only be one instance of the system policy in the system
      * and will apply to all requests, and hence predicates are not used
      * for a system policy. Due to the same reason, these properties are
      * not configurable using the Console.
-     * 
+     *
      * A System policy may read config properties from a subtree under
      * .Policy.systemPolicies.. An example is
      * ra.Policy.systemPolicies.ManualAuthentication.param1=value
@@ -1221,7 +1221,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
                 mSystemDefaults = DEF_POLICIES;
         }
 
-        // Now Initialize the rules. These defaults have only one 
+        // Now Initialize the rules. These defaults have only one
         // instance and the rule name is the name of the class itself.
         // Any configuration parameters required could be read from
         // .Policy.default.RuleName.
@@ -1268,84 +1268,84 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
     /**
      * Read list of undeletable policies if any configured in the
      * system.
-     * 
+     *
      * These are required to protect the system from being misconfigured
      * to the point that the requests wouldn't serialize or certain
      * fields in the certificate(s) being checked will go unchecked
      * ..etc.
-     * 
+     *
      * For now the following policies are undeletable:
-     * 
+     *
      * DirAuthRule: This is a default DirectoryAuthentication policy
      * for user certificates that interprets directory
      * credentials. The presence of this policy is needed
      * if the OOTB DirectoryAuthentication-based automatic
      * certificate issuance is supported.
-     * 
+     *
      * DefaultUserNameRule: This policy verifies/sets subjectDn for user
      * certificates.
-     * 
+     *
      * DefaultServerNameRule: This policy verifies/sets subjectDn for
      * server certificates.
-     * 
+     *
      * DefaultValidityRule: Verifies/sets validty for all certificates.
-     * 
+     *
      * DefaultRenewalValidityRule: Verifies/sets validity for certs being
      * renewed.
-     * 
+     *
      * The 'undeletables' cannot be deleted from the config file, nor
      * can the be disabled. If any predicates are associated with them
      * the predicates can't be changed either. But, other config parameters
      * such as maxValidity, renewalInterval ..etc can be changed to suit
      * local policy requirements.
-     * 
+     *
      * During start up the policy processor will verify if the undeletables
      * are present, and that they are enabled and that their predicates are
      * not changed.
-     * 
+     *
      * The rules mentioned above are currently hard coded. If these need to
      * read from the config file, the 'undeletables' can be configured as
      * as follows:
-     * 
+     *
      * .Policy.undeletablePolicies=
      * Example:
      * ra.Policy.undeletablePolicies=DirAuthRule, DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule,
      * DefaultRenewalValidityRule
-     * 
+     *
      * The predicates if any associated with them may be configured as
      * follows:
      * .Policy.undeletablePolicies.DirAuthRule.predicate= certType == client.
-     * 
+     *
      * where subsystemId is ra or ca.
-     * 
+     *
      * If the undeletables are configured in the file,the configured entries
      * take precedence over the hardcoded ones in this file. If you are
      * configuring them in the file, please remember to configure the
      * predicates if applicable.
-     * 
+     *
      * During policy configuration from MCC, the policy processor will not
      * let you delete an 'undeletable', nor will it let you disable it.
      * You will not be able to change the predicate either. Other parameters
      * can be configured as needed.
-     * 
+     *
      * If a particular rule needs to be removed from the 'undeletables',
      * either remove it from the hard coded list above, or configure the
      * rules required rules only via the config file. The former needs
      * recompilation of the source. The later is flexible to be able to
      * make any rule an 'undeletable' or nor an 'undeletable'.
-     * 
+     *
      * Example: We want to use only manual forms for enrollment.
      * We do n't need to burn in DirAuthRule. We need to configure all
      * other rules except the DirAuthRule as follows:
-     * 
+     *
      * ra.Policy.undeletablePolicies = DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule,
      * DefaultRenewalValidityRule
-     * 
+     *
      * The following predicates are necessary:
-     * 
+     *
      * ra.Policy.undeletablePolicies.DefaultUserNameRule.predicate = certType == client
      * ra.Policy.undeletablePolicies.DefaultServerNameRule.predicate = certType == server
-     * 
+     *
      * The other two rules do not have any predicates.
      */
     private void initUndeletablePolicies(IConfigStore mConfig)
@@ -1375,7 +1375,7 @@ public class GenericPolicyProcessor implements IPolicyProcessor {
             return;
         }
 
-        // For each rule read from the config file, see if any 
+        // For each rule read from the config file, see if any
         // predicate is set.
         mUndeletablePolicies = new Hashtable();
         for (Enumeration e = rules.elements(); e.hasMoreElements();) {
diff --git a/base/common/src/com/netscape/cmscore/policy/OrExpression.java b/base/common/src/com/netscape/cmscore/policy/OrExpression.java
index 3b220c100..512bba256 100644
--- a/base/common/src/com/netscape/cmscore/policy/OrExpression.java
+++ b/base/common/src/com/netscape/cmscore/policy/OrExpression.java
@@ -24,9 +24,9 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This class represents an Or expression of the form
  * (var1 op val1 OR var2 op val2).
- * 
+ *
  * Expressions are used as predicates for policy selection.
- * 
+ *
  * @deprecated
  * @author kanda
  * @version $Revision$, $Date$
diff --git a/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java b/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
index 568a38e6d..b40a50699 100644
--- a/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
+++ b/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java
@@ -26,16 +26,16 @@ import com.netscape.cmscore.util.Debug;
 
 /**
  * Default implementation of predicate parser.
- * 
+ *
  * Limitations:
- * 
+ *
  * 1. Currently parentheses are not suported.
  * 2. Only ==, != <, >, <= and >= operators are supported.
  * 3. The only boolean operators supported are AND and OR. AND takes precedence
  * over OR. Example: a AND b OR e OR c AND d
  * is treated as (a AND b) OR e OR (c AND d)
  * 4. If this is n't adequate, roll your own.
- * 
+ *
  * @deprecated
  * @author kanda
  * @version $Revision$, $Date$
@@ -52,7 +52,7 @@ public class PolicyPredicateParser {
 
     /**
      * Parse the predicate expression and return a vector of expressions.
-     * 
+     *
      * @param predicateExp The predicate expression as read from the config file.
      * @return expVector The vector of expressions.
      */
@@ -198,7 +198,7 @@ public class PolicyPredicateParser {
          * req.set("request", "issuance");
          * req.set("id", new Integer(10));
          * req.set("dualcerts", new Boolean(true));
-         * 
+         *
          * Vector v = new Vector();
          * v.addElement("one");
          * v.addElement("two");
@@ -228,8 +228,8 @@ public class PolicyPredicateParser {
          * }
          * catch (Exception e) {e.printStackTrace(); }
          * }
-         * 
-         * 
+         *
+         *
          * try
          * {
          * BufferedReader rdr = new BufferedReader(
@@ -249,7 +249,7 @@ public class PolicyPredicateParser {
          * boolean result = exp.evaluate(req);
          * System.out.println("Result: " + result);
          * }
-         * 
+         *
          * }catch (Exception e){e.printStackTrace();}
          * }
          * }
diff --git a/base/common/src/com/netscape/cmscore/policy/PolicySet.java b/base/common/src/com/netscape/cmscore/policy/PolicySet.java
index 9e7ecdc64..d824d2629 100644
--- a/base/common/src/com/netscape/cmscore/policy/PolicySet.java
+++ b/base/common/src/com/netscape/cmscore/policy/PolicySet.java
@@ -32,7 +32,7 @@ import com.netscape.cmscore.util.Debug;
 /**
  * Implements a policy set per IPolicySet interface. This class
  * uses a vector of ordered policies to enforce priority.
- * 
+ *
  * @deprecated
  * @author kanda
  * @version $Revision$, $Date$
@@ -50,7 +50,7 @@ public class PolicySet implements IPolicySet {
     /**
      * Returns the name of the rule set.
      * 
    
-     * 
+     *
      * @return The name of the rule set.
      */
     public String getName() {
@@ -60,7 +60,7 @@ public class PolicySet implements IPolicySet {
     /**
      * Returns the no of rules in a set.
      * 
    
-     * 
+     *
      * @return the no of rules.
      */
     public int count() {
@@ -70,7 +70,7 @@ public class PolicySet implements IPolicySet {
     /**
      * Add a policy rule.
      * 
    
-     * 
+     *
      * @param ruleName The name of the rule to be added.
      * @param rule The rule to be added.
      */
@@ -88,7 +88,7 @@ public class PolicySet implements IPolicySet {
 
     /**
      * Remplaces a policy rule identified by the given name.
-     * 
+     *
      * @param name The name of the rule to be replaced.
      * @param rule The rule to be replaced.
      */
@@ -106,7 +106,7 @@ public class PolicySet implements IPolicySet {
 
     /**
      * Removes a policy rule identified by the given name.
-     * 
+     *
      * @param name The name of the rule to be removed.
      */
     public void removeRule(String ruleName) {
@@ -122,7 +122,7 @@ public class PolicySet implements IPolicySet {
     /**
      * Returns the rule identified by a given name.
      * 
    
