From 32150d3ee32f8ac27118af7c792794b538c78a2f Mon Sep 17 00:00:00 2001
From: Ade Lee <alee@redhat.com>
Date: Wed, 7 Dec 2011 16:58:12 -0500
Subject: Formatting

Formatted project according to eclipse project settings
---
 .../common/src/com/netscape/certsrv/acls/ACL.java  |  67 +--
 .../src/com/netscape/certsrv/acls/ACLEntry.java    |  72 ++-
 .../com/netscape/certsrv/acls/ACLsResources.java   |   8 +-
 .../com/netscape/certsrv/acls/EACLsException.java  |  38 +-
 .../common/src/com/netscape/certsrv/acls/IACL.java |  23 +-
 .../src/com/netscape/certsrv/acls/IACLEntry.java   |   6 +-
 .../common/src/com/netscape/certsrv/apps/CMS.java  | 637 +++++++++++----------
 .../src/com/netscape/certsrv/apps/ICMSEngine.java  | 444 +++++++-------
 .../com/netscape/certsrv/apps/ICommandQueue.java   |  14 +-
 .../certsrv/authentication/AuthCredentials.java    |  38 +-
 .../certsrv/authentication/AuthManagerProxy.java   |  13 +-
 .../certsrv/authentication/AuthMgrPlugin.java      |  21 +-
 .../certsrv/authentication/AuthResources.java      |   3 +-
 .../netscape/certsrv/authentication/AuthToken.java |  59 +-
 .../certsrv/authentication/EAuthException.java     |   8 +-
 .../certsrv/authentication/EAuthInternalError.java |   5 +-
 .../certsrv/authentication/EAuthMgrNotFound.java   |   1 +
 .../authentication/EAuthMgrPluginNotFound.java     |   3 +-
 .../certsrv/authentication/EAuthUserError.java     |   1 +
 .../certsrv/authentication/ECompSyntaxErr.java     |   1 +
 .../certsrv/authentication/EFormSubjectDN.java     |   1 +
 .../authentication/EInvalidCredentials.java        |   1 +
 .../certsrv/authentication/EMissingCredential.java |   1 +
 .../certsrv/authentication/IAuthCredentials.java   |  10 +-
 .../certsrv/authentication/IAuthManager.java       |  33 +-
 .../certsrv/authentication/IAuthSubsystem.java     |  41 +-
 .../certsrv/authentication/IAuthToken.java         | 112 ++--
 .../authentication/ISSLClientCertProvider.java     |  15 +-
 .../certsrv/authentication/ISharedToken.java       |   5 +-
 .../com/netscape/certsrv/authority/IAuthority.java |   5 +-
 .../netscape/certsrv/authority/ICertAuthority.java |  28 +-
 .../certsrv/authorization/AuthzManagerProxy.java   |  11 +-
 .../certsrv/authorization/AuthzMgrPlugin.java      |  12 +-
 .../certsrv/authorization/AuthzResources.java      |   4 +-
 .../netscape/certsrv/authorization/AuthzToken.java |  69 ++-
 .../certsrv/authorization/EAuthzAccessDenied.java  |   3 +-
 .../certsrv/authorization/EAuthzException.java     |  12 +-
 .../certsrv/authorization/EAuthzInternalError.java |   1 +
 .../certsrv/authorization/EAuthzMgrNotFound.java   |   1 +
 .../authorization/EAuthzMgrPluginNotFound.java     |   1 +
 .../authorization/EAuthzUnknownOperation.java      |   4 +-
 .../authorization/EAuthzUnknownProtectedRes.java   |   4 +-
 .../certsrv/authorization/IAuthzManager.java       |  71 ++-
 .../certsrv/authorization/IAuthzSubsystem.java     |  33 +-
 .../src/com/netscape/certsrv/base/ASubsystem.java  |  16 +-
 .../netscape/certsrv/base/AttributeNameHelper.java |  20 +-
 .../com/netscape/certsrv/base/BaseResources.java   |  10 +-
 .../com/netscape/certsrv/base/EBaseException.java  |  45 +-
 .../netscape/certsrv/base/EPropertyNotDefined.java |  14 +-
 .../netscape/certsrv/base/EPropertyNotFound.java   |  14 +-
 .../netscape/certsrv/base/ExtendedPluginInfo.java  |  81 ++-
 .../src/com/netscape/certsrv/base/IArgBlock.java   | 102 ++--
 .../src/com/netscape/certsrv/base/IAttrSet.java    |  28 +-
 .../src/com/netscape/certsrv/base/IAuthInfo.java   |  12 +-
 .../com/netscape/certsrv/base/ICRLPrettyPrint.java |  15 +-
 .../netscape/certsrv/base/ICertPrettyPrint.java    |  11 +-
 .../com/netscape/certsrv/base/IConfigStore.java    | 143 +++--
 .../certsrv/base/IConfigStoreEventListener.java    |  16 +-
 .../com/netscape/certsrv/base/IExtPrettyPrint.java |  11 +-
 .../netscape/certsrv/base/IExtendedPluginInfo.java |  79 ++-
 .../src/com/netscape/certsrv/base/IPluginImpl.java |  36 +-
 .../netscape/certsrv/base/IPrettyPrintFormat.java  |  20 +-
 .../certsrv/base/ISecurityDomainSessionTable.java  |  15 +-
 .../netscape/certsrv/base/ISourceConfigStore.java  |  25 +-
 .../src/com/netscape/certsrv/base/ISubsystem.java  |  27 +-
 .../netscape/certsrv/base/ISubsystemSource.java    |   9 +-
 .../src/com/netscape/certsrv/base/ITimeSource.java |  14 +-
 .../src/com/netscape/certsrv/base/KeyGenInfo.java  |  87 +--
 .../netscape/certsrv/base/MessageFormatter.java    |  67 ++-
 .../netscape/certsrv/base/MetaAttributeDef.java    |  98 ++--
 .../src/com/netscape/certsrv/base/MetaInfo.java    |  27 +-
 .../src/com/netscape/certsrv/base/Nonces.java      |  26 +-
 .../netscape/certsrv/base/PasswordResources.java   |   5 +-
 .../src/com/netscape/certsrv/base/Plugin.java      |   9 +-
 .../com/netscape/certsrv/base/SessionContext.java  |  60 +-
 .../src/com/netscape/certsrv/ca/CAResources.java   |   7 +-
 .../src/com/netscape/certsrv/ca/ECAException.java  |  11 +-
 .../com/netscape/certsrv/ca/EErrorPublishCRL.java  |   6 +-
 .../src/com/netscape/certsrv/ca/ICAService.java    |  38 +-
 .../com/netscape/certsrv/ca/ICMSCRLExtension.java  |  34 +-
 .../com/netscape/certsrv/ca/ICMSCRLExtensions.java |  18 +-
 .../com/netscape/certsrv/ca/ICRLIssuingPoint.java  | 230 ++++----
 .../netscape/certsrv/ca/ICertificateAuthority.java | 187 +++---
 .../certsrv/cert/ICrossCertPairSubsystem.java      |  38 +-
 .../netscape/certsrv/client/IDataProcessor.java    |  12 +-
 .../certsrv/client/connection/IAuthenticator.java  |   3 +-
 .../certsrv/client/connection/IConnection.java     |   9 +-
 .../client/connection/IConnectionFactory.java      |  22 +-
 .../netscape/certsrv/common/ConfigConstants.java   |  46 +-
 .../src/com/netscape/certsrv/common/Constants.java | 321 ++++++-----
 .../src/com/netscape/certsrv/common/DestDef.java   |   8 +-
 .../com/netscape/certsrv/common/NameValuePair.java |  21 +-
 .../netscape/certsrv/common/NameValuePairs.java    |  52 +-
 .../src/com/netscape/certsrv/common/OpDef.java     |   8 +-
 .../src/com/netscape/certsrv/common/PrefixDef.java |  16 +-
 .../src/com/netscape/certsrv/common/ScopeDef.java  |  40 +-
 .../src/com/netscape/certsrv/common/TaskId.java    |  20 +-
 .../com/netscape/certsrv/connector/IConnector.java |  25 +-
 .../certsrv/connector/IHttpConnFactory.java        |  27 +-
 .../certsrv/connector/IHttpConnection.java         |  17 +-
 .../certsrv/connector/IHttpPKIMessage.java         |  13 +-
 .../netscape/certsrv/connector/IPKIMessage.java    |  31 +-
 .../certsrv/connector/IRemoteAuthority.java        |  14 +-
 .../certsrv/connector/IRequestEncoder.java         |  20 +-
 .../com/netscape/certsrv/connector/IResender.java  |  15 +-
 .../src/com/netscape/certsrv/dbs/DBResources.java  |   5 +-
 .../src/com/netscape/certsrv/dbs/EDBException.java |  14 +-
 .../netscape/certsrv/dbs/EDBNotAvailException.java |   5 +-
 .../certsrv/dbs/EDBRecordNotFoundException.java    |   5 +-
 .../com/netscape/certsrv/dbs/IDBAttrMapper.java    |  40 +-
 .../com/netscape/certsrv/dbs/IDBDynAttrMapper.java |  14 +-
 .../src/com/netscape/certsrv/dbs/IDBObj.java       |  19 +-
 .../src/com/netscape/certsrv/dbs/IDBRegistry.java  |  81 ++-
 .../src/com/netscape/certsrv/dbs/IDBSSession.java  | 108 ++--
 .../com/netscape/certsrv/dbs/IDBSearchResults.java |  15 +-
 .../src/com/netscape/certsrv/dbs/IDBSubsystem.java | 117 ++--
 .../com/netscape/certsrv/dbs/IDBVirtualList.java   |  89 ++-
 .../netscape/certsrv/dbs/IElementProcessor.java    |   6 +-
 .../com/netscape/certsrv/dbs/IFilterConverter.java |  14 +-
 .../src/com/netscape/certsrv/dbs/Modification.java |  19 +-
 .../com/netscape/certsrv/dbs/ModificationSet.java  |  12 +-
 .../netscape/certsrv/dbs/certdb/ICertRecord.java   |  70 ++-
 .../certsrv/dbs/certdb/ICertRecordList.java        |  32 +-
 .../certsrv/dbs/certdb/ICertificateRepository.java | 268 ++++-----
 .../certsrv/dbs/certdb/IRevocationInfo.java        |  14 +-
 .../certsrv/dbs/crldb/ICRLIssuingPointRecord.java  |  50 +-
 .../netscape/certsrv/dbs/crldb/ICRLRepository.java |  79 ++-
 .../com/netscape/certsrv/dbs/keydb/IKeyRecord.java |  44 +-
 .../netscape/certsrv/dbs/keydb/IKeyRecordList.java |  12 +-
 .../netscape/certsrv/dbs/keydb/IKeyRepository.java |  70 +--
 .../com/netscape/certsrv/dbs/keydb/KeyState.java   |  49 +-
 .../dbs/replicadb/IReplicaIDRepository.java        |   7 +-
 .../certsrv/dbs/repository/IRepository.java        |  34 +-
 .../certsrv/dbs/repository/IRepositoryRecord.java  |  24 +-
 .../certsrv/evaluators/IAccessEvaluator.java       |  46 +-
 .../certsrv/extensions/EExtensionsException.java   |   8 +-
 .../certsrv/extensions/ExtensionsResources.java    |   4 +-
 .../netscape/certsrv/extensions/ICMSExtension.java |  30 +-
 .../com/netscape/certsrv/jobs/EJobsException.java  |   4 +-
 .../common/src/com/netscape/certsrv/jobs/IJob.java |  30 +-
 .../src/com/netscape/certsrv/jobs/IJobCron.java    |  31 +-
 .../com/netscape/certsrv/jobs/IJobsScheduler.java  | 137 +++--
 .../src/com/netscape/certsrv/jobs/JobPlugin.java   |  20 +-
 .../com/netscape/certsrv/jobs/JobsResources.java   |  10 +-
 .../com/netscape/certsrv/kra/EKRAException.java    |  16 +-
 .../src/com/netscape/certsrv/kra/IJoinShares.java  |   9 +-
 .../certsrv/kra/IKeyRecoveryAuthority.java         | 131 ++---
 .../src/com/netscape/certsrv/kra/IKeyService.java  | 107 ++--
 .../com/netscape/certsrv/kra/IProofOfArchival.java |  13 +-
 .../src/com/netscape/certsrv/kra/IShare.java       |   7 +-
 .../src/com/netscape/certsrv/kra/KRAResources.java |   5 +-
 .../com/netscape/certsrv/kra/ProofOfArchival.java  | 135 +++--
 .../com/netscape/certsrv/ldap/ELdapException.java  |  35 +-
 .../certsrv/ldap/ELdapServerDownException.java     |   4 +-
 .../com/netscape/certsrv/ldap/ILdapAuthInfo.java   |  33 +-
 .../certsrv/ldap/ILdapBoundConnFactory.java        |  18 +-
 .../netscape/certsrv/ldap/ILdapConnFactory.java    |  53 +-
 .../com/netscape/certsrv/ldap/ILdapConnInfo.java   |  24 +-
 .../com/netscape/certsrv/ldap/ILdapConnModule.java |  41 +-
 .../com/netscape/certsrv/ldap/LdapResources.java   |   5 +-
 .../certsrv/listeners/EListenersException.java     |  18 +-
 .../certsrv/listeners/IRequestListenerPlugin.java  |  47 +-
 .../certsrv/listeners/ListenersResources.java      |  14 +-
 .../com/netscape/certsrv/logging/AuditEvent.java   | 123 ++--
 .../com/netscape/certsrv/logging/AuditFormat.java  |  72 +--
 .../com/netscape/certsrv/logging/ConsoleError.java |   9 +-
 .../com/netscape/certsrv/logging/ConsoleLog.java   |  66 ++-
 .../netscape/certsrv/logging/ELogException.java    |  48 +-
 .../com/netscape/certsrv/logging/ELogNotFound.java |   4 +-
 .../certsrv/logging/ELogPluginNotFound.java        |   5 +-
 .../netscape/certsrv/logging/IBundleLogEvent.java  |  20 +-
 .../com/netscape/certsrv/logging/ILogEvent.java    |  61 +-
 .../netscape/certsrv/logging/ILogEventFactory.java |  15 +-
 .../certsrv/logging/ILogEventListener.java         |  91 +--
 .../com/netscape/certsrv/logging/ILogQueue.java    |  25 +-
 .../netscape/certsrv/logging/ILogSubsystem.java    |  76 +--
 .../src/com/netscape/certsrv/logging/ILogger.java  | 257 +++++----
 .../com/netscape/certsrv/logging/LogPlugin.java    |   6 +-
 .../com/netscape/certsrv/logging/LogResources.java |  11 +-
 .../netscape/certsrv/logging/SignedAuditEvent.java | 124 ++--
 .../com/netscape/certsrv/logging/SystemEvent.java  | 121 ++--
 .../notification/ENotificationException.java       |   7 +-
 .../certsrv/notification/IEmailFormProcessor.java  |  27 +-
 .../certsrv/notification/IEmailResolver.java       |  17 +-
 .../certsrv/notification/IEmailResolverKeys.java   |  10 +-
 .../certsrv/notification/IEmailTemplate.java       |  11 +-
 .../certsrv/notification/IMailNotification.java    |  17 +-
 .../notification/NotificationResources.java        |  10 +-
 .../src/com/netscape/certsrv/ocsp/IDefStore.java   |  77 ++-
 .../com/netscape/certsrv/ocsp/IOCSPAuthority.java  |  68 ++-
 .../com/netscape/certsrv/ocsp/IOCSPService.java    |  46 +-
 .../src/com/netscape/certsrv/ocsp/IOCSPStore.java  |  40 +-
 .../certsrv/password/EPasswordCheckException.java  |  10 +-
 .../certsrv/password/IConfigPasswordCheck.java     |   7 +-
 .../netscape/certsrv/password/IPasswordCheck.java  |   7 +-
 .../certsrv/pattern/AttrSetCollection.java         |  10 +-
 .../src/com/netscape/certsrv/pattern/Pattern.java  |  86 ++-
 .../netscape/certsrv/policy/EPolicyException.java  |  48 +-
 .../netscape/certsrv/policy/IEnrollmentPolicy.java |  10 +-
 .../com/netscape/certsrv/policy/IExpression.java   |  14 +-
 .../policy/IGeneralNameAsConstraintsConfig.java    |  15 +-
 .../certsrv/policy/IGeneralNameConfig.java         |  23 +-
 .../netscape/certsrv/policy/IGeneralNameUtil.java  |  51 +-
 .../policy/IGeneralNamesAsConstraintsConfig.java   |  15 +-
 .../certsrv/policy/IGeneralNamesConfig.java        |  15 +-
 .../certsrv/policy/IKeyArchivalPolicy.java         |   5 +-
 .../certsrv/policy/IKeyRecoveryPolicy.java         |   5 +-
 .../certsrv/policy/IPolicyPredicateParser.java     |  15 +-
 .../netscape/certsrv/policy/IPolicyProcessor.java  | 115 ++--
 .../com/netscape/certsrv/policy/IPolicyRule.java   |  51 +-
 .../com/netscape/certsrv/policy/IPolicySet.java    |  51 +-
 .../netscape/certsrv/policy/IRenewalPolicy.java    |   5 +-
 .../netscape/certsrv/policy/IRevocationPolicy.java |   5 +-
 .../certsrv/policy/ISubjAltNameConfig.java         |  16 +-
 .../netscape/certsrv/policy/PolicyResources.java   |   5 +-
 .../netscape/certsrv/profile/CertInfoProfile.java  |  67 +--
 .../netscape/certsrv/profile/EDeferException.java  |  21 +-
 .../certsrv/profile/EProfileException.java         |  12 +-
 .../netscape/certsrv/profile/ERejectException.java |  19 +-
 .../certsrv/profile/ICertInfoPolicyDefault.java    |   4 +-
 .../netscape/certsrv/profile/IEnrollProfile.java   |  57 +-
 .../certsrv/profile/IPolicyConstraint.java         |  39 +-
 .../netscape/certsrv/profile/IPolicyDefault.java   |  81 ++-
 .../src/com/netscape/certsrv/profile/IProfile.java | 212 ++++---
 .../certsrv/profile/IProfileAuthenticator.java     |  48 +-
 .../netscape/certsrv/profile/IProfileContext.java  |  12 +-
 .../com/netscape/certsrv/profile/IProfileEx.java   |   9 +-
 .../netscape/certsrv/profile/IProfileInput.java    |  36 +-
 .../netscape/certsrv/profile/IProfileOutput.java   |  36 +-
 .../netscape/certsrv/profile/IProfilePolicy.java   |  15 +-
 .../certsrv/profile/IProfileSubsystem.java         |  53 +-
 .../netscape/certsrv/profile/IProfileUpdater.java  |  20 +-
 .../com/netscape/certsrv/property/Descriptor.java  |  25 +-
 .../certsrv/property/EPropertyException.java       |   5 +-
 .../netscape/certsrv/property/IConfigTemplate.java |  23 +-
 .../com/netscape/certsrv/property/IDescriptor.java |  22 +-
 .../com/netscape/certsrv/property/PropertySet.java |  43 +-
 .../netscape/certsrv/publish/ECompSyntaxErr.java   |  17 +-
 .../netscape/certsrv/publish/EMapperNotFound.java  |   7 +-
 .../certsrv/publish/EMapperPluginNotFound.java     |   6 +-
 .../certsrv/publish/EPublisherNotFound.java        |   5 +-
 .../certsrv/publish/EPublisherPluginNotFound.java  |   9 +-
 .../netscape/certsrv/publish/ERuleNotFound.java    |   8 +-
 .../certsrv/publish/ERulePluginNotFound.java       |   9 +-
 .../netscape/certsrv/publish/ICRLPublisher.java    |  86 ++-
 .../netscape/certsrv/publish/ILdapCertMapper.java  |  27 +-
 .../netscape/certsrv/publish/ILdapCrlMapper.java   |  31 +-
 .../netscape/certsrv/publish/ILdapExpression.java  |  28 +-
 .../com/netscape/certsrv/publish/ILdapMapper.java  |  30 +-
 .../com/netscape/certsrv/publish/ILdapPlugin.java  |  10 +-
 .../netscape/certsrv/publish/ILdapPluginImpl.java  |  13 +-
 .../certsrv/publish/ILdapPublishModule.java        |  20 +-
 .../netscape/certsrv/publish/ILdapPublisher.java   |  37 +-
 .../com/netscape/certsrv/publish/ILdapRule.java    |  11 +-
 .../netscape/certsrv/publish/IPublishRuleSet.java  |  71 ++-
 .../certsrv/publish/IPublisherProcessor.java       | 173 +++---
 .../certsrv/publish/IXcertPublisherProcessor.java  |  11 +-
 .../certsrv/publish/LdapCertMapResult.java         |  17 +-
 .../com/netscape/certsrv/publish/MapperPlugin.java |   8 +-
 .../com/netscape/certsrv/publish/MapperProxy.java  |  18 +-
 .../netscape/certsrv/publish/PublisherPlugin.java  |  16 +-
 .../netscape/certsrv/publish/PublisherProxy.java   |  16 +-
 .../com/netscape/certsrv/publish/RulePlugin.java   |   9 +-
 .../src/com/netscape/certsrv/ra/IRAService.java    |  17 +-
 .../certsrv/ra/IRegistrationAuthority.java         |  52 +-
 .../certsrv/registry/ERegistryException.java       |   6 +-
 .../com/netscape/certsrv/registry/IPluginInfo.java |  25 +-
 .../netscape/certsrv/registry/IPluginRegistry.java |  31 +-
 .../netscape/certsrv/request/ARequestNotifier.java | 277 +++++----
 .../netscape/certsrv/request/AgentApproval.java    |  17 +-
 .../netscape/certsrv/request/AgentApprovals.java   |  45 +-
 .../certsrv/request/IEnrollmentRequest.java        |  11 +-
 .../src/com/netscape/certsrv/request/INotify.java  |  22 +-
 .../src/com/netscape/certsrv/request/IPolicy.java  |  41 +-
 .../src/com/netscape/certsrv/request/IRequest.java | 439 +++++++-------
 .../com/netscape/certsrv/request/IRequestList.java |  27 +-
 .../netscape/certsrv/request/IRequestListener.java |  16 +-
 .../netscape/certsrv/request/IRequestNotifier.java |  38 +-
 .../netscape/certsrv/request/IRequestQueue.java    | 310 +++++-----
 .../netscape/certsrv/request/IRequestRecord.java   |  31 +-
 .../certsrv/request/IRequestScheduler.java         |  14 +-
 .../certsrv/request/IRequestSubsystem.java         | 106 ++--
 .../certsrv/request/IRequestVirtualList.java       |  12 +-
 .../src/com/netscape/certsrv/request/IService.java |  28 +-
 .../netscape/certsrv/request/PolicyMessage.java    |  11 +-
 .../com/netscape/certsrv/request/PolicyResult.java |   3 +-
 .../com/netscape/certsrv/request/RequestId.java    |  28 +-
 .../netscape/certsrv/request/RequestStatus.java    | 152 ++---
 .../netscape/certsrv/request/ldap/IRequestMod.java |  22 +-
 .../com/netscape/certsrv/security/Credential.java  |  16 +-
 .../certsrv/security/ICryptoSubsystem.java         | 256 +++++----
 .../netscape/certsrv/security/IEncryptionUnit.java |  74 ++-
 .../netscape/certsrv/security/ISigningUnit.java    |  46 +-
 .../netscape/certsrv/security/IStorageKeyUnit.java |  34 +-
 .../src/com/netscape/certsrv/security/IToken.java  |   6 +-
 .../certsrv/security/ITransportKeyUnit.java        |  25 +-
 .../com/netscape/certsrv/security/KeyCertData.java | 183 +++---
 .../selftests/EDuplicateSelfTestException.java     | 106 ++--
 .../selftests/EInvalidSelfTestException.java       | 104 ++--
 .../selftests/EMissingSelfTestException.java       | 109 ++--
 .../certsrv/selftests/ESelfTestException.java      |  77 ++-
 .../com/netscape/certsrv/selftests/ISelfTest.java  |  72 +--
 .../certsrv/selftests/ISelfTestSubsystem.java      | 258 ++++-----
 .../certsrv/selftests/SelfTestResources.java       |   5 +-
 .../src/com/netscape/certsrv/template/ArgList.java |  18 +-
 .../src/com/netscape/certsrv/template/ArgSet.java  |  18 +-
 .../com/netscape/certsrv/template/ArgString.java   |   8 +-
 .../com/netscape/certsrv/template/IArgValue.java   |   7 +-
 .../com/netscape/certsrv/tks/ITKSAuthority.java    |  18 +-
 .../com/netscape/certsrv/usrgrp/Certificates.java  |  10 +-
 .../netscape/certsrv/usrgrp/EUsrGrpException.java  |  19 +-
 .../netscape/certsrv/usrgrp/ICertUserLocator.java  |  18 +-
 .../src/com/netscape/certsrv/usrgrp/IGroup.java    |  17 +-
 .../netscape/certsrv/usrgrp/IGroupConstants.java   |   5 +-
 .../com/netscape/certsrv/usrgrp/IIdEvaluator.java  |   8 +-
 .../com/netscape/certsrv/usrgrp/IUGSubsystem.java  |  99 ++--
 .../src/com/netscape/certsrv/usrgrp/IUser.java     |  30 +-
 .../netscape/certsrv/usrgrp/IUserConstants.java    |   5 +-
 .../src/com/netscape/certsrv/usrgrp/IUsrGrp.java   |  29 +-
 .../netscape/certsrv/usrgrp/UsrGrpResources.java   |   9 +-
 .../src/com/netscape/certsrv/util/HttpInput.java   | 220 ++++---
 .../com/netscape/certsrv/util/IStatsSubsystem.java |  13 +-
 .../src/com/netscape/certsrv/util/StatsEvent.java  | 309 +++++-----
 323 files changed, 6983 insertions(+), 7371 deletions(-)

(limited to 'pki/base/common/src/com/netscape/certsrv')

diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java
index 5c0c55c61..476bd793c 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java
@@ -17,22 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.acls;
 
-
 import java.util.Enumeration;
 import java.util.Vector;
 
-
 /**
- * A class represents an access control list (ACL). An ACL
- * is associated with an protected resources. The policy 
- * enforcer can verify the ACLs with the current
- * context to see if the corresponding resource is accessible.  
+ * A class represents an access control list (ACL). An ACL is associated with an
+ * protected resources. The policy enforcer can verify the ACLs with the current
+ * context to see if the corresponding resource is accessible.
  * <P>
- * An <code>ACL</code> may contain one or more <code>ACLEntry</code>.
- * However, in case of multiple <code>ACLEntry</code>, a subject must
- * pass ALL of the <code>ACLEntry</code> evaluation for permission
- * to be granted
+ * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However,
+ * in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the
+ * <code>ACLEntry</code> evaluation for permission to be granted
  * <P>
+ * 
  * @version $Revision$, $Date$
  */
 public class ACL implements IACL, java.io.Serializable {
@@ -43,7 +40,8 @@ public class ACL implements IACL, java.io.Serializable {
     private static final long serialVersionUID = -1867465948611161868L;
     protected Vector mEntries = new Vector(); // ACL entries
     protected Vector mRights = null; // possible rights entries
-    protected String mResourceACLs = null; // exact resourceACLs string on ldap server
+    protected String mResourceACLs = null; // exact resourceACLs string on ldap
+                                           // server
     protected String mName = null; // resource name
     protected String mDescription = null; // resource description
 
@@ -54,17 +52,15 @@ public class ACL implements IACL, java.io.Serializable {
     }
 
     /**
-     * Class constructor.
-     * Constructs an access control list associated
-     * with a resource name
+     * Class constructor. Constructs an access control list associated with a
+     * resource name
+     * 
      * @param name resource name
      * @param rights applicable rights defined for this resource
      * @param resourceACLs the entire ACL specification. For example:
-     *                     "certServer.log.configuration:read,modify:
-     *                     allow (read,modify)
-     *                     group=\"Administrators\":
-     *                     Allow administrators to read and modify log 
-     *                     configuration"
+     *            "certServer.log.configuration:read,modify: allow (read,modify)
+     *            group=\"Administrators\": Allow administrators to read and
+     *            modify log configuration"
      */
     public ACL(String name, Vector rights, String resourceACLs) {
         setName(name);
@@ -78,17 +74,17 @@ public class ACL implements IACL, java.io.Serializable {
     }
 
     /**
-     * Sets the name of the resource governed by this 
-     * access control.
+     * Sets the name of the resource governed by this access control.
+     * 
      * @param name name of the resource
      */
     public void setName(String name) {
         mName = name;
     }
-	
+
     /**
-     * Retrieves the name of the resource governed by 
-     * this access control.
+     * Retrieves the name of the resource governed by this access control.
+     * 
      * @return name of the resource
      */
     public String getName() {
@@ -97,6 +93,7 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Retrieves the exact string of the resourceACLs
+     * 
      * @return resource's acl
      */
     public String getResourceACLs() {
@@ -104,17 +101,18 @@ public class ACL implements IACL, java.io.Serializable {
     }
 
     /**
-     * Sets the description of the resource governed by this 
-     * access control.
+     * Sets the description of the resource governed by this access control.
+     * 
      * @param description Description of the protected resource
      */
     public void setDescription(String description) {
         mDescription = description;
     }
-	
+
     /**
-     * Retrieves the description of the resource governed by 
-     * this access control.
+     * Retrieves the description of the resource governed by this access
+     * control.
+     * 
      * @return Description of the protected resource
      */
     public String getDescription() {
@@ -123,6 +121,7 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Adds an ACL entry to this list.
+     * 
      * @param entry the <code>ACLEntry</code> to be added to this resource
      */
     public void addEntry(ACLEntry entry) {
@@ -131,6 +130,7 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Returns ACL entries.
+     * 
      * @return enumeration for the <code>ACLEntry</code> vector
      */
     public Enumeration entries() {
@@ -139,9 +139,9 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Returns the string reprsentation.
-     * @return the string representation of the ACL entries in the
-     *	       following format:
-     *         <resource name>[<ACLEntry1>,<ACLEntry 2>,...<ACLEntry N>]
+     * 
+     * @return the string representation of the ACL entries in the following
+     *         format: <resource name>[<ACLEntry1>,<ACLEntry 2>,...<ACLEntry N>]
      */
     public String toString() {
         String entries = "";
@@ -159,6 +159,7 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Adds an rights entry to this list.
+     * 
      * @param right The right to be added for this ACL
      */
     public void addRight(String right) {
@@ -167,6 +168,7 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Tells if the permission is one of the defined "rights"
+     * 
      * @param permission permission to be checked
      * @return true if it's one of the "rights"; false otherwise
      */
@@ -176,6 +178,7 @@ public class ACL implements IACL, java.io.Serializable {
 
     /**
      * Returns rights entries.
+     * 
      * @return enumeration of rights defined for this ACL
      */
     public Enumeration rights() {
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java b/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java
index 208361286..31d15eb54 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java
@@ -17,15 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.acls;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 import java.util.StringTokenizer;
 
-
 /**
  * A class represents an ACI entry of an access control list.
  * <P>
+ * 
  * @version $Revision$, $Date$
  */
 public class ACLEntry implements IACLEntry, java.io.Serializable {
@@ -47,8 +46,9 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Checks if this ACL entry is set to negative.
-     * @return true if this ACL entry expression is for "deny";
-     *         false if this ACL entry expression is for "allow"
+     * 
+     * @return true if this ACL entry expression is for "deny"; false if this
+     *         ACL entry expression is for "allow"
      */
     public boolean isNegative() {
         return mNegative;
@@ -63,8 +63,10 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Sets the ACL entry string
+     * 
      * @param s string in the following format:
-     * <PRE>
+     * 
+     *            <PRE>
      *   allow|deny (right[,right...]) attribute_expression
      * </PRE>
      */
@@ -72,10 +74,12 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
         mACLEntryString = s;
     }
 
-    /** 
+    /**
      * Gets the ACL Entry String
+     * 
      * @return ACL Entry string in the following format:
-     * <PRE>
+     * 
+     *         <PRE>
      *   allow|deny (right[,right...]) attribute_expression
      * </PRE>
      */
@@ -84,11 +88,12 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
     }
 
     /**
-     * Adds permission to this entry. Permission must be one of the
-     * "rights" defined for each protected resource in its ACL
+     * Adds permission to this entry. Permission must be one of the "rights"
+     * defined for each protected resource in its ACL
+     * 
      * @param acl the acl instance that this aclEntry is associated with
-     * @param permission one of the "rights" defined for each
-     *              	 protected resource in its ACL
+     * @param permission one of the "rights" defined for each protected resource
+     *            in its ACL
      */
     public void addPermission(IACL acl, String permission) {
         if (acl.checkRight(permission) == true) {
@@ -99,8 +104,8 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
     }
 
     /**
-     * Returns a list of permissions associated with
-     * this entry.
+     * Returns a list of permissions associated with this entry.
+     * 
      * @return a list of permissions for this ACL entry
      */
     public Enumeration permissions() {
@@ -109,8 +114,9 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Sets the expression associated with this entry.
+     * 
      * @param expressions the evaluator expressions. For example,
-     *                    group="Administrators"
+     *            group="Administrators"
      */
     public void setAttributeExpressions(String expressions) {
         mExpressions = expressions;
@@ -118,20 +124,21 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Retrieves the expression associated with this entry.
-     * @return the evaluator expressions.  For example,
-     *                group="Administrators"
+     * 
+     * @return the evaluator expressions. For example, group="Administrators"
      */
     public String getAttributeExpressions() {
         return mExpressions;
     }
 
     /**
-     * Checks to see if this <code>ACLEntry</code> contains a
-     * particular permission
-     * @param permission one of the "rights" defined for each
-     *              	 protected resource in its ACL
-     * @return true if permission contained in the permission list
-     *              for this <code>ACLEntry</code>; false otherwise.
+     * Checks to see if this <code>ACLEntry</code> contains a particular
+     * permission
+     * 
+     * @param permission one of the "rights" defined for each protected resource
+     *            in its ACL
+     * @return true if permission contained in the permission list for this
+     *         <code>ACLEntry</code>; false otherwise.
      */
     public boolean containPermission(String permission) {
         return (mPerms.get(permission) != null);
@@ -139,15 +146,16 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Checks if this entry has the given permission.
-     * @param permission one of the "rights" defined for each
-     *              	 protected resource in its ACL
-     * @return true if the permission is allowed; false if the
-     *           	 permission is denied.  If a permission is not
-     *          	 recognized by this ACL, it is considered denied
+     * 
+     * @param permission one of the "rights" defined for each protected resource
+     *            in its ACL
+     * @return true if the permission is allowed; false if the permission is
+     *         denied. If a permission is not recognized by this ACL, it is
+     *         considered denied
      */
     public boolean checkPermission(String permission) {
         // default - if we dont know about the requested permission,
-        //           don't grant permission
+        // don't grant permission
         if (mPerms.get(permission) == null)
             return false;
         if (isNegative()) {
@@ -159,10 +167,13 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Parse string in the following format:
+     * 
      * <PRE>
      *   allow|deny (right[,right...]) attribute_expression
      * </PRE>
+     * 
      * into an instance of the <code>ACLEntry</code> class
+     * 
      * @param acl the acl instance associated with this aclentry
      * @param aclEntryString aclEntryString in the specified format
      * @return an instance of the <code>ACLEntry</code> class
@@ -175,7 +186,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
         String te = aclEntryString.trim();
 
         // locate first space
-        int i = te.indexOf(' '); 
+        int i = te.indexOf(' ');
         // prefix should be "allowed" or "deny"
         String prefix = te.substring(0, i);
         String suffix = te.substring(i + 1).trim();
@@ -189,7 +200,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
             return null;
         }
         // locate the second space
-        i = suffix.indexOf(' '); 
+        i = suffix.indexOf(' ');
         // this prefix should be rights list, delimited by ","
         prefix = suffix.substring(1, i - 1);
         // the suffix is the rest, which is the "expressions"
@@ -206,6 +217,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable {
 
     /**
      * Returns the string representation of this ACLEntry
+     * 
      * @return string representation of this ACLEntry
      */
     public String toString() {
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java b/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java
index 878fe1639..9dc6d4ee4 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java
@@ -20,10 +20,9 @@ package com.netscape.certsrv.acls;
 import java.util.ListResourceBundle;
 
 /**
- * A class represents a resource bundle for the entire ACL component.
- * system.
+ * A class represents a resource bundle for the entire ACL component. system.
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -31,13 +30,14 @@ public class ACLsResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
+     * 
      * @return the content of this resource.
      */
     public Object[][] getContents() {
         return contents;
     }
 
-    /** 
+    /**
      * A set of constants for localized error messages.
      */
     static final Object[][] contents = {};
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java b/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java
index e79bd7242..96a9b7b97 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java
@@ -17,21 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.acls;
 
-
 import java.util.Locale;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.MessageFormatter;
 
-
 /**
- * A class represents an acls exception. Note that this is
- * an Runtime exception so that methods used AccessManager
- * do not have to explicity declare this exception. This
- * allows AccessManager to be easily integrated into any
+ * A class represents an acls exception. Note that this is an Runtime exception
+ * so that methods used AccessManager do not have to explicity declare this
+ * exception. This allows AccessManager to be easily integrated into any
  * existing code.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EACLsException extends EBaseException {
@@ -44,10 +41,11 @@ public class EACLsException extends EBaseException {
      * resource class name
      */
     private static final String ACL_RESOURCES = ACLsResources.class.getName();
- 
+
     /**
      * Constructs an acls exception.
      * <P>
+     * 
      * @param msgFormat exception details
      */
     public EACLsException(String msgFormat) {
@@ -57,11 +55,12 @@ public class EACLsException extends EBaseException {
 
     /**
      * Constructs a base exception with a parameter. For example,
+     * 
      * <PRE>
-     * 		new EACLsException("failed to load {0}", fileName);
+     * new EACLsException(&quot;failed to load {0}&quot;, fileName);
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -72,9 +71,9 @@ public class EACLsException extends EBaseException {
     }
 
     /**
-     * Constructs a base exception. It can be used to carry
-     * a system exception that may contain information about
-     * the context. For example,
+     * Constructs a base exception. It can be used to carry a system exception
+     * that may contain information about the context. For example,
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -83,7 +82,7 @@ public class EACLsException extends EBaseException {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param param system exception
      */
@@ -94,10 +93,10 @@ public class EACLsException extends EBaseException {
     }
 
     /**
-     * Constructs a base exception with a list of parameters
-     * that will be substituted into the message format.
+     * Constructs a base exception with a list of parameters that will be
+     * substituted into the message format.
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param params list of message format parameters
      */
@@ -109,7 +108,7 @@ public class EACLsException extends EBaseException {
     /**
      * Returns a list of parameters.
      * <P>
-     *
+     * 
      * @return list of message format parameters
      */
     public Object[] getParameters() {
@@ -118,6 +117,7 @@ public class EACLsException extends EBaseException {
 
     /**
      * String representation for the corresponding exception.
+     * 
      * @return String representation for the corresponding exception.
      */
     public String toString() {
@@ -126,6 +126,7 @@ public class EACLsException extends EBaseException {
 
     /**
      * Returns string representation for the corresponding exception.
+     * 
      * @param locale client specified locale for string representation.
      * @return String representation for the corresponding exception.
      */
@@ -136,6 +137,7 @@ public class EACLsException extends EBaseException {
 
     /**
      * Return the class name of the resource bundle.
+     * 
      * @return class name of the resource bundle.
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/IACL.java b/pki/base/common/src/com/netscape/certsrv/acls/IACL.java
index 892bd490a..b136f621b 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/IACL.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/IACL.java
@@ -17,49 +17,52 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.acls;
 
-
 import java.util.Enumeration;
 
-
 /**
- * A class represents an access control list (ACL). An ACL
- * is associated with a protected resource. The policy 
- * enforcer can verify the ACLs with the current
- * context to see if the corresponding resource is accessible.  
+ * A class represents an access control list (ACL). An ACL is associated with a
+ * protected resource. The policy enforcer can verify the ACLs with the current
+ * context to see if the corresponding resource is accessible.
  * <P>
  * 
  * @version $Revision$, $Date$
  */
-public interface IACL { 
+public interface IACL {
 
     /**
      * Returns the name of the current ACL.
+     * 
      * @return the name of the current ACL.
      */
     public String getName();
 
     /**
      * Returns the description of the current ACL.
+     * 
      * @return the description of the current ACL.
      */
-    public String getDescription(); 
+    public String getDescription();
 
     /**
      * Returns a list of access rights of the current ACL.
+     * 
      * @return a list of access rights
      */
-    public Enumeration rights(); 
+    public Enumeration rights();
 
     /**
      * Returns a list of entries of the current ACL.
+     * 
      * @return a list of entries
      */
     public Enumeration entries();
 
     /**
      * Verifies if permission is granted.
+     * 
      * @param permission one of the applicable rights
-     * @return true if the given permission is one of the applicable rights; false otherwise.
+     * @return true if the given permission is one of the applicable rights;
+     *         false otherwise.
      */
     public boolean checkRight(String permission);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java b/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java
index f91ef38bb..ff806f155 100644
--- a/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java
+++ b/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java
@@ -17,19 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.acls;
 
-
-
-
 /**
  * A class represents an entry of access control list.
  * <P>
  * 
  * @version $Revision$, $Date$
  */
-public interface IACLEntry { 
+public interface IACLEntry {
 
     /**
      * Returns the ACL entry string of the entry.
+     * 
      * @return the ACL entry string of the entry.
      */
     public String getACLEntryString();
diff --git a/pki/base/common/src/com/netscape/certsrv/apps/CMS.java b/pki/base/common/src/com/netscape/certsrv/apps/CMS.java
index 137a609f1..4842e0ec5 100644
--- a/pki/base/common/src/com/netscape/certsrv/apps/CMS.java
+++ b/pki/base/common/src/com/netscape/certsrv/apps/CMS.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.apps;
 
-
 import java.io.ByteArrayOutputStream;
 import java.io.PrintStream;
 import java.math.BigInteger;
@@ -98,18 +97,15 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem;
 import com.netscape.cmsutil.net.ISocketFactory;
 import com.netscape.cmsutil.password.IPasswordStore;
 
-
 /**
- * This represents the CMS server. Plugins can access other
- * public objects such as subsystems via this inteface. 
- * This object also include a set of utility functions.
- *
- * This object does not include the actual implementation.
- * It acts as a public interface for plugins, and the
- * actual implementation is in the CMS engine 
- * (com.netscape.cmscore.apps.CMSEngine) that implements 
- * ICMSEngine interface.
- *
+ * This represents the CMS server. Plugins can access other public objects such
+ * as subsystems via this inteface. This object also include a set of utility
+ * functions.
+ * 
+ * This object does not include the actual implementation. It acts as a public
+ * interface for plugins, and the actual implementation is in the CMS engine
+ * (com.netscape.cmscore.apps.CMSEngine) that implements ICMSEngine interface.
+ * 
  * @version $Revision$, $Date$
  */
 public final class CMS {
@@ -129,7 +125,7 @@ public final class CMS {
     public static final String SUBSYSTEM_KRA = IKeyRecoveryAuthority.ID;
     public static final String SUBSYSTEM_OCSP = IOCSPAuthority.ID;
     public static final String SUBSYSTEM_TKS = ITKSAuthority.ID;
-   public static final String SUBSYSTEM_UG = IUGSubsystem.ID;
+    public static final String SUBSYSTEM_UG = IUGSubsystem.ID;
     public static final String SUBSYSTEM_AUTH = IAuthSubsystem.ID;
     public static final String SUBSYSTEM_AUTHZ = IAuthzSubsystem.ID;
     public static final String SUBSYSTEM_REGISTRY = IPluginRegistry.ID;
@@ -141,7 +137,7 @@ public final class CMS {
 
     /**
      * Private constructor.
-     *
+     * 
      * @param engine CMS engine implementation
      */
     private CMS(ICMSEngine engine) {
@@ -149,8 +145,9 @@ public final class CMS {
     }
 
     /**
-     * This method is used for unit tests.  It allows the underlying _engine
-     * to be stubbed out.
+     * This method is used for unit tests. It allows the underlying _engine to
+     * be stubbed out.
+     * 
      * @param engine The stub engine to set, for testing.
      */
     public static void setCMSEngine(ICMSEngine engine) {
@@ -159,7 +156,7 @@ public final class CMS {
 
     /**
      * Gets this ID .
-     *
+     * 
      * @return CMS engine identifier
      */
     public static String getId() {
@@ -167,9 +164,9 @@ public final class CMS {
     }
 
     /**
-     * Sets the identifier of this subsystem. Should never be called. 
-     * Returns error. 
-     *
+     * Sets the identifier of this subsystem. Should never be called. Returns
+     * error.
+     * 
      * @param id CMS engine identifier
      */
     public static void setId(String id) throws EBaseException {
@@ -178,14 +175,14 @@ public final class CMS {
 
     /**
      * Initialize all static, dynamic and final static subsystems.
-     *
+     * 
      * @param owner null
      * @param config main config store.
-     * @exception EBaseException if any error occur in subsystems during 
-     * initialization.
+     * @exception EBaseException if any error occur in subsystems during
+     *                initialization.
      */
-    public static void init(ISubsystem owner, IConfigStore config) 
-        throws EBaseException {
+    public static void init(ISubsystem owner, IConfigStore config)
+            throws EBaseException {
         _engine.init(owner, config);
     }
 
@@ -195,7 +192,7 @@ public final class CMS {
 
     /**
      * Starts up all subsystems. subsystems must be initialized.
-     *
+     * 
      * @exception EBaseException if any subsystem fails to startup.
      */
     public static void startup() throws EBaseException {
@@ -217,10 +214,10 @@ public final class CMS {
     }
 
     /**
-     * Checks to ensure that all new incoming requests have been blocked.
-     * This method is used for reentrancy protection.
+     * Checks to ensure that all new incoming requests have been blocked. This
+     * method is used for reentrancy protection.
      * <P>
-     *
+     * 
      * @return true or false
      */
     public static boolean areRequestsDisabled() {
@@ -228,34 +225,33 @@ public final class CMS {
     }
 
     /**
-     * Shuts down subsystems in backwards order 
-     * exceptions are ignored. process exists at end to force exit.
+     * Shuts down subsystems in backwards order exceptions are ignored. process
+     * exists at end to force exit.
      */
     public static void shutdown() {
         _engine.shutdown();
     }
 
     /**
-     * Shuts down subsystems in backwards order
-     * exceptions are ignored. process exists at end to force exit.
+     * Shuts down subsystems in backwards order exceptions are ignored. process
+     * exists at end to force exit.
      */
 
-     public static void forceShutdown() {
+    public static void forceShutdown() {
 
-         _engine.forceShutdown();
-     }
+        _engine.forceShutdown();
+    }
 
-     /**
-      * mode = 0 (pre-operational)
-      * mode = 1 (running)
-      */
-     public static void setCSState(int mode) {
-         _engine.setCSState(mode);
-     }
+    /**
+     * mode = 0 (pre-operational) mode = 1 (running)
+     */
+    public static void setCSState(int mode) {
+        _engine.setCSState(mode);
+    }
 
-     public static int getCSState() {
-         return _engine.getCSState();
-     }
+    public static int getCSState() {
+        return _engine.getCSState();
+    }
 
     public static boolean isPreOpMode() {
         return _engine.isPreOpMode();
@@ -266,10 +262,9 @@ public final class CMS {
     }
 
     /**
-     * Is the server in running state. After server startup, the
-     * server will be initialization state first. After the
-     * initialization state, the server will be in the running 
-     * state.
+     * Is the server in running state. After server startup, the server will be
+     * initialization state first. After the initialization state, the server
+     * will be in the running state.
      * 
      * @return true if the server is in the running state
      */
@@ -278,10 +273,9 @@ public final class CMS {
     }
 
     /**
-     * Returns the logger of the current server. The logger can
-     * be used to log critical informational or critical error
-     * messages.
-     *
+     * Returns the logger of the current server. The logger can be used to log
+     * critical informational or critical error messages.
+     * 
      * @return logger
      */
     public static ILogger getLogger() {
@@ -289,10 +283,9 @@ public final class CMS {
     }
 
     /**
-     * Returns the signed audit logger of the current server. This logger can
-     * be used to log critical informational or critical error
-     * messages.
-     *
+     * Returns the signed audit logger of the current server. This logger can be
+     * used to log critical informational or critical error messages.
+     * 
      * @return signed audit logger
      */
     public static ILogger getSignedAuditLogger() {
@@ -301,7 +294,7 @@ public final class CMS {
 
     /**
      * Creates a repository record in the internal database.
-     *
+     * 
      * @return repository record
      */
     public static IRepositoryRecord createRepositoryRecord() {
@@ -310,8 +303,10 @@ public final class CMS {
 
     /**
      * Parse ACL resource attributes
+     * 
      * @param resACLs same format as the resourceACLs attribute:
-     * <PRE>
+     * 
+     *            <PRE>
      *     <resource name>:<permission1,permission2,...permissionn>:
      *     <allow|deny> (<subset of the permission set>) <evaluator expression>
      * </PRE>
@@ -324,16 +319,18 @@ public final class CMS {
 
     /**
      * Creates an issuing poing record.
-     *
+     * 
      * @return issuing record
      */
-    public static ICRLIssuingPointRecord createCRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize, Date thisUpdate, Date nextUpdate) {
-        return _engine.createCRLIssuingPointRecord(id, crlNumber, crlSize, thisUpdate, nextUpdate);
+    public static ICRLIssuingPointRecord createCRLIssuingPointRecord(String id,
+            BigInteger crlNumber, Long crlSize, Date thisUpdate, Date nextUpdate) {
+        return _engine.createCRLIssuingPointRecord(id, crlNumber, crlSize,
+                thisUpdate, nextUpdate);
     }
 
     /**
      * Retrieves the default CRL issuing point record name.
-     *
+     * 
      * @return CRL issuing point record name
      */
     public static String getCRLIssuingPointRecordName() {
@@ -342,7 +339,7 @@ public final class CMS {
 
     /**
      * Retrieves the process id of this server.
-     *
+     * 
      * @return process id of the server
      */
     public static int getpid() {
@@ -351,7 +348,7 @@ public final class CMS {
 
     /**
      * Retrieves the instance roort path of this server.
-     *
+     * 
      * @return instance directory path name
      */
     public static String getInstanceDir() {
@@ -359,9 +356,9 @@ public final class CMS {
     }
 
     /**
-     * Returns a server wide system time. Plugins should call
-     * this method to retrieve system time.
-     *
+     * Returns a server wide system time. Plugins should call this method to
+     * retrieve system time.
+     * 
      * @return current time
      */
     public static Date getCurrentDate() {
@@ -372,7 +369,7 @@ public final class CMS {
 
     /**
      * Puts data of an byte array into the debug file.
-     *
+     * 
      * @param data byte array to be recorded in the debug file
      */
     public static void debug(byte data[]) {
@@ -382,7 +379,7 @@ public final class CMS {
 
     /**
      * Puts a message into the debug file.
-     *
+     * 
      * @param msg debugging message
      */
     public static void debug(String msg) {
@@ -392,7 +389,7 @@ public final class CMS {
 
     /**
      * Puts a message into the debug file.
-     *
+     * 
      * @param level 0-10 (0 is less detail, 10 is more detail)
      * @param msg debugging message
      */
@@ -403,7 +400,7 @@ public final class CMS {
 
     /**
      * Puts an exception into the debug file.
-     *
+     * 
      * @param e exception
      */
     public static void debug(Throwable e) {
@@ -413,7 +410,7 @@ public final class CMS {
 
     /**
      * Checks if the debug mode is on or not.
-     *
+     * 
      * @return true if debug mode is on
      */
     public static boolean debugOn() {
@@ -430,42 +427,46 @@ public final class CMS {
             _engine.debugStackTrace();
     }
 
-	/*
-	 * If debugging for the particular realm is enabled, output name/value
-	 * pair info to the debug file. This is useful to dump out what hidden
-	 * config variables the server is looking at, or what HTTP variables it
-	 * is expecting to find, or what database attributes it is looking for.
-	 * @param type indicates what the source of key/val is. For example,
-     *     this could be 'CS.cfg', or something else. In the debug
-	 *     subsystem, there is a mechanism to filter this so only the types 
-     *     you care about are listed
-	 * @param key  the 'key' of the hashtable which is being accessed.
-	 *     This could be the name of the config parameter, or the http param
-	 *     name.
-	 * @param val  the value of the parameter
+    /*
+     * If debugging for the particular realm is enabled, output name/value pair
+     * info to the debug file. This is useful to dump out what hidden config
+     * variables the server is looking at, or what HTTP variables it is
+     * expecting to find, or what database attributes it is looking for.
+     * 
+     * @param type indicates what the source of key/val is. For example, this
+     * could be 'CS.cfg', or something else. In the debug subsystem, there is a
+     * mechanism to filter this so only the types you care about are listed
+     * 
+     * @param key the 'key' of the hashtable which is being accessed. This could
+     * be the name of the config parameter, or the http param name.
+     * 
+     * @param val the value of the parameter
+     * 
      * @param default the default value if the param is not found
-	 */
+     */
 
     public static void traceHashKey(String type, String key) {
         if (_engine != null) {
-			_engine.traceHashKey(type, key);
-		}
-	}
+            _engine.traceHashKey(type, key);
+        }
+    }
+
     public static void traceHashKey(String type, String key, String val) {
         if (_engine != null) {
-			_engine.traceHashKey(type, key, val);
-		}
-	}
-    public static void traceHashKey(String type, String key, String val, String def) {
-        if (_engine != null) {
-			_engine.traceHashKey(type, key, val, def);
-		}
-	}
+            _engine.traceHashKey(type, key, val);
+        }
+    }
 
+    public static void traceHashKey(String type, String key, String val,
+            String def) {
+        if (_engine != null) {
+            _engine.traceHashKey(type, key, val, def);
+        }
+    }
 
     /**
      * Returns the names of all the registered subsystems.
-     *
+     * 
      * @return a list of string-based subsystem names
      */
     public static Enumeration getSubsystemNames() {
@@ -478,7 +479,7 @@ public final class CMS {
 
     /**
      * Returns all the registered subsystems.
-     *
+     * 
      * @return a list of ISubsystem-based subsystems
      */
     public static Enumeration getSubsystems() {
@@ -487,7 +488,7 @@ public final class CMS {
 
     /**
      * Retrieves the registered subsytem with the given name.
-     *
+     * 
      * @param name subsystem name
      * @return subsystem of the given name
      */
@@ -497,7 +498,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param msgID message id defined in UserMessages.properties
      * @return localized user message
      */
@@ -509,7 +510,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @return localized user message
@@ -522,7 +523,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @return localized user message
@@ -530,12 +531,13 @@ public final class CMS {
     public static String getUserMessage(String msgID, String p1) {
         if (_engine == null)
             return msgID;
-        return _engine.getUserMessage(null /* from session context */, msgID, p1);
+        return _engine.getUserMessage(null /* from session context */, msgID,
+                p1);
     }
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -549,7 +551,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -558,19 +560,21 @@ public final class CMS {
     public static String getUserMessage(String msgID, String p1, String p2) {
         if (_engine == null)
             return msgID;
-        return _engine.getUserMessage(null /* from session context */, msgID, p1, p2);
+        return _engine.getUserMessage(null /* from session context */, msgID,
+                p1, p2);
     }
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
      * @return localized user message
      */
-    public static String getUserMessage(Locale locale, String msgID, String p1, String p2) {
+    public static String getUserMessage(Locale locale, String msgID, String p1,
+            String p2) {
         if (_engine == null)
             return msgID;
         return _engine.getUserMessage(locale, msgID, p1, p2);
@@ -578,30 +582,31 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
      * @param p3 3rd parameter
      * @return localized user message
      */
-    public static String getUserMessage(String msgID, String p1, String p2, String p3) {
+    public static String getUserMessage(String msgID, String p1, String p2,
+            String p3) {
         if (_engine == null)
             return msgID;
-        return _engine.getUserMessage(null /* from session context */, msgID, p1, p2, p3);
+        return _engine.getUserMessage(null /* from session context */, msgID,
+                p1, p2, p3);
     }
 
     public static LDAPConnection getBoundConnection(String host, int port,
-               int version, LDAPSSLSocketFactoryExt fac, String bindDN,
-               String bindPW) throws LDAPException
-    {
-         return _engine.getBoundConnection(host, port, version, fac,
-                         bindDN, bindPW);
+            int version, LDAPSSLSocketFactoryExt fac, String bindDN,
+            String bindPW) throws LDAPException {
+        return _engine.getBoundConnection(host, port, version, fac, bindDN,
+                bindPW);
     }
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -609,7 +614,8 @@ public final class CMS {
      * @param p3 3rd parameter
      * @return localized user message
      */
-    public static String getUserMessage(Locale locale, String msgID, String p1, String p2, String p3) {
+    public static String getUserMessage(Locale locale, String msgID, String p1,
+            String p2, String p3) {
         if (_engine == null)
             return msgID;
         return _engine.getUserMessage(locale, msgID, p1, p2, p3);
@@ -617,7 +623,7 @@ public final class CMS {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param msgID message id defined in UserMessages.properties
      * @param p an array of parameters
      * @return localized user message
@@ -625,12 +631,13 @@ public final class CMS {
     public static String getUserMessage(String msgID, String p[]) {
         if (_engine == null)
             return msgID;
-        return _engine.getUserMessage(null /* from session context */, msgID, p);
+        return _engine
+                .getUserMessage(null /* from session context */, msgID, p);
     }
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p an array of parameters
@@ -644,7 +651,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @return localized log message
      */
@@ -654,7 +661,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p an array of parameters
      * @return localized log message
@@ -665,7 +672,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @return localized log message
@@ -676,7 +683,7 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -688,20 +695,21 @@ public final class CMS {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
      * @param p3 3rd parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3) {
         return _engine.getLogMessage(msgID, p1, p2, p3);
     }
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -709,13 +717,14 @@ public final class CMS {
      * @param p4 4th parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3, String p4) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3, String p4) {
         return _engine.getLogMessage(msgID, p1, p2, p3, p4);
     }
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -724,13 +733,14 @@ public final class CMS {
      * @param p5 5th parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3, String p4, String p5) {
         return _engine.getLogMessage(msgID, p1, p2, p3, p4, p5);
     }
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -740,13 +750,14 @@ public final class CMS {
      * @param p6 6th parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3, String p4, String p5, String p6) {
         return _engine.getLogMessage(msgID, p1, p2, p3, p4, p5, p6);
     }
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -757,13 +768,14 @@ public final class CMS {
      * @param p7 7th parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6, String p7) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3, String p4, String p5, String p6, String p7) {
         return _engine.getLogMessage(msgID, p1, p2, p3, p4, p5, p6, p7);
     }
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -775,13 +787,14 @@ public final class CMS {
      * @param p8 8th parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6, String p7, String p8) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3, String p4, String p5, String p6, String p7, String p8) {
         return _engine.getLogMessage(msgID, p1, p2, p3, p4, p5, p6, p7, p8);
     }
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -794,13 +807,15 @@ public final class CMS {
      * @param p9 9th parameter
      * @return localized log message
      */
-    public static String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6, String p7, String p8, String p9) {
+    public static String getLogMessage(String msgID, String p1, String p2,
+            String p3, String p4, String p5, String p6, String p7, String p8,
+            String p9) {
         return _engine.getLogMessage(msgID, p1, p2, p3, p4, p5, p6, p7, p8, p9);
     }
 
     /**
      * Returns the main config store. It is a handle to CMS.cfg.
-     *
+     * 
      * @return configuration store
      */
     public static IConfigStore getConfigStore() {
@@ -809,7 +824,7 @@ public final class CMS {
 
     /**
      * Retrieves time server started up.
-     *
+     * 
      * @return last startup time
      */
     public static long getStartupTime() {
@@ -818,41 +833,41 @@ public final class CMS {
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     *
+     * 
      * @param authority remote authority
      * @param factory socket factory
      * @return http connection to the remote authority
      */
-    public static IHttpConnection getHttpConnection(IRemoteAuthority authority, 
-        ISocketFactory factory) {
+    public static IHttpConnection getHttpConnection(IRemoteAuthority authority,
+            ISocketFactory factory) {
         return _engine.getHttpConnection(authority, factory);
     }
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     *
+     * 
      * @param authority remote authority
      * @param factory socket factory
      * @param timeout return error if connection cannot be established within
-     *       the timeout period
+     *            the timeout period
      * @return http connection to the remote authority
      */
-    public static IHttpConnection getHttpConnection(IRemoteAuthority authority, 
-        ISocketFactory factory, int timeout) {
+    public static IHttpConnection getHttpConnection(IRemoteAuthority authority,
+            ISocketFactory factory, int timeout) {
         return _engine.getHttpConnection(authority, factory, timeout);
     }
 
     /**
      * Retrieves the request sender for use with connector.
-     *
+     * 
      * @param authority local authority
      * @param nickname nickname of the client certificate
      * @param remote remote authority
      * @param interval timeout interval
      * @return resender
      */
-    public static IResender getResender(IAuthority authority, String nickname, 
-        IRemoteAuthority remote, int interval) {
+    public static IResender getResender(IAuthority authority, String nickname,
+            IRemoteAuthority remote, int interval) {
         return _engine.getResender(authority, nickname, remote, interval);
     }
 
@@ -867,7 +882,7 @@ public final class CMS {
 
     /**
      * Sets the nickname of the server's server certificate.
-     *
+     * 
      * @param tokenName name of token where the certificate is located
      * @param nickName name of server certificate
      */
@@ -877,7 +892,7 @@ public final class CMS {
 
     /**
      * Sets the nickname of the server's server certificate.
-     *
+     * 
      * @param newName new nickname of server certificate
      */
     public static void setServerCertNickname(String newName) {
@@ -886,7 +901,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     *
+     * 
      * @return host name of end-entity service
      */
     public static String getEEHost() {
@@ -895,7 +910,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's non-secure end entity service.
-     *
+     * 
      * @return host name of end-entity non-secure service
      */
     public static String getEENonSSLHost() {
@@ -904,7 +919,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's non-secure end entity service.
-     *
+     * 
      * @return ip address of end-entity non-secure service
      */
     public static String getEENonSSLIP() {
@@ -913,7 +928,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's non-secure end entity service.
-     *
+     * 
      * @return port of end-entity non-secure service
      */
     public static String getEENonSSLPort() {
@@ -922,7 +937,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     *
+     * 
      * @return port of end-entity secure service
      */
     public static String getEESSLHost() {
@@ -931,7 +946,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     *
+     * 
      * @return port of end-entity secure service
      */
     public static String getEEClientAuthSSLPort() {
@@ -940,7 +955,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's secure end entity service.
-     *
+     * 
      * @return ip address of end-entity secure service
      */
     public static String getEESSLIP() {
@@ -949,7 +964,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's secure end entity service.
-     *
+     * 
      * @return port of end-entity secure service
      */
     public static String getEESSLPort() {
@@ -958,7 +973,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's agent service.
-     *
+     * 
      * @return host name of agent service
      */
     public static String getAgentHost() {
@@ -967,7 +982,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's agent service.
-     *
+     * 
      * @return ip address of agent service
      */
     public static String getAgentIP() {
@@ -976,7 +991,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's agent service.
-     *
+     * 
      * @return port of agent service
      */
     public static String getAgentPort() {
@@ -985,7 +1000,7 @@ public final class CMS {
 
     /**
      * Retrieves the host name of the server's administration service.
-     *
+     * 
      * @return host name of administration service
      */
     public static String getAdminHost() {
@@ -994,7 +1009,7 @@ public final class CMS {
 
     /**
      * Retrieves the IP address of the server's administration service.
-     *
+     * 
      * @return ip address of administration service
      */
     public static String getAdminIP() {
@@ -1003,7 +1018,7 @@ public final class CMS {
 
     /**
      * Retrieves the port number of the server's administration service.
-     *
+     * 
      * @return port of administration service
      */
     public static String getAdminPort() {
@@ -1012,26 +1027,27 @@ public final class CMS {
 
     /**
      * Creates a general name constraints.
-     *
+     * 
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
      * @exception EBaseException failed to create general name constraint
      */
-    public static GeneralName form_GeneralNameAsConstraints(String generalNameChoice, String value) throws EBaseException {
+    public static GeneralName form_GeneralNameAsConstraints(
+            String generalNameChoice, String value) throws EBaseException {
         return _engine.form_GeneralName(generalNameChoice, value);
     }
 
     /**
      * Creates a general name.
-     *
+     * 
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
      * @exception EBaseException failed to create general name
      */
     public static GeneralName form_GeneralName(String generalNameChoice,
-        String value) throws EBaseException {
+            String value) throws EBaseException {
         return _engine.form_GeneralName(generalNameChoice, value);
     }
 
@@ -1041,193 +1057,195 @@ public final class CMS {
      * @param name configuration name
      * @param params configuration parameters
      */
-    public static void getSubjAltNameConfigDefaultParams(String name, 
-        Vector params) {
+    public static void getSubjAltNameConfigDefaultParams(String name,
+            Vector params) {
         _engine.getSubjAltNameConfigDefaultParams(name, params);
     }
 
     /**
      * Get extended plugin info for subject alt name configuration.
-     *
+     * 
      * @param name configuration name
      * @param params configuration parameters
      */
-    public static void getSubjAltNameConfigExtendedPluginInfo(String name, 
-        Vector params) {
+    public static void getSubjAltNameConfigExtendedPluginInfo(String name,
+            Vector params) {
         _engine.getSubjAltNameConfigExtendedPluginInfo(name, params);
     }
 
     /**
      * Creates subject alt name configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public static ISubjAltNameConfig createSubjAltNameConfig(String name, IConfigStore config, boolean isValueConfigured) throws EBaseException {
-        return _engine.createSubjAltNameConfig(
-                name, config, isValueConfigured);
+    public static ISubjAltNameConfig createSubjAltNameConfig(String name,
+            IConfigStore config, boolean isValueConfigured)
+            throws EBaseException {
+        return _engine.createSubjAltNameConfig(name, config, isValueConfigured);
     }
 
     /**
      * Retrieves default general name configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
     public static void getGeneralNameConfigDefaultParams(String name,
-        boolean isValueConfigured, Vector params) {
-        _engine.getGeneralNameConfigDefaultParams(name,
-            isValueConfigured, params);
+            boolean isValueConfigured, Vector params) {
+        _engine.getGeneralNameConfigDefaultParams(name, isValueConfigured,
+                params);
     }
 
     /**
      * Retrieves default general names configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
     public static void getGeneralNamesConfigDefaultParams(String name,
-        boolean isValueConfigured, Vector params) {
-        _engine.getGeneralNamesConfigDefaultParams(name,
-            isValueConfigured, params);
+            boolean isValueConfigured, Vector params) {
+        _engine.getGeneralNamesConfigDefaultParams(name, isValueConfigured,
+                params);
     }
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
     public static void getGeneralNameConfigExtendedPluginInfo(String name,
-        boolean isValueConfigured, Vector info) {
-        _engine.getGeneralNameConfigExtendedPluginInfo(name,
-            isValueConfigured, info);
+            boolean isValueConfigured, Vector info) {
+        _engine.getGeneralNameConfigExtendedPluginInfo(name, isValueConfigured,
+                info);
     }
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
     public static void getGeneralNamesConfigExtendedPluginInfo(String name,
-        boolean isValueConfigured, Vector info) {
+            boolean isValueConfigured, Vector info) {
         _engine.getGeneralNamesConfigExtendedPluginInfo(name,
-            isValueConfigured, info);
+                isValueConfigured, info);
     }
 
     /**
      * Created general names configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @param isPolicyEnabled true if policy is enabled
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public static IGeneralNamesConfig createGeneralNamesConfig(String name, 
-        IConfigStore config, boolean isValueConfigured, 
-        boolean isPolicyEnabled) throws EBaseException {
-        return _engine.createGeneralNamesConfig(name, config, isValueConfigured,
-                isPolicyEnabled);
+    public static IGeneralNamesConfig createGeneralNamesConfig(String name,
+            IConfigStore config, boolean isValueConfigured,
+            boolean isPolicyEnabled) throws EBaseException {
+        return _engine.createGeneralNamesConfig(name, config,
+                isValueConfigured, isPolicyEnabled);
     }
 
     /**
      * Created general name constraints configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @param isPolicyEnabled true if policy is enabled
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public static IGeneralNameAsConstraintsConfig createGeneralNameAsConstraintsConfig(String name, IConfigStore config, boolean isValueConfigured, 
-        boolean isPolicyEnabled) throws EBaseException {
-        return _engine.createGeneralNameAsConstraintsConfig(
-                name, config, isValueConfigured, isPolicyEnabled);
+    public static IGeneralNameAsConstraintsConfig createGeneralNameAsConstraintsConfig(
+            String name, IConfigStore config, boolean isValueConfigured,
+            boolean isPolicyEnabled) throws EBaseException {
+        return _engine.createGeneralNameAsConstraintsConfig(name, config,
+                isValueConfigured, isPolicyEnabled);
     }
 
     /**
      * Created general name constraints configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @param isPolicyEnabled true if policy is enabled
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public static IGeneralNamesAsConstraintsConfig createGeneralNamesAsConstraintsConfig(String name, IConfigStore config, boolean isValueConfigured, 
-        boolean isPolicyEnabled) throws EBaseException {
-        return _engine.createGeneralNamesAsConstraintsConfig(
-                name, config, isValueConfigured, isPolicyEnabled);
+    public static IGeneralNamesAsConstraintsConfig createGeneralNamesAsConstraintsConfig(
+            String name, IConfigStore config, boolean isValueConfigured,
+            boolean isPolicyEnabled) throws EBaseException {
+        return _engine.createGeneralNamesAsConstraintsConfig(name, config,
+                isValueConfigured, isPolicyEnabled);
     }
 
     /**
      * Returns the finger print of the given certificate.
-     *
-     * @param cert certificate 
+     * 
+     * @param cert certificate
      * @return finger print of certificate
      */
     public static String getFingerPrint(Certificate cert)
-        throws CertificateEncodingException, NoSuchAlgorithmException {
+            throws CertificateEncodingException, NoSuchAlgorithmException {
         return _engine.getFingerPrint(cert);
     }
 
     /**
      * Returns the finger print of the given certificate.
-     *
-     * @param certDer DER byte array of the certificate 
+     * 
+     * @param certDer DER byte array of the certificate
      * @return finger print of certificate
      */
     public static String getFingerPrints(byte[] certDer)
-        throws NoSuchAlgorithmException {
+            throws NoSuchAlgorithmException {
         return _engine.getFingerPrints(certDer);
     }
 
     /**
      * Returns the finger print of the given certificate.
-     *
-     * @param cert certificate 
+     * 
+     * @param cert certificate
      * @return finger print of certificate
      */
     public static String getFingerPrints(Certificate cert)
-        throws NoSuchAlgorithmException, CertificateEncodingException {
+            throws NoSuchAlgorithmException, CertificateEncodingException {
         return _engine.getFingerPrints(cert);
     }
 
-    /** 
-     * Creates a HTTP PKI Message that can be sent to a remote
-     * authority.
-     *
+    /**
+     * Creates a HTTP PKI Message that can be sent to a remote authority.
+     * 
      * @return a new PKI Message for remote authority
      */
     public static IPKIMessage getHttpPKIMessage() {
         return _engine.getHttpPKIMessage();
     }
 
-    /** 
-     * Creates a request encoder. A request cannot be sent to
-     * the remote authority in its regular format.
-     *
+    /**
+     * Creates a request encoder. A request cannot be sent to the remote
+     * authority in its regular format.
+     * 
      * @return a request encoder
      */
     public static IRequestEncoder getHttpRequestEncoder() {
         return _engine.getHttpRequestEncoder();
     }
 
-    /** 
+    /**
      * Converts a BER-encoded byte array into a MIME-64 encoded string.
-     *
+     * 
      * @param data data in byte array format
      * @return base-64 encoding for the data
      */
@@ -1235,9 +1253,9 @@ public final class CMS {
         return _engine.BtoA(data);
     }
 
-    /** 
+    /**
      * Converts a MIME-64 encoded string into a BER-encoded byte array.
-     *
+     * 
      * @param data base-64 encoding for the data
      * @return data data in byte array format
      */
@@ -1246,42 +1264,40 @@ public final class CMS {
     }
 
     /**
-     * Retrieves the ldap connection information from the configuration
-     * store.
-     *
+     * Retrieves the ldap connection information from the configuration store.
+     * 
      * @param config configuration parameters of ldap connection
      * @return a LDAP connection info
      */
     public static ILdapConnInfo getLdapConnInfo(IConfigStore config)
-        throws EBaseException, ELdapException {
+            throws EBaseException, ELdapException {
         return _engine.getLdapConnInfo(config);
     }
 
     /**
-     * Creates a LDAP SSL socket with the given nickname. The 
-     * certificate associated with the nickname will be used
-     * for client authentication.
-     *
+     * Creates a LDAP SSL socket with the given nickname. The certificate
+     * associated with the nickname will be used for client authentication.
+     * 
      * @param certNickname nickname of client certificate
      * @return LDAP SSL socket factory
      */
-    public static  LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory(
-        String certNickname) {
+    public static LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory(
+            String certNickname) {
         return _engine.getLdapJssSSLSocketFactory(certNickname);
     }
 
     /**
      * Creates a LDAP SSL socket.
-     *
+     * 
      * @return LDAP SSL socket factory
      */
-    public static  LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory() {
+    public static LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory() {
         return _engine.getLdapJssSSLSocketFactory();
     }
 
     /**
      * Creates a LDAP Auth Info object.
-     *
+     * 
      * @return LDAP authentication info
      */
     public static ILdapAuthInfo getLdapAuthInfo() {
@@ -1290,27 +1306,27 @@ public final class CMS {
 
     /**
      * Retrieves the LDAP connection factory.
-     *
+     * 
      * @return bound LDAP connection pool
      */
     public static ILdapConnFactory getLdapBoundConnFactory()
-        throws ELdapException {
+            throws ELdapException {
         return _engine.getLdapBoundConnFactory();
     }
 
     /**
      * Retrieves the LDAP connection factory.
-     *
+     * 
      * @return anonymous LDAP connection pool
      */
     public static ILdapConnFactory getLdapAnonConnFactory()
-        throws ELdapException {
+            throws ELdapException {
         return _engine.getLdapAnonConnFactory();
     }
 
     /**
      * Retrieves the default X.509 certificate template.
-     *
+     * 
      * @return default certificate template
      */
     public static X509CertInfo getDefaultX509CertInfo() {
@@ -1318,9 +1334,9 @@ public final class CMS {
     }
 
     /**
-     * Retrieves the certifcate in MIME-64 encoded format
-     * with header and footer.
-     *
+     * Retrieves the certifcate in MIME-64 encoded format with header and
+     * footer.
+     * 
      * @param cert certificate
      * @return base-64 format certificate
      */
@@ -1328,26 +1344,26 @@ public final class CMS {
         return _engine.getEncodedCert(cert);
     }
 
-   /**
-    * Verifies all system certs
-    *  with tags defined in <subsystemtype>.cert.list
-    */
+    /**
+     * Verifies all system certs with tags defined in <subsystemtype>.cert.list
+     */
     public static boolean verifySystemCerts() {
         return _engine.verifySystemCerts();
     }
 
-   /**
-    * Verify a system cert by tag name
-    *  with tags defined in <subsystemtype>.cert.list
-    */
+    /**
+     * Verify a system cert by tag name with tags defined in
+     * <subsystemtype>.cert.list
+     */
     public static boolean verifySystemCertByTag(String tag) {
         return _engine.verifySystemCertByTag(tag);
     }
 
-   /**
-    * Verify a system cert by certificate nickname
-    */
-    public static boolean verifySystemCertByNickname(String nickname, String certificateUsage) {
+    /**
+     * Verify a system cert by certificate nickname
+     */
+    public static boolean verifySystemCertByNickname(String nickname,
+            String certificateUsage) {
         return _engine.verifySystemCertByNickname(nickname, certificateUsage);
     }
 
@@ -1360,7 +1376,7 @@ public final class CMS {
 
     /**
      * Checks if the given certificate is a signing certificate.
-     *
+     * 
      * @param cert certificate
      * @return true if the given certificate is a signing certificate
      */
@@ -1370,7 +1386,7 @@ public final class CMS {
 
     /**
      * Checks if the given certificate is an encryption certificate.
-     *
+     * 
      * @param cert certificate
      * @return true if the given certificate is an encryption certificate
      */
@@ -1380,7 +1396,7 @@ public final class CMS {
 
     /**
      * Retrieves the email form processor.
-     *
+     * 
      * @return email form processor
      */
     public static IEmailFormProcessor getEmailFormProcessor() {
@@ -1389,7 +1405,7 @@ public final class CMS {
 
     /**
      * Retrieves the email form template.
-     *
+     * 
      * @return email template
      */
     public static IEmailTemplate getEmailTemplate(String path) {
@@ -1398,7 +1414,7 @@ public final class CMS {
 
     /**
      * Retrieves the email notification handler.
-     *
+     * 
      * @return email notification
      */
     public static IMailNotification getMailNotification() {
@@ -1407,7 +1423,7 @@ public final class CMS {
 
     /**
      * Retrieves the email key resolver.
-     *
+     * 
      * @return email key resolver
      */
     public static IEmailResolverKeys getEmailResolverKeys() {
@@ -1416,19 +1432,19 @@ public final class CMS {
 
     /**
      * Checks if the given OID is valid.
-     *
+     * 
      * @param attrName attribute name
      * @param value attribute value
      * @return object identifier of the given attrName
      */
-    public static ObjectIdentifier checkOID(String attrName, String value) 
-        throws EBaseException { 
+    public static ObjectIdentifier checkOID(String attrName, String value)
+            throws EBaseException {
         return _engine.checkOID(attrName, value);
     }
 
     /**
      * Retrieves the email resolver that checks for subjectAlternateName.
-     *
+     * 
      * @return email key resolver
      */
     public static IEmailResolver getReqCertSANameEmailResolver() {
@@ -1437,7 +1453,7 @@ public final class CMS {
 
     /**
      * Retrieves the extension pretty print handler.
-     *
+     * 
      * @param e extension
      * @param indent indentation
      * @return extension pretty print handler
@@ -1445,10 +1461,10 @@ public final class CMS {
     public static IExtPrettyPrint getExtPrettyPrint(Extension e, int indent) {
         return _engine.getExtPrettyPrint(e, indent);
     }
-   
+
     /**
      * Retrieves the certificate pretty print handler.
-     *
+     * 
      * @param delimiter delimiter
      * @return certificate pretty print handler
      */
@@ -1458,7 +1474,7 @@ public final class CMS {
 
     /**
      * Retrieves the CRL pretty print handler.
-     *
+     * 
      * @param crl CRL
      * @return CRL pretty print handler
      */
@@ -1468,7 +1484,7 @@ public final class CMS {
 
     /**
      * Retrieves the CRL cache pretty print handler.
-     *
+     * 
      * @param ip CRL issuing point
      * @return CRL pretty print handler
      */
@@ -1478,7 +1494,7 @@ public final class CMS {
 
     /**
      * Retrieves the certificate pretty print handler.
-     *
+     * 
      * @param cert certificate
      * @return certificate pretty print handler
      */
@@ -1496,7 +1512,7 @@ public final class CMS {
 
     /**
      * Retrieves the password check.
-     *
+     * 
      * @return default password checker
      */
     public static IPasswordCheck getPasswordChecker() {
@@ -1505,7 +1521,7 @@ public final class CMS {
 
     /**
      * Puts a password entry into the single-sign on cache.
-     *
+     * 
      * @param tag password tag
      * @param pw password
      */
@@ -1524,7 +1540,7 @@ public final class CMS {
 
     /**
      * Retrieves command queue
-     *
+     * 
      * @return command queue
      */
     public static ICommandQueue getCommandQueue() {
@@ -1533,33 +1549,28 @@ public final class CMS {
 
     /**
      * Loads the configuration file and starts CMS's core implementation.
-     *
+     * 
      * @param path path to configuration file (CMS.cfg)
      * @exception EBaseException failed to start CMS
      */
     public static void start(String path) throws EBaseException {
-        //FileConfigStore mainConfig = null;
-/*
-        try {
-            mainConfig = new FileConfigStore(path);
-        } catch (EBaseException e) {
-            e.printStackTrace();
-            System.out.println(
-                "Error: The Server is not fully configured.\n" +
-                "Finish configuring server using Configure Setup Wizard in " +
-                "the Certificate Server Console.");
-            System.out.println(e.toString());
-            System.exit(0);
-        }
-*/
+        // FileConfigStore mainConfig = null;
+        /*
+         * try { mainConfig = new FileConfigStore(path); } catch (EBaseException
+         * e) { e.printStackTrace(); System.out.println(
+         * "Error: The Server is not fully configured.\n" +
+         * "Finish configuring server using Configure Setup Wizard in " +
+         * "the Certificate Server Console."); System.out.println(e.toString());
+         * System.exit(0); }
+         */
 
         String classname = "com.netscape.cmscore.apps.CMSEngine";
 
         CMS cms = null;
 
         try {
-            ICMSEngine engine = (ICMSEngine)
-                Class.forName(classname).newInstance();
+            ICMSEngine engine = (ICMSEngine) Class.forName(classname)
+                    .newInstance();
 
             cms = new CMS(engine);
             IConfigStore mainConfig = createFileConfigStore(path);
@@ -1568,16 +1579,16 @@ public final class CMS {
 
         } catch (EBaseException e) { // catch everything here purposely
             CMS.debug("CMS:Caught EBaseException");
-			CMS.debug(e);
+            CMS.debug(e);
 
-            // Raidzilla Bug #57592:  Always print error message to stdout.
+            // Raidzilla Bug #57592: Always print error message to stdout.
             System.out.println(e.toString());
 
             shutdown();
             throw e;
-        } catch (Exception e) { // catch everything here purposely 
-            ByteArrayOutputStream bos = new ByteArrayOutputStream(); 
-            PrintStream ps = new PrintStream(bos); 
+        } catch (Exception e) { // catch everything here purposely
+            ByteArrayOutputStream bos = new ByteArrayOutputStream();
+            PrintStream ps = new PrintStream(bos);
 
             e.printStackTrace(ps);
             System.out.println(Constants.SERVER_SHUTDOWN_MESSAGE);
@@ -1586,7 +1597,8 @@ public final class CMS {
         }
     }
 
-    public static IConfigStore createFileConfigStore(String path) throws EBaseException {
+    public static IConfigStore createFileConfigStore(String path)
+            throws EBaseException {
         return _engine.createFileConfigStore(path);
     }
 
@@ -1606,10 +1618,11 @@ public final class CMS {
         return _engine.isRevoked(certificates);
     }
 
-    public static void setListOfVerifiedCerts(int size, long interval, long unknownStateInterval) {
+    public static void setListOfVerifiedCerts(int size, long interval,
+            long unknownStateInterval) {
         _engine.setListOfVerifiedCerts(size, interval, unknownStateInterval);
     }
- 
+
     public static IPasswordStore getPasswordStore() {
         return _engine.getPasswordStore();
     }
diff --git a/pki/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java b/pki/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java
index 506a5e33f..7a4e13c07 100644
--- a/pki/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java
+++ b/pki/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.apps;
 
-
 import java.math.BigInteger;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.Certificate;
@@ -81,135 +80,135 @@ import com.netscape.cmsutil.net.ISocketFactory;
 import com.netscape.cmsutil.password.IPasswordStore;
 
 /**
- * This interface represents the CMS core framework. The
- * framework contains a set of services that provide
- * the foundation of a security application.
+ * This interface represents the CMS core framework. The framework contains a
+ * set of services that provide the foundation of a security application.
  * <p>
- * The engine implementation is loaded by CMS at startup.
- * It is responsible for starting up all the related
- * subsystems.
+ * The engine implementation is loaded by CMS at startup. It is responsible for
+ * starting up all the related subsystems.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICMSEngine extends ISubsystem {
 
     /**
      * Gets this ID .
-     *
+     * 
      * @return CMS engine identifier
      */
     public String getId();
 
     /**
-     * Sets the identifier of this subsystem. Should never be called.
-     * Returns error.
-     *
+     * Sets the identifier of this subsystem. Should never be called. Returns
+     * error.
+     * 
      * @param id CMS engine identifier
      */
     public void setId(String id) throws EBaseException;
 
     /**
      * Retrieves the process id of this server.
-     *
+     * 
      * @return process id of the server
      */
     public int getpid();
 
     public void reinit(String id) throws EBaseException;
+
     public int getCSState();
+
     public void setCSState(int mode);
+
     public boolean isPreOpMode();
+
     public boolean isRunningMode();
+
     /**
      * Retrieves the instance roort path of this server.
-     *
+     * 
      * @return instance directory path name
      */
     public String getInstanceDir();
 
     /**
-     * Returns a server wide system time. Plugins should call
-     * this method to retrieve system time.
-     *
+     * Returns a server wide system time. Plugins should call this method to
+     * retrieve system time.
+     * 
      * @return current time
      */
     public Date getCurrentDate();
 
     /**
      * Retrieves time server started up.
-     *
+     * 
      * @return last startup time
      */
     public long getStartupTime();
 
     /**
-     * Is the server in running state. After server startup, the
-     * server will be initialization state first. After the
-     * initialization state, the server will be in the running
-     * state.
-     *
+     * Is the server in running state. After server startup, the server will be
+     * initialization state first. After the initialization state, the server
+     * will be in the running state.
+     * 
      * @return true if the server is in the running state
      */
     public boolean isInRunningState();
 
     /**
      * Returns the names of all the registered subsystems.
-     *
+     * 
      * @return a list of string-based subsystem names
      */
     public Enumeration getSubsystemNames();
 
     /**
      * Returns all the registered subsystems.
-     *
+     * 
      * @return a list of ISubsystem-based subsystems
      */
     public Enumeration getSubsystems();
 
     /**
      * Retrieves the registered subsytem with the given name.
-     *
+     * 
      * @param name subsystem name
      * @return subsystem of the given name
      */
     public ISubsystem getSubsystem(String name);
 
     /**
-     * Returns the logger of the current server. The logger can
-     * be used to log critical informational or critical error
-     * messages.
-     *
+     * Returns the logger of the current server. The logger can be used to log
+     * critical informational or critical error messages.
+     * 
      * @return logger
      */
     public ILogger getLogger();
 
     /**
-     * Returns the signed audit logger of the current server. This logger can
-     * be used to log critical informational or critical error
-     * messages.
-     *
+     * Returns the signed audit logger of the current server. This logger can be
+     * used to log critical informational or critical error messages.
+     * 
      * @return signed audit logger
      */
     public ILogger getSignedAuditLogger();
 
     /**
      * Puts data of an byte array into the debug file.
-     *
+     * 
      * @param data byte array to be recorded in the debug file
      */
     public void debug(byte data[]);
 
     /**
      * Puts a message into the debug file.
-     *
+     * 
      * @param msg debugging message
      */
     public void debug(String msg);
 
     /**
      * Puts a message into the debug file.
-     *
+     * 
      * @param level 0-10
      * @param msg debugging message
      */
@@ -217,14 +216,14 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Puts an exception into the debug file.
-     *
+     * 
      * @param e exception
      */
     public void debug(Throwable e);
 
     /**
      * Checks if the debug mode is on or not.
-     *
+     * 
      * @return true if debug mode is on
      */
     public boolean debugOn();
@@ -234,20 +233,20 @@ public interface ICMSEngine extends ISubsystem {
      */
     public void debugStackTrace();
 
-	
-	/**
-	 * Dump name/value pair debug information to debug file
-	 */
+    /**
+     * Dump name/value pair debug information to debug file
+     */
     public void traceHashKey(String type, String key);
+
     public void traceHashKey(String type, String key, String val);
-    public void traceHashKey(String type, String key, String val, String def);
 
+    public void traceHashKey(String type, String key, String val, String def);
 
     public byte[] getPKCS7(Locale locale, IRequest req);
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @return localized user message
@@ -256,7 +255,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p an array of parameters
@@ -266,7 +265,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -276,18 +275,19 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
      * @return localized user message
      */
-    public String getUserMessage(Locale locale, String msgID, String p1, String p2);
+    public String getUserMessage(Locale locale, String msgID, String p1,
+            String p2);
 
     /**
      * Retrieves the localized user message from UserMessages.properties.
-     *
+     * 
      * @param locale end-user locale
      * @param msgID message id defined in UserMessages.properties
      * @param p1 1st parameter
@@ -295,11 +295,12 @@ public interface ICMSEngine extends ISubsystem {
      * @param p3 3rd parameter
      * @return localized user message
      */
-    public String getUserMessage(Locale locale, String msgID, String p1, String p2, String p3);
+    public String getUserMessage(Locale locale, String msgID, String p1,
+            String p2, String p3);
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @return localized log message
      */
@@ -307,7 +308,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p an array of parameters
      * @return localized log message
@@ -316,7 +317,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @return localized log message
@@ -325,7 +326,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -335,7 +336,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -346,7 +347,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -354,11 +355,12 @@ public interface ICMSEngine extends ISubsystem {
      * @param p4 4th parameter
      * @return localized log message
      */
-    public String getLogMessage(String msgID, String p1, String p2, String p3, String p4);
+    public String getLogMessage(String msgID, String p1, String p2, String p3,
+            String p4);
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -367,11 +369,12 @@ public interface ICMSEngine extends ISubsystem {
      * @param p5 5th parameter
      * @return localized log message
      */
-    public String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5);
+    public String getLogMessage(String msgID, String p1, String p2, String p3,
+            String p4, String p5);
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -381,11 +384,12 @@ public interface ICMSEngine extends ISubsystem {
      * @param p6 6th parameter
      * @return localized log message
      */
-    public String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6);
+    public String getLogMessage(String msgID, String p1, String p2, String p3,
+            String p4, String p5, String p6);
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -396,11 +400,12 @@ public interface ICMSEngine extends ISubsystem {
      * @param p7 7th parameter
      * @return localized log message
      */
-    public String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6, String p7);
+    public String getLogMessage(String msgID, String p1, String p2, String p3,
+            String p4, String p5, String p6, String p7);
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -412,11 +417,12 @@ public interface ICMSEngine extends ISubsystem {
      * @param p8 8th parameter
      * @return localized log message
      */
-    public String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6, String p7, String p8);
+    public String getLogMessage(String msgID, String p1, String p2, String p3,
+            String p4, String p5, String p6, String p7, String p8);
 
     /**
      * Retrieves the centralized log message from LogMessages.properties.
-     *
+     * 
      * @param msgID message id defined in LogMessages.properties
      * @param p1 1st parameter
      * @param p2 2nd parameter
@@ -429,12 +435,15 @@ public interface ICMSEngine extends ISubsystem {
      * @param p9 9th parameter
      * @return localized log message
      */
-    public String getLogMessage(String msgID, String p1, String p2, String p3, String p4, String p5, String p6, String p7, String p8, String p9);
+    public String getLogMessage(String msgID, String p1, String p2, String p3,
+            String p4, String p5, String p6, String p7, String p8, String p9);
 
     /**
      * Parse ACL resource attributes
+     * 
      * @param resACLs same format as the resourceACLs attribute:
-     * <PRE>
+     * 
+     *            <PRE>
      *     <resource name>:<permission1,permission2,...permissionn>:
      *     <allow|deny> (<subset of the permission set>) <evaluator expression>
      * </PRE>
@@ -445,71 +454,72 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Creates an issuing poing record.
-     *
+     * 
      * @return issuing record
      */
-    public ICRLIssuingPointRecord createCRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize, Date thisUpdate, Date nextUpdate);
+    public ICRLIssuingPointRecord createCRLIssuingPointRecord(String id,
+            BigInteger crlNumber, Long crlSize, Date thisUpdate, Date nextUpdate);
 
     /**
      * Retrieves the default CRL issuing point record name.
-     *
+     * 
      * @return CRL issuing point record name
      */
     public String getCRLIssuingPointRecordName();
 
     /**
      * Returns the finger print of the given certificate.
-     *
+     * 
      * @param cert certificate
      * @return finger print of certificate
      */
     public String getFingerPrint(Certificate cert)
-        throws CertificateEncodingException, NoSuchAlgorithmException;
+            throws CertificateEncodingException, NoSuchAlgorithmException;
 
     /**
      * Returns the finger print of the given certificate.
-     *
+     * 
      * @param cert certificate
      * @return finger print of certificate
      */
     public String getFingerPrints(Certificate cert)
-        throws NoSuchAlgorithmException, CertificateEncodingException;
+            throws NoSuchAlgorithmException, CertificateEncodingException;
 
-	/*
+    /*
      * Returns the finger print of the given certificate.
-     *
+     * 
      * @param certDer DER byte array of certificate
+     * 
      * @return finger print of certificate
      */
     public String getFingerPrints(byte[] certDer)
-		 throws NoSuchAlgorithmException;
+            throws NoSuchAlgorithmException;
 
     /**
      * Creates a repository record in the internal database.
-     *
+     * 
      * @return repository record
      */
     public IRepositoryRecord createRepositoryRecord();
 
     /**
-     * Creates a HTTP PKI Message that can be sent to a remote
-     * authority.
-     *
+     * Creates a HTTP PKI Message that can be sent to a remote authority.
+     * 
      * @return a new PKI Message for remote authority
      */
     public IPKIMessage getHttpPKIMessage();
 
     /**
-     * Creates a request encoder. A request cannot be sent to
-     * the remote authority in its regular format.
-     *
+     * Creates a request encoder. A request cannot be sent to the remote
+     * authority in its regular format.
+     * 
      * @return a request encoder
      */
     public IRequestEncoder getHttpRequestEncoder();
 
     /**
      * Converts a BER-encoded byte array into a MIME-64 encoded string.
-     *
+     * 
      * @param data data in byte array format
      * @return base-64 encoding for the data
      */
@@ -517,16 +527,16 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Converts a MIME-64 encoded string into a BER-encoded byte array.
-     *
+     * 
      * @param data base-64 encoding for the data
      * @return data data in byte array format
      */
     public byte[] AtoB(String data);
 
     /**
-     * Retrieves the certifcate in MIME-64 encoded format
-     * with header and footer.
-     *
+     * Retrieves the certifcate in MIME-64 encoded format with header and
+     * footer.
+     * 
      * @param cert certificate
      * @return base-64 format certificate
      */
@@ -534,7 +544,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the certificate pretty print handler.
-     *
+     * 
      * @param delimiter delimiter
      * @return certificate pretty print handler
      */
@@ -542,7 +552,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the extension pretty print handler.
-     *
+     * 
      * @param e extension
      * @param indent indentation
      * @return extension pretty print handler
@@ -551,7 +561,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the certificate pretty print handler.
-     *
+     * 
      * @param cert certificate
      * @return certificate pretty print handler
      */
@@ -559,7 +569,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the CRL pretty print handler.
-     *
+     * 
      * @param crl CRL
      * @return CRL pretty print handler
      */
@@ -567,74 +577,73 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the CRL cache pretty print handler.
-     *
+     * 
      * @param ip CRL issuing point
      * @return CRL pretty print handler
      */
     public ICRLPrettyPrint getCRLCachePrettyPrint(ICRLIssuingPoint ip);
 
     /**
-     * Retrieves the ldap connection information from the configuration
-     * store.
-     *
+     * Retrieves the ldap connection information from the configuration store.
+     * 
      * @param config configuration parameters of ldap connection
      * @return a LDAP connection info
      */
-    public  ILdapConnInfo getLdapConnInfo(IConfigStore config)
-        throws EBaseException, ELdapException;
+    public ILdapConnInfo getLdapConnInfo(IConfigStore config)
+            throws EBaseException, ELdapException;
 
     /**
-     * Creates a LDAP SSL socket with the given nickname. The
-     * certificate associated with the nickname will be used
-     * for client authentication.
-     *
+     * Creates a LDAP SSL socket with the given nickname. The certificate
+     * associated with the nickname will be used for client authentication.
+     * 
      * @param certNickname nickname of client certificate
      * @return LDAP SSL socket factory
      */
-    public   LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory(
-        String certNickname);
+    public LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory(
+            String certNickname);
 
     /**
      * Creates a LDAP SSL socket.
-     *
+     * 
      * @return LDAP SSL socket factory
      */
-    public  LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory();
+    public LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory();
 
     /**
      * Creates a LDAP Auth Info object.
-     *
+     * 
      * @return LDAP authentication info
      */
     public ILdapAuthInfo getLdapAuthInfo();
 
     /**
      * Retrieves the LDAP connection factory.
-     *
+     * 
      * @return bound LDAP connection pool
      */
     public ILdapConnFactory getLdapBoundConnFactory() throws ELdapException;
 
     public LDAPConnection getBoundConnection(String host, int port,
-               int version, LDAPSSLSocketFactoryExt fac, String bindDN,
-               String bindPW) throws LDAPException;
+            int version, LDAPSSLSocketFactoryExt fac, String bindDN,
+            String bindPW) throws LDAPException;
+
     /**
      * Retrieves the LDAP connection factory.
-     *
+     * 
      * @return anonymous LDAP connection pool
      */
     public ILdapConnFactory getLdapAnonConnFactory() throws ELdapException;
 
     /**
      * Retrieves the password check.
-     *
+     * 
      * @return default password checker
      */
     public IPasswordCheck getPasswordChecker();
 
     /**
      * Puts a password entry into the single-sign on cache.
-     *
+     * 
      * @param tag password tag
      * @param pw password
      */
@@ -642,21 +651,21 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the password callback.
-     *
+     * 
      * @return default password callback
      */
     public PasswordCallback getPasswordCallback();
 
     /**
      * Retrieves the nickname of the server's server certificate.
-     *
+     * 
      * @return nickname of the server certificate
      */
     public String getServerCertNickname();
 