-     * 
+     *
      * @param name The name of the rule to be return.
      * @return The rule identified by the given name or null if none exists.
      */
@@ -137,7 +137,7 @@ public class PolicySet implements IPolicySet {
     /**
      * Returns an enumeration of rules.
      * 
    
-     * 
+     *
      * @return An enumeration of rules.
      */
     public Enumeration getRules() {
@@ -147,7 +147,7 @@ public class PolicySet implements IPolicySet {
     /**
      * Apply policies on a given request from a rule set.
      * The rules may modify the request.
-     * 
+     *
      * @param req The request to apply policies on.
      * @return the PolicyResult.
      */
@@ -161,7 +161,7 @@ public class PolicySet implements IPolicySet {
         // if atleast one of the policies returns a REJECTED, we need to
         // return that status. If none of the policies REJECTED
         // the request, but atleast one of them DEFERRED the request, we
-        // need to return DEFERRED. 
+        // need to return DEFERRED.
         boolean rejected = false;
         boolean deferred = false;
         int size = mRules.size();
@@ -235,7 +235,7 @@ public class PolicySet implements IPolicySet {
                         ILogger.LL_FAILURE,
                         CMS.getLogMessage("CMSCORE_POLICY_ERROR_RESULT", req.getRequestId().toString(), name,
                                 ex.toString()));
-                // treat as rejected to prevent request from going into 
+                // treat as rejected to prevent request from going into
                 // a weird state. request queue doesn't handle this case.
                 rejected = true;
                 ((IPolicyRule) rule).setError(
diff --git a/base/common/src/com/netscape/cmscore/policy/SimpleExpression.java b/base/common/src/com/netscape/cmscore/policy/SimpleExpression.java
index 892fd6451..cf6e44bb0 100644
--- a/base/common/src/com/netscape/cmscore/policy/SimpleExpression.java
+++ b/base/common/src/com/netscape/cmscore/policy/SimpleExpression.java
@@ -30,9 +30,9 @@ import com.netscape.cmscore.util.Debug;
 /**
  * This class represents an expression of the form var = val,
  * var != val, var < val, var > val, var <= val, var >= val.
- * 
+ *
  * Expressions are used as predicates for policy selection.
- * 
+ *
  * @deprecated
  * @author kanda
  * @version $Revision$, $Date$
@@ -46,7 +46,7 @@ public class SimpleExpression implements IExpression {
     private boolean hasWildCard;
     public static final char WILDCARD_CHAR = '*';
 
-    // This is just for indicating a null expression. 
+    // This is just for indicating a null expression.
     public static SimpleExpression NULL_EXPRESSION = new SimpleExpression("null", OP_EQUAL, "null");
 
     public static IExpression parse(String input)
diff --git a/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java b/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java
index 585af5600..54f54e009 100644
--- a/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/profile/ProfileSubsystem.java
@@ -65,7 +65,7 @@ public class ProfileSubsystem implements IProfileSubsystem {
      * Initializes this subsystem with the given configuration
      * store.
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      * @exception EBaseException failed to initialize
@@ -220,7 +220,7 @@ public class ProfileSubsystem implements IProfileSubsystem {
     /**
      * Returns the root configuration storage of this system.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
@@ -312,7 +312,7 @@ public class ProfileSubsystem implements IProfileSubsystem {
 
     /**
      * Checks if owner id should be enforced during profile approval.
-     * 
+     *
      * @return true if approval should be checked
      */
     public boolean checkOwner() {
diff --git a/base/common/src/com/netscape/cmscore/realm/ACL.java b/base/common/src/com/netscape/cmscore/realm/ACL.java
index 4d7303f9d..5c7defd1d 100644
--- a/base/common/src/com/netscape/cmscore/realm/ACL.java
+++ b/base/common/src/com/netscape/cmscore/realm/ACL.java
@@ -29,7 +29,7 @@ import java.util.Vector;
  * An ACL may contain one or more ACLEntry. However, in case of multiple ACLEntry
  * , a subject must pass ALL of the ACLEntry evaluation for permission to be granted
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ACL  {
@@ -54,7 +54,7 @@ public class ACL  {
      * Class constructor.
      * Constructs an access control list associated
      * with a resource name
-     * 
+     *
      * @param name resource name
      * @param rights applicable rights defined for this resource
      * @param resourceACLs the entire ACL specification. For example:
@@ -78,7 +78,7 @@ public class ACL  {
     /**
      * Sets the name of the resource governed by this
      * access control.
-     * 
+     *
      * @param name name of the resource
      */
     public void setName(String name) {
@@ -88,7 +88,7 @@ public class ACL  {
     /**
      * Retrieves the name of the resource governed by
      * this access control.
-     * 
+     *
      * @return name of the resource
      */
     public String getName() {
@@ -97,7 +97,7 @@ public class ACL  {
 
     /**
      * Retrieves the exact string of the resourceACLs
-     * 
+     *
      * @return resource's acl
      */
     public String getResourceACLs() {
@@ -107,7 +107,7 @@ public class ACL  {
     /**
      * Sets the description of the resource governed by this
      * access control.
-     * 
+     *
      * @param description Description of the protected resource
      */
     public void setDescription(String description) {
@@ -117,7 +117,7 @@ public class ACL  {
     /**
      * Retrieves the description of the resource governed by
      * this access control.
-     * 
+     *
      * @return Description of the protected resource
      */
     public String getDescription() {
@@ -126,7 +126,7 @@ public class ACL  {
 
     /**
      * Adds an ACL entry to this list.
-     * 
+     *
      * @param entry the ACLEntry to be added to this resource
      */
     public void addEntry(ACLEntry entry) {
@@ -135,7 +135,7 @@ public class ACL  {
 
     /**
      * Returns ACL entries.
-     * 
+     *
      * @return enumeration for the ACLEntry vector
      */
     public Enumeration entries() {
@@ -144,7 +144,7 @@ public class ACL  {
 
     /**
      * Returns the string reprsentation.
-     * 
+     *
      * @return the string representation of the ACL entries in the
      *         following format:
      *         [,,...]
@@ -165,7 +165,7 @@ public class ACL  {
 
     /**
      * Adds an rights entry to this list.
-     * 
+     *
      * @param right The right to be added for this ACL
      */
     public void addRight(String right) {
@@ -174,7 +174,7 @@ public class ACL  {
 
     /**
      * Tells if the permission is one of the defined "rights"
-     * 
+     *
      * @param permission permission to be checked
      * @return true if it's one of the "rights"; false otherwise
      */
@@ -184,7 +184,7 @@ public class ACL  {
 
     /**
      * Returns rights entries.
-     * 
+     *
      * @return enumeration of rights defined for this ACL
      */
     public Enumeration rights() {
diff --git a/base/common/src/com/netscape/cmscore/realm/ACLEntry.java b/base/common/src/com/netscape/cmscore/realm/ACLEntry.java
index 8e502b02c..e05abf0b9 100644
--- a/base/common/src/com/netscape/cmscore/realm/ACLEntry.java
+++ b/base/common/src/com/netscape/cmscore/realm/ACLEntry.java
@@ -24,7 +24,7 @@ import java.util.StringTokenizer;
 /**
  * A class represents an ACI entry of an access control list.
  * 
    
- * 
+ *
  * @version $Revision$, $Date$
  */
 public class ACLEntry {
@@ -44,7 +44,7 @@ public class ACLEntry {
 
     /**
      * Checks if this ACL entry is set to negative.
-     * 
+     *
      * @return true if this ACL entry expression is for "deny";
      *         false if this ACL entry expression is for "allow"
      */
@@ -61,9 +61,9 @@ public class ACLEntry {
 
     /**
      * Sets the ACL entry string
-     * 
+     *
      * @param s string in the following format:
-     * 
+     *
      *            
          *   allow|deny (right[,right...]) attribute_expression
      * 
    
@@ -74,9 +74,9 @@ public class ACLEntry {
 
     /**
      * Gets the ACL Entry String
-     * 
+     *
      * @return ACL Entry string in the following format:
-     * 
+     *
      *         
          *   allow|deny (right[,right...]) attribute_expression
      * 
    
@@ -88,7 +88,7 @@ public class ACLEntry {
     /**
      * Adds permission to this entry. Permission must be one of the
      * "rights" defined for each protected resource in its ACL
-     * 
+     *
      * @param acl the acl instance that this aclEntry is associated with
      * @param permission one of the "rights" defined for each
      *            protected resource in its ACL
@@ -104,7 +104,7 @@ public class ACLEntry {
     /**
      * Returns a list of permissions associated with
      * this entry.
-     * 
+     *
      * @return a list of permissions for this ACL entry
      */
     public Enumeration permissions() {
@@ -113,7 +113,7 @@ public class ACLEntry {
 