     /**
      * Sets the nickname of the server's server certificate.
-     *
+     * 
      * @param tokenName name of token where the certificate is located
      * @param nickName name of server certificate
      */
@@ -664,137 +673,143 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Sets the nickname of the server's server certificate.
-     *
+     * 
      * @param newName new nickname of server certificate
      */
     public void setServerCertNickname(String newName);
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     *
+     * 
      * @return host name of end-entity service
      */
     public String getEEHost();
 
     /**
      * Retrieves the host name of the server's non-secure end entity service.
-     *
+     * 
      * @return host name of end-entity non-secure service
      */
     public String getEENonSSLHost();
 
     /**
      * Retrieves the IP address of the server's non-secure end entity service.
-     *
+     * 
      * @return ip address of end-entity non-secure service
      */
     public String getEENonSSLIP();
 
     /**
      * Retrieves the port number of the server's non-secure end entity service.
-     *
+     * 
      * @return port of end-entity non-secure service
      */
     public String getEENonSSLPort();
 
     /**
      * Retrieves the host name of the server's secure end entity service.
-     *
+     * 
      * @return port of end-entity secure service
      */
     public String getEESSLHost();
 
     /**
      * Retrieves the IP address of the server's secure end entity service.
-     *
+     * 
      * @return ip address of end-entity secure service
      */
     public String getEESSLIP();
 
     /**
      * Retrieves the port number of the server's secure end entity service.
-     *
+     * 
      * @return port of end-entity secure service
      */
     public String getEESSLPort();
 
     /**
-     * Retrieves the port number of the server's client auth secure end entity service.
-     *
+     * Retrieves the port number of the server's client auth secure end entity
+     * service.
+     * 
      * @return port of end-entity client auth secure service
      */
     public String getEEClientAuthSSLPort();
 
     /**
      * Retrieves the host name of the server's agent service.
-     *
+     * 
      * @return host name of agent service
      */
     public String getAgentHost();
 
     /**
      * Retrieves the IP address of the server's agent service.
-     *
+     * 
      * @return ip address of agent service
      */
     public String getAgentIP();
 
     /**
      * Retrieves the port number of the server's agent service.
-     *
+     * 
      * @return port of agent service
      */
     public String getAgentPort();
 
     /**
      * Retrieves the host name of the server's administration service.
-     *
+     * 
      * @return host name of administration service
      */
     public String getAdminHost();
 
     /**
      * Retrieves the IP address of the server's administration service.
-     *
+     * 
      * @return ip address of administration service
      */
     public String getAdminIP();
 
     /**
      * Retrieves the port number of the server's administration service.
-     *
+     * 
      * @return port of administration service
      */
     public String getAdminPort();
 
     /**
      * Verifies all system certificates
+     * 
      * @return true if all passed, false otherwise
      */
-     public boolean verifySystemCerts();
+    public boolean verifySystemCerts();
 
     /**
-     * Verifies a system certificate by its tag name
-     * as defined in <subsystemtype>.cert.list
+     * Verifies a system certificate by its tag name as defined in
+     * <subsystemtype>.cert.list
+     * 
      * @return true if passed, false otherwise
      */
     public boolean verifySystemCertByTag(String tag);
 
     /**
      * Verifies a system certificate by its nickname
+     * 
      * @return true if passed, false otherwise
      */
-    public boolean verifySystemCertByNickname(String nickname, String certificateUsage);
+    public boolean verifySystemCertByNickname(String nickname,
+            String certificateUsage);
 
     /**
      * get the CertificateUsage as defined in JSS CryptoManager
+     * 
      * @return CertificateUsage as defined in JSS CryptoManager
      */
     public CertificateUsage getCertificateUsage(String certusage);
 
     /**
      * Checks if the given certificate is a signing certificate.
-     *
+     * 
      * @param cert certificate
      * @return true if the given certificate is a signing certificate
      */
@@ -802,7 +817,7 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Checks if the given certificate is an encryption certificate.
-     *
+     * 
      * @param cert certificate
      * @return true if the given certificate is an encryption certificate
      */
@@ -810,209 +825,215 @@ public interface ICMSEngine extends ISubsystem {
 
     /**
      * Retrieves the default X.509 certificate template.
-     *
+     * 
      * @return default certificate template
      */
     public X509CertInfo getDefaultX509CertInfo();
 
     /**
      * Retrieves the email form processor.
-     *
+     * 
      * @return email form processor
      */
     public IEmailFormProcessor getEmailFormProcessor();
 
     /**
      * Retrieves the email form template.
-     *
+     * 
      * @return email template
      */
     public IEmailTemplate getEmailTemplate(String path);
 
     /**
      * Retrieves the email notification handler.
-     *
+     * 
      * @return email notification
      */
     public IMailNotification getMailNotification();
 
     /**
      * Retrieves the email key resolver.
-     *
+     * 
      * @return email key resolver
      */
     public IEmailResolverKeys getEmailResolverKeys();
 
     /**
      * Retrieves the email resolver that checks for subjectAlternateName.
-     *
+     * 
      * @return email key resolver
      */
     public IEmailResolver getReqCertSANameEmailResolver();
 
     /**
      * Checks if the given OID is valid.
-     *
+     * 
      * @param attrName attribute name
      * @param value attribute value
      * @return object identifier of the given attrName
      */
     public ObjectIdentifier checkOID(String attrName, String value)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Creates a general name constraints.
-     *
+     * 
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
      * @exception EBaseException failed to create general name constraint
      */
-    public  GeneralName form_GeneralNameAsConstraints(String generalNameChoice, String value) throws EBaseException;
+    public GeneralName form_GeneralNameAsConstraints(String generalNameChoice,
+            String value) throws EBaseException;
 
     /**
      * Creates a general name.
-     *
+     * 
      * @param generalNameChoice type of general name
      * @param value general name string
      * @return general name object
      * @exception EBaseException failed to create general name
      */
-    public  GeneralName form_GeneralName(String generalNameChoice,
-        String value) throws EBaseException;
+    public GeneralName form_GeneralName(String generalNameChoice, String value)
+            throws EBaseException;
 
     /**
      * Retrieves default general name configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  void getGeneralNameConfigDefaultParams(String name,
-        boolean isValueConfigured, Vector params);
+    public void getGeneralNameConfigDefaultParams(String name,
+            boolean isValueConfigured, Vector params);
 
     /**
      * Retrieves default general names configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param params configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  void getGeneralNamesConfigDefaultParams(String name,
-        boolean isValueConfigured, Vector params);
+    public void getGeneralNamesConfigDefaultParams(String name,
+            boolean isValueConfigured, Vector params);
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  void getGeneralNameConfigExtendedPluginInfo(String name,
-        boolean isValueConfigured, Vector info);
+    public void getGeneralNameConfigExtendedPluginInfo(String name,
+            boolean isValueConfigured, Vector info);
 
     /**
      * Retrieves extended plugin info for general name configuration.
-     *
+     * 
      * @param name configuration name
      * @param isValueConfigured true if value is configured
      * @param info configuration parameters
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  void getGeneralNamesConfigExtendedPluginInfo(String name,
-        boolean isValueConfigured, Vector info);
+    public void getGeneralNamesConfigExtendedPluginInfo(String name,
+            boolean isValueConfigured, Vector info);
 
     /**
      * Created general names configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @param isPolicyEnabled true if policy is enabled
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  IGeneralNamesConfig createGeneralNamesConfig(String name,
-        IConfigStore config, boolean isValueConfigured,
-        boolean isPolicyEnabled) throws EBaseException;
+    public IGeneralNamesConfig createGeneralNamesConfig(String name,
+            IConfigStore config, boolean isValueConfigured,
+            boolean isPolicyEnabled) throws EBaseException;
 
     /**
      * Created general name constraints configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @param isPolicyEnabled true if policy is enabled
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  IGeneralNameAsConstraintsConfig createGeneralNameAsConstraintsConfig(String name, IConfigStore config, boolean isValueConfigured,
-        boolean isPolicyEnabled) throws EBaseException;
+    public IGeneralNameAsConstraintsConfig createGeneralNameAsConstraintsConfig(
+            String name, IConfigStore config, boolean isValueConfigured,
+            boolean isPolicyEnabled) throws EBaseException;
 
     /**
      * Created general name constraints configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @param isPolicyEnabled true if policy is enabled
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  IGeneralNamesAsConstraintsConfig createGeneralNamesAsConstraintsConfig(String name, IConfigStore config, boolean isValueConfigured,
-        boolean isPolicyEnabled) throws EBaseException;
+    public IGeneralNamesAsConstraintsConfig createGeneralNamesAsConstraintsConfig(
+            String name, IConfigStore config, boolean isValueConfigured,
+            boolean isPolicyEnabled) throws EBaseException;
 
     /**
      * Get default parameters for subject alt name configuration.
-     *
+     * 
      * @param name configuration name
      * @param params configuration parameters
      */
-    public  void getSubjAltNameConfigDefaultParams(String name, Vector params);
+    public void getSubjAltNameConfigDefaultParams(String name, Vector params);
 
     /**
      * Get extended plugin info for subject alt name configuration.
-     *
+     * 
      * @param name configuration name
      * @param params configuration parameters
      */
-    public  void getSubjAltNameConfigExtendedPluginInfo(String name, Vector params);
+    public void getSubjAltNameConfigExtendedPluginInfo(String name,
+            Vector params);
 
     /**
      * Creates subject alt name configuration.
-     *
+     * 
      * @param name configuration name
      * @param config configuration store
      * @param isValueConfigured true if value is configured
      * @exception EBaseException failed to create subject alt name configuration
      */
-    public  ISubjAltNameConfig createSubjAltNameConfig(String name, IConfigStore config, boolean isValueConfigured) throws EBaseException;
+    public ISubjAltNameConfig createSubjAltNameConfig(String name,
+            IConfigStore config, boolean isValueConfigured)
+            throws EBaseException;
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     *
+     * 
      * @param authority remote authority
      * @param factory socket factory
      * @return http connection to the remote authority
      */
     public IHttpConnection getHttpConnection(IRemoteAuthority authority,
-        ISocketFactory factory);
+            ISocketFactory factory);
 
     /**
      * Retrieves the HTTP Connection for use with connector.
-     *
+     * 
      * @param authority remote authority
      * @param factory socket factory
      * @param timeout return error if connection cannot be established within
-     *       the timeout period
+     *            the timeout period
      * @return http connection to the remote authority
      */
     public IHttpConnection getHttpConnection(IRemoteAuthority authority,
-        ISocketFactory factory, int timeout);
+            ISocketFactory factory, int timeout);
 
     /**
      * Retrieves the request sender for use with connector.
-     *
+     * 
      * @param authority local authority
      * @param nickname nickname of the client certificate
      * @param remote remote authority
@@ -1020,11 +1041,11 @@ public interface ICMSEngine extends ISubsystem {
      * @return resender
      */
     public IResender getResender(IAuthority authority, String nickname,
-        IRemoteAuthority remote, int interval);
+            IRemoteAuthority remote, int interval);
 
     /**
      * Retrieves command queue
-     *
+     * 
      * @return command queue
      */
     public ICommandQueue getCommandQueue();
@@ -1040,22 +1061,24 @@ public interface ICMSEngine extends ISubsystem {
     public void terminateRequests();
 
     /**
-     * Checks to ensure that all new incoming requests have been blocked.
-     * This method is used for reentrancy protection.
+     * Checks to ensure that all new incoming requests have been blocked. This
+     * method is used for reentrancy protection.
      * <P>
-     *
+     * 
      * @return true or false
      */
     public boolean areRequestsDisabled();
 
     /**
      * Create configuration file.
-     *
+     * 
      * @param path configuration path
      * @return configuration store
      * @exception EBaseException failed to create file
      */
-    public IConfigStore createFileConfigStore(String path) throws EBaseException;
+    public IConfigStore createFileConfigStore(String path)
+            throws EBaseException;
+
     /**
      * Creates argument block.
      */
@@ -1072,31 +1095,31 @@ public interface ICMSEngine extends ISubsystem {
     public IArgBlock createArgBlock(Hashtable httpReq);
 
     /**
-     * Checks against the local certificate repository to see 
-     * if the certificates are revoked.
-     *
+     * Checks against the local certificate repository to see if the
+     * certificates are revoked.
+     * 
      * @param certificates certificates
-     * @return true if certificate is revoked in the local 
-     *        certificate repository
+     * @return true if certificate is revoked in the local certificate
+     *         repository
      */
     public boolean isRevoked(X509Certificate[] certificates);
 
     /**
      * Sets list of verified certificates
-     *
+     * 
      * @param size size of verified certificates list
-     * @param interval interval in which certificate is not recheck
-     *        against local certificate repository
-     * @param unknownStateInterval interval in which certificate
-     *        may not recheck against local certificate repository
+     * @param interval interval in which certificate is not recheck against
+     *            local certificate repository
+     * @param unknownStateInterval interval in which certificate may not recheck
+     *            against local certificate repository
      */
-    public void setListOfVerifiedCerts(int size, long interval, long unknownStateInterval);
+    public void setListOfVerifiedCerts(int size, long interval,
+            long unknownStateInterval);
 
     /**
-    * Performs graceful shutdown of CMS.
-    * Subsystems are shutdown in reverse order.
-    * Exceptions are ignored.
-    */
+     * Performs graceful shutdown of CMS. Subsystems are shutdown in reverse
+     * order. Exceptions are ignored.
+     */
     public void forceShutdown();
 
     public IPasswordStore getPasswordStore();
@@ -1107,4 +1130,3 @@ public interface ICMSEngine extends ISubsystem {
 
     public String getConfigSDSessionId();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java b/pki/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java
index 5e2231921..c9035e9df 100644
--- a/pki/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java
+++ b/pki/base/common/src/com/netscape/certsrv/apps/ICommandQueue.java
@@ -17,12 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.apps;
 
-
-
-
 /**
- * This interface represents a command queue for registeration
- * and unregisteration proccess for clean shutdown
+ * This interface represents a command queue for registeration and
+ * unregisteration proccess for clean shutdown
  * 
  * @version $Revision$, $Date$
  */
@@ -30,17 +27,18 @@ public interface ICommandQueue {
 
     /**
      * Registers a thread into the command queue.
-     *
+     * 
      * @param currentRequest request object
      * @param currentServlet servlet that serves the request object
      */
     public boolean registerProcess(Object currentRequest, Object currentServlet);
+
     /**
      * UnRegisters a thread from the command queue.
-     *
+     * 
      * @param currentRequest request object
      * @param currentServlet servlet that serves the request object
      */
     public void unRegisterProccess(Object currentRequest, Object currentServlet);
-            
+
 } // CommandQueue
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java b/pki/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java
index 222f9a613..b42bd5348 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/AuthCredentials.java
@@ -23,10 +23,10 @@ import java.util.Hashtable;
 import com.netscape.certsrv.base.IArgBlock;
 
 /**
- * Authentication Credentials as input to the authMgr. It contains all the 
+ * Authentication Credentials as input to the authMgr. It contains all the
  * information required for authentication in the authMgr.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthCredentials implements IAuthCredentials {
@@ -36,7 +36,7 @@ public class AuthCredentials implements IAuthCredentials {
     private static final long serialVersionUID = 5862936214648594328L;
     private Hashtable authCreds = null;
     private IArgBlock argblk = null;
-    
+
     /**
      * Constructor
      */
@@ -45,7 +45,9 @@ public class AuthCredentials implements IAuthCredentials {
     }
 
     /**
-     * Sets an authentication credential with credential name and the credential object
+     * Sets an authentication credential with credential name and the credential
+     * object
+     * 
      * @param name credential name
      * @param cred credential object
      */
@@ -56,7 +58,8 @@ public class AuthCredentials implements IAuthCredentials {
 
     /**
      * Returns the credential to which the specified name is mapped in this
-     *	 credential set
+     * credential set
+     * 
      * @param name credential name
      * @return the authentication credential for the given name
      */
@@ -65,9 +68,10 @@ public class AuthCredentials implements IAuthCredentials {
     }
 
     /**
-     * Removes the name and its corresponding credential from this
-     *	 credential set.  This method does nothing if the named
-     *	 credential is not in the credential set.
+     * Removes the name and its corresponding credential from this credential
+     * set. This method does nothing if the named credential is not in the
+     * credential set.
+     * 
      * @param name credential name
      */
     public void delete(String name) {
@@ -75,29 +79,29 @@ public class AuthCredentials implements IAuthCredentials {
     }
 
     /**
-     * Returns an enumeration of the credentials in this credential
-     * set. Use the Enumeration methods on the returned object to
-     * fetch the elements sequentially.
+     * Returns an enumeration of the credentials in this credential set. Use the
+     * Enumeration methods on the returned object to fetch the elements
+     * sequentially.
+     * 
      * @return an enumeration of the values in this credential set
      */
     public Enumeration getElements() {
         return (authCreds.elements());
     }
-    
+
     /**
-     * Set the given argblock
-i    * @param blk the given argblock.
+     * Set the given argblock i * @param blk the given argblock.
      */
     public void setArgBlock(IArgBlock blk) {
         argblk = blk;
-    }        
+    }
 
     /**
      * Returns the argblock.
+     * 
      * @return the argblock.
      */
     public IArgBlock getArgBlock() {
         return argblk;
-    }        
+    }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java b/pki/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java
index f98276ec5..006065dd7 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/AuthManagerProxy.java
@@ -17,10 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authentication;
 
-
 /**
- * A class represents an authentication manager. It contains an
- * authentication manager instance and its state (enable or not).
+ * A class represents an authentication manager. It contains an authentication
+ * manager instance and its state (enable or not).
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthManagerProxy {
@@ -29,9 +29,10 @@ public class AuthManagerProxy {
 
     /**
      * Constructor
+     * 
      * @param enable true if the authMgr is enabled; false otherwise
      * @param mgr authentication manager instance
-    */
+     */
     public AuthManagerProxy(boolean enable, IAuthManager mgr) {
         mEnable = enable;
         mMgr = mgr;
@@ -39,7 +40,8 @@ public class AuthManagerProxy {
 
     /**
      * Returns the state of the authentication manager instance
-     * @return true if the state of the authentication manager instance is 
+     * 
+     * @return true if the state of the authentication manager instance is
      *         enabled; false otherwise.
      */
     public boolean isEnable() {
@@ -48,6 +50,7 @@ public class AuthManagerProxy {
 
     /**
      * Returns an authentication manager instance.
+     * 
      * @return an authentication manager instance
      */
     public IAuthManager getAuthManager() {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java b/pki/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java
index f060db5f2..18939ed72 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/AuthMgrPlugin.java
@@ -17,13 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authentication;
 
-
-
-
 /**
  * This class represents a registered authentication manager plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthMgrPlugin {
@@ -34,21 +31,24 @@ public class AuthMgrPlugin {
 
     /**
      * Constructs a AuthManager plugin.
+     * 
      * @param id auth manager implementation name
      * @param classPath class path
      */
     public AuthMgrPlugin(String id, String classPath) {
 
         /*
-         if (id == null || classPath == null)
-         throw new AssertionException("Authentication Manager id or classpath can't be null");
+         * if (id == null || classPath == null) throw new
+         * AssertionException("Authentication Manager id or classpath can't be null"
+         * );
          */
         mId = id;
         mClassPath = classPath;
     }
-		
+
     /**
      * Returns an auth manager implementation name
+     * 
      * @return an auth manager implementation name
      */
     public String getId() {
@@ -57,22 +57,25 @@ public class AuthMgrPlugin {
 
     /**
      * Returns a classpath of a AuthManager plugin
+     * 
      * @return a classpath of a AuthManager plugin
      */
     public String getClassPath() {
         return mClassPath;
     }
 
-    /** 
+    /**
      * Returns a visibility of the plugin
+     * 
      * @return a visibility of the plugin
      */
     public boolean isVisible() {
         return mVisible;
     }
 
-    /** 
+    /**
      * Sets visibility of the plugin
+     * 
      * @param visibility visibility of the plugin
      */
     public void setVisible(boolean visibility) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/AuthResources.java b/pki/base/common/src/com/netscape/certsrv/authentication/AuthResources.java
index 138a07ebb..35e810112 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/AuthResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/AuthResources.java
@@ -22,7 +22,7 @@ import java.util.ListResourceBundle;
 /**
  * A class represents a resource bundle for the authentication component.
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -30,6 +30,7 @@ public class AuthResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
+     * 
      * @return the contents of this resource
      */
     public Object[][] getContents() {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/AuthToken.java b/pki/base/common/src/com/netscape/certsrv/authentication/AuthToken.java
index 7d2d5eb9d..80938d90e 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/AuthToken.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/AuthToken.java
@@ -38,13 +38,13 @@ import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.usrgrp.Certificates;
 
 /**
- * Authentication token returned by Authentication Managers.
- * Upon return, it contains authentication/identification information
- * as well as information retrieved from the database where the
- * authentication was done against.  Each authentication manager has
- * its own list of such information.  See individual authenticaiton
- * manager for more details.
+ * Authentication token returned by Authentication Managers. Upon return, it
+ * contains authentication/identification information as well as information
+ * retrieved from the database where the authentication was done against. Each
+ * authentication manager has its own list of such information. See individual
+ * authenticaiton manager for more details.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthToken implements IAuthToken {
@@ -74,43 +74,45 @@ public class AuthToken implements IAuthToken {
     public static final String TOKEN_CERT_TO_REVOKE = "tokenCertToRevoke";
 
     /**
-     * Plugin name of the authentication manager that created the 
-     * AuthToken as a string.
+     * Plugin name of the authentication manager that created the AuthToken as a
+     * string.
      */
     public static final String TOKEN_AUTHMGR_IMPL_NAME = "authMgrImplName";
 
     /**
-     * Name of the authentication manager that created the AuthToken
-     * as a string.
+     * Name of the authentication manager that created the AuthToken as a
+     * string.
      */
     public static final String TOKEN_AUTHMGR_INST_NAME = "authMgrInstName";
 
     /**
-     * Time of authentication as a java.util.Date 
+     * Time of authentication as a java.util.Date
      */
     public static final String TOKEN_AUTHTIME = "authTime";
 
     /**
-     * Constructs an instance of a authentication token.
-     * The token by default contains the following attributes: <br>
+     * Constructs an instance of a authentication token. The token by default
+     * contains the following attributes: <br>
+     * 
      * <pre>
-     *		"authMgrInstName" - The authentication manager instance name.
-     *		"authMgrImplName" - The authentication manager plugin name.
-     *		"authTime" - The - The time of authentication.
+     * 	"authMgrInstName" - The authentication manager instance name.
+     * 	"authMgrImplName" - The authentication manager plugin name.
+     * 	"authTime" - The - The time of authentication.
      * </pre>
+     * 
      * @param authMgr The authentication manager that created this Token.
      */
     public AuthToken(IAuthManager authMgr) {
         mAttrs = new Hashtable();
         if (authMgr != null) {
-          set(TOKEN_AUTHMGR_INST_NAME, authMgr.getName());
-          set(TOKEN_AUTHMGR_IMPL_NAME, authMgr.getImplName());
+            set(TOKEN_AUTHMGR_INST_NAME, authMgr.getName());
+            set(TOKEN_AUTHMGR_IMPL_NAME, authMgr.getImplName());
         }
         set(TOKEN_AUTHTIME, new Date());
     }
 
     public String getInString(String attrName) {
-        return (String)mAttrs.get(attrName);
+        return (String) mAttrs.get(attrName);
     }
 
     public boolean set(String attrName, String value) {
@@ -123,6 +125,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Removes an attribute in the AuthToken
+     * 
      * @param attrName The name of the attribute to remove.
      */
     public void delete(String attrName) {
@@ -131,6 +134,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Enumerate all attribute names in the AuthToken.
+     * 
      * @return Enumeration of all attribute names in this AuthToken.
      */
     public Enumeration getElements() {
@@ -351,7 +355,7 @@ public class AuthToken implements IAuthToken {
             for (int i = 0; i < certArray.length; i++) {
                 ByteArrayOutputStream byteStream = new ByteArrayOutputStream();
                 try {
-                    X509CertImpl certImpl = (X509CertImpl)certArray[i];
+                    X509CertImpl certImpl = (X509CertImpl) certArray[i];
                     certImpl.encode(byteStream);
                     derValues[i] = new DerValue(byteStream.toByteArray());
                 } catch (CertificateEncodingException e) {
@@ -406,6 +410,7 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Enumerate all attribute values in the AuthToken.
+     * 
      * @return Enumeration of all attribute names in this AuthToken.
      */
     public Enumeration getVals() {
@@ -413,10 +418,11 @@ public class AuthToken implements IAuthToken {
     }
 
     /**
-     * Gets the name of the authentication manager instance that created 
-     * this token.
-     * @return The name of the authentication manager instance that created 
-     * this token.
+     * Gets the name of the authentication manager instance that created this
+     * token.
+     * 
+     * @return The name of the authentication manager instance that created this
+     *         token.
      */
     public String getAuthManagerInstName() {
         return ((String) mAttrs.get(TOKEN_AUTHMGR_INST_NAME));
@@ -425,8 +431,9 @@ public class AuthToken implements IAuthToken {
     /**
      * Gets the plugin name of the authentication manager that created this
      * token.
+     * 
      * @return The plugin name of the authentication manager that created this
-     * token.
+     *         token.
      */
     public String getAuthManagerImplName() {
         return ((String) mAttrs.get(TOKEN_AUTHMGR_IMPL_NAME));
@@ -434,10 +441,10 @@ public class AuthToken implements IAuthToken {
 
     /**
      * Gets the time of authentication.
+     * 
      * @return The time of authentication
      */
     public Date getAuthTime() {
         return ((Date) mAttrs.get(TOKEN_AUTHTIME));
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthException.java b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthException.java
index b998ae8b0..c79c3e9a7 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthException.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthException.java
@@ -22,6 +22,7 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * This class represents authentication exceptions.
  * <P>
+ * 
  * @version $Revision$, $Date$
  */
 public class EAuthException extends EBaseException {
@@ -38,6 +39,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs an authentication exception
      * <P>
+     * 
      * @param msgFormat exception details
      */
     public EAuthException(String msgFormat) {
@@ -45,8 +47,9 @@ public class EAuthException extends EBaseException {
     }
 
     /**
-     * Constructs an authentication exception with a parameter. 
+     * Constructs an authentication exception with a parameter.
      * <p>
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -57,6 +60,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs a auth exception with a exception parameter.
      * <P>
+     * 
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -67,6 +71,7 @@ public class EAuthException extends EBaseException {
     /**
      * Constructs a auth exception with a list of parameters.
      * <P>
+     * 
      * @param msgFormat the message format.
      * @param params list of message format parameters
      */
@@ -76,6 +81,7 @@ public class EAuthException extends EBaseException {
 
     /**
      * Returns the resource bundle name
+     * 
      * @return resource bundle name.
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java
index fb4ad04bb..1b2d848af 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthInternalError.java
@@ -28,8 +28,9 @@ public class EAuthInternalError extends EAuthException {
     private static final long serialVersionUID = -4020816090107820450L;
 
     /**
-     * Constructs an authentication internal error exception
-     * with a detailed message.
+     * Constructs an authentication internal error exception with a detailed
+     * message.
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthInternalError(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java
index 675fbe59a..925aaabf0 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrNotFound.java
@@ -29,6 +29,7 @@ public class EAuthMgrNotFound extends EAuthException {
 
     /**
      * Constructs a exception for a missing authentication manager
+     * 
      * @param errorString error string for missing authentication manager
      */
     public EAuthMgrNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java
index 2210de2ca..2ca90e3c8 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthMgrPluginNotFound.java
@@ -29,7 +29,8 @@ public class EAuthMgrPluginNotFound extends EAuthException {
 
     /**
      * Constructs a exception for a missing authentication manager plugin
-     * @param errorString error for a missing authentication manager plugin 
+     * 
+     * @param errorString error for a missing authentication manager plugin
      */
     public EAuthMgrPluginNotFound(String errorString) {
         super(errorString);
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java
index b3bafd3cc..f816c35e8 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EAuthUserError.java
@@ -29,6 +29,7 @@ public class EAuthUserError extends EAuthException {
 
     /**
      * Constructs a exception for a Invalid attribute value
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthUserError(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java b/pki/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java
index edbf13e66..84725bb96 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/ECompSyntaxErr.java
@@ -29,6 +29,7 @@ public class ECompSyntaxErr extends EAuthException {
 
     /**
      * Constructs an component syntax error
+     * 
      * @param errorString Detailed error message.
      */
     public ECompSyntaxErr(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java b/pki/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java
index b56a1e0a0..952824481 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EFormSubjectDN.java
@@ -29,6 +29,7 @@ public class EFormSubjectDN extends EAuthException {
 
     /**
      * Constructs an Error on formulating the subject dn.
+     * 
      * @param errorString Detailed error message.
      */
     public EFormSubjectDN(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java b/pki/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java
index 894a07ca5..3e4daaf0d 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EInvalidCredentials.java
@@ -29,6 +29,7 @@ public class EInvalidCredentials extends EAuthException {
 
     /**
      * Constructs an Invalid Credentials exception.
+     * 
      * @param errorString Detailed error message.
      */
     public EInvalidCredentials(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java b/pki/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java
index 695dd15cd..5de73aa0d 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/EMissingCredential.java
@@ -29,6 +29,7 @@ public class EMissingCredential extends EAuthException {
 
     /**
      * Constructs a exception for a missing required authentication credential
+     * 
      * @param errorString Detailed error message.
      */
     public EMissingCredential(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java
index eb36f9965..8056ae312 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthCredentials.java
@@ -21,22 +21,24 @@ import com.netscape.certsrv.base.IArgBlock;
 import com.netscape.certsrv.base.IAttrSet;
 
 /**
- * An interface represents authentication credentials:
- * e.g. uid/pwd, uid/pin, certificate, etc.
+ * An interface represents authentication credentials: e.g. uid/pwd, uid/pin,
+ * certificate, etc.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IAuthCredentials extends IAttrSet {
 
-    /** 
+    /**
      * Set argblock.
+     * 
      * @param blk argblock
      */
     public void setArgBlock(IArgBlock blk);
 
     /**
      * Returns argblock.
+     * 
      * @return Argblock.
      */
     public IArgBlock getArgBlock();
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java
index b2f7d69ad..28fcfe41e 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.IConfigStore;
 /**
  * Authentication Manager interface.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IAuthManager {
@@ -41,6 +41,7 @@ public interface IAuthManager {
     /**
      * Get the name of this authentication manager instance.
      * <p>
+     * 
      * @return the name of this authentication manager.
      */
     public String getName();
@@ -48,58 +49,62 @@ public interface IAuthManager {
     /**
      * Get name of authentication manager plugin.
      * <p>
+     * 
      * @return the name of the authentication manager plugin.
-     */ 
+     */
     public String getImplName();
 
     /**
      * Authenticate the given credentials.
+     * 
      * @param authCred The authentication credentials
      * @return authentication token
-     * @exception EMissingCredential If a required credential for this 
-     * authentication manager is missing.
+     * @exception EMissingCredential If a required credential for this
+     *                authentication manager is missing.
      * @exception EInvalidCredentials If credentials cannot be authenticated.
      * @exception EBaseException If an internal error occurred.
      */
     public IAuthToken authenticate(IAuthCredentials authCred)
-        throws EMissingCredential, EInvalidCredentials, EBaseException;
+            throws EMissingCredential, EInvalidCredentials, EBaseException;
 
     /**
      * Initialize this authentication manager.
+     * 
      * @param name The name of this authentication manager instance.
      * @param implName The name of the authentication manager plugin.
      * @param config The configuration store for this authentication manager.
      * @exception EBaseException If an initialization error occurred.
      */
     public void init(String name, String implName, IConfigStore config)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Prepare this authentication manager for a shutdown.
-     * Called when the server is exiting for any cleanup needed.
+     * Prepare this authentication manager for a shutdown. Called when the
+     * server is exiting for any cleanup needed.
      */
     public void shutdown();
 
     /**
      * Gets a list of the required credentials for this authentication manager.
+     * 
      * @return The required credential attributes.
      */
     public String[] getRequiredCreds();
 
     /**
-     * Get configuration parameters for this implementation.
-     * The configuration parameters returned is passed to the 
-     * configuration console so configuration for instances of this 
-     * implementation can be made through the console.
+     * Get configuration parameters for this implementation. The configuration
+     * parameters returned is passed to the configuration console so
+     * configuration for instances of this implementation can be made through
+     * the console.
      * 
      * @return a list of configuration parameters.
      * @exception EBaseException If an internal error occurred
      */
-    public String[] getConfigParams()
-        throws EBaseException;
+    public String[] getConfigParams() throws EBaseException;
 
     /**
      * Get the configuration store for this authentication manager.
+     * 
      * @return The configuration store of this authentication manager.
      */
     public IConfigStore getConfigStore();
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java
index 29657e7a4..efa9dbd76 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthSubsystem.java
@@ -26,7 +26,7 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * An interface that represents an authentication component
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IAuthSubsystem extends ISubsystem {
@@ -39,17 +39,17 @@ public interface IAuthSubsystem extends ISubsystem {
     /**
      * Constant for class.
      */
-    public static final String PROP_CLASS = "class"; 
+    public static final String PROP_CLASS = "class";
 
     /**
      * Constant for impl
      */
-    public static final String PROP_IMPL = "impl"; 
+    public static final String PROP_IMPL = "impl";
 
     /**
      * Constant for pluginName.
      */
-    public static final String PROP_PLUGIN = "pluginName"; 
+    public static final String PROP_PLUGIN = "pluginName";
 
     /**
      * Constant for instance.
@@ -120,19 +120,22 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Authenticate the given credentials using the given manager name.
+     * 
      * @param authCred The authentication credentials
      * @param authMgrName The authentication manager name
      * @return a authentication token.
-     * @exception EMissingCredential when missing credential during authentication
+     * @exception EMissingCredential when missing credential during
+     *                authentication
      * @exception EInvalidCredentials when the credential is invalid
      * @exception EBaseException If an error occurs during authentication.
      */
     public IAuthToken authenticate(IAuthCredentials authCred, String authMgrName)
-        throws EMissingCredential, EInvalidCredentials, EBaseException;
+            throws EMissingCredential, EInvalidCredentials, EBaseException;
 
     /**
      * Gets the required credential attributes for the given authentication
      * manager.
+     * 
      * @param authMgrName The authentication manager name
      * @return a Vector of required credential attribute names.
      * @exception EBaseException If the required credential is missing
@@ -141,6 +144,7 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Adds (registers) the given authentication manager.
+     * 
      * @param name The authentication manager name
      * @param authMgr The authentication manager instance.
      */
@@ -148,12 +152,14 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Deletes (deregisters) the given authentication manager.
+     * 
      * @param name The authentication manager name to delete.
      */
     public void delete(String name);
 
     /**
      * Gets the Authentication manager instance of the specified name.
+     * 
      * @param name The authentication manager's name.
      * @exception EBaseException when internal error occurs.
      */
@@ -162,18 +168,21 @@ public interface IAuthSubsystem extends ISubsystem {
     /**
      * Gets an enumeration of authentication managers registered to the
      * authentication subsystem.
+     * 
      * @return a list of authentication managers
      */
     public Enumeration getAuthManagers();
 
     /**
      * Gets an enumeration of authentication manager plugins.
+     * 
      * @return a list of authentication plugins
      */
     public Enumeration getAuthManagerPlugins();
 
     /**
      * Gets a single authentication manager plugin implementation
+     * 
      * @param name given authentication plugin name
      * @return the given authentication plugin
      */
@@ -181,17 +190,20 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Get configuration parameters for a authentication mgr plugin.
+     * 
      * @param implName The plugin name.
-     * @return configuration parameters for the given authentication manager plugin
-     * @exception EAuthMgrPluginNotFound If the authentication manager 
-     * plugin is not found.
+     * @return configuration parameters for the given authentication manager
+     *         plugin
+     * @exception EAuthMgrPluginNotFound If the authentication manager plugin is
+     *                not found.
      * @exception EBaseException If an internal error occurred.
      */
-    public String[] getConfigParams(String implName) 
-        throws EAuthMgrPluginNotFound, EBaseException;
+    public String[] getConfigParams(String implName)
+            throws EAuthMgrPluginNotFound, EBaseException;
 
     /**
      * Log error message.
+     * 
      * @param level log level
      * @param msg error message
      */
@@ -199,28 +211,31 @@ public interface IAuthSubsystem extends ISubsystem {
 
     /**
      * Get a hashtable containing all authentication plugins.
+     * 
      * @return all authentication plugins.
      */
     public Hashtable getPlugins();
 
     /**
      * Get a hashtable containing all authentication instances.
+     * 
      * @return all authentication instances.
      */
     public Hashtable getInstances();
 
     /**
      * Get an authentication manager interface for the given name.
+     * 
      * @param name given authentication manager name.
      * @return an authentication manager for the given manager name.
      */
     public IAuthManager get(String name);
 
     /**
-     * Get an authentication manager plugin impl  for the given name.
+     * Get an authentication manager plugin impl for the given name.
+     * 
      * @param name given authentication manager name.
      * @return an authentication manager plugin
      */
     public AuthMgrPlugin getAuthManagerPluginImpl(String name);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java
index a8462108e..0d9be9a8d 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java
@@ -32,14 +32,14 @@ import com.netscape.certsrv.usrgrp.Certificates;
  */
 public interface IAuthToken {
 
-  /**
-   * Constant for userid.
-   */
-  public static final String USER_ID = "userid";
+    /**
+     * Constant for userid.
+     */
+    public static final String USER_ID = "userid";
 
     /**
      * Sets an attribute value within this AttrSet.
-     *
+     * 
      * @param name the name of the attribute
      * @param value the attribute object.
      * @return false on an error
@@ -48,7 +48,7 @@ public interface IAuthToken {
 
     /**
      * Gets an attribute value.
-     *
+     * 
      * @param name the name of the attribute to return.
      * @exception EBaseException on attribute handling errors.
      * @return the attribute value
@@ -58,151 +58,167 @@ public interface IAuthToken {
     /**
      * Returns an enumeration of the names of the attributes existing within
      * this AttrSet.
-     *
+     * 
      * @return an enumeration of the attribute names.
      */
     public Enumeration getElements();
 
     /************
-     * Helpers for non-string sets and gets.
-     * These are needed because AuthToken is stored in IRequest (which can
-     * only store string values
+     * Helpers for non-string sets and gets. These are needed because AuthToken
+     * is stored in IRequest (which can only store string values
      */
 
     /**
-     * Retrieves the byte array value for name.  The value should have been
+     * Retrieves the byte array value for name. The value should have been
      * previously stored as a byte array (it will be CMS.AtoB decoded).
-     * @param name  The attribute name.
-     * @return  The byte array or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The byte array or null on error.
      */
     public byte[] getInByteArray(String name);
 
     /**
      * Stores the byte array with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on an error
      */
     public boolean set(String name, byte[] value);
 
     /**
      * Retrieves the Integer value for name.
-     * @param name  The attribute name.
-     * @return  The Integer or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The Integer or null on error.
      */
     public Integer getInInteger(String name);
 
     /**
      * Stores the Integer with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on an error
      */
     public boolean set(String name, Integer value);
 
     /**
      * Retrieves the BigInteger array value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public BigInteger[] getInBigIntegerArray(String name);
 
     /**
      * Stores the BigInteger array with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on an error
      */
     public boolean set(String name, BigInteger[] value);
 
     /**
      * Retrieves the Date value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public Date getInDate(String name);
 
     /**
      * Stores the Date with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on an error
      */
     public boolean set(String name, Date value);
 
     /**
      * Retrieves the String array value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public String[] getInStringArray(String name);
 
     /**
      * Stores the String array with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return False on error.
      */
     public boolean set(String name, String[] value);
 
     /**
      * Retrieves the X509CertImpl value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public X509CertImpl getInCert(String name);
 
     /**
      * Stores the X509CertImpl with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on error
      */
     public boolean set(String name, X509CertImpl value);
 
     /**
      * Retrieves the CertificateExtensions value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public CertificateExtensions getInCertExts(String name);
 
     /**
      * Stores the CertificateExtensions with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on error
      */
     public boolean set(String name, CertificateExtensions value);
 
     /**
      * Retrieves the Certificates value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public Certificates getInCertificates(String name);
 
     /**
      * Stores the Certificates with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on error
      */
     public boolean set(String name, Certificates value);
 
     /**
      * Retrieves the byte[][] value for name.
-     * @param name  The attribute name.
-     * @return  The value or null on error.
+     * 
+     * @param name The attribute name.
+     * @return The value or null on error.
      */
     public byte[][] getInByteArrayArray(String name);
 
     /**
      * Stores the byte[][] with the associated key.
-     * @param name   The attribute name.
-     * @param value  The value to store
+     * 
+     * @param name The attribute name.
+     * @param value The value to store
      * @return false on error
      */
     public boolean set(String name, byte[][] value);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java b/pki/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java
index d4bdf7bb1..c85e62787 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/ISSLClientCertProvider.java
@@ -17,18 +17,15 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authentication;
 
-
 import java.security.cert.X509Certificate;
 
-
 /**
- * This interface represents an object that captures the
- * SSL client certificate in a SSL session. Normally, this
- * object is a servlet.
+ * This interface represents an object that captures the SSL client certificate
+ * in a SSL session. Normally, this object is a servlet.
  * <p>
- *
- * This interface is used to avoid the internal imeplemtnation
- * to have servlet (protocol handler) dependency.
+ * 
+ * This interface is used to avoid the internal imeplemtnation to have servlet
+ * (protocol handler) dependency.
  * <p>
  * 
  * @version $Revision$, $Date$
@@ -37,7 +34,7 @@ public interface ISSLClientCertProvider {
 
     /**
      * Retrieves the SSL client certificate chain.
-     *
+     * 
      * @return certificate chain
      */
     public X509Certificate[] getClientCertificateChain();
diff --git a/pki/base/common/src/com/netscape/certsrv/authentication/ISharedToken.java b/pki/base/common/src/com/netscape/certsrv/authentication/ISharedToken.java
index eae65d176..830c8866e 100644
--- a/pki/base/common/src/com/netscape/certsrv/authentication/ISharedToken.java
+++ b/pki/base/common/src/com/netscape/certsrv/authentication/ISharedToken.java
@@ -26,6 +26,7 @@ import org.mozilla.jss.pkix.cmc.PKIData;
  */
 public interface ISharedToken {
 
-    public String getSharedToken(PKIData cmcData); 
-    public String getSharedToken(BigInteger serialnum); 
+    public String getSharedToken(PKIData cmcData);
+
+    public String getSharedToken(BigInteger serialnum);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/authority/IAuthority.java b/pki/base/common/src/com/netscape/certsrv/authority/IAuthority.java
index 5916ecd03..2875e4dd1 100644
--- a/pki/base/common/src/com/netscape/certsrv/authority/IAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/authority/IAuthority.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authority;
 
-
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.request.IRequestListener;
 import com.netscape.certsrv.request.IRequestQueue;
 
-
 /**
  * Authority interface.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public interface IAuthority extends ISubsystem {
@@ -33,6 +31,7 @@ public interface IAuthority extends ISubsystem {
     /**
      * Retrieves the request queue for the Authority.
      * <P>
+     * 
      * @return the request queue.
      */
     public IRequestQueue getRequestQueue();
diff --git a/pki/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java b/pki/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java
index 94d6df40e..dea1329e9 100644
--- a/pki/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/authority/ICertAuthority.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authority;
 
-
 import netscape.security.x509.CertificateChain;
 import netscape.security.x509.X500Name;
 import netscape.security.x509.X509CertImpl;
@@ -27,12 +26,10 @@ import com.netscape.certsrv.logging.ILogger;
 import com.netscape.certsrv.publish.IPublisherProcessor;
 import com.netscape.certsrv.request.IRequestListener;
 
-
 /**
- * Authority that handles certificates needed by the cert registration
- * servlets. 
+ * Authority that handles certificates needed by the cert registration servlets.
  * <P>
- *
+ * 
  * @version $Revision$ $Date$
  */
 public interface ICertAuthority extends IAuthority {
@@ -40,7 +37,7 @@ public interface ICertAuthority extends IAuthority {
     /**
      * Retrieves the certificate repository for this authority.
      * <P>
-     *
+     * 
      * @return the certificate repository.
      */
     public ICertificateRepository getCertificateRepository();
@@ -48,6 +45,7 @@ public interface ICertAuthority extends IAuthority {
     /**
      * Returns CA's certificate chain.
      * <P>
+     * 
      * @return the Certificate Chain for the CA.
      */
     public CertificateChain getCACertChain();
@@ -55,18 +53,19 @@ public interface ICertAuthority extends IAuthority {
     /**
      * Returns CA's certificate implementaion.
      * <P>
+     * 
      * @return CA's certificate.
      */
     public X509CertImpl getCACert();
 
     /**
-     * Returns signing algorithms supported by the CA.
-     * Dependent on CA's key type and algorithms supported by security lib. 
+     * Returns signing algorithms supported by the CA. Dependent on CA's key
+     * type and algorithms supported by security lib.
      */
     public String[] getCASigningAlgorithms();
 
     /**
-     * Returns authority's X500 Name. - XXX what's this for ?? 
+     * Returns authority's X500 Name. - XXX what's this for ??
      */
     public X500Name getX500Name();
 
@@ -86,15 +85,14 @@ public interface ICertAuthority extends IAuthority {
     public void registerPendingListener(IRequestListener l);
 
     /**
-     * get authority's  publishing module if any.
+     * get authority's publishing module if any.
      */
     public IPublisherProcessor getPublisherProcessor();
-		
+
     /**
-     * Returns the logging interface for this authority.
-     * Using this interface both System and Audit events can be
-     * logged.
-     *
+     * Returns the logging interface for this authority. Using this interface
+     * both System and Audit events can be logged.
+     * 
      */
     public ILogger getLogger();
 
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java
index 0960311ee..ed0df89ac 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzManagerProxy.java
@@ -17,10 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authorization;
 
-
 /**
- * A class represents an authorization manager. It contains an
- * authorization manager instance and its state (enable or not).
+ * A class represents an authorization manager. It contains an authorization
+ * manager instance and its state (enable or not).
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthzManagerProxy {
@@ -29,9 +29,10 @@ public class AuthzManagerProxy {
 
     /**
      * Constructor
+     * 
      * @param enable true if the authzMgr is enabled; false otherwise
      * @param mgr authorization manager instance
-    */
+     */
     public AuthzManagerProxy(boolean enable, IAuthzManager mgr) {
         mEnable = enable;
         mMgr = mgr;
@@ -39,6 +40,7 @@ public class AuthzManagerProxy {
 
     /**
      * Returns the state of the authorization manager instance
+     * 
      * @return true if the state of the authorization manager instance is
      *         enabled; false otherwise.
      */
@@ -48,6 +50,7 @@ public class AuthzManagerProxy {
 
     /**
      * Returns an authorization manager instance.
+     * 
      * @return an authorization manager instance
      */
     public IAuthzManager getAuthzManager() {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java
index b9d9bb96c..7aac318d7 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzMgrPlugin.java
@@ -17,13 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authorization;
 
-
-
-
 /**
  * This class represents a registered authorization manager plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthzMgrPlugin {
@@ -34,6 +31,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Constructs a AuthzManager plugin.
+     * 
      * @param id authz manager implementation name
      * @param classPath class path
      */
@@ -41,9 +39,10 @@ public class AuthzMgrPlugin {
         mId = id;
         mClassPath = classPath;
     }
-		
+
     /**
      * Returns an authorization manager implementation name
+     * 
      * @return an authorization manager implementation name
      */
     public String getId() {
@@ -52,6 +51,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Returns a classpath of a AuthzManager plugin
+     * 
      * @return a classpath of a AuthzManager plugin
      */
     public String getClassPath() {
@@ -60,6 +60,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Returns a visibility of the plugin
+     * 
      * @return a visibility of the plugin
      */
     public boolean isVisible() {
@@ -68,6 +69,7 @@ public class AuthzMgrPlugin {
 
     /**
      * Sets visibility of the plugin
+     * 
      * @param visibility visibility of the plugin
      */
     public void setVisible(boolean visibility) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java
index 7cb5240a5..13d33c212 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzResources.java
@@ -17,13 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authorization;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A class represents a resource bundle for the authorization subsystem
  * <P>
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -31,6 +30,7 @@ public class AuthzResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
+     * 
      * @return the content of this resource
      */
     public Object[][] getContents() {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java
index a0f7133a7..028f55a89 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/AuthzToken.java
@@ -17,21 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authorization;
 
-
 import java.util.Date;
 import java.util.Enumeration;
 import java.util.Hashtable;
 
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
- * Authorization token returned by Authorization Managers.
- * Upon return, it contains the name of the authorization manager that create
- * the AuthzToken, the plugin name of the authorization manager, time of
- * authorization happened, name of the resource, type of operation performed
- * on the resource.
+ * Authorization token returned by Authorization Managers. Upon return, it
+ * contains the name of the authorization manager that create the AuthzToken,
+ * the plugin name of the authorization manager, time of authorization happened,
+ * name of the resource, type of operation performed on the resource.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
 public class AuthzToken implements IAttrSet {
@@ -43,19 +41,19 @@ public class AuthzToken implements IAttrSet {
     private Hashtable mAttrs = null;
 
     /**
-     * Plugin name of the authorization manager that created the 
-     * AuthzToken as a string.
+     * Plugin name of the authorization manager that created the AuthzToken as a
+     * string.
      */
     public static final String TOKEN_AUTHZMGR_IMPL_NAME = "authzMgrImplName";
 
     /**
-     * Name of the authorization manager that created the AuthzToken
-     * as a string.
+     * Name of the authorization manager that created the AuthzToken as a
+     * string.
      */
     public static final String TOKEN_AUTHZMGR_INST_NAME = "authzMgrInstName";
 
     /**
-     * Time of authorization as a java.util.Date 
+     * Time of authorization as a java.util.Date
      */
     public static final String TOKEN_AUTHZTIME = "authzTime";
 
@@ -65,7 +63,7 @@ public class AuthzToken implements IAttrSet {
     public static final String TOKEN_AUTHZ_RESOURCE = "authzRes";
 
     /**
-     * name of the operation 
+     * name of the operation
      */
     public static final String TOKEN_AUTHZ_OPERATION = "authzOp";
 
@@ -73,41 +71,45 @@ public class AuthzToken implements IAttrSet {
      * Status of the authorization evaluation
      */
     public static final String TOKEN_AUTHZ_STATUS = "status";
- 
+
     /**
-     * Constant for the success status of the authorization evaluation. 
+     * Constant for the success status of the authorization evaluation.
      */
     public static final String AUTHZ_STATUS_SUCCESS = "statusSuccess";
 
     /**
-     * Constructs an instance of a authorization token.
-     * The token by default contains the following attributes: <br>
+     * Constructs an instance of a authorization token. The token by default
+     * contains the following attributes: <br>
+     * 
      * <pre>
-     *		"authzMgrInstName" - The authorization manager instance name.
-     *		"authzMgrImplName" - The authorization manager plugin name.
-     *		"authzTime" - The - The time of authorization.
+     * 	"authzMgrInstName" - The authorization manager instance name.
+     * 	"authzMgrImplName" - The authorization manager plugin name.
+     * 	"authzTime" - The - The time of authorization.
      * </pre>
+     * 
      * @param authzMgr The authorization manager that created this Token.
      */
     public AuthzToken(IAuthzManager authzMgr) {
         mAttrs = new Hashtable();
-        mAttrs.put(TOKEN_AUTHZMGR_INST_NAME, authzMgr.getName()); 
-        mAttrs.put(TOKEN_AUTHZMGR_IMPL_NAME, authzMgr.getImplName()); 
+        mAttrs.put(TOKEN_AUTHZMGR_INST_NAME, authzMgr.getName());
+        mAttrs.put(TOKEN_AUTHZMGR_IMPL_NAME, authzMgr.getImplName());
         mAttrs.put(TOKEN_AUTHZTIME, new Date());
     }
 
     /**
      * Get the value of an attribute in the AuthzToken
+     * 
      * @param attrName The attribute name
-     * @return The value of attrName if any. 
+     * @return The value of attrName if any.
      */
     public Object get(String attrName) {
         return mAttrs.get(attrName);
     }
 
     /**
-     * Used by an Authorization manager to set an attribute and value
-     *	 in the AuthzToken.
+     * Used by an Authorization manager to set an attribute and value in the
+     * AuthzToken.
+     * 
      * @param attrName The name of the attribute
      * @param value The value of the attribute to set.
      */
@@ -117,6 +119,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Removes an attribute in the AuthzToken
+     * 
      * @param attrName The name of the attribute to remove.
      */
     public void delete(String attrName) {
@@ -125,6 +128,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Enumerate all attribute names in the AuthzToken.
+     * 
      * @return Enumeration of all attribute names in this AuthzToken.
      */
     public Enumeration getElements() {
@@ -133,6 +137,7 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Enumerate all attribute values in the AuthzToken.
+     * 
      * @return Enumeration of all attribute names in this AuthzToken.
      */
     public Enumeration getVals() {
@@ -140,10 +145,11 @@ public class AuthzToken implements IAttrSet {
     }
 
     /**
-     * Gets the name of the authorization manager instance that created 
-     * this token.
-     * @return The name of the authorization manager instance that created 
-     * this token.
+     * Gets the name of the authorization manager instance that created this
+     * token.
+     * 
+     * @return The name of the authorization manager instance that created this
+     *         token.
      */
     public String getAuthzManagerInstName() {
         return ((String) mAttrs.get(TOKEN_AUTHZMGR_INST_NAME));
@@ -152,8 +158,9 @@ public class AuthzToken implements IAttrSet {
     /**
      * Gets the plugin name of the authorization manager that created this
      * token.
+     * 
      * @return The plugin name of the authorization manager that created this
-     * token.
+     *         token.
      */
     public String getAuthzManagerImplName() {
         return ((String) mAttrs.get(TOKEN_AUTHZMGR_IMPL_NAME));
@@ -161,10 +168,10 @@ public class AuthzToken implements IAttrSet {
 
     /**
      * Gets the time of authorization.
+     * 
      * @return The time of authorization
      */
     public Date getAuthzTime() {
         return ((Date) mAttrs.get(TOKEN_AUTHZTIME));
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java
index 18429c983..9fc7777c7 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzAccessDenied.java
@@ -29,9 +29,10 @@ public class EAuthzAccessDenied extends EAuthzException {
 
     /**
      * Constructs a exception for access denied by Authz manager
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthzAccessDenied(String errorString) {
-        super(errorString); 
+        super(errorString);
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java
index 869a021c2..b031e994e 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzException.java
@@ -17,12 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authorization;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
 /**
  * This class represents authorization exceptions.
  * <P>
+ * 
  * @version $Revision$, $Date$
  */
 public class EAuthzException extends EBaseException {
@@ -34,11 +34,13 @@ public class EAuthzException extends EBaseException {
     /**
      * Resource class name.
      */
-    private static final String AUTHZ_RESOURCES = AuthzResources.class.getName();
+    private static final String AUTHZ_RESOURCES = AuthzResources.class
+            .getName();
 
     /**
      * Constructs a authz exception
      * <P>
+     * 
      * @param msgFormat exception details
      */
     public EAuthzException(String msgFormat) {
@@ -46,8 +48,9 @@ public class EAuthzException extends EBaseException {
     }
 
     /**
-     * Constructs a authz exception with a parameter. 
+     * Constructs a authz exception with a parameter.
      * <p>
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -58,6 +61,7 @@ public class EAuthzException extends EBaseException {
     /**
      * Constructs a authz exception with a exception parameter.
      * <P>
+     * 
      * @param msgFormat exception details in message string format
      * @param param system exception
      */
@@ -68,6 +72,7 @@ public class EAuthzException extends EBaseException {
     /**
      * Constructs a authz exception with a list of parameters.
      * <P>
+     * 
      * @param msgFormat the message format.
      * @param params list of message format parameters
      */
@@ -77,6 +82,7 @@ public class EAuthzException extends EBaseException {
 
     /**
      * Returns the resource bundle name
+     * 
      * @return resource bundle name
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java
index ff7da13da..2afe2c747 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzInternalError.java
@@ -29,6 +29,7 @@ public class EAuthzInternalError extends EAuthzException {
 
     /**
      * Constructs an authorization internal error exception
+     * 
      * @param errorString error with a detailed message.
      */
     public EAuthzInternalError(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java
index 944b9854a..a920d37ac 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrNotFound.java
@@ -29,6 +29,7 @@ public class EAuthzMgrNotFound extends EAuthzException {
 
     /**
      * Constructs a exception for a missing required authorization manager
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthzMgrNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java
index b44e4711f..43ae6edcd 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzMgrPluginNotFound.java
@@ -29,6 +29,7 @@ public class EAuthzMgrPluginNotFound extends EAuthzException {
 
     /**
      * Constructs a exception for a missing authorization plugin
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthzMgrPluginNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java
index 025306cbd..9bbfa0c98 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownOperation.java
@@ -28,7 +28,9 @@ public class EAuthzUnknownOperation extends EAuthzException {
     private static final long serialVersionUID = 4344508835702220953L;
 
     /**
-     * Constructs a exception for an operation unknown to the authorization manager
+     * Constructs a exception for an operation unknown to the authorization
+     * manager
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthzUnknownOperation(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java
index 4d7695a8f..0bc5a0baa 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/EAuthzUnknownProtectedRes.java
@@ -28,7 +28,9 @@ public class EAuthzUnknownProtectedRes extends EAuthzException {
     private static final long serialVersionUID = 444663701711532889L;
 
     /**
-     * Constructs a exception for a protected resource unknown to the authorization manager
+     * Constructs a exception for a protected resource unknown to the
+     * authorization manager
+     * 
      * @param errorString Detailed error message.
      */
     public EAuthzUnknownProtectedRes(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
index 167911c40..cc34ea77d 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.authorization;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 
@@ -28,12 +27,11 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.evaluators.IAccessEvaluator;
 
-
 /**
- * Authorization Manager interface needs to be implemented by all
- * authorization managers.  
+ * Authorization Manager interface needs to be implemented by all authorization
+ * managers.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IAuthzManager {
@@ -41,6 +39,7 @@ public interface IAuthzManager {
     /**
      * Get the name of this authorization manager instance.
      * <p>
+     * 
      * @return String the name of this authorization manager.
      */
     public String getName();
@@ -49,30 +48,34 @@ public interface IAuthzManager {
      * Get implementation name of authorization manager plugin.
      * <p>
      * An example of an implementation name will be:
+     * 
      * <PRE>
      * com.netscape.cms.BasicAclAuthz
      * </PRE>
      * <p>
+     * 
      * @return The name of the authorization manager plugin.
-     */ 
+     */
     public String getImplName();
 
     /**
-     * <code>accessInit</code> is for servlets who want to initialize their
-     * own authorization information before full operation.  It is supposed
-     * to be called from the authzMgrAccessInit() method of the AuthzSubsystem.
+     * <code>accessInit</code> is for servlets who want to initialize their own
+     * authorization information before full operation. It is supposed to be
+     * called from the authzMgrAccessInit() method of the AuthzSubsystem.
      * <p>
-     * The accessInfo format is determined by each individual
-     *	 authzmgr.  For example, for BasicAclAuthz,
-     *  The accessInfo is the resACLs, whose format should conform
-     * to the following:
+     * The accessInfo format is determined by each individual authzmgr. For
+     * example, for BasicAclAuthz, The accessInfo is the resACLs, whose format
+     * should conform to the following:
+     * 
      * <pre>
      *    <resource ID>:right-1[,right-n]:[allow,deny](right(s))<evaluatorType>=<value>:<comment for this resource acl
      * </pre>
      * <P>
-     * Example:
-     *    resTurnKnob:left,right:allow(left) group="lefties":door knobs for lefties
-     * @param accessInfo the access info string in the format specified in the authorization manager
+     * Example: resTurnKnob:left,right:allow(left) group="lefties":door knobs
+     * for lefties
+     * 
+     * @param accessInfo the access info string in the format specified in the
+     *            authorization manager
      * @exception EBaseException error parsing the accessInfo
      */
     public void accessInit(String accessInfo) throws EBaseException;
@@ -80,6 +83,7 @@ public interface IAuthzManager {
     /**
      * Check if the user is authorized to perform the given operation on the
      * given resource.
+     * 
      * @param authToken the authToken associated with a user.
      * @param resource - the protected resource name
      * @param operation - the protected resource operation name
@@ -87,54 +91,56 @@ public interface IAuthzManager {
      * @exception EAuthzInternalError if an internal error occurred.
      * @exception EAuthzAccessDenied if access denied
      */
-    public AuthzToken authorize(IAuthToken authToken, String resource, String operation)
-        throws EAuthzInternalError, EAuthzAccessDenied;
+    public AuthzToken authorize(IAuthToken authToken, String resource,
+            String operation) throws EAuthzInternalError, EAuthzAccessDenied;
 
     public AuthzToken authorize(IAuthToken authToken, String expression)
-      throws EAuthzInternalError, EAuthzAccessDenied;
+            throws EAuthzInternalError, EAuthzAccessDenied;
 
     /**
      * Initialize this authorization manager.
+     * 
      * @param name The name of this authorization manager instance.
      * @param implName The name of the authorization manager plugin.
      * @param config The configuration store for this authorization manager.
      * @exception EBaseException If an initialization error occurred.
      */
     public void init(String name, String implName, IConfigStore config)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Prepare this authorization manager for a graceful shutdown.
-     * Called when the server is exiting for any cleanup needed.
+     * Prepare this authorization manager for a graceful shutdown. Called when
+     * the server is exiting for any cleanup needed.
      */
     public void shutdown();
 
     /**
-     * Get configuration parameters for this implementation.
-     * The configuration parameters returned is passed to the 
-     * console so configuration for instances of this 
-     * implementation can be made through the console.
+     * Get configuration parameters for this implementation. The configuration
+     * parameters returned is passed to the console so configuration for
+     * instances of this implementation can be made through the console.
      * 
      * @return a list of names for configuration parameters.
      * @exception EBaseException If an internal error occurred
      */
-    public String[] getConfigParams()
-        throws EBaseException;
+    public String[] getConfigParams() throws EBaseException;
 
     /**
      * Get the configuration store for this authorization manager.
+     * 
      * @return The configuration store of this authorization manager.
      */
     public IConfigStore getConfigStore();
 
     /**
      * Get ACL entries
+     * 
      * @return enumeration of ACL entries.
      */
     public Enumeration getACLs();
 
     /**
      * Get individual ACL entry for the given name of entry.
+     * 
      * @param target The name of the ACL entry
      * @return The ACL entry.
      */
@@ -142,23 +148,26 @@ public interface IAuthzManager {
 
     /**
      * Update ACLs in the database
+     * 
      * @param id The name of the ACL entry (ie, resource id)
      * @param rights The allowable rights for this resource
      * @param strACLs The value of the ACL entry
      * @param desc The description for this resource
      * @exception EACLsException when update fails.
      */
-    public void updateACLs(String id, String rights, String strACLs, 
-        String desc) throws EACLsException;
+    public void updateACLs(String id, String rights, String strACLs, String desc)
+            throws EACLsException;
 
     /**
      * Get all registered evaluators.
+     * 
      * @return All registered evaluators.
      */
     public Enumeration aclEvaluatorElements();
 
     /**
      * Register new evaluator
+     * 
      * @param type Type of evaluator
      * @param evaluator Value of evaluator
      */
@@ -166,8 +175,8 @@ public interface IAuthzManager {
 
     /**
      * Return a table of evaluators
+     * 
      * @return A table of evaluators
      */
     public Hashtable getAccessEvaluators();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java
index f6fc3547f..ea2b8ad8d 100644
--- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzSubsystem.java
@@ -27,11 +27,11 @@ import com.netscape.certsrv.base.ISubsystem;
 /**
  * An interface that represents an authorization component
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IAuthzSubsystem extends ISubsystem {
-    
+
     /**
      * Constant for auths.
      */
@@ -40,17 +40,17 @@ public interface IAuthzSubsystem extends ISubsystem {
     /**
      * Constant for class.
      */
-    public static final String PROP_CLASS = "class"; 
+    public static final String PROP_CLASS = "class";
 
     /**
      * Constant for impl
      */
-    public static final String PROP_IMPL = "impl"; 
+    public static final String PROP_IMPL = "impl";
 
     /**
      * Constant for pluginName.
      */
-    public static final String PROP_PLUGIN = "pluginName"; 
+    public static final String PROP_PLUGIN = "pluginName";
 
     /**
      * Constant for instance.
@@ -60,22 +60,24 @@ public interface IAuthzSubsystem extends ISubsystem {
     /**
      * authorize the user associated with the given authToken for a given
      * operation with the given authorization manager name
+     * 
      * @param authzMgrName The authorization manager name
      * @param authToken the authenticaton token associated with a user
      * @param resource the resource protected by the authorization system
-     * @param operation the operation for resource protected by the authorization system
+     * @param operation the operation for resource protected by the
+     *            authorization system
      * @return a authorization token.
      * @exception EBaseException If an error occurs during authorization.
      */
     public AuthzToken authorize(String authzMgrName, IAuthToken authToken,
-        String resource, String operation)
-        throws EBaseException;
+            String resource, String operation) throws EBaseException;
 
     public AuthzToken authorize(String authzMgrName, IAuthToken authToken,
-        String exp) throws EBaseException;
+            String exp) throws EBaseException;
 
     /**
      * Adds (registers) the given authorization manager.
+     * 
      * @param name The authorization manager name
      * @param authzMgr The authorization manager instance.
      */
@@ -83,12 +85,14 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Deletes (deregisters) the given authorization manager.
+     * 
      * @param name The authorization manager name to delete.
      */
     public void delete(String name);
 
     /**
      * Gets the Authorization manager instance of the specified name.
+     * 
      * @param name The authorization manager's name.
      * @return an authorization manager interface
      */
@@ -97,6 +101,7 @@ public interface IAuthzSubsystem extends ISubsystem {
     /**
      * Gets an enumeration of authorization managers registered to the
      * authorization component.
+     * 
      * @return a list of authorization managers
      */
     public Enumeration getAuthzManagers();
@@ -108,16 +113,19 @@ public interface IAuthzSubsystem extends ISubsystem {
      * @param accessInfo string representation of the ACL
      * @exception EBaseException if authorization manager is not found
      */
-    public void authzMgrAccessInit(String authzMgrName, String accessInfo) throws EBaseException;
+    public void authzMgrAccessInit(String authzMgrName, String accessInfo)
+            throws EBaseException;
 
     /**
      * Gets an enumeration of authorization manager plugins.
+     * 
      * @return list of authorization manager plugins
      */
     public Enumeration getAuthzManagerPlugins();
 
     /**
      * Gets a single authorization manager plugin implementation
+     * 
      * @param name given authorization plugin name
      * @return authorization manager plugin
      */
@@ -125,6 +133,7 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Log error message.
+     * 
      * @param level log level
      * @param msg error message
      */
@@ -132,21 +141,23 @@ public interface IAuthzSubsystem extends ISubsystem {
 
     /**
      * Get a hashtable containing all authentication plugins.
+     * 
      * @return all authentication plugins.
      */
     public Hashtable getPlugins();
 
     /**
      * Get a hashtable containing all authentication instances.
+     * 
      * @return all authentication instances.
      */
     public Hashtable getInstances();
 
     /**
      * Get an authorization manager interface for the given name.
+     * 
      * @param name given authorization manager name.
      * @return an authorization manager interface
      */
     public IAuthzManager get(String name);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ASubsystem.java b/pki/base/common/src/com/netscape/certsrv/base/ASubsystem.java
index ea3342308..d6b21052b 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ASubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ASubsystem.java
@@ -17,12 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 /**
- * This class represents a basic subsystem. Each basic
- * subsystem is named with an identifier and has a 
- * configuration store.
- *
+ * This class represents a basic subsystem. Each basic subsystem is named with
+ * an identifier and has a configuration store.
+ * 
  * @version $Revision$, $Date$
  */
 public abstract class ASubsystem implements ISubsystem {
@@ -33,7 +31,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Initializes this subsystem.
-     *
+     * 
      * @param parent parent subsystem
      * @param cfg configuration store
      */
@@ -44,7 +42,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Retrieves the configuration store.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore() {
@@ -53,7 +51,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Sets the identifier of this subsystem.
-     *
+     * 
      * @param id subsystem identifier
      */
     public void setId(String id) {
@@ -62,7 +60,7 @@ public abstract class ASubsystem implements ISubsystem {
 
     /**
      * Retrieves the subsystem identifier.
-     *
+     * 
      * @return subsystem identifier
      */
     public String getId() {
diff --git a/pki/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java b/pki/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java
index 786148a0e..eee51ca03 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/AttributeNameHelper.java
@@ -17,25 +17,24 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 /**
- * AttributeNameHelper. This Helper class used to decompose 
- * dot-separated attribute name into prefix and suffix.
- *
+ * AttributeNameHelper. This Helper class used to decompose dot-separated
+ * attribute name into prefix and suffix.
+ * 
  * @version $Revision$, $Date$
  */
 public class AttributeNameHelper {
     // Public members
     private static final char SEPARATOR = '.';
-	
+
     // Private data members
     private String prefix = null;
     private String suffix = null;
-	
+
     /**
      * Default constructor for the class. Name is of the form
      * "proofOfPosession.type".
-     *
+     * 
      * @param name the attribute name.
      */
     public AttributeNameHelper(String name) {
@@ -51,20 +50,19 @@ public class AttributeNameHelper {
 
     /**
      * Return the prefix of the name.
-     *
+     * 
      * @return attribute prefix
      */
     public String getPrefix() {
         return (prefix);
     }
-	
+
     /**
      * Return the suffix of the name.
-     *
+     * 
      * @return attribute suffix
      */
     public String getSuffix() {
         return (suffix);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/BaseResources.java b/pki/base/common/src/com/netscape/certsrv/base/BaseResources.java
index f54f13772..e8752646d 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/BaseResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/BaseResources.java
@@ -17,15 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
- * A class represents a resource bundle for the entire
- * system.
+ * A class represents a resource bundle for the entire system.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
@@ -39,8 +36,7 @@ public class BaseResources extends ListResourceBundle {
     }
 
     /*
-     * Constants. The suffix represents the number of
-     * possible parameters.
+     * Constants. The suffix represents the number of possible parameters.
      */
 
     static final Object[][] contents = {};
diff --git a/pki/base/common/src/com/netscape/certsrv/base/EBaseException.java b/pki/base/common/src/com/netscape/certsrv/base/EBaseException.java
index e58aaca2f..8b84a6362 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/EBaseException.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/EBaseException.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Locale;
 
-
 /**
- * An exception with localizable error messages.  It is the 
- * base class for all exceptions in certificate server. 
+ * An exception with localizable error messages. It is the base class for all
+ * exceptions in certificate server.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.base.BaseResources
@@ -38,8 +36,8 @@ public class EBaseException extends Exception {
     private static final long serialVersionUID = 8213021692117483973L;
 
     /**
-     * The resource bundle to use for error messages.
-     * Subclasses can override to use its own resource bundle.
+     * The resource bundle to use for error messages. Subclasses can override to
+     * use its own resource bundle.
      */
     private static final String BASE_RESOURCES = BaseResources.class.getName();
 
@@ -49,12 +47,13 @@ public class EBaseException extends Exception {
     public Object mParams[] = null;
 
     /**
-     * Constructs an instance of this exception with the given resource key.
-     * If resource key is not found in the resource bundle, the resource key 
+     * Constructs an instance of this exception with the given resource key. If
+     * resource key is not found in the resource bundle, the resource key
      * specified is used as the error message.
+     * 
      * <pre>
-     *      new EBaseException(BaseResources.PERMISSION_DENIED);
-     *      new EBaseException("An plain error message");
+     * new EBaseException(BaseResources.PERMISSION_DENIED);
+     * new EBaseException(&quot;An plain error message&quot;);
      * <P>
      * @param msgFormat The error message resource key.
      */
@@ -64,12 +63,14 @@ public class EBaseException extends Exception {
     }
 
     /**
-     * Constructs an instance of this exception with the given resource key
-     * and a parameter as a string. 
+     * Constructs an instance of this exception with the given resource key and
+     * a parameter as a string.
+     * 
      * <PRE>
-     *      new EBaseException(BaseResource.NO_CONFIG_FILE, fileName);
+     * new EBaseException(BaseResource.NO_CONFIG_FILE, fileName);
      * </PRE>
      * <P>
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -80,8 +81,9 @@ public class EBaseException extends Exception {
     }
 
     /**
-     * Constructs an instance of the exception given the resource key and 
-     * a exception parameter. 
+     * Constructs an instance of the exception given the resource key and a
+     * exception parameter.
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -90,6 +92,7 @@ public class EBaseException extends Exception {
      *      }
      * </PRE>
      * <P>
+     * 
      * @param msgFormat The resource key
      * @param param The parameter as an exception
      */
@@ -100,9 +103,10 @@ public class EBaseException extends Exception {
     }
 
     /**
-     * Constructs an instance of this exception given the resource key and
-     * an array of parameters.
+     * Constructs an instance of this exception given the resource key and an
+     * array of parameters.
      * <P>
+     * 
      * @param msgFormat The resource key
      * @param params Array of params
      */
@@ -114,7 +118,7 @@ public class EBaseException extends Exception {
     /**
      * Returns the list of parameters.
      * <P>
-     *
+     * 
      * @return List of parameters.
      */
     public Object[] getParameters() {
@@ -124,6 +128,7 @@ public class EBaseException extends Exception {
     /**
      * Returns the exception string in the default locale.
      * <P>
+     * 
      * @return The exception string in the default locale.
      */
     public String toString() {
@@ -133,6 +138,7 @@ public class EBaseException extends Exception {
     /**
      * Returns the exception string in the given locale.
      * <P>
+     * 
      * @param locale The locale
      * @return The exception string in the given locale.
      */
@@ -143,6 +149,7 @@ public class EBaseException extends Exception {
 
     /**
      * Returns the given resource bundle name.
+     * 
      * @return the name of the resource bundle for this class.
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java b/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java
index 938c9fffe..89a78031c 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotDefined.java
@@ -17,13 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 /**
- * This class represents an exception thrown when a 
- * property is not defined (empty string) the configuration store.
- * It extends EBaseException and uses the same resource bundle.
+ * This class represents an exception thrown when a property is not defined
+ * (empty string) the configuration store. It extends EBaseException and uses
+ * the same resource bundle.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.base.EBaseException
  */
@@ -35,9 +34,10 @@ public class EPropertyNotDefined extends EBaseException {
     private static final long serialVersionUID = -7986464387187170352L;
 
     /**
-     * Constructs an instance of this exception given the name of the
-     * property that's not found.
+     * Constructs an instance of this exception given the name of the property
+     * that's not found.
      * <p>
+     * 
      * @param errorString Detailed error message.
      */
     public EPropertyNotDefined(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java b/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java
index 833a393a9..b442f0095 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/EPropertyNotFound.java
@@ -17,13 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 /**
- * This class represents an exception thrown when a 
- * property is not found in the configuration store.
- * It extends EBaseException and uses the same resource bundle.
+ * This class represents an exception thrown when a property is not found in the
+ * configuration store. It extends EBaseException and uses the same resource
+ * bundle.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  * @see com.netscape.certsrv.base.EBaseException
  */
@@ -35,9 +34,10 @@ public class EPropertyNotFound extends EBaseException {
     private static final long serialVersionUID = 2701966082697733003L;
 
     /**
-     * Constructs an instance of this exception given the name of the
-     * property that's not found.
+     * Constructs an instance of this exception given the name of the property
+     * that's not found.
      * <p>
+     * 
      * @param errorString Detailed error message.
      */
     public EPropertyNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java b/pki/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java
index a0399d349..cba4482a6 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ExtendedPluginInfo.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Locale;
 
-
 /**
  * Plugin which can return extended information to console
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ExtendedPluginInfo implements IExtendedPluginInfo {
@@ -33,7 +31,7 @@ public class ExtendedPluginInfo implements IExtendedPluginInfo {
 
     /**
      * Constructs an extended plugin info object.
-     *
+     * 
      * @param epi plugin info list
      */
     public ExtendedPluginInfo(String epi[]) {
@@ -41,48 +39,43 @@ public class ExtendedPluginInfo implements IExtendedPluginInfo {
     }
 
     /**
-     *  This method returns an array of strings. Each element of the
-     *  array represents a configurable parameter, or some other
-     *  meta-info (such as help-token)
+     * This method returns an array of strings. Each element of the array
+     * represents a configurable parameter, or some other meta-info (such as
+     * help-token)
+     * 
+     * there is an entry indexed on that parameter name
+     * <param-name>;<type_info>[,required];<description>;...
+     * 
+     * Where:
+     * 
+     * type_info is either 'string', 'number', 'boolean', 'password' or
+     * 'choice(ch1,ch2,ch3,...)'
+     * 
+     * If the marker 'required' is included after the type_info, the parameter
+     * will has some visually distinctive marking in the UI.
+     * 
+     * 'description' is a short sentence describing the parameter 'choice' is
+     * rendered as a drop-down list. The first parameter in the list will be
+     * activated by default 'boolean' is rendered as a checkbox. The resulting
+     * parameter will be either 'true' or 'false' 'string' allows any characters
+     * 'number' allows only numbers 'password' is rendered as a password field
+     * (the characters are replaced with *'s when being types. This parameter is
+     * not passed through to the plugin. It is instead inserted directly into
+     * the password cache keyed on the instance name. The value of the parameter
+     * 'bindPWPrompt' (see example below) is set to the key.
+     * 
+     * In addition to the configurable parameters, the following magic
+     * parameters may be defined:
+     * 
+     * HELP_TOKEN;helptoken - a pointer to the online manual section for this
+     * plugin HELP_TEXT;helptext - a general help string describing the plugin
      * 
-     *  there is an entry indexed on that parameter name
-     *  <param-name>;<type_info>[,required];<description>;...
-     *  
-     *  Where:
-     *
-     *    type_info is either 'string', 'number', 'boolean', 'password' or 
-     *        'choice(ch1,ch2,ch3,...)'
-     *
-     *    If the marker 'required' is included after the type_info,
-     *    the parameter will has some visually distinctive marking in
-     *    the UI.
+     * For example: "username;string;The username you wish to login as"
+     * "bindPWPrompt;password;Enter password to bind as above user with"
+     * "algorithm;choice(RSA,DSA);Which algorithm do you want to use"
+     * "enable;boolean;Do you want to run this plugin"
+     * "port;number;Which port number do you want to use"
      * 
-     *    'description' is a short sentence describing the parameter
-     *    'choice' is rendered as a drop-down list. The first parameter in the
-     *       list will be activated by default
-     *    'boolean' is rendered as a checkbox. The resulting parameter will be
-     *       either 'true' or 'false'
-     *	  'string' allows any characters
-     *	  'number' allows only numbers
-     *    'password' is rendered as a password field (the characters are replaced
-     *       with *'s when being types. This parameter is not passed through to
-     *       the plugin. It is instead inserted directly into the password cache
-     *       keyed on the instance name. The value of the parameter
-     *       'bindPWPrompt' (see example below) is set to the key.
-     *
-     *  In addition to the configurable parameters, the following magic parameters
-     *  may be defined:
-     *  
-     *    HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin
-     *    HELP_TEXT;helptext   - a general help string describing the plugin
-     *
-     *   For example:
-     *    "username;string;The username you wish to login as"
-     *    "bindPWPrompt;password;Enter password to bind as above user with"
-     *    "algorithm;choice(RSA,DSA);Which algorithm do you want to use"
-     *    "enable;boolean;Do you want to run this plugin"
-     *    "port;number;Which port number do you want to use"
-     *
      */
     public String[] getExtendedPluginInfo(Locale locale) {
         return _epi;
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IArgBlock.java b/pki/base/common/src/com/netscape/certsrv/base/IArgBlock.java
index 83c8f85fa..b7406c6ab 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IArgBlock.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IArgBlock.java
@@ -23,32 +23,30 @@ import java.util.Enumeration;
 
 import netscape.security.pkcs.PKCS10;
 
-
 /**
- * This interface defines the abstraction for the generic collection
- * of attributes indexed by string names.
- * Set of cooperating implementations of this interface may exploit
- * dot-separated attribute names to provide seamless access to the
- * attributes of attribute value  which also implements AttrSet
- * interface as if it was direct attribute of the container
- * E.g., ((AttrSet)container.get("x")).get("y") is equivalent to
- * container.get("x.y");
+ * This interface defines the abstraction for the generic collection of
+ * attributes indexed by string names. Set of cooperating implementations of
+ * this interface may exploit dot-separated attribute names to provide seamless
+ * access to the attributes of attribute value which also implements AttrSet
+ * interface as if it was direct attribute of the container E.g.,
+ * ((AttrSet)container.get("x")).get("y") is equivalent to container.get("x.y");
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  **/
 public interface IArgBlock extends Serializable {
 
     /**
      * Checks if this argument block contains the given key.
-     *
+     * 
      * @param n key
      * @return true if key is present
      */
     public boolean isValuePresent(String n);
+
     /**
      * Adds string-based value into this argument block.
-     *
+     * 
      * @param n key
      * @param v value
      * @return value
@@ -57,7 +55,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as string.
-     *
+     * 
      * @param n key
      * @return argument value as string
      * @exception EBaseException failed to retrieve value
@@ -66,7 +64,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as string.
-     *
+     * 
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as string
@@ -75,16 +73,16 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as integer.
-     *
+     * 
      * @param n key
      * @return argument value as int
      * @exception EBaseException failed to retrieve value
      */
-    public int getValueAsInt(String n) throws EBaseException;    
+    public int getValueAsInt(String n) throws EBaseException;
 
     /**
      * Retrieves argument value as integer.
-     *
+     * 
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as int
@@ -93,7 +91,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as big integer.
-     *
+     * 
      * @param n key
      * @return argument value as big integer
      * @exception EBaseException failed to retrieve value
@@ -102,7 +100,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as big integer.
-     *
+     * 
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as big integer
@@ -111,7 +109,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as object
-     *
+     * 
      * @param n key
      * @return argument value as object
      * @exception EBaseException failed to retrieve value
@@ -120,7 +118,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument value as object
-     *
+     * 
      * @param n key
      * @param def default value to be returned if key is not present
      * @return argument value as object
@@ -129,7 +127,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Gets boolean value. They should be "true" or "false".
-     *
+     * 
      * @param name name of the input type
      * @return boolean type: <code>true</code> or <code>false</code>
      * @exception EBaseException failed to retrieve value
@@ -138,27 +136,28 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Gets boolean value. They should be "true" or "false".
-     *
+     * 
      * @param name name of the input type
-     * @param def  Default value to return.
+     * @param def Default value to return.
      * @return boolean type: <code>true</code> or <code>false</code>
      */
     public boolean getValueAsBoolean(String name, boolean def);
 
     /**
      * Gets KeyGenInfo
-     *
+     * 
      * @param name name of the input type
      * @param def default value to return
      * @exception EBaseException On error.
      * @return KeyGenInfo object
      */
-    public KeyGenInfo getValueAsKeyGenInfo(String name, KeyGenInfo def) throws EBaseException;
+    public KeyGenInfo getValueAsKeyGenInfo(String name, KeyGenInfo def)
+            throws EBaseException;
 
     /**
-     * Gets PKCS10 request. This pkcs10 attribute does not
-     * contain header information.
-     *
+     * Gets PKCS10 request. This pkcs10 attribute does not contain header
+     * information.
+     * 
      * @param name name of the input type
      * @return pkcs10 request
      * @exception EBaseException failed to retrieve value
@@ -166,41 +165,44 @@ public interface IArgBlock extends Serializable {
     public PKCS10 getValueAsRawPKCS10(String name) throws EBaseException;
 
     /**
-     * Gets PKCS10 request. This pkcs10 attribute does not
-     * contain header information.
-     *
+     * Gets PKCS10 request. This pkcs10 attribute does not contain header
+     * information.
+     * 
      * @param name name of the input type
      * @param def default PKCS10
      * @return pkcs10 request
      * @exception EBaseException failed to retrieve value
      */
-    public PKCS10 getValueAsRawPKCS10(String name, PKCS10 def) throws EBaseException;
+    public PKCS10 getValueAsRawPKCS10(String name, PKCS10 def)
+            throws EBaseException;
 
     /**
      * Retrieves PKCS10
-     *
-     * @param name name of the  input type
+     * 
+     * @param name name of the input type
      * @param checkheader true if header must be present
      * @return PKCS10 object
      * @exception EBaseException failed to retrieve value
      */
-    public PKCS10 getValueAsPKCS10(String name, boolean checkheader) throws EBaseException;
+    public PKCS10 getValueAsPKCS10(String name, boolean checkheader)
+            throws EBaseException;
 
     /**
      * Retrieves PKCS10
-     *
-     * @param name name of the  input type
+     * 
+     * @param name name of the input type
      * @param checkheader true if header must be present
      * @param def default PKCS10
      * @return PKCS10 object
      * @exception EBaseException on error
      */
-    public PKCS10 getValueAsPKCS10(String name, boolean checkheader, PKCS10 def) throws EBaseException;
+    public PKCS10 getValueAsPKCS10(String name, boolean checkheader, PKCS10 def)
+            throws EBaseException;
 
     /**
      * Retrieves PKCS10
-     *
-     * @param name name of the  input type
+     * 
+     * @param name name of the input type
      * @param def default PKCS10
      * @return PKCS10 object
      * @exception EBaseException on error
@@ -209,14 +211,14 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves a list of argument keys.
-     *
+     * 
      * @return a list of string-based keys
      */
     public Enumeration elements();
 
     /**
      * Adds long-type arguments to this block.
-     *
+     * 
      * @param n key
      * @param v value
      * @return value
@@ -225,7 +227,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds integer-type arguments to this block.
-     *
+     * 
      * @param n key
      * @param v value
      * @return value
@@ -234,7 +236,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds boolean-type arguments to this block.
-     *
+     * 
      * @param n key
      * @param v value
      * @return value
@@ -243,7 +245,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Adds integer-type arguments to this block.
-     *
+     * 
      * @param n key
      * @param v value
      * @param radix radix
@@ -253,7 +255,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Sets argument into this block.
-     *
+     * 
      * @param name key
      * @param obj value
      */
@@ -261,7 +263,7 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Retrieves argument.
-     *
+     * 
      * @param name key
      * @return object value
      */
@@ -269,14 +271,14 @@ public interface IArgBlock extends Serializable {
 
     /**
      * Deletes argument by the given key.
-     *
+     * 
      * @param name key
      */
     public void delete(String name);
 
     /**
      * Retrieves a list of argument keys.
-     *
+     * 
      * @return a list of string-based keys
      */
     public Enumeration getElements();
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IAttrSet.java b/pki/base/common/src/com/netscape/certsrv/base/IAttrSet.java
index 4e8b0205d..c43f035d0 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IAttrSet.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IAttrSet.java
@@ -17,38 +17,34 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.io.Serializable;
 import java.util.Enumeration;
 
-
 /**
- * This interface defines the abstraction for the generic collection
- * of attributes indexed by string names.
- * Set of cooperating implementations of this interface may exploit
- * dot-separated attribute names to provide seamless access to the
- * attributes of attribute value  which also implements AttrSet
- * interface as if it was direct attribute of the container
- * E.g., ((AttrSet)container.get("x")).get("y") is equivalent to
- * container.get("x.y");
+ * This interface defines the abstraction for the generic collection of
+ * attributes indexed by string names. Set of cooperating implementations of
+ * this interface may exploit dot-separated attribute names to provide seamless
+ * access to the attributes of attribute value which also implements AttrSet
+ * interface as if it was direct attribute of the container E.g.,
+ * ((AttrSet)container.get("x")).get("y") is equivalent to container.get("x.y");
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  **/
 public interface IAttrSet extends Serializable {
 
     /**
      * Sets an attribute value within this AttrSet.
-     *
+     * 
      * @param name the name of the attribute
      * @param obj the attribute object.
      * @exception EBaseException on attribute handling errors.
      */
-    public void set(String name, Object obj)throws EBaseException;
+    public void set(String name, Object obj) throws EBaseException;
 
     /**
      * Gets an attribute value.
-     *
+     * 
      * @param name the name of the attribute to return.
      * @exception EBaseException on attribute handling errors.
      */
@@ -56,7 +52,7 @@ public interface IAttrSet extends Serializable {
 
     /**
      * Deletes an attribute value from this AttrSet.
-     *
+     * 
      * @param name the name of the attribute to delete.
      * @exception EBaseException on attribute handling errors.
      */
@@ -65,7 +61,7 @@ public interface IAttrSet extends Serializable {
     /**
      * Returns an enumeration of the names of the attributes existing within
      * this AttrSet.
-     *
+     * 
      * @return an enumeration of the attribute names.
      */
     public Enumeration getElements();
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IAuthInfo.java b/pki/base/common/src/com/netscape/certsrv/base/IAuthInfo.java
index 91f9f51af..ed55d47eb 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IAuthInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IAuthInfo.java
@@ -17,15 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
-
-
 /**
- * An interface represents an authentication context. This
- * is an entity that encapsulates the authentication
- * information of a service requestor. For example, CMS
- * user needs to authenticate to CMS using SSL. The
- * client certificate is expressed in authenticated context.
+ * An interface represents an authentication context. This is an entity that
+ * encapsulates the authentication information of a service requestor. For
+ * example, CMS user needs to authenticate to CMS using SSL. The client
+ * certificate is expressed in authenticated context.
  * <P>
  * 
  * @version $Revision$, $Date$
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java b/pki/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java
index c770121fd..f11015d7f 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ICRLPrettyPrint.java
@@ -17,32 +17,31 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Locale;
 
-
 /**
- * This interface represents a CRL pretty print handler.
- * It converts a CRL object into a printable CRL string.
- *
+ * This interface represents a CRL pretty print handler. It converts a CRL
+ * object into a printable CRL string.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICRLPrettyPrint {
 
     /**
      * Retrieves the printable CRL string.
-     *
+     * 
      * @param clientLocale end user clocale
      * @param crlSize CRL size
      * @param pageStart starting page number
      * @param pageSize page size in rows
      * @return printable CRL string
      */
-    public String toString(Locale clientLocale, long crlSize, long pageStart, long pageSize);
+    public String toString(Locale clientLocale, long crlSize, long pageStart,
+            long pageSize);
 
     /**
      * Retrieves the printable CRL string.
-     *
+     * 
      * @param clientLocale end user clocale
      * @return printable CRL string
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java b/pki/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java
index fc4e8c291..fbef80f4f 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ICertPrettyPrint.java
@@ -17,22 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Locale;
 
-
 /**
- * This interface represents a certificate pretty print
- * handler. This handler converts certificate object into
- * a printable certificate string.
+ * This interface represents a certificate pretty print handler. This handler
+ * converts certificate object into a printable certificate string.
  * 
- * @version $Revision$, $Date$ 
+ * @version $Revision$, $Date$
  */
 public interface ICertPrettyPrint {
 
     /**
      * Returns printable certificate string.
-     *
+     * 
      * @param clientLocale end user locale
      * @return printable certificate string
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IConfigStore.java b/pki/base/common/src/com/netscape/certsrv/base/IConfigStore.java
index aef83b1cf..bdf3a861e 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IConfigStore.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IConfigStore.java
@@ -17,16 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.math.BigInteger;
 import java.util.Enumeration;
 
-
 /**
- * An interface represents a configuration store. 
- * A configuration store is an abstraction of a hierarchical store 
- * to keep arbitrary data indexed by string names.<p>
- * In the following example: 
+ * An interface represents a configuration store. A configuration store is an
+ * abstraction of a hierarchical store to keep arbitrary data indexed by string
+ * names.
+ * <p>
+ * In the following example:
+ * 
  * <pre>
  *      param1=value1
  *      configStore1.param11=value11
@@ -35,26 +35,28 @@ import java.util.Enumeration;
  *      configStore1.subStore1.param112=value112
  *      configStore2.param21=value21
  * </pre>
- * The top config store has parameters <i>param1</i> and sub-stores 
+ * 
+ * The top config store has parameters <i>param1</i> and sub-stores
  * <i>configStore1</i> and <i>configStore2</i>. <br>
  * The following illustrates how a config store is used.
+ * 
  * <pre>
- *     // the top config store is passed to the following method. 
- *     public void init(IConfigStore config) throws EBaseException {
- *       IConfigStore store = config;
- *       String valx = config.getString("param1");  
- *       // valx is "value1" <p>
- *
- *       IConfigStore substore1 = config.getSubstore("configStore1");
- *       String valy = substore1.getString("param11"); 
- *       // valy is "value11" <p>
- *	
- *       IConfigStore substore2 = config.getSubstore("configStore2");
- *       String valz = substore2.getString("param21"); 
- *       // valz is "value21" <p>
- *     }
+ * // the top config store is passed to the following method.
+ * public void init(IConfigStore config) throws EBaseException {
+ *     IConfigStore store = config;
+ *     String valx = config.getString(&quot;param1&quot;);
+ *     // valx is &quot;value1&quot; &lt;p&gt;
+ * 
+ *     IConfigStore substore1 = config.getSubstore(&quot;configStore1&quot;);
+ *     String valy = substore1.getString(&quot;param11&quot;);
+ *     // valy is &quot;value11&quot; &lt;p&gt;
+ * 
+ *     IConfigStore substore2 = config.getSubstore(&quot;configStore2&quot;);
+ *     String valz = substore2.getString(&quot;param21&quot;);
+ *     // valz is &quot;value21&quot; &lt;p&gt;
+ * }
  * </pre>
- *		
+ * 
  * @version $Revision$, $Date$
  */
 public interface IConfigStore extends ISourceConfigStore {
@@ -62,6 +64,7 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Gets the name of this Configuration Store.
      * <P>
+     * 
      * @return The name of this Configuration store
      */
     public String getName();
@@ -69,60 +72,65 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the value of the given property as a string.
      * <p>
+     * 
      * @param name The name of the property to get
      * @return The value of the property as a String
      * @exception EPropertyNotFound If the property is not present
      * @exception EBaseException If an internal error occurred
      */
-    public String getString(String name) 
-        throws EPropertyNotFound, EBaseException;
+    public String getString(String name) throws EPropertyNotFound,
+            EBaseException;
 
     /**
-     * Retrieves the value of a given property as a string or the 
-     * given default value if the property is not present.
+     * Retrieves the value of a given property as a string or the given default
+     * value if the property is not present.
      * <P>
+     * 
      * @param name The property to retrive
      * @param defval The default value to return if the property is not present
      * @return The roperty value as a string
      * @exception EBaseException If an internal error occurred
      */
-    public String getString(String name, String defval) 
-        throws EBaseException;
+    public String getString(String name, String defval) throws EBaseException;
 
     /**
-     * Stores a property and its value as a string. 
+     * Stores a property and its value as a string.
      * <p>
+     * 
      * @param name The name of the property
      * @param value The value as a string
-     */ 
+     */
     public void putString(String name, String value);
 
     /**
      * Retrieves the value of a property as a byte array.
      * <P>
+     * 
      * @param name The property name
      * @return The property value as a byte array
      * @exception EPropertyNotFound If the property is not present
      * @exception EBaseException If an internal error occurred
      */
-    public byte[] getByteArray(String name) 
-        throws EPropertyNotFound, EBaseException;
+    public byte[] getByteArray(String name) throws EPropertyNotFound,
+            EBaseException;
 
     /**
-     * Retrieves the value of a property as a byte array, using the 
-     * given default value if property is not present.
+     * Retrieves the value of a property as a byte array, using the given
+     * default value if property is not present.
      * <P>
+     * 
      * @param name The name of the property
      * @param defval The default value if the property is not present.
      * @return The property value as a byte array.
      * @exception EBaseException If an internal error occurred
      */
-    public byte[] getByteArray(String name, byte defval[]) 
-        throws EBaseException;
+    public byte[] getByteArray(String name, byte defval[])
+            throws EBaseException;
 
     /**
      * Stores the given property and value as a byte array.
      * <p>
+     * 
      * @param name The property name
      * @param value The value as a byte array to store
      */
@@ -131,29 +139,32 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as a boolean.
      * <P>
+     * 
      * @param name The name of the property as a string.
      * @return The value of the property as a boolean.
      * @exception EPropertyNotFound If the property is not present
      * @exception EBaseException If an internal error occurred
      */
-    public boolean getBoolean(String name) 
-        throws EPropertyNotFound, EBaseException;
+    public boolean getBoolean(String name) throws EPropertyNotFound,
+            EBaseException;
 
     /**
      * Retrieves the given property as a boolean.
      * <P>
+     * 
      * @param name The name of the property
-     * @param defval The default value to turn as a boolean if 
-     * property is not present
+     * @param defval The default value to turn as a boolean if property is not
+     *            present
      * @return The value of the property as a boolean.
      * @exception EBaseException If an internal error occurred
      */
-    public boolean getBoolean(String name, boolean defval) 
-        throws EBaseException;
+    public boolean getBoolean(String name, boolean defval)
+            throws EBaseException;
 
     /**
      * Stores the given property and its value as a boolean.
      * <P>
+     * 
      * @param name The property name
      * @param value The value as a boolean
      */
@@ -162,28 +173,28 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as an integer.
      * <P>
+     * 
      * @param name The property name
      * @return The property value as an integer
      * @exception EPropertyNotFound If property is not found
      * @exception EBaseException If an internal error occurred
      */
-    public int getInteger(String name) 
-        throws EPropertyNotFound, EBaseException;
+    public int getInteger(String name) throws EPropertyNotFound, EBaseException;
 