     /**
      * Sets the expression associated with this entry.
-     * 
+     *
      * @param expressions the evaluator expressions. For example,
      *            group="Administrators"
      */
@@ -123,7 +123,7 @@ public class ACLEntry {
 
     /**
      * Retrieves the expression associated with this entry.
-     * 
+     *
      * @return the evaluator expressions. For example,
      *         group="Administrators"
      */
@@ -134,7 +134,7 @@ public class ACLEntry {
     /**
      * Checks to see if this ACLEntry contains a
      * particular permission
-     * 
+     *
      * @param permission one of the "rights" defined for each
      *            protected resource in its ACL
      * @return true if permission contained in the permission list
@@ -146,7 +146,7 @@ public class ACLEntry {
 
     /**
      * Checks if this entry has the given permission.
-     * 
+     *
      * @param permission one of the "rights" defined for each
      *            protected resource in its ACL
      * @return true if the permission is allowed; false if the
@@ -167,13 +167,13 @@ public class ACLEntry {
 
     /**
      * Parse string in the following format:
-     * 
+     *
      * 
          *   allow|deny (right[,right...]) attribute_expression
      * 
    
-     * 
+     *
      * into an instance of the ACLEntry class
-     * 
+     *
      * @param acl the acl instance associated with this aclentry
      * @param aclEntryString aclEntryString in the specified format
      * @return an instance of the ACLEntry class
@@ -217,7 +217,7 @@ public class ACLEntry {
 
     /**
      * Returns the string representation of this ACLEntry
-     * 
+     *
      * @return string representation of this ACLEntry
      */
     public String toString() {
diff --git a/base/common/src/com/netscape/cmscore/realm/PKIJNDIRealm.java b/base/common/src/com/netscape/cmscore/realm/PKIJNDIRealm.java
index 720d9f52e..b847332c6 100644
--- a/base/common/src/com/netscape/cmscore/realm/PKIJNDIRealm.java
+++ b/base/common/src/com/netscape/cmscore/realm/PKIJNDIRealm.java
@@ -32,19 +32,19 @@ import javax.servlet.http.HttpServletResponse;
 
 /*
  *  Self contained PKI JNDI Real that overrides the standard JNDI Realm
- * 
+ *
  *  The purpose is to move authentication and authorization code out of the core server.
  *  This realm can be used standalone with only the dependency of having tomcatjss and jss installed
  *  and having tomcatjss connectors configured in the tomcat instance.
- *  
+ *
  *  This realm allows for configurable SSL client authentication checking as well
  *  as checking against the standard PKI ACLs we have configured in our ldap database.
  *  Those not using a CS instance could either not configure the ACL checking or
  *  override this class to read in and evaluate their own ACL's.
- *  
+ *
  *  This code makes use and simplifies some existing ACL and authorization code
  *  from the main server for now.
- * 
+ *
  */
 
 public class PKIJNDIRealm extends JNDIRealm {
@@ -123,11 +123,11 @@ public class PKIJNDIRealm extends JNDIRealm {
 
         //Call the getPrincipal method of the base JNDIRealm class
         //based on the just calculated uid. During the next call
-        // one of our methods to extract and store the user's ldap stored 
+        // one of our methods to extract and store the user's ldap stored
         //client cert will be invoked
 
         Principal user = getPrincipal(uid);
-        
+
         //ToDo: Possibly perform some more cert verficiation
         // such as OCSP, even though the tomcat jss connector
         // can already be configured for OCSP
@@ -154,12 +154,12 @@ public class PKIJNDIRealm extends JNDIRealm {
      * otherwise return null.
      * Override here to extract the client auth certificate from the
      * ldap db.
-     * 
+     *
      * @param context The directory context
      * @param username Username to be looked up
-     * 
+     *
      * @exception NamingException if a directory server error occurs
-     * 
+     *
      * @see #getUser(DirContext, String, String, int)
      */
     @Override
@@ -175,7 +175,7 @@ public class PKIJNDIRealm extends JNDIRealm {
         // Support for SSL client auth does not appear to support
         // the userPattern attribute. Certainly another method here
         // could be overridden to get this working.
-        
+
         User certUser = super.getUser(context, username);
 
         if (certUser != null) {
@@ -190,12 +190,12 @@ public class PKIJNDIRealm extends JNDIRealm {
      * Return true if this constraint is satisfied and processing
      * should continue, or false otherwise.
      * override to check for custom PKI ACL's authz permissions.
-     * 
+     *
      * @param request Request we are processing
      * @param response Response we are creating
      * @param constraints Security constraint we are enforcing
      * @param context The Context to which client of this class is attached.
-     * 
+     *
      * @exception IOException if an input/output error occurs
      */
     @Override
@@ -254,7 +254,7 @@ public class PKIJNDIRealm extends JNDIRealm {
 
         return allowed;
     }
-    
+
     /**
      * Return a List of roles associated with the given User.  Any
      * roles present in the user's directory entry are supplemented by
@@ -280,10 +280,10 @@ public class PKIJNDIRealm extends JNDIRealm {
 
         return super.getRoles(context, user);
     }
-    
+
     /* Custom variables, see  element */
 
-    /* Attribute to find encoded Cert in ldap 
+    /* Attribute to find encoded Cert in ldap
      * "userCertificate" is most common value.
      */
     private String certAttrName;
@@ -296,7 +296,7 @@ public class PKIJNDIRealm extends JNDIRealm {
         this.certAttrName = certAttrName;
     }
 
-    /* Attribute to find encoded acl resources in ldap 
+    /* Attribute to find encoded acl resources in ldap
      * "aclResources" is most common value.
      */
     private String aclAttrName;
@@ -309,7 +309,7 @@ public class PKIJNDIRealm extends JNDIRealm {
         this.aclAttrName = aclAttrName;
     }
 
-    /* Attribute for base dn of acl resources in ldap 
+    /* Attribute for base dn of acl resources in ldap
      */
 
     private String aclBase;
@@ -338,7 +338,7 @@ public class PKIJNDIRealm extends JNDIRealm {
 
     /* Saved user certificate object obtained during authentication
      * from the user's LDAP record.
-     * Will be accessed later to compare with incoming client auth certificate. 
+     * Will be accessed later to compare with incoming client auth certificate.
      */
     private X509Certificate storedUserCert;
 
@@ -547,7 +547,7 @@ public class PKIJNDIRealm extends JNDIRealm {
 
     }
 
-    /* Attempt to get the stored user certificate object and save it for 
+    /* Attempt to get the stored user certificate object and save it for
      * future reference. This all takes place within one command invocation from
      * the getPrincipal method defined here.
      */
@@ -630,7 +630,7 @@ public class PKIJNDIRealm extends JNDIRealm {
     // as one of the parameters to the message.
     // There may be a way to extract this information at this level.
     // The parameter name to scan for could be configured with the Realm.
-    
+
     private String getACLEntryDataForURL(String requestURI) {
         String aclEntryData;
 
@@ -746,9 +746,9 @@ public class PKIJNDIRealm extends JNDIRealm {
 
     /**
      * Parse ACL resource attributes
-     * 
+     *
      * @param res same format as the resource attribute:
-     * 
+     *
      *            
          *     ::
      *      () 
@@ -894,14 +894,14 @@ public class PKIJNDIRealm extends JNDIRealm {
             return;
         }
     }
-    
+
     /**
      * Return a String representing the value of the specified attribute.
      * Create our own since the super class has it as private
-     * 
+     *
      * @param attrId Attribute name
      * @param attrs Attributes containing the required value
-     * 
+     *
      * @exception NamingException if a directory server error occurs
      */
     private Vector getAttributeValues(String attrId, Attributes attrs)
@@ -929,7 +929,7 @@ public class PKIJNDIRealm extends JNDIRealm {
         }
         return values;
     }
-    
+
    /*
     * ToDo: Figure out how to do real logging
     */
diff --git a/base/common/src/com/netscape/cmscore/registry/PluginInfo.java b/base/common/src/com/netscape/cmscore/registry/PluginInfo.java
index 681861901..f9f734b72 100644
--- a/base/common/src/com/netscape/cmscore/registry/PluginInfo.java
+++ b/base/common/src/com/netscape/cmscore/registry/PluginInfo.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.registry.IPluginInfo;
 /**
  * The plugin information includes id, name,
  * classname, and description.
- * 
+ *
  * @author thomask
  */
 public class PluginInfo implements IPluginInfo {
diff --git a/base/common/src/com/netscape/cmscore/registry/PluginRegistry.java b/base/common/src/com/netscape/cmscore/registry/PluginRegistry.java
index 42bb3e68e..95a723785 100644
--- a/base/common/src/com/netscape/cmscore/registry/PluginRegistry.java
+++ b/base/common/src/com/netscape/cmscore/registry/PluginRegistry.java
@@ -65,7 +65,7 @@ public class PluginRegistry implements IPluginRegistry {
      * Initializes this subsystem with the given configuration
      * store.
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      * @exception EBaseException failed to initialize
@@ -251,7 +251,7 @@ public class PluginRegistry implements IPluginRegistry {
     /**
      * Returns the root configuration storage of this system.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cmscore/request/ARequestQueue.java b/base/common/src/com/netscape/cmscore/request/ARequestQueue.java
index 16db3985c..1d247ab0c 100644
--- a/base/common/src/com/netscape/cmscore/request/ARequestQueue.java
+++ b/base/common/src/com/netscape/cmscore/request/ARequestQueue.java
@@ -76,7 +76,7 @@ import com.netscape.certsrv.request.RequestStatus;
  * 
    