     /**
      * Retrieves the given property as an integer.
      * <P>
+     * 
      * @param name The property name
      * @return int The default value to return as an integer
-     * @exception EBaseException If the value cannot be converted to a 
-     * integer
+     * @exception EBaseException If the value cannot be converted to a integer
      */
-    public int getInteger(String name, int defval) 
-        throws EBaseException;
+    public int getInteger(String name, int defval) throws EBaseException;
 
     /**
      * Sets a property and its value as an integer.
      * <P>
+     * 
      * @param name parameter name
      * @param value integer value
      */
@@ -192,28 +203,30 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Retrieves the given property as a big integer.
      * <P>
+     * 
      * @param name The property name
      * @return The property value as a big integer
      * @exception EPropertyNotFound If property is not found
      * @exception EBaseException If an internal error occurred
      */
-    public BigInteger getBigInteger(String name) 
-        throws EPropertyNotFound, EBaseException;
+    public BigInteger getBigInteger(String name) throws EPropertyNotFound,
+            EBaseException;
 
     /**
      * Retrieves the given property as a big integer.
      * <P>
+     * 
      * @param name The property name
      * @return int The default value to return as a big integer
-     * @exception EBaseException If the value cannot be converted to a 
-     * integer
+     * @exception EBaseException If the value cannot be converted to a integer
      */
-    public BigInteger getBigInteger(String name, BigInteger defval) 
-        throws EBaseException;
+    public BigInteger getBigInteger(String name, BigInteger defval)
+            throws EBaseException;
 
     /**
      * Sets a property and its value as an integer.
      * <P>
+     * 
      * @param name parameter name
      * @param value big integer value
      */
@@ -222,23 +235,26 @@ public interface IConfigStore extends ISourceConfigStore {
     /**
      * Creates a nested sub-store with the specified name.
      * <P>
+     * 
      * @param name The name of the sub-store
      * @return The sub-store created
      */
     public IConfigStore makeSubStore(String name);
 
     /**
-     * Retrieves the given sub-store. 
+     * Retrieves the given sub-store.
      * <P>
+     * 
      * @param name The name of the sub-store
      * @return The sub-store
      */
     public IConfigStore getSubStore(String name);
 
     /**
-     * Removes sub-store with the given name. 
-     * (Removes all properties and sub-stores under this sub-store.)
+     * Removes sub-store with the given name. (Removes all properties and
+     * sub-stores under this sub-store.)
      * <P>
+     * 
      * @param name The name of the sub-store to remove
      */
     public void removeSubStore(String name);
@@ -247,22 +263,24 @@ public interface IConfigStore extends ISourceConfigStore {
 
     /**
      * Retrives and enumeration of all properties in this config-store.
+     * 
      * @return An enumeration of all properties in this config-store
      */
     public Enumeration<String> getPropertyNames();
 
     /**
-     * Returns an enumeration of the names of the substores of 
-     * this config-store.
+     * Returns an enumeration of the names of the substores of this
+     * config-store.
      * <P>
-     * @return An enumeration of the names of the sub-stores of this 
-     * config-store
+     * 
+     * @return An enumeration of the names of the sub-stores of this
+     *         config-store
      */
     public Enumeration<String> getSubStoreNames();
 
     /**
      * Commits all the data into file immediately.
-     *
+     * 
      * @param createBackup true if a backup file should be created
      * @exception EBaseException failed to commit
      */
@@ -273,4 +291,3 @@ public interface IConfigStore extends ISourceConfigStore {
      */
     public int size();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java b/pki/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java
index f2b6a03d4..48eb37827 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IConfigStoreEventListener.java
@@ -17,34 +17,32 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Hashtable;
- 
 
 /**
  * ConfigStore Parameters Event Notification.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IConfigStoreEventListener {
 
     /**
      * Called to validate the config store parameters that changed
-     *
+     * 
      * @param action action
      * @param params configuration parameters changed
      * @exception EBaseException failed to validate
      */
-    public void validateConfigParams(String action, 
-        Hashtable params) throws EBaseException;
+    public void validateConfigParams(String action, Hashtable params)
+            throws EBaseException;
 
     /**
      * Validates the config store parameters that changed
-     *
+     * 
      * @param action action
      * @param params configuration parameters changed
      * @exception EBaseException failed to validate
      */
-    public void doConfigParams(String action, 
-        Hashtable params) throws EBaseException;
+    public void doConfigParams(String action, Hashtable params)
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java b/pki/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java
index 73e95b776..101af3fa8 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IExtPrettyPrint.java
@@ -17,22 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
-
-
 /**
- * This class will display the certificate content in predefined
- * format.
- *
+ * This class will display the certificate content in predefined format.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IExtPrettyPrint {
 
     /**
      * Retrieves the printable extension string.
-     *
+     * 
      * @return printable extension string
      */
     public String toString();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java b/pki/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java
index e8060b24a..e0f87c4ee 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IExtendedPluginInfo.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Locale;
 
-
 /**
  * Plugin which can return extended information to console
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IExtendedPluginInfo {
@@ -33,48 +31,43 @@ public interface IExtendedPluginInfo {
     public static final String HELP_TEXT = "HELP_TEXT";
 
     /**
-     *  This method returns an array of strings. Each element of the
-     *  array represents a configurable parameter, or some other
-     *  meta-info (such as help-token)
+     * This method returns an array of strings. Each element of the array
+     * represents a configurable parameter, or some other meta-info (such as
+     * help-token)
+     * 
+     * there is an entry indexed on that parameter name
+     * <param-name>;<type_info>[,required];<description>;...
+     * 
+     * Where:
+     * 
+     * type_info is either 'string', 'number', 'boolean', 'password' or
+     * 'choice(ch1,ch2,ch3,...)'
+     * 
+     * If the marker 'required' is included after the type_info, the parameter
+     * will has some visually distinctive marking in the UI.
+     * 
+     * 'description' is a short sentence describing the parameter 'choice' is
+     * rendered as a drop-down list. The first parameter in the list will be
+     * activated by default 'boolean' is rendered as a checkbox. The resulting
+     * parameter will be either 'true' or 'false' 'string' allows any characters
+     * 'number' allows only numbers 'password' is rendered as a password field
+     * (the characters are replaced with *'s when being types. This parameter is
+     * not passed through to the plugin. It is instead inserted directly into
+     * the password cache keyed on the instance name. The value of the parameter
+     * 'bindPWPrompt' (see example below) is set to the key.
+     * 
+     * In addition to the configurable parameters, the following magic
+     * parameters may be defined:
+     * 
+     * HELP_TOKEN;helptoken - a pointer to the online manual section for this
+     * plugin HELP_TEXT;helptext - a general help string describing the plugin
      * 
-     *  there is an entry indexed on that parameter name
-     *  <param-name>;<type_info>[,required];<description>;...
-     *  
-     *  Where:
-     *
-     *    type_info is either 'string', 'number', 'boolean', 'password' or 
-     *        'choice(ch1,ch2,ch3,...)'
-     *
-     *    If the marker 'required' is included after the type_info,
-     *    the parameter will has some visually distinctive marking in
-     *    the UI.
+     * For example: "username;string;The username you wish to login as"
+     * "bindPWPrompt;password;Enter password to bind as above user with"
+     * "algorithm;choice(RSA,DSA);Which algorithm do you want to use"
+     * "enable;boolean;Do you want to run this plugin"
+     * "port;number;Which port number do you want to use"
      * 
-     *    'description' is a short sentence describing the parameter
-     *    'choice' is rendered as a drop-down list. The first parameter in the
-     *       list will be activated by default
-     *    'boolean' is rendered as a checkbox. The resulting parameter will be
-     *       either 'true' or 'false'
-     *	  'string' allows any characters
-     *	  'number' allows only numbers
-     *    'password' is rendered as a password field (the characters are replaced
-     *       with *'s when being types. This parameter is not passed through to
-     *       the plugin. It is instead inserted directly into the password cache
-     *       keyed on the instance name. The value of the parameter
-     *       'bindPWPrompt' (see example below) is set to the key.
-     *
-     *  In addition to the configurable parameters, the following magic parameters
-     *  may be defined:
-     *  
-     *    HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin
-     *    HELP_TEXT;helptext   - a general help string describing the plugin
-     *
-     *   For example:
-     *    "username;string;The username you wish to login as"
-     *    "bindPWPrompt;password;Enter password to bind as above user with"
-     *    "algorithm;choice(RSA,DSA);Which algorithm do you want to use"
-     *    "enable;boolean;Do you want to run this plugin"
-     *    "port;number;Which port number do you want to use"
-     *
      */
     public String[] getExtendedPluginInfo(Locale locale);
 
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IPluginImpl.java b/pki/base/common/src/com/netscape/certsrv/base/IPluginImpl.java
index 4a55af607..52ac3dd9f 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IPluginImpl.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IPluginImpl.java
@@ -17,12 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Vector;
 
 /**
  * This interface represents a plugin instance.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPluginImpl {
@@ -32,6 +31,7 @@ public interface IPluginImpl {
     /**
      * Gets the description for this plugin instance.
      * <P>
+     * 
      * @return The Description for this plugin instance.
      */
     public String getDescription();
@@ -39,7 +39,7 @@ public interface IPluginImpl {
     /**
      * Returns the name of the plugin class.
      * <P>
-     *
+     * 
      * @return The name of the plugin class.
      */
     public String getImplName();
@@ -47,24 +47,23 @@ public interface IPluginImpl {
     /**
      * Returns the name of the plugin instance.
      * <P>
-     *
-     * @return The name of the plugin instance. If none	is set 
-     * the name of the implementation will be returned.xxxx
+     * 
+     * @return The name of the plugin instance. If none is set the name of the
+     *         implementation will be returned.xxxx
      */
     public String getInstanceName();
 
     /**
      * Initializes this plugin instance.
-     *
+     * 
      * @param sys parent subsystem
      * @param instanceName instance name of this plugin
      * @param className class name of this plugin
      * @param config configuration store
      * @exception EBaseException failed to initialize
      */
-    public void init(ISubsystem sys, String instanceName, String className, 
-        IConfigStore config)
-        throws EBaseException;
+    public void init(ISubsystem sys, String instanceName, String className,
+            IConfigStore config) throws EBaseException;
 
     /**
      * Shutdowns this plugin.
@@ -73,33 +72,32 @@ public interface IPluginImpl {
 
     /**
      * Retrieves the configuration store.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Return configured parameters for a plugin instance.
-     *
-     * @return nvPairs A Vector of name/value pairs. Each name/value 
-     *      pair is constructed as a String in name=value format.
+     * 
+     * @return nvPairs A Vector of name/value pairs. Each name/value pair is
+     *         constructed as a String in name=value format.
      */
     public Vector getInstanceParams();
 
     /**
      * Retrieves a list of configuration parameter names.
-     *
+     * 
      * @return a list of parameter names
      */
     public String[] getConfigParams();
 
     /**
      * Return default parameters for a plugin implementation.
-     *
-     * @return nvPairs A Vector of name/value pairs. Each name/value
-     *		  		pair is constructed as a String in name=value.
+     * 
+     * @return nvPairs A Vector of name/value pairs. Each name/value pair is
+     *         constructed as a String in name=value.
      */
     public Vector getDefaultParams();
 
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java b/pki/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java
index 1fba48f19..0f3039d15 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/IPrettyPrintFormat.java
@@ -17,32 +17,28 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
-
-
 /**
- * This class will display the certificate content in predefined
- * format.
- *
+ * This class will display the certificate content in predefined format.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     *
+     * 
      * @param in byte array
      * @param indentSize indentation size
      * @param lineLen length of line
      * @param separator separator string
      * @return pretty print string
      */
-    public String toHexString(byte[] in, int indentSize, 
-        int lineLen, String separator);
+    public String toHexString(byte[] in, int indentSize, int lineLen,
+            String separator);
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     *
+     * 
      * @param in byte array
      * @param indentSize indentation size
      * @param lineLen length of line
@@ -52,7 +48,7 @@ public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     *
+     * 
      * @param in byte array
      * @param indentSize indentation size
      * @return pretty print string
@@ -61,7 +57,7 @@ public interface IPrettyPrintFormat {
 
     /**
      * Retrieves a pretty print string of the given byte array.
-     *
+     * 
      * @param in byte array
      * @return pretty print string
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ISecurityDomainSessionTable.java b/pki/base/common/src/com/netscape/certsrv/base/ISecurityDomainSessionTable.java
index 3902d4433..dfc358088 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ISecurityDomainSessionTable.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ISecurityDomainSessionTable.java
@@ -19,21 +19,30 @@ package com.netscape.certsrv.base;
 
 import java.util.Enumeration;
 
-
 /**
  * This interface defines the abstraction for the cookie table.
  **/
 public interface ISecurityDomainSessionTable {
-    public static final int SUCCESS =0;
-    public static final int FAILURE =1;
+    public static final int SUCCESS = 0;
+    public static final int FAILURE = 1;
+
     public int addEntry(String cookieId, String ip, String uid, String group);
+
     public int removeEntry(String sessionId);
+
     public boolean isSessionIdExist(String sessionId);
+
     public String getIP(String sessionId);
+
     public String getUID(String sessionId);
+
     public String getGroup(String sessionId);
+
     public long getBeginTime(String sessionId);
+
     public int getSize();
+
     public long getTimeToLive();
+
     public Enumeration getSessionIds();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java b/pki/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java
index fb8628ba2..362fc8ad0 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ISourceConfigStore.java
@@ -17,20 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.Serializable;
 import java.util.Enumeration;
 
-
 /**
- * An interface that represents the source that creates the configuration
- * store tree. Note that the tree can be built based on the information
- * from a text file or ldap entries.
+ * An interface that represents the source that creates the configuration store
+ * tree. Note that the tree can be built based on the information from a text
+ * file or ldap entries.
+ * 
  * @see com.netscape.certsrv.base.IConfigStore
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ISourceConfigStore extends Serializable {
@@ -38,7 +37,7 @@ public interface ISourceConfigStore extends Serializable {
     /**
      * Gets a property.
      * <P>
-     *
+     * 
      * @param name The property name
      * @return property value
      */
@@ -47,7 +46,7 @@ public interface ISourceConfigStore extends Serializable {
     /**
      * Retrieves a property.
      * <P>
-     *
+     * 
      * @param name The property name
      * @param value The property value
      */
@@ -56,7 +55,7 @@ public interface ISourceConfigStore extends Serializable {
     /**
      * Returns an enumeration of the config store's keys.
      * <P>
-     *
+     * 
      * @return a list of keys
      * @see java.util.Hashtable#elements
      * @see java.util.Enumeration
@@ -64,16 +63,16 @@ public interface ISourceConfigStore extends Serializable {
     public Enumeration keys();
 
     /**
-     * Reads a config store from an input stream. 
-     *
+     * Reads a config store from an input stream.
+     * 
      * @param in input stream where the properties are located
      * @exception IOException If an IO error occurs while loading from input.
      */
     public void load(InputStream in) throws IOException;
 
     /**
-     * Stores this config store to the specified output stream. 
-     *
+     * Stores this config store to the specified output stream.
+     * 
      * @param out output stream where the properties should be serialized
      * @param header optional header to be serialized
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ISubsystem.java b/pki/base/common/src/com/netscape/certsrv/base/ISubsystem.java
index 77f1708ac..994c8f758 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ISubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ISubsystem.java
@@ -17,13 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
-
-
 /**
- * An interface represents a CMS subsystem. CMS is made up of a list
- * subsystems. Each subsystem is responsible for a set of 
- * speciailized functions.
+ * An interface represents a CMS subsystem. CMS is made up of a list subsystems.
+ * Each subsystem is responsible for a set of speciailized functions.
  * <P>
  * 
  * @version $Revision$, $Date$
@@ -32,41 +28,40 @@ public interface ISubsystem {
 
     /**
      * Retrieves the name of this subsystem.
-     *
+     * 
      * @return subsystem identifier
      */
     public String getId();
 
     /**
      * Sets specific to this subsystem.
-     *
+     * 
      * @param id subsystem identifier
      * @exception EBaseException failed to set id
      */
     public void setId(String id) throws EBaseException;
 
     /**
-     * Initializes this subsystem with the given configuration
-     * store.
+     * Initializes this subsystem with the given configuration store.
      * <P>
-     *
+     * 
      * @param owner owner of this subsystem
      * @param config configuration store
      * @exception EBaseException failed to initialize
      */
     public void init(ISubsystem owner, IConfigStore config)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Notifies this subsystem if owner is in running mode.
-     *
+     * 
      * @exception EBaseException failed to start up
      */
     public void startup() throws EBaseException;
 
     /**
-     * Stops this system. The owner may call shutdown
-     * anytime after initialization.
+     * Stops this system. The owner may call shutdown anytime after
+     * initialization.
      * <P>
      */
     public void shutdown();
@@ -74,7 +69,7 @@ public interface ISubsystem {
     /**
      * Returns the root configuration storage of this system.
      * <P>
-     *
+     * 
      * @return configuration store of this subsystem
      */
     public IConfigStore getConfigStore();
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java b/pki/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java
index 23b82179e..7c491d518 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ISubsystemSource.java
@@ -17,12 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
-
-
 /**
- * An interface represents a subsystem source. A subsystem
- * source is a container that manages multiple subsystems.
+ * An interface represents a subsystem source. A subsystem source is a container
+ * that manages multiple subsystems.
  * <P>
  * 
  * @version $Revision$, $Date$
@@ -31,7 +28,7 @@ public interface ISubsystemSource {
 
     /**
      * Retrieves subsystem from the source.
-     *
+     * 
      * @param sid subsystem identifier
      * @return subsystem
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/base/ITimeSource.java b/pki/base/common/src/com/netscape/certsrv/base/ITimeSource.java
index f1e3e25e4..6805a5f90 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/ITimeSource.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/ITimeSource.java
@@ -17,17 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Date;
 
-
 /**
- * This interface represents a time source where
- * current time can be retrieved. CMS is installed
- * with a default time source that returns
- * current time based on the system time. It is
- * possible to register a time source that returns
- * the current time from a NTP server.
+ * This interface represents a time source where current time can be retrieved.
+ * CMS is installed with a default time source that returns current time based
+ * on the system time. It is possible to register a time source that returns the
+ * current time from a NTP server.
  * 
  * @version $Revision$, $Date$
  */
@@ -35,7 +31,7 @@ public interface ITimeSource {
 
     /**
      * Retrieves current time and date.
-     *
+     * 
      * @return current time and date
      */
     public Date getCurrentDate();
diff --git a/pki/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java b/pki/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java
index 17efca771..5fc417178 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/KeyGenInfo.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.io.IOException;
 
 import netscape.security.util.DerInputStream;
@@ -25,35 +24,36 @@ import netscape.security.util.DerValue;
 import netscape.security.x509.AlgorithmId;
 import netscape.security.x509.X509Key;
 
-
 /**
- *
- * The <code>KeyGenInfo</code> represents the information generated by
- * the KeyGen tag of the HTML forms. It provides the parsing and accessing
- * mechanisms.<p>
- *
+ * 
+ * The <code>KeyGenInfo</code> represents the information generated by the
+ * KeyGen tag of the HTML forms. It provides the parsing and accessing
+ * mechanisms.
+ * <p>
+ * 
  * <pre>
  * SignedPublicKeyAndChallenge ::= SEQUENCE {
  *      publicKeyAndChallenge PublicKeyAndChallenge,
  *      signatureAlgorithm AlgorithmIdentifier,
  *      signature BIT STRING
  * }
- *
+ * 
  * PublicKeyAndChallenge ::= SEQUENCE {
  *      spki SubjectPublicKeyInfo,
  *      challenge IA5STRING
  * }
- *</pre>
- *
- *
+ * </pre>
+ * 
+ * 
  * @version $Revision$, $Date$
  */
 
 public class KeyGenInfo {
 
-    /*==========================================================
-     * variables
-     *==========================================================*/
+    /*
+     * ========================================================== variables
+     * ==========================================================
+     */
     private String mSPKACString;
     private byte mPKAC[];
     private byte mSPKAC[];
@@ -64,36 +64,37 @@ public class KeyGenInfo {
     private byte mSignature[];
     private AlgorithmId mAlgId;
 
-    /*==========================================================
-     * constructors
-     *==========================================================*/
+    /*
+     * ========================================================== constructors
+     * ==========================================================
+     */
 
     /**
-     * Construct empty KeyGenInfo. Need to call decode function
-     * later to initialize.
+     * Construct empty KeyGenInfo. Need to call decode function later to
+     * initialize.
      */
     public KeyGenInfo() {
 
     }
 
     /**
-     * Construct KeyGenInfo using the SignedPublicKeyAndChallenge
-     * string representation.
-     *
+     * Construct KeyGenInfo using the SignedPublicKeyAndChallenge string
+     * representation.
+     * 
      * @param spkac SignedPublicKeyAndChallenge string representation
      */
-    public KeyGenInfo(String spkac)
-        throws IOException {
+    public KeyGenInfo(String spkac) throws IOException {
         decode(spkac);
     }
 
-    /*==========================================================
-     * public methods
-     *==========================================================*/
+    /*
+     * ========================================================== public methods
+     * ==========================================================
+     */
 
     /**
      * Initialize using the SPKAC string
-     *
+     * 
      * @param spkac SPKAC string from the end user
      */
     public void decode(String spkac) throws IOException {
@@ -104,7 +105,7 @@ public class KeyGenInfo {
 
     /**
      * Der encoded into buffer
-     *
+     * 
      * @return Der encoded buffer
      */
     public byte[] encode() {
@@ -113,7 +114,7 @@ public class KeyGenInfo {
 
     /**
      * Get SPKI in DerValue form
-     *
+     * 
      * @return SPKI in DerValue form
      */
     public DerValue getDerSPKI() {
@@ -122,7 +123,7 @@ public class KeyGenInfo {
 
     /**
      * Get SPKI as X509Key
-     *
+     * 
      * @return SPKI in X509Key form
      */
     public X509Key getSPKI() {
@@ -131,7 +132,7 @@ public class KeyGenInfo {
 
     /**
      * Get Challenge phrase in DerValue form
-     *
+     * 
      * @return Challenge in DerValue form. null if none.
      */
     public DerValue getDerChallenge() {
@@ -140,7 +141,7 @@ public class KeyGenInfo {
 
     /**
      * Get Challenge phrase in string format
-     *
+     * 
      * @return challenge phrase. null if none.
      */
     public String getChallenge() {
@@ -149,6 +150,7 @@ public class KeyGenInfo {
 
     /**
      * Get Signature
+     * 
      * @return signature
      */
     public byte[] getSignature() {
@@ -157,6 +159,7 @@ public class KeyGenInfo {
 
     /**
      * Get Algorithm ID
+     * 
      * @return the algorithm id
      */
     public AlgorithmId getAlgorithmId() {
@@ -165,7 +168,7 @@ public class KeyGenInfo {
 
     /**
      * Validate Signature and Challenge Phrase
-     *
+     * 
      * @param challenge phrase; null if none
      * @return true if validated; otherwise, false
      */
@@ -180,7 +183,7 @@ public class KeyGenInfo {
 
     /**
      * String representation of KenGenInfo
-     *
+     * 
      * @return string representation of KeGenInfo
      */
     public String toString() {
@@ -189,18 +192,17 @@ public class KeyGenInfo {
         return "";
     }
 
-    /*==========================================================
-     * private methods
-     *==========================================================*/
+    /*
+     * ========================================================== private
+     * methods==========================================================
+     */
 
-    private byte[] base64Decode(String spkac)
-        throws  IOException {
+    private byte[] base64Decode(String spkac) throws IOException {
 
         return com.netscape.osutil.OSUtil.AtoB(spkac);
     }
 
-    private void derDecode(byte spkac[])
-        throws IOException {
+    private void derDecode(byte spkac[]) throws IOException {
         DerInputStream derIn = new DerInputStream(spkac);
 
         /* get SPKAC Algorithm & Signature */
@@ -224,4 +226,3 @@ public class KeyGenInfo {
     }
 
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/MessageFormatter.java b/pki/base/common/src/com/netscape/certsrv/base/MessageFormatter.java
index 16324fb91..a3fa598ed 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/MessageFormatter.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/MessageFormatter.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.lang.reflect.Method;
 import java.text.MessageFormat;
 import java.util.Date;
@@ -25,13 +24,12 @@ import java.util.Locale;
 import java.util.MissingResourceException;
 import java.util.ResourceBundle;
 
-
 /**
- * Factors out common function of formatting internatinalized 
- * messages taking arguments and using  java.util.ResourceBundle 
- * and java.text.MessageFormat mechanism.
+ * Factors out common function of formatting internatinalized messages taking
+ * arguments and using java.util.ResourceBundle and java.text.MessageFormat
+ * mechanism.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see java.util.ResourceBundle
@@ -42,50 +40,47 @@ public class MessageFormatter {
 
     /**
      * Retrieves the localized string.
-     *
+     * 
      * @param locale end user locale
      * @param resourceBundleBaseName resource bundle class name
      * @param formatString format string
      * @return localized string
      */
-    public static String getLocalizedString(
-        Locale locale, String resourceBundleBaseName,
-        String formatString) {
-        return getLocalizedString(locale, resourceBundleBaseName, 
-                formatString, null);
+    public static String getLocalizedString(Locale locale,
+            String resourceBundleBaseName, String formatString) {
+        return getLocalizedString(locale, resourceBundleBaseName, formatString,
+                null);
     }
 
     /**
      * Retrieves the localized string.
-     *
+     * 
      * @param locale end user locale
      * @param resourceBundleBaseName resource bundle class name
      * @param formatString format string
      * @param params parameters to be substituted
      * @return localized string
      */
-    public static String getLocalizedString(
-        Locale locale, String resourceBundleBaseName,
-        String formatString, Object params) {
+    public static String getLocalizedString(Locale locale,
+            String resourceBundleBaseName, String formatString, Object params) {
         Object o[] = new Object[1];
 
         o[0] = params;
-        return getLocalizedString(locale, resourceBundleBaseName, 
-                formatString, o);
+        return getLocalizedString(locale, resourceBundleBaseName, formatString,
+                o);
     }
 
     /**
      * Retrieves the localized string.
-     *
+     * 
      * @param locale end user locale
      * @param resourceBundleBaseName resource bundle class name
      * @param formatString format string
      * @param params parameters to be substituted
      * @return localized string
      */
-    public static String getLocalizedString(
-        Locale locale, String resourceBundleBaseName,
-        String formatString, Object[] params) {
+    public static String getLocalizedString(Locale locale,
+            String resourceBundleBaseName, String formatString, Object[] params) {
 
         String localizedFormat = null;
 
@@ -97,42 +92,43 @@ public class MessageFormatter {
                 // instantiated everytime you call toString().
 
                 localizedFormat = ResourceBundle.getBundle(
-                            resourceBundleBaseName, locale).getString(formatString);
+                        resourceBundleBaseName, locale).getString(formatString);
             } catch (MissingResourceException e) {
                 return formatString;
-				
+
             }
             Object[] localizedParams = params;
             Object[] localeArg = null;
 
             if (params != null) {
                 for (int i = 0; i < params.length; ++i) {
-                    if (!(params[i] instanceof String) ||
-                        !(params[i] instanceof Date) ||
-                        !(params[i] instanceof Number)) {
+                    if (!(params[i] instanceof String)
+                            || !(params[i] instanceof Date)
+                            || !(params[i] instanceof Number)) {
                         if (localizedParams == params) {
 
                             // only done once
-                            // NB if the following variant of cloning code is used
-                            //         localizedParams = (Object [])mParams.clone();
+                            // NB if the following variant of cloning code is
+                            // used
+                            // localizedParams = (Object [])mParams.clone();
                             // it causes ArrayStoreException in
-                            //         localizedParams[i] = params[i].toString();
+                            // localizedParams[i] = params[i].toString();
                             // below
 
                             localizedParams = new Object[params.length];
                             System.arraycopy(params, 0, localizedParams, 0,
-                                params.length);
+                                    params.length);
                         }
                         try {
-                            Method toStringMethod = params[i].getClass().getMethod(
-                                    "toString", toStringSignature);
+                            Method toStringMethod = params[i].getClass()
+                                    .getMethod("toString", toStringSignature);
 
                             if (localeArg == null) {
                                 // only done once
                                 localeArg = new Object[] { locale };
                             }
                             localizedParams[i] = toStringMethod.invoke(
-                                        params[i], localeArg);
+                                    params[i], localeArg);
                         } catch (Exception e) {
                             // no method for localization, fall back
                             localizedParams[i] = params[i].toString();
@@ -141,7 +137,8 @@ public class MessageFormatter {
                 }
             }
             try {
-                // XXX - runtime exception may be raised by the following function
+                // XXX - runtime exception may be raised by the following
+                // function
                 MessageFormat format = new MessageFormat(localizedFormat);
 
                 return format.format(localizedParams);
diff --git a/pki/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java b/pki/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java
index e01d40f88..76c91c540 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/MetaAttributeDef.java
@@ -17,17 +17,15 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 
 import netscape.security.util.ObjectIdentifier;
 
-
 /**
  * A class representing a meta attribute defintion.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class MetaAttributeDef {
@@ -40,66 +38,64 @@ public class MetaAttributeDef {
 
     private MetaAttributeDef() {
     }
-	
+
     /**
      * Constructs a MetaAttribute defintion
      * <P>
-     *
+     * 
      * @param name attribute name
      * @param valueClass attribute value class
      * @param oid attribute object identifier
      */
-    private MetaAttributeDef(String name, Class valueClass, 
-        ObjectIdentifier oid) {
+    private MetaAttributeDef(String name, Class valueClass, ObjectIdentifier oid) {
         mName = name;
         mValueClass = valueClass;
         mOid = oid;
     }
-    
+
     /**
      * Gets an attribute OID.
      * <P>
-     *
+     * 
      * @return returns attribute OID or null if not defined.
      */
-    public ObjectIdentifier getOID() { 
-        return mOid; 
+    public ObjectIdentifier getOID() {
+        return mOid;
     }
 
     /**
      * Gets an Java class for the attribute values
      * <P>
-     *
+     * 
      * @return returns Java class for the attribute values
      */
-    public Class getValueClass() { 
-        return mValueClass; 
+    public Class getValueClass() {
+        return mValueClass;
     }
 
     /**
      * Gets attribute name
      * <P>
-     *
-     * @return returns  attribute name
+     * 
+     * @return returns attribute name
      */
-    public String getName() { 
-        return mName; 
+    public String getName() {
+        return mName;
     }
-    
+
     /**
-     * Registers new MetaAttribute defintion
-     * Attribute is defined by name, Java class for attribute values and 
-     * optional object identifier
+     * Registers new MetaAttribute defintion Attribute is defined by name, Java
+     * class for attribute values and optional object identifier
      * <P>
-     *
+     * 
      * @param name attribute name
      * @param valueClass attribute value class
      * @param oid attribute object identifier
      * @exception IllegalArgumentException if name or valueClass are null, or
-     * conflicting attribute definition already exists
+     *                conflicting attribute definition already exists
      */
-    public static MetaAttributeDef register(String name, Class valueClass, 
-        ObjectIdentifier oid) {
+    public static MetaAttributeDef register(String name, Class valueClass,
+            ObjectIdentifier oid) {
         if (name == null) {
             throw new IllegalArgumentException(
                     "Attribute name must not be null");
@@ -112,53 +108,53 @@ public class MetaAttributeDef {
         MetaAttributeDef newDef = new MetaAttributeDef(name, valueClass, oid);
         MetaAttributeDef oldDef;
 
-        if ((oldDef = (MetaAttributeDef) mNameToAttrDef.get(name)) != null &&
-            !oldDef.equals(newDef)) {
-            throw new IllegalArgumentException(
-                    "Attribute \'" + name + "\' is already defined");
+        if ((oldDef = (MetaAttributeDef) mNameToAttrDef.get(name)) != null
+                && !oldDef.equals(newDef)) {
+            throw new IllegalArgumentException("Attribute \'" + name
+                    + "\' is already defined");
         }
-        if (oid != null &&
-            (oldDef = (MetaAttributeDef) mOidToAttrDef.get(oid)) != null &&
-            !oldDef.equals(newDef)) {
-            throw new IllegalArgumentException(
-                    "OID \'" + oid + "\' is already in use");
+        if (oid != null
+                && (oldDef = (MetaAttributeDef) mOidToAttrDef.get(oid)) != null
+                && !oldDef.equals(newDef)) {
+            throw new IllegalArgumentException("OID \'" + oid
+                    + "\' is already in use");
         }
         mNameToAttrDef.put(name, newDef);
         if (oid != null) {
             mOidToAttrDef.put(oid, newDef);
         }
         return newDef;
-    }    
-    
+    }
+
     /**
      * Compares this attribute definition with another, for equality.
      * <P>
-     *
-     * @return true iff names, valueClasses and object identifiers 
-     * are identical.
+     * 
+     * @return true iff names, valueClasses and object identifiers are
+     *         identical.
      */
     public boolean equals(Object other) {
         if (other == this)
             return true;
-	  
+
         if (other instanceof MetaAttributeDef) {
             MetaAttributeDef otherDef = (MetaAttributeDef) other;
 
-            if ((mOid != null && otherDef.mOid != null && 
-                    !mOid.equals(otherDef.mOid)) || 
-                (mOid == null && otherDef.mOid != null) ||
-                !mName.equals(otherDef.mName) ||  
-                !mValueClass.equals(otherDef.mValueClass)) {
+            if ((mOid != null && otherDef.mOid != null && !mOid
+                    .equals(otherDef.mOid))
+                    || (mOid == null && otherDef.mOid != null)
+                    || !mName.equals(otherDef.mName)
+                    || !mValueClass.equals(otherDef.mValueClass)) {
                 return false;
             }
         }
         return false;
     }
-	
+
     /**
      * Retrieves attribute definition by name
      * <P>
-     *
+     * 
      * @param name attribute name
      * @return attribute definition or null if not found
      */
@@ -169,7 +165,7 @@ public class MetaAttributeDef {
     /**
      * Retrieves attribute definition by object identifier
      * <P>
-     *
+     * 
      * @param oid attribute object identifier
      * @return attribute definition or null if not found
      */
@@ -180,7 +176,7 @@ public class MetaAttributeDef {
     /**
      * Returns enumeration of the registered attribute names
      * <P>
-     *
+     * 
      * @return returns enumeration of the registered attribute names
      */
     public static Enumeration getAttributeNames() {
@@ -190,7 +186,7 @@ public class MetaAttributeDef {
     /**
      * Returns enumeration of the registered attribute object identifiers
      * <P>
-     *
+     * 
      * @return returns enumeration of the attribute object identifiers
      */
     public static Enumeration getAttributeNameOids() {
diff --git a/pki/base/common/src/com/netscape/certsrv/base/MetaInfo.java b/pki/base/common/src/com/netscape/certsrv/base/MetaInfo.java
index 1922e74c6..41415d379 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/MetaInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/MetaInfo.java
@@ -17,17 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 
-
 /**
- * A class represents meta information. A meta information
- * object is just a generic hashtable that is embedded into
- * a request object.
+ * A class represents meta information. A meta information object is just a
+ * generic hashtable that is embedded into a request object.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class MetaInfo implements IAttrSet {
@@ -41,7 +38,7 @@ public class MetaInfo implements IAttrSet {
 
     private Hashtable content = new Hashtable();
 
-    /**	
+    /**
      * Constructs a meta information.
      * <P>
      */
@@ -51,7 +48,7 @@ public class MetaInfo implements IAttrSet {
     /**
      * Returns a short string describing this certificate attribute.
      * <P>
-     *
+     * 
      * @return information about this certificate attribute.
      */
     public String toString() {
@@ -69,11 +66,11 @@ public class MetaInfo implements IAttrSet {
         sb.append("]\n");
         return sb.toString();
     }
-    
+
     /**
      * Gets an attribute value.
      * <P>
-     *
+     * 
      * @param name the name of the attribute to return.
      * @exception EBaseException on attribute handling errors.
      */
@@ -83,8 +80,8 @@ public class MetaInfo implements IAttrSet {
 
     /**
      * Sets an attribute value.
-     *
-     * @param name the name of the attribute 
+     * 
+     * @param name the name of the attribute
      * @param obj the attribute object.
      * 
      * @exception EBaseException on attribute handling errors.
@@ -92,18 +89,18 @@ public class MetaInfo implements IAttrSet {
     public void set(String name, Object obj) throws EBaseException {
         content.put(name, obj);
     }
-	
+
     /**
      * Deletes an attribute value from this CertAttrSet.
      * <P>
-     *
+     * 
      * @param name the name of the attribute to delete.
      * @exception EBaseException on attribute handling errors.
      */
     public void delete(String name) throws EBaseException {
         content.remove(name);
     }
-	
+
     /**
      * Returns an enumeration of the names of the attributes existing within
      * this attribute.
diff --git a/pki/base/common/src/com/netscape/certsrv/base/Nonces.java b/pki/base/common/src/com/netscape/certsrv/base/Nonces.java
index 470ba654c..cec105e03 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/Nonces.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/Nonces.java
@@ -21,11 +21,10 @@ import java.security.cert.X509Certificate;
 import java.util.Hashtable;
 import java.util.Vector;
 
-
 /**
  * This class manages nonces sometimes used to control request state flow.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class Nonces implements IAuthInfo {
@@ -53,17 +52,17 @@ public class Nonces implements IAuthInfo {
         long i;
         long k = 0;
         long n = nonce;
-        long m = (long)((mNonceLimit / 2) + 1);
+        long m = (long) ((mNonceLimit / 2) + 1);
 
         for (i = 0; i < m; i++) {
             k = n + i;
             // avoid collisions
-            if (!mNonceList.contains((Object)k)) {
+            if (!mNonceList.contains((Object) k)) {
                 break;
             }
             k = n - i;
             // avoid collisions
-            if (!mNonceList.contains((Object)k)) {
+            if (!mNonceList.contains((Object) k)) {
                 break;
             }
         }
@@ -71,9 +70,9 @@ public class Nonces implements IAuthInfo {
             mNonceList.add(k);
             mNonces.put(k, cert);
             if (mNonceList.size() > mNonceLimit) {
-                n = ((Long)(mNonceList.firstElement())).longValue();
+                n = ((Long) (mNonceList.firstElement())).longValue();
                 mNonceList.remove(0);
-                mNonces.remove((Object)n);
+                mNonces.remove((Object) n);
             }
         } else {
             // failed to resolved collision
@@ -83,15 +82,15 @@ public class Nonces implements IAuthInfo {
     }
 
     public X509Certificate getCertificate(long nonce) {
-        X509Certificate cert = (X509Certificate)mNonces.get(nonce);
+        X509Certificate cert = (X509Certificate) mNonces.get(nonce);
         return cert;
     }
 
     public X509Certificate getCertificate(int index) {
         X509Certificate cert = null;
         if (index >= 0 && index < mNonceList.size()) {
-            long nonce = ((Long)(mNonceList.elementAt(index))).longValue();
-            cert = (X509Certificate)mNonces.get(nonce);
+            long nonce = ((Long) (mNonceList.elementAt(index))).longValue();
+            cert = (X509Certificate) mNonces.get(nonce);
         }
         return cert;
     }
@@ -99,17 +98,16 @@ public class Nonces implements IAuthInfo {
     public long getNonce(int index) {
         long nonce = 0;
         if (index >= 0 && index < mNonceList.size()) {
-            nonce = ((Long)(mNonceList.elementAt(index))).longValue();
+            nonce = ((Long) (mNonceList.elementAt(index))).longValue();
         }
         return nonce;
     }
 
     public void removeNonce(long nonce) {
-        mNonceList.remove((Object)nonce);
-        mNonces.remove((Object)nonce);
+        mNonceList.remove((Object) nonce);
+        mNonces.remove((Object) nonce);
     }
 
-
     public int size() {
         return mNonceList.size();
     }
diff --git a/pki/base/common/src/com/netscape/certsrv/base/PasswordResources.java b/pki/base/common/src/com/netscape/certsrv/base/PasswordResources.java
index 287ce795d..c3309c5fa 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/PasswordResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/PasswordResources.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A class represents a resource bundle for the password checker.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
@@ -42,4 +40,3 @@ public class PasswordResources extends ListResourceBundle {
      */
     static final Object[][] contents = {};
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/base/Plugin.java b/pki/base/common/src/com/netscape/certsrv/base/Plugin.java
index e7001ce56..79fae88ac 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/Plugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/Plugin.java
@@ -17,9 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
-
-
 /**
  * This represents a generici CMS plugin.
  * <p>
@@ -41,10 +38,10 @@ public class Plugin {
         mId = id;
         mClassPath = classPath;
     }
-		
+
     /**
      * Returns the plugin identifier.
-     *
+     * 
      * @return plugin id
      */
     public String getId() {
@@ -53,7 +50,7 @@ public class Plugin {
 
     /**
      * Returns the plugin classpath.
-     *
+     * 
      * @return plugin classpath
      */
     public String getClassPath() {
diff --git a/pki/base/common/src/com/netscape/certsrv/base/SessionContext.java b/pki/base/common/src/com/netscape/certsrv/base/SessionContext.java
index 29c390acd..956a579e9 100644
--- a/pki/base/common/src/com/netscape/certsrv/base/SessionContext.java
+++ b/pki/base/common/src/com/netscape/certsrv/base/SessionContext.java
@@ -17,19 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.base;
 
-
 import java.util.Hashtable;
 
-
 /**
- * This class specifies the context object that includes
- * authentication environment and connection information.
- * This object is later used in access control evaluation.
- * This is a global object that can be accessible 
- * throughout the server. It is useful for passing 
- * global and per-thread infomration in methods.
+ * This class specifies the context object that includes authentication
+ * environment and connection information. This object is later used in access
+ * control evaluation. This is a global object that can be accessible throughout
+ * the server. It is useful for passing global and per-thread infomration in
+ * methods.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class SessionContext extends Hashtable implements IAuthInfo {
@@ -67,7 +64,7 @@ public class SessionContext extends Hashtable implements IAuthInfo {
     /**
      * Group ID of the authenticated user in the current thread.
      */
-    public static final String GROUP_ID = "groupid"; //String
+    public static final String GROUP_ID = "groupid"; // String
 
     /**
      * ID of the processing request in the current thread.
@@ -94,10 +91,9 @@ public class SessionContext extends Hashtable implements IAuthInfo {
     }
 
     /**
-     * Creates a new context and associates it with
-     * the current thread. If the current thread is
-     * also associated with a old context, the old
-     * context will be replaced.
+     * Creates a new context and associates it with the current thread. If the
+     * current thread is also associated with a old context, the old context
+     * will be replaced.
      */
     private static SessionContext createContext() {
         SessionContext sc = new SessionContext();
@@ -107,12 +103,10 @@ public class SessionContext extends Hashtable implements IAuthInfo {
     }
 
     /**
-     * Sets the current context. This allows the 
-     * caller to associate a specific session context 
-     * with the current thread.
-     * This methods makes custom session context
-     * possible.
-     *
+     * Sets the current context. This allows the caller to associate a specific
+     * session context with the current thread. This methods makes custom
+     * session context possible.
+     * 
      * @param sc session context
      */
     public static void setContext(SessionContext sc) {
@@ -120,15 +114,14 @@ public class SessionContext extends Hashtable implements IAuthInfo {
     }
 
     /**
-     * Retrieves the session context associated with 
-     * the current thread. If no context is associated,
-     * a context is created.
-     *
+     * Retrieves the session context associated with the current thread. If no
+     * context is associated, a context is created.
+     * 
      * @return sesssion context
      */
     public static SessionContext getContext() {
-        SessionContext sc = (SessionContext) mContexts.get(
-                Thread.currentThread());
+        SessionContext sc = (SessionContext) mContexts.get(Thread
+                .currentThread());
 
         if (sc == null) {
             sc = createContext();
@@ -137,15 +130,14 @@ public class SessionContext extends Hashtable implements IAuthInfo {
     }
 
     /**
-     * Retrieves the session context associated with 
-     * the current thread. If no context is associated,
-     * null is returned.
-     *
+     * Retrieves the session context associated with the current thread. If no
+     * context is associated, null is returned.
+     * 
      * @return sesssion context
      */
     public static SessionContext getExistingContext() {
-        SessionContext sc = (SessionContext)
-            mContexts.get(Thread.currentThread());
+        SessionContext sc = (SessionContext) mContexts.get(Thread
+                .currentThread());
 
         if (sc == null) {
             return null;
@@ -158,8 +150,8 @@ public class SessionContext extends Hashtable implements IAuthInfo {
      * Releases the current session context.
      */
     public static void releaseContext() {
-        SessionContext sc = (SessionContext) mContexts.get(
-                Thread.currentThread());
+        SessionContext sc = (SessionContext) mContexts.get(Thread
+                .currentThread());
 
         if (sc != null) {
             mContexts.remove(Thread.currentThread());
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/CAResources.java b/pki/base/common/src/com/netscape/certsrv/ca/CAResources.java
index 4510c46b4..162a88323 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/CAResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/CAResources.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A class represents a resource bundle for CA subsystem.
  * <P>
- *
+ * 
  * @version $Revision$ $Date$
  */
 public class CAResources extends ListResourceBundle {
@@ -37,8 +35,7 @@ public class CAResources extends ListResourceBundle {
     }
 
     /**
-     * Constants. The suffix represents the number of
-     * possible parameters.
+     * Constants. The suffix represents the number of possible parameters.
      */
     static final Object[][] contents = {};
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ECAException.java b/pki/base/common/src/com/netscape/certsrv/ca/ECAException.java
index 59d8847c6..a530b08a5 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/ECAException.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/ECAException.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a CA exception.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ECAException extends EBaseException {
@@ -36,11 +34,12 @@ public class ECAException extends EBaseException {
     /**
      * CA resource class name.
      */
-    private static final String CA_RESOURCES = CAResources.class.getName();		
+    private static final String CA_RESOURCES = CAResources.class.getName();
 
     /**
      * Constructs a CA exception.
      * <P>
+     * 
      * @param msgFormat constant from CAResources.
      */
     public ECAException(String msgFormat) {
@@ -50,6 +49,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * <P>
+     * 
      * @param msgFormat constant from CAResources.
      * @param param additional parameters to the message.
      */
@@ -60,6 +60,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * <P>
+     * 
      * @param msgFormat constant from CAResources.
      * @param e embedded exception.
      */
@@ -70,6 +71,7 @@ public class ECAException extends EBaseException {
     /**
      * Constructs a CA exception.
      * <P>
+     * 
      * @param msgFormat constant from CAResources.
      * @param params additional parameters to the message.
      */
@@ -80,6 +82,7 @@ public class ECAException extends EBaseException {
     /**
      * Returns the bundle file name.
      * <P>
+     * 
      * @return name of bundle class associated with this exception.
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java b/pki/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java
index 0e271c21b..b4c10a0c5 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/EErrorPublishCRL.java
@@ -17,11 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 /**
  * A class represents a CA exception associated with publishing error.
  * <P>
- *
+ * 
  * @version $Revision$ $Date$
  */
 public class EErrorPublishCRL extends ECAException {
@@ -34,9 +33,10 @@ public class EErrorPublishCRL extends ECAException {
     /**
      * Constructs a CA exception caused by publishing error.
      * <P>
+     * 
      * @param errorString Detailed error message.
      */
     public EErrorPublishCRL(String errorString) {
-        super(errorString); 
+        super(errorString);
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ICAService.java b/pki/base/common/src/com/netscape/certsrv/ca/ICAService.java
index cac6fc757..bf745bb0a 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/ICAService.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/ICAService.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import netscape.security.x509.RevokedCertImpl;
 import netscape.security.x509.X509CertImpl;
 import netscape.security.x509.X509CertInfo;
@@ -27,11 +26,10 @@ import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.connector.IConnector;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
  * An interface representing a CA request services.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICAService {
@@ -39,54 +37,52 @@ public interface ICAService {
     /**
      * Marks certificate record as revoked by adding revocation information.
      * Updates CRL cache.
-     *
+     * 
      * @param crlentry revocation information obtained from revocation request
      * @exception EBaseException failed to mark certificate record as revoked
      */
-    public void revokeCert(RevokedCertImpl crlentry)
-        throws EBaseException;
+    public void revokeCert(RevokedCertImpl crlentry) throws EBaseException;
 
     /**
      * Marks certificate record as revoked by adding revocation information.
      * Updates CRL cache.
-     *
+     * 
      * @param crlentry revocation information obtained from revocation request
      * @param requestId revocation request id
      * @exception EBaseException failed to mark certificate record as revoked
      */
     public void revokeCert(RevokedCertImpl crlentry, String requestId)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Issues certificate base on enrollment information,
-     * creates certificate record, and stores all necessary data.
-     *
+     * Issues certificate base on enrollment information, creates certificate
+     * record, and stores all necessary data.
+     * 
      * @param certi information obtain from revocation request
-     * @exception EBaseException failed to issue certificate or create certificate record
+     * @exception EBaseException failed to issue certificate or create
+     *                certificate record
      */
-    public X509CertImpl issueX509Cert(X509CertInfo certi)
-        throws EBaseException;
+    public X509CertImpl issueX509Cert(X509CertInfo certi) throws EBaseException;
 
-    public X509CertImpl issueX509Cert(X509CertInfo certi, String profileId, String rid)
-        throws EBaseException;
+    public X509CertImpl issueX509Cert(X509CertInfo certi, String profileId,
+            String rid) throws EBaseException;
 
     /**
      * Services profile request.
-     *
+     * 
      * @param request profile enrollment request information
      * @exception EBaseException failed to service profile enrollment request
      */
-    public void serviceProfileRequest(IRequest request)
-        throws EBaseException;
+    public void serviceProfileRequest(IRequest request) throws EBaseException;
 
     /**
      * Returns KRA-CA connector.
-     *
+     * 
      * @return KRA-CA connector
      */
     public IConnector getKRAConnector();
 
     public void setKRAConnector(IConnector c);
 
-    public IConnector getConnector(IConfigStore cs)  throws EBaseException;
+    public IConnector getConnector(IConfigStore cs) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java b/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java
index edaea59c4..133b4ed42 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtension.java
@@ -17,58 +17,52 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import netscape.security.x509.Extension;
 
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.common.NameValuePairs;
 
-
 /**
  * An interface representing a CRL extension plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICMSCRLExtension {
 
     /**
      * Returns CRL extension OID string.
-     *
+     * 
      * @return OID of CRL extension
      */
     public String getCRLExtOID();
 
     /**
-     * Sets extension criticality and returns extension
-     * with new criticality.
-     *
+     * Sets extension criticality and returns extension with new criticality.
+     * 
      * @param ext CRL extension that will change criticality
      * @param critical new criticality to be assigned to CRL extension
      * @return extension with new criticality
      */
-    Extension setCRLExtensionCriticality(Extension ext,
-        boolean critical);
+    Extension setCRLExtensionCriticality(Extension ext, boolean critical);
 
     /**
-     * Builds new CRL extension based on configuration data,
-     * issuing point information, and criticality.
-     *
+     * Builds new CRL extension based on configuration data, issuing point
+     * information, and criticality.
+     * 
      * @param config configuration store
      * @param crlIssuingPoint CRL issuing point
      * @param critical criticality to be assigned to CRL extension
      * @return extension new CRL extension
      */
-    Extension getCRLExtension(IConfigStore config,
-        Object crlIssuingPoint,
-        boolean critical);
+    Extension getCRLExtension(IConfigStore config, Object crlIssuingPoint,
+            boolean critical);
 
     /**
      * Reads configuration data and converts them to name value pairs.
-     *
+     * 
      * @param config configuration store
-     * @param nvp name value pairs obtained from configuration data 
+     * @param nvp name value pairs obtained from configuration data
      */
-    public void getConfigParams(IConfigStore config,
-        NameValuePairs nvp);
-} 
+    public void getConfigParams(IConfigStore config, NameValuePairs nvp);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java b/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java
index f6df2226f..4c221d108 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/ICMSCRLExtensions.java
@@ -17,32 +17,31 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.common.NameValuePairs;
 
-
 /**
  * An interface representing a list of CRL extensions.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICMSCRLExtensions {
 
     /**
-     * Updates configuration store for extension identified by id
-     * with data delivered in name value pairs.
-     *
+     * Updates configuration store for extension identified by id with data
+     * delivered in name value pairs.
+     * 
      * @param id extension id
      * @param nvp name value pairs with new configuration data
      * @param config configuration store
      */
-    public void setConfigParams(String id, NameValuePairs nvp, IConfigStore config);
+    public void setConfigParams(String id, NameValuePairs nvp,
+            IConfigStore config);
 
     /**
      * Reads configuration data and returns them as name value pairs.
-     *
+     * 
      * @param id extension id
      * @return name value pairs with configuration data
      */
@@ -50,10 +49,9 @@ public interface ICMSCRLExtensions {
 
     /**
      * Returns class name with its path.
-     *
+     * 
      * @param name extension id
      * @return class name with its path
      */
     public String getClassPath(String name);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java b/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java
index 82e0961c1..e7e8ab936 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import java.math.BigInteger;
 import java.util.Date;
 import java.util.Set;
@@ -33,19 +32,17 @@ import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.common.NameValuePairs;
 import com.netscape.certsrv.dbs.IElementProcessor;
 
-
 /**
- * This class encapsulates CRL issuing mechanism. CertificateAuthority 
- * contains a map of CRLIssuingPoint indexed by string ids. Each issuing 
- * point contains information about CRL issuing and publishing parameters 
- * as well as state information which includes last issued CRL, next CRL 
- * serial number, time of the next update etc. 
- * If autoUpdateInterval is set to non-zero value then worker thread 
- * is created that will perform CRL update at scheduled intervals. Update 
- * can also be triggered by invoking updateCRL method directly. Another 
- * parameter minUpdateInterval can be used to prevent CRL
- * from being updated too often
- *
+ * This class encapsulates CRL issuing mechanism. CertificateAuthority contains
+ * a map of CRLIssuingPoint indexed by string ids. Each issuing point contains
+ * information about CRL issuing and publishing parameters as well as state
+ * information which includes last issued CRL, next CRL serial number, time of
+ * the next update etc. If autoUpdateInterval is set to non-zero value then
+ * worker thread is created that will perform CRL update at scheduled intervals.
+ * Update can also be triggered by invoking updateCRL method directly. Another
+ * parameter minUpdateInterval can be used to prevent CRL from being updated too
+ * often
+ * 
  * @version $Revision$, $Date$
  */
 
@@ -74,151 +71,151 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns true if CRL issuing point is enabled.
-     *
+     * 
      * @return true if CRL issuing point is enabled
      */
     public boolean isCRLIssuingPointEnabled();
 
     /**
      * Returns true if CRL generation is enabled.
-     *
+     * 
      * @return true if CRL generation is enabled
      */
     public boolean isCRLGenerationEnabled();
 
     /**
      * Enables or disables CRL issuing point according to parameter.
-     *
+     * 
      * @param enable if true enables CRL issuing point
      */
     public void enableCRLIssuingPoint(boolean enable);
 
     /**
      * Returns CRL update status.
-     *
+     * 
      * @return CRL update status
      */
     public String getCrlUpdateStatusStr();
 
     /**
      * Returns CRL update error.
-     *
+     * 
      * @return CRL update error
      */
     public String getCrlUpdateErrorStr();
 
     /**
      * Returns CRL publishing status.
-     *
+     * 
      * @return CRL publishing status
      */
     public String getCrlPublishStatusStr();
 
     /**
      * Returns CRL publishing error.
-     *
+     * 
      * @return CRL publishing error
      */
     public String getCrlPublishErrorStr();
 
     /**
      * Returns CRL issuing point initialization status.
-     *
+     * 
      * @return status of CRL issuing point initialization
      */
     public int isCRLIssuingPointInitialized();
 
     /**
      * Checks if manual update is set.
-     *
+     * 
      * @return true if manual update is set
      */
     public boolean isManualUpdateSet();
 
     /**
      * Checks if expired certificates are included in CRL.
-     *
+     * 
      * @return true if expired certificates are included in CRL
      */
     public boolean areExpiredCertsIncluded();
 
     /**
      * Checks if CRL includes CA certificates only.
-     *
+     * 
      * @return true if CRL includes CA certificates only
      */
     public boolean isCACertsOnly();
 
     /**
      * Checks if CRL includes profile certificates only.
-     *
+     * 
      * @return true if CRL includes profile certificates only
      */
     public boolean isProfileCertsOnly();
 
     /**
      * Checks if CRL issuing point includes this profile.
-     *
+     * 
      * @return true if CRL issuing point includes this profile
      */
     public boolean checkCurrentProfile(String id);
 
     /**
      * Initializes CRL issuing point.
-     *
-     * @param ca certificate authority that holds CRL issuing point 
+     * 
+     * @param ca certificate authority that holds CRL issuing point
      * @param id CRL issuing point id
      * @param config configuration sub-store for CRL issuing point
      * @exception EBaseException thrown if initialization failed
      */
-    public void init(ISubsystem ca, String id, IConfigStore config) 
-        throws EBaseException;
+    public void init(ISubsystem ca, String id, IConfigStore config)
+            throws EBaseException;
 
     /**
-     * This method is called during shutdown.
-     * It updates CRL cache and stops thread controlling CRL updates.
+     * This method is called during shutdown. It updates CRL cache and stops
+     * thread controlling CRL updates.
      */
     public void shutdown();
 
     /**
      * Returns internal id of this CRL issuing point.
-     *
+     * 
      * @return internal id of this CRL issuing point
      */
     public String getId();
 
     /**
      * Returns internal description of this CRL issuing point.
-     *
+     * 
      * @return internal description of this CRL issuing point
      */
     public String getDescription();
 
     /**
      * Sets internal description of this CRL issuing point.
-     *
+     * 
      * @param description description for this CRL issuing point.
      */
     public void setDescription(String description);
 
     /**
-     * Returns DN of the directory entry where CRLs from this issuing point
-     * are published.
-     *
+     * Returns DN of the directory entry where CRLs from this issuing point are
+     * published.
+     * 
      * @return DN of the directory entry where CRLs are published.
      */
     public String getPublishDN();
 
     /**
      * Returns signing algorithm.
-     *
+     * 
      * @return signing algorithm
      */
     public String getSigningAlgorithm();
 
     /**
      * Returns signing algorithm used in last signing operation..
-     *
+     * 
      * @return last signing algorithm
      */
     public String getLastSigningAlgorithm();
@@ -226,14 +223,14 @@ public interface ICRLIssuingPoint {
     /**
      * Returns current CRL generation schema for this CRL issuing point.
      * <P>
-     *
+     * 
      * @return current CRL generation schema for this CRL issuing point
      */
     public int getCRLSchema();
 
     /**
      * Returns current CRL number of this CRL issuing point.
-     *
+     * 
      * @return current CRL number of this CRL issuing point
      */
     public BigInteger getCRLNumber();
@@ -241,56 +238,56 @@ public interface ICRLIssuingPoint {
     /**
      * Returns current delta CRL number of this CRL issuing point.
      * <P>
-     *
+     * 
      * @return current delta CRL number of this CRL issuing point
      */
     public BigInteger getDeltaCRLNumber();
 
     /**
      * Returns next CRL number of this CRL issuing point.
-     *
+     * 
      * @return next CRL number of this CRL issuing point
      */
     public BigInteger getNextCRLNumber();
 
     /**
      * Returns number of entries in the current CRL.
-     *
+     * 
      * @return number of entries in the current CRL
      */
     public long getCRLSize();
 
     /**
      * Returns number of entries in delta CRL
-     *
+     * 
      * @return number of entries in delta CRL
      */
     public long getDeltaCRLSize();
 
     /**
      * Returns time of the last update.
-     *
+     * 
      * @return last CRL update time
      */
     public Date getLastUpdate();
 
     /**
      * Returns time of the next update.
-     *
+     * 
      * @return next CRL update time
      */
     public Date getNextUpdate();
 
     /**
      * Returns time of the next delta CRL update.
-     *
+     * 
      * @return next delta CRL update time
      */
     public Date getNextDeltaUpdate();
 
     /**
      * Returns all the revoked certificates from the CRL cache.
-     *
+     * 
      * @param start first requested CRL entry
      * @param end next after last requested CRL entry
      * @return set of all the revoked certificates or null if there are none.
@@ -299,92 +296,89 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns certificate authority.
-     *
+     * 
      * @return certificate authority
      */
     public ISubsystem getCertificateAuthority();
 
     /**
-     * Schedules immediate CRL manual-update
-     * and sets signature algorithm to be used for signing.
-     *
+     * Schedules immediate CRL manual-update and sets signature algorithm to be
+     * used for signing.
+     * 
      * @param signatureAlgorithm signature algorithm to be used for signing
      */
-    public  void setManualUpdate(String signatureAlgorithm);
+    public void setManualUpdate(String signatureAlgorithm);
 
     /**
      * Returns auto update interval in milliseconds.
-     *
+     * 
      * @return auto update interval in milliseconds
      */
     public long getAutoUpdateInterval();
 
     /**
-     * Returns true if CRL is updated for every change
-     * of revocation status of any certificate.
-     *
+     * Returns true if CRL is updated for every change of revocation status of
+     * any certificate.
+     * 
      * @return true if CRL update is always triggered by revocation operation
      */
     public boolean getAlwaysUpdate();
 
     /**
      * Returns next update grace period in minutes.
-     *
+     * 
      * @return next update grace period in minutes
      */
     public long getNextUpdateGracePeriod();
 
     /**
-     * Returns filter used to build CRL based on information stored
-     * in local directory.
-     *
+     * Returns filter used to build CRL based on information stored in local
+     * directory.
+     * 
      * @return filter used to search local directory
      */
     public String getFilter();
 
     /**
-     * Builds a list of revoked certificates to put them into CRL.
-     * Calls certificate record processor to get necessary data
-     * from certificate records.
-     * This also regenerates CRL cache.
-     *
+     * Builds a list of revoked certificates to put them into CRL. Calls
+     * certificate record processor to get necessary data from certificate
+     * records. This also regenerates CRL cache.
+     * 
      * @param cp certificate record processor
      * @exception EBaseException if an error occurred in the database.
      */
-    public void processRevokedCerts(IElementProcessor cp)
-        throws EBaseException;
+    public void processRevokedCerts(IElementProcessor cp) throws EBaseException;
 
     /**
-     * Returns date of revoked certificate or null
-     * if certificated is not listed as revoked.
-     *
+     * Returns date of revoked certificate or null if certificated is not listed
+     * as revoked.
+     * 
      * @param serialNumber serial number of certificate to be checked
-     * @param checkDeltaCache true if delta CRL cache suppose to be
-     *        included in checking process
+     * @param checkDeltaCache true if delta CRL cache suppose to be included in
+     *            checking process
      * @param includeExpiredCerts true if delta CRL cache with expired
-     *        certificates suppose to be included in checking process
+     *            certificates suppose to be included in checking process
      * @return date of revoked certificate or null
      */
     public Date getRevocationDateFromCache(BigInteger serialNumber,
-                                           boolean checkDeltaCache,
-                                           boolean includeExpiredCerts);
+            boolean checkDeltaCache, boolean includeExpiredCerts);
+
     /**
      * Returns split times from CRL generation.
-     *
+     * 
      * @return split times from CRL generation in milliseconds
      */
     public Vector getSplitTimes();
 
     /**
-     * Generates CRL now based on cache or local directory if cache
-     * is not available. It also publishes CRL if it is required.
-     *
+     * Generates CRL now based on cache or local directory if cache is not
+     * available. It also publishes CRL if it is required.
+     * 
      * @param signingAlgorithm signing algorithm to be used for CRL signing
-     * @exception EBaseException if an error occurred during
-     *            CRL generation or publishing
+     * @exception EBaseException if an error occurred during CRL generation or
+     *                publishing
      */
-    public  void updateCRLNow(String signingAlgorithm)
-        throws EBaseException;
+    public void updateCRLNow(String signingAlgorithm) throws EBaseException;
 
     /**
      * Clears CRL cache
@@ -398,29 +392,29 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns number of recently revoked certificates.
-     *
+     * 
      * @return number of recently revoked certificates
      */
     public int getNumberOfRecentlyRevokedCerts();
 
     /**
      * Returns number of recently unrevoked certificates.
-     *
+     * 
      * @return number of recently unrevoked certificates
      */
     public int getNumberOfRecentlyUnrevokedCerts();
 
     /**
      * Returns number of recently expired and revoked certificates.
-     *
+     * 
      * @return number of recently expired and revoked certificates
      */
     public int getNumberOfRecentlyExpiredCerts();
 
     /**
-     * Converts list of extensions supplied by revocation request
-     * to list of extensions required to be placed in CRL.
-     *
+     * Converts list of extensions supplied by revocation request to list of
+     * extensions required to be placed in CRL.
+     * 
      * @param exts list of extensions supplied by revocation request
      * @return list of extensions required to be placed in CRL
      */
@@ -428,32 +422,33 @@ public interface ICRLIssuingPoint {
 
     /**
      * Adds revoked certificate to delta-CRL cache.
-     *
+     * 
      * @param serialNumber serial number of revoked certificate
      * @param revokedCert revocation information supplied by revocation request
      */
-    public void addRevokedCert(BigInteger serialNumber, RevokedCertImpl revokedCert);
+    public void addRevokedCert(BigInteger serialNumber,
+            RevokedCertImpl revokedCert);
 
     /**
      * Adds revoked certificate to delta-CRL cache.
-     *
+     * 
      * @param serialNumber serial number of revoked certificate
      * @param revokedCert revocation information supplied by revocation request
      * @param requestId revocation request id
      */
-    public void addRevokedCert(BigInteger serialNumber, RevokedCertImpl revokedCert,
-                               String requestId);
+    public void addRevokedCert(BigInteger serialNumber,
+            RevokedCertImpl revokedCert, String requestId);
 
     /**
      * Adds unrevoked certificate to delta-CRL cache.
-     *
+     * 
      * @param serialNumber serial number of unrevoked certificate
      */
     public void addUnrevokedCert(BigInteger serialNumber);
 
     /**
      * Adds unrevoked certificate to delta-CRL cache.
-     *
+     * 
      * @param serialNumber serial number of unrevoked certificate
      * @param requestId unrevocation request id
      */
@@ -461,7 +456,7 @@ public interface ICRLIssuingPoint {
 
     /**
      * Adds expired and revoked certificate to delta-CRL cache.
-     *
+     * 
      * @param serialNumber serial number of expired and revoked certificate
      */
     public void addExpiredCert(BigInteger serialNumber);
@@ -472,9 +467,9 @@ public interface ICRLIssuingPoint {
     public void updateCRLCacheRepository();
 
     /**
-     * Updates issuing point configuration according to supplied data
-     * in name value pairs.
-     *
+     * Updates issuing point configuration according to supplied data in name
+     * value pairs.
+     * 
      * @param params name value pairs defining new issuing point configuration
      * @return true if configuration is updated successfully
      */
@@ -482,35 +477,35 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns true if delta-CRL is enabled.
-     *
+     * 
      * @return true if delta-CRL is enabled
      */
     public boolean isDeltaCRLEnabled();
 
     /**
      * Returns true if CRL cache is enabled.
-     *
+     * 
      * @return true if CRL cache is enabled
      */
     public boolean isCRLCacheEnabled();
 
     /**
      * Returns true if CRL cache is empty.
-     *
+     * 
      * @return true if CRL cache is empty
      */
     public boolean isCRLCacheEmpty();
 
     /**
      * Returns true if CRL cache testing is enabled.
-     *
+     * 
      * @return true if CRL cache testing is enabled
      */
     public boolean isCRLCacheTestingEnabled();
 
     /**
      * Returns true if supplied delta-CRL is matching current delta-CRL.
-     *
+     * 
      * @param deltaCRL delta-CRL to verify against current delta-CRL
      * @return true if supplied delta-CRL is matching current delta-CRL
      */
@@ -518,27 +513,26 @@ public interface ICRLIssuingPoint {
 
     /**
      * Returns status of CRL generation.
-     *
+     * 
      * @return one of the following according to CRL generation status:
      *         CRL_UPDATE_DONE, CRL_UPDATE_STARTED, and CRL_PUBLISHING_STARTED
      */
     public int isCRLUpdateInProgress();
 
     /**
-     * Generates CRL now based on cache or local directory if cache
-     * is not available. It also publishes CRL if it is required.
-     * CRL is signed by default signing algorithm. 
-     *
-     * @exception EBaseException if an error occurred during
-     *            CRL generation or publishing
+     * Generates CRL now based on cache or local directory if cache is not
+     * available. It also publishes CRL if it is required. CRL is signed by
+     * default signing algorithm.
+     * 
+     * @exception EBaseException if an error occurred during CRL generation or
+     *                publishing
      */
-    public  void updateCRLNow() throws EBaseException;
+    public void updateCRLNow() throws EBaseException;
 
     /**
      * Returns list of CRL extensions.
-     *
+     * 
      * @return list of CRL extensions
      */
     public ICMSCRLExtensions getCRLExtensions();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java b/pki/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java
index 6f7a49615..161328b9e 100644
--- a/pki/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ca;
 
-
 import java.util.Enumeration;
 
 import netscape.security.x509.CertificateChain;
@@ -44,12 +43,11 @@ import com.netscape.certsrv.request.IRequestQueue;
 import com.netscape.certsrv.request.IService;
 import com.netscape.certsrv.security.ISigningUnit;
 
-
 /**
- * An interface represents a Certificate Authority that is
- * responsible for certificate specific operations.
+ * An interface represents a Certificate Authority that is responsible for
+ * certificate specific operations.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICertificateAuthority extends ISubsystem {
@@ -76,18 +74,15 @@ public interface ICertificateAuthority extends ISubsystem {
     public final static String PROP_ENABLE_PAST_CATIME = "enablePastCATime";
     public final static String PROP_DEF_VALIDITY = "DefaultIssueValidity";
     public final static String PROP_FAST_SIGNING = "fastSigning";
-    public static final String PROP_ENABLE_ADMIN_ENROLL =
-        "enableAdminEnroll";
+    public static final String PROP_ENABLE_ADMIN_ENROLL = "enableAdminEnroll";
 
     public final static String PROP_CRL_SUBSTORE = "crl";
     // make this public so agent gateway can access for now.
     public final static String PROP_CRL_PAGE_SIZE = "pageSize";
     public final static String PROP_MASTER_CRL = "MasterCRL";
     public final static String PROP_CRLEXT_SUBSTORE = "extension";
-    public final static String PROP_ISSUING_CLASS =
-        "com.netscape.cmscore.ca.CRLIssuingPoint";
-    public final static String PROP_EXPIREDCERTS_CLASS =
-        "com.netscape.cmscore.ca.CRLWithExpiredCerts";
+    public final static String PROP_ISSUING_CLASS = "com.netscape.cmscore.ca.CRLIssuingPoint";
+    public final static String PROP_EXPIREDCERTS_CLASS = "com.netscape.cmscore.ca.CRLWithExpiredCerts";
 
     public final static String PROP_NOTIFY_SUBSTORE = "notification";
     public final static String PROP_CERT_ISSUED_SUBSTORE = "certIssued";
@@ -108,67 +103,68 @@ public interface ICertificateAuthority extends ISubsystem {
     public final static String PROP_ID = "id";
 
     public final static String PROP_CERTDB_TRANS_MAXRECORDS = "transitMaxRecords";
-    public final static String PROP_CERTDB_TRANS_PAGESIZE   =  "transitRecordPageSize"; 
+    public final static String PROP_CERTDB_TRANS_PAGESIZE = "transitRecordPageSize";
 
     /**
-     * Retrieves the certificate repository where all the locally
-     * issued certificates are kept.
-     *
+     * Retrieves the certificate repository where all the locally issued
+     * certificates are kept.
+     * 
      * @return CA's certificate repository
      */
     public ICertificateRepository getCertificateRepository();
 
     /**
      * Retrieves the request queue of this certificate authority.
-     *
+     * 
      * @return CA's request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Retrieves the policy processor of this certificate authority.
-     *
+     * 
      * @return CA's policy processor
      */
     public IPolicyProcessor getPolicyProcessor();
 
     public boolean noncesEnabled();
-    public Nonces  getNonces();
+
+    public Nonces getNonces();
 
     /**
      * Retrieves the publishing processor of this certificate authority.
-     *
+     * 
      * @return CA's publishing processor
      */
     public IPublisherProcessor getPublisherProcessor();
 
     /**
      * Retrieves the next available serial number.
-     *
+     * 
      * @return next available serial number
      */
     public String getStartSerial();
 
     /**
      * Sets the next available serial number.
-     *
+     * 
      * @param serial next available serial number
      * @exception EBaseException failed to set next available serial number
      */
     public void setStartSerial(String serial) throws EBaseException;
 
     /**
-     * Retrieves the last serial number that can be used for 
-     * certificate issuance in this certificate authority.
-     *
+     * Retrieves the last serial number that can be used for certificate
+     * issuance in this certificate authority.
+     * 
      * @return the last serial number
      */
     public String getMaxSerial();
 
     /**
-     * Sets the last serial number that can be used for 
-     * certificate issuance in this certificate authority.
-     *
+     * Sets the last serial number that can be used for certificate issuance in
+     * this certificate authority.
+     * 
      * @param serial the last serial number
      * @exception EBaseException failed to set the last serial number
      */
@@ -176,21 +172,21 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the default signature algorithm of this certificate authority.
-     *
+     * 
      * @return the default signature algorithm of this CA
      */
     public SignatureAlgorithm getDefaultSignatureAlgorithm();
 
     /**
      * Retrieves the default signing algorithm of this certificate authority.
-     *
+     * 
      * @return the default signing algorithm of this CA
      */
     public String getDefaultAlgorithm();
 
     /**
      * Sets the default signing algorithm of this certificate authority.
-     *
+     * 
      * @param algorithm new default signing algorithm
      * @exception EBaseException failed to set the default signing algorithm
      */
@@ -198,38 +194,38 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the supported signing algorithms of this certificate authority.
-     *
+     * 
      * @return the supported signing algorithms of this CA
      */
     public String[] getCASigningAlgorithms();
 
     /**
-     * Allows certificates to have validities that are longer
-     * than this certificate authority's.
-     *
-     * @param enableCAPast if equals "true", it allows certificates
-     * to have validity longer than CA's certificate validity
+     * Allows certificates to have validities that are longer than this
+     * certificate authority's.
+     * 
+     * @param enableCAPast if equals "true", it allows certificates to have
+     *            validity longer than CA's certificate validity
      * @exception EBaseException failed to set above option
      */
-    public void setValidity(String enableCAPast) throws EBaseException; 
+    public void setValidity(String enableCAPast) throws EBaseException;
 
     /**
      * Retrieves the default validity period.
-     *
+     * 
      * @return the default validity length in days
      */
     public long getDefaultValidity();
 
     /**
      * Retrieves all the CRL issuing points.
-     *
+     * 
      * @return enumeration of all the CRL issuing points
      */
     public Enumeration getCRLIssuingPoints();
 
     /**
      * Retrieves CRL issuing point with the given identifier.
-     *
+     * 
      * @param id CRL issuing point id
      * @return CRL issuing point with given id
      */
@@ -237,18 +233,18 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Adds CRL issuing point with the given identifier and description.
-     *
+     * 
      * @param crlSubStore sub-store with all CRL issuing points
      * @param id CRL issuing point id
      * @param description CRL issuing point description
      * @return true if CRL issuing point was successfully added
      */
     public boolean addCRLIssuingPoint(IConfigStore crlSubStore, String id,
-                                      boolean enable, String description);
+            boolean enable, String description);
 
     /**
      * Deletes CRL issuing point with the given identifier.
-     *
+     * 
      * @param crlSubStore sub-store with all CRL issuing points
      * @param id CRL issuing point id
      */
@@ -256,122 +252,122 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the CRL repository.
-     *
+     * 
      * @return CA's CRL repository
      */
     public ICRLRepository getCRLRepository();
 
     /**
      * Retrieves the Replica ID repository.
-     *
+     * 
      * @return CA's Replica ID repository
      */
     public IReplicaIDRepository getReplicaRepository();
 
     /**
      * Retrieves the request in queue listener.
-     *
+     * 
      * @return the request in queue listener
      */
     public IRequestListener getRequestInQListener();
 
     /**
      * Retrieves all request listeners.
-     *
+     * 
      * @return name enumeration of all request listeners
      */
     public Enumeration getRequestListenerNames();
 
     /**
      * Retrieves the request listener for issued certificates.
-     *
+     * 
      * @return the request listener for issued certificates
      */
     public IRequestListener getCertIssuedListener();
 
     /**
      * Retrieves the request listener for revoked certificates.
-     *
+     * 
      * @return the request listener for revoked certificates
      */
     public IRequestListener getCertRevokedListener();
 
     /**
      * Retrieves the CA certificate chain.
-     *
+     * 
      * @return the CA certificate chain
      */
-    public CertificateChain getCACertChain(); 
+    public CertificateChain getCACertChain();
 
     /**
      * Retrieves the CA certificate.
-     *
+     * 
      * @return the CA certificate
      */
     public org.mozilla.jss.crypto.X509Certificate getCaX509Cert();
 
     /**
      * Retrieves the CA certificate.
-     *
+     * 
      * @return the CA certificate
      */
     public X509CertImpl getCACert();
 
     /**
      * Updates the CRL immediately for MasterCRL issuing point if it exists.
-     *
+     * 
      * @exception EBaseException failed to create or publish CRL
      */
     public void updateCRLNow() throws EBaseException;
 
     /**
      * Publishes the CRL immediately for MasterCRL issuing point if it exists.
-     *
+     * 
      * @exception EBaseException failed to publish CRL
      */
     public void publishCRLNow() throws EBaseException;
 
     /**
-     * Retrieves the signing unit that manages the CA signing key for
-     * signing certificates.
-     *
+     * Retrieves the signing unit that manages the CA signing key for signing
+     * certificates.
+     * 
      * @return the CA signing unit for certificates
      */
     public ISigningUnit getSigningUnit();
 
     /**
-     * Retrieves the signing unit that manages the CA signing key for
-     * signing CRL.
-     *
+     * Retrieves the signing unit that manages the CA signing key for signing
+     * CRL.
+     * 
      * @return the CA signing unit for CRLs
      */
     public ISigningUnit getCRLSigningUnit();
 
     /**
-     * Retrieves the signing unit that manages the CA signing key for
-     * signing OCSP response.
-     *
+     * Retrieves the signing unit that manages the CA signing key for signing
+     * OCSP response.
+     * 
      * @return the CA signing unit for OCSP responses
      */
     public ISigningUnit getOCSPSigningUnit();
 
     /**
      * Sets the maximium path length in the basic constraint extension.
-     *
+     * 
      * @param num the maximium path length
      */
     public void setBasicConstraintMaxLen(int num);
 
     /**
      * Is this a clone CA?
-     *
+     * 
      * @return true if this is a clone CA
      */
     public boolean isClone();
 
     /**
      * Retrieves the request listener by name.
-     *
+     * 
      * @param name request listener name
      * @return the request listener
      */
@@ -381,17 +377,17 @@ public interface ICertificateAuthority extends ISubsystem {
      * get request notifier
      */
     public IRequestNotifier getRequestNotifier();
-   
+
     /**
      * Registers a request listener.
-     *
+     * 
      * @param listener request listener to be registered
      */
     public void registerRequestListener(IRequestListener listener);
 
     /**
      * Registers a request listener.
-     *
+     * 
      * @param name under request listener is going to be registered
      * @param listener request listener to be registered
      */
@@ -399,32 +395,32 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Retrieves the issuer name of this certificate authority.
-     *
+     * 
      * @return the issuer name of this certificate authority
      */
     public X500Name getX500Name();
 
     /**
      * Retrieves the issuer name of this certificate authority issuing point.
-     *
+     * 
      * @return the issuer name of this certificate authority issuing point
      */
-    public X500Name getCRLX500Name(); 
+    public X500Name getCRLX500Name();
 
     /**
      * Signs the given CRL with the specific algorithm.
-     *
+     * 
      * @param crl CRL to be signed
      * @param algname algorithm used for signing
      * @return signed CRL
      * @exception EBaseException failed to sign CRL
      */
     public X509CRLImpl sign(X509CRLImpl crl, String algname)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Logs a message to this certificate authority.
-     *
+     * 
      * @param level logging level
      * @param msg logged message
      */
@@ -432,72 +428,71 @@ public interface ICertificateAuthority extends ISubsystem {
 
     /**
      * Returns the nickname for the CA signing certificate.
-     *
+     * 
      * @return the nickname for the CA signing certificate
      */
     public String getNickname();
 
     /**
      * Signs a X.509 certificate template.
-     *
+     * 
      * @param certInfo X.509 certificate template
      * @param algname algorithm used for signing
      * @return signed certificate
      * @exception EBaseException failed to sign certificate
      */
     public X509CertImpl sign(X509CertInfo certInfo, String algname)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves the default certificate version.
-     *
+     * 
      * @return the default version certificate
      */
     public CertificateVersion getDefaultCertVersion();
 
     /**
-     * Is this CA allowed to issue certificate that has longer
-     * validty than the CA's.
-     *
+     * Is this CA allowed to issue certificate that has longer validty than the
+     * CA's.
+     * 
      * @return true if allows certificates to have validity longer than CA's
      */
     public boolean isEnablePastCATime();
 
     /**
-     * Retrieves the CA service object that is responsible for
-     * processing requests.
-     *
+     * Retrieves the CA service object that is responsible for processing
+     * requests.
+     * 
      * @return CA service object
      */
     public IService getCAService();
 
     /**
      * Returns the in-memory count of the processed OCSP requests.
-     *
+     * 
      * @return number of processed OCSP requests in memory
      */
     public long getNumOCSPRequest();
 
     /**
-     * Returns the in-memory time (in mini-second) of 
-     * the processed time for OCSP requests.
-     *
+     * Returns the in-memory time (in mini-second) of the processed time for
+     * OCSP requests.
+     * 
      * @return processed times for OCSP requests
      */
     public long getOCSPRequestTotalTime();
 
     /**
-     * Returns the in-memory time (in mini-second) of 
-     * the signing time for OCSP requests.
-     *
+     * Returns the in-memory time (in mini-second) of the signing time for OCSP
+     * requests.
+     * 
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalSignTime();
 
     /**
-     * Returns the total data signed
-     * for OCSP requests.
-     *
+     * Returns the total data signed for OCSP requests.
+     * 
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalData();
diff --git a/pki/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java b/pki/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java
index 653c684f5..449293e50 100644
--- a/pki/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/cert/ICrossCertPairSubsystem.java
@@ -17,45 +17,45 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.cert;
 
-
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
  * Interface for handling cross certs
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICrossCertPairSubsystem extends ISubsystem {
 
     /**
-     * "import" the CA cert cross-signed by another CA (potentially a
-     * bridge CA) into internal ldap db.
-     * If publishing is turned on, and 
-     * if matches up a pair, then publish to publishing directory
-     * otherwise, leave in internal ldap db and wait for it's matching 
-     * pair
+     * "import" the CA cert cross-signed by another CA (potentially a bridge CA)
+     * into internal ldap db. If publishing is turned on, and if matches up a
+     * pair, then publish to publishing directory otherwise, leave in internal
+     * ldap db and wait for it's matching pair
+     * 
      * @param certBytes binary byte array of the cert
-	 * @exception EBaseException when certBytes conversion to X509
-	 * certificate fails
+     * @exception EBaseException when certBytes conversion to X509 certificate
+     *                fails
      */
     public void importCert(byte[] certBytes) throws EBaseException;
 
     /**
      * publish all cert pairs, if publisher is on
-	 * @exception EBaseException when publishing fails
+     * 
+     * @exception EBaseException when publishing fails
      */
     public void publishCertPairs() throws EBaseException;
 
-	/**
-	 * convert byte array to X509Certificate
-	 * @return X509Certificate the X509Certificate class
-	 * representation of the certificate byte array
-	 * @exception CertificateException when conversion fails
-	 */
-    public X509Certificate byteArray2X509Cert(byte[] certBytes) throws CertificateException;
+    /**
+     * convert byte array to X509Certificate
+     * 
+     * @return X509Certificate the X509Certificate class representation of the
+     *         certificate byte array
+     * @exception CertificateException when conversion fails
+     */
+    public X509Certificate byteArray2X509Cert(byte[] certBytes)
+            throws CertificateException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/client/IDataProcessor.java b/pki/base/common/src/com/netscape/certsrv/client/IDataProcessor.java
index 3bce367d9..7f78b97ed 100644
--- a/pki/base/common/src/com/netscape/certsrv/client/IDataProcessor.java
+++ b/pki/base/common/src/com/netscape/certsrv/client/IDataProcessor.java
@@ -17,18 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.client;
 
-
 /**
- * this class represents the callback interface between
- * the client package and the data storage object (data model)
- *
+ * this class represents the callback interface between the client package and
+ * the data storage object (data model)
+ * 
  * @version $Revision$, $Date$
  */
 public interface IDataProcessor {
 
     /**
-     * This method will be callby the client package each time
-     * data object arrived from the server side.
+     * This method will be callby the client package each time data object
+     * arrived from the server side.
+     * 
      * @param data data object expected by the interface implementor
      */
     public void processData(Object data);
diff --git a/pki/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java b/pki/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java
index ff83cadd5..0a96ee698 100644
--- a/pki/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java
+++ b/pki/base/common/src/com/netscape/certsrv/client/connection/IAuthenticator.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.client.connection;
 
-
 /**
  * An interface represents authentiator.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IAuthenticator {
diff --git a/pki/base/common/src/com/netscape/certsrv/client/connection/IConnection.java b/pki/base/common/src/com/netscape/certsrv/client/connection/IConnection.java
index 18bd35183..4a8166b02 100644
--- a/pki/base/common/src/com/netscape/certsrv/client/connection/IConnection.java
+++ b/pki/base/common/src/com/netscape/certsrv/client/connection/IConnection.java
@@ -22,13 +22,13 @@ import java.net.SocketException;
 
 /**
  * Interface for all connection objects.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IConnection {
 
     /**
-     *  Send request to the server using this connection
+     * Send request to the server using this connection
      */
     public int sendRequest(String req) throws IOException;
 
@@ -41,11 +41,10 @@ public interface IConnection {
      * Close the connection
      */
     public void disconnect();
-    
+
     /**
      * SetTimeout
      */
     public void setSoTimeout(int timeout) throws SocketException;
- 
- 
+
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java b/pki/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java
index 1542d5faf..91521a165 100644
--- a/pki/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java
+++ b/pki/base/common/src/com/netscape/certsrv/client/connection/IConnectionFactory.java
@@ -21,23 +21,23 @@ import java.io.IOException;
 import java.net.UnknownHostException;
 
 /**
- * Interface for all connection factory. Primarily act as
- * the abstraction layer for different kind of connection factory.
- *
+ * Interface for all connection factory. Primarily act as the abstraction layer
+ * for different kind of connection factory.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IConnectionFactory {
 
     /**
      * Creates connection using the host and port
-     * @param host  The host to connect to
-     * @param port  The port to connect to
-     * @return  The created connection
-     * @throws IOException   On an IO Error
-     * @throws UnknownHostException  If the host can't be resolved
+     * 
+     * @param host The host to connect to
+     * @param port The port to connect to
+     * @return The created connection
+     * @throws IOException On an IO Error
+     * @throws UnknownHostException If the host can't be resolved
      */
-    public IConnection create(String host, int port)
-        throws IOException, UnknownHostException;
+    public IConnection create(String host, int port) throws IOException,
+            UnknownHostException;
 
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/common/ConfigConstants.java b/pki/base/common/src/com/netscape/certsrv/common/ConfigConstants.java
index 9f892cd25..1cb099f71 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/ConfigConstants.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/ConfigConstants.java
@@ -17,12 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface contains constants that are used 
- * in the protocol between the configuration daemon 
- * and UI configuration wizard.
- *
+ * This interface contains constants that are used in the protocol between the
+ * configuration daemon and UI configuration wizard.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ConfigConstants {
@@ -30,8 +28,8 @@ public interface ConfigConstants {
     public static final String TRUE = "true";
     public static final String FALSE = "false";
     public static final String OPTYPE = "opType";
-    public static final String TASKID = "taskID";  
- 
+    public static final String TASKID = "taskID";
+
     // Stages
     public static final String STAGES = "stages";
     public static final String STAGE_INTERNAL_DB = "stageInternalDB";
@@ -135,7 +133,7 @@ public interface ConfigConstants {
     public static final String PR_EE_SECURE_PORT = "eeGateway.https.port";
     public static final String PR_AGENT_PORT = "agentGateway.https.port";
     public static final String PR_RADM_PORT = "radm.https.port";
-    public static final String PR_RADM_PORT_SETUP="radm.port";
+    public static final String PR_RADM_PORT_SETUP = "radm.port";
     public static final String PR_EE_PORT_ENABLE = "eeGateway.http.enable";
     public static final String PR_EE_PORTS_ENABLE = "eePortsEnable";
 
@@ -172,28 +170,21 @@ public interface ConfigConstants {
     public static final String PR_OUTPUT_PATH = "outputPath";
     public static final String PR_ADD_LDIF_PATH = "addLdifPath";
     public static final String PR_MOD_LDIF_PATH = "modLdifPath";
-    public static final String PR_SIGNING_KEY_MIGRATION_TOKEN =
-        "signingKeyMigrationToken";
-    public static final String PR_SSL_KEY_MIGRATION_TOKEN =
-        "sslKeyMigrationToken";
-    public static final String PR_SIGNING_KEY_MIGRATION_TOKEN_PASSWD =
-        "signingKeyMigrationTokenPasswd";
-    public static final String PR_SIGNING_KEY_MIGRATION_TOKEN_SOPPASSWD =
-        "signingKeyMigrationTokenSOPPasswd";
-    public static final String PR_SSL_KEY_MIGRATION_TOKEN_PASSWD =
-        "sslKeyMigrationTokenPasswd";
-    public static final String PR_SSL_KEY_MIGRATION_TOKEN_SOPPASSWD =
-        "sslKeyMigrationTokenSOPPasswd";
-    public static final String PR_NUM_MIGRATION_WARNINGS =
-        "numMigrationWarnings";
+    public static final String PR_SIGNING_KEY_MIGRATION_TOKEN = "signingKeyMigrationToken";
+    public static final String PR_SSL_KEY_MIGRATION_TOKEN = "sslKeyMigrationToken";
+    public static final String PR_SIGNING_KEY_MIGRATION_TOKEN_PASSWD = "signingKeyMigrationTokenPasswd";
+    public static final String PR_SIGNING_KEY_MIGRATION_TOKEN_SOPPASSWD = "signingKeyMigrationTokenSOPPasswd";
+    public static final String PR_SSL_KEY_MIGRATION_TOKEN_PASSWD = "sslKeyMigrationTokenPasswd";
+    public static final String PR_SSL_KEY_MIGRATION_TOKEN_SOPPASSWD = "sslKeyMigrationTokenSOPPasswd";
+    public static final String PR_NUM_MIGRATION_WARNINGS = "numMigrationWarnings";
     public static final String PR_MIGRATION_WARNING = "migrationWarning";
     public static final String PR_CA_KEY_TYPE = "caKeyType";
     public static final String PR_LDAP_PASSWORD = "ldapPassword";
     public static final String PR_MIGRATION_PASSWORD = "migrationPassword";
 
     // Key and Cert
-    public static final String PR_HARDWARE_SPLIT = "hardwareSplit";    
-    public static final String PR_TOKEN_LIST = "tokenList";    
+    public static final String PR_HARDWARE_SPLIT = "hardwareSplit";
+    public static final String PR_TOKEN_LIST = "tokenList";
     public static final String PR_TOKEN_NAME = "tokenName";
     public static final String PR_SUBJECT_NAME = "subjectName";
     public static final String PR_CA_SUBJECT_NAME = "caSubjectName";
@@ -269,7 +260,7 @@ public interface ConfigConstants {
     public static final String PR_RA_TOKEN = "raToken";
     public static final String PR_KRA_TOKEN = "kraToken";
     public static final String PR_SSL_TOKEN = "sslToken";
-    //public static final String PR_SUBSYSTEMS = "subsystems";
+    // public static final String PR_SUBSYSTEMS = "subsystems";
 
     // Key Length
     public static final String PR_RSA_MIN_KEYLENGTH = "RSAMinKeyLength";
@@ -293,8 +284,8 @@ public interface ConfigConstants {
     // CA serial number
     public static final String PR_CA_SERIAL_NUMBER = "caSerialNumber";
     public static final String PR_CA_ENDSERIAL_NUMBER = "caEndSerialNumber";
-    
-	// KRA number
+
+    // KRA number
     public static final String PR_REQUEST_NUMBER = "requestNumber";
     public static final String PR_ENDREQUEST_NUMBER = "endRequestNumber";
     public static final String PR_SERIAL_REQUEST_NUMBER = "serialRequestNumber";
@@ -331,4 +322,3 @@ public interface ConfigConstants {
     public static final String PR_AGREEMENT_NAME_2 = "agreementName2";
     public static final String PR_REPLICATION_MANAGER_PASSWD_2 = "replicationManagerPwd2";
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/common/Constants.java b/pki/base/common/src/com/netscape/certsrv/common/Constants.java
index c85034918..dc2a6081a 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/Constants.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/Constants.java
@@ -17,18 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface contains constants that are shared 
- * by certificate server and its client SDK.
- *
+ * This interface contains constants that are shared by certificate server and
+ * its client SDK.
+ * 
  * @version $Revision$, $Date$
  */
 public interface Constants {
 
-    /*=======================================================
-     * MESSAGE FORMAT CONSTANTS
-     *=======================================================*/
+    /*
+     * ======================================================= MESSAGE FORMAT
+     * CONSTANTS=======================================================
+     */
     public static final String PASSWORDTYPE = "PasswordField";
     public static final String TEXTTYPE = "TextField";
     public static final String CHECKBOXTYPE = "CheckBox";
@@ -41,34 +41,37 @@ public interface Constants {
     public final static String OP_TYPE = "OP_TYPE";
     public final static String OP_SCOPE = "OP_SCOPE";
 
-    //STATIC RESOURCE IDENTIFIERS
+    // STATIC RESOURCE IDENTIFIERS
     public final static String RS_ID = "RS_ID";
     public final static String RS_ID_CONFIG = "RS_ID_CONFIG";
     public final static String RS_ID_ORDER = "RS_ID_ORDER";
 
-    //STATIC UI TYPE
+    // STATIC UI TYPE
     public final static String TYPE_PASSWORD = "password";
-    
+
     /**********************************************************
      * PROPERTY NAME LISTED BELOW
      **********************************************************/
-    
-    /*========================================================
-     * General
-     *========================================================*/     
+
+    /*
+     * ======================================================== General
+     * ========================================================
+     */
     public final static String PR_PORT = "port";
     public final static String PR_SSLPORT = "sslPort";
-     
-    /*========================================================
-     * Tasks
-     *========================================================*/
+
+    /*
+     * ======================================================== Tasks
+     * ========================================================
+     */
     public final static String PR_SERVER_START = "start";
     public final static String PR_SERVER_STOP = "stop";
     public final static String PR_SERVER_RESTART = "restart";
-    
-    /*========================================================
-     * Networks
-     *========================================================*/
+
+    /*
+     * ======================================================== Networks
+     * ========================================================
+     */
     public final static String PR_ADMIN_S_PORT = "admin.https.port";
     public final static String PR_AGENT_S_PORT = "agent.https.port";
     public final static String PR_GATEWAY_S_PORT = "gateway.https.port";
@@ -78,19 +81,20 @@ public interface Constants {
     public final static String PR_AGENT_S_BACKLOG = "agent.https.backlog";
     public final static String PR_GATEWAY_S_BACKLOG = "gateway.https.backlog";
     public final static String PR_GATEWAY_BACKLOG = "gateway.http.backlog";
-    public final static String PR_GATEWAY_PORT_ENABLED =
-        "gateway.http.enable";
+    public final static String PR_GATEWAY_PORT_ENABLED = "gateway.http.enable";
     public final static String PR_MASTER_AGENT_PORT = "master.ca.agent.port";
     public final static String PR_MASTER_AGENT_HOST = "master.ca.agent.host";
-    
-    /*========================================================
-     * SMTP
-     *========================================================*/
+
+    /*
+     * ======================================================== SMTP
+     * ========================================================
+     */
     public final static String PR_SERVER_NAME = "server";
-    
-    /*========================================================
-     * SNMP
-     *========================================================*/
+
+    /*
+     * ======================================================== SNMP
+     * ========================================================
+     */
     public final static String PR_SNMP_ENABLED = "on";
     public final static String PR_SNMP_MASTER_HOST = "master.host";
     public final static String PR_SNMP_MASTER_PORT = "master.port";
@@ -99,23 +103,25 @@ public interface Constants {
     public final static String PR_SNMP_LOC = "loc";
     public final static String PR_SNMP_CONTACT = "contact";
 
-    /*========================================================
-     * Self Tests
-     *========================================================*/
+    /*
+     * ======================================================== Self Tests
+     * ========================================================
+     */
     public final static String PR_RUN_SELFTESTS_ON_DEMAND = "run";
     public final static String PR_RUN_SELFTESTS_ON_DEMAND_CLASS = "class";
     public final static String PR_RUN_SELFTESTS_ON_DEMAND_CONTENT = "runContent";
 
-    /*========================================================
-     * Users and Groups
-     *========================================================*/
-    
-    //group properties
+    /*
+     * ======================================================== Users and Groups
+     * ========================================================
+     */
+
+    // group properties
     public final static String PR_GROUP_DESC = "desc";
     public final static String PR_GROUP_USER = "user";
     public final static String PR_GROUP_GROUP = "group";
 
-    //user properties
+    // user properties
     public final static String PR_USER_FULLNAME = "fullname";
     public final static String PR_USER_PASSWORD = "password";
     public final static String PR_USER_EMAIL = "email";
@@ -125,9 +131,10 @@ public interface Constants {
     public final static String PR_USER_GROUP = "groups";
     public final static String PR_MULTIROLES = "multiroles";
 