  * This class also implements the locking operations specified by the IRequestQueue interface.
  * 
    
- * 
+ *
  * @author thayes
  * @version $Revision$ $Date$
  */
@@ -94,7 +94,7 @@ public abstract class ARequestQueue
      * This method must be implemented by the specialized class to generate a new id from data in the persistant store.
      * This id is used to create a new request object.
      * 
    
-     * 
+     *
      * @return
      *         a new RequestId object.
      * @exception EBaseException
@@ -112,7 +112,7 @@ public abstract class ARequestQueue
      * The implementation of this object can use the createRequest member function to create a new instance of an
      * IRequest, and use the setRequestStatus, setCreationTime and setModificationTime functions to set those values.
      * 
    
-     * 
+     *
      * @param id
      *            the id of the request to read.
      * @return
@@ -132,7 +132,7 @@ public abstract class ARequestQueue
      * 
    
      * This function is called when a new request immediately after creating a new request.
      * 
    
-     * 
+     *
      * @param request
      *            the request to add.
      * @exception EBaseException
@@ -147,7 +147,7 @@ public abstract class ARequestQueue
      * 
    
      * Currently there are no hints for what has changed, so the entire request should be updated.
      * 
    
-     * 
+     *
      * @param request
      * @exception EBaseException
      *                TODO: this is not implemented yet
@@ -164,7 +164,7 @@ public abstract class ARequestQueue
      * 
    
      * TODO: return IRequestList -or- just use listRequests as the basic engine.
      * 
    
-     * 
+     *
      * @return
      *         an Enumeration that generates RequestId objects.
      */
@@ -173,7 +173,7 @@ public abstract class ARequestQueue
     /**
      * protected access for setting the current state of a request.
      * 
    
-     * 
+     *
      * @param request
      *            The request to be modified.
      * @param status
@@ -188,7 +188,7 @@ public abstract class ARequestQueue
     /**
      * protected access for setting the modification time of a request.
      * 
    
-     * 
+     *
      * @param request
      *            The request to be modified.
      * @param date
@@ -203,7 +203,7 @@ public abstract class ARequestQueue
     /**
      * protected access for setting the creation time of a request.
      * 
    
-     * 
+     *
      * @param request
      *            The request to be modified.
      * @param date
@@ -218,7 +218,7 @@ public abstract class ARequestQueue
     /**
      * protected access for creating a new Request object
      * 
    
-     * 
+     *
      * @param id
      *            The identifier for the new request
      * @return
@@ -246,7 +246,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.newRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#newRequest
      */
     public IRequest newRequest(String requestType)
@@ -282,18 +282,18 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.cloneRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#cloneRequest
      */
     public IRequest cloneRequest(IRequest r)
             throws EBaseException {
-        // 1. check for valid state. (Are any invalid ?) 
+        // 1. check for valid state. (Are any invalid ?)
         RequestStatus rs = r.getRequestStatus();
 
         if (rs == RequestStatus.BEGIN)
             throw new EBaseException("Invalid Status");
 
-        // 2. create new request 
+        // 2. create new request
         String reqType = r.getRequestType();
         IRequest clone = newRequest(reqType);
 
@@ -313,7 +313,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.findRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#findRequest
      */
     public IRequest findRequest(RequestId id)
@@ -342,7 +342,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.processRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#processRequest
      */
     public final void processRequest(IRequest r)
@@ -373,7 +373,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.markRequestPending
      * 
    
-     * 
+     *
      * @see IRequestQueue#markRequestPending
      */
     public final void markRequestPending(IRequest r)
@@ -397,7 +397,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.cloneAndMarkPending
      * 
    
-     * 
+     *
      * @see IRequestQueue#cloneAndMarkPending
      */
     public IRequest cloneAndMarkPending(IRequest r)
@@ -411,7 +411,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.approveRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#approveRequest
      */
     public final void approveRequest(IRequest r)
@@ -455,7 +455,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.rejectRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#rejectRequest
      */
     public final void rejectRequest(IRequest r)
@@ -477,7 +477,7 @@ public abstract class ARequestQueue
     /**
      * Implments IRequestQueue.cancelRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#cancelRequest
      */
     public final void cancelRequest(IRequest r)
@@ -509,7 +509,7 @@ public abstract class ARequestQueue
      * Should be overridden by the specialized class if a more efficient method is available for implementing this
      * operation.
      * 
    
-     * 
+     *
      * @see IRequestQueue#listRequests
      */
     public IRequestList listRequests() {
@@ -522,7 +522,7 @@ public abstract class ARequestQueue
      * Should be overridden by the specialized class if a more efficient method is available for implementing this
      * operation.
      * 
    
-     * 
+     *
      * @see IRequestQueue#listRequestsByStatus
      */
     public IRequestList listRequestsByStatus(RequestStatus s) {
@@ -532,7 +532,7 @@ public abstract class ARequestQueue
     /**
      * Implements IRequestQueue.releaseRequest
      * 
    
-     * 
+     *
      * @see IRequestQueue#releaseRequest
      */
     public final void releaseRequest(IRequest request) {
@@ -733,7 +733,7 @@ public abstract class ARequestQueue
  } catch (InterruptedException e) {
  };
  }
- } 
+ }
 
  public synchronized void unlock(RequestId id) {
  mHashtable.remove(id);
@@ -742,7 +742,7 @@ public abstract class ARequestQueue
  }
 
  // instance variables
- Hashtable mHashtable = new Hashtable(); 
+ Hashtable mHashtable = new Hashtable();
  }
  */
 
@@ -859,7 +859,7 @@ class Request
      * This function used to check that the keys obeyed LDAP attribute name
      * syntax rules. Keys are being encoded now, so it is changed to just
      * filter out null and empty string keys.
-     * 
+     *
      * @param key The key to check
      * @return false if invalid
      */
diff --git a/base/common/src/com/netscape/cmscore/request/ARequestRecord.java b/base/common/src/com/netscape/cmscore/request/ARequestRecord.java
index e23d4007c..5f2aa50b2 100644
--- a/base/common/src/com/netscape/cmscore/request/ARequestRecord.java
+++ b/base/common/src/com/netscape/cmscore/request/ARequestRecord.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.request.RequestStatus;
  * The low level (attributes only) version of the database
  * record object. This exists so that RecordAttr methods can use
  * this type definition,
- * 
+ *
  * RequestRecord refers both to this class and to RecordAttr objects.
  */
 class ARequestRecord {
diff --git a/base/common/src/com/netscape/cmscore/request/CertRequestConstants.java b/base/common/src/com/netscape/cmscore/request/CertRequestConstants.java
index eab41fcd5..9b9391d44 100644
--- a/base/common/src/com/netscape/cmscore/request/CertRequestConstants.java
+++ b/base/common/src/com/netscape/cmscore/request/CertRequestConstants.java
@@ -23,8 +23,8 @@ package com.netscape.cmscore.request;
  * as needed.
  */
 public class CertRequestConstants {
-    // request types - these have string values. 
-    // made to match policy constants. 
+    // request types - these have string values.
+    // made to match policy constants.
     public final static String GETCRL_REQUEST = "getCRL";
     public final static String GETCACHAIN_REQUEST = "getCAChain";
     public final static String GETREVOCATIONINFO_REQUEST = "getRevocationInfo";
@@ -50,7 +50,7 @@ public class CertRequestConstants {
     // this has a CRLExtensions value.
     public final static String CRLEXTS = "CRLExts";
 
-    // this has a String value - it is either null or set. 
+    // this has a String value - it is either null or set.
     public final static String DOGETCACHAIN = "doGetCAChain";
 
     // this has a CertificateChain value.
@@ -63,7 +63,7 @@ public class CertRequestConstants {
     public final static String CERTIFICATE = "certificate";
 
     // this is an array of EBaseException for service errors when
-    // there's an error processing an array of something such as 
+    // there's an error processing an array of something such as
     // certs to renew, certs to revoke, etc.
     public final static String SVCERRORS = "serviceErrors";
 
diff --git a/base/common/src/com/netscape/cmscore/request/RequestAttr.java b/base/common/src/com/netscape/cmscore/request/RequestAttr.java
index 25734c91e..a48fca1d2 100644
--- a/base/common/src/com/netscape/cmscore/request/RequestAttr.java
+++ b/base/common/src/com/netscape/cmscore/request/RequestAttr.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.request.ldap.IRequestMod;
 abstract class RequestAttr {
 