-    /*========================================================
-     * Authentication
-     *========================================================*/
+    /*
+     * ======================================================== Authentication
+     * ========================================================
+     */
     public final static String PR_PING = "ping";
     public final static String PR_AUTH_CLASS = "class";
     public final static String PR_AUTH_IMPL_NAME = "implName";
@@ -137,25 +144,27 @@ public interface Constants {
     public final static String PR_AUTH_ADMIN_DN = "ldapauth.bindDN";
     public final static String PR_AUTH_ADMIN_PWD = "ldapauth.bindPassword";
 
-    /*========================================================
-     * Job Scheduler
-     *========================================================*/
+    /*
+     * ======================================================== Job Scheduler
+     * ========================================================
+     */
     public final static String PR_JOBS_CLASS = "class";
     public final static String PR_JOBS_IMPL_NAME = "implName";
     public final static String PR_JOBS_FREQUENCY = "frequency";
 
-    /*========================================================
-     * Notification
-     *========================================================*/
+    /*
+     * ======================================================== Notification
+     * ========================================================
+     */
     public final static String PR_NOTIFICATION_FORM_NAME = "emailTemplate";
-    public final static String PR_NOTIFICATION_SUBJECT =
-        "emailSubject";
+    public final static String PR_NOTIFICATION_SUBJECT = "emailSubject";
     public final static String PR_NOTIFICATION_SENDER = "senderEmail";
     public final static String PR_NOTIFICATION_RECEIVER = "recipientEmail";
 
-    /*========================================================
-     * Logs
-     *========================================================*/
+    /*
+     * ======================================================== Logs
+     * ========================================================
+     */
     public static final String PR_LOG_IMPL_NAME = "implName";
     public static final String PR_EXT_PLUGIN_IMPLTYPE_LOG = "log";
     public final static String PR_LOG_CLASS = "class";
@@ -191,10 +200,11 @@ public interface Constants {
     public static final String PR_DEBUG_LOG_ENABLE = "debug.enabled";
     public static final String PR_DEBUG_LOG_LEVEL = "debug.level";
 
-    /*========================================================
-     * LDAP Publishing
-     *========================================================*/
-     
+    /*
+     * ======================================================== LDAP Publishing
+     * ========================================================
+     */
+
     // publishing properties
     public final static String PR_BASIC_AUTH = "BasicAuth";
     public final static String PR_SSL_AUTH = "SslClientAuth";
@@ -253,7 +263,7 @@ public interface Constants {
     public final static String PR_BASE_DN = "baseDN";
     public final static String PR_DNCOMPS = "dnComps";
     public final static String PR_FILTERCOMPS = "filterComps";
-    
+
     // ldap connection test
     public final static String PR_CONN_INITED = "connInited";
     public final static String PR_CONN_INIT_FAIL = "connInitFail";
@@ -264,15 +274,17 @@ public interface Constants {
     public final static String PR_SAVE_OK = "saveOk";
     public final static String PR_SAVE_NOT = "saveOrNot";
 
-    /*========================================================
-     * Plugin
-     *========================================================*/
+    /*
+     * ======================================================== Plugin
+     * ========================================================
+     */
     public final static String PR_PLUGIN_IMP = "imp";
     public final static String PR_PLUGIN_INSTANCE = "instance";
 
-    /*========================================================
-     * Policy
-     *========================================================*/
+    /*
+     * ======================================================== Policy
+     * ========================================================
+     */
     public final static String PR_POLICY_CLASS = "class";
     public final static String PR_POLICY_IMPL_NAME = "implName";
     public final static String PR_CRLDP_NAME = "crldpName";
@@ -281,9 +293,10 @@ public interface Constants {
     public final static String PR_POLICY_ENABLE = "enable";
     public final static String PR_POLICY_PREDICATE = "predicate";
 
-    /*========================================================
-     * Publish
-     *========================================================*/
+    /*
+     * ======================================================== Publish
+     * ========================================================
+     */
     public final static String PR_PUBLISHER = "publisher";
     public final static String PR_PUBLISHER_CLASS = "class";
     public final static String PR_PUBLISHER_IMPL_NAME = "implName";
@@ -314,19 +327,18 @@ public interface Constants {
 
     public final static String PR_OCSPSTORE_IMPL_NAME = "implName";
 
-    /*========================================================
-     * Registration Authority
-     *========================================================*/
+    /*
+     * ======================================================== Registration
+     * Authority========================================================
+     */
     public final static String PR_EE_ENABLED = "eeEnabled";
     public final static String PR_OCSP_ENABLED = "ocspEnabled";
     public final static String PR_RA_ENABLED = "raEnabled";
     public final static String PR_RENEWAL_ENABLED = "renewal.enabled";
     public final static String PR_RENEWAL_VALIDITY = "renewal.validity";
     public final static String PR_RENEWAL_EMAIL = "renewal.email";
-    public final static String PR_RENEWAL_EXPIREDNOTIFIEDENABLED = 
-        "renewal.expired.notification.enabled";
-    public final static String PR_RENEWAL_NUMNOTIFICATION = 
-        "renewal.numNotification";
+    public final static String PR_RENEWAL_EXPIREDNOTIFIEDENABLED = "renewal.expired.notification.enabled";
+    public final static String PR_RENEWAL_NUMNOTIFICATION = "renewal.numNotification";
     public final static String PR_RENEWAL_INTERVAL = "renewal.interval";
     public final static String PR_SERVLET_CLASS = "class";
     public final static String PR_SERVLET_URI = "uri";
@@ -337,27 +349,30 @@ public interface Constants {
     public final static String PR_URI = "uri";
     public final static String PR_ENABLED = "enable";
 
-    /*========================================================
-     * Certificate Authority
-     *========================================================*/
+    /*
+     * ======================================================== Certificate
+     * Authority========================================================
+     */
     public final static String PR_VALIDITY = "validity";
     public final static String PR_DEFAULT_ALGORITHM = "defaultSigningAlgorithm";
     public final static String PR_ALL_ALGORITHMS = "allSigningAlgorithms";
     public final static String PR_SERIAL = "startSerialNumber";
     public final static String PR_MAXSERIAL = "maxSerialNumber";
 
-    /*========================================================
-     * Access Control
-     *========================================================*/
+    /*
+     * ======================================================== Access Control
+     * ========================================================
+     */
     public final static String PR_ACL_OPS = "aclOperations";
     public final static String PR_ACI = "aci";
     public final static String PR_ACL_CLASS = "class";
     public final static String PR_ACL_DESC = "desc";
     public final static String PR_ACL_RIGHTS = "rights";
-    
-    /*========================================================
-     * Key Recovery
-     *========================================================*/
+
+    /*
+     * ======================================================== Key Recovery
+     * ========================================================
+     */
     public final static String PR_AUTO_RECOVERY_ON = "autoRecoveryOn";
     public final static String PR_RECOVERY_N = "recoveryN";
     public final static String PR_RECOVERY_M = "recoveryM";
@@ -367,18 +382,20 @@ public interface Constants {
     public final static String PR_AGENT_PWD = "agentPwd";
     public final static String PR_NO_OF_REQUIRED_RECOVERY_AGENTS = "noOfRequiredRecoveryAgents";
 
-    /*========================================================
-     * Status
-     *========================================================*/
+    /*
+     * ======================================================== Status
+     * ========================================================
+     */
     public final static String PR_STAT_STARTUP = "startup";
     public final static String PR_STAT_TIME = "time";
     public final static String PR_STAT_VERSION = "cms.version";
     public final static String PR_STAT_INSTALLDATE = "installDate";
     public final static String PR_STAT_INSTANCEID = "instanceId";
 
-    /*========================================================
-     * Server Instance
-     *========================================================*/
+    /*
+     * ======================================================== Server Instance
+     * ========================================================
+     */
     public final static String PR_INSTALL = "install";
     public final static String PR_INSTANCES_INSTALL = "instancesInstall";
     public final static String PR_CA_INSTANCE = "ca";
@@ -386,7 +403,7 @@ public interface Constants {
     public final static String PR_RA_INSTANCE = "ra";
     public final static String PR_KRA_INSTANCE = "kra";
     public final static String PR_TKS_INSTANCE = "tks";
-   
+
     /*
      * Certificate info
      */
@@ -464,11 +481,12 @@ public interface Constants {
      */
     public final static String PR_TRUST = "trust";
 
-    /*========================================================
-     * Security
-     *========================================================*/
-     
-    //functionality 
+    /*
+     * ======================================================== Security
+     * ========================================================
+     */
+
+    // functionality
     public final static String PR_CERT_SERVER = "SERVER";
     public final static String PR_CERT_ADMIN = "ADMIN";
     public final static String PR_CERT_AGENT = "AGENT";
@@ -477,17 +495,16 @@ public interface Constants {
     public final static String PR_CERT_RA = "RA";
     public final static String PR_CERT_POA = "POA";
     public final static String PR_CERT_TRANS = "TRANS";
-    
+
     // key and certificate management
     public final static String PR_OPERATION_TYPE = "operationtype";
     public final static String PR_INSTALL_TYPE = "install";
     public final static String PR_REQUEST_TYPE = "request";
-    //public final static String PR_CA_SIGNING_CERT = "cacert";
-    //public final static String PR_SERVER_CERT = "servercert";
+    // public final static String PR_CA_SIGNING_CERT = "cacert";
+    // public final static String PR_SERVER_CERT = "servercert";
     public final static String PR_CLIENT_CERT = "clientcert";
-    public final static String PR_FULL_INTERNAL_TOKEN_NAME="Internal Key Storage Token";
-    public final static String PR_INTERNAL_TOKEN_NAME = 
-        "internal";
+    public final static String PR_FULL_INTERNAL_TOKEN_NAME = "Internal Key Storage Token";
+    public final static String PR_INTERNAL_TOKEN_NAME = "internal";
     public final static String PR_TOKEN_NAME = "tokenName";
     public final static String PR_TOKEN_PASSWD = "tokenPwd";
     public final static String PR_KEY_LENGTH = "keyLength";
@@ -502,16 +519,16 @@ public interface Constants {
     public final static String PR_SUBJECT_NAME = "subjectName";
     public final static String PR_CSR = "csr";
 
-    //encryption
-    
+    // encryption
+
     /* Cipher Version: domestic or export */
     public final static String PR_CIPHER_VERSION = "cipherversion";
     public final static String PR_CIPHER_VERSION_DOMESTIC = "cipherdomestic";
     public final static String PR_CIPHER_VERSION_EXPORT = "cipherexport";
-    
+
     /* Cipher Fortezza: true, false */
     public final static String PR_CIPHER_FORTEZZA = "cipherfortezza";
-    
+
     /* Token and Certificates */
     public final static String PR_TOKEN_LIST = "tokenlist";
     public final static String PR_TOKEN_PREFIX = "token_";
@@ -525,46 +542,30 @@ public interface Constants {
     public final static String PR_ECTYPE = "ectype";
 
     /* values for SSL cipher preferences */
-    public final static String 
-        PR_SSL2_RC4_128_WITH_MD5 = "rc4";
-    public final static String 
-        PR_SSL2_RC4_128_EXPORT40_WITH_MD5 = "rc4export";
-    public final static String 
-        PR_SSL2_RC2_128_CBC_WITH_MD5 = "rc2";
-    public final static String 
-        PR_SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 = "rc2export";
-    public final static String 
-        PR_SSL2_DES_64_CBC_WITH_MD5 = "des";
-    public final static String 
-        PR_SSL2_DES_192_EDE3_CBC_WITH_MD5 = "desede3";
-    public final static String 
-        PR_SSL3_RSA_WITH_NULL_MD5 = "rsa_null_md5";
-    public final static String 
-        PR_SSL3_RSA_EXPORT_WITH_RC4_40_MD5 = "rsa_rc4_40_md5";
-    public final static String 
-        PR_SSL3_RSA_WITH_RC4_128_MD5 = "rsa_rc4_128_md5"; 
-    public final static String 
-        PR_SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = "rsa_rc2_40_md5";
-    public final static String 
-        PR_SSL3_RSA_WITH_DES_CBC_SHA = "rsa_des_sha";
-    public final static String 
-        PR_SSL3_RSA_WITH_3DES_EDE_CBC_SHA = "rsa_3des_sha";
-    public final static String 
-        PR_SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = "fortezza";
-    public final static String 
-        PR_SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA = "fortezza_rc4_128_sha";
-    public final static String 
-        PR_SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = "rsa_fips_3des_sha";
-    public final static String 
-        PR_SSL_RSA_FIPS_WITH_DES_CBC_SHA = "rsa_fips_des_sha";
-    public final static String 
-        PR_TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = "tls_rsa_rc4_56_sha";
-    public final static String 
-        PR_TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = "tls_rsa_des_sha";
-
-    /*========================================================
-     * Watchdog and Server State Messages 
-     *========================================================*/
+    public final static String PR_SSL2_RC4_128_WITH_MD5 = "rc4";
+    public final static String PR_SSL2_RC4_128_EXPORT40_WITH_MD5 = "rc4export";
+    public final static String PR_SSL2_RC2_128_CBC_WITH_MD5 = "rc2";
+    public final static String PR_SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 = "rc2export";
+    public final static String PR_SSL2_DES_64_CBC_WITH_MD5 = "des";
+    public final static String PR_SSL2_DES_192_EDE3_CBC_WITH_MD5 = "desede3";
+    public final static String PR_SSL3_RSA_WITH_NULL_MD5 = "rsa_null_md5";
+    public final static String PR_SSL3_RSA_EXPORT_WITH_RC4_40_MD5 = "rsa_rc4_40_md5";
+    public final static String PR_SSL3_RSA_WITH_RC4_128_MD5 = "rsa_rc4_128_md5";
+    public final static String PR_SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = "rsa_rc2_40_md5";
+    public final static String PR_SSL3_RSA_WITH_DES_CBC_SHA = "rsa_des_sha";
+    public final static String PR_SSL3_RSA_WITH_3DES_EDE_CBC_SHA = "rsa_3des_sha";
+    public final static String PR_SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = "fortezza";
+    public final static String PR_SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA = "fortezza_rc4_128_sha";
+    public final static String PR_SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = "rsa_fips_3des_sha";
+    public final static String PR_SSL_RSA_FIPS_WITH_DES_CBC_SHA = "rsa_fips_des_sha";
+    public final static String PR_TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = "tls_rsa_rc4_56_sha";
+    public final static String PR_TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = "tls_rsa_des_sha";
+
+    /*
+     * ======================================================== Watchdog and
+     * Server State Messages
+     * ========================================================
+     */
 
     public final static String SERVER_STARTUP_WARNING_MESSAGE = "CMS Warning: ";
     public final static String SERVER_STARTUP_MESSAGE = "Server is started.";
@@ -572,9 +573,11 @@ public interface Constants {
     public final static String SERVER_SHUTDOWN_ERROR_MESSAGE = "Error Starting CMS: ";
     public final static String SERVER_SHUTDOWN_EXTENDED_ERROR_MESSAGE = "Extended error information: ";
 
-    /*============================================================
-     * THE FOLLOWING LIST WILL BE REMOVED
-     *============================================================*/
+    /*
+     * ============================================================ THE
+     * FOLLOWING LIST WILL BE REMOVED
+     * ============================================================
+     */
 
     // parameter types
     public final static String PT_OP = "op";
@@ -598,10 +601,8 @@ public interface Constants {
     public final static String PT_MAPPING = "mapping";
     public final static String PT_DN = "dn";
 
-    public final static String PV_SYSTEM_ADMINISTRATORS =
-        "SystemAdministrators";
-    public final static String PV_CERTIFICATE_ADMINISTRATORS =
-        "CertificateAdministrators";
+    public final static String PV_SYSTEM_ADMINISTRATORS = "SystemAdministrators";
+    public final static String PV_CERTIFICATE_ADMINISTRATORS = "CertificateAdministrators";
 
     public final static String OP_AUTHENTICATE = "authenticate";
     public final static String OP_RESTART = "restart";
@@ -635,10 +636,8 @@ public interface Constants {
 
     // certificate authority operations
     public final static String PT_PUBLISH_DN = "ldappublish.ldap.admin-dn";
-    public final static String PT_PUBLISH_PWD =
-        "ldappublish.ldap.admin-password";
-    public final static String PT_PUBLISH_FREQ =
-        "crl.crl0.autoUpdateInterval";
+    public final static String PT_PUBLISH_PWD = "ldappublish.ldap.admin-password";
+    public final static String PT_PUBLISH_FREQ = "crl.crl0.autoUpdateInterval";
     public final static String PT_SERIALNO = "serialno";
     public final static String PT_NAMES = "names";
     public final static String PT_CERTIFICATES = "certificates";
@@ -732,10 +731,10 @@ public interface Constants {
     public final static String PR_REQUEST_SVC_PENDING = "4";
     public final static String PR_REQUEST_REJECTED = "5";
 
-    //Profile
+    // Profile
     public final static String PR_CONSTRAINTS_LIST = "constraintPolicy";
 
-    //Replication
+    // Replication
     public final static String PR_REPLICATION_ENABLED = "replication.enabled";
     public final static String PR_REPLICATION_AGREEMENT_NAME_1 = "replication.master1.name";
     public final static String PR_REPLICATION_HOST_1 = "replication.master1.hostname";
diff --git a/pki/base/common/src/com/netscape/certsrv/common/DestDef.java b/pki/base/common/src/com/netscape/certsrv/common/DestDef.java
index 1d3eaff14..5c90d3078 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/DestDef.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/DestDef.java
@@ -17,12 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface defines all the operation destination
- * used in the administration protocol between the
- * console and the server.
- *
+ * This interface defines all the operation destination used in the
+ * administration protocol between the console and the server.
+ * 
  * @version $Revision$, $Date$
  */
 public interface DestDef {
diff --git a/pki/base/common/src/com/netscape/certsrv/common/NameValuePair.java b/pki/base/common/src/com/netscape/certsrv/common/NameValuePair.java
index 44d55e32e..1e513c30e 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/NameValuePair.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/NameValuePair.java
@@ -17,13 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
-
-
 /**
- * A class represents a name value pair. A name value
- * pair consists of a name and a value.
- *
+ * A class represents a name value pair. A name value pair consists of a name
+ * and a value.
+ * 
  * @version $Revision$, $Date$
  */
 public class NameValuePair {
@@ -33,7 +30,7 @@ public class NameValuePair {
 
     /**
      * Constructs value pair object.
-     *
+     * 
      * @param name name
      * @param value value
      */
@@ -44,7 +41,7 @@ public class NameValuePair {
 
     /**
      * Retrieves the name.
-     *
+     * 
      * @return name
      */
     public String getName() {
@@ -53,19 +50,19 @@ public class NameValuePair {
 
     /**
      * Retrieves the value.
-     *
+     * 
      * @return value
      */
     public String getValue() {
         return mValue;
     }
-	
+
     /**
      * Sets the value
-     *
+     * 
      * @param value value
      */
     public void setValue(String value) {
         mValue = value;
     }
-}    
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/common/NameValuePairs.java b/pki/base/common/src/com/netscape/certsrv/common/NameValuePairs.java
index 678ccfee2..628fc223f 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/NameValuePairs.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/NameValuePairs.java
@@ -17,17 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 import java.util.StringTokenizer;
 import java.util.Vector;
 
-
 /**
- * A class represents an ordered list of name 
- * value pairs.
- *
+ * A class represents an ordered list of name value pairs.
+ * 
  * @version $Revision$, $Date$
  */
 public class NameValuePairs {
@@ -35,20 +32,19 @@ public class NameValuePairs {
     private Vector mPairs = new Vector();
 
     // an index to speed up searching
-    // The key is the name.  The element is the NameValuePair.
+    // The key is the name. The element is the NameValuePair.
     private Hashtable index = new Hashtable();
 
     /**
      * Constructs name value pairs.
-     */	 
+     */
     public NameValuePairs() {
     }
 
     /**
-     * Adds a name value pair into this set.
-     * if the name already exist, the value will
-     * be replaced.
-     *
+     * Adds a name value pair into this set. if the name already exist, the
+     * value will be replaced.
+     * 
      * @param name name
      * @param value value
      */
@@ -66,7 +62,7 @@ public class NameValuePairs {
 
     /**
      * Retrieves name value pair from this set.
-     *
+     * 
      * @param name name
      * @return name value pair
      */
@@ -76,7 +72,7 @@ public class NameValuePairs {
 
     /**
      * Returns number of pairs in this set.
-     *
+     * 
      * @return size
      */
     public int size() {
@@ -85,7 +81,7 @@ public class NameValuePairs {
 
     /**
      * Retrieves name value pairs in specific position.
-     *
+     * 
      * @param pos position of the value
      * @return name value pair
      */
@@ -102,9 +98,8 @@ public class NameValuePairs {
     }
 
     /**
-     * Retrieves value of the name value pairs that matches
-     * the given name.
-     *
+     * Retrieves value of the name value pairs that matches the given name.
+     * 
      * @param name name
      * @return value
      */
@@ -119,26 +114,25 @@ public class NameValuePairs {
 
     /**
      * Retrieves a list of names.
-     *
+     * 
      * @return a list of names
      */
     public Enumeration getNames() {
         Vector v = new Vector();
-        int size = mPairs.size(); 
+        int size = mPairs.size();
 
-        for (int i = 0; i < size; i++) { 
+        for (int i = 0; i < size; i++) {
             NameValuePair p = (NameValuePair) mPairs.elementAt(i);
 
             v.addElement(p.getName());
         }
-        //System.out.println("getNames: "+v.size());
+        // System.out.println("getNames: "+v.size());
         return v.elements();
     }
-	
+
     /**
-     * Show the content of this name value container as
-     * string representation.
-     *
+     * Show the content of this name value container as string representation.
+     * 
      * @return string representation
      */
     public String toString() {
@@ -155,7 +149,7 @@ public class NameValuePairs {
 
     /**
      * Parses a string into name value pairs.
-     *
+     * 
      * @param s string
      * @param nvp name value pairs
      * @return true if successful
@@ -174,16 +168,16 @@ public class NameValuePairs {
             String v = t.substring(i + 1);
 
             nvp.add(n, v);
-        }	
+        }
         return true;
     }
 
     /**
      * Returns a list of name value pair object.
-     *
+     * 
      * @return name value objects
      */
     public Enumeration elements() {
         return mPairs.elements();
     }
-}    
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/common/OpDef.java b/pki/base/common/src/com/netscape/certsrv/common/OpDef.java
index 9cfcab4a2..6b6b3a1b6 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/OpDef.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/OpDef.java
@@ -17,12 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface defines all the administration operations
- * used in the administration protocol between the console
- * and the server.
- *
+ * This interface defines all the administration operations used in the
+ * administration protocol between the console and the server.
+ * 
  * @version $Revision$, $Date$
  */
 public interface OpDef {
diff --git a/pki/base/common/src/com/netscape/certsrv/common/PrefixDef.java b/pki/base/common/src/com/netscape/certsrv/common/PrefixDef.java
index 11a58c5d2..405544ab9 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/PrefixDef.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/PrefixDef.java
@@ -17,25 +17,23 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface defines all the prefix tags
- * used in the administration protocol between
- * the console and the server.
- *
+ * This interface defines all the prefix tags used in the administration
+ * protocol between the console and the server.
+ * 
  * @version $Revision$, $Date$
  */
 public interface PrefixDef {
 
-    //user and group
+    // user and group
     public final static String PX_GROUP = "group";
     public final static String PX_USER = "user";
     public final static String PX_CERT = "cert";
     public final static String PX_SYS = "SYS_";
     public final static String PX_DEF = "DEF_";
     public final static String PX_PP = "CERT_PP";
-    
-    //log content
+
+    // log content
     public final static String PX_LOG = "log";
-    
+
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/common/ScopeDef.java b/pki/base/common/src/com/netscape/certsrv/common/ScopeDef.java
index 0be3fdf0a..0c8053d08 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/ScopeDef.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/ScopeDef.java
@@ -17,12 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface defines all the operation scope
- * used in the administration protocol between the
- * console and the server.
- *
+ * This interface defines all the operation scope used in the administration
+ * protocol between the console and the server.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ScopeDef {
@@ -31,7 +29,7 @@ public interface ScopeDef {
     public final static String SC_GROUPS = "groups";
     public final static String SC_USERS = "users";
     public final static String SC_USER_CERTS = "certs";
-    
+
     public final static String SC_SNMP = "snmp";
     public final static String SC_SMTP = "smtp";
     public final static String SC_SUBSYSTEM = "subsystem";
@@ -39,12 +37,12 @@ public interface ScopeDef {
     public final static String SC_GATEWAY = "gateway";
     public final static String SC_ADMIN = "admin";
     public final static String SC_NETWORK = "network";
-    
+
     // profile
     public final static String SC_PROFILE_IMPLS = "profile";
     public final static String SC_PROFILE_RULES = "rules";
     public final static String SC_PROFILE_DEFAULT_POLICY = "defaultPolicy";
-    public final static String SC_PROFILE_CONSTRAINT_POLICY = "constraintPolicy"; 
+    public final static String SC_PROFILE_CONSTRAINT_POLICY = "constraintPolicy";
     public final static String SC_PROFILE_POLICIES = "policies";
     public final static String SC_PROFILE_POLICY_CONFIG = "config";
     public final static String SC_PROFILE_INPUT = "profileInput";
@@ -83,9 +81,9 @@ public interface ScopeDef {
     public final static String SC_LOG_CONTENT = "log_content";
     public final static String SC_AUDITLOG_CONTENT = "transactionsLog_content";
     public final static String SC_ERRORLOG_CONTENT = "errorLog_content";
-    public final static String SC_SYSTEMLOG_CONTENT = "systemLog_content";    
+    public final static String SC_SYSTEMLOG_CONTENT = "systemLog_content";
 
-    //LDAP publishing
+    // LDAP publishing
     public final static String SC_LDAP = "ldap";
     public final static String SC_CRL = "crl";
     public final static String SC_USERCERT = "userCert";
@@ -109,9 +107,9 @@ public interface ScopeDef {
     public final static String SC_RECOVERY = "recovery";
     public final static String SC_AGENT_PWD = "agentPwd";
     public final static String SC_MNSCHEME = "mnScheme";
-    
-    //stat
-    public final static String  SC_STAT = "stat";
+
+    // stat
+    public final static String SC_STAT = "stat";
 
     // RA
     public final static String SC_GENERAL = "general";
@@ -119,27 +117,27 @@ public interface ScopeDef {
     public final static String SC_PKIGW = "pkigw";
     public final static String SC_SERVLET = "servlet";
     public final static String SC_CONNECTOR = "connector";
-    
-    //tasks
+
+    // tasks
     public final static String SC_TASKS = "tasks";
-    
-    //authentication
+
+    // authentication
     public final static String SC_AUTH = "auths";
     public final static String SC_AUTHTYPE = "authType";
     public final static String SC_AUTH_IMPLS = "impl";
     public final static String SC_AUTH_MGR_INSTANCE = "instance";
 
-    //jobs scheduler
+    // jobs scheduler
     public final static String SC_JOBS = "jobScheduler";
     public final static String SC_JOBS_IMPLS = "impl";
     public final static String SC_JOBS_INSTANCE = "job";
     public final static String SC_JOBS_RULES = "rules";
 
-    //notification
+    // notification
     public final static String SC_NOTIFICATION_REQ_COMP = "notificationREQC";
     public final static String SC_NOTIFICATION_REV_COMP = "notificationREVC";
     public final static String SC_NOTIFICATION_RIQ = "notificationRIQ";
-    
+
     // acl
     public final static String SC_ACL_IMPLS = "impl";
     public final static String SC_ACL = "acls";
@@ -181,7 +179,7 @@ public interface ScopeDef {
     public final static String SC_PLATFORM = "platform";
 
     public final static String SC_GET_NICKNAMES = "getNicknames";
- 
+
     // Profile
     public final static String SC_SUPPORTED_CONSTRAINTPOLICIES = "supportedConstraintPolicies";
 
diff --git a/pki/base/common/src/com/netscape/certsrv/common/TaskId.java b/pki/base/common/src/com/netscape/certsrv/common/TaskId.java
index 458822ff5..1f5c52133 100644
--- a/pki/base/common/src/com/netscape/certsrv/common/TaskId.java
+++ b/pki/base/common/src/com/netscape/certsrv/common/TaskId.java
@@ -17,13 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.common;
 
-
 /**
- * This interface defines all the tasks used in
- * the configuration protocol between the
- * configuration wizard and the configuration
- * daemon.
- *
+ * This interface defines all the tasks used in the configuration protocol
+ * between the configuration wizard and the configuration daemon.
+ * 
  * @version $Revision$, $Date$
  */
 public interface TaskId {
@@ -66,7 +63,7 @@ public interface TaskId {
 
     // get information about all cryptotokens
     public final static String TASK_TOKEN_INFO = "tokenInfo";
-    
+
     // server get master or clone setting
     public final static String TASK_MASTER_OR_CLONE = "SetMasterOrClone";
     // single signon
@@ -100,17 +97,18 @@ public interface TaskId {
     // set CA starting serial number
     public final static String TASK_SET_CA_SERIAL = "setCASerial";
 
-     // set CA starting serial number
+    // set CA starting serial number
     public final static String TASK_SET_KRA_NUMBER = "setKRANumber";
 
-   // check key length
+    // check key length
     public final static String TASK_CHECK_KEYLENGTH = "checkKeyLength";
 
     // check certificate extension
     public final static String TASK_CHECK_EXTENSION = "checkExtension";
 
-    // check validity period: make sure the notAfterDate of the certificate 
-    // will not go beyond the notAfterDate of the CA cert which signs the certificate.
+    // check validity period: make sure the notAfterDate of the certificate
+    // will not go beyond the notAfterDate of the CA cert which signs the
+    // certificate.
     public final static String TASK_VALIDITY_PERIOD = "checkValidityPeriod";
 
     public final static String TASK_CLONING = "taskCloning";
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java b/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java
index 6dcca9d2a..d14d948ef 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java
@@ -17,20 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * This interface represents a connector that forwards
- * CMS requests to a remote authority.
- *
- * To register a connector, one can add the following
- * to the CMS.cfg:
- *
+ * This interface represents a connector that forwards CMS requests to a remote
+ * authority.
+ * 
+ * To register a connector, one can add the following to the CMS.cfg:
+ * 
  * <pre>
- *
+ * 
  *  Example for KRA type connector.
  * ca.connector.KRA.enable=true
  * ca.connector.KRA.host=thehost.netscape.com        #Remote host.
@@ -39,21 +36,21 @@ import com.netscape.certsrv.request.IRequest;
  * ca.connector.KRA.uri="/kra/connector"             #Uri of the KRA server.
  * ca.connector.KRA.id="kra"
  * ca.connector.KRA.minHttpConns=1                   #Min connection pool connections. 
- * ca.connector.KRA.maxHttpConns=10                  #Max connection pool connections. 
+ * ca.connector.KRA.maxHttpConns=10                  #Max connection pool connections.
  * </pre>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IConnector {
 
     /**
      * Sends the request to a remote authority.
+     * 
      * @param req Request to be forwarded to remote authority.
      * @return true for success, otherwise false.
-     * @exception EBaseException Failure to send request to remote authority. 
+     * @exception EBaseException Failure to send request to remote authority.
      */
-    public boolean send(IRequest req)
-        throws EBaseException;
+    public boolean send(IRequest req) throws EBaseException;
 
     /**
      * Starts this connector.
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
index c53c6f09d..154d1e959 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
@@ -17,35 +17,32 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
 /**
- * Maintains a pool of connections to to a Remote Authority.
- * Utilized by the IHttpConnector interface.
- * Multiple threads use this interface to utilize and release
- * the Ldap connection resources. This factory will maintain a
- * list of Http type connections to the remote host.
- *
+ * Maintains a pool of connections to to a Remote Authority. Utilized by the
+ * IHttpConnector interface. Multiple threads use this interface to utilize and
+ * release the Ldap connection resources. This factory will maintain a list of
+ * Http type connections to the remote host.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IHttpConnFactory {
 
-
     /**
      * Request access to a Ldap connection from the pool.
+     * 
      * @exception EBaseException if any error occurs, such as a
-     * @return Ldap connection object.
-     * connection is not available
+     * @return Ldap connection object. connection is not available
      */
-    public IHttpConnection getConn()
-        throws EBaseException;
+    public IHttpConnection getConn() throws EBaseException;
 
     /**
      * Return connection to the factory. mandatory after a getConn().
-     * @param conn Ldap connection object to be returned to the free list of the pool.
+     * 
+     * @param conn Ldap connection object to be returned to the free list of the
+     *            pool.
      * @exception EBaseException On any failure to return the connection.
      */
-    public void returnConn(IHttpConnection conn)
-        throws EBaseException;
+    public void returnConn(IHttpConnection conn) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
index 6ee57059c..97c37fa3d 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
@@ -17,26 +17,23 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * This represents a HTTP connection to a remote authority.
- * Http connection is used by the connector to send
- * PKI messages to a remote authority. The remote authority
- * will reply with a PKI message as well. An example would
- * be the communication between a CA and a KRA.
- *
+ * This represents a HTTP connection to a remote authority. Http connection is
+ * used by the connector to send PKI messages to a remote authority. The remote
+ * authority will reply with a PKI message as well. An example would be the
+ * communication between a CA and a KRA.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IHttpConnection {
 
     /**
      * Sends the PKI message to the remote authority.
+     * 
      * @param tomsg Message to forward to authority.
      * @exception EBaseException Failed to send message.
      */
-    public IPKIMessage send(IPKIMessage tomsg) 
-        throws EBaseException;
+    public IPKIMessage send(IPKIMessage tomsg) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java b/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
index 5cb53e255..a6c47a86b 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
@@ -17,39 +17,40 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * This represents a  Http PKI message. It contains 
- * simple name/value pair values.  Also maintains information
- * about the status and type of the message.
- *
+ * This represents a Http PKI message. It contains simple name/value pair
+ * values. Also maintains information about the status and type of the message.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IHttpPKIMessage extends IPKIMessage {
 
     /**
      * Retrieves the request type.
+     * 
      * @return String with the type of request.
      */
     public String getReqType();
 
     /**
      * Retrieves the request identifier.
+     * 
      * @return String of name of request.
      */
     public String getReqId();
 
     /**
      * Copies contents of request to make a simple name/value message.
+     * 
      * @param r Instance of IRequest to be copied from.
      */
     public void fromRequest(IRequest r);
 
     /**
      * Copies contents to request.
+     * 
      * @param r Instance of IRequest to be copied to.
      */
     public void toRequest(IRequest r);
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java b/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
index 57ce9700f..50b447a2c 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
@@ -17,53 +17,52 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import java.io.Serializable;
 
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * Messages that are serialized and go over the wire.
- * It must be serializable, and
- * later will be inherited by CRMF message. 
- *
+ * Messages that are serialized and go over the wire. It must be serializable,
+ * and later will be inherited by CRMF message.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPKIMessage extends Serializable {
 
     /**
-    *
-    * Returns status of request.
-    * @return String of request status.
-    */
+     * 
+     * Returns status of request.
+     * 
+     * @return String of request status.
+     */
     public String getReqStatus();
 
     /**
      * Retrieves the request type.
+     * 
      * @return String of type of request.
      */
     public String getReqType();
 
-   
     /**
      * Retrieves the request identifer.
+     * 
      * @return String of name of request.
      */
     public String getReqId();
 
     /**
-     * Makes a PKIMessage from a request
-     * PKIMessage will be sent to wire.
+     * Makes a PKIMessage from a request PKIMessage will be sent to wire.
+     * 
      * @param r Request to copy from.
      */
     public void fromRequest(IRequest r);
 
     /**
-     * Copies contents of PKIMessage to the request
-     * PKIMessage is from the wire.
+     * Copies contents of PKIMessage to the request PKIMessage is from the wire.
+     * 
      * @param r Request to copy to.
      */
     public void toRequest(IRequest r);
-	
+
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java b/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
index a97936aaa..8353ef271 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
@@ -17,38 +17,38 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
-
-
 /**
- * This represents a remote authority that can be
- * a certificate manager, or key recovery manager or
- * some other manager.
- *
+ * This represents a remote authority that can be a certificate manager, or key
+ * recovery manager or some other manager.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRemoteAuthority {
 
     /**
      * Retrieves the host name of the remote Authority.
+     * 
      * @return String with the name of host of remote Authority.
      */
     public String getHost();
 
     /**
      * Retrieves the port number of the remote Authority.
+     * 
      * @return Int with port number of remote Authority.
      */
     public int getPort();
 
     /**
      * Retrieves the URI of the remote Authority.
+     * 
      * @return String with URI of remote Authority.
      */
     public String getURI();
 
     /**
      * Retrieves the timeout value for the connection to the remote Authority.
+     * 
      * @return In with remote Authority timeout value.
      */
     public int getTimeout();
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java b/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
index 7838aa5eb..f91d5eee8 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
@@ -17,34 +17,30 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import java.io.IOException;
 
-
 /**
- * This represents a rquest encoder that serializes and
- * deserializes a request to a Remote Authority so that it can be sent through
- * the connector.
- *
+ * This represents a rquest encoder that serializes and deserializes a request
+ * to a Remote Authority so that it can be sent through the connector.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequestEncoder {
 
     /**
      * Encodes a request object.
+     * 
      * @param r Object to serve as the source of the message.
      * @return String containing encoded message.
      * @exception IOException Failure of the encoding operation due to IO error.
      */
-    String encode(Object r)
-        throws IOException;
+    String encode(Object r) throws IOException;
 
     /**
-     * Dncodes a String into an  object.
+     * Dncodes a String into an object.
+     * 
      * @return Object which is the result of the decoded message.
      * @exception IOException Failure of the decoding operation due to IO error.
      */
-    Object decode(String s)
-        throws IOException;
+    Object decode(String s) throws IOException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IResender.java b/pki/base/common/src/com/netscape/certsrv/connector/IResender.java
index 3574c3a5b..fad3c2a83 100644
--- a/pki/base/common/src/com/netscape/certsrv/connector/IResender.java
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IResender.java
@@ -17,25 +17,22 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.connector;
 
-
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * Resend requests at intervals to the server to ensure completion of requests. 
- * Default interval is 5 minutes.  The need to resend a message could arise
- * due to an error or the fact that the message could not be serviced
- * immediately.
- *
+ * Resend requests at intervals to the server to ensure completion of requests.
+ * Default interval is 5 minutes. The need to resend a message could arise due
+ * to an error or the fact that the message could not be serviced immediately.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IResender extends Runnable {
 
     /**
      * Adds the request to the resend queue.
+     * 
      * @param r Request to be placed on the resend queue.
      */
     public void addRequest(IRequest r);
-	
-}
 
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/DBResources.java b/pki/base/common/src/com/netscape/certsrv/dbs/DBResources.java
index 4bfb14fb0..a2201b8e6 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/DBResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/DBResources.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A class represents a resource bundle for DBS subsystem.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class DBResources extends ListResourceBundle {
@@ -38,4 +36,3 @@ public class DBResources extends ListResourceBundle {
 
     static final Object[][] contents = {};
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/EDBException.java b/pki/base/common/src/com/netscape/certsrv/dbs/EDBException.java
index 14f653d67..77508dca4 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/EDBException.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/EDBException.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a database exception.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EDBException extends EBaseException {
@@ -36,12 +34,12 @@ public class EDBException extends EBaseException {
     /**
      * Resource class name.
      */
-    private static final String DB_RESOURCES = DBResources.class.getName();		
+    private static final String DB_RESOURCES = DBResources.class.getName();
 
     /**
      * Constructs a database exception.
      * <P>
-     *
+     * 
      * @param msgFormat message format
      */
     public EDBException(String msgFormat) {
@@ -51,7 +49,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * <P>
-     *
+     * 
      * @param msgFormat message format
      * @param param parameter
      */
@@ -62,7 +60,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * <P>
-     *
+     * 
      * @param msgFormat message format
      * @param e exception as parameter
      */
@@ -73,7 +71,7 @@ public class EDBException extends EBaseException {
     /**
      * Constructs a database exception.
      * <P>
-     *
+     * 
      * @param msgFormat message format
      * @param params list of parameters
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java b/pki/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
index 170a8ee84..6afb2dcc3 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 /**
  * Indicates internal db is down.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EDBNotAvailException extends EDBException {
@@ -32,7 +31,7 @@ public class EDBNotAvailException extends EDBException {
 
     /**
      * Constructs a ldap server down exception with host & port info.
-     *
+     * 
      * @param errorString Detailed error message.
      */
     public EDBNotAvailException(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java b/pki/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java
index 1640fc783..dd3880c12 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/EDBRecordNotFoundException.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 /**
  * Indicates internal db is down.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EDBRecordNotFoundException extends EDBException {
@@ -32,7 +31,7 @@ public class EDBRecordNotFoundException extends EDBException {
 
     /**
      * Constructs a ldap server down exception with host & port info.
-     *
+     * 
      * @param errorString Detailed error message.
      */
     public EDBRecordNotFoundException(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java
index 7d851b747..3aba3f477 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBAttrMapper.java
@@ -17,66 +17,60 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import java.util.Enumeration;
 
 import netscape.ldap.LDAPAttributeSet;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * An interface represents an attribute mapper. A mapper
- * has knowledge on how to convert a db attribute into
- * zero or more LDAP attribute, and vice versa.
+ * An interface represents an attribute mapper. A mapper has knowledge on how to
+ * convert a db attribute into zero or more LDAP attribute, and vice versa.
  * <P>
- *
- * @version $Revision$, $Date$ 
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IDBAttrMapper {
 
     /**
-     * Retrieves a list of LDAP attributes that are used
-     * in the mapper. By having this, the framework can
-     * provide search on selective attributes.
-     *
+     * Retrieves a list of LDAP attributes that are used in the mapper. By
+     * having this, the framework can provide search on selective attributes.
+     * 
      * @return a list of supported attribute names
      */
     public Enumeration getSupportedLDAPAttributeNames();
 
     /**
      * Maps object attribute into LDAP attributes.
-     *
+     * 
      * @param parent parent object where the object comes from
      * @param name name of db attribute
      * @param obj object itself
      * @param attrs LDAP attribute set where the result should be stored
      * @exception EBaseException failed to map object
      */
-    public void mapObjectToLDAPAttributeSet(IDBObj parent, 
-        String name, Object obj, LDAPAttributeSet attrs) 
-        throws EBaseException;
+    public void mapObjectToLDAPAttributeSet(IDBObj parent, String name,
+            Object obj, LDAPAttributeSet attrs) throws EBaseException;
 
     /**
-     * Maps LDAP attributes into object, and puts the object 
-     * into 'parent'.
-     *
+     * Maps LDAP attributes into object, and puts the object into 'parent'.
+     * 
      * @param attrs LDAP attribute set
      * @param name name of db attribute to be processed
      * @param parent parent object where the object should be added
      * @exception EBaseException failed to map object
      */
-    public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, 
-        String name, IDBObj parent) throws EBaseException;
+    public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs,
+            String name, IDBObj parent) throws EBaseException;
 
     /**
      * Maps search filters into LDAP search filter.
-     *
+     * 
      * @param name name of db attribute
      * @param op filte operation (i.e. "=", ">=")
      * @param value attribute value
      * @exception EBaseException failed to map filter
      */
-    public String mapSearchFilter(String name, String op, 
-        String value) throws EBaseException;
+    public String mapSearchFilter(String name, String op, String value)
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java
index c1c8c3b39..c564506ce 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBDynAttrMapper.java
@@ -1,20 +1,18 @@
 package com.netscape.certsrv.dbs;
 
 /**
- * An interface representing a dynamic attribute mapper.
- * A dynamic mapper has knowledge on how to convert a set of dynamically
- * assigned db attribute into zero or more dynamically assigned LDAP
- * attributes, and vice versa.
+ * An interface representing a dynamic attribute mapper. A dynamic mapper has
+ * knowledge on how to convert a set of dynamically assigned db attribute into
+ * zero or more dynamically assigned LDAP attributes, and vice versa.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IDBDynAttrMapper extends IDBAttrMapper {
 
     /**
-     * Returns true if the LDAP attribute can be mapped by this
-     * dynamic mapper.
-     *
+     * Returns true if the LDAP attribute can be mapped by this dynamic mapper.
+     * 
      * @param attrName LDAP attribute name to check
      * @return a list of supported attribute names
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBObj.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBObj.java
index 4be6c3409..85c8e7371 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBObj.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBObj.java
@@ -17,27 +17,22 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
- * An interface represents a database object
- * that is serializable.
- *
- * @version $Revision$, $Date$ 
+ * An interface represents a database object that is serializable.
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IDBObj extends IAttrSet {
 
     /**
-     * Returns a list of serializable attribute 
-     * names. This method should return the
-     * attribute name even if there is no attribute
-     * value for the attribute.
-     *
+     * Returns a list of serializable attribute names. This method should return
+     * the attribute name even if there is no attribute value for the attribute.
+     * 
      * @return a list of serializable attribute names
      */
-    public Enumeration getSerializableAttrNames(); 
+    public Enumeration getSerializableAttrNames();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java
index 4270c9ced..fd6096b72 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBRegistry.java
@@ -17,42 +17,37 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import netscape.ldap.LDAPAttributeSet;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
- 
 
 /**
- * A class represents a registry where all the
- * schema (object classes and attribute) information 
- * is stored.
- *
- * Attribute mappers can be registered with this
- * registry.
- *
- * Given the schema information stored, this registry
- * has knowledge to convert a Java object into a
- * LDAPAttributeSet or vice versa.
- *
- * @version $Revision$, $Date$ 
+ * A class represents a registry where all the schema (object classes and
+ * attribute) information is stored.
+ * 
+ * Attribute mappers can be registered with this registry.
+ * 
+ * Given the schema information stored, this registry has knowledge to convert a
+ * Java object into a LDAPAttributeSet or vice versa.
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IDBRegistry extends ISubsystem {
 
     /**
      * Registers object class.
-     *
+     * 
      * @param className java class to create for the object classes
      * @param ldapNames a list of LDAP object classes
      * @exception EDBException failed to register
      */
     public void registerObjectClass(String className, String ldapNames[])
-        throws EDBException;
+            throws EDBException;
 
     /**
      * See if an object class is registered.
-     *
+     * 
      * @param className java class to create
      * @return true if object class is registered already
      */
@@ -60,17 +55,17 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Registers attribute mapper.
-     *
+     * 
      * @param ufName LDAP attribute name
      * @param mapper mapper to invoke for the attribute
      * @exception EDBException failed to register
      */
-    public void registerAttribute(String ufName, IDBAttrMapper mapper) 
-        throws EDBException;
+    public void registerAttribute(String ufName, IDBAttrMapper mapper)
+            throws EDBException;
 
     /**
      * See if an attribute is registered.
-     *
+     * 
      * @param ufName attribute name
      * @return true if attribute is registered already
      */
@@ -78,14 +73,15 @@ public interface IDBRegistry extends ISubsystem {
 
     /**
      * Registers a dynamic attribute mapper.
+     * 
      * @param mapper The dynamic mapper to register
      */
     public void registerDynamicMapper(IDBDynAttrMapper mapper);
 
     /**
-     * Creates LDAP-based search filters with help of
-     * registered mappers.
-     * Parses filter from filter string specified in RFC1558.
+     * Creates LDAP-based search filters with help of registered mappers. Parses
+     * filter from filter string specified in RFC1558.
+     * 
      * <pre>
      * <filter> ::= '(' <filtercomp> ')'
      * <filtercomp> ::= <and> | <or> | <not> | <item>
@@ -107,7 +103,7 @@ public interface IDBRegistry extends ISubsystem {
      * <starval> ::= NULL | <value> '*' <starval>
      * <final> ::= NULL | <value>
      * </pre>
-     *
+     * 
      * @param filter CMS-based filter
      * @return LDAP-based filter string
      * @exception EBaseException failed to convert filter
@@ -115,57 +111,54 @@ public interface IDBRegistry extends ISubsystem {
     public String getFilter(String filter) throws EBaseException;
 
     /**
-     * Creates LDAP-based search filters with help of
-     * registered mappers.
-     *
+     * Creates LDAP-based search filters with help of registered mappers.
+     * 
      * @param filter CMS-based filter
      * @param c filter converter
      * @return LDAP-based filter string
      * @exception EBaseException failed to convert filter
      */
-    public String getFilter(String filter, IFilterConverter c) 
-        throws EBaseException;
+    public String getFilter(String filter, IFilterConverter c)
+            throws EBaseException;
 
     /**
      * Maps object into LDAP attribute set.
-     *
+     * 
      * @param parent object's parent
      * @param name name of the object
      * @param obj object to be mapped
      * @param attrs LDAP attribute set
      * @exception EBaseException failed to map object
      */
-    public void mapObject(IDBObj parent, String name, Object obj, 
-        LDAPAttributeSet attrs) throws EBaseException;
+    public void mapObject(IDBObj parent, String name, Object obj,
+            LDAPAttributeSet attrs) throws EBaseException;
 
     /**
-     * Retrieves a list of LDAP attributes that are associated
-     * with the given attributes.
-     *
+     * Retrieves a list of LDAP attributes that are associated with the given
+     * attributes.
+     * 
      * @param attrs attributes
      * @return LDAP-based attributes
      * @exception EBaseException failed to map attributes
      */
-    public String[] getLDAPAttributes(String attrs[]) 
-        throws EBaseException;
+    public String[] getLDAPAttributes(String attrs[]) throws EBaseException;
 
     /**
      * Creates attribute set from object.
-     *
+     * 
      * @param obj database object
      * @return LDAP attribute set
      * @exception EBaseException failed to create set
      */
-    public LDAPAttributeSet createLDAPAttributeSet(IDBObj obj) 
-        throws EBaseException;
+    public LDAPAttributeSet createLDAPAttributeSet(IDBObj obj)
+            throws EBaseException;
 
     /**
      * Creates object from attribute set.
-     *
+     * 
      * @param attrs LDAP attribute set
      * @return database object
      * @exception EBaseException failed to create object
      */
-    public IDBObj createObject(LDAPAttributeSet attrs)
-        throws EBaseException;
+    public IDBObj createObject(LDAPAttributeSet attrs) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
index 34df47c97..298c28119 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
@@ -17,45 +17,42 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import netscape.ldap.LDAPSearchResults;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * An interface represents the database session. Operations
- * can be performed with a session.
- *
- * Transaction and Caching support can be integrated 
- * into session.
- *
- * @version $Revision$, $Date$ 
+ * An interface represents the database session. Operations can be performed
+ * with a session.
+ * 
+ * Transaction and Caching support can be integrated into session.
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IDBSSession {
 
     /**
      * Returns database subsystem.
-     *
+     * 
      * @return subsystem
      */
     public ISubsystem getDBSubsystem();
 
     /**
      * Closes this session.
-     *
+     * 
      * @exception EDBException failed to close session
      */
     public void close() throws EDBException;
 
     /**
      * Adds object to backend database. For example,
+     * 
      * <PRE>
-     *    session.add("cn=123459,o=certificate repository,o=airius.com", 
-     * 			certRec);
+     * session.add(&quot;cn=123459,o=certificate repository,o=airius.com&quot;, certRec);
      * </PRE>
-     *
+     * 
      * @param name name of the object
      * @param obj object to be added
      * @exception EDBException failed to add object
@@ -64,7 +61,7 @@ public interface IDBSSession {
 
     /**
      * Reads an object from the database.
-     *
+     * 
      * @param name name of the object that is to be read
      * @return database object
      * @exception EBaseException failed to read object
@@ -72,20 +69,19 @@ public interface IDBSSession {
     public IDBObj read(String name) throws EBaseException;
 
     /**
-     * Reads an object from the database, and only populates
-     * the selected attributes.
-     *
+     * Reads an object from the database, and only populates the selected
+     * attributes.
+     * 
      * @param name name of the object that is to be read
      * @param attrs selected attributes
      * @return database object
      * @exception EBaseException failed to read object
      */
-    public IDBObj read(String name, String attrs[]) 
-        throws EBaseException;
+    public IDBObj read(String name, String attrs[]) throws EBaseException;
 
     /**
      * Deletes object from database.
-     *
+     * 
      * @param name name of the object that is to be deleted
      * @exception EBaseException failed to delete object
      */
@@ -93,43 +89,39 @@ public interface IDBSSession {
 
     /**
      * Modify an object in the database.
-     *
+     * 
      * @param name name of the object that is to be modified
      * @param mods modifications
      * @exception EBaseException failed to modify
      */
-    public void modify(String name, ModificationSet mods) 
-        throws EBaseException;
+    public void modify(String name, ModificationSet mods) throws EBaseException;
 
     /**
-     * Searchs for a list of objects that match the 
-     * filter.
-     *
+     * Searchs for a list of objects that match the filter.
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @return search results
      * @exception EBaseException failed to search
      */
-    public IDBSearchResults search(String base, String filter) 
-        throws EBaseException;
+    public IDBSearchResults search(String base, String filter)
+            throws EBaseException;
 
     /**
-     * Searchs for a list of objects that match the 
-     * filter.
-     *
+     * Searchs for a list of objects that match the filter.
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param maxSize max number of entries
      * @return search results
      * @exception EBaseException failed to search
      */
-    public IDBSearchResults search(String base, String filter, int maxSize) 
-        throws EBaseException;
+    public IDBSearchResults search(String base, String filter, int maxSize)
+            throws EBaseException;
 
     /**
-     * Searchs for a list of objects that match the 
-     * filter.
-     *
+     * Searchs for a list of objects that match the filter.
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param maxSize max number of entries
@@ -137,38 +129,36 @@ public interface IDBSSession {
      * @return search results
      * @exception EBaseException failed to search
      */
-    public IDBSearchResults search(String base, String filter, int maxSize, 
-        int timeLimit) throws EBaseException;
+    public IDBSearchResults search(String base, String filter, int maxSize,
+            int timeLimit) throws EBaseException;
 
     /**
-     * Retrieves a list of object that satifies the given 
-     * filter.
-     *
+     * Retrieves a list of object that satifies the given filter.
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
      * @return search results
      * @exception EBaseException failed to search
      */
-    public IDBSearchResults search(String base, String filter, 
-        String attrs[]) throws EBaseException;
+    public IDBSearchResults search(String base, String filter, String attrs[])
+            throws EBaseException;
 
     /**
      * Retrieves a list of objects.
-     *
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
      * @return search results in virtual list
      * @exception EBaseException failed to search
      */
-    public IDBVirtualList createVirtualList(String base, String filter, 
-        String attrs[]) throws EBaseException;
+    public IDBVirtualList createVirtualList(String base, String filter,
+            String attrs[]) throws EBaseException;
 
     /**
-     * Sets persistent search to retrieve modified
-     * certificate records.
-     *
+     * Sets persistent search to retrieve modified certificate records.
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -176,11 +166,11 @@ public interface IDBSSession {
      * @exception EBaseException failed to search
      */
     public LDAPSearchResults persistentSearch(String base, String filter,
-        String attrs[]) throws EBaseException;
+            String attrs[]) throws EBaseException;
 
     /**
      * Retrieves a list of objects.
-     *
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -189,13 +179,12 @@ public interface IDBSSession {
      * @return search results in virtual list
      * @exception EBaseException failed to search
      */
-    public IDBVirtualList createVirtualList(String base, String filter, 
-        String attrs[], String sortKey, int pageSize) 
-        throws EBaseException;
+    public IDBVirtualList createVirtualList(String base, String filter,
+            String attrs[], String sortKey, int pageSize) throws EBaseException;
 
     /**
      * Retrieves a list of objects.
-     *
+     * 
      * @param base starting point of the search
      * @param filter search filter
      * @param attrs selected attributes
@@ -205,8 +194,7 @@ public interface IDBSSession {
      * @return search results in virtual list
      * @exception EBaseException failed to search
      */
-    public IDBVirtualList createVirtualList(String base, String filter, 
-        String attrs[], String startFrom, 
-        String sortKey, int pageSize) 
-        throws EBaseException;
+    public IDBVirtualList createVirtualList(String base, String filter,
+            String attrs[], String startFrom, String sortKey, int pageSize)
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java
index ab90866b1..78e980f0e 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBSearchResults.java
@@ -17,29 +17,26 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import java.util.Enumeration;
- 
 
 /**
- * A class represents the search results. A search
- * results object contain a enumeration of
- * Java objects that are just read from the database.
- *
- * @version $Revision$, $Date$ 
+ * A class represents the search results. A search results object contain a
+ * enumeration of Java objects that are just read from the database.
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IDBSearchResults extends Enumeration {
 
     /**
      * Checks if any element is available.
-     *
+     * 
      * @return true if there is more elements
      */
     public boolean hasMoreElements();
 
     /**
      * Retrieves next element.
-     *
+     * 
      * @return next element
      */
     public Object nextElement();
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java
index 350a29c48..37eed352a 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import java.math.BigInteger;
 
 import netscape.ldap.LDAPConnection;
@@ -25,22 +24,19 @@ import netscape.ldap.LDAPConnection;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * An interface represents certificate server
- * backend database.
+ * An interface represents certificate server backend database.
  * <P>
- * This interface separate the database subsystem
- * functionalities from internal implementation.
+ * This interface separate the database subsystem functionalities from internal
+ * implementation.
  * <P>
- *
- * @version $Revision$, $Date$ 
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IDBSubsystem extends ISubsystem {
 
     public static final String SUB_ID = "dbs";
 
-
     // values for repos
     public static final int CERTS = 0;
     public static final int REQUESTS = 1;
@@ -49,21 +45,21 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Retrieves the base DN.
-     *
+     * 
      * @return base DN of the subsystem
      */
     public String getBaseDN();
 
     /**
      * Retrieves the registry.
-     *
+     * 
      * @return registry
      */
     public IDBRegistry getRegistry();
 
     /**
      * Creates a database session.
-     *
+     * 
      * @return database session
      * @exception EDBException failed to create session
      */
@@ -71,145 +67,148 @@ public interface IDBSubsystem extends ISubsystem {
 
     /**
      * Avoids losing serial number.
-     *
+     * 
      * @return true if serial number recovery option is enabled
      */
     public boolean enableSerialNumberRecovery();
 
     /**
      * Records next serial number in config file
-     *
+     * 
      * @param serial next serial number
-     * @exception EBaseException failed to set 
+     * @exception EBaseException failed to set
      */
     public void setNextSerialConfig(BigInteger serial) throws EBaseException;
 
     /**
      * Gets the next serial number in config file
-     *
+     * 
      * @return next serial number
      */
     public BigInteger getNextSerialConfig();
 
     /**
      * Records maximum serial number limit in config file
-     *
+     * 
      * @param serial max serial number
-     * @param repo   repo identifier 
-     * @exception EBaseException failed to set 
+     * @param repo repo identifier
+     * @exception EBaseException failed to set
      */
-    public void setMaxSerialConfig(int repo, String serial) throws EBaseException;
+    public void setMaxSerialConfig(int repo, String serial)
+            throws EBaseException;
 
     /**
      * Records minimum serial number limit in config file
-     *
+     * 
      * @param serial min serial number
-     * @param repo   repo identifier 
-     * @exception EBaseException failed to set 
+     * @param repo repo identifier
+     * @exception EBaseException failed to set
      */
-    public void setMinSerialConfig(int repo, String serial) throws EBaseException;
+    public void setMinSerialConfig(int repo, String serial)
+            throws EBaseException;
 
     /**
      * Records maximum serial number limit for the next range in config file
-     *
+     * 
      * @param serial max serial number
-     * @param repo   repo identifier 
-     * @exception EBaseException failed to set 
+     * @param repo repo identifier
+     * @exception EBaseException failed to set
      */
-    public void setNextMaxSerialConfig(int repo, String serial) throws EBaseException;
+    public void setNextMaxSerialConfig(int repo, String serial)
+            throws EBaseException;
 
     /**
      * Records minimum serial number limit for the next range in config file
-     *
+     * 
      * @param serial min serial number
-     * @param repo   repo identifier 
-     * @exception EBaseException failed to set 
+     * @param repo repo identifier
+     * @exception EBaseException failed to set
      */
-    public void setNextMinSerialConfig(int repo, String serial) throws EBaseException;
+    public void setNextMinSerialConfig(int repo, String serial)
+            throws EBaseException;
 
     /**
      * Gets minimum serial number limit in config file
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return min serial number
      */
     public String getMinSerialConfig(int repo);
 
     /**
      * Gets the maximum serial number limit in config file
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return max serial number
      */
     public String getMaxSerialConfig(int repo);
 
     /**
      * Gets the maximum serial number limit for next range in config file
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return max serial number
      */
     public String getNextMaxSerialConfig(int repo);
 
     /**
      * Gets minimum serial number limit for next range in config file
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return min serial number
      */
     public String getNextMinSerialConfig(int repo);
-    
+
     /**
      * Gets low water mark limit in config file
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return low water mark
      */
     public String getLowWaterMarkConfig(int repo);
- 
+
     /**
      * Gets range increment limit for next range in config file
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return range increment
      */
     public String getIncrementConfig(int repo);
-  
+
     /**
      * Gets number corresponding to start of next range from database
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return start of next range
      */
     public String getNextRange(int repo);
 
     /**
      * Determines if a range conflict has been observed in database
-     *
-     * @param repo   repo identifier 
+     * 
+     * @param repo repo identifier
      * @return true if range conflict, false otherwise
      */
     public boolean hasRangeConflict(int repo);
 
     /**
      * Determines if serial number management has been enabled
-     *
+     * 
      * @return true if enabled, false otherwise
      */
     public boolean getEnableSerialMgmt();
 
-   /**
-     * Sets whether serial number management is enabled for certs
-     * and requests. 
-     *
-     * @param value   true/false 
-     * @exception EBaseException failed to set 
+    /**
+     * Sets whether serial number management is enabled for certs and requests.
+     * 
+     * @param value true/false
+     * @exception EBaseException failed to set
      */
     public void setEnableSerialMgmt(boolean value) throws EBaseException;
 
     /**
      * Returns LDAP connection to connection pool.
-     *
+     * 
      * @param conn connection to be returned
      */
     public void returnConn(LDAPConnection conn);
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java b/pki/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java
index 8e627520c..a5041c2ff 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IDBVirtualList.java
@@ -17,24 +17,21 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * A interface represents a virtual list of search results.
- * Note that this class must be used with DS4.0.
- *
+ * A interface represents a virtual list of search results. Note that this class
+ * must be used with DS4.0.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IDBVirtualList {
 
     /**
-     * Sets the paging size of this virtual list.
-     * The page size here is just a buffer size. A buffer is kept around
-     * that is three times as large as the number of visible entries.
-     * That way, you can scroll up/down several items(up to a page-full)
-     * without refetching entries from the directory.
+     * Sets the paging size of this virtual list. The page size here is just a
+     * buffer size. A buffer is kept around that is three times as large as the
+     * number of visible entries. That way, you can scroll up/down several
+     * items(up to a page-full) without refetching entries from the directory.
      * 
      * @param size the page size
      */
@@ -42,7 +39,7 @@ public interface IDBVirtualList {
 
     /**
      * Sets the sort key
-     *
+     * 
      * @param sortKey the attribute to sort by
      * @exception EBaseException failed to set
      */
@@ -50,95 +47,93 @@ public interface IDBVirtualList {
 
     /**
      * Sets the sort key
-     *
+     * 
      * @param sortKeys the attributes to sort by
      * @exception EBaseException failed to set
      */
     public void setSortKey(String[] sortKeys) throws EBaseException;
 
     /**
-     * Retrieves the size of this virtual list.
-     * Recommend to call getSize() before getElementAt() or getElements() 
-     * since you'd better check if the index is out of bound first.
-     *
+     * Retrieves the size of this virtual list. Recommend to call getSize()
+     * before getElementAt() or getElements() since you'd better check if the
+     * index is out of bound first.
+     * 
      * @return current size in list
      */
     public int getSize();
 
     /**
      * Returns current index.
-     *
+     * 
      * @return current index
      */
 
     public int getSizeBeforeJumpTo();
+
     public int getSizeAfterJumpTo();
 
     public int getCurrentIndex();
 
-    /** 
-     * Get a page starting at "first" (although we may also fetch
-     * some preceding entries)
-     * Recommend to call getSize() before getElementAt() or getElements() 
-     * since you'd better check if the index is out of bound first.
-     *
+    /**
+     * Get a page starting at "first" (although we may also fetch some preceding
+     * entries) Recommend to call getSize() before getElementAt() or
+     * getElements() since you'd better check if the index is out of bound
+     * first.
+     * 
      * @param first the index of the first entry of the page you want to fetch
      */
     public boolean getPage(int first);
 
-    /** 
-     * Called by application to scroll the list with initial letters.
-     * Consider text to be an initial substring of the attribute of the
-     * primary sorting key(the first one specified in the sort key array)
-     * of an entry.
-     * If no entries match, the one just before(or after, if none before)
-     * will be returned as mSelectedIndex
-     *
+    /**
+     * Called by application to scroll the list with initial letters. Consider
+     * text to be an initial substring of the attribute of the primary sorting
+     * key(the first one specified in the sort key array) of an entry. If no
+     * entries match, the one just before(or after, if none before) will be
+     * returned as mSelectedIndex
+     * 
      * @param text the prefix of the first entry of the page you want to fetch
      */
     public boolean getPage(String text);
 
-    /** 
-     * Fetchs data of a single list item
-     * Recommend to call getSize() before getElementAt() or getElements() 
-     * since you'd better check if the index is out of bound first.
-     * If the index is out of range of the virtual list, an exception 
-     * will be thrown and return null
-     *
+    /**
+     * Fetchs data of a single list item Recommend to call getSize() before
+     * getElementAt() or getElements() since you'd better check if the index is
+     * out of bound first. If the index is out of range of the virtual list, an
+     * exception will be thrown and return null
+     * 
      * @param index the index of the element to fetch
      */
     public Object getElementAt(int index);
 
     /**
      * Retrieves and jumps to element in the given position.
-     *
+     * 
      * @param i position
      * @return object
      */
     public Object getJumpToElementAt(int i);
 
     /**
-     * Processes elements as soon as it arrives. It is
-     * more memory-efficient. 
-     *
+     * Processes elements as soon as it arrives. It is more memory-efficient.
+     * 
      * @param startidx starting index
      * @param endidx ending index
      * @param ep object to call
      * @exception EBaseException failed to process elements
      */
     public void processElements(int startidx, int endidx, IElementProcessor ep)
-        throws EBaseException;
+            throws EBaseException;
 
-    /** 
+    /**
      * Gets the virutal selected index
-     *
+     * 
      * @return selected index
      */
     public int getSelectedIndex();
 
-    /** 
+    /**
      * Gets the top of the buffer
-     *
+     * 
      * @return first index
      */
     public int getFirstIndex();
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java b/pki/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java
index 75702199e..648a13aef 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IElementProcessor.java
@@ -17,20 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * Processor handles object read from the session.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IElementProcessor {
 
     /**
      * Handles object
-     *
+     * 
      * @param o object to be processed
      * @exception EBaseException failed to process object
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java b/pki/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java
index 1a0783655..0cf293ce5 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/IFilterConverter.java
@@ -17,14 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
-
-
 /**
- * An interface represents a filter converter
- * that understands how to convert a attribute
- * type from one defintion to another.
- * For example, 
+ * An interface represents a filter converter that understands how to convert a
+ * attribute type from one defintion to another. For example,
+ * 
  * <PRE>
  * (1) database layer need to convert
  *     registered attribute type to ldap attribute
@@ -34,13 +30,13 @@ package com.netscape.certsrv.dbs;
  *     attribute type.
  * </PRE>
  * 
- * @version $Revision$, $Date$ 
+ * @version $Revision$, $Date$
  */
 public interface IFilterConverter {
 
     /**
      * Converts attribute into LDAP attribute.
-     *
+     * 
      * @param attr attribute name
      * @param op attribute operation
      * @param value attribute value
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/Modification.java b/pki/base/common/src/com/netscape/certsrv/dbs/Modification.java
index 9be75f0bb..004567114 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/Modification.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/Modification.java
@@ -17,14 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
-
-
 /**
- * A class represents a modification. This is used by the
- * database (dbs) framework for modification operations.
- * It specifices the modification type and values.
- *
+ * A class represents a modification. This is used by the database (dbs)
+ * framework for modification operations. It specifices the modification type
+ * and values.
+ * 
  * @version $Revision$, $Date$
  */
 public class Modification {
@@ -50,7 +47,7 @@ public class Modification {
 
     /**
      * Constructs a role modification.
-     *
+     * 
      * @param name attribute name
      * @param op attribute operation (i.e. MOD_ADD, MOD_DELETE, or MOD_REPLACE)
      * @param value attribute value
@@ -63,7 +60,7 @@ public class Modification {
 
     /**
      * Retrieves attribute name.
-     *
+     * 
      * @return attribute name
      */
     public String getName() {
@@ -72,7 +69,7 @@ public class Modification {
 
     /**
      * Retrieves modification operation type.
-     *
+     * 
      * @return modification type
      */
     public int getOp() {
@@ -81,7 +78,7 @@ public class Modification {
 
     /**
      * Retrieves attribute value.
-     *
+     * 
      * @return attribute value
      */
     public Object getValue() {
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java b/pki/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java
index 4a5592c0b..102d49edb 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/ModificationSet.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs;
 
-
 import java.util.Enumeration;
 import java.util.Vector;
 
-
 /**
- * A class represents a modification set. A modification
- * set contains zero or more modifications.
- *
+ * A class represents a modification set. A modification set contains zero or
+ * more modifications.
+ * 
  * @version $Revision$, $Date$
  */
 public class ModificationSet {
@@ -43,7 +41,7 @@ public class ModificationSet {
 
     /**
      * Adds modification to this set.
-     *
+     * 
      * @param name attribute name
      * @param op modification operation
      * @param value attribute value
@@ -54,7 +52,7 @@ public class ModificationSet {
 
     /**
      * Retrieves a list of modifications.
-     *
+     * 
      * @return a list of Modifications
      */
     public Enumeration getModifications() {
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java
index 681e586b6..4f00593da 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecord.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.certdb;
 
-
 import java.math.BigInteger;
 import java.util.Date;
 
@@ -26,10 +25,9 @@ import netscape.security.x509.X509CertImpl;
 import com.netscape.certsrv.base.MetaInfo;
 import com.netscape.certsrv.dbs.IDBObj;
 
-
 /**
  * An interface contains constants for certificate record.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICertRecord extends IDBObj {
@@ -71,108 +69,108 @@ public interface ICertRecord extends IDBObj {
     public final static String X509CERT_DURATION = "duration";
     public final static String X509CERT_EXTENSION = "extension";
     public final static String X509CERT_SUBJECT = "subject";
-    public final static String X509CERT_PUBLIC_KEY_DATA ="publicKeyData";
+    public final static String X509CERT_PUBLIC_KEY_DATA = "publicKeyData";
     public final static String X509CERT_VERSION = "version";
     public final static String X509CERT_ALGORITHM = "algorithm";
     public final static String X509CERT_SIGNING_ALGORITHM = "signingAlgorithm";
     public final static String X509CERT_SERIAL_NUMBER = "serialNumber";
 
     /* attribute type used the following with search filter */
-    public final static String ATTR_X509CERT_NOT_BEFORE = 
-        ATTR_X509CERT + "." + X509CERT_NOT_BEFORE;
-    public final static String ATTR_X509CERT_NOT_AFTER = 
-        ATTR_X509CERT + "." + X509CERT_NOT_AFTER;
-    public final static String ATTR_X509CERT_DURATION = 
-        ATTR_X509CERT + "." + X509CERT_DURATION;
-    public final static String ATTR_X509CERT_EXTENSION = 
-        ATTR_X509CERT + "." + X509CERT_EXTENSION;
-    public final static String ATTR_X509CERT_SUBJECT = 
-        ATTR_X509CERT + "." + X509CERT_SUBJECT;
-    public final static String ATTR_X509CERT_VERSION = 
-        ATTR_X509CERT + "." + X509CERT_VERSION;
-    public final static String ATTR_X509CERT_ALGORITHM = 
-        ATTR_X509CERT + "." + X509CERT_ALGORITHM;
-    public final static String ATTR_X509CERT_SIGNING_ALGORITHM = 
-        ATTR_X509CERT + "." + X509CERT_SIGNING_ALGORITHM;
-    public final static String ATTR_X509CERT_SERIAL_NUMBER = 
-        ATTR_X509CERT + "." + X509CERT_SERIAL_NUMBER;
-    public final static String ATTR_X509CERT_PUBLIC_KEY_DATA = 
-        ATTR_X509CERT + "." + X509CERT_PUBLIC_KEY_DATA;
+    public final static String ATTR_X509CERT_NOT_BEFORE = ATTR_X509CERT + "."
+            + X509CERT_NOT_BEFORE;
+    public final static String ATTR_X509CERT_NOT_AFTER = ATTR_X509CERT + "."
+            + X509CERT_NOT_AFTER;
+    public final static String ATTR_X509CERT_DURATION = ATTR_X509CERT + "."
+            + X509CERT_DURATION;
+    public final static String ATTR_X509CERT_EXTENSION = ATTR_X509CERT + "."
+            + X509CERT_EXTENSION;
+    public final static String ATTR_X509CERT_SUBJECT = ATTR_X509CERT + "."
+            + X509CERT_SUBJECT;
+    public final static String ATTR_X509CERT_VERSION = ATTR_X509CERT + "."
+            + X509CERT_VERSION;
+    public final static String ATTR_X509CERT_ALGORITHM = ATTR_X509CERT + "."
+            + X509CERT_ALGORITHM;
+    public final static String ATTR_X509CERT_SIGNING_ALGORITHM = ATTR_X509CERT
+            + "." + X509CERT_SIGNING_ALGORITHM;
+    public final static String ATTR_X509CERT_SERIAL_NUMBER = ATTR_X509CERT
+            + "." + X509CERT_SERIAL_NUMBER;
+    public final static String ATTR_X509CERT_PUBLIC_KEY_DATA = ATTR_X509CERT
+            + "." + X509CERT_PUBLIC_KEY_DATA;
 
     /**
      * Retrieves serial number from stored certificate.
-     *
+     * 
      * @return certificate serial number
      */
     public BigInteger getCertificateSerialNumber();
 
     /**
      * Retrieves serial number from certificate record.
-     *
+     * 
      * @return certificate serial number
      */
     public BigInteger getSerialNumber();
 
     /**
      * Retrieves certificate from certificate record.
-     *
+     * 
      * @return certificate
      */
     public X509CertImpl getCertificate();
 
     /**
      * Retrieves name of who issued this certificate.
-     *
+     * 
      * @return name of who issued this certificate
      */
     public String getIssuedBy();
 
     /**
      * Retrieves name of who revoked this certificate.
-     *
+     * 
      * @return name of who revoked this certificate
      */
     public String getRevokedBy();
 
     /**
      * Retrieves date when this certificate was revoked.
-     *
+     * 
      * @return date when this certificate was revoked
      */
     public Date getRevokedOn();
 
     /**
      * Retrieves meta info.
-     *
+     * 
      * @return meta info
      */
     public MetaInfo getMetaInfo();
 
     /**
      * Retrieves certificate status.
-     *
+     * 
      * @return certificate status
      */
     public String getStatus();
 
     /**
      * Retrieves time of creation of this certificate record.
-     *
+     * 
      * @return time of creation of this certificate record
      */
     public Date getCreateTime();
 
     /**
      * Retrieves time of modification of this certificate record.
-     *
+     * 
      * @return time of modification of this certificate record
      */
     public Date getModifyTime();
 
     /**
      * Retrieves revocation info.
-     *
+     * 
      * @return revocation info
      */
     public IRevocationInfo getRevocationInfo();
-}    
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java
index a77458880..c12f00298 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertRecordList.java
@@ -17,80 +17,76 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.certdb;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.IElementProcessor;
 
-
 /**
  * A class represents a list of certificate records.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICertRecordList {
 
     /**
      * Gets the current index.
-     *
+     * 
      * @return current index
      */
     public int getCurrentIndex();
 
     /**
      * Retrieves the size of request list.
-     *
+     * 
      * @return size
      */
     public int getSize();
 
     /**
      * Gets size before jump to index.
-     *
+     * 
      * @return size
      */
     public int getSizeBeforeJumpTo();
 
     /**
      * Gets size after jump to index.
-     *
+     * 
      * @return size
      */
     public int getSizeAfterJumpTo();
 
     /**
      * Process certificate record as soon as it is returned.
-     *
+     * 
      * @param startidx starting index
      * @param endidx ending index
      * @param ep element processor
      * @exception EBaseException failed to process cert records
      */
     public void processCertRecords(int startidx, int endidx,
-        IElementProcessor ep) throws EBaseException;
+            IElementProcessor ep) throws EBaseException;
 
     /**
-     * Retrieves requests.
-     * It's no good to call this if you didnt check
-     * if the startidx, endidx are valid.
-     *
+     * Retrieves requests. It's no good to call this if you didnt check if the
+     * startidx, endidx are valid.
+     * 
      * @param startidx starting index
      * @param endidx ending index
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getCertRecords(int startidx, int endidx)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Gets one single record at a time similar to 
-     * processCertRecords but no extra class needed.
+     * Gets one single record at a time similar to processCertRecords but no
+     * extra class needed.
      * 
      * @param index position of the record to be retrieved
      * @return object
      * @exception EBaseException failed to retrieve
      */
-    public Object getCertRecord(int index)
-        throws EBaseException;
+    public Object getCertRecord(int index) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java
index b913a18c6..ab89bb2e4 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/ICertificateRepository.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.certdb;
 
-
 import java.math.BigInteger;
 import java.security.cert.Certificate;
 import java.util.Date;
@@ -32,157 +31,151 @@ import com.netscape.certsrv.base.MetaInfo;
 import com.netscape.certsrv.dbs.ModificationSet;
 import com.netscape.certsrv.dbs.repository.IRepository;
 
-
 /**
- * An interface represents a CMS certificate repository. 
- * It stores all the issued certificate.
+ * An interface represents a CMS certificate repository. It stores all the
+ * issued certificate.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICertificateRepository extends IRepository {
 
     /**
-     * Adds a certificate record to the repository. Each certificate
-     * record contains four parts: certificate, meta-attributes,
-     * issue information and reovcation information.
+     * Adds a certificate record to the repository. Each certificate record
+     * contains four parts: certificate, meta-attributes, issue information and
+     * reovcation information.
      * <P>
-     *
+     * 
      * @param record X.509 certificate
-     * @exception EBaseException failed to add new certificate to
-     * 		the repository
+     * @exception EBaseException failed to add new certificate to the repository
      */
-    public void addCertificateRecord(ICertRecord record)
-        throws EBaseException;
+    public void addCertificateRecord(ICertRecord record) throws EBaseException;
 
     /**
      * Reads the certificate identified by the given serial no.
-     *
+     * 
      * @param serialNo serial number of certificate
      * @return certificate
      * @exception EBaseException failed to retrieve certificate
      */
     public X509CertImpl getX509Certificate(BigInteger serialNo)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Reads certificate from repository.
-     *
+     * 
      * @param serialNo serial number of certificate
      * @return certificate record
      * @exception EBaseException failed to retrieve certificate
      */
     public ICertRecord readCertificateRecord(BigInteger serialNo)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Sets certificate status update internal
-     *
+     * 
      * @param requestRepo request repository
      * @param interval update interval
      * @param listenToCloneModifications enable listening to clone modifications
      */
-    public void setCertStatusUpdateInterval(IRepository requestRepo, 
-        int interval,
-        boolean listenToCloneModifications);
+    public void setCertStatusUpdateInterval(IRepository requestRepo,
+            int interval, boolean listenToCloneModifications);
 
     /**
      * Updates certificate status now. This is a blocking method.
-     *
+     * 
      * @exception EBaseException failed to update
      */
     public void updateCertStatus() throws EBaseException;
 
     /**
      * Modifies certificate record.
-     *
+     * 
      * @param serialNo serial number of record
      * @param mods modifications
      * @exception EBaseException failed to modify
      */
     public void modifyCertificateRecord(BigInteger serialNo,
-        ModificationSet mods) throws EBaseException;
+            ModificationSet mods) throws EBaseException;
 
     /**
      * Checks if the certificate exists in this repository.
-     *
+     * 
      * @param serialNo serial number of certificate
      * @return true if it exists
      * @exception EBaseException failed to check
      */
     public boolean containsCertificate(BigInteger serialNo)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Deletes certificate from this repository.
-     *
+     * 
      * @param serialNo serial number of certificate
      * @exception EBaseException failed to delete
      */
     public void deleteCertificateRecord(BigInteger serialNo)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Marks certificate as revoked.
-     *
+     * 
      * @param id serial number
      * @param info revocation information
      * @exception EBaseException failed to mark
      */
     public void markAsRevoked(BigInteger id, IRevocationInfo info)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Updates certificate status.
-     *
+     * 
      * @param id serial number
      * @param status certificate status
      * @exception EBaseException failed to update status
      */
     public void updateStatus(BigInteger id, String status)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Marks certificate as renewable.
-     *
+     * 
      * @param record certificate record to modify
      * @exception EBaseException failed to update
      */
     public void markCertificateAsRenewable(ICertRecord record)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Marks certificate as not renewable.
-     *
+     * 
      * @param record certificate record to modify
      * @exception EBaseException failed to update
      */
     public void markCertificateAsNotRenewable(ICertRecord record)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Marks certificate as renewed.
-     *
+     * 
      * @param serialNo certificate record to modify
      * @exception EBaseException failed to update
      */
-    public void markCertificateAsRenewed(String serialNo)
-        throws EBaseException;
+    public void markCertificateAsRenewed(String serialNo) throws EBaseException;
 
     /**
      * Marks certificate as renewed and notified.
-     *
+     * 
      * @param serialNo certificate record to modify
      * @exception EBaseException failed to update
      */
     public void markCertificateAsRenewalNotified(String serialNo)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Finds a list of certificate records that satisifies
-     * the filter.
-     * Here is a list of filter
-     * attribute can be used:
+     * Finds a list of certificate records that satisifies the filter. Here is a
+     * list of filter attribute can be used:
+     * 
      * <pre>
      *   certRecordId
      *   certMetaInfo
@@ -193,50 +186,48 @@ public interface ICertificateRepository extends IRepository {
      *   x509Cert.notAfter
      *   x509Cert.subject
      * </pre>
-     * The filter should follow RFC1558 LDAP filter syntax.
-     * For example,
+     * 
+     * The filter should follow RFC1558 LDAP filter syntax. For example,
+     * 
      * <pre>
      *   (&(certRecordId=5)(x509Cert.notBefore=934398398))
      * </pre>
-     *
+     * 
      * @param filter search filter
      * @param maxSize max size to return
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
     public Enumeration searchCertificates(String filter, int maxSize)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Finds a list of certificate records that satisifies
-     * the filter.
-     *
+     * Finds a list of certificate records that satisifies the filter.
+     * 
      * @param filter search filter
      * @param maxSize max size to return
      * @param timeLimit timeout value
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
-    public Enumeration searchCertificates(String filter, int maxSize, 
-        int timeLimit) throws EBaseException;
+    public Enumeration searchCertificates(String filter, int maxSize,
+            int timeLimit) throws EBaseException;
 
     /**
-     * Finds a list of certificate records that satisifies
-     * the filter.
-     *
+     * Finds a list of certificate records that satisifies the filter.
+     * 
      * @param filter search filter
      * @param attrs selected attribute
      * @param pageSize page size
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
-    public ICertRecordList findCertRecordsInList(String filter,
-        String attrs[], int pageSize) throws EBaseException;
+    public ICertRecordList findCertRecordsInList(String filter, String attrs[],
+            int pageSize) throws EBaseException;
 
     /**
-     * Finds a list of certificate records that satisifies
-     * the filter.
-     *
+     * Finds a list of certificate records that satisifies the filter.
+     * 
      * @param filter search filter
      * @param attrs selected attribute
      * @param sortKey key to use for sorting the returned elements
@@ -244,14 +235,12 @@ public interface ICertificateRepository extends IRepository {
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
-    public ICertRecordList findCertRecordsInList(String filter,
-        String attrs[], String sortKey, int pageSize) 	
-        throws EBaseException;
+    public ICertRecordList findCertRecordsInList(String filter, String attrs[],
+            String sortKey, int pageSize) throws EBaseException;
 
     /**
-     * Finds a list of certificate records that satisifies
-     * the filter.
-     *
+     * Finds a list of certificate records that satisifies the filter.
+     * 
      * @param filter search filter
      * @param attrs selected attribute
      * @param jumpTo jump to index
@@ -260,18 +249,16 @@ public interface ICertificateRepository extends IRepository {
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
-    public ICertRecordList findCertRecordsInList(String filter,
-        String attrs[], String jumpTo, String sortKey, int pageSize) 	
-        throws EBaseException;
+    public ICertRecordList findCertRecordsInList(String filter, String attrs[],
+            String jumpTo, String sortKey, int pageSize) throws EBaseException;
 
-    public ICertRecordList findCertRecordsInList(String filter,
-        String attrs[], String jumpTo, boolean hardJumpTo, String sortKey, int pageSize) 	
-        throws EBaseException;
+    public ICertRecordList findCertRecordsInList(String filter, String attrs[],
+            String jumpTo, boolean hardJumpTo, String sortKey, int pageSize)
+            throws EBaseException;
 
     /**
-     * Finds a list of certificate records that satisifies
-     * the filter.
-     *
+     * Finds a list of certificate records that satisifies the filter.
+     * 
      * @param filter search filter
      * @param attrs selected attribute
      * @param jumpTo jump to index
@@ -281,120 +268,116 @@ public interface ICertificateRepository extends IRepository {
      * @exception EBaseException failed to search
      */
     public ICertRecordList findCertRecordsInListRawJumpto(String filter,
-        String attrs[], String jumpTo, String sortKey, int pageSize)
-        throws EBaseException;
+            String attrs[], String jumpTo, String sortKey, int pageSize)
+            throws EBaseException;
 
     public static final int ALL_CERTS = 0;
     public static final int ALL_VALID_CERTS = 1;
     public static final int ALL_UNREVOKED_CERTS = 2;
 
     /**
-     * Gets all valid and unexpired certificates pertaining
-     * to a subject DN.
-     *
-     * @param subjectDN	The distinguished name of the subject.
-     * @param validityType	The type of certificatese to retrieve.
+     * Gets all valid and unexpired certificates pertaining to a subject DN.
+     * 
+     * @param subjectDN The distinguished name of the subject.
+     * @param validityType The type of certificatese to retrieve.
      * @return An array of certificates.
      * @throws EBaseException on error.
      */
-    public X509CertImpl[] getX509Certificates(String subjectDN,
-        int validityType) throws EBaseException;
+    public X509CertImpl[] getX509Certificates(String subjectDN, int validityType)
+            throws EBaseException;
 
     /**
      * Retrieves all the revoked certificates that have not expired.
-     *
+     * 
      * @param asOfDate as of date
      * @return a list of revoked certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getRevokedCertificates(Date asOfDate)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Retrieves all revoked certificates including ones that have expired
-     * or that are not yet valid.
-     *
+     * Retrieves all revoked certificates including ones that have expired or
+     * that are not yet valid.
+     * 
      * @return a list of revoked certificates
      * @exception EBaseException failed to search
      */
-    public Enumeration getAllRevokedCertificates()
-        throws EBaseException;
+    public Enumeration getAllRevokedCertificates() throws EBaseException;
 
     /**
      * Retrieves all revoked but not expired certificates.
-     *
+     * 
      * @return a list of revoked certificates
      * @exception EBaseException failed to search
      */
     public Enumeration getAllRevokedNonExpiredCertificates()
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Finds all certificates given a filter. 
-     *
+     * Finds all certificates given a filter.
+     * 
      * @param filter search filter
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
-    public Enumeration findCertificates(String filter)
-        throws EBaseException;
+    public Enumeration findCertificates(String filter) throws EBaseException;
 
     /**
      * Finds all certificate records given a filter.
-     *
+     * 
      * @param filter search filter
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
-    public Enumeration findCertRecords(String filter)
-        throws EBaseException;
+    public Enumeration findCertRecords(String filter) throws EBaseException;
 
     /**
-     * Gets Revoked certs orderes by noAfter date, jumps to records 
-     * where notAfter date is greater than current.
-     *
+     * Gets Revoked certs orderes by noAfter date, jumps to records where
+     * notAfter date is greater than current.
+     * 
      * @param date reference date
      * @param pageSize page size
      * @return a list of certificate records
      * @exception EBaseException failed to retrieve
      */
-    public ICertRecordList getRevokedCertsByNotAfterDate(Date date, 
-        int pageSize) throws EBaseException;	
+    public ICertRecordList getRevokedCertsByNotAfterDate(Date date, int pageSize)
+            throws EBaseException;
 
     /**
-     * Gets Invalid certs orderes by noAfter date, jumps to records 
-     * where notAfter date is greater than current.
-     *
+     * Gets Invalid certs orderes by noAfter date, jumps to records where
+     * notAfter date is greater than current.
+     * 
      * @param date reference date
      * @param pageSize page size
      * @return a list of certificate records
      * @exception EBaseException failed to retrieve
      */
-    public ICertRecordList getInvalidCertsByNotBeforeDate(Date date,   
-        int pageSize) throws EBaseException;
+    public ICertRecordList getInvalidCertsByNotBeforeDate(Date date,
+            int pageSize) throws EBaseException;
 
     /**
-     * Gets valid certs orderes by noAfter date, jumps to records 
-     * where notAfter date is greater than current.
-     *
+     * Gets valid certs orderes by noAfter date, jumps to records where notAfter
+     * date is greater than current.
+     * 
      * @param date reference date
      * @param pageSize page size
      * @return a list of certificate records
      * @exception EBaseException failed to retrieve
      */
-    public ICertRecordList getValidCertsByNotAfterDate(Date date, 
-        int pageSize) throws EBaseException;
+    public ICertRecordList getValidCertsByNotAfterDate(Date date, int pageSize)
+            throws EBaseException;
 
     /**
      * Creates certificate record.
-     *
+     * 
      * @param id serial number
      * @param cert certificate
      * @param meta meta information
      * @return certificate record
      */
-    public ICertRecord createCertRecord(BigInteger id, 
-        Certificate cert, MetaInfo meta);
+    public ICertRecord createCertRecord(BigInteger id, Certificate cert,
+            MetaInfo meta);
 
     /**
      * Finds certificate records.
@@ -403,22 +386,21 @@ public interface ICertificateRepository extends IRepository {
      * @return a list of certificate records
      * @exception EBaseException failed to retrieve cert records
      */
-    public Enumeration findCertRecs(String filter)
-        throws EBaseException;
+    public Enumeration findCertRecs(String filter) throws EBaseException;
 
     /**
      * Retrieves renewable certificates.
-     *
+     * 
      * @param renewalTime renewal time
      * @return certificates
      * @exception EBaseException failed to retrieve
      */
     public Hashtable getRenewableCertificates(String renewalTime)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Unmark a revoked certificates.
-     *
+     * 
      * @param id serial number
      * @param info revocation information
      * @param revokedOn revocation date
@@ -426,89 +408,89 @@ public interface ICertificateRepository extends IRepository {
      * @exception EBaseException failed to unmark
      */
     public void unmarkRevoked(BigInteger id, IRevocationInfo info,
-        Date revokedOn, String revokedBy)
-        throws EBaseException;
+            Date revokedOn, String revokedBy) throws EBaseException;
 
     /**
      * Retrieves valid and not published certificates.
-     *
+     * 
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getValidNotPublishedCertificates(String from, String to)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves expired and published certificates.
-     *
+     * 
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getExpiredPublishedCertificates(String from, String to)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves revoked and published certificates.
-     *
+     * 
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getRevokedPublishedCertificates(String from, String to)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves valid certificates.
-     *
+     * 
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getValidCertificates(String from, String to)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves expired certificates.
-     *
+     * 
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getExpiredCertificates(String from, String to)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves revoked certificates.
-     *
+     * 
      * @param from starting serial number
      * @param to ending serial number
      * @return a list of certificates
      * @exception EBaseException failed to retrieve
      */
     public Enumeration getRevokedCertificates(String from, String to)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves modified certificate records.
-     *
+     * 
      * @param entry LDAPEntry with modified data
      */
-     public void getModifications(LDAPEntry entry);
+    public void getModifications(LDAPEntry entry);
 
     /**
      * Removes certificate records with this repository.
-     *
+     * 
      * @param beginS BigInteger with radix 16
      * @param endS BigInteger with radix 16
      */
-    public void removeCertRecords(BigInteger beginS, BigInteger endS) throws EBaseException;
+    public void removeCertRecords(BigInteger beginS, BigInteger endS)
+            throws EBaseException;
 
     public void shutdown();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java
index 2086cacb1..b2a08087c 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/certdb/IRevocationInfo.java
@@ -17,32 +17,30 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.certdb;
 
-
 import java.util.Date;
 
 import netscape.security.x509.CRLExtensions;
 
-
 /**
- * A class represents a certificate revocation info. This
- * object is written as an attribute of certificate record 
- * which essentially signifies a revocation act.
+ * A class represents a certificate revocation info. This object is written as
+ * an attribute of certificate record which essentially signifies a revocation
+ * act.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRevocationInfo {
 
     /**
      * Retrieves revocation date.
-     *
+     * 
      * @return revocation date
      */
     public Date getRevocationDate();
 
     /**
      * Retrieves CRL entry extensions.
-     *
+     * 
      * @return CRL entry extensions
      */
     public CRLExtensions getCRLEntryExtensions();
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
index 78acced01..f1093d2b7 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLIssuingPointRecord.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.crldb;
 
-
 import java.math.BigInteger;
 import java.util.Date;
 import java.util.Hashtable;
@@ -26,11 +25,9 @@ import netscape.security.x509.RevokedCertificate;
 
 import com.netscape.certsrv.dbs.IDBObj;
 
-
 /**
- * An interface that defines abilities of
- * a CRL issuing point record.
- *
+ * An interface that defines abilities of a CRL issuing point record.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICRLIssuingPointRecord extends IDBObj {
@@ -52,111 +49,112 @@ public interface ICRLIssuingPointRecord extends IDBObj {
     public static final String ATTR_DELTA_CRL = "deltaRevocationList";
 
     public static final String CLEAN_CACHE = "-1";
-    public static final String NEW_CACHE   = "-2";
+    public static final String NEW_CACHE = "-2";
 
     /**
      * Retrieve unique CRL identifier.
-     *
+     * 
      * @return unique CRL identifier
      */
     public String getId();
 
     /**
      * Retrieves current CRL number out of CRL issuing point record.
-     *
+     * 
      * @return current CRL number
      */
     public BigInteger getCRLNumber();
 
     /**
      * Retrieves CRL size measured by the number of entries.
-     *
+     * 
      * @return CRL size
      */
     public Long getCRLSize();
 
     /**
      * Retrieves this update time.
-     *
+     * 
      * @return time of this update
      */
     public Date getThisUpdate();
 
     /**
      * Retrieves next update time.
-     *
+     * 
      * @return time of next update
      */
     public Date getNextUpdate();
 
     /**
      * Retrieves current delta CRL number out of CRL issuing point record.
-     *
+     * 
      * @return current delta CRL number
      */
     public BigInteger getDeltaCRLNumber();
 
     /**
      * Retrieves delta CRL size measured by the number of entries.
-     *
+     * 
      * @return delta CRL size
      */
     public Long getDeltaCRLSize();
 
     /**
      * Retrieve Retrieve reference to the first unsaved data.
-     *
+     * 
      * @return reference to the first unsaved data
      */
     public String getFirstUnsaved();
 
     /**
      * Retrieves encoded CRL.
-     *
+     * 
      * @return encoded CRL
      */
     public byte[] getCRL();
 
     /**
      * Retrieves encoded delta CRL.
-     *
+     * 
      * @return encoded delta CRL
      */
     public byte[] getDeltaCRL();
 
     /**
      * Retrieves encoded CA certificate.
-     *
+     * 
      * @return encoded CA certificate
      */
     public byte[] getCACert();
 
     /**
      * Retrieves cache information about CRL.
-     *
+     * 
      * @return list of recently revoked certificates
      */
-    public Hashtable<BigInteger,RevokedCertificate> getCRLCacheNoClone();
-    public Hashtable<BigInteger,RevokedCertificate> getCRLCache();
+    public Hashtable<BigInteger, RevokedCertificate> getCRLCacheNoClone();
+
+    public Hashtable<BigInteger, RevokedCertificate> getCRLCache();
 
     /**
      * Retrieves cache information about revoked certificates.
-     *
+     * 
      * @return list of recently revoked certificates
      */
-    public Hashtable<BigInteger,RevokedCertificate> getRevokedCerts();
+    public Hashtable<BigInteger, RevokedCertificate> getRevokedCerts();
 
     /**
      * Retrieves cache information about certificates released from hold.
-     *
+     * 
      * @return list of certificates recently released from hold
      */
-    public Hashtable<BigInteger,RevokedCertificate> getUnrevokedCerts();
+    public Hashtable<BigInteger, RevokedCertificate> getUnrevokedCerts();
 
     /**
      * Retrieves cache information about expired certificates.
-     *
+     * 
      * @return list of recently expired certificates
      */
-    public Hashtable<BigInteger,RevokedCertificate> getExpiredCerts();
+    public Hashtable<BigInteger, RevokedCertificate> getExpiredCerts();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
index ba245bcfb..135abde9e 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/crldb/ICRLRepository.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.crldb;
 
-
 import java.math.BigInteger;
 import java.util.Date;
 import java.util.Hashtable;
@@ -26,63 +25,62 @@ import java.util.Vector;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.ModificationSet;
 
-
 /**
- * An interface represents a CMS CRL repository. It stores 
- * all the CRL issuing points.
- *
+ * An interface represents a CMS CRL repository. It stores all the CRL issuing
+ * points.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICRLRepository {
 
     /**
      * Adds CRL issuing point record.
-     *
+     * 
      * @param rec issuing point record
      * @exception EBaseException failed to add new issuing point record
      */
     public void addCRLIssuingPointRecord(ICRLIssuingPointRecord rec)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves all the issuing points' names.
-     *
+     * 
      * @return A list of issuing points' names.
-     * @exception EBaseException failed to retrieve all the issuing points' names.
+     * @exception EBaseException failed to retrieve all the issuing points'
+     *                names.
      */
     public Vector getIssuingPointsNames() throws EBaseException;
 
     /**
      * Reads issuing point record.
-     *
+     * 
      * @return issuing point record
      * @exception EBaseException failed to read issuing point record
      */
     public ICRLIssuingPointRecord readCRLIssuingPointRecord(String id)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Deletes issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @exception EBaseException failed to delete issuing point record
      */
-    public void deleteCRLIssuingPointRecord(String id)
-        throws EBaseException;
+    public void deleteCRLIssuingPointRecord(String id) throws EBaseException;
 
     /**
      * Modifies issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @param mods set of modifications
      * @exception EBaseException failed to modify issuing point record
      */
     public void modifyCRLIssuingPointRecord(String id, ModificationSet mods)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Updates CRL issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @param newCRL encoded binary CRL
      * @param thisUpdate time of this update
@@ -92,12 +90,12 @@ public interface ICRLRepository {
      * @exception EBaseException failed to update issuing point record
      */
     public void updateCRLIssuingPointRecord(String id, byte[] newCRL,
-        Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize)
-        throws EBaseException;
+            Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize)
+            throws EBaseException;
 
     /**
      * Updates CRL issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @param newCRL encoded binary CRL
      * @param thisUpdate time of this update
@@ -110,34 +108,34 @@ public interface ICRLRepository {
      * @exception EBaseException failed to update issuing point record
      */
     public void updateCRLIssuingPointRecord(String id, byte[] newCRL,
-        Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize,
-        Hashtable revokedCerts, Hashtable unrevokedCerts, Hashtable expiredCerts)
-        throws EBaseException;
+            Date thisUpdate, Date nextUpdate, BigInteger crlNumber,
+            Long crlSize, Hashtable revokedCerts, Hashtable unrevokedCerts,
+            Hashtable expiredCerts) throws EBaseException;
 
     /**
      * Updates CRL issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @param revokedCerts list of revoked certificates
      * @param unrevokedCerts list of released from hold certificates
      * @exception EBaseException failed to update issuing point record
      */
-    public void updateRevokedCerts(String id, Hashtable revokedCerts, Hashtable unrevokedCerts)
-        throws EBaseException;
+    public void updateRevokedCerts(String id, Hashtable revokedCerts,
+            Hashtable unrevokedCerts) throws EBaseException;
 
     /**
      * Updates CRL issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @param expiredCerts list of expired certificates
      * @exception EBaseException failed to update issuing point record
      */
     public void updateExpiredCerts(String id, Hashtable expiredCerts)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Updates CRL issuing point record.
-     *
+     * 
      * @param id issuing point record id
      * @param crlSize CRL size
      * @param revokedCerts list of revoked certificates
@@ -145,15 +143,13 @@ public interface ICRLRepository {
      * @param expiredCerts list of expired certificates
      * @exception EBaseException failed to update issuing point record
      */
-    public void updateCRLCache(String id, Long crlSize,
-        Hashtable revokedCerts,
-        Hashtable unrevokedCerts,
-        Hashtable expiredCerts)
-        throws EBaseException;
+    public void updateCRLCache(String id, Long crlSize, Hashtable revokedCerts,
+            Hashtable unrevokedCerts, Hashtable expiredCerts)
+            throws EBaseException;
 
     /**
      * Updates CRL issuing point record with delta-CRL.
-     *
+     * 
      * @param id issuing point record id
      * @param deltaCRLNumber delta CRL number
      * @param deltaCRLSize delta CRL size
@@ -162,18 +158,17 @@ public interface ICRLRepository {
      * @exception EBaseException failed to update issuing point record
      */
     public void updateDeltaCRL(String id, BigInteger deltaCRLNumber,
-                               Long deltaCRLSize, Date nextUpdate,
-                               byte[] deltaCRL)
-        throws EBaseException;
+            Long deltaCRLSize, Date nextUpdate, byte[] deltaCRL)
+            throws EBaseException;
 
     /**
-     * Updates CRL issuing point record with reference to the first
-     * unsaved data.
-     *
+     * Updates CRL issuing point record with reference to the first unsaved
+     * data.
+     * 
      * @param id issuing point record id
      * @param firstUnsaved reference to the first unsaved data
      * @exception EBaseException failed to update issuing point record
      */
     public void updateFirstUnsaved(String id, String firstUnsaved)
-        throws EBaseException;
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java
index 0edcc1877..010661d8b 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecord.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.keydb;
 
-
 import java.math.BigInteger;
 import java.util.Date;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * An interface contains constants for key record.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IKeyRecord {
@@ -42,15 +40,15 @@ public interface IKeyRecord {
     public static final String ATTR_MODIFY_TIME = "keyModifyTime";
     public static final String ATTR_META_INFO = "keyMetaInfo";
     public static final String ATTR_ARCHIVED_BY = "keyArchivedBy";
-    
+
     // key state
     public static final String STATUS_ANY = "ANY";
     public static final String STATUS_VALID = "VALID";
     public static final String STATUS_INVALID = "INVALID";
-    
+
     /**
      * Retrieves the state of the key.
-     *
+     * 
      * @return key state
      * @exception EBaseException failed to retrieve state of the key
      */
@@ -58,15 +56,15 @@ public interface IKeyRecord {
 
     /**
      * Retrieves key identifier.
-     *
+     * 
      * @return key id
      * @exception EBaseException failed to retrieve key id
      */
-    public BigInteger getSerialNumber() throws EBaseException; 
+    public BigInteger getSerialNumber() throws EBaseException;
 
     /**
      * Retrieves key owner name.
-     *
+     * 
      * @return key owner name
      * @exception EBaseException failed to retrieve key owner name
      */
@@ -74,53 +72,53 @@ public interface IKeyRecord {
 
     /**
      * Retrieves key algorithm.
-     *
+     * 
      * @return key algorithm
      */
-    public String getAlgorithm(); 
+    public String getAlgorithm();
 
     /**
      * Retrieves key length.
-     *
+     * 
      * @return key length
      * @exception EBaseException failed to retrieve key length
      */
-    public Integer getKeySize() throws EBaseException; 
+    public Integer getKeySize() throws EBaseException;
 
     /**
      * Retrieves archiver identifier.
-     *
+     * 
      * @return archiver uid
      */
-    public String getArchivedBy(); 
+    public String getArchivedBy();
 
     /**
      * Retrieves creation time.
-     *
+     * 
      * @return creation time
      */
-    public Date getCreateTime(); 
+    public Date getCreateTime();
 
     /**
      * Retrieves last modification time.
-     *
+     * 
      * @return modification time
      */
-    public Date getModifyTime(); 
+    public Date getModifyTime();
 
     /**
      * Retrieves dates of recovery.
-     *
+     * 
      * @return recovery history
      * @exception EBaseException failed to retrieve recovery history
      */
-    public Date[] getDateOfRevocation() throws EBaseException; 
+    public Date[] getDateOfRevocation() throws EBaseException;
 
     /**
      * Retrieves public key data.
-     *
+     * 
      * @return public key data
      * @exception EBaseException failed to retrieve public key data
      */
     public byte[] getPublicKeyData() throws EBaseException;
-}    
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java
index 2bc9f57b9..60c2b37d7 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRecordList.java
@@ -17,35 +17,33 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.keydb;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a list of key records.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IKeyRecordList {
 
     /**
-     * Retrieves the size of key list. 
-     *
+     * Retrieves the size of key list.
+     * 
      * @return size of key list
      */
     public int getSize();
 
     /**
      * Retrieves key records.
-     *
+     * 
      * @param startidx start index
      * @param endidx end index
      * @return key records
      * @exception EBaseException failed to retrieve key records
      */
     public Enumeration getKeyRecords(int startidx, int endidx)
-        throws EBaseException;
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java
index 093bea255..de48dac17 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/IKeyRepository.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.keydb;
 
-
 import java.math.BigInteger;
 import java.security.PublicKey;
 import java.util.Enumeration;
@@ -28,12 +27,11 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.ModificationSet;
 import com.netscape.certsrv.dbs.repository.IRepository;
 
-
 /**
- * An interface represents a Key repository. This is the 
- * container of archived keys.
+ * An interface represents a Key repository. This is the container of archived
+ * keys.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IKeyRepository extends IRepository {
@@ -41,7 +39,7 @@ public interface IKeyRepository extends IRepository {
     /**
      * Archives a key to the repository.
      * <P>
-     *
+     * 
      * @param record key record
      * @exception EBaseException failed to archive key
      */
@@ -50,61 +48,56 @@ public interface IKeyRepository extends IRepository {
     /**
      * Reads an archived key by serial number.
      * <P>
-     *
+     * 
      * @param serialNo serial number
      * @return key record
      * @exception EBaseException failed to recover key
      */
-    public IKeyRecord readKeyRecord(BigInteger serialNo)
-        throws EBaseException;
+    public IKeyRecord readKeyRecord(BigInteger serialNo) throws EBaseException;
 
     /**
      * Reads an archived key by b64 encoded cert.
      * <P>
-     *
+     * 
      * @param cert b64 encoded cert
      * @return key record
      * @exception EBaseException failed to recover key
      */
-    public IKeyRecord readKeyRecord(String cert)
-        throws EBaseException;
+    public IKeyRecord readKeyRecord(String cert) throws EBaseException;
 
     /**
      * Reads an archived key by owner name.
      * <P>
-     *
+     * 
      * @param ownerName owner name
      * @return key record
      * @exception EBaseException failed to recover key
      */
-    public IKeyRecord readKeyRecord(X500Name ownerName)
-        throws EBaseException;
+    public IKeyRecord readKeyRecord(X500Name ownerName) throws EBaseException;
 
     /**
      * Reads archived key using public key.
-     *
-     * @param publicKey public key that is corresponding 
-     *     to the private key
+     * 
+     * @param publicKey public key that is corresponding to the private key
      * @return key record
      * @exception EBaseException failed to read key
      */
-    public IKeyRecord readKeyRecord(PublicKey publicKey)
-        throws EBaseException;
+    public IKeyRecord readKeyRecord(PublicKey publicKey) throws EBaseException;
 
     /**
      * Searches for private keys.
-     *
+     * 
      * @param filter LDAP filter for the search
      * @param maxSize maximium number of entries to be returned
      * @return a list of private key records
      * @exception EBaseException failed to search keys
      */
     public Enumeration searchKeys(String filter, int maxSize)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Searches for private keys.
-     *
+     * 
      * @param filter LDAP filter for the search
      * @param maxSize maximium number of entries to be returned
      * @param timeLimt timeout value
@@ -112,30 +105,30 @@ public interface IKeyRepository extends IRepository {
      * @exception EBaseException failed to search keys
      */
     public Enumeration searchKeys(String filter, int maxSize, int timeLimt)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Deletes a key record.
-     *
+     * 
      * @param serialno key identifier
      * @exception EBaseException failed to delete key record
      */
-    public void deleteKeyRecord(BigInteger serialno)
-        throws EBaseException;
+    public void deleteKeyRecord(BigInteger serialno) throws EBaseException;
 
     /**
      * Modifies key record in this repository.
-     *
+     * 
      * @param serialNo key identifier
      * @param mods modification of key records
      * @exception EBaseException failed to modify key record
      */
-    public void modifyKeyRecord(BigInteger serialNo,
-        ModificationSet mods) throws EBaseException;
+    public void modifyKeyRecord(BigInteger serialNo, ModificationSet mods)
+            throws EBaseException;
 
     /**
-     * Searchs for a list of key records.
-     * Here is a list of supported filter attributes:
+     * Searchs for a list of key records. Here is a list of supported filter
+     * attributes:
+     * 
      * <pre>
      *   keySerialNumber
      *   keyState
@@ -149,19 +142,19 @@ public interface IKeyRepository extends IRepository {
      *   keyModifyTime
      *   keyMetaInfo
      * </pre>
-     *
+     * 
      * @param filter search filter
      * @param attrs list of attributes to be returned
      * @param pageSize virtual list page size
      * @return list of key records
      * @exception EBaseException failed to search key records
      */
-    public IKeyRecordList findKeyRecordsInList(String filter,
-        String attrs[], int pageSize) throws EBaseException;
+    public IKeyRecordList findKeyRecordsInList(String filter, String attrs[],
+            int pageSize) throws EBaseException;
 
     /**
      * Searchs for a list of key records.
-     *
+     * 
      * @param filter search filter
      * @param attrs list of attributes to be returned
      * @param sortKey name of attribute that the list should be sorted by
@@ -169,7 +162,6 @@ public interface IKeyRepository extends IRepository {
      * @return list of key records
      * @exception EBaseException failed to search key records
      */
-    public IKeyRecordList findKeyRecordsInList(String filter,
-        String attrs[], String sortKey, int pageSize) 
-        throws EBaseException;
+    public IKeyRecordList findKeyRecordsInList(String filter, String attrs[],
+            String sortKey, int pageSize) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java
index e4baf91eb..3ab0bd3a9 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/keydb/KeyState.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.dbs.keydb;
 
-
 import java.io.Serializable;
 
-
 /**
- * A class represents key state. This object is to
- * encapsulate the life cycle of a key.
+ * A class represents key state. This object is to encapsulate the life cycle of
+ * a key.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public final class KeyState implements Serializable {
@@ -42,62 +40,67 @@ public final class KeyState implements Serializable {
     private KeyState(int code) {
         mStateCode = code;
     }
-	
+
     /**
      * Request state.
      */
-    public final static KeyState ANY = new  KeyState(-1);
+    public final static KeyState ANY = new KeyState(-1);
     public final static KeyState VALID = new KeyState(0);
     public final static KeyState INVALID = new KeyState(1);
-		
+
     /**
      * Checks if the given object equals to this object.
-     *
+     * 
      * @param other object to be compared
      * @return true if both objects are the same
      */
     public boolean equals(Object other) {
-        if (this == other) 
+        if (this == other)
             return true;
         else if (other instanceof KeyState)
             return ((KeyState) other).mStateCode == mStateCode;
-        else 
+        else
             return false;
     }
 
     /**
      * Returns the hash code.
-     *
+     * 
      * @return hash code
      */
     public int hashCode() {
         return mStateCode;
     }
-	
+
     /**
      * Return the string-representation of this object.
-     *
+     * 
      * @return string value
      */
     public String toString() {
-        if (mStateCode == -1) return "ANY";
-        if (mStateCode == 0) return "VALID";
-        if (mStateCode == 1) return "INVAILD";
+        if (mStateCode == -1)
+            return "ANY";
+        if (mStateCode == 0)
+            return "VALID";
+        if (mStateCode == 1)
+            return "INVAILD";
         return "[UNDEFINED]";
-		
+
     }
 
     /**
      * Converts a string into a key state object.
-     *
+     * 
      * @param state state in string-representation
      * @return key state object
      */
     public static KeyState toKeyState(String state) {
-        if (state.equalsIgnoreCase("ANY")) return ANY; 
-        if (state.equalsIgnoreCase("VALID")) return VALID; 
-        if (state.equalsIgnoreCase("INVALID")) return INVALID; 
+        if (state.equalsIgnoreCase("ANY"))
+            return ANY;
+        if (state.equalsIgnoreCase("VALID"))
+            return VALID;
+        if (state.equalsIgnoreCase("INVALID"))
+            return INVALID;
         return null;
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java b/pki/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java
index 660b6e9e8..25953c3d7 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/replicadb/IReplicaIDRepository.java
@@ -19,12 +19,11 @@ package com.netscape.certsrv.dbs.replicadb;
 
 import com.netscape.certsrv.dbs.repository.IRepository;
 
-
 /**
- * An interface represents a ReplicaID Repository. 
- * It provides unique managed replica IDs.
+ * An interface represents a ReplicaID Repository. It provides unique managed
+ * replica IDs.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IReplicaIDRepository extends IRepository {
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java b/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java
index 5ff902413..707eb8135 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepository.java
@@ -22,18 +22,18 @@ import java.math.BigInteger;
 import com.netscape.certsrv.base.EBaseException;
 
 /**
- * An interface represents a generic repository. It maintains unique 
- * serial number within repository.
+ * An interface represents a generic repository. It maintains unique serial
+ * number within repository.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRepository {
 
     /**
-     * Retrieves the next serial number, and also increase the
-     * serial number by one.
-     *
+     * Retrieves the next serial number, and also increase the serial number by
+     * one.
+     * 
      * @return serial number
      * @exception EBaseException failed to retrieve next serial number
      */
@@ -58,30 +58,30 @@ public interface IRepository {
      * @param serial maximum number
      * @exception EBaseException failed to set maximum serial number
      */
-    public void setMaxSerial (String serial) throws EBaseException;
-   
+    public void setMaxSerial(String serial) throws EBaseException;
+
     /**
      * Set the maximum serial number in next range.
      * 
      * @param serial maximum number
-     * @exception EBaseException failed to set maximum serial number in next range
+     * @exception EBaseException failed to set maximum serial number in next
+     *                range
      */
     public void setNextMaxSerial(String serial) throws EBaseException;
 
     /**
-     * Checks to see if a new range is needed, or if we have reached the end of the 
-     * current range, or if a range conflict has occurred.
+     * Checks to see if a new range is needed, or if we have reached the end of
+     * the current range, or if a range conflict has occurred.
      * 
      * @exception EBaseException failed to check next range for conflicts
      */
     public void checkRanges() throws EBaseException;
 
-     /**
-     * Sets whether serial number management is enabled for certs
-     * and requests. 
-     *
-     * @param value   true/false 
-     * @exception EBaseException failed to set 
+    /**
+     * Sets whether serial number management is enabled for certs and requests.
+     * 
+     * @param value true/false
+     * @exception EBaseException failed to set
      */
     public void setEnableSerialMgmt(boolean value) throws EBaseException;
 
diff --git a/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java b/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java
index 326ea4664..7eac41736 100644
--- a/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java
+++ b/pki/base/common/src/com/netscape/certsrv/dbs/repository/IRepositoryRecord.java
@@ -22,23 +22,23 @@ import java.math.BigInteger;
 import com.netscape.certsrv.dbs.IDBObj;
 
 /**
- * An interface represents a generic repository record. 
- * It maintains unique serial number within repository.
+ * An interface represents a generic repository record. It maintains unique
+ * serial number within repository.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRepositoryRecord extends IDBObj {
 
-	public final static String ATTR_SERIALNO = "serialNo";
-	public final static String ATTR_PUB_STATUS = "publishingStatus";
+    public final static String ATTR_SERIALNO = "serialNo";
+    public final static String ATTR_PUB_STATUS = "publishingStatus";
 
-	/**
-	 * Retrieves serial number.
-	 *
-	 * @return serial number
-	 */
-	public BigInteger getSerialNumber();
+    /**
+     * Retrieves serial number.
+     * 
+     * @return serial number
+     */
+    public BigInteger getSerialNumber();
 
-	public String getPublishingStatus();
+    public String getPublishingStatus();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java b/pki/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java
index 8c2914479..9019410a8 100644
--- a/pki/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java
+++ b/pki/base/common/src/com/netscape/certsrv/evaluators/IAccessEvaluator.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.evaluators;
 
-
 import com.netscape.certsrv.authentication.IAuthToken;
 
-
 /**
- * A class represents an evaluator.  An evaluator is used to
- * evaluate an expression.  For example, one can write an evaluator to 
- * evaluate if a user belongs to a certain group.  An evaluator is
- * generally used for access control expression evaluation, however, it
- * can be used for other evaluation-related operations.
+ * A class represents an evaluator. An evaluator is used to evaluate an
+ * expression. For example, one can write an evaluator to evaluate if a user
+ * belongs to a certain group. An evaluator is generally used for access control
+ * expression evaluation, however, it can be used for other evaluation-related
+ * operations.
  * <P>
  * 
  * @version $Revision$, $Date$
@@ -39,47 +37,51 @@ public interface IAccessEvaluator {
     public void init();
 
     /**
-     * Gets the type of the evaluator.  Type is defined by each
-     * evaluator plugin.  Each evaluator plugin should have a unique type.
+     * Gets the type of the evaluator. Type is defined by each evaluator plugin.
+     * Each evaluator plugin should have a unique type.
+     * 
      * @return type of the evaluator
      */
     public String getType();
 
     /**
      * Gets the description of the evaluator
+     * 
      * @return a text description for this evaluator
      */
     public String getDescription();
 
     /**
-     * Evaluates if the given value satisfies the access
-     * control in current context.
+     * Evaluates if the given value satisfies the access control in current
+     * context.
+     * 
      * @param type Type of the evaluator, eg, user, group etc
      * @param op Operator of the evaluator, eg, =, !=
-     * @param value Part of the expression that can be used to
-     * evaluate, e.g, value can be the name of the group if the
-     * purpose of the evaluator is to evaluate if the user is a member 
-     * of the group.
+     * @param value Part of the expression that can be used to evaluate, e.g,
+     *            value can be the name of the group if the purpose of the
+     *            evaluator is to evaluate if the user is a member of the group.
      * @return true if the evaluation expression is matched; false otherwise.
      */
     public boolean evaluate(String type, String op, String value);
 
     /**
-     * Evaluates if the given value satisfies the access
-     * control in authToken obtained from Authentication.
+     * Evaluates if the given value satisfies the access control in authToken
+     * obtained from Authentication.
+     * 
      * @param authToken Authentication token
      * @param type Type of the evaluator, eg, user, group etc
      * @param op Operator of the evaluator, eg, =, !=
-     * @param value Part of the expression that can be used to
-     * evaluate, e.g, value can be the name of the group if the
-     * purpose of the evaluator is to evaluate if the user is a member 
-     * of the group.
+     * @param value Part of the expression that can be used to evaluate, e.g,
+     *            value can be the name of the group if the purpose of the
+     *            evaluator is to evaluate if the user is a member of the group.
      * @return true if the evaluation expression is matched; false otherwise.
      */
-    public boolean evaluate(IAuthToken authToken, String type, String op, String value);
+    public boolean evaluate(IAuthToken authToken, String type, String op,
+            String value);
 
     /**
      * Get the supported operators for this evaluator
+     * 
      * @return Supported operators in string array
      */
     public String[] getSupportedOperators();
diff --git a/pki/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java b/pki/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java
index df4c14447..7467309b9 100644
--- a/pki/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java
+++ b/pki/base/common/src/com/netscape/certsrv/extensions/EExtensionsException.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.extensions;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * This represents the extensions exception.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EExtensionsException extends EBaseException {
@@ -35,8 +33,8 @@ public class EExtensionsException extends EBaseException {
     /**
      * Resource class name.
      */
-    private static final String EXTENSIONS_RESOURCES =
-        ExtensionsResources.class.getName();
+    private static final String EXTENSIONS_RESOURCES = ExtensionsResources.class
+            .getName();
 
     public EExtensionsException(String msgFormat) {
         super(msgFormat);
diff --git a/pki/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java b/pki/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java
index 4d7ee06c2..ca1e4545a 100644
--- a/pki/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/extensions/ExtensionsResources.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.extensions;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * This represents the resources for extensions.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ExtensionsResources extends ListResourceBundle {
diff --git a/pki/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java b/pki/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java
index fb4bb1f77..f5df88e2e 100644
--- a/pki/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java
+++ b/pki/base/common/src/com/netscape/certsrv/extensions/ICMSExtension.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.extensions;
 
-
 import netscape.security.util.ObjectIdentifier;
 import netscape.security.x509.Extension;
 
@@ -26,11 +25,10 @@ import com.netscape.certsrv.base.IArgBlock;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * CMS extension interface, for creating extensions from http input and 
- * displaying extensions to html forms. 
- *
+ * CMS extension interface, for creating extensions from http input and
+ * displaying extensions to html forms.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICMSExtension {
@@ -42,11 +40,12 @@ public interface ICMSExtension {
      * initialize from configuration file
      */
     public void init(ISubsystem owner, IConfigStore config)
-        throws EBaseException; 
+            throws EBaseException;
 
     /**
-     * Get name of this extension. 
-     * @return the name of this CMS extension, for 
+     * Get name of this extension.
+     * 
+     * @return the name of this CMS extension, for
      */
     public String getName();
 
@@ -54,21 +53,20 @@ public interface ICMSExtension {
      * Get object identifier associated with this extension.
      */
     public ObjectIdentifier getOID();
-	
+
     /**
      * Get an instance of the extension given http input.
+     * 
      * @return an instance of the extension.
      */
-    public Extension getExtension(IArgBlock argblock) 
-        throws EBaseException;
+    public Extension getExtension(IArgBlock argblock) throws EBaseException;
 
     /**
-     * Get Javascript name value pairs to put into the request processing 
+     * Get Javascript name value pairs to put into the request processing
      * template.
-     * @return name value pairs 
+     * 
+     * @return name value pairs
      */
-    public IArgBlock getFormParams(Extension extension)
-        throws EBaseException;
+    public IArgBlock getFormParams(Extension extension) throws EBaseException;
 
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/EJobsException.java b/pki/base/common/src/com/netscape/certsrv/jobs/EJobsException.java
index 154cb4e4a..cc0923ae7 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/EJobsException.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/EJobsException.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.jobs;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a jobs exception.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EJobsException extends EBaseException {
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJob.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJob.java
index 1c3842bf5..3a154541f 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/IJob.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJob.java
@@ -17,72 +17,76 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.jobs;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * An interface to be implemented from for a job to be scheduled by
- * the Jobs Scheduler.
- *
- * @version $Revision$, $Date$ 
+ * An interface to be implemented from for a job to be scheduled by the Jobs
+ * Scheduler.
+ * 
+ * @version $Revision$, $Date$
  */
 public interface IJob {
 
     /**
      * Initialize from the configuration file.
+     * 
      * @param id String name of this instance
      * @param implName string name of this implementation
      * @param config configuration store for this instance
      * @exception EBaseException any initilization failure
      */
     public void init(ISubsystem owner, String id, String implName,
-        IConfigStore config) throws EBaseException;
+            IConfigStore config) throws EBaseException;
 
     /**
      * tells if the job is enabled
-     * @return a boolean value indicating whether the job is enabled
-     * or not
+     * 
+     * @return a boolean value indicating whether the job is enabled or not
      */
     public boolean isEnabled();
 
     /**
      * set instance id.
+     * 
      * @param id String id of the instance
      */
     public void setId(String id);
 
     /**
      * get instance id.
+     * 
      * @return a String identifier
      */
     public String getId();
 
     /**
      * get cron string associated with this job
+     * 
      * @return a JobCron object that represents the schedule of this job
      */
     public IJobCron getJobCron();
 
     /**
-     * Returns a list of configuration parameter names. 
-     * The list is passed to the configuration console so instances of 
-     * this implementation can be configured through the console.
-     *
+     * Returns a list of configuration parameter names. The list is passed to
+     * the configuration console so instances of this implementation can be
+     * configured through the console.
+     * 
      * @return String array of configuration parameter names.
      */
     public String[] getConfigParams();
 
     /**
      * gets the plugin name of this job.
+     * 
      * @return a String that is the name of this implementation
      */
     public String getImplName();
 
     /**
      * Gets the configuration substore used by this job
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
index 1e238f60a..3a8417176 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java
@@ -17,33 +17,26 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.jobs;
 
-
-
-
 /**
  * class representing one Job cron information
- * <p>here, an "item" refers to one of the 5 fields in a cron string;
- * "element" refers to any comma-deliminated element in an
- * "item"...which includes both numbers and '-' separated ranges.
- * A cron string in the configuration takes the following format:
- * <i>minute (0-59),
- * hour (0-23),
- * day of the month (1-31),
- * month of the year (1-12),
- * day of the week (0-6 with 0=Sunday)</i>
  * <p>
- * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5
- * In this example, the job "rnJob1" will be executed from Monday
- * through Friday, at 11:30am and 11:30pm.
+ * here, an "item" refers to one of the 5 fields in a cron string; "element"
+ * refers to any comma-deliminated element in an "item"...which includes both
+ * numbers and '-' separated ranges. A cron string in the configuration takes
+ * the following format: <i>minute (0-59), hour (0-23), day of the month (1-31),
+ * month of the year (1-12), day of the week (0-6 with 0=Sunday)</i>
+ * <p>
+ * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job
+ * "rnJob1" will be executed from Monday through Friday, at 11:30am and 11:30pm.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IJobCron {
     /**
-     * constant that represents the configuration parameter
-     * "cron" for the job that this JobCron is associated with.  The
-     * value of which should conform to the cron format specified above.
+     * constant that represents the configuration parameter "cron" for the job
+     * that this JobCron is associated with. The value of which should conform
+     * to the cron format specified above.
      */
     public static final String PROP_CRON = "cron";
 
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
index fefa8cc95..e437919d7 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java
@@ -17,32 +17,27 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.jobs;
 
-
 import java.util.Hashtable;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * An interface that represents the job scheduler component.  A JobScheduler
- * is a daemon thread that handles scheduled jobs like cron would
- * do with different jobs.  This daemon wakes up at a pre-configured
- * interval to see
- * if there is any job to be done, if so, a thread is created to execute
- * the job(s).
+ * An interface that represents the job scheduler component. A JobScheduler is a
+ * daemon thread that handles scheduled jobs like cron would do with different
+ * jobs. This daemon wakes up at a pre-configured interval to see if there is
+ * any job to be done, if so, a thread is created to execute the job(s).
  * <p>
- * The interval <b>jobsScheduler.interval</b> in the configuration is
- * specified as number of minutes.  If not set, the default is 1 minute.
- * Note that the cron specification for each job CAN NOT be finer than
- * the granularity of the Scheduler daemon interval.  For example, if
- * the daemon interval is set to 5 minute, a job cron for every minute
- * at 7am on each Tuesday (e.g. * 7 * * 2) will result in the
- * execution of the job thread only once every 5 minutes during that
- * hour.  <b>The inteval value is recommended at 1 minute, setting it
- * otherwise has the potential of forever missing the beat</b>. Use
- * with caution.
- *
+ * The interval <b>jobsScheduler.interval</b> in the configuration is specified
+ * as number of minutes. If not set, the default is 1 minute. Note that the cron
+ * specification for each job CAN NOT be finer than the granularity of the
+ * Scheduler daemon interval. For example, if the daemon interval is set to 5
+ * minute, a job cron for every minute at 7am on each Tuesday (e.g. * 7 * * 2)
+ * will result in the execution of the job thread only once every 5 minutes
+ * during that hour. <b>The inteval value is recommended at 1 minute, setting it
+ * otherwise has the potential of forever missing the beat</b>. Use with
+ * caution.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IJobsScheduler extends ISubsystem {
@@ -52,111 +47,113 @@ public interface IJobsScheduler extends ISubsystem {
     public final static String ID = "jobsScheduler";
 
     /**
-     * constant that represents the configuration parameter
-     * "enabled" for this component in CMS.cfg.  The value of which
-     * tells CMS whether the JobsScheduler is enabled or not
+     * constant that represents the configuration parameter "enabled" for this
+     * component in CMS.cfg. The value of which tells CMS whether the
+     * JobsScheduler is enabled or not
      */
     public static final String PROP_ENABLED = "enabled";
 
     /**
-     * constant that represents the configuration parameter
-     * "interval" for this component in CMS.cfg.  The value of which
-     * tells CMS the interval that the JobsScheduler thread should
-     * wake up and look for jobs to execute
+     * constant that represents the configuration parameter "interval" for this
+     * component in CMS.cfg. The value of which tells CMS the interval that the
+     * JobsScheduler thread should wake up and look for jobs to execute
      */
     public static final String PROP_INTERVAL = "interval";
 
     /**
-     * constant that represents the configuration parameter
-     * "class" for this component in CMS.cfg.  The values of which are 
-     * the actual implementation classes
+     * constant that represents the configuration parameter "class" for this
+     * component in CMS.cfg. The values of which are the actual implementation
+     * classes
      */
     public static final String PROP_CLASS = "class";
 
     /**
-     * constant that represents the configuration parameter
-     * "job" for this component in CMS.cfg.  The values of which gives 
-     * configuration information specific to one single job instance.
-     * There may be multiple jobs served by the jobsScheduler
+     * constant that represents the configuration parameter "job" for this
+     * component in CMS.cfg. The values of which gives configuration information
+     * specific to one single job instance. There may be multiple jobs served by
+     * the jobsScheduler
      */
     public static final String PROP_JOB = "job";
 
     /**
-     * constant that represents the configuration parameter
-     * "impl" for this component in CMS.cfg.  The values of which are
-     * actual plugin implementation(s)
+     * constant that represents the configuration parameter "impl" for this
+     * component in CMS.cfg. The values of which are actual plugin
+     * implementation(s)
      */
     public static final String PROP_IMPL = "impl";
 
     /**
-     * constant that represents the configuration parameter
-     * "pluginName" for this component in CMS.cfg.  The value of which 
-     * gives the pluginName for the job it associates with
+     * constant that represents the configuration parameter "pluginName" for
+     * this component in CMS.cfg. The value of which gives the pluginName for
+     * the job it associates with
      */
     public static final String PROP_PLUGIN = "pluginName";
 
     /**
      * Retrieves all the job implementations.
+     * 
      * @return a Hashtable of available job plugin implementations
      */
     public Hashtable getPlugins();
 
     /**
      * Retrieves all the job instances.
+     * 
      * @return a Hashtable of job instances
      */
-    public Hashtable getInstances(); 
+    public Hashtable getInstances();
 
     /**
-     * Retrieves the configuration parameters of the given
-     * implementation.  It is used to return to the Console for
-     * configuration
+     * Retrieves the configuration parameters of the given implementation. It is
+     * used to return to the Console for configuration
+     * 
      * @param implName the pulubin implementation name
-     * @return a String array of required configuration parameters of
-     * the given implementation.
-     * @exception EJobsException when job plugin implementation can
-     * not be found, instantiation is impossible, permission problem
-     * with the class.
+     * @return a String array of required configuration parameters of the given
+     *         implementation.
+     * @exception EJobsException when job plugin implementation can not be
+     *                found, instantiation is impossible, permission problem
+     *                with the class.
      */
-    public String[] getConfigParams(String implName) 
-        throws EJobsException;
+    public String[] getConfigParams(String implName) throws EJobsException;
 
     /**
      * Writes a message to the system log.
-     * @param level an integer representing the log message level.
-     * Depending on the configuration set by the administrator, this
-     * value is a determining factor for whether this message will be
-     * actually logged or not.  The lower the level, the higher the
-     * priority, and the higher chance it will be logged.
-     * @param msg the message to be written.  Ideally should call
-     * CMS.getLogMessage() to get the localizable message 
-     * from the log properties file.
+     * 
+     * @param level an integer representing the log message level. Depending on
+     *            the configuration set by the administrator, this value is a
+     *            determining factor for whether this message will be actually
+     *            logged or not. The lower the level, the higher the priority,
+     *            and the higher chance it will be logged.
+     * @param msg the message to be written. Ideally should call
+     *            CMS.getLogMessage() to get the localizable message from the
+     *            log properties file.
      */
-    public void log(int level, String msg); 
+    public void log(int level, String msg);
 
     /**
      * Sets daemon's wakeup interval.
+     * 
      * @param minutes time in minutes that is to be the frequency of
-     * JobsScheduler wakeup call.
+     *            JobsScheduler wakeup call.
      */
-    public void setInterval(int minutes); 
+    public void setInterval(int minutes);
 
     /**
-     * Starts up the JobsScheduler daemon.  Usually called from the
+     * Starts up the JobsScheduler daemon. Usually called from the
      * initialization method when it's successfully initialized.
      */
     public void startDaemon();
 
     /**
-     * Creates a job cron.  Each job is associated with a "cron" which 
-     * specifies the rule of frequency that this job should be
-     * executed (e.g. every Sunday at midnight).  This method is
-     * called by each job at initialization time.
-     * @param cs the string that represents the cron.  See IJobCron
-     * for detail of the format.
+     * Creates a job cron. Each job is associated with a "cron" which specifies
+     * the rule of frequency that this job should be executed (e.g. every Sunday
+     * at midnight). This method is called by each job at initialization time.
+     * 
+     * @param cs the string that represents the cron. See IJobCron for detail of
+     *            the format.
      * @return IJobCron an IJobCron
-     * @exception EBaseException when the cron string, cs, can not be
-     * parsed correctly
+     * @exception EBaseException when the cron string, cs, can not be parsed
+     *                correctly
      */
     public IJobCron createJobCron(String cs) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java b/pki/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java
index 33b7e7f2a..95eae095f 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/JobPlugin.java
@@ -17,15 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.jobs;
 
-
-
-
 /**
- * This class represents a job plugin registered with the
- * JobScheduler.  A Job plugin can be instantiated into a Job instance 
- * and scheduled by the JobScheduler to run at a scheduled interval
+ * This class represents a job plugin registered with the JobScheduler. A Job
+ * plugin can be instantiated into a Job instance and scheduled by the
+ * JobScheduler to run at a scheduled interval
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class JobPlugin {
@@ -34,18 +31,19 @@ public class JobPlugin {
      */
     protected String mId = null;
     /**
-     * The Java class name of this job plugin.
-     * e.g. com.netscape.cms.RenewalNotificationJob
+     * The Java class name of this job plugin. e.g.
+     * com.netscape.cms.RenewalNotificationJob
      */
     protected String mClassPath = null;
 
     /*
      * Seems to be unused, should be removed
      */
-    //    protected Class mClass = null;
+    // protected Class mClass = null;
 
     /**
      * Constructor for a Job plugin.
+     * 
      * @param id job plugin name
      * @param classPath the Java class name of this job plugin
      */
@@ -56,6 +54,7 @@ public class JobPlugin {
 
     /**
      * get the job plugin name
+     * 
      * @return the name of this job plugin
      */
     public String getId() {
@@ -64,6 +63,7 @@ public class JobPlugin {
 
     /**
      * get the Java class name
+     * 
      * @return the Java class name of this plugin
      */
     public String getClassPath() {
diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/JobsResources.java b/pki/base/common/src/com/netscape/certsrv/jobs/JobsResources.java
index 9bc828262..ef3ec9532 100644
--- a/pki/base/common/src/com/netscape/certsrv/jobs/JobsResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/jobs/JobsResources.java
@@ -17,14 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.jobs;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
- * A class represents a resource bundle for the 
- * Jobs package
- *
+ * A class represents a resource bundle for the Jobs package
+ * 
  * @version $Revision$, $Date$
  */
 public class JobsResources extends ListResourceBundle {
@@ -37,8 +34,7 @@ public class JobsResources extends ListResourceBundle {
     }
 
     /**
-     * Constants. The suffix represents the number of
-     * possible parameters.
+     * Constants. The suffix represents the number of possible parameters.
      */
 
     static final Object[][] contents = {};
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java b/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java
index 9ab4a238c..869c8c607 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/EKRAException.java
@@ -17,16 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.kra;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * A class represents a KRA exception. This is the base
- * exception for all the KRA specific exceptions. It is
- * associated with <CODE>KRAResources</CODE>.
+ * A class represents a KRA exception. This is the base exception for all the
+ * KRA specific exceptions. It is associated with <CODE>KRAResources</CODE>.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EKRAException extends EBaseException {
@@ -39,11 +36,12 @@ public class EKRAException extends EBaseException {
      * KRA resource class name.
      * <P>
      */
-    private static final String KRA_RESOURCES = KRAResources.class.getName();		
+    private static final String KRA_RESOURCES = KRAResources.class.getName();
 
     /**
      * Constructs a KRA exception.
      * <P>
+     * 
      * @param msgFormat constant from KRAResources.
      */
     public EKRAException(String msgFormat) {
@@ -53,6 +51,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * <P>
+     * 
      * @param msgFormat constant from KRAResources.
      * @param param additional parameters to the message.
      */
@@ -63,6 +62,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * <P>
+     * 
      * @param msgFormat constant from KRAResources.
      * @param e embedded exception.
      */
@@ -73,6 +73,7 @@ public class EKRAException extends EBaseException {
     /**
      * Constructs a KRA exception.
      * <P>
+     * 
      * @param msgFormat constant from KRAResources.
      * @param params additional parameters to the message.
      */
@@ -83,6 +84,7 @@ public class EKRAException extends EBaseException {
     /**
      * Returns the bundle file name.
      * <P>
+     * 
      * @return name of bundle class associated with this exception.
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java b/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java
index e130b95c2..35366c395 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/IJoinShares.java
@@ -18,16 +18,19 @@
 package com.netscape.certsrv.kra;
 
 /**
- * Use Java's reflection API to leverage CMS's
- * old Share and JoinShares implementations.
- *
+ * Use Java's reflection API to leverage CMS's old Share and JoinShares
+ * implementations.
+ * 
  * @deprecated
  * @version $Revision$ $Date$
  */
 public interface IJoinShares {
 
     public void initialize(int threshold) throws Exception;
+
     public void addShare(int shareNum, byte[] share);
+
     public int getShareCount();
+
     public byte[] recoverSecret();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java
index b268073e0..257232a47 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyRecoveryAuthority.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.kra;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 import java.util.Vector;
@@ -38,13 +37,11 @@ import com.netscape.certsrv.security.Credential;
 import com.netscape.certsrv.security.IStorageKeyUnit;
 import com.netscape.certsrv.security.ITransportKeyUnit;
 
-
 /**
- * An interface represents key recovery authority. The
- * key recovery authority is responsibile for archiving
- * and recovering user encryption private keys.
+ * An interface represents key recovery authority. The key recovery authority is
+ * responsibile for archiving and recovering user encryption private keys.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IKeyRecoveryAuthority extends ISubsystem {
@@ -71,7 +68,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Returns the name of this subsystem.
      * <P>
-     *
+     * 
      * @return KRA name
      */
     public X500Name getX500Name();
@@ -79,30 +76,28 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
     /**
      * Retrieves KRA request repository.
      * <P>
-     *
+     * 
      * @return request repository
      */
     public IRequestQueue getRequestQueue();
 
     /**
-     * Retrieves the key repository. The key repository 
-     * stores archived keys.
+     * Retrieves the key repository. The key repository stores archived keys.
      * <P>
      */
     public IKeyRepository getKeyRepository();
 
     /**
      * Retrieves the Replica ID repository.
-     *
+     * 
      * @return KRA's Replica ID repository
      */
     public IReplicaIDRepository getReplicaRepository();
 
     /**
-     * Enables the auto recovery state. Once KRA is in the auto 
-     * recovery state, no recovery agents need to be present for
-     * providing credentials. This feature is for enabling
-     * user-based recovery operation.
+     * Enables the auto recovery state. Once KRA is in the auto recovery state,
+     * no recovery agents need to be present for providing credentials. This
+     * feature is for enabling user-based recovery operation.
      * <p>
      * 
      * @param cs list of agent credentials
@@ -113,17 +108,16 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Returns the current auto recovery state.
-     *
+     * 
      * @return true if auto recvoery state is on
      */
     public boolean getAutoRecoveryState();
 
     /**
-     * Adds credentials to the given authorizated recovery operation.
-     * In distributed recovery mode, recovery agent login to the
-     * agent interface and submit its credential for a particular
-     * recovery operation.
-     *
+     * Adds credentials to the given authorizated recovery operation. In
+     * distributed recovery mode, recovery agent login to the agent interface
+     * and submit its credential for a particular recovery operation.
+     * 
      * @param id authorization identifier
      * @param creds list of credentials
      */
@@ -131,131 +125,129 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Removes a particular auto recovery operation.
-     *
+     * 
      * @param id authorization identifier
      */
     public void removeAutoRecovery(String id);
 
     /**
-     * Returns the number of required agents. In M-out-of-N
-     * recovery schema, only M agents are required even there
-     * are N agents. This method returns M.
-     *
+     * Returns the number of required agents. In M-out-of-N recovery schema,
+     * only M agents are required even there are N agents. This method returns
+     * M.
+     * 
      * @return number of required agents
      */
     public int getNoOfRequiredAgents() throws EBaseException;
 
     /**
      * Sets the number of required recovery agents
-     *
+     * 
      * @param number number of agents
      */
     public void setNoOfRequiredAgents(int number) throws EBaseException;
 
     /**
      * Returns the current recovery identifier.
-     *
+     * 
      * @return recovery identifier
      */
     public String getRecoveryID();
 
     /**
      * Returns a list of recovery identifiers.
-     *
+     * 
      * @return list of auto recovery identifiers
      */
     public Enumeration getAutoRecoveryIDs();
 
     /**
-     * Returns the storage key unit that manages the
-     * stoarge key.
-     *
+     * Returns the storage key unit that manages the stoarge key.
+     * 
      * @return storage key unit
      */
     public IStorageKeyUnit getStorageKeyUnit();
 
     /**
-     * Returns the transport key unit that manages the
-     * transport key.
-     *
+     * Returns the transport key unit that manages the transport key.
+     * 
      * @return transport key unit
      */
     public ITransportKeyUnit getTransportKeyUnit();
 
     /**
-     * Returns the token that generates user key pairs for supporting server-side keygen
-     *
+     * Returns the token that generates user key pairs for supporting
+     * server-side keygen
+     * 
      * @return keygen token
      */
     public CryptoToken getKeygenToken();
 
     /**
      * Adds entropy to the token used for supporting server-side keygen
-	 * Parameters are set in the config file
-     * @param logflag create log messages at info level to report entropy shortage
+     * Parameters are set in the config file
+     * 
+     * @param logflag create log messages at info level to report entropy
+     *            shortage
      */
-	public void addEntropy(boolean logflag);
-
+    public void addEntropy(boolean logflag);
 
     /**
-     * Returns the request listener that listens on
-     * the request completion event.
-     *
+     * Returns the request listener that listens on the request completion
+     * event.
+     * 
      * @return request listener
      */
     public IRequestListener getRequestInQListener();
 
     /**
-     * Returns policy processor of the key recovery
-     * authority.
-     *
+     * Returns policy processor of the key recovery authority.
+     * 
      * @return policy processor
      */
     public IPolicyProcessor getPolicyProcessor();
 
     /**
      * Returns the nickname of the transport certificate.
-     *
+     * 
      * @return transport certificate nickname.
      */
     public String getNickname();
 
     /**
      * Sets the nickname of the transport certificate.
-     *
+     * 
      * @param str nickname
      */
     public void setNickname(String str);
 
     /**
      * Returns the new nickname of the transport certifiate.
-     *
+     * 
      * @return new nickname
      */
     public String getNewNickName() throws EBaseException;
 
     /**
      * Sets the new nickname of the transport certifiate.
-     *
+     * 
      * @param name new nickname
      */
     public void setNewNickName(String name);
 
     /**
      * Logs event into key recovery authority logging.
-     *
+     * 
      * @param level log level
      * @param msg log message
      */
     public void log(int level, String msg);
 
     /**
-     * Creates a request object to store attributes that
-     * will not be serialized. Currently, request queue
-     * framework will try to serialize all the attribute into
-     * persistent storage. Things like passwords are not
+     * Creates a request object to store attributes that will not be serialized.
+     * Currently, request queue framework will try to serialize all the
+     * attribute into persistent storage. Things like passwords are not
      * desirable to be stored.
-     *
+     * 
      * @param id request id
      * @return volatile requests
      */
@@ -263,7 +255,7 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Retrieves the request object.
-     *
+     * 
      * @param id request id
      * @return volatile requests
      */
@@ -271,32 +263,30 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
 
     /**
      * Destroys the request object.
-     *
+     * 
      * @param id request id
      */
     public void destroyVolatileRequest(RequestId id);
 
-    public Vector getAppAgents(
-        String recoveryID) throws EBaseException;
+    public Vector getAppAgents(String recoveryID) throws EBaseException;
 
     /**
      * Creates error for a specific recovery operation.
-     *
+     * 
      * @param recoveryID recovery id
      * @param error error
      * @exception EBaseException failed to create error
      */
     public void createError(String recoveryID, String error)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves error by recovery identifier.
-     *
+     * 
      * @param recoveryID recovery id
      * @return error message
      */
-    public String getError(String recoveryID)
-        throws EBaseException;
+    public String getError(String recoveryID) throws EBaseException;
 
     /**
      * Retrieves PKCS12 package by recovery identifier.
@@ -304,17 +294,16 @@ public interface IKeyRecoveryAuthority extends ISubsystem {
      * @param recoveryID recovery id
      * @return pkcs12 package in bytes
      */
-    public byte[] getPk12(String recoveryID)
-        throws EBaseException;
+    public byte[] getPk12(String recoveryID) throws EBaseException;
 
     /**
      * Creates PKCS12 package in memory.
-     *
+     * 
      * @param recoveryID recovery id
      * @param pk12 package in bytes
-     */ 
+     */
     public void createPk12(String recoveryID, byte[] pk12)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves the transport certificate.
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java
index 5785aeb06..0e348a572 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.kra;
 
-
 import java.math.BigInteger;
 import java.util.Hashtable;
 
@@ -26,63 +25,65 @@ import netscape.security.x509.X509CertImpl;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.security.Credential;
 
-
 /**
  * An interface representing a recovery service.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IKeyService {
 
     /**
-     * Retrieves number of agent required to perform
-     * key recovery operation.
+     * Retrieves number of agent required to perform key recovery operation.
      * 
      * @return number of required recovery agents
      * @exception EBaseException failed to retrieve value
      */
     public int getNoOfRequiredAgents() throws EBaseException;
 
-   /**
-    * is async recovery request status APPROVED -
-    *   i.e. all required # of recovery agents approved
-    * @param reqID request id
-    * @return true if  # of recovery required agents approved; false otherwise
-    */
+    /**
+     * is async recovery request status APPROVED - i.e. all required # of
+     * recovery agents approved
+     * 
+     * @param reqID request id
+     * @return true if # of recovery required agents approved; false otherwise
+     */
     public boolean isApprovedAsyncKeyRecovery(String reqID)
-        throws EBaseException;
+            throws EBaseException;
 
-   /**
-    * get async recovery request initiating agent
-    * @param reqID request id
-    * @return agentUID
-    */
+    /**
+     * get async recovery request initiating agent
+     * 
+     * @param reqID request id
+     * @return agentUID
+     */
     public String getInitAgentAsyncKeyRecovery(String reqID)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Initiate asynchronous key recovery
+     * 
      * @param kid key identifier
      * @param cert certificate embedded in PKCS12
      * @return requestId
      * @exception EBaseException failed to initiate async recovery
      */
-    public String initAsyncKeyRecovery(BigInteger kid, X509CertImpl cert, String agent)
-         throws EBaseException;
+    public String initAsyncKeyRecovery(BigInteger kid, X509CertImpl cert,
+            String agent) throws EBaseException;
 
     /**
      * add approving agent in asynchronous key recovery
+     * 
      * @param reqID request id
      * @param agentID agent id
      * @exception EBaseException failed to initiate async recovery
      */
     public void addAgentAsyncKeyRecovery(String reqID, String agentID)
-         throws EBaseException;
+            throws EBaseException;
 
     /**
      * Performs administrator-initiated key recovery.
-     *
+     * 
      * @param kid key identifier
      * @param creds list of credentials (id and password)
      * @param pwd password to protect PKCS12
@@ -91,88 +92,84 @@ public interface IKeyService {
      * @return pkcs12
      * @exception EBaseException failed to perform recovery
      */
-    public byte[] doKeyRecovery(BigInteger kid,
-        Credential creds[], String pwd, X509CertImpl cert,
-        String delivery, String nickname, String agent) throws EBaseException;
+    public byte[] doKeyRecovery(BigInteger kid, Credential creds[], String pwd,
+            X509CertImpl cert, String delivery, String nickname, String agent)
+            throws EBaseException;
 
-     /**
-     * Async Recovers key for administrators. This method is
-     * invoked by the agent operation of the key recovery servlet.
+    /**
+     * Async Recovers key for administrators. This method is invoked by the
+     * agent operation of the key recovery servlet.
      * <P>
-     *
+     * 
      * <ul>
      * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever
      * a user private key recovery request is made (this is when the DRM
      * receives the request)
-     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever
-     * a user private key recovery request is processed (this is when the DRM
-     * processes the request)
+     * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used
+     * whenever a user private key recovery request is processed (this is when
+     * the DRM processes the request)
      * </ul>
-     * @param reqID  request id
-     * @param password password of the PKCS12 package
-     * subsystem
+     * 
+     * @param reqID request id
+     * @param password password of the PKCS12 package subsystem
      * @exception EBaseException failed to recover key
      * @return a byte array containing the key
      */
-    public byte[] doKeyRecovery(
-        String reqID,
-        String password)
-        throws EBaseException;
+    public byte[] doKeyRecovery(String reqID, String password)
+            throws EBaseException;
 
     /**
      * Retrieves recovery identifier.
-     *
+     * 
      * @return recovery id
      */
     public String getRecoveryID();
 
     /**
      * Creates recovery parameters for the given recovery operation.
-     *
+     * 
      * @param recoveryID recovery id
      * @return recovery parameters
      * @exception EBaseException failed to create
      */
-    public Hashtable createRecoveryParams(String recoveryID) 
-        throws EBaseException;
+    public Hashtable createRecoveryParams(String recoveryID)
+            throws EBaseException;
 
     /**
      * Destroys recovery parameters for the given recovery operation.
-     *
+     * 
      * @param recoveryID recovery id
      * @exception EBaseException failed to destroy
      */
-    public void destroyRecoveryParams(String recoveryID) 
-        throws EBaseException;
+    public void destroyRecoveryParams(String recoveryID) throws EBaseException;
 
     /**
      * Retrieves recovery parameters for the given recovery operation.
-     *
+     * 
      * @param recoveryID recovery id
      * @return recovery parameters
      * @exception EBaseException failed to retrieve
      */
-    public Hashtable getRecoveryParams(String recoveryID) 
-        throws EBaseException;
+    public Hashtable getRecoveryParams(String recoveryID) throws EBaseException;
 
     /**
      * Adds password in the distributed recovery operation.
-     *
+     * 
      * @param recoveryID recovery id
      * @param uid agent uid
      * @param pwd agent password
      * @exception EBaseException failed to add
      */
-    public void addDistributedCredential(String recoveryID, 
-        String uid, String pwd) throws EBaseException;
+    public void addDistributedCredential(String recoveryID, String uid,
+            String pwd) throws EBaseException;
 
     /**
      * Retrieves credentials in the distributed recovery operation.
-     *
+     * 
      * @param recoveryID recovery id
      * @return agent's credentials
      * @exception EBaseException failed to retrieve
      */
-    public Credential[] getDistributedCredentials(String recoveryID) 
-        throws EBaseException;
+    public Credential[] getDistributedCredentials(String recoveryID)
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java b/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java
index 1b484b666..20ac336e5 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/IProofOfArchival.java
@@ -17,15 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.kra;
 
-
 import java.math.BigInteger;
 import java.util.Date;
 
-
 /**
  * An interface represents a proof of archival.
  * <P>
  * Here is the ASN1 definition of a proof of escrow:
+ * 
  * <PRE>
  * ProofOfArchival ::= SIGNED {
  *   SEQUENCE {
@@ -46,35 +45,35 @@ public interface IProofOfArchival {
 
     /**
      * Retrieves version of this proof.
-     *
+     * 
      * @return version
      */
     public BigInteger getVersion();
 
     /**
      * Retrieves the serial number.
-     *
+     * 
      * @return serial number
      */
     public BigInteger getSerialNumber();
 
     /**
      * Retrieves the subject name.
-     *
+     * 
      * @return subject name
      */
     public String getSubjectName();
 
     /**
      * Retrieves the issuer name.
-     *
+     * 
      * @return issuer name
      */
     public String getIssuerName();
 
     /**
      * Returns the beginning of the escrowed perioid.
-     *
+     * 
      * @return date of archival
      */
     public Date getDateOfArchival();
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IShare.java b/pki/base/common/src/com/netscape/certsrv/kra/IShare.java
index c4d58f0a0..92eaf3195 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/IShare.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/IShare.java
@@ -18,15 +18,16 @@
 package com.netscape.certsrv.kra;
 
 /**
- * Use Java's reflection API to leverage CMS's
- * old Share and JoinShares implementations.
- *
+ * Use Java's reflection API to leverage CMS's old Share and JoinShares
+ * implementations.
+ * 
  * @deprecated
  * @version $Revision$ $Date$
  */
 public interface IShare {
 
     public void initialize(byte[] secret, int threshold) throws Exception;
+
     public byte[] createShare(int sharenumber);
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java b/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java
index 40e0ee171..0a0da2aa5 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/KRAResources.java
@@ -17,10 +17,8 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.kra;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A class represents a resource bundle for KRA subsystem.
  * <P>
@@ -36,6 +34,5 @@ public class KRAResources extends ListResourceBundle {
         return contents;
     }
 
-    static final Object[][] contents = {
-        };
+    static final Object[][] contents = {};
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java b/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java
index a2742809e..d922498ec 100644
--- a/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java
+++ b/pki/base/common/src/com/netscape/certsrv/kra/ProofOfArchival.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.kra;
 
-
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Serializable;
@@ -42,17 +41,15 @@ import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.IDBObj;
 
-
 /**
- * A class represents a proof of escrow. It indicates a key
- * pairs have been escrowed by appropriate authority. The 
- * structure of this object is very similar (if not exact) to 
- * X.509 certificate. A proof of escrow is signed by an escrow 
- * authority. It is possible to have a CMS policy to reject
- * the certificate issuance request if proof of escrow is not
- * presented.
+ * A class represents a proof of escrow. It indicates a key pairs have been
+ * escrowed by appropriate authority. The structure of this object is very
+ * similar (if not exact) to X.509 certificate. A proof of escrow is signed by
+ * an escrow authority. It is possible to have a CMS policy to reject the
+ * certificate issuance request if proof of escrow is not presented.
  * <P>
  * Here is the ASN1 definition of a proof of escrow:
+ * 
  * <PRE>
  * ProofOfEscrow ::= SIGNED {
  *   SEQUENCE {
@@ -106,13 +103,14 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Constructs a proof of escrow.
      * <P>
+     * 
      * @param serialNo serial number of proof
      * @param subject subject name
      * @param issuer issuer name
      * @param dateOfArchival date of archival
      */
-    public ProofOfArchival(BigInteger serialNo, String subject,
-        String issuer, Date dateOfArchival) {
+    public ProofOfArchival(BigInteger serialNo, String subject, String issuer,
+            Date dateOfArchival) {
         mVersion = DEFAULT_VERSION;
         mSerialNo = serialNo;
         mSubject = subject;
@@ -123,6 +121,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Constructs proof of escrow from input stream.
      * <P>
+     * 
      * @param in encoding source
      * @exception EBaseException failed to decode
      */
@@ -133,6 +132,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Sets an attribute value.
      * <P>
+     * 
      * @param name attribute name
      * @param obj attribute value
      * @exception EBaseException failed to set attribute
@@ -149,14 +149,15 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
         } else if (name.equals(ATTR_DATE_OF_ARCHIVAL)) {
             mDateOfArchival = (Date) obj;
         } else {
-            throw new EBaseException(
-                    CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name));
+            throw new EBaseException(CMS.getUserMessage(
+                    "CMS_BASE_INVALID_ATTRIBUTE", name));
         }
     }
 
     /**
      * Retrieves the value of an named attribute.
      * <P>
+     * 
      * @param name attribute name
      * @return attribute value
      * @exception EBaseException failed to get attribute
@@ -173,26 +174,27 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
         } else if (name.equals(ATTR_DATE_OF_ARCHIVAL)) {
             return mDateOfArchival;
         } else {
-            throw new EBaseException(
-                    CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name));
+            throw new EBaseException(CMS.getUserMessage(
+                    "CMS_BASE_INVALID_ATTRIBUTE", name));
         }
     }
-	
+
     /**
      * Deletes an attribute.
      * <P>
+     * 
      * @param name attribute name
      * @exception EBaseException failed to get attribute
      */
     public void delete(String name) throws EBaseException {
-        throw new EBaseException(
-                CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name));
+        throw new EBaseException(CMS.getUserMessage(
+                "CMS_BASE_INVALID_ATTRIBUTE", name));
     }
-	
+
     /**
      * Retrieves a list of possible attribute names.
      * <P>
-     *
+     * 
      * @return a list of names
      */
     public Enumeration getElements() {
@@ -207,11 +209,12 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     public Enumeration getSerializableAttrNames() {
         return mNames.elements();
     }
-	
+
     /**
      * Retrieves version of this proof.
      * <P>
-     * @return version 
+     * 
+     * @return version
      */
     public BigInteger getVersion() {
         return mVersion;
@@ -220,7 +223,8 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the serial number.
      * <P>
-     * @return serial number 
+     * 
+     * @return serial number
      */
     public BigInteger getSerialNumber() {
         return mSerialNo;
@@ -229,6 +233,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the subject name.
      * <P>
+     * 
      * @return subject name
      */
     public String getSubjectName() {
@@ -238,6 +243,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Retrieves the issuer name.
      * <P>
+     * 
      * @return issuer name
      */
     public String getIssuerName() {
@@ -247,6 +253,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     /**
      * Returns the beginning of the escrowed perioid.
      * <P>
+     * 
      * @return date of archival
      */
     public Date getDateOfArchival() {
@@ -254,8 +261,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
     }
 
     /**
-     * Encodes this proof of escrow into the given 
-     * output stream.
+     * Encodes this proof of escrow into the given output stream.
      * <P>
      */
     public void encode(DerOutputStream out) throws EBaseException {
@@ -267,11 +273,10 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
                 DerOutputStream version = new DerOutputStream();
 
                 version.putInteger(new BigInt(mVersion));
-                seq.write(DerValue.createTag(
-                        DerValue.TAG_CONTEXT, true, (byte) 0), 
-                    version);
+                seq.write(DerValue.createTag(DerValue.TAG_CONTEXT, true,
+                        (byte) 0), version);
             }
-	
+
             // serial number
             DerOutputStream serialno = new DerOutputStream();
 
@@ -289,10 +294,11 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
 
             // issue date
             seq.putUTCTime(mDateOfArchival);
-            out.write(DerValue.tag_Sequence, seq);	
+            out.write(DerValue.tag_Sequence, seq);
 
         } catch (IOException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_DECODE_FAILED", e.toString()));
         }
     }
 
@@ -300,9 +306,8 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
      * Encodes and signs this proof of escrow.
      * <P>
      */
-    public void encodeAndSign(PrivateKey key, String algorithm, 
-        String provider, DerOutputStream out) 
-        throws EBaseException {
+    public void encodeAndSign(PrivateKey key, String algorithm,
+            String provider, DerOutputStream out) throws EBaseException {
 
         try {
             Signature sigEngine = null;
@@ -310,8 +315,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
             if (provider == null) {
                 sigEngine = Signature.getInstance(algorithm);
             } else {
-                sigEngine = Signature.getInstance(algorithm, 
-                            provider);
+                sigEngine = Signature.getInstance(algorithm, provider);
             }
 
             sigEngine.initSign(key);
@@ -319,8 +323,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
 
             encode(tmp);
 
-            AlgorithmId sigAlgId = AlgorithmId.get(
-                    sigEngine.getAlgorithm());
+            AlgorithmId sigAlgId = AlgorithmId.get(sigEngine.getAlgorithm());
 
             sigAlgId.encode(tmp);
             byte dataToSign[] = tmp.toByteArray();
@@ -332,15 +335,20 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
             out.write(DerValue.tag_Sequence, tmp);
             return;
         } catch (NoSuchAlgorithmException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
         } catch (NoSuchProviderException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
         } catch (InvalidKeyException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
         } catch (SignatureException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
         } catch (IOException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_ENCODE_FAILED_1", e.toString()));
         }
     }
 
@@ -357,7 +365,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
 
             DerValue val = new DerValue(in);
 
-            DerValue seq[] = new DerValue[3]; 
+            DerValue seq[] = new DerValue[3];
 
             seq[0] = val.data.getDerValue();
             if (seq[0].tag == DerValue.tag_Sequence) {
@@ -365,13 +373,15 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
                 seq[1] = val.data.getDerValue();
                 seq[2] = val.data.getDerValue();
                 if (seq[1].data.available() != 0) {
-                    throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", 
-                                "no algorithm found"));
+                    throw new EKRAException(
+                            CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1",
+                                    "no algorithm found"));
                 }
 
                 if (seq[2].data.available() != 0) {
-                    throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", 
-                                "no signature found"));
+                    throw new EKRAException(
+                            CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1",
+                                    "no signature found"));
                 }
 
                 AlgorithmId algid = AlgorithmId.parse(seq[1]);
@@ -383,7 +393,8 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
                 decodePOA(val, seq[0]);
             }
         } catch (IOException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_DECODE_FAILED_1", e.toString()));
         }
     }
 
@@ -391,15 +402,16 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
      * Decodes proof of escrow.
      * <P>
      */
-    private void decodePOA(DerValue val, DerValue preprocessed) 
-        throws EBaseException {
+    private void decodePOA(DerValue val, DerValue preprocessed)
+            throws EBaseException {
         try {
             DerValue tmp = null;
 
             if (preprocessed == null) {
                 if (val.tag != DerValue.tag_Sequence) {
-                    throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", 
-                                "not start with sequence"));
+                    throw new EKRAException(CMS.getUserMessage(
+                            "CMS_KRA_POA_DECODE_FAILED_1",
+                            "not start with sequence"));
                 }
                 tmp = val.data.getDerValue();
             } else {
@@ -429,7 +441,7 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
 
             // mSubject = new X500Name(subject); // doesnt work
             mSubject = new String(subject.toByteArray());
-		
+
             // issuer
             DerValue issuer = val.data.getDerValue();
 
@@ -438,20 +450,19 @@ public class ProofOfArchival implements IDBObj, IProofOfArchival, Serializable {
             // date of archival
             mDateOfArchival = val.data.getUTCTime();
         } catch (IOException e) {
-            throw new EKRAException(CMS.getUserMessage("CMS_KRA_POA_DECODE_FAILED_1", e.toString()));
+            throw new EKRAException(CMS.getUserMessage(
+                    "CMS_KRA_POA_DECODE_FAILED_1", e.toString()));
         }
     }
 
     /**
-     * Retrieves the string reprensetation of this 
-     * proof of archival.
+     * Retrieves the string reprensetation of this proof of archival.
      */
     public String toString() {
-        return "Version: " + mVersion.toString() + "\n" +
-            "SerialNo: " + mSerialNo.toString() + "\n" +
-            "Subject: " + mSubject + "\n" +
-            "Issuer: " + mIssuer + "\n" +
-            "DateOfArchival: " + mDateOfArchival.toString();
+        return "Version: " + mVersion.toString() + "\n" + "SerialNo: "
+                + mSerialNo.toString() + "\n" + "Subject: " + mSubject + "\n"
+                + "Issuer: " + mIssuer + "\n" + "DateOfArchival: "
+                + mDateOfArchival.toString();
     }
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ELdapException.java b/pki/base/common/src/com/netscape/certsrv/ldap/ELdapException.java
index ab2d361ba..0e0813ace 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ELdapException.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ELdapException.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * A class that represents a Ldap exception. Various
- * errors can occur when interacting with a Ldap directory server.
+ * A class that represents a Ldap exception. Various errors can occur when
+ * interacting with a Ldap directory server.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ELdapException extends EBaseException {
@@ -37,23 +35,25 @@ public class ELdapException extends EBaseException {
     /**
      * Ldap resource class name.
      */
-    private static final String LDAP_RESOURCES = LdapResources.class.getName();		
+    private static final String LDAP_RESOURCES = LdapResources.class.getName();
 
     /**
-     * Constructs a Ldap  exception.
+     * Constructs a Ldap exception.
+     * 
      * @param msgFormat Resource Key, if key not present, serves as the message.
-     * <P>
+     *            <P>
      */
     public ELdapException(String msgFormat) {
         super(msgFormat);
     }
 
     /**
-     * Constructs a Ldap  exception.
+     * Constructs a Ldap exception.
+     * 
      * @param msgFormat Resource Key, if key not present, serves as the message.
-     * Include a message string parameter for variable content.
+     *            Include a message string parameter for variable content.
      * @param param Message string parameter.
-     * <P>
+     *            <P>
      */
     public ELdapException(String msgFormat, String param) {
         super(msgFormat, param);
@@ -61,19 +61,21 @@ public class ELdapException extends EBaseException {
 
     /**
      * Constructs a Ldap exception.
+     * 
      * @param msgFormat Resource Key, if key not present, serves as the message.
-     * @param e  Common exception.
-     * <P>
+     * @param e Common exception.
+     *            <P>
      */
     public ELdapException(String msgFormat, Exception e) {
         super(msgFormat, e);
     }
 
     /**
-     * Constructs a Ldap  exception.
+     * Constructs a Ldap exception.
+     * 
      * @param msgFormat Resource Key, if key not present, serves as the message.
      * @param params Array of Message string parameters.
-     * <P>
+     *            <P>
      */
     public ELdapException(String msgFormat, Object params[]) {
         super(msgFormat, params);
@@ -81,8 +83,9 @@ public class ELdapException extends EBaseException {
 
     /**
      * Gets the resource bundle name
+     * 
      * @return Name of the Ldap Exception resource bundle name.
-     * <p>
+     *         <p>
      */
     protected String getBundleName() {
         return LDAP_RESOURCES;
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java b/pki/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java
index ead1a0201..f347b1714 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 /**
  * This represents exception which indicates Ldap server is down.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ELdapServerDownException extends ELdapException {
@@ -32,6 +31,7 @@ public class ELdapServerDownException extends ELdapException {
 
     /**
      * Constructs a ldap server down exception with host & port info.
+     * 
      * @param errorString Detailed error message.
      */
     public ELdapServerDownException(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java
index 46082c73a..b62cf20b8 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java
@@ -17,11 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 
-
 /**
  * Class for obtaining ldap authentication info from the configuration store.
  * Two types of authentication is basic and SSL client authentication.
@@ -39,28 +37,30 @@ public interface ILdapAuthInfo {
     static public final String LDAP_BASICAUTH_STR = "BasicAuth";
     static public final String LDAP_SSLCLIENTAUTH_STR = "SslClientAuth";
 
-    static public final int LDAP_AUTHTYPE_NONE = 0;  // illegal
+    static public final int LDAP_AUTHTYPE_NONE = 0; // illegal
     static public final int LDAP_AUTHTYPE_BASICAUTH = 1;
     static public final int LDAP_AUTHTYPE_SSLCLIENTAUTH = 2;
 
     /**
      * Initialize this class from the config store.
+     * 
      * @param config The config store from which to initialize.
      * @exception EBaseException Due to failure of the initialization process.
-     *
+     * 
      */
     public void init(IConfigStore config) throws EBaseException;
 
     /**
-     * Initialize this class from the config store. 
-     * Based on host, port, and secure boolean info.
-     * which allows an actual attempt on the server to verify credentials.
+     * Initialize this class from the config store. Based on host, port, and
+     * secure boolean info. which allows an actual attempt on the server to
+     * verify credentials.
+     * 
      * @param config The config store from which to initialize.
      * @exception EBaseException Due to failure of the initialization process.
-     *
+     * 
      */
     public void init(IConfigStore config, String host, int port, boolean secure)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Reset the connection to the host
@@ -68,28 +68,33 @@ public interface ILdapAuthInfo {
     public void reset();
 
     /**
-     * Get authentication type. 
+     * Get authentication type.
+     * 
      * @return one of: <br>
-     *		LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or 
-     *		LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH
+     *         LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or
+     *         LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH
      */
     public int getAuthType();
 
     /**
      * Get params for authentication.
-     * @return array of parameters for this authentication as an array of Strings.
+     * 
+     * @return array of parameters for this authentication as an array of
+     *         Strings.
      */
     public String[] getParms();
 
     /**
      * Add password to private password data structure.
+     * 
      * @param prompt Password prompt.
-     * @param pw     Password itself.
+     * @param pw Password itself.
      */
     public void addPassword(String prompt, String pw);
 
     /**
      * Remove password from private password data structure.
+     * 
      * @param prompt Identify password to remove with prompt.
      */
     public void removePassword(String prompt);
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java
index ef3e17424..0fac8d358 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java
@@ -17,18 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
-
-
 /**
- * Maintains a pool of connections to the LDAP server.
- * CMS requests are processed on a multi threaded basis.
- * A pool of connections then must be be maintained so this
- * access to the Ldap server can be easily managed. The min and
- * max size of this connection pool should be configurable. Once
- * the maximum limit of connections is exceeded, the factory
- * should provide proper synchronization to resolve contention issues.
- *
+ * Maintains a pool of connections to the LDAP server. CMS requests are
+ * processed on a multi threaded basis. A pool of connections then must be be
+ * maintained so this access to the Ldap server can be easily managed. The min
+ * and max size of this connection pool should be configurable. Once the maximum
+ * limit of connections is exceeded, the factory should provide proper
+ * synchronization to resolve contention issues.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILdapBoundConnFactory extends ILdapConnFactory {
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java
index f706c2ecf..35a074047 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java
@@ -17,76 +17,75 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 import netscape.ldap.LDAPConnection;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 
-
 /**
- * Maintains a pool of connections to the LDAP server.
- * Multiple threads use this interface to utilize and release
- * the Ldap connection resources.
- *
+ * Maintains a pool of connections to the LDAP server. Multiple threads use this
+ * interface to utilize and release the Ldap connection resources.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILdapConnFactory {
 
-    /** 
+    /**
      * Initialize the poll from the config store.
+     * 
      * @param config The configuration substore.
      * @exception EBaseException On configuration error.
-     * @exception ELdapException On all other errors. 
+     * @exception ELdapException On all other errors.
      */
-    public void init(IConfigStore config) 
-        throws EBaseException, ELdapException;
+    public void init(IConfigStore config) throws EBaseException, ELdapException;
 
     /**
-     *
-     * Used for disconnecting all connections. 
-     * Used just before a subsystem
+     * 
+     * Used for disconnecting all connections. Used just before a subsystem
      * shutdown or process exit.
+     * 
      * @exception EldapException on Ldap failure when closing connections.
      */
-    public void reset() 
-        throws ELdapException;
+    public void reset() throws ELdapException;
 
     /**
      * Returns the number of free connections available from this pool.
-     * @return Integer number of free connections. 
-     */ 
+     * 
+     * @return Integer number of free connections.
+     */
 
     public int freeConn();
 
     /**
      * Returns the number of total connections available from this pool.
      * Includes sum of free and in use connections.
+     * 
      * @return Integer number of total connections.
      */
     public int totalConn();
 
     /**
      * Returns the maximum number of connections available from this pool.
+     * 
      * @return Integer maximum number of connections.
      */
     public int maxConn();
 
-    /** 
-     * Request access to a Ldap connection from the pool. 
-     * @exception ELdapException if any error occurs, such as a 
-     * @return Ldap connection object.
-     * connection is not available 
+    /**
+     * Request access to a Ldap connection from the pool.
+     * 
+     * @exception ELdapException if any error occurs, such as a
+     * @return Ldap connection object. connection is not available
      */
-    public LDAPConnection getConn() 
-        throws ELdapException;
+    public LDAPConnection getConn() throws ELdapException;
 
     /**
      * Return connection to the factory. mandatory after a getConn().
-     * @param conn Ldap connection object to be returned to the free list of the pool.
+     * 
+     * @param conn Ldap connection object to be returned to the free list of the
+     *            pool.
      * @exception ELdapException On any failure to return the connection.
      */
-    public void returnConn(LDAPConnection conn) 
-        throws ELdapException;
+    public void returnConn(LDAPConnection conn) throws ELdapException;
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java
index 4cffbe458..4eec994aa 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java
@@ -17,15 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 
-
 /**
- * Class for reading ldap connection information from the config store.
- * Ldap connection info: host name, port number,whether of not it is a secure connection.
- *
+ * Class for reading ldap connection information from the config store. Ldap
+ * connection info: host name, port number,whether of not it is a secure
+ * connection.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILdapConnInfo {
@@ -42,23 +41,24 @@ public interface ILdapConnInfo {
 
     /**
      * Initializes an instance from a config store.
+     * 
      * @param config Configuration store.
      * @exception ELdapException Ldap related error found.
-     * @exception EBaseException Other errors and errors with params included in the config store. 
+     * @exception EBaseException Other errors and errors with params included in
+     *                the config store.
      */
     public void init(IConfigStore config) throws EBaseException, ELdapException;
 
     /**
-     *  Return the name of the Host.
-     *
+     * Return the name of the Host.
+     * 
      */
 
-    
     public String getHost();
 
     /**
      * Return the port number of the host.
-     *
+     * 
      */
     public int getPort();
 
@@ -74,8 +74,8 @@ public interface ILdapConnInfo {
     public boolean getSecure();
 
     /**
-     * Return whether or not the server is to follow referrals
-     * to other servers when servicing a query.
+     * Return whether or not the server is to follow referrals to other servers
+     * when servicing a query.
      */
     public boolean getFollowReferrals();
 
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java
index 8d912fc55..601bfde8d 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java
@@ -17,45 +17,44 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * Class on behalf of the Publishing system that controls an instance of an ILdapConnFactory.
- * Allows a factory to be intialized and grants access
- * to the factory to other interested parties.
- *
+ * Class on behalf of the Publishing system that controls an instance of an
+ * ILdapConnFactory. Allows a factory to be intialized and grants access to the
+ * factory to other interested parties.
+ * 
  * @version $Revision$, $Date$
  */
- 
+
 public interface ILdapConnModule {
 
     /**
      * Initialize ldap publishing module with config store.
+     * 
      * @param owner Entity that is interested in this instance of Publishing.
-     * @param config Config store containing the info needed to set up Publishing.
+     * @param config Config store containing the info needed to set up
+     *            Publishing.
      * @exception ELdapException Due to Ldap error.
-     * @exception EBaseException Due to config value errors and all other errors.
+     * @exception EBaseException Due to config value errors and all other
+     *                errors.
      */
-    public void init(ISubsystem owner, IConfigStore config) 
-        throws EBaseException, ELdapException;
+    public void init(ISubsystem owner, IConfigStore config)
+            throws EBaseException, ELdapException;
 
     /**
-     * Returns the internal ldap connection factory.
-     * This can be useful to get a ldap connection to the
-     * ldap publishing directory without having to get it again from the
-     * config file. Note that this means sharing a ldap connection pool
-     * with the ldap publishing module so be sure to return connections to pool.
-     * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap
-     * publishing directory.
-     * Use ILdapConnFactory.returnConn() to return the connection.
-     *
+     * Returns the internal ldap connection factory. This can be useful to get a
+     * ldap connection to the ldap publishing directory without having to get it
+     * again from the config file. Note that this means sharing a ldap
+     * connection pool with the ldap publishing module so be sure to return
+     * connections to pool. Use ILdapConnFactory.getConn() to get a Ldap
+     * connection to the ldap publishing directory. Use
+     * ILdapConnFactory.returnConn() to return the connection.
+     * 
      * @return Instance of ILdapConnFactory.
      */
 
     public ILdapConnFactory getLdapConnFactory();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/ldap/LdapResources.java b/pki/base/common/src/com/netscape/certsrv/ldap/LdapResources.java
index 261497380..ee2d307cc 100644
--- a/pki/base/common/src/com/netscape/certsrv/ldap/LdapResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/ldap/LdapResources.java
@@ -17,10 +17,8 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ldap;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A resource bundle for ldap subsystem.
  * 
@@ -36,8 +34,7 @@ public class LdapResources extends ListResourceBundle {
     }
 
     /**
-     * Constants. The suffix represents the number of 
-     * possible parameters.
+     * Constants. The suffix represents the number of possible parameters.
      */
 
     static final Object[][] contents = {};
diff --git a/pki/base/common/src/com/netscape/certsrv/listeners/EListenersException.java b/pki/base/common/src/com/netscape/certsrv/listeners/EListenersException.java
index c498ca3dc..82ac529e4 100644
--- a/pki/base/common/src/com/netscape/certsrv/listeners/EListenersException.java
+++ b/pki/base/common/src/com/netscape/certsrv/listeners/EListenersException.java
@@ -17,13 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.listeners;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a listener exception.
  * <P>
+ * 
  * @version $Revision$, $Date$
  */
 public class EListenersException extends EBaseException {
@@ -35,13 +34,15 @@ public class EListenersException extends EBaseException {
     /**
      * CA resource class name.
      */
-    private static final String LISTENERS_RESOURCES = ListenersResources.class.getName();
+    private static final String LISTENERS_RESOURCES = ListenersResources.class
+            .getName();
 
     /**
      * Constructs a listeners exception.
      * <P>
+     * 
      * @param msgFormat The error message resource key.
-    */
+     */
     public EListenersException(String msgFormat) {
         super(msgFormat);
     }
@@ -49,6 +50,7 @@ public class EListenersException extends EBaseException {
     /**
      * Constructs a listeners exception.
      * <P>
+     * 
      * @param msgFormat exception details in message string format.
      * @param param message string parameter.
      */
@@ -59,27 +61,31 @@ public class EListenersException extends EBaseException {
     /**
      * Constructs a Listeners exception.
      * <P>
+     * 
      * @param msgFormat The resource key.
      * @param e The parameter as an exception.
      */
     public EListenersException(String msgFormat, Exception e) {
         super(msgFormat, e);
     }
-    
+
     /**
      * Constructs a Listeners exception.
      * <P>
+     * 
      * @param msgFormat The resource key.
      * @param params Array of params.
      */
     public EListenersException(String msgFormat, Object params[]) {
         super(msgFormat, params);
     }
+
     /**
      * get the listener resource class name.
      * <P>
+     * 
      * @return the class name of the resource.
-    */
+     */
     protected String getBundleName() {
         return LISTENERS_RESOURCES;
     }
diff --git a/pki/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java b/pki/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java
index b0cb173cb..2f93f69b4 100644
--- a/pki/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/listeners/IRequestListenerPlugin.java
@@ -17,62 +17,71 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.listeners;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 
 /**
- * This interface represents a plug-in listener. Implement this class to
- * add the listener to an ARequestNotifier of a subsystem.
+ * This interface represents a plug-in listener. Implement this class to add the
+ * listener to an ARequestNotifier of a subsystem.
  * <P>
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequestListenerPlugin {
-    
+
     /**
      * get the registered class name set in the init() method.
      * <P>
-     *  @return the Name.
+     * 
+     * @return the Name.
      */
     public String getName();
-    
+
     /**
      * get the plugin implementaion name set in the init() method.
      * <P>
+     * 
      * @return the plugin implementation name.
      */
     public String getImplName();
-    
+
     /**
      * the subsystem call this method to initialize the plug-in.
      * <P>
+     * 
      * @param name the registered class name of the plug-in.
      * @param implName the implemetnation name of the plug-in.
-     * @param config the configuration store where the.
-     * properties of the plug-in are stored.
-     * @exception EBaseException throws base exception in the certificate server.
+     * @param config the configuration store where the. properties of the
+     *            plug-in are stored.
+     * @exception EBaseException throws base exception in the certificate
+     *                server.
      */
-    public void   init(String name, String implName, IConfigStore config)
-    throws EBaseException;
+    public void init(String name, String implName, IConfigStore config)
+            throws EBaseException;
+
     /**
      * shutdown the plugin.
      */
     public void shutdown();
+
     /**
      * get the configuration parameters of the plug-in.
      * <P>
+     * 
      * @return the configuration parameters.
-     * @exception EBaseException throws base exception in the certificate server.
+     * @exception EBaseException throws base exception in the certificate
+     *                server.
      */
-    public String[] getConfigParams()
-    throws EBaseException;
+    public String[] getConfigParams() throws EBaseException;
+
     /**
-     * get the configuration store of the plugin where the
-     * configuration parameters of the plug-in are stored.
+     * get the configuration store of the plugin where the configuration
+     * parameters of the plug-in are stored.
      * <P>
+     * 
      * @return the configuration store.
      */
-    
+
     public IConfigStore getConfigStore();
-    
+
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java b/pki/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java
index 199941be9..8e3bc0f38 100644
--- a/pki/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/listeners/ListenersResources.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.listeners;
 
-
 import java.util.ListResourceBundle;
 
 /**
- * A class represents a resource bundle for the 
- * listeners package.
- *
+ * A class represents a resource bundle for the listeners package.
+ * 
  * @version $Revision$, $Date$
  */
 public class ListenersResources extends ListResourceBundle {
@@ -31,11 +29,13 @@ public class ListenersResources extends ListResourceBundle {
     /**
      * get the content of the resource.
      * <P>
-     * @return the content of this resource is a value pairs array of keys and values.
+     * 
+     * @return the content of this resource is a value pairs array of keys and
+     *         values.
      */
     public Object[][] getContents() {
         return contents;
     }
-    static final Object[][] contents = {
-        };
+
+    static final Object[][] contents = {};
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/AuditEvent.java b/pki/base/common/src/com/netscape/certsrv/logging/AuditEvent.java
index 4f7e64f27..26ce504d5 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/AuditEvent.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/AuditEvent.java
@@ -17,20 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.text.MessageFormat;
 import java.util.Locale;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.MessageFormatter;
 
-
 /**
- * The log event object that carries message detail of a log event
- * that goes into the Transaction log.  Note that the name of this
- * class "AuditEvent" is legacy and  has nothing to do with the signed 
- * audit log events, whcih are represented by SignedAuditEvent.
- *
+ * The log event object that carries message detail of a log event that goes
+ * into the Transaction log. Note that the name of this class "AuditEvent" is
+ * legacy and has nothing to do with the signed audit log events, whcih are
+ * represented by SignedAuditEvent.
+ * 
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.logging.LogResources
@@ -56,12 +54,12 @@ public class AuditEvent implements IBundleLogEvent {
      * The bundle name for this event.
      */
     private String mBundleName = LogResources.class.getName();
-    private static final String INVALID_LOG_LEVEL="log level: {0} is invalid, should be 0-6";
+    private static final String INVALID_LOG_LEVEL = "log level: {0} is invalid, should be 0-6";
 
     /**
      * Constructs a message event
      * <P>
-     *
+     * 
      * @param msgFormat the message string
      */
     public AuditEvent(String msgFormat) {
@@ -71,11 +69,12 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Constructs a message with a parameter. For example,
+     * 
      * <PRE>
-     *         new AuditEvent("failed to load {0}", fileName);
+     * new AuditEvent(&quot;failed to load {0}&quot;, fileName);
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat details in message string format
      * @param param message string parameter
      */
@@ -86,9 +85,9 @@ public class AuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a message from an exception. It can be used to carry
-     * a system exception that may contain information about
-     * the context. For example,
+     * Constructs a message from an exception. It can be used to carry a system
+     * exception that may contain information about the context. For example,
+     * 
      * <PRE>
      *         try {
      *          ...
@@ -97,7 +96,7 @@ public class AuditEvent implements IBundleLogEvent {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -110,6 +109,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Constructs a message from a base exception. This will use the msgFormat
      * from the exception itself.
+     * 
      * <PRE>
      *         try {
      *          ...
@@ -118,7 +118,7 @@ public class AuditEvent implements IBundleLogEvent {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param e CMS exception
      */
     public AuditEvent(Exception e) {
@@ -132,10 +132,10 @@ public class AuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a message event with a list of parameters
-     * that will be substituted into the message format.
+     * Constructs a message event with a list of parameters that will be
+     * substituted into the message format.
      * <P>
-     *
+     * 
      * @param msgFormat message string format
      * @param params list of message format parameters
      */
@@ -147,7 +147,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Returns the current message format string.
      * <P>
-     *
+     * 
      * @return details message
      */
     public String getMessage() {
@@ -157,7 +157,7 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Returns a list of parameters.
      * <P>
-     *
+     * 
      * @return list of message format parameters
      */
     public Object[] getParameters() {
@@ -165,10 +165,10 @@ public class AuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Returns localized message string. This method should
-     * only be called if a localized string is necessary.
+     * Returns localized message string. This method should only be called if a
+     * localized string is necessary.
      * <P>
-     *
+     * 
      * @return details message
      */
     public String toContent() {
@@ -178,19 +178,19 @@ public class AuditEvent implements IBundleLogEvent {
     /**
      * Returns the string based on the given locale.
      * <P>
-     *
+     * 
      * @param locale locale
      * @return details message
      */
     public String toContent(Locale locale) {
         return MessageFormatter.getLocalizedString(locale, getBundleName(),
-                getMessage(),
-                getParameters());
+                getMessage(), getParameters());
     }
 
     /**
-     * Gets the resource bundle name for this class instance.  This should
-     * be overridden by subclasses who have their own resource bundles.
+     * Gets the resource bundle name for this class instance. This should be
+     * overridden by subclasses who have their own resource bundles.
+     * 
      * @param bundle String that represents the resource bundle name to be set
      */
     public void setBundleName(String bundle) {
@@ -199,6 +199,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves bundle name.
+     * 
      * @return a String that represents the resource bundle name
      */
     protected String getBundleName() {
@@ -207,8 +208,9 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves log source.
-     * @return an integer that indicates the component source
-     * where this message event was triggered
+     * 
+     * @return an integer that indicates the component source where this message
+     *         event was triggered
      */
     public int getSource() {
         return mSource;
@@ -216,18 +218,18 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Sets log source.
-     * @param source an integer that represents the component source
-     * where this message event was triggered
+     * 
+     * @param source an integer that represents the component source where this
+     *            message event was triggered
      */
     public void setSource(int source) {
         mSource = source;
     }
 
-    
     /**
-     * Retrieves log level.
-     * The log level of an event represents its relative importance
-     * or severity within CMS.
+     * Retrieves log level. The log level of an event represents its relative
+     * importance or severity within CMS.
+     * 
      * @return Integer log level value.
      */
     public int getLevel() {
@@ -236,6 +238,7 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves NT specific log event type.
+     * 
      * @return Integer NTEventType value.
      */
     public int getNTEventType() {
@@ -243,9 +246,9 @@ public class AuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Sets log level, NT log event type.
-     * For certain log levels the NT log event type gets
-     * set as well.
+     * Sets log level, NT log event type. For certain log levels the NT log
+     * event type gets set as well.
+     * 
      * @param level Integer log level value.
      */
     public void setLevel(int level) {
@@ -268,24 +271,26 @@ public class AuditEvent implements IBundleLogEvent {
             break;
 
         default:
-            ConsoleError.send(new SystemEvent(INVALID_LOG_LEVEL,
-                    Integer.toString(level)));
+            ConsoleError.send(new SystemEvent(INVALID_LOG_LEVEL, Integer
+                    .toString(level)));
             break;
         }
     }
-   
+
     /**
      * Retrieves log multiline attribute.
-     * @return Boolean whether or not this event is multiline.
-     * A multiline message simply consists of more than one line.
-     */ 
+     * 
+     * @return Boolean whether or not this event is multiline. A multiline
+     *         message simply consists of more than one line.
+     */
     public boolean getMultiline() {
         return mMultiline;
     }
 
     /**
-     * Sets log multiline attribute. A multiline message consists of
-     * more than one line.
+     * Sets log multiline attribute. A multiline message consists of more than
+     * one line.
+     * 
      * @param multiline Boolean multiline value.
      */
     public void setMultiline(boolean multiline) {
@@ -294,26 +299,27 @@ public class AuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves event time stamp.
+     * 
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp() {
         return mTimeStamp;
     }
 
-    
     /**
-     * Retrieves log event type. Each type of event
-     * has an associated String type value.
+     * Retrieves log event type. Each type of event has an associated String
+     * type value.
+     * 
      * @return String containing the type of event.
      */
     public String getEventType() {
         return mEventType;
     }
 
-    
     /**
-     * Sets log event type. Each type of event
-     * has an associated String type value.
+     * Sets log event type. Each type of event has an associated String type
+     * value.
+     * 
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType) {
@@ -321,15 +327,16 @@ public class AuditEvent implements IBundleLogEvent {
     }
 
     /**
-    * Return string representation of log message.
-    * @return String containing log message.
-    */
+     * Return string representation of log message.
+     * 
+     * @return String containing log message.
+     */
     public String toString() {
         if (getBundleName() == null) {
             MessageFormat detailMessage = new MessageFormat(mMessage);
 
             return detailMessage.format(mParams);
-            //return getMessage();
+            // return getMessage();
         } else
             return toContent();
     }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/AuditFormat.java b/pki/base/common/src/com/netscape/certsrv/logging/AuditFormat.java
index 8d870ad90..34d629beb 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/AuditFormat.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/AuditFormat.java
@@ -17,12 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 /**
- * Define audit log message format. Note that the name of this
- * class "AuditFormat" is legacy and  has nothing to do with the signed 
- * audit log events format
- *
+ * Define audit log message format. Note that the name of this class
+ * "AuditFormat" is legacy and has nothing to do with the signed audit log
+ * events format
+ * 
  * @version $Revision$, $Date$
  */
 public class AuditFormat {
@@ -40,18 +39,18 @@ public class AuditFormat {
     /**
      * initiative: the event is from agent
      */
-    public static final String FROMAGENT = "fromAgent";        
+    public static final String FROMAGENT = "fromAgent";
 
     /**
      * initiative: the event is from router
      */
-    public static final String FROMROUTER = "fromRouter";  
+    public static final String FROMROUTER = "fromRouter";
 
     /**
      * initiative: the event is from remote authority
      */
     public static final String FROMRA = "fromRemoteAuthority";
-      
+
     /**
      * authentication module: no Authentication manager
      */
@@ -59,54 +58,33 @@ public class AuditFormat {
 
     // for ProcessCertReq.java ,kra
     /**
-     0: request type
-     1: request ID
-     2: initiative
-     3: auth module
-     4: status
-     5: cert dn
-     6: other info. eg cert serial number, violation policies
+     * 0: request type 1: request ID 2: initiative 3: auth module 4: status 5:
+     * cert dn 6: other info. eg cert serial number, violation policies
      */
-    public static final String FORMAT = 
-        "{0} reqID {1} {2} authenticated by {3} is {4} DN requested: {5} {6}";
-    public static final  String NODNFORMAT = 
-        "{0} reqID {1} {2} authenticated by {3} is {4}";
+    public static final String FORMAT = "{0} reqID {1} {2} authenticated by {3} is {4} DN requested: {5} {6}";
+    public static final String NODNFORMAT = "{0} reqID {1} {2} authenticated by {3} is {4}";
 
-    public static final String ENROLLMENTFORMAT = 
-        "Enrollment request reqID {0} {1} authenticated by {2} is {3}. DN requested: {4} {5}";
-    public static final String RENEWALFORMAT = 
-        "Renewal request reqID {0} {1} authenticated by {2} is {3}. DN requested: {4} old serial number: 0x{5} {6}";
-    public static final String REVOCATIONFORMAT = 
-        "Revocation request reqID {0} {1} authenticated by {2} is {3}. DN requested: {4} serial number: 0x{5} revocation reason: {6} {7}";
+    public static final String ENROLLMENTFORMAT = "Enrollment request reqID {0} {1} authenticated by {2} is {3}. DN requested: {4} {5}";
+    public static final String RENEWALFORMAT = "Renewal request reqID {0} {1} authenticated by {2} is {3}. DN requested: {4} old serial number: 0x{5} {6}";
+    public static final String REVOCATIONFORMAT = "Revocation request reqID {0} {1} authenticated by {2} is {3}. DN requested: {4} serial number: 0x{5} revocation reason: {6} {7}";
 
     // 1: fromAgent AgentID: xxx authenticated by xxx
-    public static final String DOREVOKEFORMAT = 
-        "Revocation request reqID {0} {1} is {2}. DN requested: {3} serial number: 0x{4} revocation reason: {5}";
+    public static final String DOREVOKEFORMAT = "Revocation request reqID {0} {1} is {2}. DN requested: {3} serial number: 0x{4} revocation reason: {5}";
     // 1: fromAgent AgentID: xxx authenticated by xxx
-    public static final String DOUNREVOKEFORMAT = 
-        "Unrevocation request reqID {0} {1} is {2}. DN requested: {3} serial number: 0x{4}";
+    public static final String DOUNREVOKEFORMAT = "Unrevocation request reqID {0} {1} is {2}. DN requested: {3} serial number: 0x{4}";
 
     // 0:initiative
-    public static final String CRLUPDATEFORMAT = 
-        "CRLUpdate request {0} authenticated by {1} is {2}. Id: {3}\ncrl Number: {4} last update time: {5} next update time: {6} number of entries in the CRL: {7}";
+    public static final String CRLUPDATEFORMAT = "CRLUpdate request {0} authenticated by {1} is {2}. Id: {3}\ncrl Number: {4} last update time: {5} next update time: {6} number of entries in the CRL: {7}";
 
     // audit user/group
-    public static final String ADDUSERFORMAT =
-        "Admin UID: {0} added User UID: {1}";
-    public static final String REMOVEUSERFORMAT =
-        "Admin UID: {0} removed User UID: {1} ";
-    public static final String MODIFYUSERFORMAT =
-        "Admin UID: {0} modified User UID: {1}";
-    public static final String ADDUSERCERTFORMAT =
-        "Admin UID: {0} added cert for User UID: {1}. cert DN: {2} serial number: 0x{3}";
-    public static final String REMOVEUSERCERTFORMAT =
-        "Admin UID: {0} removed cert of User UID: {1}. cert DN: {2} serial number: 0x{3}";
-    public static final String ADDUSERGROUPFORMAT =
-        "Admin UID: {0} added User UID: {1} to group: {2}";
-    public static final String REMOVEUSERGROUPFORMAT =
-        "Admin UID: {0} removed User UID: {1} from group: {2}";
+    public static final String ADDUSERFORMAT = "Admin UID: {0} added User UID: {1}";
+    public static final String REMOVEUSERFORMAT = "Admin UID: {0} removed User UID: {1} ";
+    public static final String MODIFYUSERFORMAT = "Admin UID: {0} modified User UID: {1}";
+    public static final String ADDUSERCERTFORMAT = "Admin UID: {0} added cert for User UID: {1}. cert DN: {2} serial number: 0x{3}";
+    public static final String REMOVEUSERCERTFORMAT = "Admin UID: {0} removed cert of User UID: {1}. cert DN: {2} serial number: 0x{3}";
+    public static final String ADDUSERGROUPFORMAT = "Admin UID: {0} added User UID: {1} to group: {2}";
+    public static final String REMOVEUSERGROUPFORMAT = "Admin UID: {0} removed User UID: {1} from group: {2}";
 