     /**
-     * 
+     *
      */
 
     abstract void set(ARequestRecord r, Object o);
diff --git a/base/common/src/com/netscape/cmscore/request/RequestQueue.java b/base/common/src/com/netscape/cmscore/request/RequestQueue.java
index ef13d3c29..95335724a 100644
--- a/base/common/src/com/netscape/cmscore/request/RequestQueue.java
+++ b/base/common/src/com/netscape/cmscore/request/RequestQueue.java
@@ -306,7 +306,7 @@ public class RequestQueue
     /**
      * Implements IRequestQueue.findRequestBySourceId
      * 
    
-     * 
+     *
      * @see com.netscape.certsrv.request.IRequestQueue#findRequestBySourceId
      */
     public RequestId findRequestBySourceId(String id) {
@@ -321,7 +321,7 @@ public class RequestQueue
     /**
      * Implements IRequestQueue.findRequestsBySourceId
      * 
    
-     * 
+     *
      * @see com.netscape.certsrv.request.IRequestQueue#findRequestsBySourceId
      */
     public IRequestList findRequestsBySourceId(String id) {
@@ -406,7 +406,7 @@ public class RequestQueue
         return new SearchEnumeration(this, results);
     }
 
-    /** 
+    /**
      */
     public IRequestList listRequestsByFilter(String f, int maxSize) {
         IDBSearchResults results = null;
@@ -476,7 +476,7 @@ public class RequestQueue
             dbs = mDB.createSession();
             results = dbs.search(mBaseDN, f1);
         } catch (EBaseException e) {
-            //System.err.println("Error: "+e); 
+            //System.err.println("Error: "+e);
             //e.printStackTrace();
         } finally {
             // Close session - ignoring errors (UTIL)
@@ -595,7 +595,7 @@ public class RequestQueue
     }
 
     /*
-     * return request repository 
+     * return request repository
      */
     public IRepository getRequestRepository() {
         return (IRepository) mRepository;
diff --git a/base/common/src/com/netscape/cmscore/request/RequestRecord.java b/base/common/src/com/netscape/cmscore/request/RequestRecord.java
index 1d066f0ad..3381727e4 100644
--- a/base/common/src/com/netscape/cmscore/request/RequestRecord.java
+++ b/base/common/src/com/netscape/cmscore/request/RequestRecord.java
@@ -267,7 +267,7 @@ public class RequestRecord
      * This table contains attribute handlers for attributes
      * of the request.  These attributes are ones that are stored
      * apart from the generic name/value pairs supported by the get/set
-     * interface plus the hashtable for the name/value pairs themselves. 
+     * interface plus the hashtable for the name/value pairs themselves.
      *
      * NOTE: Eventually, all attributes should be done here.  Currently
      *   only the last ones added are implemented this way.
@@ -430,10 +430,10 @@ class RequestIdMapper
 
 /**
  * A mapper between an request attr set and its LDAP attribute representation.
- * 
+ *
  * The attr attribute is no longer used. This class is kept for historical
  * and migration purposes.
- * 
+ *
  * @author thayes
  * @version $Revision$ $Date$
  * @deprecated
@@ -557,7 +557,7 @@ class RequestAttrsMapper
     /**
      * Implements IDBAttrMapper.mapLDAPAttributeSetToObject
      * 
    
-     * 
+     *
      * @see IDBAttrMapper#mapLDAPAttributeSetToObject
      */
     public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs,
@@ -567,7 +567,7 @@ class RequestAttrsMapper
 
         //
         // Data is stored in a (single valued) binary attribute
-        // 
+        //
         byte[] value;
 
         LDAPAttribute attr = null;
@@ -609,14 +609,14 @@ class RequestAttrsMapper
 /**
  * Maps dynamic data for the extData- prefix to and from the extData Hashtable
  * in RequestRecord.
- * 
+ *
  * The data in RequestRecord is stored in a Hashtable. It comes in two forms:
  * 1. String key1 => String value1
  * String key2 => String value2
  * This is stored in LDAP as:
  * extData-key1 => value1
  * extData-key2 => value2
- * 
+ *
  * 2. String key => Hashtable value
  * where value stores:
  * String key2 => String value2
@@ -624,10 +624,10 @@ class RequestAttrsMapper
  * This is stored in LDAP as:
  * extData-key;key2 => value2
  * extData-key;key3 => value3
- * 
+ *
  * These can be mixed, but each top-level key can only be associated with
  * a String value or a Hashtable value.
- * 
+ *
  */
 class ExtAttrDynMapper implements IDBDynAttrMapper {
 
@@ -644,10 +644,10 @@ class ExtAttrDynMapper implements IDBDynAttrMapper {
      * Decodes extdata encoded keys.
      * -- followed by a 4 digit hexadecimal string is decoded to the character
      * representing the hex string.
-     * 
+     *
      * The routine is written to be highly efficient. It only allocates
      * the StringBuffer if needed and copies the pieces in large chunks.
-     * 
+     *
      * @param key The key to decode
      * @return The decoded key.
      */
@@ -693,7 +693,7 @@ class ExtAttrDynMapper implements IDBDynAttrMapper {
 
     /**
      * Encoded extdata keys for storage in LDAP.
-     * 
+     *
      * The rules for encoding are trickier than decoding. We want to allow
      * '-' by itself to be stored in the database (for the common case of keys
      * like 'Foo-Bar'. Therefore we are using '--' as the encoding character.
@@ -706,11 +706,11 @@ class ExtAttrDynMapper implements IDBDynAttrMapper {
      * 4) If [-] is preceded or followed by [^a-zA-Z0-9] then
      * the - as well as all following [^a-zA-Z0-9] characters are encoded
      * as --XXXX.
-     * 
+     *
      * This routine tries to be as efficient as possible with StringBuffer and
      * large copies. However, the encoding unfortunately requires several
      * objects to be allocated.
-     * 
+     *
      * @param key The key to encode
      * @return The encoded key
      */
diff --git a/base/common/src/com/netscape/cmscore/request/RequestRepository.java b/base/common/src/com/netscape/cmscore/request/RequestRepository.java
index 0a4a4ebf9..ed18c7048 100644
--- a/base/common/src/com/netscape/cmscore/request/RequestRepository.java
+++ b/base/common/src/com/netscape/cmscore/request/RequestRepository.java
@@ -36,7 +36,7 @@ import com.netscape.cmscore.dbs.RepositoryRecord;
  * TODO: what does this class provide beyond the Repository
  * base class??
  * 
    
- * 
+ *
  * @author thayes
  * @version $Revision$ $Date$
  */
@@ -49,7 +49,7 @@ class RequestRepository
     /**
      * Create a request repository that uses the LDAP database
      * 
    
-     * 
+     *
      * @param name
      *            the name of the repository. This String is used to
      *            construct the DN for the repository's LDAP entry.
@@ -88,7 +88,7 @@ class RequestRepository
      * value can be used by the request queue to create the
      * name for the request records themselves.
      * 
    
-     * 
+     *
      * @return
      *         the LDAP base DN.
      */
diff --git a/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java b/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java
index 862ddaa68..69c0d0ce9 100644
--- a/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java
@@ -39,7 +39,7 @@ import com.netscape.cmscore.dbs.DBSubsystem;
  * TODO: review this It provides: + registration of LDAP/JAVA mapping classes with the DBSubsystem + creation of
  * RequestQueue storage in the database + retrieval of existing RequestQueue objects from the database
  * 
    
- * 
+ *
  * @author thayes
  * @version $Revision$, $Date$
  */
@@ -91,7 +91,7 @@ public class RequestSubsystem
         RequestQueue rq = new RequestQueue(name, increment, p, s, n, pendingNotifier);
 
         // can't do this here because the service depends on getting rq
-        // (to get request) and since this method hasn't returned it's rq is null. 
+        // (to get request) and since this method hasn't returned it's rq is null.
         //rq.recover();
 
         return rq;
@@ -105,7 +105,7 @@ public class RequestSubsystem
     /**
      * Implements ISubsystem.getId
      * 
    
-     * 
+     *
      * @see ISubsystem#getId
      */
     public String getId() {
@@ -127,7 +127,7 @@ public class RequestSubsystem
     /**
      * Implements ISubsystem.startup
      * 
    