     // LDAP publishing
-    public static final String LDAP_PUBLISHED_FORMAT = 
-        "{0} successfully published serial number: 0x{1} with DN: {2}";
+    public static final String LDAP_PUBLISHED_FORMAT = "{0} successfully published serial number: 0x{1} with DN: {2}";
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ConsoleError.java b/pki/base/common/src/com/netscape/certsrv/logging/ConsoleError.java
index 146824ac4..13e0f3d45 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ConsoleError.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ConsoleError.java
@@ -17,12 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
-
-
 /**
  * A static class to log error messages to the Console
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ConsoleError {
@@ -30,8 +27,8 @@ public class ConsoleError {
 
     /**
      * Send the given event to the Console.
-     *
-     * @param	ev	log event to be sent to the console
+     * 
+     * @param ev log event to be sent to the console
      */
     public static void send(ILogEvent ev) {
         console.log(ev);
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java b/pki/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java
index c18b062c2..72ae1a79f 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ConsoleLog.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.io.IOException;
 import java.util.Hashtable;
 import java.util.Vector;
@@ -29,76 +28,75 @@ import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.common.NameValuePairs;
 
-
 /**
  * A log event listener which sends all log events to the system console/tty
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ConsoleLog implements ILogEventListener {
 
     /**
-     * Log the given event.  Usually called from a log manager.
-     *
-     * @param	ev	log event
+     * Log the given event. Usually called from a log manager.
+     * 
+     * @param ev log event
      */
     public void log(ILogEvent ev) {
         System.err.println(Thread.currentThread().getName() + ": " + ev);
     }
 
     /**
-     * Flush the system output stream. 
-     *
+     * Flush the system output stream.
+     * 
      */
     public void flush() {
         System.err.flush();
     }
 
-	/**
-	 * All operations need to be cleaned up for shutdown are done here
-	 */
+    /**
+     * All operations need to be cleaned up for shutdown are done here
+     */
     public void shutdown() {
     }
 
-	/**
-	 * get the configuration store that is associated with this
-	 * log listener
-	 * @return the configuration store that is associated with this
-	 * log listener
-	 */
+    /**
+     * get the configuration store that is associated with this log listener
+     * 
+     * @return the configuration store that is associated with this log listener
+     */
     public IConfigStore getConfigStore() {
         return null;
     }
 
-    public void init(ISubsystem owner, IConfigStore config) 
-        throws EBaseException {
+    public void init(ISubsystem owner, IConfigStore config)
+            throws EBaseException {
     }
 
     public void startup() throws EBaseException {
     }
 
     /**
-     * Retrieve last "maxLine" number of system log with log lever >"level"
-     * and from  source "source". If the parameter is omitted. All entries
-     * are sent back.
-	 * @param req a Hashtable containing the required information such as
-	 * log entry, log level, log source, and log name
-	 * @return the content of the log that match the criteria in req
-	 * @exception servletException
-	 * @exception IOException
-	 * @exception EBaseException
+     * Retrieve last "maxLine" number of system log with log lever >"level" and
+     * from source "source". If the parameter is omitted. All entries are sent
+     * back.
+     * 
+     * @param req a Hashtable containing the required information such as log
+     *            entry, log level, log source, and log name
+     * @return the content of the log that match the criteria in req
+     * @exception servletException
+     * @exception IOException
+     * @exception EBaseException
      */
-    public synchronized NameValuePairs retrieveLogContent(Hashtable req) throws ServletException,
-            IOException, EBaseException {
+    public synchronized NameValuePairs retrieveLogContent(Hashtable req)
+            throws ServletException, IOException, EBaseException {
         return null;
     }
 
     /**
-     * Retrieve log file list.
-	 * <br> unimplemented
+     * Retrieve log file list. <br>
+     * unimplemented
      */
-    public synchronized NameValuePairs retrieveLogList(Hashtable req) throws ServletException,
-            IOException, EBaseException {
+    public synchronized NameValuePairs retrieveLogList(Hashtable req)
+            throws ServletException, IOException, EBaseException {
         return null;
     }
 
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ELogException.java b/pki/base/common/src/com/netscape/certsrv/logging/ELogException.java
index 90a74ba4a..ed36ea5fc 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ELogException.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ELogException.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.util.Locale;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.MessageFormatter;
 
-
 /**
- * This class implements a Log exception. LogExceptions
- * should be caught by LogSubsystem managers.
+ * This class implements a Log exception. LogExceptions should be caught by
+ * LogSubsystem managers.
  * <P>
  * 
  * @version $Revision$, $Date$
@@ -39,14 +37,14 @@ public class ELogException extends EBaseException {
      */
     private static final long serialVersionUID = -8903703675126348145L;
     /**
-    * Resource bundle class name.
-    */
+     * Resource bundle class name.
+     */
     private static final String LOG_RESOURCES = LogResources.class.getName();
 
     /**
      * Constructs a log exception.
      * <P>
-     *
+     * 
      * @param msgFormat Exception details.
      */
     public ELogException(String msgFormat) {
@@ -56,11 +54,12 @@ public class ELogException extends EBaseException {
 
     /**
      * Constructs a log exception with a parameter. For example,
+     * 
      * <PRE>
-     * 		new ELogException("failed to load {0}", fileName);
+     * new ELogException(&quot;failed to load {0}&quot;, fileName);
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat Exception details in message string format.
      * @param param Message string parameter.
      */
@@ -71,9 +70,9 @@ public class ELogException extends EBaseException {
     }
 
     /**
-     * Constructs a log exception. It can be used to carry
-     * a system exception that may contain information about
-     * the context. For example,
+     * Constructs a log exception. It can be used to carry a system exception
+     * that may contain information about the context. For example,
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -82,7 +81,7 @@ public class ELogException extends EBaseException {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat Exception details in message string format.
      * @param param System exception.
      */
@@ -93,10 +92,10 @@ public class ELogException extends EBaseException {
     }
 
     /**
-     * Constructs a log exception with a list of parameters
-     * that will be substituted into the message format.
+     * Constructs a log exception with a list of parameters that will be
+     * substituted into the message format.
      * <P>
-     *
+     * 
      * @param msgFormat Exception details in message string format.
      * @param params List of message format parameters.
      */
@@ -108,7 +107,7 @@ public class ELogException extends EBaseException {
     /**
      * Returns a list of parameters.
      * <P>
-     *
+     * 
      * @return list of message format parameters.
      */
     public Object[] getParameters() {
@@ -116,10 +115,10 @@ public class ELogException extends EBaseException {
     }
 
     /**
-     * Returns localized exception string. This method should
-     * only be called if a localized string is necessary.
+     * Returns localized exception string. This method should only be called if
+     * a localized string is necessary.
      * <P>
-     *
+     * 
      * @return Details message.
      */
     public String toString() {
@@ -129,7 +128,7 @@ public class ELogException extends EBaseException {
     /**
      * Returns the string based on the given locale.
      * <P>
-     *
+     * 
      * @param locale Locale.
      * @return Details message.
      */
@@ -139,13 +138,14 @@ public class ELogException extends EBaseException {
     }
 
     /**
-     * Retrieves resource bundle name.
-     * Subclasses should override this as necessary
+     * Retrieves resource bundle name. Subclasses should override this as
+     * necessary
+     * 
      * @return String containing name of resource bundle.
      */
 
     protected String getBundleName() {
         return LOG_RESOURCES;
     }
-	
+
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java b/pki/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java
index 2dad7aece..7de84733c 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ELogNotFound.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 /**
  * Exception for log not found.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ELogNotFound extends ELogException {
@@ -32,6 +31,7 @@ public class ELogNotFound extends ELogException {
 
     /**
      * Constructs a exception for a missing required log.
+     * 
      * @param errorString Detailed error message.
      */
     public ELogNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java
index efac65a28..6c434aff9 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ELogPluginNotFound.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 /**
  * Exception for log plugin not found.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ELogPluginNotFound extends ELogException {
@@ -32,10 +31,10 @@ public class ELogPluginNotFound extends ELogException {
 
     /**
      * Constructs a exception for a missing log plugin.
+     * 
      * @param errorString Detailed error message.
      */
     public ELogPluginNotFound(String errorString) {
         super(errorString);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java b/pki/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java
index 44a4283bd..a1a103045 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/IBundleLogEvent.java
@@ -17,23 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
-
-
 /**
- * An interface which all loggable events must implement.
- * See ILogEvent class.
- * This class maintains a resource bundle name for given
- * event type.
- *
+ * An interface which all loggable events must implement. See ILogEvent class.
+ * This class maintains a resource bundle name for given event type.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IBundleLogEvent extends ILogEvent {
 
     /**
-    * Sets the name of the resource bundle to be associated
-    * with this event type.
-    * @param bundle name of resource bundle.
-    */
+     * Sets the name of the resource bundle to be associated with this event
+     * type.
+     * 
+     * @param bundle name of resource bundle.
+     */
     public void setBundleName(String bundle);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ILogEvent.java b/pki/base/common/src/com/netscape/certsrv/logging/ILogEvent.java
index d0caca71d..07bd67d0e 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ILogEvent.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ILogEvent.java
@@ -17,80 +17,81 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.io.Serializable;
 import java.util.Locale;
 
-
 /**
- * An interface which all loggable events must implement. CMS comes
- * with a limited set of ILogEvent types to implement: audit, system, and 
- * signed audit.  This is the base class of all the subsequent implemented types.
- * A log event represents a certain kind of log message designed for a specific purpose.
- * For instance, an audit type event represents messages having to do with auditable CMS
- * actions.  The resulting message will ultimately appear into a specific log file.
- *
+ * An interface which all loggable events must implement. CMS comes with a
+ * limited set of ILogEvent types to implement: audit, system, and signed audit.
+ * This is the base class of all the subsequent implemented types. A log event
+ * represents a certain kind of log message designed for a specific purpose. For
+ * instance, an audit type event represents messages having to do with auditable
+ * CMS actions. The resulting message will ultimately appear into a specific log
+ * file.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILogEvent extends Serializable {
 
     /**
      * Retrieves event time stamp.
+     * 
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp();
 
     /**
-     * Retrieves log source.
-     * This is an id of the subsystem responsible
-     * for creating the log event.
+     * Retrieves log source. This is an id of the subsystem responsible for
+     * creating the log event.
+     * 
      * @return Integer source id.
      */
     public int getSource();
 
-    
     /**
-     * Retrieves log level.
-     * The log level of an event represents its relative importance
-     * or severity within CMS.
+     * Retrieves log level. The log level of an event represents its relative
+     * importance or severity within CMS.
+     * 
      * @return Integer log level value.
      */
     public int getLevel();
 
     /**
      * Retrieves NT specific log event type.
+     * 
      * @return Integer NTEventType value.
      */
     public int getNTEventType();
 
     /**
-    *  Retrieves multiline attribute.
-    *  Does this message consiste of more than one line.
-    *  @return Boolean of multiline status.
-    */
+     * Retrieves multiline attribute. Does this message consiste of more than
+     * one line.
+     * 
+     * @return Boolean of multiline status.
+     */
     public boolean getMultiline();
 
-
     /**
-     * Retrieves log event type. Each type of event
-     * has an associated String type value.
+     * Retrieves log event type. Each type of event has an associated String
+     * type value.
+     * 
      * @return String containing the type of event.
      */
     public String getEventType();
 
     /**
-     * Sets log event type. Each type of event
-     * has an associated String type value.
+     * Sets log event type. Each type of event has an associated String type
+     * value.
+     * 
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType);
 
-
     /**
-     * Returns localized message string. This method should
-     * only be called if a localized string is necessary.
+     * Returns localized message string. This method should only be called if a
+     * localized string is necessary.
      * <P>
-     *
+     * 
      * @return Details message.
      */
     public String toContent();
@@ -98,7 +99,7 @@ public interface ILogEvent extends Serializable {
     /**
      * Returns the string based on the given locale.
      * <P>
-     *
+     * 
      * @param locale locale
      * @return Details message.
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java b/pki/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java
index f94f20a95..0cf4c23e8 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ILogEventFactory.java
@@ -17,22 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.util.Properties;
 
-
 /**
- * An interface represents a log event factory. This
- * factory will be responsible for creating and returning ILogEvent objects
- * on demand.
- *
+ * An interface represents a log event factory. This factory will be responsible
+ * for creating and returning ILogEvent objects on demand.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILogEventFactory {
 
     /**
      * Creates an event of a particular event type/class.
-     *
+     * 
      * @param evtClass The event type.
      * @param prop The resource bundle.
      * @param source The subsystem ID who creates the log event.
@@ -43,11 +40,11 @@ public interface ILogEventFactory {
      * @return The created ILogEvent object.
      */
     public ILogEvent create(int evtClass, Properties prop, int source,
-        int level, boolean multiline, String msg, Object params[]);
+            int level, boolean multiline, String msg, Object params[]);
 
     /**
      * Releases previously created event.
-     *
+     * 
      * @param event The log event.
      */
     public void release(ILogEvent event);
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java b/pki/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java
index 12c09b0bc..68b766691 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ILogEventListener.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.io.IOException;
 import java.util.EventListener;
 import java.util.Hashtable;
@@ -30,102 +29,104 @@ import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.common.NameValuePairs;
 
-
-
 /**
- * An interface represents a log event listener.
- * A ILogEventListener is registered to  a specific
- * ILogQueue to be notified of created ILogEvents.
- * the log queue will notify all its registered listeners
- * of the logged event. The listener will then proceed to
- * process the event accordingly which will result in a log
- * message existing in some file.
- *
+ * An interface represents a log event listener. A ILogEventListener is
+ * registered to a specific ILogQueue to be notified of created ILogEvents. the
+ * log queue will notify all its registered listeners of the logged event. The
+ * listener will then proceed to process the event accordingly which will result
+ * in a log message existing in some file.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILogEventListener extends EventListener {
 
     /**
-     *  The event notification method: Logs event.
-     *
+     * The event notification method: Logs event.
+     * 
      * @param event The log event to be processed.
      */
     public void log(ILogEvent event) throws ELogException;
 
     /**
-     *  Flushes the log buffers (if any). Will result in the messages
-     *  being actually written to their destination.
+     * Flushes the log buffers (if any). Will result in the messages being
+     * actually written to their destination.
      */
     public void flush();
 
     /**
-     *  Closes the log file and destroys any associated threads.
+     * Closes the log file and destroys any associated threads.
      */
     public void shutdown();
 
     /**
      * Get the configuration store for the log event listener.
+     * 
      * @return The configuration store of this log event listener.
      */
     public IConfigStore getConfigStore();
 
     /**
      * Initialize this log listener
-	 * @param owner The subsystem.
-	 * @param config Configuration store for this log listener.
-	 * @exception initialization error.
+     * 
+     * @param owner The subsystem.
+     * @param config Configuration store for this log listener.
+     * @exception initialization error.
      */
-    public void init(ISubsystem owner, IConfigStore config) 
-        throws EBaseException;
+    public void init(ISubsystem owner, IConfigStore config)
+            throws EBaseException;
 
     /**
      * Startup the instance.
      */
-    public void startup()
-        throws EBaseException;
+    public void startup() throws EBaseException;
 
     /**
-     * Retrieve last "maxLine" number of system logs with log level >"level"
-     * and from  source "source". If the parameter is omitted. All entries
-     * are sent back.
-         * @param req a Hashtable containing the required information such as
-         * log entry, log level, log source, and log name.
-         * @return NameValue pair list of log messages.
-         * @exception ServletException For Servelet errros.
-         * @exception IOException For input/output problems.
-         * @exception EBaseException For other problems.
+     * Retrieve last "maxLine" number of system logs with log level >"level" and
+     * from source "source". If the parameter is omitted. All entries are sent
+     * back.
+     * 
+     * @param req a Hashtable containing the required information such as log
+     *            entry, log level, log source, and log name.
+     * @return NameValue pair list of log messages.
+     * @exception ServletException For Servelet errros.
+     * @exception IOException For input/output problems.
+     * @exception EBaseException For other problems.
      */
-    public NameValuePairs retrieveLogContent(Hashtable req) throws ServletException,
-            IOException, EBaseException;
+    public NameValuePairs retrieveLogContent(Hashtable req)
+            throws ServletException, IOException, EBaseException;
 
     /**
-    * Retrieve list of log files.
-    *
-    */
-    public NameValuePairs retrieveLogList(Hashtable req) throws ServletException,
-            IOException, EBaseException;
+     * Retrieve list of log files.
+     * 
+     */
+    public NameValuePairs retrieveLogList(Hashtable req)
+            throws ServletException, IOException, EBaseException;
 
     /**
      * Returns implementation name.
+     * 
      * @return String name of event listener implementation.
      */
     public String getImplName();
 
     /**
      * Returns the description of this log event listener.
+     * 
      * @return String with listener description.
      */
     public String getDescription();
 
     /**
-    * Return list of default config parameters for this log event listener.
-    * @return Vector of default parameters.
-    */
+     * Return list of default config parameters for this log event listener.
+     * 
+     * @return Vector of default parameters.
+     */
     public Vector getDefaultParams();
 
     /**
-    * Return list of instance config parameters for this log event listener.
-    * @return Vector of instance parameters.
-    */
+     * Return list of instance config parameters for this log event listener.
+     * 
+     * @return Vector of instance parameters.
+     */
     public Vector getInstanceParams();
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ILogQueue.java b/pki/base/common/src/com/netscape/certsrv/logging/ILogQueue.java
index 878b9ba16..5923d3307 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ILogQueue.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ILogQueue.java
@@ -17,40 +17,35 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
-
-
 /**
- * An interface represents a log queue. A log queue
- * is a queue of pending log events to be dispatched
- * to a set of registered ILogEventListeners.
- *
+ * An interface represents a log queue. A log queue is a queue of pending log
+ * events to be dispatched to a set of registered ILogEventListeners.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILogQueue {
 
     /**
      * Dispatch the log event to all registered log event listeners.
-     *
+     * 
      * @param evt the log event
      */
     public void log(ILogEvent evt);
 
     /**
-     * Flushes log queue, flushes all registered listeners.
-     * Messages should be written to their destination.
+     * Flushes log queue, flushes all registered listeners. Messages should be
+     * written to their destination.
      */
     public void flush();
 
     /**
      * Registers an event listener.
-     *
-     * @param listener The log event listener to be registered
-     * to this queue.
+     * 
+     * @param listener The log event listener to be registered to this queue.
      */
     public void addLogEventListener(ILogEventListener listener);
 
-    /** 
+    /**
      * Removes an event listener.
      * 
      * @param listener The log event listener to be removed from this queue.
@@ -60,7 +55,7 @@ public interface ILogQueue {
     /**
      * Initializes the log queue.
      * <P>
-     *
+     * 
      */
     public void init();
 
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java b/pki/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java
index 438c42508..f18880951 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ILogSubsystem.java
@@ -17,22 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.util.Hashtable;
 import java.util.Vector;
 
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * An interface that represents a logging component.  The logging
- * component is a framework that handles different types of log types,
- * each represented by an ILogEventListener, and each implements a log 
- * plugin.  CMS  comes
- * with three standard log types: "signedAudit", "system", and
- * "transaction".  Each log plugin can be instantiated into log
- * instances.  Each log instance can be individually configured and is 
- * associated with its own configuration entries in the configuration file.
+ * An interface that represents a logging component. The logging component is a
+ * framework that handles different types of log types, each represented by an
+ * ILogEventListener, and each implements a log plugin. CMS comes with three
+ * standard log types: "signedAudit", "system", and "transaction". Each log
+ * plugin can be instantiated into log instances. Each log instance can be
+ * individually configured and is associated with its own configuration entries
+ * in the configuration file.
  * <P>
  * 
  * @version $Revision$, $Date$
@@ -45,15 +42,17 @@ public interface ILogSubsystem extends ISubsystem {
     public static final String ID = "log";
 
     /**
-     * Retrieve plugin name (implementation name) of the log event
-     * listener.  If no plug name found, an empty string is returned
+     * Retrieve plugin name (implementation name) of the log event listener. If
+     * no plug name found, an empty string is returned
+     * 
      * @param log the log event listener
      * @return the log event listener's plugin name
-     */ 
+     */
     public String getLogPluginName(ILogEventListener log);
 
     /**
      * Retrieve the log event listener by instance name
+     * 
      * @param insName the log instance name in String
      * @return the log instance in ILogEventListener
      */
@@ -61,44 +60,45 @@ public interface ILogSubsystem extends ISubsystem {
 
     /**
      * get the list of log plugins that are available
-     * @return log plugins in a Hashtable.  Each entry in the
-     * Hashtable contains the name/value pair of pluginName/LogPlugin
+     * 
+     * @return log plugins in a Hashtable. Each entry in the Hashtable contains
+     *         the name/value pair of pluginName/LogPlugin
      * @see LogPlugin
      */
     public Hashtable getLogPlugins();
 
     /**
      * get the list of log instances that are available
-     * @return log instances in a Hashtable.  Each entry in the
-     * Hashtable contains the name/value pair of instName/ILogEventListener
+     * 
+     * @return log instances in a Hashtable. Each entry in the Hashtable
+     *         contains the name/value pair of instName/ILogEventListener
      * @see LogPlugin
      */
     public Hashtable getLogInsts();
 
     /**
-     * Get the default configuration parameter names associated with a 
-     * plugin.  It is used by
-     * administration servlet to handle log configuration when a new
-     * log instance is added.
-     * @param implName The implementation name for which the
-     * configuration parameters are to be configured
-     * @return a Vector of default configuration paramter names
-     * associated with this log plugin
-     * @exception ELogException when instantiation of the plugin
-     * implementation fails.
+     * Get the default configuration parameter names associated with a plugin.
+     * It is used by administration servlet to handle log configuration when a
+     * new log instance is added.
+     * 
+     * @param implName The implementation name for which the configuration
+     *            parameters are to be configured
+     * @return a Vector of default configuration paramter names associated with
+     *         this log plugin
+     * @exception ELogException when instantiation of the plugin implementation
+     *                fails.
      */
-    public Vector getLogDefaultParams(String implName) throws
-            ELogException;
+    public Vector getLogDefaultParams(String implName) throws ELogException;
 
     /**
-     * Get the default configuration parameter names associated with a 
-     * log instance.  It is used by administration servlet to handle
-     * log instance configuration.
-     * @param insName The instance name for which the configuration
-     * parameters are to be configured
-     * @return a Vector of default configuration paramter names
-     * associated with this log instance.
+     * Get the default configuration parameter names associated with a log
+     * instance. It is used by administration servlet to handle log instance
+     * configuration.
+     * 
+     * @param insName The instance name for which the configuration parameters
+     *            are to be configured
+     * @return a Vector of default configuration paramter names associated with
+     *         this log instance.
      */
-    public Vector getLogInstanceParams(String insName)
-        throws ELogException;
+    public Vector getLogInstanceParams(String insName) throws ELogException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/ILogger.java b/pki/base/common/src/com/netscape/certsrv/logging/ILogger.java
index 01fbc6b93..8f64e78e3 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/ILogger.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/ILogger.java
@@ -17,23 +17,22 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.util.Properties;
 
-
 /**
- * An interface represents a logger for certificate server. This object is used to
- * issue log messages for the various types of logging event types.  A log message results
- * in a  ILogEvent being created.  This event is then placed on a ILogQueue to be ultimately
- * written to the destination log file.  This object also maintains a collection of ILogFactory objects
- * which are used to create the supported types of ILogEvents. CMS comes out of the box with three event
- * types:  "signedAudit", "system", and "audit".
- *
+ * An interface represents a logger for certificate server. This object is used
+ * to issue log messages for the various types of logging event types. A log
+ * message results in a ILogEvent being created. This event is then placed on a
+ * ILogQueue to be ultimately written to the destination log file. This object
+ * also maintains a collection of ILogFactory objects which are used to create
+ * the supported types of ILogEvents. CMS comes out of the box with three event
+ * types: "signedAudit", "system", and "audit".
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILogger {
-    
-    //List of defined log classes.
+
+    // List of defined log classes.
     /**
      * log class: audit event.
      */
@@ -41,24 +40,24 @@ public interface ILogger {
     public static final String PROP_AUDIT = "transaction";
 
     /**
-     * log class: system event. 
-     * System event with log level >= LL_FAILURE will also be logged in error log
+     * log class: system event. System event with log level >= LL_FAILURE will
+     * also be logged in error log
      */
     public static final int EV_SYSTEM = 1;
     public static final String PROP_SYSTEM = "system";
 
     /**
-     * log class: SignedAudit event. 
+     * log class: SignedAudit event.
      */
     public static final int EV_SIGNED_AUDIT = 2;
     public static final String PROP_SIGNED_AUDIT = "signedAudit";
 
-    //List of defined log sources.
-	
+    // List of defined log sources.
+
     /**
      * log source: used by servlet to retrieve all logs
      */
-    public static final int S_ALL = 0; //used by servlet only
+    public static final int S_ALL = 0; // used by servlet only
 
     /**
      * log source: identify the log entry is from KRA
@@ -136,30 +135,29 @@ public interface ILogger {
      */
 
     public static final int S_TKS = 16;
-    
+
     /**
-     * log source: identify the log entry is from other subsystem
-     * eg. policy, security, connector,registration
+     * log source: identify the log entry is from other subsystem eg. policy,
+     * security, connector,registration
      */
     public static final int S_OTHER = 20;
 
-
     // List of defined log levels.
     /**
      * log level: used by servlet to retrieve all level logs
      */
-    public static final int LL_ALL = -1; //used by servlet only
-    public static final String LL_ALL_STRING = "All"; //used by servlet only
+    public static final int LL_ALL = -1; // used by servlet only
+    public static final String LL_ALL_STRING = "All"; // used by servlet only
 
     /**
      * log level: indicate this log entry is debug info
      */
-    
+
     /**
-     * Debug level is depreciated since CMS6.1. Please use
-     * CMS.debug() to output messages to debugging file.
+     * Debug level is depreciated since CMS6.1. Please use CMS.debug() to output
+     * messages to debugging file.
      */
-    public static final int LL_DEBUG = 0;  // depreciated
+    public static final int LL_DEBUG = 0; // depreciated
     public static final String LL_DEBUG_STRING = "Debug";
 
     /**
@@ -199,20 +197,20 @@ public interface ILogger {
     public static final String LL_SECURITY_STRING = "Security";
 
     /**
-     * "SubjectID" for system-initiated events logged
-     * in signed audit log messages
+     * "SubjectID" for system-initiated events logged in signed audit log
+     * messages
      */
     public static final String SYSTEM_UID = "$System$";
 
     /**
-     * A constant string value used to denote a single "unknown" identity
-     * in signed audit log messages
+     * A constant string value used to denote a single "unknown" identity in
+     * signed audit log messages
      */
     public static final String UNIDENTIFIED = "$Unidentified$";
 
     /**
-     * A constant string value used to denote a single "non-role" identity
-     * in signed audit log messages
+     * A constant string value used to denote a single "non-role" identity in
+     * signed audit log messages
      */
     public static final String NONROLEUSER = "$NonRoleUser$";
 
@@ -221,23 +219,22 @@ public interface ILogger {
      */
     public static final String SUCCESS = "Success";
     public static final String FAILURE = "Failure";
-    
+
     /**
-     * A constant string value used to denote a "non-applicable"
-     * data value in signed audit log messages
+     * A constant string value used to denote a "non-applicable" data value in
+     * signed audit log messages
      */
     public final static String SIGNED_AUDIT_NON_APPLICABLE = "N/A";
 
     /**
-     * A constant string value used to denote an "empty", or "null",
-     * data value in signed audit log messages
+     * A constant string value used to denote an "empty", or "null", data value
+     * in signed audit log messages
      */
     public final static String SIGNED_AUDIT_EMPTY_VALUE = "<null>";
 
     /**
-     * Constant string values associated with the type of certificate
-     * processing stored in the "InfoName" field in certain signed
-     * audit log messages
+     * Constant string values associated with the type of certificate processing
+     * stored in the "InfoName" field in certain signed audit log messages
      */
     public final static String SIGNED_AUDIT_ACCEPTANCE = "certificate";
     public final static String SIGNED_AUDIT_CANCELLATION = "cancelReason";
@@ -258,7 +255,7 @@ public interface ILogger {
      * NT event type: correspont to log level LL_FAILURE and above
      */
     public static final int NT_ERROR = 1;
-    
+
     // List of defined log multiline attribute.
     /**
      * indicate the log message has more than one line
@@ -272,8 +269,9 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
      */
@@ -281,8 +279,9 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
@@ -291,8 +290,9 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
@@ -301,185 +301,226 @@ public interface ILogger {
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      */
-    public void log(int evtClass, Properties props, int source, int level, String msg);
+    public void log(int evtClass, Properties props, int source, int level,
+            String msg);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param param The parameter in the detail message.
      */
-    public void log(int evtClass, int source, int level, String msg, Object param);
+    public void log(int evtClass, int source, int level, String msg,
+            Object param);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param params The parameters in the detail message.
      */
-    public void log(int evtClass, int source, int level, String msg, Object params[]);
+    public void log(int evtClass, int source, int level, String msg,
+            Object params[]);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
      * @param param The parameters in the detail message.
      */
-    public void log(int evtClass, Properties props, int source, String msg, Object param);
+    public void log(int evtClass, Properties props, int source, String msg,
+            Object param);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param param The parameter in the detail message.
      */
-    public void log(int evtClass, Properties props, int source, int level, String msg,
-        Object param);
+    public void log(int evtClass, Properties props, int source, int level,
+            String msg, Object param);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param prop The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param params The parameters in the detail message.
      */
-    public void log(int evtClass, Properties prop, int source, int level, String msg,
-        Object params[]);
+    public void log(int evtClass, Properties prop, int source, int level,
+            String msg, Object params[]);
 
-    //multiline log
+    // multiline log
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
-     * @param multiline true If the message has more than one line, otherwise false.
+     * @param multiline true If the message has more than one line, otherwise
+     *            false.
      */
     public void log(int evtClass, int source, String msg, boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param msg The detail message to be logged.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, Properties props, int source, String msg, boolean multiline);
+    public void log(int evtClass, Properties props, int source, String msg,
+            boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, int source, int level, String msg, boolean multiline);
+    public void log(int evtClass, int source, int level, String msg,
+            boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, Properties props, int source, int level, String msg, boolean multiline);
+    public void log(int evtClass, Properties props, int source, int level,
+            String msg, boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param param The parameter in the detail message.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, int source, int level, String msg, Object param, boolean multiline);
+    public void log(int evtClass, int source, int level, String msg,
+            Object param, boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source TTTTsource of the log event.
      * @param msg The detail message to be logged.
      * @param param The parameter in the detail message.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, Properties props, int source, String msg, Object param, boolean multiline);
+    public void log(int evtClass, Properties props, int source, String msg,
+            Object param, boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param props The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param param The parameter in the detail message.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, Properties props, int source, int level, String msg,
-        Object param, boolean multiline);
+    public void log(int evtClass, Properties props, int source, int level,
+            String msg, Object param, boolean multiline);
 
     /**
      * Logs an event to the log queue.
-     *
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     *            EV_SIGNED_AUDIT.
      * @param prop The resource bundle used for the detailed message.
      * @param source The source of the log event.
      * @param level The level of the log event.
      * @param msg The detail message to be logged.
      * @param params The parameters in the detail message.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * @param multiline True if the message has more than one line, otherwise
+     *            false.
      */
-    public void log(int evtClass, Properties prop, int source, int level, String msg,
-        Object params[], boolean multiline);
+    public void log(int evtClass, Properties prop, int source, int level,
+            String msg, Object params[], boolean multiline);
 
     /*
      * Generates an ILogEvent
-     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or EV_SIGNED_AUDIT.
+     * 
+     * @param evtClass What kind of event it is: EV_AUDIT or EV_SYSTEM or
+     * EV_SIGNED_AUDIT.
+     * 
      * @param props The resource bundle used for the detailed message.
+     * 
      * @param source The source of the log event.
+     * 
      * @param level The level of the log event.
+     * 
      * @param msg The detail message to be logged.
+     * 
      * @param params The parameters in the detail message.
-     * @param multiline True if the message has more than one line, otherwise false.
+     * 
+     * @param multiline True if the message has more than one line, otherwise
+     * false.
+     * 
      * @return ILogEvent, a log event.
      */
-    public ILogEvent create(int evtClass, Properties prop, int source, int level,
-        String msg, Object params[], boolean multiline);
+    public ILogEvent create(int evtClass, Properties prop, int source,
+            int level, String msg, Object params[], boolean multiline);
 
     /**
      * Register a log event factory. Which will create the desired ILogEvents.
@@ -487,8 +528,8 @@ public interface ILogger {
     public void register(int evtClass, ILogEventFactory f);
 
     /**
-     * Retrieves the associated log queue.  The log queue is where issued log events
-     * are collected for later processing.
+     * Retrieves the associated log queue. The log queue is where issued log
+     * events are collected for later processing.
      */
     public ILogQueue getLogQueue();
 
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/LogPlugin.java b/pki/base/common/src/com/netscape/certsrv/logging/LogPlugin.java
index b8195eece..9d7a5cc45 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/LogPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/LogPlugin.java
@@ -17,18 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import com.netscape.certsrv.base.Plugin;
 
-
 /**
  * This class represents a registered logger plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class LogPlugin extends Plugin {
-    public LogPlugin (String id, String path) {
+    public LogPlugin(String id, String path) {
         super(id, path);
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/LogResources.java b/pki/base/common/src/com/netscape/certsrv/logging/LogResources.java
index 6a7472ff1..33615443e 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/LogResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/LogResources.java
@@ -17,17 +17,15 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.util.ListResourceBundle;
 import java.util.ResourceBundle;
 
 import com.netscape.certsrv.base.BaseResources;
 
-
 /**
  * This is the fallback resource bundle for all log events.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
  */
@@ -35,9 +33,9 @@ public class LogResources extends ListResourceBundle {
     public static final String BASE_RESOURCES = BaseResources.class.getName();
 
     /**
-     * Contructs a log resource bundle and sets it's parent to the base
-     * resource bundle.
-     *
+     * Contructs a log resource bundle and sets it's parent to the base resource
+     * bundle.
+     * 
      * @see com.netscape.certsrv.base.BaseResources
      */
     public LogResources() {
@@ -47,6 +45,7 @@ public class LogResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
+     * 
      * @return Array of objects making up the contents of this resource.
      */
     public Object[][] getContents() {
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java b/pki/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java
index ab86a4ce2..cfae81750 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/SignedAuditEvent.java
@@ -17,20 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.text.MessageFormat;
 import java.util.Locale;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.MessageFormatter;
 
-
 /**
- * The log event object that carries message detail of a log event
- * that goes into the  Signed Audit Event log.  This log has the
- * property of being digitally signed for security considerations.
- *
- *
+ * The log event object that carries message detail of a log event that goes
+ * into the Signed Audit Event log. This log has the property of being digitally
+ * signed for security considerations.
+ * 
+ * 
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.logging.LogResources
@@ -52,18 +50,18 @@ public class SignedAuditEvent implements IBundleLogEvent {
     private boolean mMultiline = false;
     private long mTimeStamp = System.currentTimeMillis();
 
-    private static final String INVALID_LOG_LEVEL="log level: {0} is invalid, should be 0-6";
+    private static final String INVALID_LOG_LEVEL = "log level: {0} is invalid, should be 0-6";
 
     /**
-     * The bundle name for this event.
-     * ....not anymore...keep for now and clean up later
+     * The bundle name for this event. ....not anymore...keep for now and clean
+     * up later
      */
     private String mBundleName = LogResources.class.getName();
 
     /**
      * Constructs a SignedAuditEvent message event.
      * <P>
-     *
+     * 
      * @param msgFormat The message string.
      */
     public SignedAuditEvent(String msgFormat) {
@@ -73,11 +71,12 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Constructs a message with a parameter. For example,
+     * 
      * <PRE>
-     * 		new SignedAuditEvent("failed to load {0}", fileName);
+     * new SignedAuditEvent(&quot;failed to load {0}&quot;, fileName);
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat Details in message string format.
      * @param param Message string parameter.
      */
@@ -88,9 +87,10 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a message from an exception. It can be used to carry
-     * a signed audit exception that may contain information about
-     * the context. For example,
+     * Constructs a message from an exception. It can be used to carry a signed
+     * audit exception that may contain information about the context. For
+     * example,
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -99,7 +99,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat Exception details in message string format.
      * @param exception System exception.
      */
@@ -112,6 +112,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Constructs a message from a base exception. This will use the msgFormat
      * from the exception itself.
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -120,7 +121,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param e CMS exception.
      */
     public SignedAuditEvent(Exception e) {
@@ -134,10 +135,10 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a message event with a list of parameters
-     * that will be substituted into the message format.
+     * Constructs a message event with a list of parameters that will be
+     * substituted into the message format.
      * <P>
-     *
+     * 
      * @param msgFormat Message string format.
      * @param params List of message format parameters.
      */
@@ -149,7 +150,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Returns the current message format string.
      * <P>
-     *
+     * 
      * @return Details message.
      */
     public String getMessage() {
@@ -157,10 +158,10 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Returns a list of parameters. These parameters can be
-     * used to assist in formatting the message.
+     * Returns a list of parameters. These parameters can be used to assist in
+     * formatting the message.
      * <P>
-     *
+     * 
      * @return List of message format parameters.
      */
     public Object[] getParameters() {
@@ -168,10 +169,10 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Returns localized message string. This method should
-     * only be called if a localized string is necessary.
+     * Returns localized message string. This method should only be called if a
+     * localized string is necessary.
      * <P>
-     *
+     * 
      * @return Details message.
      */
     public String toContent() {
@@ -181,19 +182,19 @@ public class SignedAuditEvent implements IBundleLogEvent {
     /**
      * Returns the string based on the given locale.
      * <P>
-     *
+     * 
      * @param locale Locale.
      * @return Details message.
      */
     public String toContent(Locale locale) {
         return MessageFormatter.getLocalizedString(locale, getBundleName(),
-                getMessage(),
-                getParameters());
+                getMessage(), getParameters());
     }
 
     /**
-     * Sets the resource bundle name for this class instance.  This should
-     * be overridden by subclasses who have their own resource bundles.
+     * Sets the resource bundle name for this class instance. This should be
+     * overridden by subclasses who have their own resource bundles.
+     * 
      * @param bundle String with name of resource bundle.
      */
     public void setBundleName(String bundle) {
@@ -202,6 +203,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Retrieves bundle name.
+     * 
      * @return String with name of resource bundle.
      */
     protected String getBundleName() {
@@ -209,9 +211,9 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Retrieves log source.
-     * This is an id of the subsystem responsible
-     * for creating the log event.
+     * Retrieves log source. This is an id of the subsystem responsible for
+     * creating the log event.
+     * 
      * @return Integer source id.
      */
     public int getSource() {
@@ -220,6 +222,7 @@ public class SignedAuditEvent implements IBundleLogEvent {
 
     /**
      * Sets log source.
+     * 
      * @param source Integer id of log source.
      */
     public void setSource(int source) {
@@ -227,18 +230,18 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Retrieves log level.
-     * The log level of an event represents its relative importance
-     * or severity within CMS.
+     * Retrieves log level. The log level of an event represents its relative
+     * importance or severity within CMS.
+     * 
      * @return Integer log level value.
      */
     public int getLevel() {
         return mLevel;
     }
 
-    
     /**
      * Retrieves NT specific log event type.
+     * 
      * @return Integer NTEventType value.
      */
     public int getNTEventType() {
@@ -246,9 +249,9 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-     * Sets log level, NT log event type.
-     * For certain log levels the NT log event type gets
-     * set as well.
+     * Sets log level, NT log event type. For certain log levels the NT log
+     * event type gets set as well.
+     * 
      * @param level Integer log level value.
      */
     public void setLevel(int level) {
@@ -271,53 +274,55 @@ public class SignedAuditEvent implements IBundleLogEvent {
             break;
 
         default:
-            ConsoleError.send(new SignedAuditEvent(INVALID_LOG_LEVEL,
-                    Integer.toString(level)));
+            ConsoleError.send(new SignedAuditEvent(INVALID_LOG_LEVEL, Integer
+                    .toString(level)));
             break;
         }
     }
 
     /**
      * Retrieves log multiline attribute.
-     * @return Boolean whether or not this event is multiline.
-     * A multiline message simply consists of more than one line.
+     * 
+     * @return Boolean whether or not this event is multiline. A multiline
+     *         message simply consists of more than one line.
      */
     public boolean getMultiline() {
         return mMultiline;
     }
 
     /**
-     * Sets log multiline attribute. A multiline message consists of
-     * more than one line.
+     * Sets log multiline attribute. A multiline message consists of more than
+     * one line.
+     * 
      * @param multiline Boolean multiline value.
      */
     public void setMultiline(boolean multiline) {
         mMultiline = multiline;
     }
 
-    
     /**
      * Retrieves event time stamp.
+     * 
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp() {
         return mTimeStamp;
     }
 
-    
     /**
-     * Retrieves log event type. Each type of event
-     * has an associated String type value.
+     * Retrieves log event type. Each type of event has an associated String
+     * type value.
+     * 
      * @return String containing the type of event.
      */
     public String getEventType() {
         return mEventType;
     }
 
-    
     /**
-     * Sets log event type. Each type of event
-     * has an associated String type value.
+     * Sets log event type. Each type of event has an associated String type
+     * value.
+     * 
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType) {
@@ -325,9 +330,10 @@ public class SignedAuditEvent implements IBundleLogEvent {
     }
 
     /**
-    * Return string representation of log message.
-    * @return String containing log message.
-    */
+     * Return string representation of log message.
+     * 
+     * @return String containing log message.
+     */
     public String toString() {
         if (getBundleName() == null) {
             MessageFormat detailMessage = new MessageFormat(mMessage);
diff --git a/pki/base/common/src/com/netscape/certsrv/logging/SystemEvent.java b/pki/base/common/src/com/netscape/certsrv/logging/SystemEvent.java
index 83026323c..201b8ef24 100644
--- a/pki/base/common/src/com/netscape/certsrv/logging/SystemEvent.java
+++ b/pki/base/common/src/com/netscape/certsrv/logging/SystemEvent.java
@@ -17,19 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.logging;
 
-
 import java.text.MessageFormat;
 import java.util.Locale;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.MessageFormatter;
 
-
 /**
- * The log event object that carries a log message.
- * This class represents System events which are CMS events
- * which need to be logged to a log file. 
- *
+ * The log event object that carries a log message. This class represents System
+ * events which are CMS events which need to be logged to a log file.
+ * 
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
  * @see com.netscape.certsrv.logging.LogResources
@@ -56,12 +53,12 @@ public class SystemEvent implements IBundleLogEvent {
      */
     private String mBundleName = LogResources.class.getName();
 
-    private static final String INVALID_LOG_LEVEL="log level: {0} is invalid, should be 0-6";
+    private static final String INVALID_LOG_LEVEL = "log level: {0} is invalid, should be 0-6";
 
     /**
      * Constructs a SystemEvent message event.
      * <P>
-     *
+     * 
      * @param msgFormat The message string.
      */
     public SystemEvent(String msgFormat) {
@@ -71,11 +68,12 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Constructs a SystemEvent message with a parameter. For example,
+     * 
      * <PRE>
-     * 		new SystemEvent("failed to load {0}", fileName);
+     * new SystemEvent(&quot;failed to load {0}&quot;, fileName);
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat Details in message string format.
      * @param param Message string parameter.
      */
@@ -86,9 +84,10 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a SystemEvent message from an exception. It can be used to carry
-     * a system exception that may contain information about
-     * the context. For example,
+     * Constructs a SystemEvent message from an exception. It can be used to
+     * carry a system exception that may contain information about the context.
+     * For example,
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -97,7 +96,7 @@ public class SystemEvent implements IBundleLogEvent {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat Exception details in message string format.
      * @param exception System exception.
      */
@@ -108,8 +107,9 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a SystemEvent message from a base exception. This will use the msgFormat
-     * from the exception itself.
+     * Constructs a SystemEvent message from a base exception. This will use the
+     * msgFormat from the exception itself.
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -118,7 +118,7 @@ public class SystemEvent implements IBundleLogEvent {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param e CMS exception.
      */
     public SystemEvent(Exception e) {
@@ -132,10 +132,10 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Constructs a SystemEvent message event with a list of parameters
-     * that will be substituted into the message format.
+     * Constructs a SystemEvent message event with a list of parameters that
+     * will be substituted into the message format.
      * <P>
-     *
+     * 
      * @param msgFormat Message string format.
      * @param params List of message format parameters.
      */
@@ -147,7 +147,7 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Returns the current message format string.
      * <P>
-     *
+     * 
      * @return Details message.
      */
     public String getMessage() {
@@ -155,10 +155,10 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Returns a list of parameters. These parameters can be
-     * used to assist in formatting the message.
+     * Returns a list of parameters. These parameters can be used to assist in
+     * formatting the message.
      * <P>
-     *
+     * 
      * @return List of message format parameters.
      */
     public Object[] getParameters() {
@@ -166,10 +166,10 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Returns localized message string. This method should
-     * only be called if a localized string is necessary.
+     * Returns localized message string. This method should only be called if a
+     * localized string is necessary.
      * <P>
-     *
+     * 
      * @return Details message.
      */
     public String toContent() {
@@ -179,19 +179,19 @@ public class SystemEvent implements IBundleLogEvent {
     /**
      * Returns the string based on the given locale.
      * <P>
-     *
+     * 
      * @param locale Locale.
      * @return Details message.
      */
     public String toContent(Locale locale) {
         return MessageFormatter.getLocalizedString(locale, getBundleName(),
-                getMessage(),
-                getParameters());
+                getMessage(), getParameters());
     }
 
     /**
-     * Sets the resource bundle name for this class instance.  This should
-     * be overridden by subclasses who have their own resource bundles.
+     * Sets the resource bundle name for this class instance. This should be
+     * overridden by subclasses who have their own resource bundles.
+     * 
      * @param bundle String with the name of resource bundle.
      */
     public void setBundleName(String bundle) {
@@ -200,6 +200,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves bundle name.
+     * 
      * @return String with name of resource bundle.
      */
     protected String getBundleName() {
@@ -207,9 +208,9 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Retrieves log source.
-     * This is an id of the subsystem responsible
-     * for creating the log event.
+     * Retrieves log source. This is an id of the subsystem responsible for
+     * creating the log event.
+     * 
      * @return Integer source id.
      */
     public int getSource() {
@@ -217,8 +218,8 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Sets log source.
-     * Sets the id of the subsystem issuing the event.
+     * Sets log source. Sets the id of the subsystem issuing the event.
+     * 
      * @param source Integer source id.
      */
     public void setSource(int source) {
@@ -226,9 +227,9 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Retrieves log level.
-     * The log level of an event represents its relative importance
-     * or severity within CMS.
+     * Retrieves log level. The log level of an event represents its relative
+     * importance or severity within CMS.
+     * 
      * @return Integer log level value.
      */
     public int getLevel() {
@@ -237,6 +238,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves NT specific log event type.
+     * 
      * @return Integer NTEventType value.
      */
     public int getNTEventType() {
@@ -244,9 +246,9 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Sets log level, NT log event type.
-     * For certain log levels the NT log event type gets
-     * set as well.  
+     * Sets log level, NT log event type. For certain log levels the NT log
+     * event type gets set as well.
+     * 
      * @param level Integer log level value.
      */
     public void setLevel(int level) {
@@ -269,24 +271,26 @@ public class SystemEvent implements IBundleLogEvent {
             break;
 
         default:
-            ConsoleError.send(new SystemEvent(INVALID_LOG_LEVEL,
-                    Integer.toString(level)));
+            ConsoleError.send(new SystemEvent(INVALID_LOG_LEVEL, Integer
+                    .toString(level)));
             break;
         }
     }
 
     /**
      * Retrieves log multiline attribute.
-     * @return Boolean whether or not this event is multiline.
-     * A multiline message simply consists of more than one line.
+     * 
+     * @return Boolean whether or not this event is multiline. A multiline
+     *         message simply consists of more than one line.
      */
     public boolean getMultiline() {
         return mMultiline;
     }
 
     /**
-     * Sets log multiline attribute. A multiline message consists of
-     * more than one line.
+     * Sets log multiline attribute. A multiline message consists of more than
+     * one line.
+     * 
      * @param multiline Boolean multiline value.
      */
     public void setMultiline(boolean multiline) {
@@ -295,6 +299,7 @@ public class SystemEvent implements IBundleLogEvent {
 
     /**
      * Retrieves event time stamp.
+     * 
      * @return Long integer of the time the event was created.
      */
     public long getTimeStamp() {
@@ -302,18 +307,19 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-     * Retrieves log event type. Each type of event
-     * has an associated String type value.
+     * Retrieves log event type. Each type of event has an associated String
+     * type value.
+     * 
      * @return String containing the type of event.
      */
     public String getEventType() {
         return mEventType;
     }
 
-    
     /**
-     * Sets log event type. Each type of event
-     * has an associated String type value.
+     * Sets log event type. Each type of event has an associated String type
+     * value.
+     * 
      * @param eventType String containing the type of event.
      */
     public void setEventType(String eventType) {
@@ -321,9 +327,10 @@ public class SystemEvent implements IBundleLogEvent {
     }
 
     /**
-    * Return string representation of log message.
-    * @return String containing log message.
-    */
+     * Return string representation of log message.
+     * 
+     * @return String containing log message.
+     */
     public String toString() {
         if (getBundleName() == null) {
             MessageFormat detailMessage = new MessageFormat(mMessage);
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/ENotificationException.java b/pki/base/common/src/com/netscape/certsrv/notification/ENotificationException.java
index 4e34ded30..34a8c7158 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/ENotificationException.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/ENotificationException.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a notification exception.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ENotificationException extends EBaseException {
@@ -36,7 +34,8 @@ public class ENotificationException extends EBaseException {
     /**
      * Identity resource class name.
      */
-    private static final String NOTIFICATION_RESOURCES = NotificationResources.class.getName();
+    private static final String NOTIFICATION_RESOURCES = NotificationResources.class
+            .getName();
 
     /**
      * Constructs a notification exception
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java b/pki/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java
index 9d7ee46f0..20bfb7a95 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/IEmailFormProcessor.java
@@ -17,17 +17,15 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
 import java.util.Hashtable;
 import java.util.Vector;
 
-
 /**
- * formulates the final email.  Escape character '\' is understood.
- * '$' is used preceeding a token name.  A token name should not be a
- * substring of any other token name
+ * formulates the final email. Escape character '\' is understood. '$' is used
+ * preceeding a token name. A token name should not be a substring of any other
+ * token name
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IEmailFormProcessor {
@@ -58,16 +56,18 @@ public interface IEmailFormProcessor {
     public final static String TOKEN_REVOCATION_DATE = "RevocationDate";
 
     /*
-     * takes the form template, parse and replace all $tokens with the
-     *		 right values.  It handles escape character '\'
+     * takes the form template, parse and replace all $tokens with the right
+     * values. It handles escape character '\'
+     * 
      * @param form The locale specific form template,
-     * @param tok2vals a hashtable containing one to one mapping
-     *	 from $tokens used by the admins in the form template to the real
-     *	 values corresponding to the $tokens
+     * 
+     * @param tok2vals a hashtable containing one to one mapping from $tokens
+     * used by the admins in the form template to the real values corresponding
+     * to the $tokens
+     * 
      * @return mail content
      */
-    public String getEmailContent(String form,
-        Hashtable tok2vals);
+    public String getEmailContent(String form, Hashtable tok2vals);
 
     /**
      * takes a vector of strings and concatenate them
@@ -79,4 +79,3 @@ public interface IEmailFormProcessor {
      */
     public void log(int level, String msg);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java b/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java
index 49d0851ed..30c68be59 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolver.java
@@ -17,25 +17,24 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * An email resolver that first checks the request email, if none,
- * then follows by checking the subjectDN of the certificate
+ * An email resolver that first checks the request email, if none, then follows
+ * by checking the subjectDN of the certificate
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IEmailResolver {
 
     /**
-     * returns an email address by using the resolver keys.  The
-     *	 return value can possibly be null
+     * returns an email address by using the resolver keys. The return value can
+     * possibly be null
+     * 
      * @param keys list of keys used for resolving the email address
      */
-    public String getEmail(IEmailResolverKeys keys) 
-        throws EBaseException, ENotificationException;
+    public String getEmail(IEmailResolverKeys keys) throws EBaseException,
+            ENotificationException;
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java b/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java
index d1a6889cc..8ba95fa56 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/IEmailResolverKeys.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
- * An interface represents email resolver (ordered) keys for resolving
- * emails 
- * e.g. request/cert, cert/request, request, request/cert/subjectalternatename etc.
+ * An interface represents email resolver (ordered) keys for resolving emails
+ * e.g. request/cert, cert/request, request, request/cert/subjectalternatename
+ * etc.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IEmailResolverKeys extends IAttrSet {
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java b/pki/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java
index bcda466d1..5320761f1 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/IEmailTemplate.java
@@ -17,13 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
-
-
 /**
- * Files to be processed and returned to the requested parties. It
- * is a template with $tokens to be used by the form/template processor.
- *
+ * Files to be processed and returned to the requested parties. It is a template
+ * with $tokens to be used by the form/template processor.
+ * 
  * @version $Revision$, $Date$
  */
 
@@ -36,7 +33,7 @@ public interface IEmailTemplate {
      */
     public String getTemplateName();
 
-    /** 
+    /**
      * @return true if template is an html file, false otherwise
      */
     public boolean isHTML();
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/IMailNotification.java b/pki/base/common/src/com/netscape/certsrv/notification/IMailNotification.java
index c5375caed..a19e5f694 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/IMailNotification.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/IMailNotification.java
@@ -17,17 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
 import java.io.IOException;
 import java.util.Vector;
 
-
 /**
- * This class handles mail notification via SMTP.
- * This class uses <b>smtp.host</b> in the configuration for smtp
- * host.  The port default (25) is used.  If no smtp specified, local
- * host is used
- *
+ * This class handles mail notification via SMTP. This class uses
+ * <b>smtp.host</b> in the configuration for smtp host. The port default (25) is
+ * used. If no smtp specified, local host is used
+ * 
  * @version $Revision$, $Date$
  */
 public interface IMailNotification {
@@ -39,36 +36,42 @@ public interface IMailNotification {
 
     /**
      * sets the "From" field
+     * 
      * @param from email address of the sender
      */
     public void setFrom(String from);
 
     /**
      * sets the "Subject" field
+     * 
      * @param subject subject of the email
      */
     public void setSubject(String subject);
 
     /**
      * sets the "Content-Type" field
+     * 
      * @param contentType content type of the email
      */
     public void setContentType(String contentType);
 
     /**
      * sets the content of the email
+     * 
      * @param content the message content
      */
     public void setContent(String content);
 
     /**
      * sets the recipients' email addresses
+     * 
      * @param addresses a list of email addresses of the recipients
      */
     public void setTo(Vector addresses);
 
     /**
      * sets the recipient's email address
+     * 
      * @param to address of the recipient email address
      */
     public void setTo(String to);
diff --git a/pki/base/common/src/com/netscape/certsrv/notification/NotificationResources.java b/pki/base/common/src/com/netscape/certsrv/notification/NotificationResources.java
index 40d9e80e3..e7a2be400 100644
--- a/pki/base/common/src/com/netscape/certsrv/notification/NotificationResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/notification/NotificationResources.java
@@ -17,14 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.notification;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
- * A class represents a resource bundle for the 
- * Mail Notification package
- *
+ * A class represents a resource bundle for the Mail Notification package
+ * 
  * @version $Revision$, $Date$
  */
 public class NotificationResources extends ListResourceBundle {
@@ -37,8 +34,7 @@ public class NotificationResources extends ListResourceBundle {
     }
 
     /**
-     * Constants. The suffix represents the number of
-     * possible parameters.
+     * Constants. The suffix represents the number of possible parameters.
      */
 
     static final Object[][] contents = {};
diff --git a/pki/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java b/pki/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java
index 82c5821b5..b8e078373 100644
--- a/pki/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java
+++ b/pki/base/common/src/com/netscape/certsrv/ocsp/IDefStore.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ocsp;
 
-
 import java.math.BigInteger;
 import java.security.cert.X509CRL;
 import java.util.Date;
@@ -27,28 +26,26 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord;
 import com.netscape.certsrv.dbs.repository.IRepositoryRecord;
 
-
 /**
  * This class defines an Online Certificate Status Protocol (OCSP) store which
  * has been extended to provide information from the internal database.
- * <P> 
- *
+ * <P>
+ * 
  * @version $Revision$, $Date$
  */
-public interface IDefStore extends IOCSPStore
-{
+public interface IDefStore extends IOCSPStore {
     /**
      * This method retrieves the number of CRL updates since startup.
      * <P>
-     *
+     * 
      * @return count the number of OCSP default stores
      */
-    public int getStateCount(); 
+    public int getStateCount();
 
     /**
      * This method retrieves the number of OCSP requests since startup.
      * <P>
-     *
+     * 
      * @param id a string associated with an OCSP request
      * @return count the number of this type of OCSP requests
      */
@@ -57,30 +54,29 @@ public interface IDefStore extends IOCSPStore
     /**
      * This method creates a an OCSP default store repository record.
      * <P>
-     *
+     * 
      * @return IRepositoryRecord an instance of the repository record object
      */
-    public IRepositoryRecord createRepositoryRecord(); 
+    public IRepositoryRecord createRepositoryRecord();
 
     /**
      * This method adds a request to the default OCSP store repository.
      * <P>
-     *
+     * 
      * @param name a string representing the name of this request
      * @param thisUpdate the current request
      * @param rec an instance of the repository record object
-     * @exception EBaseException occurs when there is an error attempting to
-     *    add this request to the repository
+     * @exception EBaseException occurs when there is an error attempting to add
+     *                this request to the repository
      */
     public void addRepository(String name, String thisUpdate,
-        IRepositoryRecord rec)
-        throws EBaseException;
+            IRepositoryRecord rec) throws EBaseException;
 
     /**
      * This method specifies whether or not to wait for the Certificate
      * Revocation List (CRL) to be updated.
      * <P>
-     *
+     * 
      * @return boolean true or false
      */
     public boolean waitOnCRLUpdate();
@@ -88,7 +84,7 @@ public interface IDefStore extends IOCSPStore
     /**
      * This method updates the specified CRL.
      * <P>
-     *
+     * 
      * @param crl the CRL to be updated
      * @exception EBaseException occurs when the CRL cannot be updated
      */
@@ -97,44 +93,42 @@ public interface IDefStore extends IOCSPStore
     /**
      * This method attempts to read the CRL issuing point.
      * <P>
-     *
+     * 
      * @param name the name of the CRL to be read
      * @return ICRLIssuingPointRecord the CRL issuing point
      * @exception EBaseException occurs when the specified CRL cannot be located
      */
     public ICRLIssuingPointRecord readCRLIssuingPoint(String name)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * This method searches all CRL issuing points.
      * <P>
-     *
+     * 
      * @param maxSize specifies the largest number of hits from the search
      * @return Enumeration a list of the CRL issuing points
      * @exception EBaseException occurs when no CRL issuing point exists
      */
-    public Enumeration searchAllCRLIssuingPointRecord(
-        int maxSize)
-        throws EBaseException;
+    public Enumeration searchAllCRLIssuingPointRecord(int maxSize)
+            throws EBaseException;
 
     /**
      * This method searches all CRL issuing points constrained by the specified
      * filtering mechanism.
      * <P>
-     *
+     * 
      * @param filter a string which constrains the search
      * @param maxSize specifies the largest number of hits from the search
      * @return Enumeration a list of the CRL issuing points
      * @exception EBaseException occurs when no CRL issuing point exists
      */
-    public Enumeration searchCRLIssuingPointRecord(String filter,
-        int maxSize)
-        throws EBaseException;
+    public Enumeration searchCRLIssuingPointRecord(String filter, int maxSize)
+            throws EBaseException;
 
     /**
      * This method creates a CRL issuing point record.
      * <P>
-     *
+     * 
      * @param name a string representation of this CRL issuing point record
      * @param crlNumber the number of this CRL issuing point record
      * @param crlSize the size of this CRL issuing point record
@@ -142,40 +136,37 @@ public interface IDefStore extends IOCSPStore
      * @param nextUpdate the time for the next CRL issuing point record
      * @return ICRLIssuingPointRecord this CRL issuing point record
      */
-    public ICRLIssuingPointRecord createCRLIssuingPointRecord(
-        String name, BigInteger crlNumber, 
-        Long crlSize, Date thisUpdate, Date nextUpdate);
+    public ICRLIssuingPointRecord createCRLIssuingPointRecord(String name,
+            BigInteger crlNumber, Long crlSize, Date thisUpdate, Date nextUpdate);
 
     /**
      * This method adds a CRL issuing point
      * <P>
-     *
+     * 
      * @param name a string representation of this CRL issuing point record
      * @param rec this CRL issuing point record
      * @exception EBaseException occurs when the specified CRL issuing point
-     *     record cannot be added
+     *                record cannot be added
      */
     public void addCRLIssuingPoint(String name, ICRLIssuingPointRecord rec)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * This method deletes a CRL issuing point record
      * <P>
-     *
+     * 
      * @param id a string representation of this CRL issuing point record
      * @exception EBaseException occurs when the specified CRL issuing point
-     *     record cannot be deleted 
+     *                record cannot be deleted
      */
-    public void deleteCRLIssuingPointRecord(String id)
-        throws EBaseException;
+    public void deleteCRLIssuingPointRecord(String id) throws EBaseException;
 
     /**
-     * This method checks to see if the OCSP response should return good
-     * when the certificate is not found.
+     * This method checks to see if the OCSP response should return good when
+     * the certificate is not found.
      * <P>
-     *
+     * 
      * @return boolean true or false
      */
     public boolean isNotFoundGood();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java b/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java
index b99f6241c..a663cdfdf 100644
--- a/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPAuthority.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ocsp;
 
-
 import netscape.security.x509.X500Name;
 
 import org.mozilla.jss.asn1.OBJECT_IDENTIFIER;
@@ -30,19 +29,18 @@ import com.netscape.cmsutil.ocsp.BasicOCSPResponse;
 import com.netscape.cmsutil.ocsp.ResponderID;
 import com.netscape.cmsutil.ocsp.ResponseData;
 
-
 /**
- * This class represents the primary interface for the Online Certificate
- * Status Protocol (OCSP) server.
- * <P> 
- *
+ * This class represents the primary interface for the Online Certificate Status
+ * Protocol (OCSP) server.
+ * <P>
+ * 
  * @version $Revision$, $Date$
  */
-public interface IOCSPAuthority extends ISubsystem
-{
+public interface IOCSPAuthority extends ISubsystem {
     public static final String ID = "ocsp";
 
-    public final static OBJECT_IDENTIFIER OCSP_NONCE = new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.48.1.2");
+    public final static OBJECT_IDENTIFIER OCSP_NONCE = new OBJECT_IDENTIFIER(
+            "1.3.6.1.5.5.7.48.1.2");
 
     public final static String PROP_DEF_STORE_ID = "storeId";
     public final static String PROP_STORE = "store";
@@ -53,16 +51,16 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method retrieves the OCSP store given its name.
      * <P>
-     *
+     * 
      * @param id the string representation of an OCSP store
      * @return IOCSPStore an instance of an OCSP store object
      */
-    public IOCSPStore getOCSPStore(String id); 
+    public IOCSPStore getOCSPStore(String id);
 
     /**
      * This method retrieves the signing unit.
      * <P>
-     *
+     * 
      * @return ISigningUnit an instance of a signing unit object
      */
     public ISigningUnit getSigningUnit();
@@ -70,7 +68,7 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method retrieves the responder ID by its name.
      * <P>
-     *
+     * 
      * @return ResponderID an instance of a responder ID
      */
     public ResponderID getResponderIDByName();
@@ -78,16 +76,16 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method retrieves the responder ID by its hash.
      * <P>
-     *
+     * 
      * @return ResponderID an instance of a responder ID
      */
     public ResponderID getResponderIDByHash();
 
     /**
-     * This method retrieves the default OCSP store
-     * (i. e. - information from the internal database).
+     * This method retrieves the default OCSP store (i. e. - information from
+     * the internal database).
      * <P>
-     *
+     * 
      * @return IDefStore an instance of the default OCSP store
      */
     public IDefStore getDefaultStore();
@@ -95,17 +93,16 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method sets the supplied algorithm as the default signing algorithm.
      * <P>
-     *
+     * 
      * @param algorithm a string representing the requested algorithm
      * @exception EBaseException if the algorithm is unknown or disallowed
      */
-    public void setDefaultAlgorithm(String algorithm)
-        throws EBaseException;
+    public void setDefaultAlgorithm(String algorithm) throws EBaseException;
 
     /**
      * This method retrieves the default signing algorithm.
      * <P>
-     *
+     * 
      * @return String the name of the default signing algorithm
      */
     public String getDefaultAlgorithm();
@@ -113,7 +110,7 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method retrieves all potential OCSP signing algorithms.
      * <P>
-     *
+     * 
      * @return String[] the names of all potential OCSP signing algorithms
      */
     public String[] getOCSPSigningAlgorithms();
@@ -121,17 +118,17 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method logs the specified message at the specified level.
      * <P>
-     *
+     * 
      * @param level the log level
      * @param msg the log message
      */
     public void log(int level, String msg);
 
     /**
-     * This method logs the specified message at the specified level given
-     * the specified event.
+     * This method logs the specified message at the specified level given the
+     * specified event.
      * <P>
-     *
+     * 
      * @param event the log event
      * @param level the log message
      * @param msg the log message
@@ -141,7 +138,7 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method retrieves the X500Name of an OCSP server instance.
      * <P>
-     *
+     * 
      * @return X500Name an instance of the X500 name object
      */
     public X500Name getName();
@@ -149,7 +146,7 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method retrieves an OCSP server instance digest name as a string.
      * <P>
-     *
+     * 
      * @param alg the signing algorithm
      * @return String the digest name of the related OCSP server
      */
@@ -158,19 +155,18 @@ public interface IOCSPAuthority extends ISubsystem
     /**
      * This method signs the basic OCSP response data provided as a parameter.
      * <P>
-     *
+     * 
      * @param rd response data
      * @return BasicOCSPResponse signed response data
-     * @exception EBaseException error associated with an inability to sign
-     *     the specified response data
+     * @exception EBaseException error associated with an inability to sign the
+     *                specified response data
      */
-    public BasicOCSPResponse sign(ResponseData rd)
-        throws EBaseException;
+    public BasicOCSPResponse sign(ResponseData rd) throws EBaseException;
 
     /**
      * This method compares two byte arrays to see if they are equivalent.
      * <P>
-     *
+     * 
      * @param bytes the first byte array
      * @param ints the second byte array
      * @return boolean true or false
@@ -178,8 +174,10 @@ public interface IOCSPAuthority extends ISubsystem
     public boolean arraysEqual(byte[] bytes, byte[] ints);
 
     public void incTotalTime(long inc);
+
     public void incSignTime(long inc);
+
     public void incLookupTime(long inc);
+
     public void incNumOCSPRequest(long inc);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java b/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java
index 8ca8b2f02..3e2b87be8 100644
--- a/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java
+++ b/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPService.java
@@ -17,53 +17,49 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ocsp;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.cmsutil.ocsp.OCSPRequest;
 import com.netscape.cmsutil.ocsp.OCSPResponse;
 
-
 /**
- * This class represents the servlet that serves the Online Certificate
- * Status Protocol (OCSP) requests.
- *
+ * This class represents the servlet that serves the Online Certificate Status
+ * Protocol (OCSP) requests.
+ * 
  * @version $Revision$ $Date$
  */
-public interface IOCSPService
-{
+public interface IOCSPService {
     /**
-     * This method validates the information associated with the specified
-     * OCSP request and returns an OCSP response.
+     * This method validates the information associated with the specified OCSP
+     * request and returns an OCSP response.
      * <P>
-     *
+     * 
      * @param r an OCSP request
-     * @return OCSPResponse the OCSP response associated with the specified
-     *     OCSP request
+     * @return OCSPResponse the OCSP response associated with the specified OCSP
+     *         request
      * @exception EBaseException an error associated with the inability to
-     *     process the supplied OCSP request
+     *                process the supplied OCSP request
      */
-    public OCSPResponse validate(OCSPRequest r) 
-        throws EBaseException;
+    public OCSPResponse validate(OCSPRequest r) throws EBaseException;
 
     /**
      * Returns the in-memory count of the processed OCSP requests.
-     *
+     * 
      * @return number of processed OCSP requests in memory
      */
     public long getNumOCSPRequest();
 
     /**
-     * Returns the in-memory time (in mini-second) of
-     * the processed time for OCSP requests.
-     *
+     * Returns the in-memory time (in mini-second) of the processed time for
+     * OCSP requests.
+     * 
      * @return processed times for OCSP requests
      */
     public long getOCSPRequestTotalTime();
 
     /**
-     * Returns the in-memory time (in mini-second) of
-     * the signing time for OCSP requests.
-     *
+     * Returns the in-memory time (in mini-second) of the signing time for OCSP
+     * requests.
+     * 
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalSignTime();
@@ -71,11 +67,9 @@ public interface IOCSPService
     public long getOCSPTotalLookupTime();
 
     /**
-     * Returns the total data signed
-     * for OCSP requests.
-     *
+     * Returns the total data signed for OCSP requests.
+     * 
      * @return processed times for OCSP requests
      */
     public long getOCSPTotalData();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java b/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java
index ee60105ce..57ef6ff9e 100644
--- a/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java
+++ b/pki/base/common/src/com/netscape/certsrv/ocsp/IOCSPStore.java
@@ -17,46 +17,42 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ocsp;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.common.NameValuePairs;
 import com.netscape.cmsutil.ocsp.OCSPRequest;
 import com.netscape.cmsutil.ocsp.OCSPResponse;
 
-
 /**
- * This class represents the generic interface for an Online Certificate
- * Status Protocol (OCSP) store.  Users can plugin different OCSP stores
- * by extending this class.  For example, imagine that if a user wants to
- * use the corporate LDAP server for revocation checking, then the user
- * would merely create a new class that extends this class (e. g. -
+ * This class represents the generic interface for an Online Certificate Status
+ * Protocol (OCSP) store. Users can plugin different OCSP stores by extending
+ * this class. For example, imagine that if a user wants to use the corporate
+ * LDAP server for revocation checking, then the user would merely create a new
+ * class that extends this class (e. g. -
  * "public interface ICorporateLDAPStore extends IOCSPStore").
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
-public interface IOCSPStore extends ISubsystem
-{
+public interface IOCSPStore extends ISubsystem {
     /**
-     * This method validates the information associated with the specified
-     * OCSP request and returns an OCSP response.
+     * This method validates the information associated with the specified OCSP
+     * request and returns an OCSP response.
      * <P>
-     *
+     * 
      * @param req an OCSP request
-     * @return OCSPResponse the OCSP response associated with the specified
-     *     OCSP request
+     * @return OCSPResponse the OCSP response associated with the specified OCSP
+     *         request
      * @exception EBaseException an error associated with the inability to
-     *     process the supplied OCSP request
+     *                process the supplied OCSP request
      */
-    public OCSPResponse validate(OCSPRequest req) 
-        throws EBaseException;
+    public OCSPResponse validate(OCSPRequest req) throws EBaseException;
 
     /**
      * This method retrieves the configuration parameters associated with this
      * OCSP store.
      * <P>
-     *
+     * 
      * @return NameValuePairs all configuration items
      */
     public NameValuePairs getConfigParameters();
@@ -65,11 +61,9 @@ public interface IOCSPStore extends ISubsystem
      * This method stores the configuration parameters specified by the
      * passed-in Name Value pairs object.
      * <P>
-     *
+     * 
      * @param pairs a name-value pair object
      * @exception EBaseException an illegal name-value pair
      */
-    public void setConfigParameters(NameValuePairs pairs) 
-        throws EBaseException;
+    public void setConfigParameters(NameValuePairs pairs) throws EBaseException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java b/pki/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java
index a99fd764f..65bef6079 100644
--- a/pki/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java
+++ b/pki/base/common/src/com/netscape/certsrv/password/EPasswordCheckException.java
@@ -23,7 +23,7 @@ import com.netscape.certsrv.base.PasswordResources;
 /**
  * A class represents a password checker exception.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EPasswordCheckException extends EBaseException {
@@ -35,11 +35,13 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Resource class name.
      */
-    private static final String PASSWORD_CHECK_RESOURCES = PasswordResources.class.getName();
+    private static final String PASSWORD_CHECK_RESOURCES = PasswordResources.class
+            .getName();
 
     /**
      * Constructs a password checker exception
      * <P>
+     * 
      * @param msgFormat exception details
      */
     public EPasswordCheckException(String msgFormat) {
@@ -49,6 +51,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception.
      * <P>
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -59,6 +62,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception.
      * <P>
+     * 
      * @param msgFormat exception details in message string format
      * @param exception system exception
      */
@@ -69,6 +73,7 @@ public class EPasswordCheckException extends EBaseException {
     /**
      * Constructs a password checker exception.
      * <P>
+     * 
      * @param msgFormat the message format.
      * @param params list of message format parameters
      */
@@ -78,6 +83,7 @@ public class EPasswordCheckException extends EBaseException {
 
     /**
      * Retrieves bundle name.
+     * 
      * @return resource bundle name.
      */
     protected String getBundleName() {
diff --git a/pki/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java b/pki/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java
index ddf4325c2..3abe5f218 100644
--- a/pki/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java
+++ b/pki/base/common/src/com/netscape/certsrv/password/IConfigPasswordCheck.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.password;
 
-
 /**
  * Configuration Wizard Password quality checker interface.
  * <P>
@@ -28,16 +27,18 @@ public interface IConfigPasswordCheck {
 
     /**
      * Check if the password meets the quality requirement
+     * 
      * @param pwd the given password
-     * @return true if the password meets the quality requirement; otherwise false
+     * @return true if the password meets the quality requirement; otherwise
+     *         false
      */
     public boolean isGoodConfigPassword(String pwd);
 
     /**
      * Returns a reason if the password doesnt meet the quality requirement.
+     * 
      * @param pwd the given password
      * @return a reason if the password quality requirement is not met.
      */
     public String getConfigReason(String pwd);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java b/pki/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java
index bb84a72fa..3c1530fb4 100644
--- a/pki/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java
+++ b/pki/base/common/src/com/netscape/certsrv/password/IPasswordCheck.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.password;
 
-
 /**
  * Password quality checker interface.
  * <P>
@@ -28,16 +27,18 @@ public interface IPasswordCheck {
 
     /**
      * Check if the password meets the quality requirement
+     * 
      * @param pwd the given password
-     * @return true if the password meets the quality requirement; otherwise false
+     * @return true if the password meets the quality requirement; otherwise
+     *         false
      */
     public boolean isGoodPassword(String pwd);
 
     /**
      * Returns a reason if the password doesnt meet the quality requirement.
+     * 
      * @param pwd the given password
      * @return a reason if the password quality requirement is not met.
      */
     public String getReason(String pwd);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java b/pki/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java
index 2a9a87e39..362fe7782 100644
--- a/pki/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java
+++ b/pki/base/common/src/com/netscape/certsrv/pattern/AttrSetCollection.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.pattern;
 
-
 import java.util.Hashtable;
 
 import com.netscape.certsrv.base.IAttrSet;
 
 /**
- * This class represents a collection of attribute
- * sets.
- *
+ * This class represents a collection of attribute sets.
+ * 
  * @version $Revision$, $Date$
  */
 public class AttrSetCollection extends Hashtable {
@@ -44,7 +42,7 @@ public class AttrSetCollection extends Hashtable {
 
     /**
      * Retrieves a attribute set from this collection.
-     *
+     * 
      * @param name name of the attribute set
      * @return attribute set
      */
@@ -54,7 +52,7 @@ public class AttrSetCollection extends Hashtable {
 
     /**
      * Sets attribute set in this collection.
-     *
+     * 
      * @param name set of the attribute set
      * @param set attribute set
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/pattern/Pattern.java b/pki/base/common/src/com/netscape/certsrv/pattern/Pattern.java
index d177f87b1..250951ced 100644
--- a/pki/base/common/src/com/netscape/certsrv/pattern/Pattern.java
+++ b/pki/base/common/src/com/netscape/certsrv/pattern/Pattern.java
@@ -17,34 +17,30 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.pattern;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
- * This is a generic pattern subtitution engine. The
- * pattern format should be:
+ * This is a generic pattern subtitution engine. The pattern format should be:
  * <p>
- *   $[attribute set key].[attribute name]$
+ * $[attribute set key].[attribute name]$
  * <p>
  * For example,
  * <p>
- *   $request.requestor_email$
- *   $ctx.user_id$
+ * $request.requestor_email$ $ctx.user_id$
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class Pattern {
 
     private String mS = null;
-   
+
     /**
      * Constructs a pattern object with the given string.
-     *
+     * 
      * @param s string with pattern (i.e. $request.requestor_email$)
      */
     public Pattern(String s) {
@@ -53,7 +49,7 @@ public class Pattern {
 
     /**
      * Subtitutes this pattern with the given attribute set.
-     *
+     * 
      * @param key key name of the given attribute set
      * @param attrSet attribute set
      * @return substituted string
@@ -64,7 +60,7 @@ public class Pattern {
 
     /**
      * Subtitutes this pattern with the given attribute set.
-     *
+     * 
      * @param attrSetCollection attribute set collection
      * @return substituted string
      */
@@ -76,24 +72,21 @@ public class Pattern {
             String key = (String) keys.nextElement();
             Pattern p = new Pattern(temp);
 
-            temp = p.substitute(key, 
-                        attrSetCollection.getAttrSet(key));
-			
+            temp = p.substitute(key, attrSetCollection.getAttrSet(key));
+
         }
         return temp;
     }
 
     /**
      * Subtitutes this pattern with the given attribute set.
-     *
-	 * This is an extended version of the substitute() method.
-	 * It takes a more flexible pattern format that could have
-	 * non-token ($...$) format.  e.g.
-	 *    $request.screenname$@redhat.com
-	 * where "@redhat.com" is not in token pattern format, and will be
-	 * literally put in place. e.g.
-	 *    TomRiddle@redhat.com
-	 *
+     * 
+     * This is an extended version of the substitute() method. It takes a more
+     * flexible pattern format that could have non-token ($...$) format. e.g.
+     * $request.screenname$@redhat.com where "@redhat.com" is not in token
+     * pattern format, and will be literally put in place. e.g.
+     * TomRiddle@redhat.com
+     * 
      * @param key key name of the given attribute set
      * @param attrSet attribute set
      * @return substituted string
@@ -105,39 +98,39 @@ public class Pattern {
         int lastPos;
 
         do {
-			// from startPos to right before '$' or end of string
-			// need to be copied over
-			
+            // from startPos to right before '$' or end of string
+            // need to be copied over
+
             lastPos = mS.indexOf('$', startPos);
 
-			// if no '$', return the entire string
+            // if no '$', return the entire string
             if (lastPos == -1 && startPos == 0)
-              return mS;
+                return mS;
 
-			// no more '$' found, copy the rest of chars, done
+            // no more '$' found, copy the rest of chars, done
             if (lastPos == -1) {
-				sb.append(mS.substring(startPos)); //
-				return sb.toString(); //
-				//                continue;
-			}
+                sb.append(mS.substring(startPos)); //
+                return sb.toString(); //
+                // continue;
+            }
 
-			// found '$'
+            // found '$'
             if (startPos < lastPos) {
-                sb.append(mS.substring(startPos, lastPos));	
+                sb.append(mS.substring(startPos, lastPos));
             }
 
-			// look for the ending '$'
+            // look for the ending '$'
             int endPos = mS.indexOf('$', lastPos + 1);
             String token = mS.substring(lastPos + 1, endPos);
             int dotPos = token.indexOf('.');
 
-			// it's assuming there's always a '.'
+            // it's assuming there's always a '.'
             String attrKey = token.substring(0, dotPos);
             String attrName = token.substring(dotPos + 1);
 
             if (!key.equals(attrKey)) {
                 startPos = endPos + 1;
-                sb.append("$" + attrKey + "." + attrName + "$");	
+                sb.append("$" + attrKey + "." + attrName + "$");
                 continue;
             }
 
@@ -145,20 +138,19 @@ public class Pattern {
                 Object o = attrSet.get(attrName);
 
                 if (!(o instanceof String)) {
-                    startPos = endPos + 1;	
-					// if no such attrName, copy the token pattern over
-                    sb.append("$" + attrKey + "." + attrName + "$");	
+                    startPos = endPos + 1;
+                    // if no such attrName, copy the token pattern over
+                    sb.append("$" + attrKey + "." + attrName + "$");
                     continue;
                 }
                 String val = (String) o;
 
-                sb.append(val);	
+                sb.append(val);
             } catch (EBaseException e) {
-                sb.append("$" + attrKey + "." + attrName + "$");	
+                sb.append("$" + attrKey + "." + attrName + "$");
             }
-            startPos = endPos + 1;	
-        }
-        while (lastPos != -1);
+            startPos = endPos + 1;
+        } while (lastPos != -1);
 
         return sb.toString();
     }
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/EPolicyException.java b/pki/base/common/src/com/netscape/certsrv/policy/EPolicyException.java
index c8431fcfd..dacbb103d 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/EPolicyException.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/EPolicyException.java
@@ -17,25 +17,23 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Locale;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.MessageFormatter;
 
-
 /**
- * This class represents Exceptions used by the policy package.
- * The policies themselves do not raise exceptions but use them
- * to format error messages.
- *
+ * This class represents Exceptions used by the policy package. The policies
+ * themselves do not raise exceptions but use them to format error messages.
+ * 
  * Adapted from EBasException
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  * @see java.text.MessageFormat
@@ -49,12 +47,13 @@ public class EPolicyException extends EBaseException {
     /**
      * Resource class name.
      */
-    private static final String POLICY_RESOURCES = PolicyResources.class.getName();
+    private static final String POLICY_RESOURCES = PolicyResources.class
+            .getName();
 
     /**
      * Constructs a base exception.
      * <P>
-     *
+     * 
      * @param msgFormat exception details
      */
     public EPolicyException(String msgFormat) {
@@ -64,11 +63,12 @@ public class EPolicyException extends EBaseException {
 
     /**
      * Constructs a base exception with a parameter. For example,
+     * 
      * <PRE>
-     * 		new EPolicyException("failed to load {0}", fileName);
+     * new EPolicyException(&quot;failed to load {0}&quot;, fileName);
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
      */
@@ -81,7 +81,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Constructs a base exception with two String parameters. For example,
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param param1 message string parameter
      * @param param2 message string parameter
@@ -94,9 +94,9 @@ public class EPolicyException extends EBaseException {
     }
 
     /**
-     * Constructs a base exception. It can be used to carry
-     * a system exception that may contain information about
-     * the context. For example,
+     * Constructs a base exception. It can be used to carry a system exception
+     * that may contain information about the context. For example,
+     * 
      * <PRE>
      * 		try {
      *  		...
@@ -105,7 +105,7 @@ public class EPolicyException extends EBaseException {
      *      }
      * </PRE>
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param param system exception
      */
@@ -116,10 +116,10 @@ public class EPolicyException extends EBaseException {
     }
 
     /**
-     * Constructs a base exception with a list of parameters
-     * that will be substituted into the message format.
+     * Constructs a base exception with a list of parameters that will be
+     * substituted into the message format.
      * <P>
-     *
+     * 
      * @param msgFormat exception details in message string format
      * @param params list of message format parameters
      */
@@ -131,7 +131,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Returns a list of parameters.
      * <P>
-     *
+     * 
      * @return list of message format parameters
      */
     public Object[] getParameters() {
@@ -139,10 +139,10 @@ public class EPolicyException extends EBaseException {
     }
 
     /**
-     * Returns localized exception string. This method should
-     * only be called if a localized string is necessary.
+     * Returns localized exception string. This method should only be called if
+     * a localized string is necessary.
      * <P>
-     *
+     * 
      * @return details message
      */
     public String toString() {
@@ -152,7 +152,7 @@ public class EPolicyException extends EBaseException {
     /**
      * Returns the string based on the given locale.
      * <P>
-     *
+     * 
      * @param locale locale
      * @return details message
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java b/pki/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java
index bfd0e7c20..04de34341 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java
@@ -17,20 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 /**
- * Interface for an enrollment policy rule. This provides general
- * typing for rules so that a policy processor can group rules
- * based on a particular type.
+ * Interface for an enrollment policy rule. This provides general typing for
+ * rules so that a policy processor can group rules based on a particular type.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
 public interface IEnrollmentPolicy extends IPolicyRule {
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IExpression.java b/pki/base/common/src/com/netscape/certsrv/policy/IExpression.java
index 6bed58c5d..f66253aad 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IExpression.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IExpression.java
@@ -17,18 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
  * Interface for a policy expression.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -48,12 +47,11 @@ public interface IExpression {
 
     /**
      * Evaluate the Expression.
-     *
-     * @param req	The PKIRequest on which we are applying the condition.
-     * @return 		The return value.
+     * 
+     * @param req The PKIRequest on which we are applying the condition.
+     * @return The return value.
      */
-    boolean evaluate(IRequest req)
-        throws EPolicyException;
+    boolean evaluate(IRequest req) throws EPolicyException;
 
     /**
      * Convert to a string.
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java
index ff30dc11b..33eaa2983 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java
@@ -17,21 +17,20 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Vector;
 
 import netscape.security.x509.GeneralName;
 
-
-/** 
- * Class that can be used to form general names from configuration file. 
- * Used by policies and extension commands.  
+/**
+ * Class that can be used to form general names from configuration file. Used by
+ * policies and extension commands.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -39,14 +38,14 @@ public interface IGeneralNameAsConstraintsConfig {
 
     /**
      * Retrieves instance parameters.
-     *
+     * 
      * @param params parameters
      */
     public void getInstanceParams(Vector params);
 
     /**
      * Retrieves the general name.
-     *
+     * 
      * @return general name
      */
     public GeneralName getGeneralName();
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java
index 1f93719d3..06badb548 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java
@@ -17,23 +17,22 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Vector;
 
 import netscape.security.x509.GeneralName;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
-/** 
- * Class that can be used to form general names from configuration file. 
- * Used by policies and extension commands.  
+/**
+ * Class that can be used to form general names from configuration file. Used by
+ * policies and extension commands.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -41,27 +40,25 @@ public interface IGeneralNameConfig {
 
     /**
      * Forms a general name from string.
-     *
+     * 
      * @param value general name in string
      * @return general name object
      * @exception EBaseException failed to form general name
      */
-    public GeneralName formGeneralName(String value) 
-        throws EBaseException;
+    public GeneralName formGeneralName(String value) throws EBaseException;
 
     /**
      * Forms general names from the given value.
-     *
+     * 
      * @param value general name in string
      * @return a vector of general names
      * @exception EBaseException failed to form general name
      */
-    public Vector formGeneralNames(Object value)
-        throws EBaseException;
+    public Vector formGeneralNames(Object value) throws EBaseException;
 
     /**
      * Retrieves the instance parameters.
-     *
+     * 
      * @param params parameters
      */
     public void getInstanceParams(Vector params);
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java
index c1526284a..7987dd2c3 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java
@@ -17,16 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
-/** 
- * Class that can be used to form general names from configuration file. 
- * Used by policies and extension commands.
+/**
+ * Class that can be used to form general names from configuration file. Used by
+ * policies and extension commands.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -51,30 +51,27 @@ public interface IGeneralNameUtil {
      */
     public static final int DEF_NUM_GENERALNAMES = 8;
 
-    /** 
+    /**
      * Default extended plugin info.
      */
-    public static String 
-        NUM_GENERALNAMES_INFO = "number;The total number of alternative names or identities permitted in the extension.";
-    public static String GENNAME_CHOICE_INFO = 
-        "choice(" +
-        IGeneralNameUtil.GENNAME_CHOICE_RFC822NAME + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_DIRECTORYNAME + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_DNSNAME + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_EDIPARTYNAME + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_URL + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_IPADDRESS + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_REGISTEREDID + "," +
-        IGeneralNameUtil.GENNAME_CHOICE_OTHERNAME + ");" +
-        "GeneralName choice. See RFC 2459 appendix B2 on GeneralName.";
-    public static String GENNAME_VALUE_INFO = 
-        "string;Value according to the GeneralName choice.";
+    public static String NUM_GENERALNAMES_INFO = "number;The total number of alternative names or identities permitted in the extension.";
+    public static String GENNAME_CHOICE_INFO = "choice("
+            + IGeneralNameUtil.GENNAME_CHOICE_RFC822NAME + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_DIRECTORYNAME + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_DNSNAME + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_EDIPARTYNAME + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_URL + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_IPADDRESS + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_REGISTEREDID + ","
+            + IGeneralNameUtil.GENNAME_CHOICE_OTHERNAME + ");"
+            + "GeneralName choice. See RFC 2459 appendix B2 on GeneralName.";
+    public static String GENNAME_VALUE_INFO = "string;Value according to the GeneralName choice.";
 
-    public static String 
-        PROP_NUM_GENERALNAMES_INFO = PROP_NUM_GENERALNAMES + ";" + NUM_GENERALNAMES_INFO;
-    public static String 
-        PROP_GENNAME_CHOICE_INFO = PROP_GENNAME_CHOICE + ";" + GENNAME_CHOICE_INFO;
-    public static String 
-        PROP_GENNAME_VALUE_INFO = PROP_GENNAME_VALUE + ";" + GENNAME_VALUE_INFO;
+    public static String PROP_NUM_GENERALNAMES_INFO = PROP_NUM_GENERALNAMES
+            + ";" + NUM_GENERALNAMES_INFO;
+    public static String PROP_GENNAME_CHOICE_INFO = PROP_GENNAME_CHOICE + ";"
+            + GENNAME_CHOICE_INFO;
+    public static String PROP_GENNAME_VALUE_INFO = PROP_GENNAME_VALUE + ";"
+            + GENNAME_VALUE_INFO;
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java
index e64187b86..75c21f2bd 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java
@@ -17,21 +17,20 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Vector;
 
 import netscape.security.x509.GeneralNames;
 
-
-/** 
- * Class that can be used to form general names from configuration file. 
- * Used by policies and extension commands.
+/**
+ * Class that can be used to form general names from configuration file. Used by
+ * policies and extension commands.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -39,14 +38,14 @@ public interface IGeneralNamesAsConstraintsConfig {
 
     /**
      * Retrieves a list of configured general names.
-     *
+     * 
      * @return a list of general names
      */
     public GeneralNames getGeneralNames();
 
     /**
      * Retrieves instance parameters.
-     *
+     * 
      * @param params instance parameters
      */
     public void getInstanceParams(Vector params);
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java
index 644258567..197a25317 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java
@@ -17,21 +17,20 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Vector;
 
 import netscape.security.x509.GeneralNames;
 
-
-/** 
- * Class that can be used to form general names from configuration file. 
- * Used by policies and extension commands.
+/**
+ * Class that can be used to form general names from configuration file. Used by
+ * policies and extension commands.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -39,14 +38,14 @@ public interface IGeneralNamesConfig {
 
     /**
      * Retrieves a list of configured general names.
-     *
+     * 
      * @return general names
      */
     public GeneralNames getGeneralNames();
 
     /**
      * Retrieves the instance parameters.
-     *
+     * 
      * @param params instance parameters
      */
     public void getInstanceParams(Vector params);
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java b/pki/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java
index 13ba5f616..14a29256f 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java
@@ -17,18 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 /**
  * Interface for a key recovery policy rule.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
 public interface IKeyArchivalPolicy extends IPolicyRule {
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java b/pki/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java
index 1d173f28f..6de615673 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java
@@ -17,18 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 /**
  * Interface for a key recovery policy rule.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
 public interface IKeyRecoveryPolicy extends IPolicyRule {
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java b/pki/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java
index 7b5f44650..641932faa 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java
@@ -17,15 +17,15 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 /**
  * Interface for policy predicate parsers.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -33,11 +33,10 @@ public interface IPolicyPredicateParser {
 
     /**
      * Parse the predicate expression and return a vector of expressions.
-     *
-     * @param predicateExpression	The predicate expression as read from the
-     *		config file.
-     * @return expVector	The vector of expressions.
+     * 
+     * @param predicateExpression The predicate expression as read from the
+     *            config file.
+     * @return expVector The vector of expressions.
      */
-    IExpression parse(String predicateExpression)
-        throws EPolicyException;
+    IExpression parse(String predicateExpression) throws EPolicyException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java b/pki/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java
index 834d462e0..5e2d297f9 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Enumeration;
 import java.util.Hashtable;
 import java.util.Vector;
@@ -25,22 +24,22 @@ import java.util.Vector;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * A generic interface for a policy processor. By making a processor
- * extend the policy interface, we make even the processor a rule -
- * which makes sense because a processor may be based on some rule
- * such as evaluate all policies before returning the final result or
- * return as soon as one of the policies return a failure and so on.
- *
- * By making both processor and policy rules implement a common
- * interface, one can write rules that are processors as well.
+ * A generic interface for a policy processor. By making a processor extend the
+ * policy interface, we make even the processor a rule - which makes sense
+ * because a processor may be based on some rule such as evaluate all policies
+ * before returning the final result or return as soon as one of the policies
+ * return a failure and so on.
+ * 
+ * By making both processor and policy rules implement a common interface, one
+ * can write rules that are processors as well.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -61,42 +60,40 @@ public interface IPolicyProcessor extends ISubsystem,
 
     /**
      * Returns the policy substore id.
-     *
-     * @return storeID	The policy store id used by this processor.
+     * 
+     * @return storeID The policy store id used by this processor.
      */
     String getPolicySubstoreId();
 
     /**
      * Returns information on Policy impls.
-     *
-     * @return An enumeration of strings describing the information
-     * 		   about policy implementations. Currently only the
-     *		   the implementation id is expected.
+     * 
+     * @return An enumeration of strings describing the information about policy
+     *         implementations. Currently only the the implementation id is
+     *         expected.
      */
     Enumeration getPolicyImplsInfo();
 
     /**
      * Returns the rule implementations registered with this processor.
-     *
-     * @return An Enumeration of uninitialized IPolicyRule 
-     *					objects.
+     * 
+     * @return An Enumeration of uninitialized IPolicyRule objects.
      */
     Enumeration getPolicyImpls();
 
     /**
      * Returns an implementation identified by a given id.
-     *
-     * @param id		The implementation id.
+     * 
+     * @param id The implementation id.
      * @return The uninitialized instance of the policy rule.
      */
     IPolicyRule getPolicyImpl(String id);
 
     /**
-     * Returns configuration for an implmentation. 
-     *
-     * @param id		The implementation id.
-     * @return A vector of name/value pairs in the form of
-     *	name=value.
+     * Returns configuration for an implmentation.
+     * 
+     * @param id The implementation id.
+     * @return A vector of name/value pairs in the form of name=value.
      */
     Vector getPolicyImplConfig(String id);
 
@@ -104,53 +101,48 @@ public interface IPolicyProcessor extends ISubsystem,
      * Deletes a policy implementation identified by an impl id.
      * 
      * 
-     * @param id	The impl id of the policy to be deleted.
-     *				There shouldn't be any active instance for this 
-     *				implementation.
+     * @param id The impl id of the policy to be deleted. There shouldn't be any
+     *            active instance for this implementation.
      * @exception EBaseException is thrown if an error occurs in deletion.
      */
-    void deletePolicyImpl(String id)
-        throws EBaseException;
+    void deletePolicyImpl(String id) throws EBaseException;
 
     /**
      * Adds a policy implementation identified by an impl id.
      * 
-     * @param id			The impl id of the policy to be added.
-     *						The id should be unique.
-     * @param classPath 	The fully qualified path for the implementation. 
+     * @param id The impl id of the policy to be added. The id should be unique.
+     * @param classPath The fully qualified path for the implementation.
      * @exception EBaseException is thrown if an error occurs in addition.
      */
-    void addPolicyImpl(String id, String classPath)
-        throws EBaseException;
+    void addPolicyImpl(String id, String classPath) throws EBaseException;
 
     /**
      * Returns information on Policy instances.
-     *
-     * @return An Enumeration of Strings describing the information 
-     *			about policy rule instances.
+     * 
+     * @return An Enumeration of Strings describing the information about policy
+     *         rule instances.
      */
     Enumeration getPolicyInstancesInfo();
 
     /**
      * Returns policy instances registered with this processor.
-     *
+     * 
      * @return An Enumeration of policy instances.
      */
     Enumeration getPolicyInstances();
 
     /**
      * Returns instance configuration for a given instance id.
-     *
-     * @param id		The rule id.
-     * @return A vector of name/value pairs in the form of
-     *	name=value.
+     * 
+     * @param id The rule id.
+     * @return A vector of name/value pairs in the form of name=value.
      */
     Vector getPolicyInstanceConfig(String id);
 
     /**
      * Returns instance configuration for a given instance id.
-     *
-     * @param id		The rule id.
+     * 
+     * @param id The rule id.
      * @return the policy instance identified by the id.
      */
     IPolicyRule getPolicyInstance(String id);
@@ -158,41 +150,36 @@ public interface IPolicyProcessor extends ISubsystem,
     /**
      * Deletes a policy instance identified by an instance id.
      * 
-     * @param id	The instance id of the policy to be deleted.
+     * @param id The instance id of the policy to be deleted.
      * @exception EBaseException is thrown if an error occurs in deletion.
      */
-    void deletePolicyInstance(String id)
-        throws EBaseException;
+    void deletePolicyInstance(String id) throws EBaseException;
 
     /**
-     * Adds a policy instance 
+     * Adds a policy instance
      * 
-     * @param id			The impl id of the policy to be added.
-     *						The id should be unique.
+     * @param id The impl id of the policy to be added. The id should be unique.
      * @param ht a Hashtable of config params.
      * @exception EBaseException is thrown if an error occurs in addition.
      */
-    void addPolicyInstance(String id, Hashtable ht)
-        throws EBaseException;
+    void addPolicyInstance(String id, Hashtable ht) throws EBaseException;
 
     /**
-     * Modifies a policy instance 
+     * Modifies a policy instance
      * 
-     * @param id			The impl id of the policy to be modified.
-     *						The policy instance with this id should be present.
+     * @param id The impl id of the policy to be modified. The policy instance
+     *            with this id should be present.
      * @param ht a Hashtable of config params.
      * @exception EBaseException is thrown if an error occurs in addition.
      */
-    void modifyPolicyInstance(String id, Hashtable ht)
-        throws EBaseException;
+    void modifyPolicyInstance(String id, Hashtable ht) throws EBaseException;
 
     /**
      * Modifies policy ordering.
-     *
+     * 
      * @param policyOrderStr The comma separated list of instance ids.
-     *
+     * 
      */
     void changePolicyInstanceOrdering(String policyOrderStr)
-        throws EBaseException;
+            throws EBaseException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java b/pki/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java
index d80a0d0c2..aa4dcde84 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Vector;
 
 import com.netscape.certsrv.base.EBaseException;
@@ -26,20 +25,19 @@ import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.PolicyResult;
 
-
 /**
  * Interface for a policy rule.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
-public interface IPolicyRule
-    extends com.netscape.certsrv.request.IPolicy {
+public interface IPolicyRule extends com.netscape.certsrv.request.IPolicy {
     public static final String PROP_ENABLE = "enable";
     public static final String PROP_PREDICATE = "predicate";
     public static final String PROP_IMPLNAME = "implName";
@@ -47,15 +45,15 @@ public interface IPolicyRule
     /**
      * Initializes the policy rule.
      * <P>
-     *
+     * 
      * @param config The config store reference
      */
-    void init(ISubsystem owner, IConfigStore config)
-        throws EBaseException;
+    void init(ISubsystem owner, IConfigStore config) throws EBaseException;
 
     /**
      * Gets the description for this policy rule.
      * <P>
+     * 
      * @return The Description for this rule.
      */
     String getDescription();
@@ -63,7 +61,7 @@ public interface IPolicyRule
     /**
      * Returns the name of the policy rule class.
      * <P>
-     *
+     * 
      * @return The name of the policy class.
      */
     String getName();
@@ -71,52 +69,52 @@ public interface IPolicyRule
     /**
      * Returns the name of the policy rule instance.
      * <P>
-     *
-     * @return The name of the policy rule instance. If none
-     * 	is set the name of the implementation will be returned.
-     * 	
+     * 
+     * @return The name of the policy rule instance. If none is set the name of
+     *         the implementation will be returned.
+     * 
      */
     String getInstanceName();
 
     /**
      * Sets a predicate expression for rule matching.
      * <P>
-     *
-     * @param exp	The predicate expression for the rule.
+     * 
+     * @param exp The predicate expression for the rule.
      */
     void setPredicate(IExpression exp);
 
     /**
      * Returns the predicate expression for the rule.
      * <P>
-     *
+     * 
      * @return The predicate expression for the rule.
      */
     IExpression getPredicate();
 
     /**
-     * Applies the policy on the given Request. This may modify
-     * the request appropriately.
+     * Applies the policy on the given Request. This may modify the request
+     * appropriately.
      * <P>
-     *
-     * @param req	The request on which to apply policy.
+     * 
+     * @param req The request on which to apply policy.
      * @return The PolicyResult object.
      */
     PolicyResult apply(IRequest req);
 
     /**
      * Return configured parameters for a policy rule instance.
-     *
-     * @return nvPairs A Vector of name/value pairs. Each name/value
-     *				pair is constructed as a String in name=value format.
+     * 
+     * @return nvPairs A Vector of name/value pairs. Each name/value pair is
+     *         constructed as a String in name=value format.
      */
     public Vector getInstanceParams();
 
     /**
      * Return default parameters for a policy implementation.
-     *
-     * @return nvPairs A Vector of name/value pairs. Each name/value
-     *		  		pair is constructed as a String in name=value.
+     * 
+     * @return nvPairs A Vector of name/value pairs. Each name/value pair is
+     *         constructed as a String in name=value.
      */
     public Vector getDefaultParams();
 
@@ -126,4 +124,3 @@ public interface IPolicyRule
 
     public void setPolicyException(IRequest req, EBaseException ex);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IPolicySet.java b/pki/base/common/src/com/netscape/certsrv/policy/IPolicySet.java
index ea12f4b1b..0218cd476 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IPolicySet.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IPolicySet.java
@@ -17,28 +17,27 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.PolicyResult;
 
-
 /**
- * Represents a set of policy rules. Policy rules are ordered from
- * lowest priority to highest priority. The priority assignment for rules
- * is not enforced by this interface. Various implementation may
- * use different mechanisms such as a linear ordering of rules
- * in a configuration file or explicit assignment of priority levels ..etc.
- * The policy system initialization needs to deal with reading the rules, sorting
- * them in increasing order of priority and presenting an ordered vector of rules
- * via the IPolicySet interface.
+ * Represents a set of policy rules. Policy rules are ordered from lowest
+ * priority to highest priority. The priority assignment for rules is not
+ * enforced by this interface. Various implementation may use different
+ * mechanisms such as a linear ordering of rules in a configuration file or
+ * explicit assignment of priority levels ..etc. The policy system
+ * initialization needs to deal with reading the rules, sorting them in
+ * increasing order of priority and presenting an ordered vector of rules via
+ * the IPolicySet interface.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -47,7 +46,7 @@ public interface IPolicySet {
     /**
      * Returns the name of the rule set.
      * <P>
-     *
+     * 
      * @return The name of the rule set.
      */
     String getName();
@@ -55,6 +54,7 @@ public interface IPolicySet {
     /**
      * Returns the no of rules in a set.
      * <P>
+     * 
      * @return the no of rules.
      */
     int count();
@@ -62,24 +62,24 @@ public interface IPolicySet {
     /**
      * Add a policy rule.
      * <P>
-     *
+     * 
      * @param ruleName The name of the rule to be added.
-     * @param rule  The rule to be added.
+     * @param rule The rule to be added.
      */
     void addRule(String ruleName, IPolicyRule rule);
 
     /**
      * Removes a policy rule identified by the given name.
-     *
-     * @param ruleName  The name of the rule to be removed.
+     * 
+     * @param ruleName The name of the rule to be removed.
      */
     void removeRule(String ruleName);
 
     /**
      * Returns the rule identified by a given name.
      * <P>
-     *
-     * @param ruleName  The name of the rule to be return.
+     * 
+     * @param ruleName The name of the rule to be return.
      * @return The rule identified by the given name or null if none exists.
      */
     IPolicyRule getRule(String ruleName);
@@ -87,20 +87,19 @@ public interface IPolicySet {
     /**
      * Returns an enumeration of rules.
      * <P>
-     *
+     * 
      * @return An enumeration of rules.
      */
     Enumeration getRules();
 
     /**
-     * Apply policy rules on a request. This call may modify
-     * the request content.
-     *
-     * @param req   The request to apply policies on.
-     *
-     * <P>
+     * Apply policy rules on a request. This call may modify the request
+     * content.
+     * 
+     * @param req The request to apply policies on.
+     * 
+     *            <P>
      * @return The policy result.
      */
     PolicyResult apply(IRequest req);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java b/pki/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java
index 7bf2026e2..28f56fe73 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java
@@ -17,18 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 /**
  * Interface for a renewal policy rule.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
 public interface IRenewalPolicy extends IPolicyRule {
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java b/pki/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java
index e0ecfb16f..7e6084c76 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java
@@ -17,18 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 /**
  * Interface for a revocation policy rule.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
 public interface IRevocationPolicy extends IPolicyRule {
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java b/pki/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java
index 75df22de1..388bd4056 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java
@@ -17,18 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
-
-
-/** 
- * Class that can be used to form general names from configuration file. 
- * Used by policies and extension commands.
+/**
+ * Class that can be used to form general names from configuration file. Used by
+ * policies and extension commands.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -36,14 +34,14 @@ public interface ISubjAltNameConfig extends IGeneralNameConfig {
 
     /**
      * Retrieves configuration prefix.
-     *
+     * 
      * @return prefix
      */
     public String getPfx();
 
     /**
      * Retrieves configuration attribute.
-     *
+     * 
      * @return attribute
      */
     public String getAttr();
diff --git a/pki/base/common/src/com/netscape/certsrv/policy/PolicyResources.java b/pki/base/common/src/com/netscape/certsrv/policy/PolicyResources.java
index c8bcec2ce..d330b719f 100644
--- a/pki/base/common/src/com/netscape/certsrv/policy/PolicyResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/policy/PolicyResources.java
@@ -17,18 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.policy;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * Error messages for Policies.
  * <P>
+ * 
  * <PRE>
  * NOTE:  The Policy Framework has been replaced by the Profile Framework.
  * </PRE>
  * <P>
- *
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  * @see java.util.ListResourceBundle
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/CertInfoProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/CertInfoProfile.java
index fae38c696..738127dfa 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/CertInfoProfile.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/CertInfoProfile.java
@@ -26,8 +26,7 @@ import netscape.security.x509.X509CertInfo;
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.IConfigStore;
 
-public class CertInfoProfile 
-{
+public class CertInfoProfile {
     private Vector mDefaults = new Vector();
     private String mName = null;
     private String mID = null;
@@ -35,8 +34,7 @@ public class CertInfoProfile
     private String mProfileIDMapping = null;
     private String mProfileSetIDMapping = null;
 
-    public CertInfoProfile(String cfg) throws Exception
-    {
+    public CertInfoProfile(String cfg) throws Exception {
         IConfigStore config = CMS.createFileConfigStore(cfg);
         mID = config.getString("id");
         mName = config.getString("name");
@@ -45,67 +43,60 @@ public class CertInfoProfile
         mProfileSetIDMapping = config.getString("profileSetIDMapping");
         StringTokenizer st = new StringTokenizer(config.getString("list"), ",");
         while (st.hasMoreTokens()) {
-            String id = (String)st.nextToken();
+            String id = (String) st.nextToken();
             String c = config.getString(id + ".default.class");
             try {
-              /* load defaults */
-              ICertInfoPolicyDefault def = (ICertInfoPolicyDefault)
-                 Class.forName(c).newInstance();
-              init(config.getSubStore(id + ".default"), def);
-              mDefaults.addElement(def);
+                /* load defaults */
+                ICertInfoPolicyDefault def = (ICertInfoPolicyDefault) Class
+                        .forName(c).newInstance();
+                init(config.getSubStore(id + ".default"), def);
+                mDefaults.addElement(def);
             } catch (Exception e) {
-              CMS.debug("CertInfoProfile: " + e.toString());
+                CMS.debug("CertInfoProfile: " + e.toString());
             }
         }
     }
 
     private void init(IConfigStore config, ICertInfoPolicyDefault def)
-           throws Exception
-    {
-      try {
-        def.init(null, config);
-      } catch (Exception e) {
-        CMS.debug("CertInfoProfile.init: " + e.toString());
-      }
+            throws Exception {
+        try {
+            def.init(null, config);
+        } catch (Exception e) {
+            CMS.debug("CertInfoProfile.init: " + e.toString());
+        }
     }
 
-    public String getID()
-    {
+    public String getID() {
         return mID;
     }
 
-    public String getName()
-    {
+    public String getName() {
         return mName;
     }
 
-    public String getDescription()
-    {
+    public String getDescription() {
         return mDescription;
     }
 
-    public String getProfileIDMapping()
-    {
+    public String getProfileIDMapping() {
         return mProfileIDMapping;
     }
 
-    public String getProfileSetIDMapping()
-    {
+    public String getProfileSetIDMapping() {
         return mProfileSetIDMapping;
     }
 
-    public void populate(X509CertInfo info)
-    {
+    public void populate(X509CertInfo info) {
         Enumeration e1 = mDefaults.elements();
         while (e1.hasMoreElements()) {
-          ICertInfoPolicyDefault def = 
-               (ICertInfoPolicyDefault)e1.nextElement();
-          try {
-            def.populate(null /* request */, info);
-          } catch (Exception e) {
-            CMS.debug(e);
-            CMS.debug("CertInfoProfile.populate: " + e.toString());
-          }
+            ICertInfoPolicyDefault def = (ICertInfoPolicyDefault) e1
+                    .nextElement();
+            try {
+                def.populate(null /* request */, info);
+            } catch (Exception e) {
+                CMS.debug(e);
+                CMS.debug("CertInfoProfile.populate: " + e.toString());
+            }
         }
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/EDeferException.java b/pki/base/common/src/com/netscape/certsrv/profile/EDeferException.java
index f4af86b21..2717fabf3 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/EDeferException.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/EDeferException.java
@@ -17,17 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.profile;
 
-
 /**
- * This represents a profile specific exception. The 
- * framework raises this exception when a request is 
- * deferred. 
+ * This represents a profile specific exception. The framework raises this
+ * exception when a request is deferred.
  * <p>
- * A deferred request will not be processed
- * immediately. Manual approval is required for
- * processing the request again.
+ * A deferred request will not be processed immediately. Manual approval is
+ * required for processing the request again.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EDeferException extends EProfileException {
@@ -39,11 +36,9 @@ public class EDeferException extends EProfileException {
 
     /**
      * Creates a defer exception.
-     *
-     * @param msg localized message that will be 
-     *            displayed to end user. This message 
-     *            should indicate the reason why a request 
-     *            is deferred.
+     * 
+     * @param msg localized message that will be displayed to end user. This
+     *            message should indicate the reason why a request is deferred.
      */
     public EDeferException(String msg) {
         super(msg);
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/EProfileException.java b/pki/base/common/src/com/netscape/certsrv/profile/EProfileException.java
index d21d6edb0..a7d1ca42a 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/EProfileException.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/EProfileException.java
@@ -22,10 +22,9 @@ import com.netscape.certsrv.base.EBaseException;
 /**
  * This represents a generic profile exception.
  * <p>
- * This is the base class for all profile-specific
- * exception.
+ * This is the base class for all profile-specific exception.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EProfileException extends EBaseException {
@@ -37,10 +36,9 @@ public class EProfileException extends EBaseException {
 
     /**
      * Creates a profile exception.
-     *
-     * @param msg additional message for the handler
-     *            of the exception. The message may
-     *            or may not be localized.
+     * 
+     * @param msg additional message for the handler of the exception. The
+     *            message may or may not be localized.
      */
     public EProfileException(String msg) {
         super(msg);
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/ERejectException.java b/pki/base/common/src/com/netscape/certsrv/profile/ERejectException.java
index ceea57f21..ca4bc9da6 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/ERejectException.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/ERejectException.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.profile;
 
-
 /**
- * This represents a profile specific exception. This
- * exception is raised when a request is rejected.
+ * This represents a profile specific exception. This exception is raised when a
+ * request is rejected.
  * <p>
- * A rejected request cannot be reprocessed. Rejected
- * request is considered as a request in its terminal
- * state.
+ * A rejected request cannot be reprocessed. Rejected request is considered as a
+ * request in its terminal state.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ERejectException extends EProfileException {
@@ -37,10 +35,9 @@ public class ERejectException extends EProfileException {
     private static final long serialVersionUID = -542393641391361342L;
 
     /**
-     * Creates a rejection exception. 
-     *
-     * @param msg localized message that indicates
-     *            the reason why a request is 
+     * Creates a rejection exception.
+     * 
+     * @param msg localized message that indicates the reason why a request is
      *            rejected.
      */
     public ERejectException(String msg) {
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/ICertInfoPolicyDefault.java b/pki/base/common/src/com/netscape/certsrv/profile/ICertInfoPolicyDefault.java
index bfd9bdc95..ba2aff243 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/ICertInfoPolicyDefault.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/ICertInfoPolicyDefault.java
@@ -27,6 +27,6 @@ public interface ICertInfoPolicyDefault extends IPolicyDefault {
     /**
      * Populates certificate info directly.
      */
-    public void populate(IRequest request, X509CertInfo info) 
-              throws EBaseException;
+    public void populate(IRequest request, X509CertInfo info)
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
index fb92d53ee..3207aede3 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java
@@ -22,28 +22,26 @@ import com.netscape.certsrv.request.IRequest;
 /**
  * This interface represents an enrollment profile.
  * <p>
- * An enrollment profile contains a list of enrollment
- * specific input plugins, default policies, constriant
- * policies and output plugins.
+ * An enrollment profile contains a list of enrollment specific input plugins,
+ * default policies, constriant policies and output plugins.
  * <p>
- * This interface also defines a set of enrollment specific
- * attribute names that can be used to retrieve values
- * from an enrollment request.
+ * This interface also defines a set of enrollment specific attribute names that
+ * can be used to retrieve values from an enrollment request.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IEnrollProfile extends IProfile {
 
     /**
-     * Name of request attribute that stores the User 
-     * Supplied Certificate Request Type.
+     * Name of request attribute that stores the User Supplied Certificate
+     * Request Type.
      */
     public static final String CTX_CERT_REQUEST_TYPE = "cert_request_type";
 
     /**
-     * Name of request attribute that stores the User 
-     * Supplied Certificate Request.
+     * Name of request attribute that stores the User Supplied Certificate
+     * Request.
      */
     public static final String CTX_CERT_REQUEST = "cert_request";
 
@@ -56,17 +54,17 @@ public interface IEnrollProfile extends IProfile {
     public static final String REQ_TYPE_KEYGEN = "keygen";
 
     /**
-     * Name of request attribute that stores the End-User Locale. 
+     * Name of request attribute that stores the End-User Locale.
      * <p>
      * The value is of type java.util.Locale.
      */
     public static final String REQUEST_LOCALE = "req_locale";
 
     /**
-     * Name of request attribute that stores the sequence number. Consider
-     * a CRMF request that may contain multiple certificate request.
-     * The first sub certificate certificate request has a sequence
-     * number of 0, the next one has a sequence of 1, and so on.
+     * Name of request attribute that stores the sequence number. Consider a
+     * CRMF request that may contain multiple certificate request. The first sub
+     * certificate certificate request has a sequence number of 0, the next one
+     * has a sequence of 1, and so on.
      * <p>
      * The value is of type java.lang.Integer.
      */
@@ -86,57 +84,53 @@ public interface IEnrollProfile extends IProfile {
     public static final String CTX_RENEWAL = "renewal";
 
     /**
-     * Name of request attribute that stores the End-User Supplied
-     * Key.
+     * Name of request attribute that stores the End-User Supplied Key.
      * <p>
      * The value is of type netscape.security.x509.CertificateX509Key
      */
     public static final String REQUEST_KEY = "req_key";
 
     /**
-     * Name of request attribute that stores the End-User Supplied
-     * Subject Name.
+     * Name of request attribute that stores the End-User Supplied Subject Name.
      * <p>
      * The value is of type netscape.security.x509.CertificateSubjectName
      */
     public static final String REQUEST_SUBJECT_NAME = "req_subject_name";
 
     /**
-     * Name of request attribute that stores the End-User Supplied
-     * Validity.
+     * Name of request attribute that stores the End-User Supplied Validity.
      * <p>
      * The value is of type netscape.security.x509.CertificateValidity
      */
     public static final String REQUEST_VALIDITY = "req_validity";
 
     /**
-     * Name of request attribute that stores the End-User Supplied
-     * Signing Algorithm.
+     * Name of request attribute that stores the End-User Supplied Signing
+     * Algorithm.
      * <p>
      * The value is of type netscape.security.x509.CertificateAlgorithmId
      */
     public static final String REQUEST_SIGNING_ALGORITHM = "req_signing_alg";
 
     /**
-     * Name of request attribute that stores the End-User Supplied
-     * Extensions.
+     * Name of request attribute that stores the End-User Supplied Extensions.
      * <p>
      * The value is of type netscape.security.x509.CertificateExtensions
      */
     public static final String REQUEST_EXTENSIONS = "req_extensions";
 
     /**
-     * Name of request attribute that stores the End-User Supplied
-     * PKI Archive Option extension. This extension is extracted
-     * from a CRMF request that has the user-provided private key.
+     * Name of request attribute that stores the End-User Supplied PKI Archive
+     * Option extension. This extension is extracted from a CRMF request that
+     * has the user-provided private key.
      * <p>
      * The value is of type byte []
      */
     public static final String REQUEST_ARCHIVE_OPTIONS = "req_archive_options";
 
     /**
-     * Name of request attribute that stores the certificate template
-     * that will be signed and then become a certificate.
+     * Name of request attribute that stores the certificate template that will
+     * be signed and then become a certificate.
      * <p>
      * The value is of type netscape.security.x509.X509CertInfo
      */
@@ -151,6 +145,7 @@ public interface IEnrollProfile extends IProfile {
 
     /**
      * Set Default X509CertInfo in the request.
+     * 
      * @param request profile-based certificate request.
      * @exception EProfileException failed to set the X509CertInfo.
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java
index 1af3ef190..b822d01b7 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyConstraint.java
@@ -17,55 +17,49 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.profile;
 
-
 import java.util.Locale;
 
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.property.IConfigTemplate;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * This represents a constraint policy. A constraint policy
- * validates if the given request conforms to the set
- * rules.
+ * This represents a constraint policy. A constraint policy validates if the
+ * given request conforms to the set rules.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPolicyConstraint extends IConfigTemplate {
 
     /**
      * Initializes this constraint policy.
-     *
+     * 
      * @param profile owner of this policy
      * @param config configuration store for this constraint
      * @exception EProfileException failed to initialize
      */
     public void init(IProfile profile, IConfigStore config)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
-     * Returns the corresponding configuration store
-     * of this constraint policy.
-     *
+     * Returns the corresponding configuration store of this constraint policy.
+     * 
      * @return config store of this constraint
      */
     public IConfigStore getConfigStore();
 
     /**
-     * Validates the request. The request is not modified
-     * during the validation.
-     *
+     * Validates the request. The request is not modified during the validation.
+     * 
      * @param request request to be validated
      * @exception ERejectException reject the given request
      */
-    public void validate(IRequest request)
-        throws ERejectException;
+    public void validate(IRequest request) throws ERejectException;
 
     /**
      * Returns localized description of this constraint.
-     *
+     * 
      * @param locale locale of the end-user
      * @return localized description of this constraint
      */
@@ -73,19 +67,18 @@ public interface IPolicyConstraint extends IConfigTemplate {
 
     /**
      * Returns localized name of this constraint.
-     *
+     * 
      * @param locale locale of the end-user
      * @return localized name of this constraint
      */
     public String getName(Locale locale);
 
     /**
-     * Checks if this constraint is applicable to the
-     * given default policy.
-     *
+     * Checks if this constraint is applicable to the given default policy.
+     * 
      * @param def default policy to be checked
-     * @return true if this constraint can be applied to
-     *              the given default policy
+     * @return true if this constraint can be applied to the given default
+     *         policy
      */
     public boolean isApplicable(IPolicyDefault def);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
index 018054926..a904eb543 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.profile;
 
-
 import java.util.Enumeration;
 import java.util.Locale;
 
@@ -27,36 +26,28 @@ import com.netscape.certsrv.property.IConfigTemplate;
 import com.netscape.certsrv.property.IDescriptor;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * This represents a default policy that populates
- * the request with additional values.
+ * This represents a default policy that populates the request with additional
+ * values.
  * <p>
- *
- * During request submission process, a default 
- * policy is invoked to populate the default values
- * in the request. The default values will later
- * on be used for execution. The default values
- * are like the parameters for the request.
+ * 
+ * During request submission process, a default policy is invoked to populate
+ * the default values in the request. The default values will later on be used
+ * for execution. The default values are like the parameters for the request.
  * <p>
- *
- * This policy is called in 2 places. For
- * automated enrollment request, this policy
- * is invoked to populate the HTTP parameters
- * into the request. For request that cannot
- * be executed immediately, this policy will be
- * invoked again right after the agent's
- * approval.
+ * 
+ * This policy is called in 2 places. For automated enrollment request, this
+ * policy is invoked to populate the HTTP parameters into the request. For
+ * request that cannot be executed immediately, this policy will be invoked
+ * again right after the agent's approval.
  * <p>
- *
- * Each default policy may contain zero or more
- * properties that describe the default value.
- * For example, a X509 Key can be described by
- * its key type, key length, and key data. The
- * properties help to describe the default value
- * into human readable values.
+ * 
+ * Each default policy may contain zero or more properties that describe the
+ * default value. For example, a X509 Key can be described by its key type, key
+ * length, and key data. The properties help to describe the default value into
+ * human readable values.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPolicyDefault extends IConfigTemplate {
@@ -69,27 +60,26 @@ public interface IPolicyDefault extends IConfigTemplate {
      * @exception EProfileException failed to initialize
      */
     public void init(IProfile profile, IConfigStore config)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves the configuration store of this default.
-     *
+     * 
      * @return configuration store of this default policy
      */
     public IConfigStore getConfigStore();
 
     /**
      * Populates the request with this policy default.
-     *
+     * 
      * @param request request to be populated
      * @exception EProfileException failed to populate
      */
-    public void populate(IRequest request)
-        throws EProfileException;
- 
+    public void populate(IRequest request) throws EProfileException;
+
     /**
      * Retrieves the localizable name of this policy.
-     *
+     * 
      * @param locale locale of the end user
      * @return localized name of this default policy
      */
@@ -105,17 +95,15 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Retrieves a list of names of the property.
-     *
-     * @return a list of property names. The values are
-     *         of type java.lang.String
+     * 
+     * @return a list of property names. The values are of type java.lang.String
      */
     public Enumeration getValueNames();
 
     /**
-     * Retrieves the descriptor of the given property 
-     * by name. The descriptor contains syntax 
-     * information.
-     *
+     * Retrieves the descriptor of the given property by name. The descriptor
+     * contains syntax information.
+     * 
      * @param locale locale of the end user
      * @param name name of property
      * @return descriptor of the property
@@ -124,25 +112,24 @@ public interface IPolicyDefault extends IConfigTemplate {
 
     /**
      * Sets the value of the given value property by name.
-     *
+     * 
      * @param name name of property
      * @param locale locale of the end user
      * @param request request
      * @param value value to be set in the given request
      * @exception EPropertyException failed to set property
      */
-    public void setValue(String name, Locale locale, IRequest request, 
-        String value) throws EPropertyException;
+    public void setValue(String name, Locale locale, IRequest request,
+            String value) throws EPropertyException;
 
     /**
-     * Retrieves the value of the given value 
-     * property by name.
-     *
+     * Retrieves the value of the given value property by name.
+     * 
      * @param name name of property
      * @param locale locale of the end user
      * @param request request
      * @exception EPropertyException failed to get property
      */
     public String getValue(String name, Locale locale, IRequest request)
-        throws EPropertyException;
+            throws EPropertyException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java
index c006db679..797fd4713 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java
@@ -28,72 +28,67 @@ import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.IRequestQueue;
 
 /**
- * This interface represents a profile. A profile contains 
- * a list of input policies, default policies, constraint 
- * policies and output policies.
+ * This interface represents a profile. A profile contains a list of input
+ * policies, default policies, constraint policies and output policies.
  * <p>
- *
+ * 
  * The input policy is for building the enrollment page.
  * <p>
- *
- * The default policy is for populating user-supplied and
- * system-supplied values into the request.
+ * 
+ * The default policy is for populating user-supplied and system-supplied values
+ * into the request.
  * <p>
- *
- * The constraint policy is for validating the request before
- * processing.
+ * 
+ * The constraint policy is for validating the request before processing.
  * <p>
- *
+ * 
  * The output policy is for building the result page.
  * <p>
- *
- * Each profile can have multiple policy set. Each set
- * is composed of zero or more default policies and zero
- * or more constraint policies.
+ * 
+ * Each profile can have multiple policy set. Each set is composed of zero or
+ * more default policies and zero or more constraint policies.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IProfile {
 
     /**
      * Initializes this profile.
-     *
+     * 
      * @param owner profile subsystem
      * @param config configuration store for this profile
      * @exception EBaseException failed to initialize
      */
     public void init(IProfileSubsystem owner, IConfigStore config)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Retrieves the request queue that is associated with
-     * this profile. The request queue is for creating
-     * new requests.
-     *
+     * Retrieves the request queue that is associated with this profile. The
+     * request queue is for creating new requests.
+     * 
      * @return request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Sets id of this profile.
-     *
+     * 
      * @param id profile identifier
      */
     public void setId(String id);
- 
+
     /**
      * Returns the identifier of this profile.
-     *
+     * 
      * @return profile id
      */
     public String getId();
 
     /**
-     * Retrieves a localized string that represents
-     * requestor's distinguished name. This string
-     * displayed in the request listing user interface.
-     *
+     * Retrieves a localized string that represents requestor's distinguished
+     * name. This string displayed in the request listing user interface.
+     * 
      * @param request request
      * @return distringuished name of the request owner
      */
@@ -101,14 +96,14 @@ public interface IProfile {
 
     /**
      * Retrieves the configuration store of this profile.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Retrieves the instance id of the authenticator for this profile.
-     *
+     * 
      * @return authenticator instance id
      */
     public String getAuthenticatorId();
@@ -117,31 +112,30 @@ public interface IProfile {
 
     /**
      * Sets the instance id of the authenticator for this profile.
-     *
+     * 
      * @param id authenticator instance id
      */
     public void setAuthenticatorId(String id);
 
     /**
      * Retrieves the associated authenticator instance.
-     *
-     * @return profile authenticator instance. 
-     *                 if no associated authenticator, null is returned
+     * 
+     * @return profile authenticator instance. if no associated authenticator,
+     *         null is returned
      * @exception EProfileException failed to retrieve
      */
-    public IProfileAuthenticator getAuthenticator() 
-        throws EProfileException;
+    public IProfileAuthenticator getAuthenticator() throws EProfileException;
 
     /**
      * Retrieves a list of input policy IDs.
-     *
+     * 
      * @return input policy id list
      */
     public Enumeration getProfileInputIds();
 
     /**
      * Retrieves input policy by id.
-     *
+     * 
      * @param id input policy id
      * @return input policy instance
      */
@@ -149,40 +143,38 @@ public interface IProfile {
 
     /**
      * Retrieves a list of output policy IDs.
-     *
+     * 
      * @return output policy id list
      */
     public Enumeration getProfileOutputIds();
 
     /**
      * Retrieves output policy by id.
-     *
+     * 
      * @param id output policy id
      * @return output policy instance
      */
     public IProfileOutput getProfileOutput(String id);
 
     /**
-     * Checks if this profile is end-user profile or not.
-     * End-user profile will be displayed to the end user.
-     * Non end-user profile mainly is for registration
-     * manager.
-     *
+     * Checks if this profile is end-user profile or not. End-user profile will
+     * be displayed to the end user. Non end-user profile mainly is for
+     * registration manager.
+     * 
      * @return end-user profile or not
      */
-    public boolean isVisible(); 
+    public boolean isVisible();
 
     /**
      * Sets this profile end-user profile or not.
-     *
+     * 
      * @param v end-user profile or not
      */
-    public void setVisible(boolean v); 
+    public void setVisible(boolean v);
 
     /**
-     * Retrieves the user id of the person who
-     * approves this profile.
-     *
+     * Retrieves the user id of the person who approves this profile.
+     * 
      * @return user id of the approver of this profile
      */
     public String getApprovedBy();
@@ -199,7 +191,7 @@ public interface IProfile {
 
     /**
      * Returns the profile name.
-     *
+     * 
      * @param locale end-user locale
      * @param name profile name
      */
@@ -207,7 +199,7 @@ public interface IProfile {
 
     /**
      * Retrieves the profile name.
-     *
+     * 
      * @param locale end-user locale
      * @return localized profile name
      */
@@ -215,7 +207,7 @@ public interface IProfile {
 
     /**
      * Returns the profile description.
-     *
+     * 
      * @param locale end-user locale
      * @param desc profile description
      */
@@ -223,31 +215,30 @@ public interface IProfile {
 
     /**
      * Retrieves the profile description.
-     *
+     * 
      * @param locale end-user locale
      * @return localized profile description
      */
     public String getDescription(Locale locale);
 
     /**
-     * Retrieves profile context. The context stores
-     * information about the requestor before the
-     * actual request is created.
-     *
+     * Retrieves profile context. The context stores information about the
+     * requestor before the actual request is created.
+     * 
      * @return profile context.
      */
     public IProfileContext createContext();
 
     /**
      * Returns the profile policy set identifiers.
-     *
+     * 
      * @return a list of policy set id
      */
     public Enumeration getProfilePolicySetIds();
 
     /**
      * Creates a profile policy.
-     *
+     * 
      * @param setId id of the policy set that owns this policy
      * @param id policy id
      * @param defaultClassId id of the registered default implementation
@@ -255,83 +246,81 @@ public interface IProfile {
      * @exception EProfileException failed to create policy
      * @return profile policy instance
      */
-    public IProfilePolicy createProfilePolicy(String setId, String id, 
-        String defaultClassId, String constraintClassId)
-        throws EProfileException;
+    public IProfilePolicy createProfilePolicy(String setId, String id,
+            String defaultClassId, String constraintClassId)
+            throws EProfileException;
 
     /**
      * Deletes input policy by id.
-     *
+     * 
      * @param inputId id of the input policy
-     * @exception EProfileException failed to  delete
+     * @exception EProfileException failed to delete
      */
     public void deleteProfileInput(String inputId) throws EProfileException;
 
     /**
      * Deletes output policy by id.
-     *
+     * 
      * @param outputId id of the output policy
-     * @exception EProfileException failed to  delete
+     * @exception EProfileException failed to delete
      */
     public void deleteProfileOutput(String outputId) throws EProfileException;
 
     /**
      * Creates a input policy.
-     *
+     * 
      * @param id input policy id
      * @param inputClassId id of the registered input implementation
      * @param nvp default parameters
      * @return input policy
      * @exception EProfileException failed to create
      */
-    public IProfileInput createProfileInput(String id, String inputClassId, 
-        NameValuePairs nvp)
-        throws EProfileException;
+    public IProfileInput createProfileInput(String id, String inputClassId,
+            NameValuePairs nvp) throws EProfileException;
 
     /**
      * Creates a output policy.
-     *
+     * 
      * @param id output policy id
      * @param outputClassId id of the registered output implementation
      * @param nvp default parameters
      * @return output policy
      * @exception EProfileException failed to create
      */
-    public IProfileOutput createProfileOutput(String id, String outputClassId, 
-        NameValuePairs nvp) throws EProfileException;
+    public IProfileOutput createProfileOutput(String id, String outputClassId,
+            NameValuePairs nvp) throws EProfileException;
 
     /**
      * Deletes a policy.
-     *
+     * 
      * @param setId id of the policy set
      * @param policyId id of policy to delete
      * @exception EProfileException failed to delete
      */
-    public void deleteProfilePolicy(String setId, String policyId) 
-        throws EProfileException;
+    public void deleteProfilePolicy(String setId, String policyId)
+            throws EProfileException;
 
     /**
      * Retrieves a policy.
-     *
+     * 
      * @param setId set id
      * @param id policy id
      * @return profile policy
      */
-    public IProfilePolicy getProfilePolicy(String setId, String id); 
+    public IProfilePolicy getProfilePolicy(String setId, String id);
 
     /**
      * Retrieves all the policy id within a set.
-     *
+     * 
      * @param setId set id
      * @return a list of policy id
      */
     public Enumeration getProfilePolicyIds(String setId);
 
     /**
-     * Retrieves a default set id for the given request.
-     * It is the profile's responsibility to return
-     * an appropriate set id for the request.
-     *
+     * Retrieves a default set id for the given request. It is the profile's
+     * responsibility to return an appropriate set id for the request.
+     * 
      * @param req request
      * @return policy set id
      */
@@ -339,72 +328,69 @@ public interface IProfile {
 
     /**
      * Returns a list of profile policies.
-     *
+     * 
      * @param setId set id
      * @return a list of policies
      */
     public Enumeration getProfilePolicies(String setId);
 
     /**
-     * Creates one or more requests. Normally, only one request will
-     * be created. In case of CRMF request, multiple requests may be
-     * created for one submission.
-     *
+     * Creates one or more requests. Normally, only one request will be created.
+     * In case of CRMF request, multiple requests may be created for one
+     * submission.
+     * 
      * @param ctx profile context
      * @param locale user locale
      * @return a list of requests
      * @exception EProfileException failed to create requests
      */
-    public IRequest[] createRequests(IProfileContext ctx, Locale locale) 
-        throws EProfileException;
+    public IRequest[] createRequests(IProfileContext ctx, Locale locale)
+            throws EProfileException;
 
     /**
      * Populates user-supplied input values into the requests.
-     *
+     * 
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
      */
-    public void populateInput(IProfileContext ctx, IRequest request) 
-        throws EProfileException;
+    public void populateInput(IProfileContext ctx, IRequest request)
+            throws EProfileException;
 
     /**
-     * Passes the request to the set of default policies that
-     * populate the profile information against the profile.
-     *
+     * Passes the request to the set of default policies that populate the
+     * profile information against the profile.
+     * 
      * @param request request
      * @exception EProfileException failed to populate default values
-     */ 
-    public void populate(IRequest request) 
-        throws EProfileException;
+     */
+    public void populate(IRequest request) throws EProfileException;
 
     /**
-     * Passes the request to the set of constraint policies 
-     * that validate the request against the profile.
-     *
+     * Passes the request to the set of constraint policies that validate the
+     * request against the profile.
+     * 
      * @param request request
      * @exception ERejectException validation violation
-     */ 
-    public void validate(IRequest request) 
-        throws ERejectException;
+     */
+    public void validate(IRequest request) throws ERejectException;
 
     /**
      * Process a request after validation.
-     *
+     * 
      * @param request request to be processed
      * @exception EProfileException failed to process
      */
-    public void execute(IRequest request) 
-        throws EProfileException;
+    public void execute(IRequest request) throws EProfileException;
 
     /**
      * Handles end-user request submission.
-     *
+     * 
      * @param token authentication token
      * @param request request to be processed
      * @exception EDeferException defer request
      * @exception EProfileException failed to submit
      */
     public void submit(IAuthToken token, IRequest request)
-        throws EDeferException, EProfileException;
+            throws EDeferException, EProfileException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java
index 195078f7b..26ef3fcd0 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileAuthenticator.java
@@ -26,14 +26,12 @@ import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.property.IDescriptor;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- * This interface represents an authenticator for profile.
- * An authenticator is responsibile for authenting
- * the end-user. If authentication is successful, request
- * can be processed immediately. Otherwise, the request will
- * be defered and manual approval is then required.
- *  
+ * This interface represents an authenticator for profile. An authenticator is
+ * responsibile for authenting the end-user. If authentication is successful,
+ * request can be processed immediately. Otherwise, the request will be defered
+ * and manual approval is then required.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IProfileAuthenticator extends IAuthManager {
@@ -42,35 +40,35 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Initializes this default policy.
-     *
+     * 
      * @param profile owner of this authenticator
      * @param config configuration store
      * @exception EProfileException failed to initialize
      */
     public void init(IProfile profile, IConfigStore config)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves the configuration store.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
-     * Populates authentication specific information into the
-     * request for auditing purposes.
-     *
+     * Populates authentication specific information into the request for
+     * auditing purposes.
+     * 
      * @param token authentication token
      * @param request request
      * @exception EProfileException failed to populate
      */
     public void populate(IAuthToken token, IRequest request)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves the localizable name of this policy.
-     *
+     * 
      * @param locale end user locale
      * @return localized authenticator name
      */
@@ -78,7 +76,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Retrieves the localizable description of this policy.
-     *
+     * 
      * @param locale end user locale
      * @return localized authenticator description
      */
@@ -86,26 +84,24 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Retrieves a list of names of the property.
-     *
+     * 
      * @return a list of property names
      */
     public Enumeration getValueNames();
 
     /**
-     * Checks if the value of the given property should be
-     * serializable into the request. Passsword or other
-     * security-related value may not be desirable for
-     * storage.
-     *
+     * Checks if the value of the given property should be serializable into the
+     * request. Passsword or other security-related value may not be desirable
+     * for storage.
+     * 
      * @param name property name
      * @return true if the property is not security related
      */
     public boolean isValueWriteable(String name);
 
     /**
-     * Retrieves the descriptor of the given value 
-     * property by name.
-     *
+     * Retrieves the descriptor of the given value property by name.
+     * 
      * @param locale user locale
      * @param name property name
      * @return descriptor of the requested property
@@ -114,7 +110,7 @@ public interface IProfileAuthenticator extends IAuthManager {
 
     /**
      * Checks if this authenticator requires SSL client authentication.
-     *
+     * 
      * @return client authentication required or not
      */
     public boolean isSSLClientRequired();
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileContext.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileContext.java
index 906c4816e..8a569d178 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileContext.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileContext.java
@@ -17,19 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.profile;
 
-
 /**
- * This interface represents a profile context which
- * stores system-wide and user-provided information for
- * assisting request creation.
- *
+ * This interface represents a profile context which stores system-wide and
+ * user-provided information for assisting request creation.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IProfileContext {
 
     /**
      * Sets a value into the context.
-     *
+     * 
      * @param name property name
      * @param value property value
      */
@@ -37,7 +35,7 @@ public interface IProfileContext {
 
     /**
      * Retrieves a value from the context.
-     *
+     * 
      * @param name property name
      * @return property value
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileEx.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileEx.java
index 8ce3262ec..dc8d782b5 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileEx.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileEx.java
@@ -20,17 +20,16 @@ package com.netscape.certsrv.profile;
 import com.netscape.certsrv.base.EBaseException;
 
 /**
- * This interface represents the extension version of
- * profile.
+ * This interface represents the extension version of profile.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IProfileEx extends IProfile {
 
     /**
-     * Called after initialization. It populates default
-     * policies, inputs, and outputs.
+     * Called after initialization. It populates default policies, inputs, and
+     * outputs.
      */
     public void populate() throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileInput.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileInput.java
index 6d861579c..e4ab1f6fb 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileInput.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileInput.java
@@ -27,9 +27,8 @@ import com.netscape.certsrv.property.IDescriptor;
 import com.netscape.certsrv.request.IRequest;
 
 /**
- * This interface represents a input policy which
- * provides information on how to create the
- * end-user enrollment page.
+ * This interface represents a input policy which provides information on how to
+ * create the end-user enrollment page.
  * 
  * @version $Revision$, $Date$
  */
@@ -37,34 +36,34 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     *
+     * 
      * @param profile owner of this input
      * @param config configuration store
      * @exception EProfileException failed to initialize
      */
     public void init(IProfile profile, IConfigStore config)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Returns configuration store.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Populates the request with this policy default.
-     *
+     * 
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
      */
     public void populate(IProfileContext ctx, IRequest request)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves the localizable name of this policy.
-     *
+     * 
      * @param locale user locale
      * @return localized input name
      */
@@ -72,7 +71,7 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     *
+     * 
      * @param locale user locale
      * @return localized input description
      */
@@ -80,15 +79,14 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves a list of names of the property.
-     *
+     * 
      * @return a list of property names
      */
     public Enumeration getValueNames();
 
     /**
-     * Retrieves the descriptor of the given value 
-     * property by name.
-     *
+     * Retrieves the descriptor of the given value property by name.
+     * 
      * @param locale user locale
      * @param name property name
      * @return descriptor of the property
@@ -97,24 +95,24 @@ public interface IProfileInput extends IConfigTemplate {
 
     /**
      * Retrieves value from the request.
-     *
+     * 
      * @param name property name
      * @param locale user locale
      * @param request request
      * @exception EProfileException failed to get value
      */
     public String getValue(String name, Locale locale, IRequest request)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Sets the value of the given property by name.
-     *
+     * 
      * @param name property name
      * @param locale user locale
      * @param request request
      * @param value value
      * @exception EProfileException failed to get value
      */
-    public void setValue(String name, Locale locale, IRequest request, 
-        String value) throws EPropertyException;
+    public void setValue(String name, Locale locale, IRequest request,
+            String value) throws EPropertyException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java
index b4654f408..ee388a481 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileOutput.java
@@ -27,9 +27,8 @@ import com.netscape.certsrv.property.IDescriptor;
 import com.netscape.certsrv.request.IRequest;
 
 /**
- * This interface represents a output policy which
- * provides information on how to build the result
- * page for the enrollment.
+ * This interface represents a output policy which provides information on how
+ * to build the result page for the enrollment.
  * 
  * @version $Revision$, $Date$
  */
@@ -37,34 +36,34 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     *
+     * 
      * @param profile owner of this policy
      * @param config configuration store
      * @exception EProfileException failed to initialize
      */
     public void init(IProfile profile, IConfigStore config)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves configuration store.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Populates the request with this policy default.
-     *
+     * 
      * @param ctx profile context
      * @param request request
      * @exception EProfileException failed to populate
      */
     public void populate(IProfileContext ctx, IRequest request)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves the localizable name of this policy.
-     *
+     * 
      * @param locale user locale
      * @return output policy name
      */
@@ -72,7 +71,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     *
+     * 
      * @param locale user locale
      * @return output policy description
      */
@@ -80,15 +79,14 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves a list of names of the value parameter.
-     *
+     * 
      * @return a list of property names
      */
     public Enumeration getValueNames();
 
     /**
-     * Retrieves the descriptor of the given value 
-     * parameter by name.
-     *
+     * Retrieves the descriptor of the given value parameter by name.
+     * 
      * @param locale user locale
      * @param name property name
      * @return property descriptor
@@ -97,7 +95,7 @@ public interface IProfileOutput extends IConfigTemplate {
 
     /**
      * Retrieves the value of the given value parameter by name.
-     *
+     * 
      * @param name property name
      * @param locale user locale
      * @param request request
@@ -105,17 +103,17 @@ public interface IProfileOutput extends IConfigTemplate {
      * @exception EProfileException failed to retrieve value
      */
     public String getValue(String name, Locale locale, IRequest request)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Sets the value of the given value parameter by name.
-     *
+     * 
      * @param name property name
      * @param locale user locale
      * @param request request
      * @param value property value
      * @exception EProfileException failed to retrieve value
      */
-    public void setValue(String name, Locale locale, IRequest request, 
-        String value) throws EPropertyException;
+    public void setValue(String name, Locale locale, IRequest request,
+            String value) throws EPropertyException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java
index 9577cb08f..733a69b1d 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfilePolicy.java
@@ -18,31 +18,30 @@
 package com.netscape.certsrv.profile;
 
 /**
- * This interface represents a profile policy
- * which consists a default policy and a
- * constraint policy.
- *
+ * This interface represents a profile policy which consists a default policy
+ * and a constraint policy.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IProfilePolicy {
 
     /**
-     * Retrieves the policy id 
-     *
+     * Retrieves the policy id
+     * 
      * @return policy id
      */
     public String getId();
 
     /**
      * Retrieves the default policy.
-     *
+     * 
      * @return default policy
      */
     public IPolicyDefault getDefault();
 
     /**
      * Retrieves the constraint policy.
-     *
+     * 
      * @return constraint policy
      */
     public IPolicyConstraint getConstraint();
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java
index 795a19c0e..d8c93a653 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java
@@ -17,16 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.profile;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * This represents the profile subsystem that manages 
- * a list of profiles.
- *
+ * This represents the profile subsystem that manages a list of profiles.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IProfileSubsystem extends ISubsystem {
@@ -34,16 +31,15 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Retrieves a profile by id.
-     *
+     * 
      * @return profile
      * @exception EProfileException failed to retrieve
      */
-    public IProfile getProfile(String id)
-        throws EProfileException;
+    public IProfile getProfile(String id) throws EProfileException;
 
     /**
      * Checks if a profile is approved by an agent or not.
-     *
+     * 
      * @param id profile id
      * @return true if profile is approved
      */
@@ -51,7 +47,7 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Retrieves the approver of the given profile.
-     *
+     * 
      * @param id profile id
      * @return user id of the agent who has approved the profile
      */
@@ -59,76 +55,73 @@ public interface IProfileSubsystem extends ISubsystem {
 
     /**
      * Creates new profile.
-     *
+     * 
      * @param id profile id
      * @param classid implementation id
      * @param className class Name
      * @param configFile configuration file
      * @exception EProfileException failed to create profile
      */
-    public IProfile createProfile(String id, String classid, 
-        String className, String configFile) 
-        throws EProfileException;
+    public IProfile createProfile(String id, String classid, String className,
+            String configFile) throws EProfileException;
 
     /**
      * Deletes profile.
-     *
+     * 
      * @param id profile id
      * @param configFile configuration file
      * @exception EProfileException failed to delete profile
      */
-    public void deleteProfile(String id, String configFile) 
-        throws EProfileException;
+    public void deleteProfile(String id, String configFile)
+            throws EProfileException;
 
     /**
      * Creates a new profile configuration file.
-     *
+     * 
      * @param id profile id
      * @param classId implementation id
      * @param configPath location to create the configuration file
      * @exception failed to create profile
      */
-    public void createProfileConfig(String id, String classId,
-        String configPath) throws EProfileException;
+    public void createProfileConfig(String id, String classId, String configPath)
+            throws EProfileException;
 
     /**
      * Enables a profile.
-     *
+     * 
      * @param id profile id
      * @param enableBy agent's user id
      * @exception EProfileException failed to enable profile
      */
     public void enableProfile(String id, String enableBy)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Disables a profile.
-     *
+     * 
      * @param id profile id
      * @exception EProfileException failed to disable
      */
-    public void disableProfile(String id)
-        throws EProfileException;
+    public void disableProfile(String id) throws EProfileException;
 
     /**
      * Retrieves the id of the implementation of the given profile.
-     *
+     * 
      * @param id profile id
      * @return implementation id managed by the registry
      */
     public String getProfileClassId(String id);
 
     /**
-     * Retrieves a list of profile ids. The return
-     * list is of type String.
-     *
+     * Retrieves a list of profile ids. The return list is of type String.
+     * 
      * @return a list of profile ids
      */
     public Enumeration getProfileIds();
 
     /**
      * Checks if owner id should be enforced during profile approval.
-     *
+     * 
      * @return true if approval should be checked
      */
     public boolean checkOwner();
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java
index a36ee1969..504acb0b5 100644
--- a/pki/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java
+++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfileUpdater.java
@@ -25,8 +25,8 @@ import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.RequestStatus;
 
 /**
- * This interface represents an updater that will be
- * called when the request's state changes.
+ * This interface represents an updater that will be called when the request's
+ * state changes.
  * 
  * @version $Revision$, $Date$
  */
@@ -34,34 +34,34 @@ public interface IProfileUpdater extends IConfigTemplate {
 
     /**
      * Initializes this default policy.
-     *
+     * 
      * @param profile owner of this policy
      * @param config configuration store
      * @exception EProfileException failed to initialize
      */
     public void init(IProfile profile, IConfigStore config)
-        throws EProfileException;
+            throws EProfileException;
 
     /**
      * Retrieves configuration store.
-     *
+     * 
      * @return configuration store
      */
     public IConfigStore getConfigStore();
 
     /**
      * Notifies of state change.
-     *
+     * 
      * @param req request
      * @param status The status to check for.
      * @exception EProfileException failed to populate
      */
-    public void update(IRequest req, RequestStatus status) 
-         throws EProfileException;
+    public void update(IRequest req, RequestStatus status)
+            throws EProfileException;
 
     /**
      * Retrieves the localizable name of this policy.
-     *
+     * 
      * @param locale user locale
      * @return output policy name
      */
@@ -69,7 +69,7 @@ public interface IProfileUpdater extends IConfigTemplate {
 
     /**
      * Retrieves the localizable description of this policy.
-     *
+     * 
      * @param locale user locale
      * @return output policy description
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/property/Descriptor.java b/pki/base/common/src/com/netscape/certsrv/property/Descriptor.java
index 92aeff185..15b6e990a 100644
--- a/pki/base/common/src/com/netscape/certsrv/property/Descriptor.java
+++ b/pki/base/common/src/com/netscape/certsrv/property/Descriptor.java
@@ -19,10 +19,9 @@ package com.netscape.certsrv.property;
 
 import java.util.Locale;
 
-
 /**
- * This interface represents a property descriptor. A descriptor
- * includes information that describe a property.
+ * This interface represents a property descriptor. A descriptor includes
+ * information that describe a property.
  * 
  * @version $Revision$, $Date$
  */
@@ -35,13 +34,14 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Constructs a descriptor.
-     *
+     * 
      * @param syntax syntax
      * @param constraint constraint
      * @param defValue default value
      * @param description description
      */
-    public Descriptor(String syntax, String constraint, String defValue, String description) {
+    public Descriptor(String syntax, String constraint, String defValue,
+            String description) {
         mSyntax = syntax;
         mConstraint = constraint;
         mDef = defValue;
@@ -50,16 +50,16 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Returns the syntax of the property.
-     *
+     * 
      * @return syntax
      */
     public String getSyntax() {
         return mSyntax;
     }
- 
+
     /**
      * Returns the default value of the property.
-     *
+     * 
      * @return default value
      */
     public String getDefaultValue() {
@@ -69,14 +69,14 @@ public class Descriptor implements IDescriptor {
     /**
      * Constraint for the given syntax. For example,
      * <p>
-     *   - number(1-5): 1-5 is the constraint, and it indicates
-     *     that the number must be in the range of 1 to 5.
+     * - number(1-5): 1-5 is the constraint, and it indicates that the number
+     * must be in the range of 1 to 5.
      * <p>
-     *   - choice(cert,crl): cert,crl is the constraint
-     *     for choice
+     * - choice(cert,crl): cert,crl is the constraint for choice
      * <p>
      * If null, no constraint shall be enforced.
      * <p>
+     * 
      * @return constraint
      */
     public String getConstraint() {
@@ -85,6 +85,7 @@ public class Descriptor implements IDescriptor {
 
     /**
      * Retrieves the description of the property.
+     * 
      * @param locale user locale
      * @return description
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/property/EPropertyException.java b/pki/base/common/src/com/netscape/certsrv/property/EPropertyException.java
index a5847cb21..23f59a25f 100644
--- a/pki/base/common/src/com/netscape/certsrv/property/EPropertyException.java
+++ b/pki/base/common/src/com/netscape/certsrv/property/EPropertyException.java
@@ -17,12 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.property;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
 /**
  * This is the base exception for property handling.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EPropertyException extends EBaseException {
@@ -34,7 +33,7 @@ public class EPropertyException extends EBaseException {
 
     /**
      * Constructs property exception
-     *
+     * 
      * @param msg exception message
      */
     public EPropertyException(String msg) {
diff --git a/pki/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java b/pki/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java
index f435db50c..32464fa8a 100644
--- a/pki/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java
+++ b/pki/base/common/src/com/netscape/certsrv/property/IConfigTemplate.java
@@ -17,21 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.property;
 
-
 import java.util.Enumeration;
 import java.util.Locale;
 
-
 /**
- * This interface provides a standard way to describe
- * a set of configuration parameters and its associated syntax.
- * It provides programmatic methods for querying 
- * template description.
+ * This interface provides a standard way to describe a set of configuration
+ * parameters and its associated syntax. It provides programmatic methods for
+ * querying template description.
  * <p>
- * A plugin, for example, can be described as a
- * property template. 
+ * A plugin, for example, can be described as a property template.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IConfigTemplate {
@@ -45,7 +41,7 @@ public interface IConfigTemplate {
 
     /**
      * Returns the descriptors of configuration parameter.
-     *
+     * 
      * @param locale user locale
      * @param name configuration parameter name
      * @return descriptor
@@ -54,17 +50,16 @@ public interface IConfigTemplate {
 
     /**
      * Sets configuration parameter.
-     *
+     * 
      * @param name parameter name
      * @param value parameter value
      * @exception EPropertyException failed to set parameter
      */
-    public void setConfig(String name, String value)
-        throws EPropertyException;
+    public void setConfig(String name, String value) throws EPropertyException;
 
     /**
      * Retrieves configuration parameter by name.
-     *
+     * 
      * @return parameter
      */
     public String getConfig(String name);
diff --git a/pki/base/common/src/com/netscape/certsrv/property/IDescriptor.java b/pki/base/common/src/com/netscape/certsrv/property/IDescriptor.java
index 271c1808a..d70156f72 100644
--- a/pki/base/common/src/com/netscape/certsrv/property/IDescriptor.java
+++ b/pki/base/common/src/com/netscape/certsrv/property/IDescriptor.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.property;
 
-
 import java.util.Locale;
 
-
 /**
  * This interface represents a property descriptor.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IDescriptor {
@@ -54,26 +52,24 @@ public interface IDescriptor {
 
     /**
      * Returns the syntax of the property.
-     *
+     * 
      * @return syntax
      */
     public String getSyntax();
 
     /**
-     * Constraint for the given syntax. For example,
-     *   - number(1-5): 1-5 is the constraint, and it indicates
-     *     that the number must be in the range of 1 to 5.
-     *   - choice(cert,crl): cert,crl is the constraint
-     *     for choice
-     * If null, no constraint shall be enforced.
-     *
+     * Constraint for the given syntax. For example, - number(1-5): 1-5 is the
+     * constraint, and it indicates that the number must be in the range of 1 to
+     * 5. - choice(cert,crl): cert,crl is the constraint for choice If null, no
+     * constraint shall be enforced.
+     * 
      * @return constraint
      */
     public String getConstraint();
 
     /**
      * Retrieves the description of the property.
-     *
+     * 
      * @param locale user locale
      * @return localized description
      */
@@ -81,7 +77,7 @@ public interface IDescriptor {
 
     /**
      * Retrieves the default value of the property.
-     *
+     * 
      * @return default value
      */
     public String getDefaultValue();
diff --git a/pki/base/common/src/com/netscape/certsrv/property/PropertySet.java b/pki/base/common/src/com/netscape/certsrv/property/PropertySet.java
index 360477fe9..875f40281 100644
--- a/pki/base/common/src/com/netscape/certsrv/property/PropertySet.java
+++ b/pki/base/common/src/com/netscape/certsrv/property/PropertySet.java
@@ -20,40 +20,33 @@ package com.netscape.certsrv.property;
 import java.util.Enumeration;
 import java.util.Hashtable;
 
-
 /**
  * A set of properties.
  */
 public class PropertySet {
 
-  private Hashtable mProperties = new Hashtable();
+    private Hashtable mProperties = new Hashtable();
 
-  public PropertySet()
-  {
-  }
+    public PropertySet() {
+    }
 
-  public void add(String name, IDescriptor desc)
-  {
-     mProperties.put(name, desc);
-  }
+    public void add(String name, IDescriptor desc) {
+        mProperties.put(name, desc);
+    }
 
-  public Enumeration getNames()
-  {
-    return mProperties.keys();
-  }
+    public Enumeration getNames() {
+        return mProperties.keys();
+    }
 
-  public IDescriptor getDescriptor(String name)
-  {
-    return (IDescriptor)mProperties.get(name);
-  }
+    public IDescriptor getDescriptor(String name) {
+        return (IDescriptor) mProperties.get(name);
+    }
 
-  public void remove(String name)
-  {
-    mProperties.remove(name);
-  }
+    public void remove(String name) {
+        mProperties.remove(name);
+    }
 
-  public int size()
-  {
-    return mProperties.size();
-  }
+    public int size() {
+        return mProperties.size();
+    }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java b/pki/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java
index 147bdd200..76b67cdcb 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ECompSyntaxErr.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
- *  This type of exception is thrown in cases where an parsing
- *  error is found while evaluating a PKI component.  An example
- * would be in trying to evaluate a PKI authentication message and
- * the parsing operation fails due to a missing token.
- *  
+ * This type of exception is thrown in cases where an parsing error is found
+ * while evaluating a PKI component. An example would be in trying to evaluate a
+ * PKI authentication message and the parsing operation fails due to a missing
+ * token.
+ * 
  * @version $Revision$ $Date$
  */
 public class ECompSyntaxErr extends ELdapException {
@@ -37,8 +35,9 @@ public class ECompSyntaxErr extends ELdapException {
     private static final long serialVersionUID = -2224290038321971845L;
 
     /**
-     *   Construct a ECompSyntaxErr
-     *   @param errorString The descriptive error condition.
+     * Construct a ECompSyntaxErr
+     * 
+     * @param errorString The descriptive error condition.
      */
 
     public ECompSyntaxErr(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java b/pki/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java
index 8c482a4e8..fdf4a1b9f 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/EMapperNotFound.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
- * Exception for Publish  Mapper not found.
- *
+ * Exception for Publish Mapper not found.
+ * 
  * @version $Revision$ $Date$
  */
 public class EMapperNotFound extends ELdapException {
@@ -35,6 +33,7 @@ public class EMapperNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing required mapper
+     * 
      * @param errorString Detailed error message.
      */
     public EMapperNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java
index d487488b3..f8f18c5ff 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/EMapperPluginNotFound.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
  * Exception for Mapper Plugin not found.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public class EMapperPluginNotFound extends ELdapException {
@@ -35,10 +33,10 @@ public class EMapperPluginNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing mapper plugin
+     * 
      * @param errorString Detailed error message.
      */
     public EMapperPluginNotFound(String errorString) {
         super(errorString);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java b/pki/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java
index 12054dd15..176001e99 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/EPublisherNotFound.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
  * Exception for Publisher not found. Required for successful publishing.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public class EPublisherNotFound extends ELdapException {
@@ -35,6 +33,7 @@ public class EPublisherNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing required publisher.
+     * 
      * @param errorString Detailed error message.
      */
     public EPublisherNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java
index 0a7fa1caf..ad47d0c70 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/EPublisherPluginNotFound.java
@@ -17,13 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
- * Exception for Publisher Plugin not found.  Plugin implementation is required to actually publish.
- *
+ * Exception for Publisher Plugin not found. Plugin implementation is required
+ * to actually publish.
+ * 
  * @version $Revision$ $Date$
  */
 public class EPublisherPluginNotFound extends ELdapException {
@@ -35,10 +34,10 @@ public class EPublisherPluginNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing publisher plugin.
+     * 
      * @param errorString Detailed error message.
      */
     public EPublisherPluginNotFound(String errorString) {
         super(errorString);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java b/pki/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java
index 2094967df..dba161dde 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ERuleNotFound.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
  * Exception for Ldap Publishing Rule not found.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public class ERuleNotFound extends ELdapException {
@@ -34,7 +32,9 @@ public class ERuleNotFound extends ELdapException {
     private static final long serialVersionUID = 8442034769483263745L;
 
     /**
-     * Constructs a exception for a missing required rule, which links a publisher and mapper.
+     * Constructs a exception for a missing required rule, which links a
+     * publisher and mapper.
+     * 
      * @param errorString Detailed error message.
      */
     public ERuleNotFound(String errorString) {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java b/pki/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java
index 24ffa11a0..bfb41e14e 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ERulePluginNotFound.java
@@ -17,13 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
- * Exception for Publisher Rule plugin not found.  Plugin required to implement Ldap Rule.
- *
+ * Exception for Publisher Rule plugin not found. Plugin required to implement
+ * Ldap Rule.
+ * 
  * @version $Revision$ $Date$
  */
 public class ERulePluginNotFound extends ELdapException {
@@ -35,10 +34,10 @@ public class ERulePluginNotFound extends ELdapException {
 
     /**
      * Constructs a exception for a missing rule plugin.
+     * 
      * @param errorString Detailed error message.
      */
     public ERulePluginNotFound(String errorString) {
         super(errorString);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java b/pki/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java
index cae75d2f8..e426d9317 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ICRLPublisher.java
@@ -17,50 +17,43 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import netscape.security.x509.X509CRLImpl;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * This interface represents a CRL publisher that is
- * invoked when CRL publishing is requested by CMS.
- * Note that CMS, by default, shipped with a LDAP-based 
- * CRL publisher that can be configured via 
- * Certificiate Manager/LDAP Publishing panel. This
- * interface provides administrator additional capability 
- * of publishing CRL to different destinations.
- *
- * The CRL publishing frequency is configured via
- * Netscape Certificate Server Console's 
- * Certificate Manager/Revocation List panel.
- * The CRL publishing may occur either everytime a 
- * certificate is revoked or at a pre-defined interval.
+ * This interface represents a CRL publisher that is invoked when CRL publishing
+ * is requested by CMS. Note that CMS, by default, shipped with a LDAP-based CRL
+ * publisher that can be configured via Certificiate Manager/LDAP Publishing
+ * panel. This interface provides administrator additional capability of
+ * publishing CRL to different destinations.
  * 
- * To try out this new CRL publisher mechanism, do
- * the following:
- * (1) Write a sample CRL publisher class that implements
- *     ICRLPublisher interface. For example,
+ * The CRL publishing frequency is configured via Netscape Certificate Server
+ * Console's Certificate Manager/Revocation List panel. The CRL publishing may
+ * occur either everytime a certificate is revoked or at a pre-defined interval.
+ * 
+ * To try out this new CRL publisher mechanism, do the following: (1) Write a
+ * sample CRL publisher class that implements ICRLPublisher interface. For
+ * example,
  * 
  * <code>
  * public class CRLPublisher implements ICRLPublisher
  * {
  * 	public void init(ISubsystem owner, IConfigStore config) 
- *		throws EBaseException
+ * 		throws EBaseException
  * 	{
- *		log(ILogger.LL_DEBUG, "CRLPublisher: Initialized");
+ * 		log(ILogger.LL_DEBUG, "CRLPublisher: Initialized");
  * 	}
- *
- *	public void publish(String issuingPointId, X509CRLImpl crl) 
+ * 
+ * 	public void publish(String issuingPointId, X509CRLImpl crl) 
  * 		throws EBaseException 
  *      {
  * 		log(ILogger.LL_DEBUG, "CRLPublisher: " + issuingPointId + 
  *                " crl=" + crl);
  * 	}
- *
+ * 
  *      public void log(int level, String msg)
  *      {
  *              Logger.getLogger().log(ILogger.EV_SYSTEM, 
@@ -69,14 +62,12 @@ import com.netscape.certsrv.base.ISubsystem;
  *      }
  * }
  * </code>
- *
- * (2) Compile the class and place the class into 
- *     <server-root>\bin\cert\classes directory. 
- * (3) Add the following parameter to CMS.cfg
- *       ca.crlPublisher.class=<implementation class>
- *     For example,
- *       ca.crlPublisher.class=myCRLPublisher
- *
+ * 
+ * (2) Compile the class and place the class into <server-root>\bin\cert\classes
+ * directory. (3) Add the following parameter to CMS.cfg
+ * ca.crlPublisher.class=<implementation class> For example,
+ * ca.crlPublisher.class=myCRLPublisher
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICRLPublisher {
@@ -84,26 +75,25 @@ public interface ICRLPublisher {
     /**
      * Initializes this CRL publisher.
      * 
-     * @param owner parent of the publisher. An object of type 
-     *        CertificateAuthority.
-     * @param config config store for this publisher. If this
-     *        publisher requires configuration parameters for
-     *        initialization, the parameters should be placed
-     *        in CMS.cfg as ca.crlPublisher.<paramType>=<paramValue>
+     * @param owner parent of the publisher. An object of type
+     *            CertificateAuthority.
+     * @param config config store for this publisher. If this publisher requires
+     *            configuration parameters for initialization, the parameters
+     *            should be placed in CMS.cfg as
+     *            ca.crlPublisher.<paramType>=<paramValue>
      * @exception EBaseException failed to initialize this publisher
      */
-    public void init(ISubsystem owner, IConfigStore config) 
-        throws EBaseException;
+    public void init(ISubsystem owner, IConfigStore config)
+            throws EBaseException;
 
     /**
-     * Publishes CRL. This method is invoked by CMS based
-     * on the configured CRL publishing frequency.
-     *
-     * @param issuingPointId CRL issuing point identifier 
-     *          (i.e. MasterCRL)
+     * Publishes CRL. This method is invoked by CMS based on the configured CRL
+     * publishing frequency.
+     * 
+     * @param issuingPointId CRL issuing point identifier (i.e. MasterCRL)
      * @param crl CRL that is publishing
      * @exception EBaseException failed to publish
      */
-    public void publish(String issuingPointId, X509CRLImpl crl) 
-        throws EBaseException;
-} 
+    public void publish(String issuingPointId, X509CRLImpl crl)
+            throws EBaseException;
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java
index cd4012a45..ebc615fc4 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapCertMapper.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import java.security.cert.X509Certificate;
 import java.util.Vector;
 
@@ -25,10 +24,9 @@ import netscape.ldap.LDAPConnection;
 
 import com.netscape.certsrv.ldap.ELdapException;
 
-
-/** 
- * Interface for mapping a X509 certificate to a LDAP entry. 
- *
+/**
+ * Interface for mapping a X509 certificate to a LDAP entry.
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapCertMapper extends ILdapPlugin {
@@ -54,18 +52,17 @@ public interface ILdapCertMapper extends ILdapPlugin {
     public Vector getInstanceParams();
 
     /**
-     * maps a certificate to a LDAP entry.
-     * returns dn of the mapped LDAP entry.
+     * maps a certificate to a LDAP entry. returns dn of the mapped LDAP entry.
+     * 
      * @param conn the LDAP connection
      * @param cert the certificate to map
      * @param checkForCert whether to check for the presence of the cert
-     * @exception ELdapException  Failed to map.
-     * @return LdapCertMapResult indicates whether a mapping was successful
-     * and whether a certificate was found if checkForCert was true.
-     * If checkForCert was not set the hasCert method in LdapCertMapResult
-     * should be ignored.
+     * @exception ELdapException Failed to map.
+     * @return LdapCertMapResult indicates whether a mapping was successful and
+     *         whether a certificate was found if checkForCert was true. If
+     *         checkForCert was not set the hasCert method in LdapCertMapResult
+     *         should be ignored.
      */
-    public LdapCertMapResult map(LDAPConnection conn, 
-        X509Certificate cert, boolean checkForCert)
-        throws ELdapException;
+    public LdapCertMapResult map(LDAPConnection conn, X509Certificate cert,
+            boolean checkForCert) throws ELdapException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java
index a15ea0abc..e53ee7f6c 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapCrlMapper.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import netscape.ldap.LDAPConnection;
 import netscape.security.x509.X509CRLImpl;
 
@@ -25,36 +24,34 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.ldap.ELdapException;
 
-
-/** 
- * Interface for mapping a CRL to a LDAP entry. 
- *
+/**
+ * Interface for mapping a CRL to a LDAP entry.
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapCrlMapper {
 
     /**
-     * maps a crl to a LDAP entry.
-     * returns dn of the mapped LDAP entry.
+     * maps a crl to a LDAP entry. returns dn of the mapped LDAP entry.
+     * 
      * @param conn the LDAP connection
      * @param crl the CRL to map
      * @param checkForCrl whether to check for the presence of the CRL
-     * @exception ELdapException  Failed to map CRL to entry.
-     * @return LdapCertMapResult indicates whether a mapping was successful
-     * and whether a certificate was found if checkForCert was true.
-     * If checkForCert was not set the hasCert method in LdapCertMapResult
-     * should be ignored.
+     * @exception ELdapException Failed to map CRL to entry.
+     * @return LdapCertMapResult indicates whether a mapping was successful and
+     *         whether a certificate was found if checkForCert was true. If
+     *         checkForCert was not set the hasCert method in LdapCertMapResult
+     *         should be ignored.
      */
-    public LdapCertMapResult 
-    map(LDAPConnection conn, X509CRLImpl crl, boolean checkForCrl)
-        throws ELdapException;
+    public LdapCertMapResult map(LDAPConnection conn, X509CRLImpl crl,
+            boolean checkForCrl) throws ELdapException;
 
     /**
      * initialize from config store.
+     * 
      * @param config the configuration store to initialize from.
      * @exception ELdapException Initialization failed due to Ldap error.
      * @exception EBaseException Initialization failed.
      */
-    public void init(IConfigStore config)
-        throws ELdapException, EBaseException;
+    public void init(IConfigStore config) throws ELdapException, EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java
index 26360fe89..410f7f626 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapExpression.java
@@ -17,15 +17,13 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.base.SessionContext;
 import com.netscape.certsrv.ldap.ELdapException;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
  * Interface for a Ldap predicate expression.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ILdapExpression {
@@ -44,28 +42,26 @@ public interface ILdapExpression {
 
     /**
      * Evaluate the Expression.
-     *
-     * @param   sc       The SessionContext on which we are applying the condition.
-     * @return          The return value.
-     * @exception          ELdapExeption  Failed to evaluate expression.
+     * 
+     * @param sc The SessionContext on which we are applying the condition.
+     * @return The return value.
+     * @exception ELdapExeption Failed to evaluate expression.
      */
-    boolean evaluate(SessionContext sc)
-        throws ELdapException;
+    boolean evaluate(SessionContext sc) throws ELdapException;
 
     /**
      * Evaluate the Expression.
-     *
-     * @param    req	The PKIRequest on which we are applying the condition.
-     * @return 		The return value.
-     * @exception          ELdapExeption  Failed to evaluate expression.
+     * 
+     * @param req The PKIRequest on which we are applying the condition.
+     * @return The return value.
+     * @exception ELdapExeption Failed to evaluate expression.
      */
-    boolean evaluate(IRequest req)
-        throws ELdapException;
+    boolean evaluate(IRequest req) throws ELdapException;
 
     /**
      * Convert to a string.
+     * 
      * @return String representation of expression.
      */
     public String toString();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java
index c4afd0397..146ccd180 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapMapper.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import java.util.Vector;
 
 import netscape.ldap.LDAPConnection;
@@ -25,10 +24,9 @@ import netscape.ldap.LDAPConnection;
 import com.netscape.certsrv.ldap.ELdapException;
 import com.netscape.certsrv.request.IRequest;
 
-
-/** 
- * Interface for mapping a X509 certificate to a LDAP entry. 
- *
+/**
+ * Interface for mapping a X509 certificate to a LDAP entry.
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapMapper extends ILdapPlugin {
@@ -54,28 +52,24 @@ public interface ILdapMapper extends ILdapPlugin {
     public Vector<String> getInstanceParams();
 
     /**
-     * maps a certificate to a LDAP entry.
-     * returns dn of the mapped LDAP entry.
+     * maps a certificate to a LDAP entry. returns dn of the mapped LDAP entry.
+     * 
      * @param conn the LDAP connection
      * @param obj the object to map
      * @return dn indicates whether a mapping was successful
      * @exception ELdapException Map operation failed.
      */
-    public String 
-    map(LDAPConnection conn, Object obj)
-        throws ELdapException;
+    public String map(LDAPConnection conn, Object obj) throws ELdapException;
 
     /**
-     * maps a certificate to a LDAP entry.
-     * returns dn of the mapped LDAP entry.
+     * maps a certificate to a LDAP entry. returns dn of the mapped LDAP entry.
+     * 
      * @param conn the LDAP connection
-     * @param r    the request to map
-     * @param obj  the object to map
+     * @param r the request to map
+     * @param obj the object to map
      * @return dn indicates whether a mapping was successful
      * @exception ELdapException Map operation failed.
      */
-    public String 
-    map(LDAPConnection conn, IRequest r, Object obj)
-        throws ELdapException;
+    public String map(LDAPConnection conn, IRequest r, Object obj)
+            throws ELdapException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java
index b73b5ae28..21904f3ca 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPlugin.java
@@ -17,27 +17,25 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.ldap.ELdapException;
 
-
-/** 
+/**
  * Interface for any Ldap plugin.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapPlugin {
 
     /**
      * Initialize from config store.
+     * 
      * @param config the configuration store to initialize from.
      * @exception ELdapException initialization failed due to Ldap error.
      * @exception EBaseException initialization failed.
      */
-    public void init(IConfigStore config)
-        throws EBaseException, ELdapException;
+    public void init(IConfigStore config) throws EBaseException, ELdapException;
 
     /**
      * Return config store.
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java
index e84b62fc1..5d85473d2 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPluginImpl.java
@@ -17,37 +17,36 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.IPluginImpl;
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.ldap.ELdapException;
 
-
-/** 
+/**
  * Interface for any ldap plugin. Plugin implementation is defined here.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapPluginImpl extends IPluginImpl {
 
     /**
      * initialize from config store.
+     * 
      * @param config the configuration store to initialize from.
      * @exception ELdapException initializtion failed due to Ldap error.
      * @exception EBaseException initialization failed.
      */
     public void init(ISubsystem sys, IConfigStore config)
-        throws EBaseException, ELdapException;
+            throws EBaseException, ELdapException;
 
     /**
      * initialize from config store and Isubsystem.
+     * 
      * @param config the configuration store to initialize from.
      * @exception ELdapException initializtion failed due to Ldap error.
      * @exception EBaseException initialization failed.
      */
-    public void init(IConfigStore config)
-        throws EBaseException, ELdapException;
+    public void init(IConfigStore config) throws EBaseException, ELdapException;
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java
index 001d472bc..f31b3c608 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublishModule.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.IRequestListener;
 
-
-/**  
- * Handles requests to  perform Ldap publishing.
- *
+/**
+ * Handles requests to perform Ldap publishing.
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapPublishModule extends IRequestListener {
@@ -32,14 +30,14 @@ public interface ILdapPublishModule extends IRequestListener {
     /**
      * initialize ldap publishing module with config store
      */
-    //	public void init(ICertAuthority owner, IConfigStore config) 
-    //		throws EBaseException, ELdapException;
+    // public void init(ICertAuthority owner, IConfigStore config)
+    // throws EBaseException, ELdapException;
 
     /**
-     * Accepts completed requests from an authority and 
-     * performs ldap publishing.
-     * @param request The publishing request. 
+     * Accepts completed requests from an authority and performs ldap
+     * publishing.
+     * 
+     * @param request The publishing request.
      */
     public void accept(IRequest request);
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java
index 5a1197dca..5d6b8ca90 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapPublisher.java
@@ -17,17 +17,15 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import java.util.Vector;
 
 import netscape.ldap.LDAPConnection;
 
 import com.netscape.certsrv.ldap.ELdapException;
 
-
-/** 
- * Interface for publishing certificate or crl to database store. 
- *
+/**
+ * Interface for publishing certificate or crl to database store.
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapPublisher extends ILdapPlugin {
@@ -58,30 +56,25 @@ public interface ILdapPublisher extends ILdapPlugin {
     /**
      * Publish an object.
      * 
-     * @param conn a Ldap connection 
-     *        (null for non-LDAP publishing)
-     * @param dn dn of the ldap entry to publish cert
-     *        (null for non-LDAP publishing)
-     * @param object object to publish
-     *        (java.security.cert.X509Certificate or,
-     *         java.security.cert.X509CRL)
+     * @param conn a Ldap connection (null for non-LDAP publishing)
+     * @param dn dn of the ldap entry to publish cert (null for non-LDAP
+     *            publishing)
+     * @param object object to publish (java.security.cert.X509Certificate or,
+     *            java.security.cert.X509CRL)
      * @exception ELdapException publish failed.
      */
     public void publish(LDAPConnection conn, String dn, Object object)
-        throws ELdapException;
+            throws ELdapException;
 
     /**
      * Unpublish an object.
-     *
-     * @param conn the Ldap connection
-     *        (null for non-LDAP publishing)
-     * @param dn dn of the ldap entry to unpublish cert
-     *        (null for non-LDAP publishing)
-     * @param object object to unpublish 
-     *        (java.security.cert.X509Certificate)
+     * 
+     * @param conn the Ldap connection (null for non-LDAP publishing)
+     * @param dn dn of the ldap entry to unpublish cert (null for non-LDAP
+     *            publishing)
+     * @param object object to unpublish (java.security.cert.X509Certificate)
      * @exception ELdapException unpublish failed.
      */
     public void unpublish(LDAPConnection conn, String dn, Object object)
-        throws ELdapException;
+            throws ELdapException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/ILdapRule.java b/pki/base/common/src/com/netscape/certsrv/publish/ILdapRule.java
index 4c5699b1c..f508ae646 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/ILdapRule.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/ILdapRule.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import java.util.Vector;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 
-
-/** 
+/**
  * Interface for publishing rule which associates a Publisher with a Mapper.
- *
+ * 
  * @version $Revision$ $Date$
  */
 public interface ILdapRule extends ILdapPlugin {
@@ -36,10 +34,11 @@ public interface ILdapRule extends ILdapPlugin {
 
     /**
      * Initialize the plugin.
+     * 
      * @exception EBaseException Initialization failed.
      */
-    public void init(IPublisherProcessor processor, IConfigStore
-        config) throws EBaseException;
+    public void init(IPublisherProcessor processor, IConfigStore config)
+            throws EBaseException;
 
     /**
      * Returns the implementation name.
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java b/pki/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java
index 6ff997a1d..e6cd3756e 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/IPublishRuleSet.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import java.util.Enumeration;
 
 import netscape.ldap.LDAPConnection;
@@ -28,22 +27,20 @@ import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.ldap.ELdapException;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
  * Represents a set of publishing rules. Publishing rules are ordered from
- * lowest priority to highest priority. The priority assignment for publishing 
- * rules is not enforced by this interface. Various implementation may
- * use different mechanisms such as a linear ordering of publishing rules
- * in a configuration file or explicit assignment of priority levels ..etc.
- * The publishing rule initialization needs to deal with reading the 
- * publishing rules, sorting them in increasing order of priority and 
- * presenting an ordered vector of publishing rules via the IPublishRuleSet 
- * interface.
- * When a request comes, the predicates of the publishing rules will be 
- * checked in the order to find the first matched publishing rule as the 
- * mapping rule to (un)publish the object.
+ * lowest priority to highest priority. The priority assignment for publishing
+ * rules is not enforced by this interface. Various implementation may use
+ * different mechanisms such as a linear ordering of publishing rules in a
+ * configuration file or explicit assignment of priority levels ..etc. The
+ * publishing rule initialization needs to deal with reading the publishing
+ * rules, sorting them in increasing order of priority and presenting an ordered
+ * vector of publishing rules via the IPublishRuleSet interface. When a request
+ * comes, the predicates of the publishing rules will be checked in the order to
+ * find the first matched publishing rule as the mapping rule to (un)publish the
+ * object.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPublishRuleSet {
@@ -52,7 +49,7 @@ public interface IPublishRuleSet {
     /**
      * Returns the name of the publishing rule set.
      * <P>
-     *
+     * 
      * @return The name of the publishing rule set.
      */
     String getName();
@@ -60,6 +57,7 @@ public interface IPublishRuleSet {
     /**
      * Returns the no of publishing rules in a set.
      * <P>
+     * 
      * @return the no of publishing rules.
      */
     int count();
@@ -67,33 +65,34 @@ public interface IPublishRuleSet {
     /**
      * Add a publishing rule
      * <P>
-     *
-     * @param aliasName  The name of the publishing rule to be added.
-     * @param rule rule  The publishing rule to be added.
+     * 
+     * @param aliasName The name of the publishing rule to be added.
+     * @param rule rule The publishing rule to be added.
      */
     void addRule(String aliasName, ILdapRule rule);
 
     /**
      * Removes a publishing rule identified by the given name.
-     *
-     * @param ruleName  The name of the publishing rule to be removed.
+     * 
+     * @param ruleName The name of the publishing rule to be removed.
      */
     void removeRule(String ruleName);
 
     /**
      * Get the publishing rule identified by a given name.
      * <P>
-     *
-     * @param ruleName  The name of the publishing rule to be return.
-     * @return The publishing rule identified by the given name or null if none exists.
+     * 
+     * @param ruleName The name of the publishing rule to be return.
+     * @return The publishing rule identified by the given name or null if none
+     *         exists.
      */
     ILdapRule getRule(String ruleName);
 
     /**
      * Get the publishing rule identified by a corresponding request.
      * <P>
-     *
-     * @param req  The request from which rule will be identified.
+     * 
+     * @param req The request from which rule will be identified.
      * @return The publishing rule or null if none exists.
      */
     ILdapRule getRule(IRequest req);
@@ -101,24 +100,22 @@ public interface IPublishRuleSet {
     /**
      * Get an enumeration of publishing rules.
      * <P>
-     *
+     * 
      * @return An enumeration of publishing rules.
      */
     Enumeration getRules();
 
     /**
-     * Apply publishing rules on a request. 
-     * The predicates of the publishing rules will be checked in the order 
-     * to find the first matched publishing rule. 
-     * Use the mapper to find the dn of the LDAP entry and use the publisher 
-     * to publish the object in the request.
+     * Apply publishing rules on a request. The predicates of the publishing
+     * rules will be checked in the order to find the first matched publishing
+     * rule. Use the mapper to find the dn of the LDAP entry and use the
+     * publisher to publish the object in the request.
      * <P>
-     *
-     * @param conn    The Ldap connection
-     * @param req   The request to apply policies on.
-     * @exception  ELdapException publish failed due to Ldap error.
+     * 
+     * @param conn The Ldap connection
+     * @param req The request to apply policies on.
+     * @exception ELdapException publish failed due to Ldap error.
      */
     public void publish(LDAPConnection conn, IRequest req)
-        throws ELdapException;
+            throws ELdapException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java b/pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java
index 1da2f3467..08a446466 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import java.math.BigInteger;
 import java.security.cert.X509CRL;
 import java.security.cert.X509Certificate;
@@ -32,11 +31,10 @@ import com.netscape.certsrv.ldap.ELdapException;
 import com.netscape.certsrv.ldap.ILdapConnModule;
 import com.netscape.certsrv.request.IRequest;
 
-
 /**
- *  Controls the publishing process from the top level.  Maintains
- *  a collection of Publishers , Mappers, and Publish Rules.
- *
+ * Controls the publishing process from the top level. Maintains a collection of
+ * Publishers , Mappers, and Publish Rules.
+ * 
  * @version $Revision$ $Date$
  */
 
@@ -64,91 +62,97 @@ public interface IPublisherProcessor extends ISubsystem {
     public static final String PROP_TYPE = "type";
 
     /**
-     *
+     * 
      * Returns Hashtable of rule plugins.
      */
 
     public Hashtable<String, RulePlugin> getRulePlugins();
 
     /**
-     *
-     * Returns Hashtable of rule  instances.
+     * 
+     * Returns Hashtable of rule instances.
      */
 
     public Hashtable<String, ILdapRule> getRuleInsts();
 
     /**
-     *
+     * 
      * Returns Hashtable of mapper plugins.
      */
 
     public Hashtable<String, MapperPlugin> getMapperPlugins();
 
     /**
-     *
+     * 
      * Returns Hashtable of publisher plugins.
      */
     public Hashtable<String, PublisherPlugin> getPublisherPlugins();
 
     /**
-     *
+     * 
      * Returns Hashtable of rule mapper instances.
      */
     public Hashtable<String, MapperProxy> getMapperInsts();
 
     /**
-     *
+     * 
      * Returns Hashtable of rule publisher instances.
      */
     public Hashtable<String, PublisherProxy> getPublisherInsts();
 
     /**
-     *
+     * 
      * Returns list of rules based on publishing type.
+     * 
      * @param publishingType Type for which to retrieve rule list.
      */
 
     public Enumeration<ILdapRule> getRules(String publishingType);
 
     /**
-     *
+     * 
      * Returns list of rules based on publishing type and publishing request.
+     * 
      * @param publishingType Type for which to retrieve rule list.
-     * @param req  Corresponding publish request.
+     * @param req Corresponding publish request.
      */
     public Enumeration<ILdapRule> getRules(String publishingType, IRequest req);
 
     /**
-     *
+     * 
      * Returns mapper initial default parameters.
+     * 
      * @param implName name of MapperPlugin.
      */
 
-    public Vector<String> getMapperDefaultParams(String implName) throws
-            ELdapException;
+    public Vector<String> getMapperDefaultParams(String implName)
+            throws ELdapException;
 
     /**
-     *
-     * Returns mapper current instance  parameters.
+     * 
+     * Returns mapper current instance parameters.
+     * 
      * @param insName name of MapperProxy.
      * @exception ELdapException failed due to Ldap error.
      */
 
-    public Vector<String> getMapperInstanceParams(String insName) throws
-            ELdapException;
+    public Vector<String> getMapperInstanceParams(String insName)
+            throws ELdapException;
 
     /**
-     *
+     * 
      * Returns publisher initial default parameters.
+     * 
      * @param implName name of PublisherPlugin.
      * @exception ELdapException failed due to Ldap error.
      */
-    public Vector<String> getPublisherDefaultParams(String implName) throws
-            ELdapException;
+    public Vector<String> getPublisherDefaultParams(String implName)
+            throws ELdapException;
 
     /**
-     *
+     * 
      * Returns true if MapperInstance is enabled.
+     * 
      * @param insName name of MapperProxy.
      * @return true if enabled. false if disabled.
      */
@@ -156,77 +160,86 @@ public interface IPublisherProcessor extends ISubsystem {
     public boolean isMapperInstanceEnable(String insName);
 
     /**
-     *
+     * 
      * Returns ILdapMapper instance that is currently active.
+     * 
      * @param insName name of MapperProxy.
      * @return instance of ILdapMapper.
-     */ 
+     */
     public ILdapMapper getActiveMapperInstance(String insName);
 
     /**
-     *
+     * 
      * Returns ILdapMapper instance based on name of MapperProxy.
+     * 
      * @param insName name of MapperProxy.
      * @return instance of ILdapMapper.
      */
     public ILdapMapper getMapperInstance(String insName);
 
     /**
-     *
+     * 
      * Returns true publisher instance is currently enabled.
+     * 
      * @param insName name of PublisherProxy.
      * @return true if enabled.
      */
     public boolean isPublisherInstanceEnable(String insName);
 
     /**
-     *
+     * 
      * Returns ILdapPublisher instance that is currently active.
+     * 
      * @param insName name of PublisherProxy.
      * @return instance of ILdapPublisher.
      */
     public ILdapPublisher getActivePublisherInstance(String insName);
 
     /**
-     *
+     * 
      * Returns ILdapPublisher instance.
+     * 
      * @param insName name of PublisherProxy.
      * @return instance of ILdapPublisher.
      */
     public ILdapPublisher getPublisherInstance(String insName);
 
     /**
-     *
+     * 
      * Returns Vector of PublisherIntance's current instance parameters.
+     * 
      * @param insName name of PublisherProxy.
      * @return Vector of current instance parameters.
      */
-    public Vector<String> getPublisherInstanceParams(String insName) throws
-            ELdapException;
+    public Vector<String> getPublisherInstanceParams(String insName)
+            throws ELdapException;
 
     /**
-     *
+     * 
      * Returns Vector of RulePlugin's initial default parameters.
+     * 
      * @param implName name of RulePlugin.
      * @return Vector of initial default parameters.
      * @exception ELdapException failed due to Ldap error.
      */
-    public Vector<String> getRuleDefaultParams(String implName) throws
-            ELdapException;
+    public Vector<String> getRuleDefaultParams(String implName)
+            throws ELdapException;
 
     /**
-     *
+     * 
      * Returns Vector of RulePlugin's current instance parameters.
+     * 
      * @param implName name of RulePlugin.
      * @return Vector of current instance parameters.
      * @exception ELdapException failed due to Ldap error.
      */
-    public Vector<String> getRuleInstanceParams(String implName) throws
-            ELdapException;
+    public Vector<String> getRuleInstanceParams(String implName)
+            throws ELdapException;
 
     /**
-     * Set published flag - true when published, false when unpublished. 
-     * Not exist means not published. 
+     * Set published flag - true when published, false when unpublished. Not
+     * exist means not published.
+     * 
      * @param serialNo serial number of publishable object.
      * @param published true for published, false for not.
      */
@@ -234,102 +247,108 @@ public interface IPublisherProcessor extends ISubsystem {
 
     /**
      * Publish ca cert, UpdateDir.java, jobs, request listeners
+     * 
      * @param cert X509 certificate to be published.
      * @exception ELdapException publish failed due to Ldap error.
      */
-    public void publishCACert(X509Certificate cert)
-        throws ELdapException;
+    public void publishCACert(X509Certificate cert) throws ELdapException;
 
     /**
-     * This function is never called. CMS does not unpublish
-     * CA certificate.
+     * This function is never called. CMS does not unpublish CA certificate.
      */
-    public void unpublishCACert(X509Certificate cert)
-        throws ELdapException;
+    public void unpublishCACert(X509Certificate cert) throws ELdapException;
 
     /**
-     * Publishs regular user certificate based on the criteria
-     * set in the request.
+     * Publishs regular user certificate based on the criteria set in the
+     * request.
+     * 
      * @param cert X509 certificate to be published.
-     * @param req  request which provides the criteria
+     * @param req request which provides the criteria
      * @exception ELdapException publish failed due to Ldap error.
      */
     public void publishCert(X509Certificate cert, IRequest req)
-        throws ELdapException;
+            throws ELdapException;
 
     /**
-     * Unpublish user certificate. This is used by 
-     * UnpublishExpiredJob.
+     * Unpublish user certificate. This is used by UnpublishExpiredJob.
+     * 
      * @param cert X509 certificate to be unpublished.
-     * @param req  request which provides the criteria
+     * @param req request which provides the criteria
      * @exception ELdapException unpublish failed due to Ldap error.
      */
     public void unpublishCert(X509Certificate cert, IRequest req)
-        throws ELdapException;
+            throws ELdapException;
 
     /**
-     * publishes a crl by mapping the issuer name in the crl to an entry
-     * and publishing it there. entry must be a certificate authority.
-     * Note that this is used by cmsgateway/cert/UpdateDir.java
+     * publishes a crl by mapping the issuer name in the crl to an entry and
+     * publishing it there. entry must be a certificate authority. Note that
+     * this is used by cmsgateway/cert/UpdateDir.java
+     * 
      * @param crl Certificate Revocation List
      * @param crlIssuingPointId name of the issuing point.
-    * @exception ELdapException publish failed due to Ldap error.
+     * @exception ELdapException publish failed due to Ldap error.
      */
-    public void publishCRL(X509CRLImpl crl,String crlIssuingPointId) 
-        throws ELdapException;
+    public void publishCRL(X509CRLImpl crl, String crlIssuingPointId)
+            throws ELdapException;
 
     /**
-     * publishes a crl by mapping the issuer name in the crl to an entry
-     * and publishing it there. entry must be a certificate authority.
-     * @param dn  Distinguished name to publish.
+     * publishes a crl by mapping the issuer name in the crl to an entry and
+     * publishing it there. entry must be a certificate authority.
+     * 
+     * @param dn Distinguished name to publish.
      * @param crl Certificate Revocation List
      * @exception ELdapException publish failed due to Ldap error.
      */
-    public void publishCRL(String dn, X509CRL crl) 
-        throws ELdapException;
+    public void publishCRL(String dn, X509CRL crl) throws ELdapException;
 
     /**
-     *
+     * 
      * Return true if Ldap is enabled.
+     * 
      * @return true if Ldap is enabled,otherwise false.
      */
 
     public boolean ldapEnabled();
 
     /**
-     *
+     * 
      * Return true of PublisherProcessor is enabled.
+     * 
      * @return true if is enabled, otherwise false.
-     *
+     * 
      */
     public boolean enabled();
 
     /**
-     *
-     *  Return Authority for which this Processor operates.
+     * 
+     * Return Authority for which this Processor operates.
+     * 
      * @return Authority.
      */
 
     public ISubsystem getAuthority();
 
     /**
-     *
+     * 
      * Perform logging function for this Processor.
-     * @param level  Log level to be used for this message
-     * @param msg    Message to be logged.
+     * 
+     * @param level Log level to be used for this message
+     * @param msg Message to be logged.
      */
 
     public void log(int level, String msg);
 
     /**
-     *
+     * 
      * Returns LdapConnModule belonging to this Processor.
+     * 
      * @return LdapConnModule.
      */
     public ILdapConnModule getLdapConnModule();
 
     /**
      * Sets the LdapConnModule belonging to this Processor.
+     * 
      * @param m ILdapConnModule.
      */
     public void setLdapConnModule(ILdapConnModule m);
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java b/pki/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java
index ce72ed8ab..d8ff2bfc8 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/IXcertPublisherProcessor.java
@@ -17,23 +17,20 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
- * Interface for a publisher that has the capability of publishing
- * cross certs
- *
+ * Interface for a publisher that has the capability of publishing cross certs
+ * 
  * @version $Revision$, $Date$
  */
 public interface IXcertPublisherProcessor extends IPublisherProcessor {
 
     /**
      * Publish crossCertificatePair.
+     * 
      * @param pair Byte array representing cert pair.
      * @exception EldapException publish failed due to Ldap error.
      */
-    public void publishXCertPair(byte[] pair)
-        throws ELdapException;
+    public void publishXCertPair(byte[] pair) throws ELdapException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java b/pki/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java
index 559cd8c0c..900a9854b 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/LdapCertMapResult.java
@@ -17,14 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
-
-
-/** 
- * Class that represents the result of a Ldap Mapping operation.
- *  certificate map result: 
- *  Represented by a mapped entry as a DN and whether entry has the certificate.
- *
+/**
+ * Class that represents the result of a Ldap Mapping operation. certificate map
+ * result: Represented by a mapped entry as a DN and whether entry has the
+ * certificate.
+ * 
  * @version $Revision$ $Date$
  */
 public class LdapCertMapResult {
@@ -38,9 +35,10 @@ public class LdapCertMapResult {
         mDn = dn;
         mHasCert = hasCert;
     }
-	
+
     /**
      * Gets DN from the result.
+     * 
      * @return Distinguished Name.
      */
     public String getDn() {
@@ -49,6 +47,7 @@ public class LdapCertMapResult {
 