-     * 
+     *
      * @see ISubsystem#startup
      */
     public void startup()
diff --git a/base/common/src/com/netscape/cmscore/security/CASigningCert.java b/base/common/src/com/netscape/cmscore/security/CASigningCert.java
index bba12561f..335bd9f37 100644
--- a/base/common/src/com/netscape/cmscore/security/CASigningCert.java
+++ b/base/common/src/com/netscape/cmscore/security/CASigningCert.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * CA signing certificate.
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/security/CertificateInfo.java b/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
index fc7fb9087..914803223 100644
--- a/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
+++ b/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
@@ -62,7 +62,7 @@ import com.netscape.certsrv.security.KeyCertData;
 /**
  * This base class provides methods to import CA signing cert or get certificate
  * request.
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
@@ -103,7 +103,7 @@ public abstract class CertificateInfo {
          String period = (String)mProperties.get(Constants.PR_VALIDITY_PERIOD);
          Date notBeforeDate = CMS.getCurrentDate();
          Date notAfterDate = new Date(notBeforeDate.getYear(),
-         notBeforeDate.getMonth(), 
+         notBeforeDate.getMonth(),
          notBeforeDate.getDate()+Integer.parseInt(period));
          return new CertificateValidity(notBeforeDate, notAfterDate);
          */
diff --git a/base/common/src/com/netscape/cmscore/security/KRATransportCert.java b/base/common/src/com/netscape/cmscore/security/KRATransportCert.java
index 79988e7d6..7f6632e09 100644
--- a/base/common/src/com/netscape/cmscore/security/KRATransportCert.java
+++ b/base/common/src/com/netscape/cmscore/security/KRATransportCert.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * KRA transport certificate
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
@@ -86,7 +86,7 @@ public class KRATransportCert extends CertificateInfo {
      return sAlg;
      }
      String alg = (String)mProperties.get(Constants.PR_KEY_TYPE);
-     
+
      if (alg.equals("RSA"))
      return SignatureAlgorithm.RSASignatureWithMD5Digest;
      else
diff --git a/base/common/src/com/netscape/cmscore/security/OCSPSigningCert.java b/base/common/src/com/netscape/cmscore/security/OCSPSigningCert.java
index 762db5e90..16ca08b80 100644
--- a/base/common/src/com/netscape/cmscore/security/OCSPSigningCert.java
+++ b/base/common/src/com/netscape/cmscore/security/OCSPSigningCert.java
@@ -35,7 +35,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * OCSP signing certificate.
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/security/PWCBsdr.java b/base/common/src/com/netscape/cmscore/security/PWCBsdr.java
index 32a0e90ed..4017a7869 100644
--- a/base/common/src/com/netscape/cmscore/security/PWCBsdr.java
+++ b/base/common/src/com/netscape/cmscore/security/PWCBsdr.java
@@ -29,7 +29,7 @@ import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.logging.ILogger;
 import com.netscape.cmscore.base.JDialogPasswordCallback;
 
-/* 
+/*
  * A class to retrieve passwords from the SDR password cache
  *
  * @author Christina Fu
@@ -91,7 +91,7 @@ public class PWCBsdr implements PasswordCallback {
         //                   + mprompt );
     }
 
-    /* We are now assuming that PasswordCallbackInfo.getname() returns 
+    /* We are now assuming that PasswordCallbackInfo.getname() returns
      * the tag we are hoping to match in the cache.
      */
 
@@ -167,7 +167,7 @@ public class PWCBsdr implements PasswordCallback {
 
     /* The password cache has failed to return a password (or a usable password.
      * Now we will try and get the password from the user and hopefully add
-     * the password to the cache pw cache 
+     * the password to the cache pw cache
      */
     public Password getPasswordAgain(PasswordCallbackInfo info)
             throws PasswordCallback.GiveUpException {
diff --git a/base/common/src/com/netscape/cmscore/security/PWsdrCache.java b/base/common/src/com/netscape/cmscore/security/PWsdrCache.java
index 6c834d0e0..ef9b4b823 100644
--- a/base/common/src/com/netscape/cmscore/security/PWsdrCache.java
+++ b/base/common/src/com/netscape/cmscore/security/PWsdrCache.java
@@ -44,7 +44,7 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.logging.ILogger;
 import com.netscape.cmsutil.util.Utils;
 
-/* 
+/*
  * A class for managing passwords in the SDR password cache
  *
  * @author Christina Fu
diff --git a/base/common/src/com/netscape/cmscore/security/RASigningCert.java b/base/common/src/com/netscape/cmscore/security/RASigningCert.java
index 581fc8866..ac47055b6 100644
--- a/base/common/src/com/netscape/cmscore/security/RASigningCert.java
+++ b/base/common/src/com/netscape/cmscore/security/RASigningCert.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * RA signing certificate
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
@@ -92,7 +92,7 @@ public class RASigningCert extends CertificateInfo {
      return sAlg;
      }
      String alg = (String)mProperties.get(Constants.PR_KEY_TYPE);
-     
+
      if (alg.equals("RSA"))
      return SignatureAlgorithm.RSASignatureWithMD5Digest;
      else
diff --git a/base/common/src/com/netscape/cmscore/security/SSLCert.java b/base/common/src/com/netscape/cmscore/security/SSLCert.java
index b54f24dc7..b4fea7f89 100644
--- a/base/common/src/com/netscape/cmscore/security/SSLCert.java
+++ b/base/common/src/com/netscape/cmscore/security/SSLCert.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * SSL server certificate
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
@@ -101,7 +101,7 @@ public class SSLCert extends CertificateInfo {
      return sAlg;
      }
      String alg = (String)mProperties.get(Constants.PR_KEY_TYPE);
-     
+
      if (alg.equals("RSA"))
      return SignatureAlgorithm.RSASignatureWithMD5Digest;
      else
diff --git a/base/common/src/com/netscape/cmscore/security/SSLSelfSignedCert.java b/base/common/src/com/netscape/cmscore/security/SSLSelfSignedCert.java
index 1d70e7a1d..8d8e7dfcc 100644
--- a/base/common/src/com/netscape/cmscore/security/SSLSelfSignedCert.java
+++ b/base/common/src/com/netscape/cmscore/security/SSLSelfSignedCert.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * SSL server certificate
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
@@ -93,7 +93,7 @@ public class SSLSelfSignedCert extends CertificateInfo {
      return sAlg;
      }
      String alg = (String)mProperties.get(Constants.PR_KEY_TYPE);
-     
+
      if (alg.equals("RSA"))
      return SignatureAlgorithm.RSASignatureWithMD5Digest;
      else
diff --git a/base/common/src/com/netscape/cmscore/security/SubsystemCert.java b/base/common/src/com/netscape/cmscore/security/SubsystemCert.java
index aede5e4d9..d0ce74490 100644
--- a/base/common/src/com/netscape/cmscore/security/SubsystemCert.java
+++ b/base/common/src/com/netscape/cmscore/security/SubsystemCert.java
@@ -30,7 +30,7 @@ import com.netscape.certsrv.security.KeyCertData;
 
 /**
  * Subsystem certificate.
- * 
+ *
  * @author Christine Ho
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/selftests/SelfTestOrderedInstance.java b/base/common/src/com/netscape/cmscore/selftests/SelfTestOrderedInstance.java
index 2146b290d..62bf09063 100644
--- a/base/common/src/com/netscape/cmscore/selftests/SelfTestOrderedInstance.java
+++ b/base/common/src/com/netscape/cmscore/selftests/SelfTestOrderedInstance.java
@@ -34,7 +34,7 @@ import java.util.StringTokenizer;
  * This class implements a single element in
  * an ordered list of self test instances.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -63,7 +63,7 @@ public class SelfTestOrderedInstance {
      * A "listElement" contains a string of the form "[instanceName]" or
      * "[instanceName]:critical".
      * 
    
-     * 
+     *
      * @param listElement a string containing the "instanceName" and
      *            information indictating whether or not the instance is "critical"
      */
@@ -106,7 +106,7 @@ public class SelfTestOrderedInstance {
     /**
      * Returns the name associated with this self test; may be null.
      * 
    
-     * 
+     *
      * @return instanceName of this self test
      */
     public String getSelfTestName() {
@@ -116,7 +116,7 @@ public class SelfTestOrderedInstance {
     /**
      * Returns the criticality associated with this self test.
      * 
    
-     * 
+     *
      * @return true if failure of this self test is fatal when
      *         it is executed; otherwise return false
      */
@@ -127,7 +127,7 @@ public class SelfTestOrderedInstance {
     /**
      * Sets/resets the criticality associated with this self test.
      * 
    
-     * 
+     *
      * @param criticalMode the criticality of this self test
      */
     public void setSelfTestCriticalMode(boolean criticalMode) {
diff --git a/base/common/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java b/base/common/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java
index 6fac3d9d7..5d56e7a85 100644
--- a/base/common/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java
@@ -55,7 +55,7 @@ import com.netscape.certsrv.selftests.ISelfTestSubsystem;
 /**
  * This class implements a container for self tests.
  * 
    
- * 
+ *
  * @author mharmsen
  * @author thomask
  * @version $Revision$, $Date$
@@ -108,10 +108,10 @@ public class SelfTestSubsystem
 
     /**
      * Signed Audit Log
-     * 
+     *
      * This helper method is called to store messages to the signed audit log.
      * 
    
-     * 
+     *
      * @param msg signed audit log message
      */
     private void audit(String msg) {
@@ -134,7 +134,7 @@ public class SelfTestSubsystem
      * substore name prepended in front of the plugin/parameter name). This
      * method may return null.
      * 
    
-     * 
+     *
      * @param instancePrefix full name of configuration store
      * @param instanceName instance name of self test
      * @return fullname of this self test plugin
@@ -171,7 +171,7 @@ public class SelfTestSubsystem
      * This helper method checks to see if an instance name/value
      * pair exists for the corresponding ordered list element.
      * 
    
-     * 
+     *
      * @param element owner of this subsystem
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name/value
@@ -250,7 +250,7 @@ public class SelfTestSubsystem
      * List the instance names of all the self tests enabled to run on demand
      * (in execution order); may return null.
      * 
    
-     * 
+     *
      * @return list of self test instance names run on demand
      */
     public String[] listSelfTestsEnabledOnDemand() {
@@ -287,7 +287,7 @@ public class SelfTestSubsystem
     /**
      * Enable the specified self test to be executed on demand.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -349,7 +349,7 @@ public class SelfTestSubsystem
     /**
      * Disable the specified self test from being able to be executed on demand.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -397,7 +397,7 @@ public class SelfTestSubsystem
     /**
      * Determine if the specified self test is enabled to be executed on demand.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if the specified self test is enabled on demand
      * @exception EMissingSelfTestException subsystem has missing name
@@ -436,7 +436,7 @@ public class SelfTestSubsystem
      * Determine if failure of the specified self test is fatal when
      * it is executed on demand.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if failure of the specified self test is fatal when
      *         it is executed on demand
@@ -489,7 +489,7 @@ public class SelfTestSubsystem
     /**
      * Execute all self tests specified to be run on demand.
      * 
    
-     * 
+     *
      * @exception EMissingSelfTestException subsystem has missing name
      * @exception ESelfTestException self test exception
      */
@@ -575,7 +575,7 @@ public class SelfTestSubsystem
      * List the instance names of all the self tests enabled to run
      * at server startup (in execution order); may return null.
      * 
    
-     * 
+     *
      * @return list of self test instance names run at server startup
      */
     public String[] listSelfTestsEnabledAtStartup() {
@@ -612,7 +612,7 @@ public class SelfTestSubsystem
     /**
      * Enable the specified self test at server startup.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -674,7 +674,7 @@ public class SelfTestSubsystem
     /**
      * Disable the specified self test at server startup.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -723,7 +723,7 @@ public class SelfTestSubsystem
      * Determine if the specified self test is executed automatically
      * at server startup.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if the specified self test is executed at server startup
      * @exception EMissingSelfTestException subsystem has missing name
@@ -762,7 +762,7 @@ public class SelfTestSubsystem
      * Determine if failure of the specified self test is fatal to
      * server startup.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @return true if failure of the specified self test is fatal to
      *         server startup
@@ -815,11 +815,11 @@ public class SelfTestSubsystem
     /**
      * Execute all self tests specified to be run at server startup.
      * 
    
-     * 
+     *
      * 
      
      * 
    • signed.audit LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION used when self tests are run at server startup
      * 
    
-     * 
+     *
      * @exception EMissingSelfTestException subsystem has missing name
      * @exception ESelfTestException self test exception
      */
@@ -957,7 +957,7 @@ public class SelfTestSubsystem
      * Retrieve an individual self test from the instances list
      * given its instance name. This method may return null.
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @return individual self test
      */
@@ -992,7 +992,7 @@ public class SelfTestSubsystem
      * Returns the ILogEventListener of this subsystem.
      * This method may return null.
      * 
    
-     * 
+     *
      * @return ILogEventListener of this subsystem
      */
     public ILogEventListener getSelfTestLogger() {
@@ -1002,7 +1002,7 @@ public class SelfTestSubsystem
     /**
      * This method represents the log interface for the self test subsystem.
      * 
    
-     * 
+     *
      * @param logger log event listener
      * @param msg self test log message
      */
@@ -1041,7 +1041,7 @@ public class SelfTestSubsystem
      * on the "on demand" list (note that the specified self test
      * will be appended to the end of each list).
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -1094,7 +1094,7 @@ public class SelfTestSubsystem
      * on the "on demand" list (note that the specified self test
      * will be removed from each list).
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -1141,7 +1141,7 @@ public class SelfTestSubsystem
      * on the "startup" list (note that the specified self test
      * will be appended to the end of each list).
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @param isCritical isCritical is either a critical failure (true) or
      *            a non-critical failure (false)
@@ -1194,7 +1194,7 @@ public class SelfTestSubsystem
      * on the "startup" list (note that the specified self test
      * will be removed from each list).
      * 
    
-     * 
+     *
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
@@ -1244,7 +1244,7 @@ public class SelfTestSubsystem
      * This method retrieves the name of this subsystem. This method
      * may return null.
      * 
    
-     * 
+     *
      * @return identification of this subsystem
      */
     public String getId() {
@@ -1254,7 +1254,7 @@ public class SelfTestSubsystem
     /**
      * This method sets information specific to this subsystem.
      * 
    
-     * 
+     *
      * @param id identification of this subsystem
      * @exception EBaseException base CMS exception
      */
@@ -1278,7 +1278,7 @@ public class SelfTestSubsystem
     /**
      * This method initializes this subsystem.
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      * @exception EBaseException base CMS exception
@@ -1825,7 +1825,7 @@ public class SelfTestSubsystem
     /**
      * Notifies this subsystem if owner is in running mode.
      * 
    
-     * 
+     *
      * @exception EBaseException base CMS exception
      */
     public void startup()
@@ -1891,7 +1891,7 @@ public class SelfTestSubsystem
      * Returns the root configuration storage of this subsystem.
      * This method may return null.
      * 
    
-     * 
+     *
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore() {
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java b/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java
index 8f4cd8841..673146695 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.usrgrp.IUser;
  * the incoming certificate(s) with the certificate(s)
  * in the scope. It matches the "certdn" field which contains
  * the subject dn of the certificate
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java b/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java
index 871a38435..d9a39afb8 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java
@@ -34,7 +34,7 @@ import com.netscape.certsrv.usrgrp.IUser;
  * the incoming certificate(s) with the certificate(s)
  * in the scope. It matches the "description" field which contains a
  * stringied certificate.
- * 
+ *
  * @author thomask
  * @author cfu
  * @version $Revision$, $Date$
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/Group.java b/base/common/src/com/netscape/cmscore/usrgrp/Group.java
index eee2afb43..336e7b029 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/Group.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/Group.java
@@ -27,7 +27,7 @@ import com.netscape.certsrv.usrgrp.IUsrGrp;
 
 /**
  * A class represents a group.
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index a4c4d6854..cd46bcae3 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -56,7 +56,7 @@ import com.netscape.cmscore.util.Debug;
  * This class defines low-level LDAP usr/grp management
  * usr/grp information is located remotely on another
  * LDAP server.
- * 
+ *
  * @author thomask
  * @author cfu
  * @version $Revision$, $Date$
@@ -417,7 +417,7 @@ public final class UGSubsystem implements IUGSubsystem {
     /**
      * builds a User instance. Sets only uid for user entry retrieved
      * from LDAP server. for listing efficiency only.
-     * 
+     *
      * @return the User entity.
      */
     protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException {
@@ -474,7 +474,7 @@ public final class UGSubsystem implements IUGSubsystem {
     /**
      * builds a User instance. Set all attributes retrieved from
      * LDAP server and set them on User.
-     * 
+     *
      * @return the User entity.
      */
     protected IUser buildUser(LDAPEntry entry) throws EUsrGrpException {
@@ -1071,7 +1071,7 @@ public final class UGSubsystem implements IUGSubsystem {
              * attrCertStr.addValue(getCertificateString(certs[i]));
              * }
              * attrs.add(attrCertStr);
-             * 
+             *
              * if (user.getCertOp() == OpDef.ADD) {
              * attrs.add(LDAPModification.ADD, attrCertBin);
              * } else if (user.getCertOp() == OpDef.DELETE) {
@@ -1407,7 +1407,7 @@ public final class UGSubsystem implements IUGSubsystem {
             }
             Debug.trace("authorization exception: " + errMsg);
             // too chatty in system log
-            // log(ILogger.LL_FAILURE, errMsg); 
+            // log(ILogger.LL_FAILURE, errMsg);
         } catch (ELdapException e) {
             String errMsg =
                     "isMemberOfLdapGroup: Could not get connection to internaldb. Error " + e;
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/User.java b/base/common/src/com/netscape/cmscore/usrgrp/User.java
index 89ea3e589..77f9bade4 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/User.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/User.java
@@ -28,7 +28,7 @@ import com.netscape.certsrv.usrgrp.IUsrGrp;
 
 /**
  * A class represents a user.
- * 
+ *
  * @author cfu
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/util/Debug.java b/base/common/src/com/netscape/cmscore/util/Debug.java
index 8c41d5bb5..bd10a493c 100644
--- a/base/common/src/com/netscape/cmscore/util/Debug.java
+++ b/base/common/src/com/netscape/cmscore/util/Debug.java
@@ -62,7 +62,7 @@ public class Debug
     //  if (Debug.ON) {
     //     System.out.println("..");
     //	}
-    // I want to make sure that any Debug.trace() is not logged to 
+    // I want to make sure that any Debug.trace() is not logged to
     // System.out if the server is running under watchdog
 
     private static boolean TRACE_ON = false;
@@ -89,13 +89,13 @@ public class Debug
      * if the argument to Debug.trace() is an object whose toString() is
      * expensive, that this toString() will still be called in any case.
      * In such a case, it is wise to wrap the Debug.trace like this:
-     * 
+     *
      * 
          * if (Debug.on()) {
      *     Debug.trace("obj is: " + obj);
      * }
      * 
    
-     * 
+     *
      * @param level the message level. If this is >= than the currently set
      *            level (set with setLevel() ), the message is printed
      * @param t the message to print
@@ -259,13 +259,13 @@ public class Debug
 
     /**
      * Set the current debugging level. You can use:
-     * 
+     *
      * 
          * OBNOXIOUS = 10
      * VERBOSE   = 5
      * INFORM    = 1
      * 
    
-     * 
+     *
      * Or another value
      */
 
@@ -307,7 +307,7 @@ public class Debug
     /**
      * Debug subsystem initialization. This subsystem is usually
      * given the following parameters:
-     * 
+     *
      * 
          * debug.enabled   : (true|false) default false
      * debug.filename  : can be a pathname, or STDOUT
@@ -362,7 +362,7 @@ public class Debug
             setLevel(level);
         } catch (Exception e) {
             // Don't do anything. Logging is not set up yet, and
-            // we can't write to STDOUT. 
+            // we can't write to STDOUT.
         }
     }
 
diff --git a/base/common/src/com/netscape/cmscore/util/FileDialogFilter.java b/base/common/src/com/netscape/cmscore/util/FileDialogFilter.java
index eb1d1097a..c62d7b8b5 100644
--- a/base/common/src/com/netscape/cmscore/util/FileDialogFilter.java
+++ b/base/common/src/com/netscape/cmscore/util/FileDialogFilter.java
@@ -28,7 +28,7 @@ import java.io.FilenameFilter;
  * 
    
  * Copied verbatium from sun.awt.tiny.TinyFileDialogPeer. Used by RollingLogFile expiration code
  * 
    
- * 
+ *
  * @author mikep
  * @version $Revision$, $Date$
  */
diff --git a/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java b/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java
index 222964261..c4d870e39 100644
--- a/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java
@@ -33,7 +33,7 @@ import com.netscape.certsrv.util.StatsEvent;
  * can be loaded into cert server kernel to perform
  * statistics collection.
  * 
    
- * 
+ *
  * @author thomask
  * @version $Revision$, $Date$
  */
@@ -72,7 +72,7 @@ public class StatsSubsystem implements IStatsSubsystem {
      * Note that individual subsystem should be initialized in a separated thread if it has dependency on the
      * initialization of other subsystems.
      * 
    
-     * 
+     *
      * @param owner owner of this subsystem
      * @param config configuration store
      */
diff --git a/base/common/src/com/netscape/cmscore/util/UtilMessage.java b/base/common/src/com/netscape/cmscore/util/UtilMessage.java
index 8002cfe1f..ce2132dc4 100644
--- a/base/common/src/com/netscape/cmscore/util/UtilMessage.java
+++ b/base/common/src/com/netscape/cmscore/util/UtilMessage.java
@@ -24,7 +24,7 @@ import com.netscape.certsrv.base.MessageFormatter;
 /**
  * This object is used to easily create I18N messages for utility
  * classes and standalone programs.
- * 
+ *
  * @author mikep
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.base.MessageFormatter
@@ -44,7 +44,7 @@ public class UtilMessage {
     /**
      * Constructs a message event
      * 
    
-     * 
+     *
      * @param msgFormat the message string
      */
     public UtilMessage(String msgFormat) {
@@ -54,12 +54,12 @@ public class UtilMessage {
 
     /**
      * Constructs a message with a parameter. For example,
-     * 
+     *
      * 
          * new UtilMessage("failed to load {0}", fileName);
      * 
    
      * 
    
-     * 
+     *
      * @param msgFormat details in message string format
      * @param param message string parameter
      */
@@ -73,7 +73,7 @@ public class UtilMessage {
      * Constructs a message from an exception. It can be used to carry
      * a system exception that may contain information about
      * the context. For example,
-     * 
+     *
      * 
          * 		try {
      *  		...
@@ -82,7 +82,7 @@ public class UtilMessage {
      *      }
      * 
    
      * 
    
-     * 
+     *
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -95,7 +95,7 @@ public class UtilMessage {
     /**
      * Constructs a message from a base exception. This will use the msgFormat
      * from the exception itself.
-     * 
+     *
      * 
          * 		try {
      *  		...
@@ -104,7 +104,7 @@ public class UtilMessage {
      *      }
      * 
    
      * 
    
-     * 
+     *
      * @param exception CMS exception
      */
     public UtilMessage(Exception e) {
@@ -117,7 +117,7 @@ public class UtilMessage {
      * Constructs a message event with a list of parameters
      * that will be substituted into the message format.
      * 
    
-     * 
+     *
      * @param msgFormat message string format
      * @param params list of message format parameters
      */
@@ -129,7 +129,7 @@ public class UtilMessage {
     /**
      * Returns the current message format string.
      * 
    
-     * 
+     *
      * @return details message
      */
     public String getMessage() {
@@ -139,7 +139,7 @@ public class UtilMessage {
     /**
      * Returns a list of parameters.
      * 
    
-     * 
+     *
      * @return list of message format parameters
      */
     public Object[] getParameters() {
@@ -150,7 +150,7 @@ public class UtilMessage {
      * Returns localized message string. This method should
      * only be called if a localized string is necessary.
      * 
    
-     * 
+     *
      * @return details message
      */
     public String toString() {
@@ -160,7 +160,7 @@ public class UtilMessage {
     /**
      * Returns the string based on the given locale.
      * 
    
-     * 
+     *
      * @param locale locale
      * @return details message
      */
diff --git a/base/common/src/com/netscape/cmscore/util/UtilResources.java b/base/common/src/com/netscape/cmscore/util/UtilResources.java
index 6955dda50..9ea7648f5 100644
--- a/base/common/src/com/netscape/cmscore/util/UtilResources.java
+++ b/base/common/src/com/netscape/cmscore/util/UtilResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for miscellanous utilities
  * 
    
- * 
+ *
  * @author mikep
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
diff --git a/base/common/test/com/netscape/certsrv/authentication/AuthTokenTest.java b/base/common/test/com/netscape/certsrv/authentication/AuthTokenTest.java
index c60e93d99..fab809bad 100644
--- a/base/common/test/com/netscape/certsrv/authentication/AuthTokenTest.java
+++ b/base/common/test/com/netscape/certsrv/authentication/AuthTokenTest.java
@@ -244,7 +244,7 @@ public class AuthTokenTest extends CMSBaseTestCase {
 
     /**
      * CMSMemoryStub
-     * 
+     *
      * This class is used to help test methods that rely on setting and then
      * getting a value out. It assumes BtoA is always called first, stores
      * the value passed in, and then returns that value for BtoA.
diff --git a/base/common/test/com/netscape/cmscore/dbs/DBVirtualListDefaultStub.java b/base/common/test/com/netscape/cmscore/dbs/DBVirtualListDefaultStub.java
index d674bd6a6..4f4c2ddbb 100644
--- a/base/common/test/com/netscape/cmscore/dbs/DBVirtualListDefaultStub.java
+++ b/base/common/test/com/netscape/cmscore/dbs/DBVirtualListDefaultStub.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.dbs.IElementProcessor;
  * This class helps test avoid the problem of test stubs having to
  * implement a new stub method every time the interface changes.
  * It also makes the tests clearer by not cluttered them with empty methods.
- * 
+ *
  * Do not put any behaviour in this class.
  */
 public class DBVirtualListDefaultStub implements IDBVirtualList {
diff --git a/base/common/test/com/netscape/cmscore/request/RequestTest.java b/base/common/test/com/netscape/cmscore/request/RequestTest.java
index 5832f6af5..32c244033 100644
--- a/base/common/test/com/netscape/cmscore/request/RequestTest.java
+++ b/base/common/test/com/netscape/cmscore/request/RequestTest.java
@@ -592,7 +592,7 @@ public class RequestTest extends CMSBaseTestCase {
 
     /**
      * CMSMemoryStub
-     * 
+     *
      * This class is used to help test methods that rely on setting and then
      * getting a value out. It assumes BtoA is always called first, stores
      * the value passed in, and then returns that value for BtoA.
-- 
cgit