     /**
      * Gets whether the ldap entry had a certificate from result.
+     * 
      * @return true if cert is present, false otherwise.
      */
     public boolean hasCert() {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java b/pki/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java
index 282db3cd8..b193e1b5f 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/MapperPlugin.java
@@ -17,25 +17,23 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.base.Plugin;
 
-
 /**
  * This class represents a registered mapper plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class MapperPlugin extends Plugin {
 
     /**
      * Constructs a MapperPlugin based on a name and a path.
+     * 
      * @param id Name of plugin.
      * @param path Classpath of plugin.
      */
-    public MapperPlugin (String id, String path) {
+    public MapperPlugin(String id, String path) {
         super(id, path);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/MapperProxy.java b/pki/base/common/src/com/netscape/certsrv/publish/MapperProxy.java
index bd8ea7418..95dc98d9c 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/MapperProxy.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/MapperProxy.java
@@ -17,13 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
-
-
 /**
- *
- *  Class representing a LdapMapper.
- *
+ * 
+ * Class representing a LdapMapper.
+ * 
  * @version $Revision$ $Date$
  */
 
@@ -32,8 +29,9 @@ public class MapperProxy {
     private ILdapMapper mMapper;
 
     /**
-     *
+     * 
      * Contructs MapperProxy .
+     * 
      * @param enable Enabled or not.
      * @param mapper Corresponding ILdapMapper object.
      */
@@ -43,8 +41,9 @@ public class MapperProxy {
     }
 
     /**
-     *
+     * 
      * Returns if enabled.
+     * 
      * @return true if enabled, otherwise false.
      */
     public boolean isEnable() {
@@ -52,8 +51,9 @@ public class MapperProxy {
     }
 
     /**
-     *
+     * 
      * Returns ILdapMapper object.
+     * 
      * @return Intance of ILdapMapper object.
      */
     public ILdapMapper getMapper() {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java b/pki/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java
index d68643268..5a163b80c 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/PublisherPlugin.java
@@ -17,26 +17,24 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.base.Plugin;
 
-
 /**
  * This class represents a registered publisher plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class PublisherPlugin extends Plugin {
 
     /**
-     *
-     *  Constructs a PublisherPlugin based on name and classpath.
-     *  @param id name of plugin.
-     *  @param path Classpath of plugin.
+     * 
+     * Constructs a PublisherPlugin based on name and classpath.
+     * 
+     * @param id name of plugin.
+     * @param path Classpath of plugin.
      */
-    public PublisherPlugin (String id, String path) {
+    public PublisherPlugin(String id, String path) {
         super(id, path);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java b/pki/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java
index 06e08c31e..5a496d1d5 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/PublisherProxy.java
@@ -17,24 +17,22 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
-
-
 /**
- *
+ * 
  * Class representing a proxy for a ILdapPublisher.
- *
+ * 
  * @version $Revision$ $Date$
  */
 
-
 public class PublisherProxy {
     private boolean mEnable;
     private ILdapPublisher mPublisher;
 
     /**
-     *
-     * Constructs a PublisherProxy based on a ILdapPublisher object and enabled boolean.
+     * 
+     * Constructs a PublisherProxy based on a ILdapPublisher object and enabled
+     * boolean.
+     * 
      * @param enable Proxy is enabled or not.
      * @param publisher Corresponding ILdapPublisher object.
      */
@@ -45,6 +43,7 @@ public class PublisherProxy {
 
     /**
      * Return if enabled or not.
+     * 
      * @return true if enabled, otherwise false.
      */
     public boolean isEnable() {
@@ -53,6 +52,7 @@ public class PublisherProxy {
 
     /**
      * Return ILdapPublisher object.
+     * 
      * @return Instance of ILdapPublisher.
      */
     public ILdapPublisher getPublisher() {
diff --git a/pki/base/common/src/com/netscape/certsrv/publish/RulePlugin.java b/pki/base/common/src/com/netscape/certsrv/publish/RulePlugin.java
index 8e5157262..b37a24d51 100644
--- a/pki/base/common/src/com/netscape/certsrv/publish/RulePlugin.java
+++ b/pki/base/common/src/com/netscape/certsrv/publish/RulePlugin.java
@@ -17,25 +17,24 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.publish;
 
-
 import com.netscape.certsrv.base.Plugin;
 
-
 /**
  * This class represents a registered Publishing Rule plugin.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class RulePlugin extends Plugin {
 
     /**
-     *
+     * 
      * Constructs a RulePlugin based on name and classpath.
+     * 
      * @param id name of RulePlugin.
      * @param path Classpath of RulePlugin.
      */
-    public RulePlugin (String id, String path) {
+    public RulePlugin(String id, String path) {
         super(id, path);
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/ra/IRAService.java b/pki/base/common/src/com/netscape/certsrv/ra/IRAService.java
index 92ccd5587..8bd07a959 100644
--- a/pki/base/common/src/com/netscape/certsrv/ra/IRAService.java
+++ b/pki/base/common/src/com/netscape/certsrv/ra/IRAService.java
@@ -17,47 +17,44 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ra;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.connector.IConnector;
 import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.IService;
 
-
 /**
  * An interface representing a RA request services.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
-public interface IRAService extends IService { 
+public interface IRAService extends IService {
 
     /**
      * Services request.
-     *
+     * 
      * @param req request data
      */
     public boolean serviceRequest(IRequest req);
 
     /**
      * Services profile request.
-     *
+     * 
      * @param request profile enrollment request information
      * @exception EBaseException failed to service profile enrollment request
      */
-    public void serviceProfileRequest(IRequest request)
-        throws EBaseException;
+    public void serviceProfileRequest(IRequest request) throws EBaseException;
 
     /**
      * Returns CA connector.
-     *
+     * 
      * @return CA connector
      */
     public IConnector getCAConnector();
 
     /**
      * Returns KRA connector.
-     *
+     * 
      * @return KRA connector
      */
     public IConnector getKRAConnector();
diff --git a/pki/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java b/pki/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java
index 62fe529f0..06e3d48ed 100644
--- a/pki/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/ra/IRegistrationAuthority.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.ra;
 
-
 import java.util.Enumeration;
 
 import netscape.security.x509.X500Name;
@@ -29,12 +28,11 @@ import com.netscape.certsrv.publish.IPublisherProcessor;
 import com.netscape.certsrv.request.IRequestListener;
 import com.netscape.certsrv.request.IRequestQueue;
 
-
 /**
- * An interface represents a Registration Authority that is
- * responsible for certificate enrollment operations.
+ * An interface represents a Registration Authority that is responsible for
+ * certificate enrollment operations.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRegistrationAuthority extends ISubsystem {
@@ -44,8 +42,8 @@ public interface IRegistrationAuthority extends ISubsystem {
     public static final String PROP_REGISTRATION = "Registration";
     public static final String PROP_GATEWAY = "gateway";
     public static final String PROP_NICKNAME = "certNickname";
-    //public final static String PROP_PUBLISH_SUBSTORE = "publish";
-    //public final static String PROP_LDAP_PUBLISH_SUBSTORE = "ldappublish";
+    // public final static String PROP_PUBLISH_SUBSTORE = "publish";
+    // public final static String PROP_LDAP_PUBLISH_SUBSTORE = "ldappublish";
     public final static String PROP_CONNECTOR = "connector";
     public final static String PROP_NEW_NICKNAME = "newNickname";
 
@@ -57,63 +55,63 @@ public interface IRegistrationAuthority extends ISubsystem {
 
     /**
      * Retrieves the request queue of this registration authority.
-     *
+     * 
      * @return RA's request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Retrieves the publishing processor of this registration authority.
-     *
+     * 
      * @return RA's publishing processor
      */
     public IPublisherProcessor getPublisherProcessor();
 
     /**
      * Retrieves the policy processor of this registration authority.
-     *
+     * 
      * @return RA's policy processor
      */
     public IPolicyProcessor getPolicyProcessor();
 
     /**
      * Retrieves the RA certificate.
-     *
+     * 
      * @return the RA certificate
      */
     public org.mozilla.jss.crypto.X509Certificate getRACert();
 
     /**
      * Retrieves the request in queue listener.
-     *
+     * 
      * @return the request in queue listener
      */
     public IRequestListener getRequestInQListener();
 
     /**
      * Retrieves the request listener for issued certificates.
-     *
+     * 
      * @return the request listener for issued certificates
      */
     public IRequestListener getCertIssuedListener();
 
     /**
      * Retrieves the request listener for revoked certificates.
-     *
+     * 
      * @return the request listener for revoked certificates
      */
     public IRequestListener getCertRevokedListener();
 
     /**
      * Returns the nickname of the RA certificate.
-     *
+     * 
      * @return the nickname of the RA certificate
      */
     public String getNickname();
 
     /**
      * Retrieves the nickname of the RA certificate from configuration store.
-     *
+     * 
      * @return the nickname of the RA certificate
      * @exception EBaseException failed to get nickname
      */
@@ -121,51 +119,51 @@ public interface IRegistrationAuthority extends ISubsystem {
 
     /**
      * Sets the new nickname of the RA certifiate.
-     *
+     * 
      * @param name new nickname
      */
     public void setNewNickName(String name);
 
     /**
      * Sets the nickname of the RA certifiate.
-     *
+     * 
      * @param str nickname
      */
     public void setNickname(String str);
 
     /**
      * Retrieves the default validity period.
-     *
+     * 
      * @return the default validity length in days
      */
     public long getDefaultValidity();
 
     /**
      * Retrieves the issuer name of this registration authority.
-     *
+     * 
      * @return the issuer name of this registration authority
      */
     public X500Name getX500Name();
 
     /**
-     * Retrieves the RA service object that is responsible for
-     * processing requests.
-     *
+     * Retrieves the RA service object that is responsible for processing
+     * requests.
+     * 
      * @return RA service object
      */
-    public IRAService getRAService(); 
+    public IRAService getRAService();
 
     /**
      * Retrieves the request listener by name.
-     *
+     * 
      * @param name request listener name
      * @return the request listener
      */
-    public IRequestListener getRequestListener(String name); 
+    public IRequestListener getRequestListener(String name);
 
     /**
      * Retrieves all request listeners.
-     *
+     * 
      * @return name enumeration of all request listeners
      */
     public Enumeration getRequestListenerNames();
diff --git a/pki/base/common/src/com/netscape/certsrv/registry/ERegistryException.java b/pki/base/common/src/com/netscape/certsrv/registry/ERegistryException.java
index a4574981b..5d2e2c91c 100644
--- a/pki/base/common/src/com/netscape/certsrv/registry/ERegistryException.java
+++ b/pki/base/common/src/com/netscape/certsrv/registry/ERegistryException.java
@@ -17,13 +17,11 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.registry;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * This represents a registry exception.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ERegistryException extends EBaseException {
@@ -35,7 +33,7 @@ public class ERegistryException extends EBaseException {
 
     /**
      * Constructs a registry exception.
-     *
+     * 
      * @param msg message carried along with the exception
      */
     public ERegistryException(String msg) {
diff --git a/pki/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java b/pki/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java
index 774b3f9ba..31a24ab55 100644
--- a/pki/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java
+++ b/pki/base/common/src/com/netscape/certsrv/registry/IPluginInfo.java
@@ -17,28 +17,23 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.registry;
 
-
 import java.util.Locale;
 
-
 /**
- * The plugin information includes name, 
- * class name, and description. The localizable
- * name and description are information
- * for end-users.
+ * The plugin information includes name, class name, and description. The
+ * localizable name and description are information for end-users.
  * <p>
- *
- * The class name can be used to create
- * an instance of the plugin.
+ * 
+ * The class name can be used to create an instance of the plugin.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPluginInfo {
 
     /**
      * Retrieves the localized plugin name.
-     *
+     * 
      * @param locale end-user locale
      * @return plugin name
      */
@@ -46,18 +41,18 @@ public interface IPluginInfo {
 
     /**
      * Retrieves the localized plugin description.
-     *
+     * 
      * @param locale end-user locale
      * @return plugin description
      */
     public String getDescription(Locale locale);
 
     /**
-     * Retrieves the class name of the plugin.
-     * Instance of plugin can be created with
+     * Retrieves the class name of the plugin. Instance of plugin can be created
+     * with
      * <p>
      * Class.forName(info.getClassName());
-     *
+     * 
      * @return java class name
      */
     public String getClassName();
diff --git a/pki/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java b/pki/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java
index 0497562be..afda03cb1 100644
--- a/pki/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java
+++ b/pki/base/common/src/com/netscape/certsrv/registry/IPluginRegistry.java
@@ -17,20 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.registry;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * This represents the registry subsystem that manages 
- * mulitple types of plugin information.
- *
- * The plugin information includes id, name, 
- * classname, and description.
- *
+ * This represents the registry subsystem that manages mulitple types of plugin
+ * information.
+ * 
+ * The plugin information includes id, name, classname, and description.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPluginRegistry extends ISubsystem {
@@ -39,21 +36,21 @@ public interface IPluginRegistry extends ISubsystem {
 
     /**
      * Returns handle to the registry configuration file.
-     *
+     * 
      * @return configuration store of registry subsystem
      */
     public IConfigStore getFileConfigStore();
 
     /**
      * Returns all type names.
-     *
+     * 
      * @return a list of String-based names
      */
     public Enumeration getTypeNames();
 
     /**
      * Returns a list of plugin identifiers of the given type.
-     *
+     * 
      * @param type plugin type
      * @return a list of plugin IDs
      */
@@ -61,7 +58,7 @@ public interface IPluginRegistry extends ISubsystem {
 
     /**
      * Retrieves the plugin information.
-     *
+     * 
      * @param type plugin type
      * @param id plugin id
      * @return plugin info
@@ -70,24 +67,24 @@ public interface IPluginRegistry extends ISubsystem {
 
     /**
      * Adds plugin info.
-     *
+     * 
      * @param type plugin type
      * @param id plugin id
      * @param info plugin info
      * @exception ERegistryException failed to add plugin
      */
     public void addPluginInfo(String type, String id, IPluginInfo info)
-        throws ERegistryException;
+            throws ERegistryException;
 
     /**
      * Removes plugin info.
      */
     public void removePluginInfo(String type, String id)
-     throws ERegistryException;
+            throws ERegistryException;
 
     /**
      * Creates a pluginInfo
      */
-    public IPluginInfo createPluginInfo(String name, String desc, 
-       String classPath);
+    public IPluginInfo createPluginInfo(String name, String desc,
+            String classPath);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java b/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
index 3d3274869..62977c9b7 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import java.math.BigInteger;
 import java.util.Enumeration;
 import java.util.Hashtable;
@@ -31,9 +30,9 @@ import com.netscape.certsrv.ldap.ILdapConnModule;
 import com.netscape.certsrv.publish.IPublisherProcessor;
 
 /**
- * The ARequestNotifier class implements the IRequestNotifier interface,
- * which notifies all registered request listeners.
- *
+ * The ARequestNotifier class implements the IRequestNotifier interface, which
+ * notifies all registered request listeners.
+ * 
  * @version $Revision$, $Date$
  */
 public class ARequestNotifier implements IRequestNotifier {
@@ -52,31 +51,32 @@ public class ARequestNotifier implements IRequestNotifier {
     private int mSavePublishingStatus = 0;
     private int mSavePublishingCounter = 0;
 
-
     public ARequestNotifier() {
         mPublishingQueuePriority = Thread.currentThread().getPriority();
     }
 
-    public ARequestNotifier (ICertificateAuthority ca) {
+    public ARequestNotifier(ICertificateAuthority ca) {
         mCA = ca;
-        if (mCA != null) mRequestQueue = mCA.getRequestQueue();
+        if (mCA != null)
+            mRequestQueue = mCA.getRequestQueue();
     }
 
-    public void setPublishingQueue (boolean isPublishingQueueEnabled,
-                                    int publishingQueuePriorityLevel,
-                                    int maxNumberOfPublishingThreads,
-                                    int publishingQueuePageSize,
-                                    int savePublishingStatus) {
-        CMS.debug("setPublishingQueue:  Publishing Queue Enabled: " + isPublishingQueueEnabled+
-                  "  Priority Level: " + publishingQueuePriorityLevel+
-                  "  Maximum Number of Threads: " + maxNumberOfPublishingThreads+
-                  "  Page Size: "+ publishingQueuePageSize);
+    public void setPublishingQueue(boolean isPublishingQueueEnabled,
+            int publishingQueuePriorityLevel, int maxNumberOfPublishingThreads,
+            int publishingQueuePageSize, int savePublishingStatus) {
+        CMS.debug("setPublishingQueue:  Publishing Queue Enabled: "
+                + isPublishingQueueEnabled + "  Priority Level: "
+                + publishingQueuePriorityLevel
+                + "  Maximum Number of Threads: "
+                + maxNumberOfPublishingThreads + "  Page Size: "
+                + publishingQueuePageSize);
         mIsPublishingQueueEnabled = isPublishingQueueEnabled;
         mMaxThreads = maxNumberOfPublishingThreads;
         mMaxRequests = publishingQueuePageSize;
         mSavePublishingStatus = savePublishingStatus;
 
-        // Publishing Queue Priority Levels:  2 - maximum, 1 - higher, 0 - normal, -1 - lower, -2 - minimum
+        // Publishing Queue Priority Levels: 2 - maximum, 1 - higher, 0 -
+        // normal, -1 - lower, -2 - minimum
         if (publishingQueuePriorityLevel > 1) {
             mPublishingQueuePriority = Thread.MAX_PRIORITY;
         } else if (publishingQueuePriorityLevel > 0) {
@@ -89,8 +89,10 @@ public class ARequestNotifier implements IRequestNotifier {
             mPublishingQueuePriority = Thread.currentThread().getPriority();
         }
 
-        if (mCA != null && mRequestQueue == null) mRequestQueue = mCA.getRequestQueue();
-        if (mIsPublishingQueueEnabled && mSavePublishingStatus > 0 && mRequestQueue != null) {
+        if (mCA != null && mRequestQueue == null)
+            mRequestQueue = mCA.getRequestQueue();
+        if (mIsPublishingQueueEnabled && mSavePublishingStatus > 0
+                && mRequestQueue != null) {
             mPublishingStatus = mRequestQueue.getPublishingStatus();
             BigInteger status = new BigInteger("-2");
             try {
@@ -101,23 +103,23 @@ public class ARequestNotifier implements IRequestNotifier {
             } catch (Exception e) {
             }
         }
-        
+
     }
 
     /**
      * Registers a request listener.
-     *
+     * 
      * @param listener listener to be registered
      */
     public void registerListener(IRequestListener listener) {
         // XXX should check for duplicates here or allow listeners
-        // to register twice and call twice ? 
+        // to register twice and call twice ?
         mListeners.put(listener.getClass().getName(), listener);
     }
 
     /**
      * Registers a request listener.
-     *
+     * 
      * @param name listener name
      * @param listener listener to be registered
      */
@@ -127,18 +129,18 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Removes listener from the list of registered listeners.
-     *
+     * 
      * @param listener listener to be removed from the list
      */
     public void removeListener(IRequestListener listener) {
         // XXX should check for duplicates here or allow listeners
-        // to register twice and call twice ? 
+        // to register twice and call twice ?
         mListeners.remove(listener.getClass().getName());
     }
 
     /**
      * Gets list of listener names.
-     *
+     * 
      * @return enumeration of listener names
      */
     public Enumeration getListenerNames() {
@@ -147,7 +149,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Removes listener from the list of registered listeners.
-     *
+     * 
      * @param name listener name to be removed from the list
      */
     public void removeListener(String name) {
@@ -156,7 +158,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets listener from the list of registered listeners.
-     *
+     * 
      * @param name listener name
      * @return listener
      */
@@ -166,26 +168,26 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets list of listeners.
-     *
+     * 
      * @return enumeration of listeners
      */
     public Enumeration getListeners() {
         return mListeners.elements();
     }
 
-
     private Object publishingCounterMonitor = new Object();
 
     public void updatePublishingStatus(String id) {
         if (mRequestQueue != null) {
             synchronized (publishingCounterMonitor) {
                 if (mSavePublishingCounter == 0) {
-                    CMS.debug("updatePublishingStatus  requestId: "+id);
+                    CMS.debug("updatePublishingStatus  requestId: " + id);
                     mRequestQueue.setPublishingStatus(id);
                 }
                 mSavePublishingCounter++;
-                CMS.debug("updatePublishingStatus  mSavePublishingCounter: "+mSavePublishingCounter+
-                          " mSavePublishingStatus: "+mSavePublishingStatus);
+                CMS.debug("updatePublishingStatus  mSavePublishingCounter: "
+                        + mSavePublishingCounter + " mSavePublishingStatus: "
+                        + mSavePublishingStatus);
                 if (mSavePublishingCounter >= mSavePublishingStatus) {
                     mSavePublishingCounter = 0;
                 }
@@ -197,24 +199,27 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Gets request from publishing queue.
-     *
+     * 
      * @return request
      */
     public synchronized IRequest getRequest() {
-       IRequest r = null;
-       String id = null;
+        IRequest r = null;
+        String id = null;
 
-        CMS.debug("getRequest  mRequests=" + mRequests.size() + "  mSearchForRequests=" + mSearchForRequests);
+        CMS.debug("getRequest  mRequests=" + mRequests.size()
+                + "  mSearchForRequests=" + mSearchForRequests);
         if (mSearchForRequests && mRequests.size() == 1) {
-            id = (String)mRequests.elementAt(0);
-            if (mCA != null && mRequestQueue == null) mRequestQueue = mCA.getRequestQueue();
+            id = (String) mRequests.elementAt(0);
+            if (mCA != null && mRequestQueue == null)
+                mRequestQueue = mCA.getRequestQueue();
             if (id != null && mRequestQueue != null) {
                 CMS.debug("getRequest  request id=" + id);
-                IRequestVirtualList list = mRequestQueue.getPagedRequestsByFilter(
-                                               new RequestId(id),
-                                               "(requeststate=complete)", mMaxRequests, "requestId");
+                IRequestVirtualList list = mRequestQueue
+                        .getPagedRequestsByFilter(new RequestId(id),
+                                "(requeststate=complete)", mMaxRequests,
+                                "requestId");
                 int s = list.getSize() - list.getCurrentIndex();
-                CMS.debug("getRequest  list size: "+s);
+                CMS.debug("getRequest  list size: " + s);
                 for (int i = 0; i < s; i++) {
                     r = null;
                     try {
@@ -229,11 +234,11 @@ public class ARequestNotifier implements IRequestNotifier {
                     if (requestType == null) {
                         continue;
                     }
-                    if (!(requestType.equals(IRequest.ENROLLMENT_REQUEST) ||
-                          requestType.equals(IRequest.RENEWAL_REQUEST) ||
-                          requestType.equals(IRequest.REVOCATION_REQUEST) ||
-                          requestType.equals(IRequest.CMCREVOKE_REQUEST) ||
-                          requestType.equals(IRequest.UNREVOCATION_REQUEST))) {
+                    if (!(requestType.equals(IRequest.ENROLLMENT_REQUEST)
+                            || requestType.equals(IRequest.RENEWAL_REQUEST)
+                            || requestType.equals(IRequest.REVOCATION_REQUEST)
+                            || requestType.equals(IRequest.CMCREVOKE_REQUEST) || requestType
+                            .equals(IRequest.UNREVOCATION_REQUEST))) {
                         continue;
                     }
                     if (i == 0 && id.equals(r.getRequestId().toString())) {
@@ -245,28 +250,33 @@ public class ARequestNotifier implements IRequestNotifier {
                     }
                     if (mRequests.size() < mMaxRequests) {
                         mRequests.addElement(r.getRequestId().toString());
-                        CMS.debug("getRequest  added "+r.getRequestType()+" request "+r.getRequestId().toString()+
-                                  " to mRequests: " + mRequests.size()+" ("+mMaxRequests+")");
+                        CMS.debug("getRequest  added " + r.getRequestType()
+                                + " request " + r.getRequestId().toString()
+                                + " to mRequests: " + mRequests.size() + " ("
+                                + mMaxRequests + ")");
                     } else {
                         break;
                     }
                 }
-                CMS.debug("getRequest  done with adding requests to mRequests: " + mRequests.size());
+                CMS.debug("getRequest  done with adding requests to mRequests: "
+                        + mRequests.size());
             } else {
                 CMS.debug("getRequest  has no access to the request queue");
             }
         }
         if (mRequests.size() > 0) {
-            id = (String)mRequests.elementAt(0);
+            id = (String) mRequests.elementAt(0);
             if (id != null) {
                 CMS.debug("getRequest  getting request: " + id);
-                if (mCA != null && mRequestQueue == null) mRequestQueue = mCA.getRequestQueue();
+                if (mCA != null && mRequestQueue == null)
+                    mRequestQueue = mCA.getRequestQueue();
                 if (mRequestQueue != null) {
                     try {
                         r = mRequestQueue.findRequest(new RequestId(id));
                         mRequests.remove(0);
-                        CMS.debug("getRequest  request "+ id + ((r != null)?" found":" not found"));
-                        //updatePublishingStatus(id);
+                        CMS.debug("getRequest  request " + id
+                                + ((r != null) ? " found" : " not found"));
+                        // updatePublishingStatus(id);
                     } catch (EBaseException e) {
                         CMS.debug("getRequest  EBaseException " + e.toString());
                     }
@@ -278,14 +288,15 @@ public class ARequestNotifier implements IRequestNotifier {
                 mSearchForRequests = false;
             }
         }
-        CMS.debug("getRequest  mRequests=" + mRequests.size() + "  mSearchForRequests=" + mSearchForRequests + " done");
+        CMS.debug("getRequest  mRequests=" + mRequests.size()
+                + "  mSearchForRequests=" + mSearchForRequests + " done");
 
         return r;
     }
 
     /**
      * Gets number of requests in publishing queue.
-     *
+     * 
      * @return number of requests in publishing queue
      */
     public int getNumberOfRequests() {
@@ -294,7 +305,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Checks if publishing queue is enabled.
-     *
+     * 
      * @return true if publishing queue is enabled, false otherwise
      */
     public boolean isPublishingQueueEnabled() {
@@ -303,7 +314,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Removes a notifier thread from the pool of publishing queue threads.
-     *
+     * 
      * @param notifierThread Thread
      */
     public void removeNotifierThread(Thread notifierThread) {
@@ -318,20 +329,22 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Notifies all registered listeners about request.
-     *
+     * 
      * @param r request
      */
     public void notify(IRequest r) {
-        CMS.debug("ARequestNotifier  notify mIsPublishingQueueEnabled="+mIsPublishingQueueEnabled+
-                  " mMaxThreads="+mMaxThreads);
+        CMS.debug("ARequestNotifier  notify mIsPublishingQueueEnabled="
+                + mIsPublishingQueueEnabled + " mMaxThreads=" + mMaxThreads);
         if (mIsPublishingQueueEnabled) {
             addToNotify(r);
         } else if (mMaxThreads == 0) {
             Enumeration listeners = mListeners.elements();
             if (listeners != null && r != null) {
                 while (listeners.hasMoreElements()) {
-                    IRequestListener l = (IRequestListener) listeners.nextElement();
-                    CMS.debug("RunListeners: IRequestListener = " + l.getClass().getName());
+                    IRequestListener l = (IRequestListener) listeners
+                            .nextElement();
+                    CMS.debug("RunListeners: IRequestListener = "
+                            + l.getClass().getName());
                     l.accept(r);
                 }
             }
@@ -341,33 +354,36 @@ public class ARequestNotifier implements IRequestNotifier {
                 new Thread(new RunListeners(r, mListeners.elements())).start();
             } catch (Throwable e) {
 
-            /*
-             CMS.getLogger().log(
-             ILogger.EV_SYSTEM, ILogger.S_REQQUEUE, ILogger.LL_FAILURE, 
-             "Could not run listeners for request " + r.getRequestId() +
-             ". Error " + e + ";" + e.getMessage());
-             */
+                /*
+                 * CMS.getLogger().log( ILogger.EV_SYSTEM, ILogger.S_REQQUEUE,
+                 * ILogger.LL_FAILURE, "Could not run listeners for request " +
+                 * r.getRequestId() + ". Error " + e + ";" + e.getMessage());
+                 */
             }
         }
     }
 
     /**
      * Checks for available publishing connections
-     *
-     * @return true if there are available publishing connections, false otherwise
+     * 
+     * @return true if there are available publishing connections, false
+     *         otherwise
      */
     private boolean checkAvailablePublishingConnections() {
         boolean availableConnections = false;
 
         IPublisherProcessor pp = null;
-        if (mCA != null) pp = mCA.getPublisherProcessor();
+        if (mCA != null)
+            pp = mCA.getPublisherProcessor();
         if (pp != null && pp.enabled()) {
             ILdapConnModule ldapConnModule = pp.getLdapConnModule();
             if (ldapConnModule != null) {
-                ILdapConnFactory ldapConnFactory = ldapConnModule.getLdapConnFactory();
+                ILdapConnFactory ldapConnFactory = ldapConnModule
+                        .getLdapConnFactory();
                 if (ldapConnFactory != null) {
-                    CMS.debug("checkAvailablePublishingConnections  maxConn: " + ldapConnFactory.maxConn() +
-                                                               "  totalConn: " + ldapConnFactory.totalConn());
+                    CMS.debug("checkAvailablePublishingConnections  maxConn: "
+                            + ldapConnFactory.maxConn() + "  totalConn: "
+                            + ldapConnFactory.totalConn());
                     if (ldapConnFactory.maxConn() > ldapConnFactory.totalConn()) {
                         availableConnections = true;
                     }
@@ -378,8 +394,8 @@ public class ARequestNotifier implements IRequestNotifier {
                 CMS.debug("checkAvailablePublishingConnections  ldapConnModule is not accessible");
             }
         } else {
-            CMS.debug("checkAvailablePublishingConnections  PublisherProcessor is not " + 
-                      ((pp != null)?"enabled":"accessible"));
+            CMS.debug("checkAvailablePublishingConnections  PublisherProcessor is not "
+                    + ((pp != null) ? "enabled" : "accessible"));
         }
 
         return availableConnections;
@@ -387,7 +403,7 @@ public class ARequestNotifier implements IRequestNotifier {
 
     /**
      * Checks if more publishing threads can be added.
-     *
+     * 
      * @return true if more publishing threads can be added, false otherwise
      */
     private boolean morePublishingThreads() {
@@ -396,9 +412,10 @@ public class ARequestNotifier implements IRequestNotifier {
         if (mNotifierThreads.size() == 0) {
             moreThreads = true;
         } else if (mNotifierThreads.size() < mMaxThreads) {
-            CMS.debug("morePublishingThreads  ("+mRequests.size()+">"+
-                      ((mMaxRequests * mNotifierThreads.size()) / mMaxThreads)+
-                      " "+"("+mMaxRequests+"*"+mNotifierThreads.size()+"):"+mMaxThreads);
+            CMS.debug("morePublishingThreads  (" + mRequests.size() + ">"
+                    + ((mMaxRequests * mNotifierThreads.size()) / mMaxThreads)
+                    + " " + "(" + mMaxRequests + "*" + mNotifierThreads.size()
+                    + "):" + mMaxThreads);
             // gradually add new publishing threads
             if (mRequests.size() > ((mMaxRequests * mNotifierThreads.size()) / mMaxThreads)) {
                 // check for available publishing connections
@@ -412,26 +429,30 @@ public class ARequestNotifier implements IRequestNotifier {
         return moreThreads;
     }
 
-
     /**
      * Notifies all registered listeners about request.
-     *
+     * 
      * @param r request
      */
     public synchronized void addToNotify(IRequest r) {
         if (!mSearchForRequests) {
             if (mRequests.size() < mMaxRequests) {
                 mRequests.addElement(r.getRequestId().toString());
-                CMS.debug("addToNotify  extended buffer to "+mRequests.size()+"("+mMaxRequests+")"+
-                          " requests by adding request "+r.getRequestId().toString());
+                CMS.debug("addToNotify  extended buffer to " + mRequests.size()
+                        + "(" + mMaxRequests + ")"
+                        + " requests by adding request "
+                        + r.getRequestId().toString());
                 if (morePublishingThreads()) {
                     try {
-                        Thread notifierThread = new Thread(new RunListeners((IRequestNotifier)this));
+                        Thread notifierThread = new Thread(new RunListeners(
+                                (IRequestNotifier) this));
                         if (notifierThread != null) {
                             mNotifierThreads.addElement(notifierThread);
-                            CMS.debug("Number of publishing threads: " + mNotifierThreads.size());
+                            CMS.debug("Number of publishing threads: "
+                                    + mNotifierThreads.size());
                             if (mPublishingQueuePriority > 0) {
-                                notifierThread.setPriority(mPublishingQueuePriority);
+                                notifierThread
+                                        .setPriority(mPublishingQueuePriority);
                             }
                             notifierThread.start();
                         }
@@ -445,43 +466,47 @@ public class ARequestNotifier implements IRequestNotifier {
         }
     }
 
-
     /**
      * Recovers publishing queue.
-     *
+     * 
      * @param id request request
      */
     public void recoverPublishingQueue(String id) {
-        CMS.debug("recoverPublishingQueue  mRequests.size()="+mRequests.size()+"("+mMaxRequests+")"+
-                      " requests by adding request "+id);
+        CMS.debug("recoverPublishingQueue  mRequests.size()="
+                + mRequests.size() + "(" + mMaxRequests + ")"
+                + " requests by adding request " + id);
         if (mRequests.size() == 0) {
             mRequests.addElement(id);
-            CMS.debug("recoverPublishingQueue  extended buffer to "+mRequests.size()+"("+mMaxRequests+")"+
-                      " requests by adding request "+id);
+            CMS.debug("recoverPublishingQueue  extended buffer to "
+                    + mRequests.size() + "(" + mMaxRequests + ")"
+                    + " requests by adding request " + id);
             if (morePublishingThreads()) {
                 mSearchForRequests = true;
                 try {
-                    Thread notifierThread = new Thread(new RunListeners((IRequestNotifier)this));
+                    Thread notifierThread = new Thread(new RunListeners(
+                            (IRequestNotifier) this));
                     if (notifierThread != null) {
                         mNotifierThreads.addElement(notifierThread);
-                        CMS.debug("Number of publishing threads: " + mNotifierThreads.size());
+                        CMS.debug("Number of publishing threads: "
+                                + mNotifierThreads.size());
                         if (mPublishingQueuePriority > 0) {
-                            notifierThread.setPriority(mPublishingQueuePriority);
+                            notifierThread
+                                    .setPriority(mPublishingQueuePriority);
                         }
                         notifierThread.start();
                     }
                 } catch (Throwable e) {
-                    CMS.debug("recoverPublishingQueue  exception: " + e.toString());
+                    CMS.debug("recoverPublishingQueue  exception: "
+                            + e.toString());
                 }
             }
         }
     }
 }
 
-
 /**
- * The RunListeners class implements Runnable interface.
- * This class executes notification of registered listeners.
+ * The RunListeners class implements Runnable interface. This class executes
+ * notification of registered listeners.
  */
 class RunListeners implements Runnable {
     IRequest mRequest = null;
@@ -490,7 +515,7 @@ class RunListeners implements Runnable {
 
     /**
      * RunListeners class constructor.
-     *
+     * 
      * @param r request
      * @param listeners list of listeners
      */
@@ -501,7 +526,7 @@ class RunListeners implements Runnable {
 
     /**
      * RunListeners class constructor.
-     *
+     * 
      * @param r request
      * @param listeners list of listeners
      */
@@ -514,26 +539,44 @@ class RunListeners implements Runnable {
      * RunListeners thread implementation.
      */
     public void run() {
-        CMS.debug("RunListeners::"+((mRequestNotifier != null && mRequestNotifier.getNumberOfRequests() > 0)?" Queue: "+mRequestNotifier.getNumberOfRequests():" noQueue")+
-                  " "+((mRequest != null)?" SingleRequest":" noSingleRequest"));
+        CMS.debug("RunListeners::"
+                + ((mRequestNotifier != null && mRequestNotifier
+                        .getNumberOfRequests() > 0) ? " Queue: "
+                        + mRequestNotifier.getNumberOfRequests() : " noQueue")
+                + " "
+                + ((mRequest != null) ? " SingleRequest" : " noSingleRequest"));
         do {
-            if (mRequestNotifier != null) mRequest = (IRequest)mRequestNotifier.getRequest();
+            if (mRequestNotifier != null)
+                mRequest = (IRequest) mRequestNotifier.getRequest();
             if (mListeners != null && mRequest != null) {
                 while (mListeners.hasMoreElements()) {
-                    IRequestListener l = (IRequestListener) mListeners.nextElement();
-                    CMS.debug("RunListeners: IRequestListener = " + l.getClass().getName());
+                    IRequestListener l = (IRequestListener) mListeners
+                            .nextElement();
+                    CMS.debug("RunListeners: IRequestListener = "
+                            + l.getClass().getName());
                     l.accept(mRequest);
                 }
                 if (mRequestNotifier != null) {
-                    CMS.debug("RunListeners: mRequest = " + mRequest.getRequestId().toString());
-                    mRequestNotifier.updatePublishingStatus(mRequest.getRequestId().toString());
+                    CMS.debug("RunListeners: mRequest = "
+                            + mRequest.getRequestId().toString());
+                    mRequestNotifier.updatePublishingStatus(mRequest
+                            .getRequestId().toString());
                 }
             }
-            CMS.debug("RunListeners: "+((mRequestNotifier != null && mRequestNotifier.getNumberOfRequests() > 0)?" Queue: "+mRequestNotifier.getNumberOfRequests():" noQueue")+
-                      " "+((mRequest != null)?" SingleRequest":" noSingleRequest"));
-            if (mRequestNotifier != null) mListeners = mRequestNotifier.getListeners();
-        } while (mRequestNotifier != null && mRequestNotifier.getNumberOfRequests() > 0);
-
-        if (mRequestNotifier != null) mRequestNotifier.removeNotifierThread(Thread.currentThread());
+            CMS.debug("RunListeners: "
+                    + ((mRequestNotifier != null && mRequestNotifier
+                            .getNumberOfRequests() > 0) ? " Queue: "
+                            + mRequestNotifier.getNumberOfRequests()
+                            : " noQueue")
+                    + " "
+                    + ((mRequest != null) ? " SingleRequest"
+                            : " noSingleRequest"));
+            if (mRequestNotifier != null)
+                mListeners = mRequestNotifier.getListeners();
+        } while (mRequestNotifier != null
+                && mRequestNotifier.getNumberOfRequests() > 0);
+
+        if (mRequestNotifier != null)
+            mRequestNotifier.removeNotifierThread(Thread.currentThread());
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java b/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java
index c884ebbf0..1a575fb9c 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java
@@ -17,27 +17,24 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import java.io.Serializable;
 import java.util.Date;
 
-
 /**
- * The AgentApproval class contains the record of a
- * single agent approval.
- *
+ * The AgentApproval class contains the record of a single agent approval.
+ * 
  * @version $Revision$, $Date$
  */
-public class AgentApproval
-    implements Serializable {
+public class AgentApproval implements Serializable {
 
     /**
      *
      */
     private static final long serialVersionUID = -3444654917454805225L;
+
     /**
      * Returns the approving agent's user name.
-     *
+     * 
      * @return an identifier for the agent
      */
     public String getUserName() {
@@ -46,7 +43,7 @@ public class AgentApproval
 
     /**
      * Returns the date of the approval
-     *
+     * 
      * @return date and time of the approval
      */
     public Date getDate() {
@@ -55,7 +52,7 @@ public class AgentApproval
 
     /**
      * AgentApproval class constructor
-     *
+     * 
      * @param userName user name of the approving agent
      */
     AgentApproval(String userName) {
diff --git a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
index 410e3b2c3..d5beb41f6 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
@@ -17,21 +17,17 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import java.io.Serializable;
 import java.util.Date;
 import java.util.Enumeration;
 import java.util.Vector;
 
-
 /**
- * A collection of AgentApproval objects. 
- * <single-threaded>
- *
+ * A collection of AgentApproval objects. <single-threaded>
+ * 
  * @version $Revision$, $Date$
  */
-public class AgentApprovals
-    implements Serializable {
+public class AgentApprovals implements Serializable {
 
     /**
      *
@@ -41,15 +37,14 @@ public class AgentApprovals
     /**
      * Adds an approval to approval's list.
      * <p>
-     * If an approval is already present for this user,
-     * it is updated with a new date.  Otherwise a new
-     * value is  inserted.
-     *
+     * If an approval is already present for this user, it is updated with a new
+     * date. Otherwise a new value is inserted.
+     * 
      * @param userName user name of the approving agent
      */
     public void addApproval(String userName) {
         AgentApproval a = findApproval(userName);
-   
+
         // update existing approval
         if (a != null) {
             a.mDate = new Date(); /* CMS.getCurrentDate(); */
@@ -63,9 +58,8 @@ public class AgentApprovals
     /**
      * Removes an approval from approval's list.
      * <p>
-     * If there is no approval for this userName, this
-     * call does nothing.
-     *
+     * If there is no approval for this userName, this call does nothing.
+     * 
      * @param userName user name of the approving agent
      */
     public void removeApproval(String userName) {
@@ -77,7 +71,7 @@ public class AgentApprovals
 
     /**
      * Finds an existing AgentApproval for the named user.
-     *
+     * 
      * @param userName user name of the approving agent
      * @return an AgentApproval object
      */
@@ -88,7 +82,8 @@ public class AgentApprovals
         for (int i = 0; i < mVector.size(); i++) {
             a = (AgentApproval) mVector.elementAt(i);
 
-            if (a.mUserName.equals(userName)) break;
+            if (a.mUserName.equals(userName))
+                break;
         }
 
         return a;
@@ -96,7 +91,7 @@ public class AgentApprovals
 
     /**
      * Returns an enumeration of the agent approvals
-     *
+     * 
      * @return an enumeration of the agent approvals
      */
     public Enumeration elements() {
@@ -104,12 +99,11 @@ public class AgentApprovals
     }
 
     /**
-     * Returns the AgentApprovals as a Vector of strings.
-     * Each entry in the vector is of the format:
-     *     epoch;username
-     * where epoch is the date.getTime()
+     * Returns the AgentApprovals as a Vector of strings. Each entry in the
+     * vector is of the format: epoch;username where epoch is the date.getTime()
      * <p>
      * This is used for serialization in Request.setExtData().
+     * 
      * @return The string vector.
      */
     public Vector toStringVector() {
@@ -123,8 +117,9 @@ public class AgentApprovals
     }
 
     /**
-     * Recreates an AgentApprovals instance from a Vector of strings that
-     * was created by toStringVector().
+     * Recreates an AgentApprovals instance from a Vector of strings that was
+     * created by toStringVector().
+     * 
      * @param stringVector The vector of strings to translate
      * @return the AgentApprovals instance or null if it can't be translated.
      */
@@ -135,7 +130,7 @@ public class AgentApprovals
         AgentApprovals approvals = new AgentApprovals();
         for (int i = 0; i < stringVector.size(); i++) {
             try {
-                String approvalString = (String)stringVector.get(i);
+                String approvalString = (String) stringVector.get(i);
                 String[] parts = approvalString.split(";", 2);
                 if (parts.length != 2) {
                     return null;
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java b/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
index e7036d1ec..6cd0246ee 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
@@ -17,15 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
- * An example of a more specialized request interface.
- * This version (currently) doesn't supply any additional
- * data, but is implementated only for testing and
+ * An example of a more specialized request interface. This version (currently)
+ * doesn't supply any additional data, but is implementated only for testing and
  * demonstration purposes.
- *
+ * 
  * @version $Revision$, $Date$
  */
-public interface IEnrollmentRequest
-    extends IRequest {
+public interface IEnrollmentRequest extends IRequest {
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/INotify.java b/pki/base/common/src/com/netscape/certsrv/request/INotify.java
index d4ff15b7c..636eba7b2 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/INotify.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/INotify.java
@@ -17,24 +17,22 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
- * The INotify interface defines operations that are invoked
- * when a request is completely processed.  A class implementing
- * this interface may be registered with a IRequestQueue.
- * The interface will be invoked when a request is completely
- * serviced by the IService object.
- *
+ * The INotify interface defines operations that are invoked when a request is
+ * completely processed. A class implementing this interface may be registered
+ * with a IRequestQueue. The interface will be invoked when a request is
+ * completely serviced by the IService object.
+ * 
  * @version $Revision$ $Date$
  */
 public interface INotify {
 
     /**
-     * Provides notification that a request has been completed.
-     * The implementation may use values stored in the IRequest
-     * object, and may implement any type publishing (such as email
-     * or writing values into a directory)
-     *
+     * Provides notification that a request has been completed. The
+     * implementation may use values stored in the IRequest object, and may
+     * implement any type publishing (such as email or writing values into a
+     * directory)
+     * 
      * @param request the request that is completed.
      */
     public void notify(IRequest request);
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
index d74a32a43..06262fee3 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
@@ -17,37 +17,32 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
- * Interface to a policy.  The policy evaluates the request for
- * correctness and completeness.  It may change or add to values
- * stored in the request.  The policy object also decides
- * whether a request should be queue to await approval by
- * an agent.
- * FUTURE:   In this case, the policy should set the
- * 'agentGroup' entry in the request to indicate the group
- * of agents allowed to perform further processing.  If none
- * is set, a default value ("defaultAgentGroup") will be
- * set instead.
- *
+ * Interface to a policy. The policy evaluates the request for correctness and
+ * completeness. It may change or add to values stored in the request. The
+ * policy object also decides whether a request should be queue to await
+ * approval by an agent. FUTURE: In this case, the policy should set the
+ * 'agentGroup' entry in the request to indicate the group of agents allowed to
+ * perform further processing. If none is set, a default value
+ * ("defaultAgentGroup") will be set instead.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IPolicy {
 
     /**
-     * Applies the policy check to the request.  The policy should
-     * determine whether the request can be processed immediately,
-     * or should be held pending manual approval.
+     * Applies the policy check to the request. The policy should determine
+     * whether the request can be processed immediately, or should be held
+     * pending manual approval.
      * <p>
-     * The policy can update fields in the request, to add additional values
-     * or to restrict the values to pre-determined ranges.
+     * The policy can update fields in the request, to add additional values or
+     * to restrict the values to pre-determined ranges.
      * <p>
-     * @param request
-     *   the request to check
-     * @return
-     *   a result code indicating the result of the evaluation.  The
-     *   processor will determine the next request processing step based
-     *   on this value
+     * 
+     * @param request the request to check
+     * @return a result code indicating the result of the evaluation. The
+     *         processor will determine the next request processing step based
+     *         on this value
      */
     PolicyResult apply(IRequest request);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
index c509e2966..a4c2c5a03 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 //import java.io.Serializable;
 
 import java.math.BigInteger;
@@ -36,10 +35,9 @@ import netscape.security.x509.X509CertInfo;
 import com.netscape.certsrv.authentication.IAuthToken;
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
  * An interface that defines abilities of request objects,
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequest {
@@ -77,18 +75,19 @@ public interface IRequest {
     public static final String REQUESTOR_EMAIL = "csrRequestorEmail";
     public static final String REQUESTOR_COMMENTS = "csrRequestorComments";
 
-    // request attributes for all 
+    // request attributes for all
     public static final String AUTH_TOKEN = "AUTH_TOKEN";
     public static final String HTTP_PARAMS = "HTTP_PARAMS";
     public static final String HTTP_HEADERS = "HTTP_HEADERS";
     // Params added by agents on agent approval page
     public static final String AGENT_PARAMS = "AGENT_PARAMS";
     // server attributes: attributes generated by server modules.
-    public static final String SERVER_ATTRS = "SERVER_ATTRS"; 
+    public static final String SERVER_ATTRS = "SERVER_ATTRS";
 
-    public static final String  RESULT = "Result";  // service result.
-    public static final Integer RES_SUCCESS = Integer.valueOf(1);  // result value
-    public static final Integer RES_ERROR = Integer.valueOf(2);	// result value
+    public static final String RESULT = "Result"; // service result.
+    public static final Integer RES_SUCCESS = Integer.valueOf(1); // result
+                                                                  // value
+    public static final Integer RES_ERROR = Integer.valueOf(2); // result value
     public static final String REMOTE_SERVICE_AUTHORITY = "RemServiceAuthority";
     public static final String SVCERRORS = "serviceErrors";
     public static final String REMOTE_STATUS = "remoteStatus";
@@ -110,11 +109,10 @@ public interface IRequest {
     // also used for renewal
     public static final String CERT_INFO = "CERT_INFO";
     public static final String ISSUED_CERTS = "issuedCerts";
-    public static final String 
-        REQUEST_TRUSTEDMGR_PRIVILEGE = "requestTrustedManagerPrivilege";
+    public static final String REQUEST_TRUSTEDMGR_PRIVILEGE = "requestTrustedManagerPrivilege";
     public static final String FINGERPRINTS = "fingerprints";
-						
-    // enrollment request values 
+
+    // enrollment request values
     public static final String SERVER_CERT = "server";
     public static final String CLIENT_CERT = "client";
     public static final String CA_CERT = "ca";
@@ -124,7 +122,7 @@ public interface IRequest {
     public static final String OTHER_CERT = "other";
     public static final String ROUTER_CERT = "router"; // deprecated
     public static final String CEP_CERT = "CEP-Request";
-	
+
     // renewal request attributes. (internally set)
     // also used for revocation
     public static final String OLD_CERTS = "OLD_CERTS";
@@ -143,13 +141,13 @@ public interface IRequest {
     public final static String CRL_PUBLISH_ERROR = "crlPublishError";
     public static final String REQUESTOR_TYPE = "requestorType";
 
-	// Netkey request attributes
+    // Netkey request attributes
     public final static String NETKEY_ATTR_CUID = "CUID";
     public final static String NETKEY_ATTR_USERID = "USERID";
     public final static String NETKEY_ATTR_DRMTRANS_DES_KEY = "drm_trans_desKey";
-    public final static String NETKEY_ATTR_ARCHIVE_FLAG ="archive";
-    public final static String NETKEY_ATTR_SERVERSIDE_MUSCLE_FLAG ="serverSideMuscle";
-    public final static String NETKEY_ATTR_ENC_PRIVKEY_FLAG ="encryptPrivKey";
+    public final static String NETKEY_ATTR_ARCHIVE_FLAG = "archive";
+    public final static String NETKEY_ATTR_SERVERSIDE_MUSCLE_FLAG = "serverSideMuscle";
+    public final static String NETKEY_ATTR_ENC_PRIVKEY_FLAG = "encryptPrivKey";
     public final static String NETKEY_ATTR_USER_CERT = "cert";
     public final static String NETKEY_ATTR_KEY_SIZE = "keysize";
 
@@ -160,7 +158,7 @@ public interface IRequest {
     public static final String REQUESTOR_KRA = "KRA";
     public static final String REQUESTOR_AGENT = "Agent";
 
-    // others  (internally set)
+    // others (internally set)
     public final static String CACERTCHAIN = "CACertChain";
     public final static String CRL = "CRL";
     public final static String DOGETCACHAIN = "doGetCAChain";
@@ -174,90 +172,87 @@ public interface IRequest {
 
     /**
      * Gets the primary identifier for this request.
-     *
+     * 
      * @return request id
      */
     RequestId getRequestId();
 
     /**
      * Gets the current state of this request.
-     *
+     * 
      * @return request status
      */
     RequestStatus getRequestStatus();
 
     /**
-     * Gets the "sourceId" for the request.  The sourceId is
-     * assigned by the originator of the request (for example,
-     * the EE servlet or the RA servlet.
+     * Gets the "sourceId" for the request. The sourceId is assigned by the
+     * originator of the request (for example, the EE servlet or the RA servlet.
      * <p>
-     * The sourceId should be unique so that it can be used
-     * to retrieve request later without knowing the locally
-     * assigned primary id (RequestID)
+     * The sourceId should be unique so that it can be used to retrieve request
+     * later without knowing the locally assigned primary id (RequestID)
      * <p>
-     * @return
-     *    the sourceId value (or null if none has been set)
+     * 
+     * @return the sourceId value (or null if none has been set)
      */
     public String getSourceId();
 
     /**
-     * Sets the "sourceId" for this request.  The request must be updated
-     * in the database for this change to take effect.  This can be done
-     * by calling IRequestQueue.update() or by performing one of the
-     * other operations like processRequest or approveRequest.
-     *
+     * Sets the "sourceId" for this request. The request must be updated in the
+     * database for this change to take effect. This can be done by calling
+     * IRequestQueue.update() or by performing one of the other operations like
+     * processRequest or approveRequest.
+     * 
      * @param id source id for this request
      */
     public void setSourceId(String id);
 
     /**
      * Gets the current owner of this request.
-     *
+     * 
      * @return request owner
      */
     public String getRequestOwner();
 
     /**
      * Sets the current owner of this request.
-     *
-     * @param owner
-     *    The new owner of this request. If this value is set to null
-     *    there will be no current owner
+     * 
+     * @param owner The new owner of this request. If this value is set to null
+     *            there will be no current owner
      */
     public void setRequestOwner(String owner);
 
     /**
      * Gets the type of this request.
-     *
+     * 
      * @return request type
      */
     public String getRequestType();
 
     /**
      * Sets the type or this request.
-     *
+     * 
      * @param type request type
      */
     public void setRequestType(String type);
 
     /**
      * Gets the version of this request.
-     *
+     * 
      * @return request version
      */
     public String getRequestVersion();
 
     /**
      * Gets the time this request was created.
-     *
+     * 
      * @return request creation time
      */
     Date getCreationTime();
 
     /**
-     * Gets the time this request was last modified (defined
-	 * as updated in the queue)  (See IRequestQueue.update)
-     *
+     * Gets the time this request was last modified (defined as updated in the
+     * queue) (See IRequestQueue.update)
+     * 
      * @return request last modification time
      */
     Date getModificationTime();
@@ -278,83 +273,81 @@ public interface IRequest {
     public static final String ERROR = "Error";
 
     /**
-     * Copies meta attributes (excluding request Id, etc.) of another request 
-     * to this request.
-	 *
+     * Copies meta attributes (excluding request Id, etc.) of another request to
+     * this request.
+     * 
      * @param req another request
      */
     public void copyContents(IRequest req);
 
     /**
      * Gets context of this request.
-	 *
+     * 
      * @return request context
      */
     public String getContext();
 
     /**
      * Sets context of this request.
-	 *
+     * 
      * @param ctx request context
      */
     public void setContext(String ctx);
 
     /**
      * Sets status of this request.
-	 *
+     * 
      * @param s request status
      */
     public void setRequestStatus(RequestStatus s);
 
     /**
      * Gets status of connector transfer.
-	 *
+     * 
      * @return status of connector transfer
      */
     public boolean isSuccess();
 
     /**
      * Gets localized error message from connector transfer.
-	 *
+     * 
      * @param locale request locale
      * @return error message from connector transfer
      */
     public String getError(Locale locale);
 
-
     /**************************************************************
      * ExtData data methods:
-     *
-     * These methods should be used in place of the mAttrData methods
-     * deprecated above.
-     *
-     * These methods all store Strings in LDAP.  This means they can no longer
-     * be used as a garbage dump for all sorts of objects.  A limited number
-     * of helper methods are provided for Vectors/Arrays/Hashtables but the
-     * keys and values for all of these should be Strings.
-     *
-     * The keys are used in the LDAP attribute names, and so much obey LDAP
-     * key syntax rules: A-Za-z0-9 and hyphen.
-     */
-
-    /**
-     * Sets an Extended Data string-key string-value pair.
-     * All keys are lower cased because LDAP does not preserve case.
-     *
-     * @param key  The extended data key
+     * 
+     * These methods should be used in place of the mAttrData methods deprecated
+     * above.
+     * 
+     * These methods all store Strings in LDAP. This means they can no longer be
+     * used as a garbage dump for all sorts of objects. A limited number of
+     * helper methods are provided for Vectors/Arrays/Hashtables but the keys
+     * and values for all of these should be Strings.
+     * 
+     * The keys are used in the LDAP attribute names, and so much obey LDAP key
+     * syntax rules: A-Za-z0-9 and hyphen.
+     */
+
+    /**
+     * Sets an Extended Data string-key string-value pair. All keys are lower
+     * cased because LDAP does not preserve case.
+     * 
+     * @param key The extended data key
      * @param value The extended data value
      * @return false if key is invalid.
      */
     public boolean setExtData(String key, String value);
 
     /**
-     * Sets an Extended Data string-key string-value pair.
-     * The key and hashtable keys are all lowercased because LDAP does not
-     * preserve case.
-     *
-     * @param key  The extended data key
-     * @param value The extended data value
-     * the Hashtable contains an illegal key.
+     * Sets an Extended Data string-key string-value pair. The key and hashtable
+     * keys are all lowercased because LDAP does not preserve case.
+     * 
+     * @param key The extended data key
+     * @param value The extended data value the Hashtable contains an illegal
+     *            key.
      * @return false if the key or hashtable keys are invalid
      */
     public boolean setExtData(String key, Hashtable value);
@@ -362,64 +355,69 @@ public interface IRequest {
     /**
      * Checks whether the key is storing a simple String value, or a complex
      * (Vector/hashtable) structure.
-     * @param key  The key to check for.
-     * @return True if the key maps to a string.  False if it maps to a
+     * 
+     * @param key The key to check for.
+     * @return True if the key maps to a string. False if it maps to a
      *         hashtable.
      */
     public boolean isSimpleExtDataValue(String key);
 
     /**
-     * Returns the String value stored for the String key.  Returns null
-     * if not found.  Throws exception if key stores a complex data structure
+     * Returns the String value stored for the String key. Returns null if not
+     * found. Throws exception if key stores a complex data structure
      * (Vector/Hashtable).
-     * @param key  The key to lookup (case-insensitive)
-     * @return  The value associated with the key. null if not found or if the
-     *          key is associated with a non-string value.
+     * 
+     * @param key The key to lookup (case-insensitive)
+     * @return The value associated with the key. null if not found or if the
+     *         key is associated with a non-string value.
      */
     public String getExtDataInString(String key);
 
     /**
-     * Returns the Hashtable value for the String key.  Returns null if not
-     * found.  Throws exception if the key stores a String value.
-     *
+     * Returns the Hashtable value for the String key. Returns null if not
+     * found. Throws exception if the key stores a String value.
+     * 
      * The Hashtable returned is actually a subclass of Hashtable that
-     * lowercases all keys used to access the hashtable.  Its purpose is to
-     * to make lookups seemless, but be aware it is not a normal hashtable and
+     * lowercases all keys used to access the hashtable. Its purpose is to to
+     * make lookups seemless, but be aware it is not a normal hashtable and
      * might behave strangely in some cases (e.g., iterating keys)
-     *
-     * @param key  The key to lookup (case-insensitive)
-     * @return The hashtable value associated with the key.  null if not found
-     *         or if the key is associated with a string-value.
+     * 
+     * @param key The key to lookup (case-insensitive)
+     * @return The hashtable value associated with the key. null if not found or
+     *         if the key is associated with a string-value.
      */
     public Hashtable getExtDataInHashtable(String key);
 
     /**
      * Returns all the keys stored in ExtData
+     * 
      * @return Enumeration of all the keys.
      */
     public Enumeration getExtDataKeys();
 
     /**
-     * Stores an array of Strings in ExtData.
-     * The indices of the array are used as subkeys.
-     * @param key    the ExtData key
-     * @param values  the array of string values to store
+     * Stores an array of Strings in ExtData. The indices of the array are used
+     * as subkeys.
+     * 
+     * @param key the ExtData key
+     * @param values the array of string values to store
      * @return False if the key is invalid
      */
     public boolean setExtData(String key, String[] values);
 
     /**
-     * Retrieves an array of Strings stored with the key.
-     * This only works if the data was stored as an array.  If the data
-     * is not correct, this method will return null.
-     * @param key  The ExtData key
-     * @return  The value.  Null if not found or the data isn't an array.
+     * Retrieves an array of Strings stored with the key. This only works if the
+     * data was stored as an array. If the data is not correct, this method will
+     * return null.
+     * 
+     * @param key The ExtData key
+     * @return The value. Null if not found or the data isn't an array.
      */
     public String[] getExtDataInStringArray(String key);
 
     /**
      * Removes the value of an extdata attribute.
-     *
+     * 
      * @param type key to delete
      */
     void deleteExtData(String type);
@@ -429,297 +427,318 @@ public interface IRequest {
      ****************************/
 
     /**
-     * Helper method to add subkey/value pair to a ExtData hashtable.
-     * If the hashtable it exists, the subkey/value are added to it.  Otherwise
-     * a new hashtable is created.
-     *
+     * Helper method to add subkey/value pair to a ExtData hashtable. If the
+     * hashtable it exists, the subkey/value are added to it. Otherwise a new
+     * hashtable is created.
+     * 
      * The key and subkey are lowercased because LDAP does not preserve case.
-     *
-     * @param key    The top level key
+     * 
+     * @param key The top level key
      * @param subkey The hashtable data key
-     * @param value  The hashtable value
+     * @param value The hashtable value
      * @return False if the key or subkey are invalid
      */
     public boolean setExtData(String key, String subkey, String value);
 
     /**
      * Helper method to retrieve an individual value from a Hashtable value.
-     * @param key     the ExtData key
-     * @param subkey  the key in the Hashtable value (case insensitive)
+     * 
+     * @param key the ExtData key
+     * @param subkey the key in the Hashtable value (case insensitive)
      * @return the value corresponding to the key/subkey
      */
     public String getExtDataInString(String key, String subkey);
 
     /**
-     * Helper method to store an Integer value.  It converts the integer value
-     * to a String and stores it.
-     *
-     * @param key  the ExtData key
-     * @param value  the Integer to store (as a String)
+     * Helper method to store an Integer value. It converts the integer value to
+     * a String and stores it.
+     * 
+     * @param key the ExtData key
+     * @param value the Integer to store (as a String)
      * @return False if the key or value are invalid
      */
     public boolean setExtData(String key, Integer value);
 
     /**
-     * Retrieves an integer value.  Returns null if not found or
-     * the value can't be represented as an Integer.
-     *
-     * @param key  The ExtData key to lookup
-     * @return  The integer value or null if not possible.
+     * Retrieves an integer value. Returns null if not found or the value can't
+     * be represented as an Integer.
+     * 
+     * @param key The ExtData key to lookup
+     * @return The integer value or null if not possible.
      */
     public Integer getExtDataInInteger(String key);
 
     /**
      * Stores an array of Integers
-     * @param key    The extdata key
-     * @param values  The array of Integers to store
-     * @return  false if the key is invalid
+     * 
+     * @param key The extdata key
+     * @param values The array of Integers to store
+     * @return false if the key is invalid
      */
     public boolean setExtData(String key, Integer[] values);
 
     /**
      * Retrieves an array of Integers
-     * @param key  The extdata key
+     * 
+     * @param key The extdata key
      * @return The array of Integers or null on error.
      */
     public Integer[] getExtDataInIntegerArray(String key);
 
     /**
-     * Helper method to store a BigInteger value.  It converts the integer value
+     * Helper method to store a BigInteger value. It converts the integer value
      * to a String and stores it.
-     *
-     * @param key  the ExtData key
-     * @param value  the BigInteger to store (as a String)
+     * 
+     * @param key the ExtData key
+     * @param value the BigInteger to store (as a String)
      * @return False if the key or value are invalid
      */
     public boolean setExtData(String key, BigInteger value);
 
     /**
-     * Retrieves a BigInteger value.  Returns null if not found or
-     * the value can't be represented as a BigInteger.
-     *
-     * @param key  The ExtData key to lookup
-     * @return  The integer value or null if not possible.
+     * Retrieves a BigInteger value. Returns null if not found or the value
+     * can't be represented as a BigInteger.
+     * 
+     * @param key The ExtData key to lookup
+     * @return The integer value or null if not possible.
      */
     public BigInteger getExtDataInBigInteger(String key);
 
     /**
      * Stores an array of BigIntegers
-     * @param key    The extdata key
-     * @param values  The array of BigIntegers to store
-     * @return  false if the key is invalid
+     * 
+     * @param key The extdata key
+     * @param values The array of BigIntegers to store
+     * @return false if the key is invalid
      */
     public boolean setExtData(String key, BigInteger[] values);
 
     /**
      * Retrieves an array of BigIntegers
-     * @param key  The extdata key
+     * 
+     * @param key The extdata key
      * @return The array of BigIntegers or null on error.
      */
     public BigInteger[] getExtDataInBigIntegerArray(String key);
 
     /**
-     * Helper method to store an exception.
-     * It actually stores the e.toString() value.
-     *
-     * @param key  The ExtData key to store under
-     * @param e    The throwable to store
-     * @return  False if the key is invalid.
+     * Helper method to store an exception. It actually stores the e.toString()
+     * value.
+     * 
+     * @param key The ExtData key to store under
+     * @param e The throwable to store
+     * @return False if the key is invalid.
      */
     public boolean setExtData(String key, Throwable e);
 
     /**
      * Stores a byte array as base64 encoded text
-     * @param key  The ExtData key
-     * @param data  The byte array to store
-     * @return  False if the key is invalid.
+     * 
+     * @param key The ExtData key
+     * @param data The byte array to store
+     * @return False if the key is invalid.
      */
     public boolean setExtData(String key, byte[] data);
 
     /**
      * Retrieves the data, which should be base64 encoded as a byte array.
-     * @param key  The ExtData key
-     * @return  The data, or null if an error occurs.
+     * 
+     * @param key The ExtData key
+     * @return The data, or null if an error occurs.
      */
     public byte[] getExtDataInByteArray(String key);
 
     /**
      * Stores a X509CertImpl as base64 encoded text using the getEncode()
      * method.
-     * @param key  The ExtData key
-     * @param data  certificate
-     * @return  False if the key is invalid.
+     * 
+     * @param key The ExtData key
+     * @param data certificate
+     * @return False if the key is invalid.
      */
     public boolean setExtData(String key, X509CertImpl data);
 
     /**
      * Retrieves the data, which should be base64 encoded as a byte array.
-     * @param key  The ExtData key
-     * @return  The data, or null if an error occurs.
+     * 
+     * @param key The ExtData key
+     * @return The data, or null if an error occurs.
      */
     public X509CertImpl getExtDataInCert(String key);
 
     /**
      * Stores an array of X509CertImpls as a base64 encoded text.
+     * 
      * @param key The ExtData key
-     * @param data  The array of certs to store
+     * @param data The array of certs to store
      * @return False if the key or data is invalid.
      */
     public boolean setExtData(String key, X509CertImpl[] data);
 
     /**
      * Retrieves an array of X509CertImpl.
-     * @param key  The ExtData key
-     * @return  Array of certs, or null if not found or invalid data.
+     * 
+     * @param key The ExtData key
+     * @return Array of certs, or null if not found or invalid data.
      */
     public X509CertImpl[] getExtDataInCertArray(String key);
 
     /**
      * Stores a X509CertInfo as base64 encoded text using the getEncodedInfo()
      * method.
-     * @param key  The ExtData key
-     * @param data  certificate
-     * @return  False if the key is invalid.
+     * 
+     * @param key The ExtData key
+     * @param data certificate
+     * @return False if the key is invalid.
      */
     public boolean setExtData(String key, X509CertInfo data);
 
     /**
      * Retrieves the data, which should be base64 encoded as a byte array.
-     * @param key  The ExtData key
-     * @return  The data, or null if an error occurs.
+     * 
+     * @param key The ExtData key
+     * @return The data, or null if an error occurs.
      */
     public X509CertInfo getExtDataInCertInfo(String key);
 
     /**
      * Stores an array of X509CertInfos as a base64 encoded text.
+     * 
      * @param key The ExtData key
-     * @param data  The array of cert infos to store
+     * @param data The array of cert infos to store
      * @return False if the key or data is invalid.
      */
     public boolean setExtData(String key, X509CertInfo[] data);
 
     /**
      * Retrieves an array of X509CertInfo.
-     * @param key  The ExtData key
-     * @return  Array of cert infos, or null if not found or invalid data.
+     * 
+     * @param key The ExtData key
+     * @return Array of cert infos, or null if not found or invalid data.
      */
     public X509CertInfo[] getExtDataInCertInfoArray(String key);
 
     /**
      * Stores an array of RevokedCertImpls as a base64 encoded text.
+     * 
      * @param key The ExtData key
-     * @param data  The array of cert infos to store
+     * @param data The array of cert infos to store
      * @return False if the key or data is invalid.
      */
     public boolean setExtData(String key, RevokedCertImpl[] data);
 
     /**
      * Retrieves an array of RevokedCertImpl.
-     * @param key  The ExtData key
-     * @return  Array of cert infos, or null if not found or invalid data.
+     * 
+     * @param key The ExtData key
+     * @return Array of cert infos, or null if not found or invalid data.
      */
     public RevokedCertImpl[] getExtDataInRevokedCertArray(String key);
 
     /**
-     * Stores the contents of the String Vector in ExtData.
-     * TODO - as soon as we're allowed to use JDK5 this should be changed
-     * to use Vector<String> data.
-     *
+     * Stores the contents of the String Vector in ExtData. TODO - as soon as
+     * we're allowed to use JDK5 this should be changed to use Vector<String>
+     * data.
+     * 
      * Note that modifications to the Vector are not automatically reflected
-     * after it is stored.  You must call set() again to make the changes.
-     *
-     * @param key  The extdata key to store
+     * after it is stored. You must call set() again to make the changes.
+     * 
+     * @param key The extdata key to store
      * @param data A vector of Strings to store
-     * @return  False on key error or invalid data.
+     * @return False on key error or invalid data.
      */
     public boolean setExtData(String key, Vector data);
 
     /**
-     * Returns a vector of strings for the key.
-     * Note that the returned vector, if modified, does not make changes
-     * in ExtData.  You must call setExtData() to propogate changes back
-     * into ExtData.
-     *
-     * @param key  The extdata key
-     * @return  A Vector of strings, or null on error.
+     * Returns a vector of strings for the key. Note that the returned vector,
+     * if modified, does not make changes in ExtData. You must call setExtData()
+     * to propogate changes back into ExtData.
+     * 
+     * @param key The extdata key
+     * @return A Vector of strings, or null on error.
      */
     public Vector getExtDataInStringVector(String key);
 
     /**
-     * Gets boolean value for given type or default value
-	 * if attribute is absent.
-	 *
+     * Gets boolean value for given type or default value if attribute is
+     * absent.
+     * 
      * @param type attribute type
      * @param defVal default attribute value
      * @return attribute value
      */
     boolean getExtDataInBoolean(String type, boolean defVal);
 
-
     /**
-     * Gets extdata boolean value for given type or default value
-	 * if attribute is absent for this request with this prefix.
-	 *
+     * Gets extdata boolean value for given type or default value if attribute
+     * is absent for this request with this prefix.
+     * 
      * @param prefix request prefix
      * @param type attribute type
      * @param defVal default attribute value
      * @return attribute value
      */
-    public boolean getExtDataInBoolean(String prefix, String type, boolean defVal);
-
+    public boolean getExtDataInBoolean(String prefix, String type,
+            boolean defVal);
 
     /**
      * Stores an AuthToken the same as a Hashtable.
+     * 
      * @param key The ExtData key
-     * @param data  The authtoken to store
+     * @param data The authtoken to store
      * @return False if the key or data is invalid.
      */
     public boolean setExtData(String key, IAuthToken data);
 
     /**
      * Retrieves an authtoken.
-     * @param key  The ExtData key
-     * @return  AuthToken, or null if not found or invalid data.
+     * 
+     * @param key The ExtData key
+     * @return AuthToken, or null if not found or invalid data.
      */
     public IAuthToken getExtDataInAuthToken(String key);
 
     /**
      * Stores a CertificateExtensions in extdata.
+     * 
      * @param key The ExtData key
-     * @param data  The CertificateExtensions to store
+     * @param data The CertificateExtensions to store
      * @return False if the key or data is invalid.
      */
     public boolean setExtData(String key, CertificateExtensions data);
 
     /**
      * Retrieves the CertificateExtensions associated with the key.
-     * @param key  The ExtData key
-     * @return  the object, or null if not found or invalid data.
+     * 
+     * @param key The ExtData key
+     * @return the object, or null if not found or invalid data.
      */
     public CertificateExtensions getExtDataInCertExts(String key);
 
     /**
      * Stores a CertificateSubjectName in extdata.
+     * 
      * @param key The ExtData key
-     * @param data  The CertificateSubjectName to store
+     * @param data The CertificateSubjectName to store
      * @return False if the key or data is invalid.
      */
     public boolean setExtData(String key, CertificateSubjectName data);
 
     /**
      * Retrieves the CertificateSubjectName associated with the key.
-     * @param key  The ExtData key
-     * @return  the object, or null if not found or invalid data.
+     * 
+     * @param key The ExtData key
+     * @return the object, or null if not found or invalid data.
      */
     public CertificateSubjectName getExtDataInCertSubjectName(String key);
 
     /**
-     * This method returns an IAttrSet wrapper for the IRequest.
-     * Use of this method is strongly discouraged.  It provides extremely
-     * limited functionality, and is only provided for the two places IRequest
-     * is being used as such in the code.  If you are considering using this
-     * method, please don't.
-     *
+     * This method returns an IAttrSet wrapper for the IRequest. Use of this
+     * method is strongly discouraged. It provides extremely limited
+     * functionality, and is only provided for the two places IRequest is being
+     * used as such in the code. If you are considering using this method,
+     * please don't.
+     * 
      * @return IAttrSet wrapper with basic "get" functionality.
      * @deprecated
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java
index a01ceb8cd..0093d2006 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java
@@ -17,41 +17,38 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import java.util.Enumeration;
 
-
 /**
- * An interface providing a list of RequestIds that match
- * some criteria.  It could be a list of all elements in a
- * queue, or just some defined sub-set.
- *
+ * An interface providing a list of RequestIds that match some criteria. It
+ * could be a list of all elements in a queue, or just some defined sub-set.
+ * 
  * @version $Revision$, $Date$
  */
-public interface IRequestList
-    extends Enumeration {
+public interface IRequestList extends Enumeration {
 
     /**
-     * Gets the next RequestId from this list.  null is
-	 * returned when there are no more elements in the list.
-	 * <p>
-	 * Callers should be sure there is another element in the
-	 * list by calling hasMoreElements first.
+     * Gets the next RequestId from this list. null is returned when there are
+     * no more elements in the list.
+     * <p>
+     * Callers should be sure there is another element in the list by calling
+     * hasMoreElements first.
      * <p>
+     * 
      * @return next request id
      */
     RequestId nextRequestId();
 
     /**
      * Gets next request from the list.
-     *
+     * 
      * @return next request
      */
     public Object nextRequest();
 
     /**
      * Gets next request Object from the list.
-     *
+     * 
      * @return next request
      */
     public IRequest nextRequestObject();
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java
index a98cd747e..382ffc312 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java
@@ -17,23 +17,21 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
  * An interface that defines abilities of request listener,
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequestListener {
 
     /**
-     * Initializes request listener for the specific subsystem
-	 * and configuration store.
-	 *
+     * Initializes request listener for the specific subsystem and configuration
+     * store.
+     * 
      * @param sub subsystem
      * @param config configuration store
      */
@@ -41,14 +39,14 @@ public interface IRequestListener {
 
     /**
      * Accepts request.
-	 *
+     * 
      * @param request request
      */
-    public void accept(IRequest request); 
+    public void accept(IRequest request);
 
     /**
      * Sets attribute.
-	 *
+     * 
      * @param name attribute name
      * @param val attribute value
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
index 01527b672..0c01ab598 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
@@ -17,27 +17,25 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import java.util.Enumeration;
 
-
 /**
  * IRequestNotifier interface defines methods to register listeners,
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequestNotifier extends INotify {
 
     /**
      * Registers a request listener.
-     *
+     * 
      * @param listener listener to be registered
      */
     public void registerListener(IRequestListener listener);
 
     /**
      * Registers a request listener.
-     *
+     * 
      * @param name listener name
      * @param listener listener to be registered
      */
@@ -45,28 +43,28 @@ public interface IRequestNotifier extends INotify {
 
     /**
      * Removes listener from the list of registered listeners.
-     *
+     * 
      * @param listener listener to be removed from the list
      */
     public void removeListener(IRequestListener listener);
 
     /**
      * Removes listener from the list of registered listeners.
-     *
+     * 
      * @param name listener name to be removed from the list
      */
     public void removeListener(String name);
 
     /**
      * Gets list of listener names.
-     *
+     * 
      * @return enumeration of listener names
      */
     public Enumeration getListenerNames();
 
     /**
      * Gets listener from the list of registered listeners.
-     *
+     * 
      * @param name listener name
      * @return listener
      */
@@ -74,59 +72,57 @@ public interface IRequestNotifier extends INotify {
 
     /**
      * Gets list of listeners.
-     *
+     * 
      * @return enumeration of listeners
      */
     public Enumeration getListeners();
 
     /**
      * Gets request from publishing queue.
-     *
+     * 
      * @return request
      */
     public IRequest getRequest();
 
     /**
      * Gets number of requests in publishing queue.
-     *
+     * 
      * @return number of requests in publishing queue
      */
     public int getNumberOfRequests();
 
     /**
      * Checks if publishing queue is enabled.
-     *
+     * 
      * @return true if publishing queue is enabled, false otherwise
      */
     public boolean isPublishingQueueEnabled();
 
     /**
      * Removes a notifier thread from the pool of publishing queue threads.
-     *
+     * 
      * @param notifierThread Thread
      */
     public void removeNotifierThread(Thread notifierThread);
 
     /**
      * Notifies all registered listeners about request.
-     *
+     * 
      * @param r request
      */
     public void addToNotify(IRequest r);
 
     /**
      * Sets publishing queue parameters.
-     *
+     * 
      * @param isPublishingQueueEnabled publishing queue switch
      * @param publishingQueuePriorityLevel publishing queue priority level
      * @param maxNumberOfPublishingThreads maximum number of publishing threads
      * @param publishingQueuePageSize publishing queue page size
      */
-    public void setPublishingQueue (boolean isPublishingQueueEnabled,
-                                    int publishingQueuePriorityLevel,
-                                    int maxNumberOfPublishingThreads,
-                                    int publishingQueuePageSize,
-                                    int savePublishingStatus);
+    public void setPublishingQueue(boolean isPublishingQueueEnabled,
+            int publishingQueuePriorityLevel, int maxNumberOfPublishingThreads,
+            int publishingQueuePageSize, int savePublishingStatus);
 
     public void updatePublishingStatus(String id);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
index 468336b4f..fe1f96eb7 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
@@ -22,242 +22,212 @@ import java.math.BigInteger;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.repository.IRepository;
 
-
 /**
- * The IRequestQueue interface defines the operations on
- * a collection of requests within the certificate server.
- * There are may several collections, such as KRA, RA and CA
- * requests.  Each of these request collection has a defined
- * set of policies, a notification service (for request
- * completion) and a service routine.  The request queue
- * provides an interface for creating and viewing requests,
- * as well as performing operations on them.
+ * The IRequestQueue interface defines the operations on a collection of
+ * requests within the certificate server. There are may several collections,
+ * such as KRA, RA and CA requests. Each of these request collection has a
+ * defined set of policies, a notification service (for request completion) and
+ * a service routine. The request queue provides an interface for creating and
+ * viewing requests, as well as performing operations on them.
  * <p>
+ * 
  * @version $Revision$ $Date$
  */
 public interface IRequestQueue {
 
     /**
-     * Creates a new request object.  A request id is
-     * assigned to it - see IRequest.getRequestId, and
-     * the status is set to RequestStatus.BEGIN
+     * Creates a new request object. A request id is assigned to it - see
+     * IRequest.getRequestId, and the status is set to RequestStatus.BEGIN
      * <p>
-     * The request is LOCKED.  The caller MUST release the
-     * request object by calling releaseRequest().
+     * The request is LOCKED. The caller MUST release the request object by
+     * calling releaseRequest().
      * <p>
-     * TODO: provide other required values (such as type
-     *  and sourceId)
-     *
+     * TODO: provide other required values (such as type and sourceId)
+     * 
      * @param requestType request type
      * @return new request
      * @exception EBaseException failed to create new request
      */
-    public IRequest newRequest(String requestType)
-        throws EBaseException;
+    public IRequest newRequest(String requestType) throws EBaseException;
 
     /**
-     * Clones a request object. A new request id is assigned 
-     * and all attributes of the request is copied to cloned request, 
-     * except for the sourceID of the original request 
-     * (remote authority's request Id).
+     * Clones a request object. A new request id is assigned and all attributes
+     * of the request is copied to cloned request, except for the sourceID of
+     * the original request (remote authority's request Id).
      * <p>
-     * The cloned request that is returned is LOCKED. The caller MUST 
-     * release the request object by calling releaseRequest().
-     *
+     * The cloned request that is returned is LOCKED. The caller MUST release
+     * the request object by calling releaseRequest().
+     * 
      * @param r request to be cloned
      * @return cloned request
      * @exception EBaseException failed to clone request
      */
-    public IRequest cloneRequest(IRequest r) 
-        throws EBaseException;
+    public IRequest cloneRequest(IRequest r) throws EBaseException;
 
     /**
-     * Gets the Request corresponding to id.
-     * Returns null if the id does not correspond
-     * to a valid request id.
+     * Gets the Request corresponding to id. Returns null if the id does not
+     * correspond to a valid request id.
      * <p>
      * Errors may be generated for other conditions.
-     *
+     * 
      * @param id request id
      * @return found request
      * @exception EBaseException failed to access request queue
      */
-    public IRequest findRequest(RequestId id)
-        throws EBaseException;
+    public IRequest findRequest(RequestId id) throws EBaseException;
 
     /**
-     * Begins processing for this request.  This call
-     * is valid only on requests with status BEGIN
-     * An error is generated for other cases.
-     *
+     * Begins processing for this request. This call is valid only on requests
+     * with status BEGIN An error is generated for other cases.
+     * 
      * @param req request to be processed
      * @exception EBaseException failed to process request
      */
-    public void processRequest(IRequest req)
-        throws EBaseException;
+    public void processRequest(IRequest req) throws EBaseException;
 
     /**
      * Sets request scheduler.
-     *
+     * 
      * @param scheduler request scheduler
      */
     public void setRequestScheduler(IRequestScheduler scheduler);
 
     /**
      * Gets request scheduler.
-     *
+     * 
      * @return request scheduler
      */
     public IRequestScheduler getRequestScheduler();
 
     /**
-     * Puts a new request into the PENDING state.  This call is
-     * only valid for requests with status BEGIN.  An error is
-     * generated for other cases.
+     * Puts a new request into the PENDING state. This call is only valid for
+     * requests with status BEGIN. An error is generated for other cases.
      * <p>
-     * This call might be used by agent servlets that want to
-     * copy a previous request, and resubmit it.  By putting it
-     * into PENDING state, the normal agent screens can be used
-     * for further processing.
-     *
-     * @param req
-     *    the request to mark PENDING
+     * This call might be used by agent servlets that want to copy a previous
+     * request, and resubmit it. By putting it into PENDING state, the normal
+     * agent screens can be used for further processing.
+     * 
+     * @param req the request to mark PENDING
      * @exception EBaseException failed to mark request as pending
      */
-    public void markRequestPending(IRequest req)
-        throws EBaseException;
+    public void markRequestPending(IRequest req) throws EBaseException;
 
     /**
-     * Clones a request object and mark it pending. A new request id is assigned 
-     * and all attributes of the request is copied to cloned request, 
-     * except for the sourceID of the original request 
-     * (remote authority's request Id).
+     * Clones a request object and mark it pending. A new request id is assigned
+     * and all attributes of the request is copied to cloned request, except for
+     * the sourceID of the original request (remote authority's request Id).
      * <p>
-     * The cloned request that is returned is LOCKED. The caller MUST 
-     * release the request object by calling releaseRequest().
-     *
+     * The cloned request that is returned is LOCKED. The caller MUST release
+     * the request object by calling releaseRequest().
+     * 
      * @param r request to be cloned
      * @return cloned request mark PENDING
      * @exception EBaseException failed to clone or mark request
      */
-    public IRequest cloneAndMarkPending(IRequest r) 
-        throws EBaseException;
+    public IRequest cloneAndMarkPending(IRequest r) throws EBaseException;
 
     /**
-     * Approves a request.  The request must be locked.
+     * Approves a request. The request must be locked.
      * <p>
-     * This call will fail if:
-     *   the request is not in PENDING state
-     *   the policy modules do not accept the request
+     * This call will fail if: the request is not in PENDING state the policy
+     * modules do not accept the request
      * <p>
-     * If the policy modules reject the request, then the request
-     * will remain in the PENDING state.  Messages from the policy
-     * module can be display to the agent to indicate the source
-     * of the problem.
+     * If the policy modules reject the request, then the request will remain in
+     * the PENDING state. Messages from the policy module can be display to the
+     * agent to indicate the source of the problem.
      * <p>
-     * The request processing code adds an AgentApproval to this
-     * request that contains the authentication id of the agent.  This
-     * data is retrieved from the Session object (qv).
-     *
-     * @param request
-     *    the request that is being approved
+     * The request processing code adds an AgentApproval to this request that
+     * contains the authentication id of the agent. This data is retrieved from
+     * the Session object (qv).
+     * 
+     * @param request the request that is being approved
      * @exception EBaseException failed to approve request
      */
-    public void approveRequest(IRequest request)
-        throws EBaseException;
+    public void approveRequest(IRequest request) throws EBaseException;
 
     /**
-     * Rejects a request.  The request must be locked.
+     * Rejects a request. The request must be locked.
      * <p>
-     * This call will fail if:
-     *   the request is not in PENDING state
+     * This call will fail if: the request is not in PENDING state
      * <p>
-     * The agent servlet (or other application) may wish to store
-     * AgentMessage values to indicate the reason for the action
-     *
-     * @param request
-     *    the request that is being rejected
+     * The agent servlet (or other application) may wish to store AgentMessage
+     * values to indicate the reason for the action
+     * 
+     * @param request the request that is being rejected
      * @exception EBaseException failed to reject request
      */
-    public void rejectRequest(IRequest request)
-        throws EBaseException;
+    public void rejectRequest(IRequest request) throws EBaseException;
 
     /**
-     * Cancels a request.  The request must be locked.
+     * Cancels a request. The request must be locked.
      * <p>
-     * This call will fail if:
-     *   the request is not in PENDING state
+     * This call will fail if: the request is not in PENDING state
      * <p>
-     * The agent servlet (or other application) may wish to store
-     * AgentMessage values to indicate the reason for the action
-     *
-     * @param request
-     *    the request that is being canceled
+     * The agent servlet (or other application) may wish to store AgentMessage
+     * values to indicate the reason for the action
+     * 
+     * @param request the request that is being canceled
      * @exception EBaseException failed to cancel request
      */
-    public void cancelRequest(IRequest request)
-        throws EBaseException;
+    public void cancelRequest(IRequest request) throws EBaseException;
 
     /**
      * Updates the request in the permanent data store.
      * <p>
-     * This call can be made after changing a value like source
-     * id or owner, to force the new value to be written.
+     * This call can be made after changing a value like source id or owner, to
+     * force the new value to be written.
      * <p>
      * The request must be locked to make this call.
-	 *
-     * @param request
-     *    the request that is being updated
+     * 
+     * @param request the request that is being updated
      * @exception EBaseException failed to update request
      */
-    public void updateRequest(IRequest request)
-        throws EBaseException;
+    public void updateRequest(IRequest request) throws EBaseException;
 
     /**
-     * Returns an enumerator that lists all RequestIds in the
-     * queue.  The caller should use the RequestIds to locate
-     * each request by calling findRequest().
+     * Returns an enumerator that lists all RequestIds in the queue. The caller
+     * should use the RequestIds to locate each request by calling
+     * findRequest().
      * <p>
-     * NOTE: This interface will not be useful for large databases.
-     * This needs to be replace by a VLV (paged) search object.
-     *
+     * NOTE: This interface will not be useful for large databases. This needs
+     * to be replace by a VLV (paged) search object.
+     * 
      * @return request list
      */
     public IRequestList listRequests();
 
     /**
-     * Returns an enumerator that lists all RequestIds for requests
-     * that are in the given status.  For example, all the PENDING
-     * requests could be listed by specifying RequestStatus.PENDING
-     * as the <i>status</i> argument
+     * Returns an enumerator that lists all RequestIds for requests that are in
+     * the given status. For example, all the PENDING requests could be listed
+     * by specifying RequestStatus.PENDING as the <i>status</i> argument
      * <p>
-     * NOTE: This interface will not be useful for large databases.
-     * This needs to be replace by a VLV (paged) search object.
-     *
+     * NOTE: This interface will not be useful for large databases. This needs
+     * to be replace by a VLV (paged) search object.
+     * 
      * @param status request status
      * @return request list
      */
     public IRequestList listRequestsByStatus(RequestStatus status);
 
     /**
-     * Returns an enumerator that lists all RequestIds for requests
-     * that match the filter.
+     * Returns an enumerator that lists all RequestIds for requests that match
+     * the filter.
      * <p>
-     * NOTE: This interface will not be useful for large databases.
-     * This needs to be replace by a VLV (paged) search object.
-     *
+     * NOTE: This interface will not be useful for large databases. This needs
+     * to be replace by a VLV (paged) search object.
+     * 
      * @param filter search filter
      * @return request list
      */
     public IRequestList listRequestsByFilter(String filter);
 
     /**
-     * Returns an enumerator that lists all RequestIds for requests
-     * that match the filter.
+     * Returns an enumerator that lists all RequestIds for requests that match
+     * the filter.
      * <p>
-     * NOTE: This interface will not be useful for large databases.
-     * This needs to be replace by a VLV (paged) search object.
-     *
+     * NOTE: This interface will not be useful for large databases. This needs
+     * to be replace by a VLV (paged) search object.
+     * 
      * @param filter search filter
      * @param maxSize max size to return
      * @return request list
@@ -265,47 +235,47 @@ public interface IRequestQueue {
     public IRequestList listRequestsByFilter(String filter, int maxSize);
 
     /**
-     * Returns an enumerator that lists all RequestIds for requests
-     * that match the filter.
+     * Returns an enumerator that lists all RequestIds for requests that match
+     * the filter.
      * <p>
-     * NOTE: This interface will not be useful for large databases.
-     * This needs to be replace by a VLV (paged) search object.
-     *
+     * NOTE: This interface will not be useful for large databases. This needs
+     * to be replace by a VLV (paged) search object.
+     * 
      * @param filter search filter
      * @param maxSize max size to return
      * @param timeLimit timeout value for the search
      * @return request list
      */
-    public IRequestList listRequestsByFilter(String filter, int maxSize, int timeLimit);
+    public IRequestList listRequestsByFilter(String filter, int maxSize,
+            int timeLimit);
 
     /**
      * Gets requests that are pending on handling by the service
      * <p>
+     * 
      * @return list of pending requests
      */
     // public IRequestList listServicePendingRequests();
 
     /**
      * Locates a request from the SourceId.
-     *
-     * @param id
-     *    a unique identifier for the record that is based on the source
-     *    of the request, and possibly an identify assigned by the source.
-     * @return
-     *    The requestid corresponding to this source id.  null is
-     *    returned if the source id does not exist.
+     * 
+     * @param id a unique identifier for the record that is based on the source
+     *            of the request, and possibly an identify assigned by the
+     *            source.
+     * @return The requestid corresponding to this source id. null is returned
+     *         if the source id does not exist.
      */
     public RequestId findRequestBySourceId(String id);
 
     /**
      * Locates all requests with a particular SourceId.
      * <p>
-     * @param id
-     *    an identifier for the record that is based on the source
-     *    of the request
-     * @return
-     *    A list of requests corresponding to this source id.  null is
-     *    returned if the source id does not exist.
+     * 
+     * @param id an identifier for the record that is based on the source of the
+     *            request
+     * @return A list of requests corresponding to this source id. null is
+     *         returned if the source id does not exist.
      */
     public IRequestList findRequestsBySourceId(String id);
 
@@ -313,26 +283,27 @@ public interface IRequestQueue {
      * Releases the LOCK on a request obtained from findRequest() or
      * newRequest()
      * <p>
+     * 
      * @param r request
      */
     public void releaseRequest(IRequest r);
 
     /**
-     * Marks as serviced after destination authority has serviced request.
-     * Used by connector.
-     *
+     * Marks as serviced after destination authority has serviced request. Used
+     * by connector.
+     * 
      * @param r request
      */
     public void markAsServiced(IRequest r);
 
     /**
-     * Resends requests 
+     * Resends requests
      */
     public void recover();
 
     /**
      * Gets a pageable list of IRequest entries in this queue.
-     *
+     * 
      * @param pageSize page size
      * @return request list
      */
@@ -340,18 +311,18 @@ public interface IRequestQueue {
 
     /**
      * Gets a pageable list of IRequest entries in this queue.
-     *
+     * 
      * @param filter search filter
      * @param pageSize page size
      * @param sortKey the attributes to sort by
      * @return request list
      */
     public IRequestVirtualList getPagedRequestsByFilter(String filter,
-	                                                    int pageSize,
-														String sortKey);
+            int pageSize, String sortKey);
+
     /**
      * Gets a pageable list of IRequest entries in this queue.
-     *
+     * 
      * @param fromId request id to start with
      * @param filter search filter
      * @param pageSize page size
@@ -359,14 +330,12 @@ public interface IRequestQueue {
      * @return request list
      */
     public IRequestVirtualList getPagedRequestsByFilter(RequestId fromId,
-	                                                    String filter,
-														int pageSize, 
-                                                        String sortKey);
+            String filter, int pageSize, String sortKey);
 
     /**
-     * Gets a pageable list of IRequest entries in this queue. This
-     * jumps right to the end of the list
-     *
+     * Gets a pageable list of IRequest entries in this queue. This jumps right
+     * to the end of the list
+     * 
      * @param fromId request id to start with
      * @param jumpToEnd jump to end of list (set fromId to null)
      * @param filter search filter
@@ -375,26 +344,23 @@ public interface IRequestQueue {
      * @return request list
      */
     public IRequestVirtualList getPagedRequestsByFilter(RequestId fromId,
-	                               boolean jumpToEnd, String filter,
-	                               int pageSize,
-                                   String sortKey);
-
+            boolean jumpToEnd, String filter, int pageSize, String sortKey);
 
     /**
      * Retrieves the notifier for pending request.
-     *
+     * 
      * @return notifier for pending request
      */
     public INotify getPendingNotify();
 
-
-    public BigInteger getLastRequestIdInRange(BigInteger  reqId_low_bound, BigInteger reqId_upper_bound);
+    public BigInteger getLastRequestIdInRange(BigInteger reqId_low_bound,
+            BigInteger reqId_upper_bound);
 
     /**
      * Resets serial number.
      */
     public void resetSerialNumber(BigInteger serial) throws EBaseException;
-                                                                                
+
     /**
      * Removes all objects with this repository.
      */
@@ -402,7 +368,7 @@ public interface IRequestQueue {
 
     /**
      * Gets request repository.
-     *
+     * 
      * @return request repository
      */
     public IRepository getRequestRepository();
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
index 696dc4e16..ef00212b0 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
@@ -17,22 +17,20 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.dbs.IDBObj;
 
-
 /**
- * A request record is the stored version of a request.
- * It has a set of attributes that are mapped into LDAP
- * attributes for actual directory operations.
+ * A request record is the stored version of a request. It has a set of
+ * attributes that are mapped into LDAP attributes for actual directory
+ * operations.
  * <p>
+ * 
  * @version $Revision$ $Date$
  */
-public interface IRequestRecord
-    extends IDBObj {
+public interface IRequestRecord extends IDBObj {
     //
     // The names of the attributes stored in this record
     //
@@ -57,28 +55,28 @@ public interface IRequestRecord
 
     public final static String ATTR_REQUEST_TYPE = "requestType";
 
-    // Placeholder for ExtAttr data.  this attribute is not in LDAP, but
+    // Placeholder for ExtAttr data. this attribute is not in LDAP, but
     // is used to trigger the ExtAttrDynMapper during conversion between LDAP
     // and the RequestRecord.
     public final static String ATTR_EXT_DATA = "requestExtData";
 
     /**
      * Gets the request id.
-     *
+     * 
      * @return request id
      */
     public RequestId getRequestId();
 
     /**
      * Gets attribute names of the request.
-     *
+     * 
      * @return list of attribute names
      */
     public Enumeration getAttrNames();
 
     /**
      * Gets the request attribute value by the name.
-     *
+     * 
      * @param name attribute name
      * @return attribute value
      */
@@ -86,7 +84,7 @@ public interface IRequestRecord
 
     /**
      * Sets new attribute for the request.
-     *
+     * 
      * @param name attribute name
      * @param o attribute value
      */
@@ -94,20 +92,19 @@ public interface IRequestRecord
 
     /**
      * Removes attribute from the request.
-     *
+     * 
      * @param name attribute name
      */
-    public void delete(String name)
-        throws EBaseException;
+    public void delete(String name) throws EBaseException;
 
     /**
      * Gets attribute list of the request.
-     *
+     * 
      * @return attribute list
      */
     public Enumeration getElements();
 
     // IDBObj.getSerializableAttrNames
-    //public Enumeration getSerializableAttrNames();
+    // public Enumeration getSerializableAttrNames();
 
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
index 198092fc1..2d1cb89dd 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
@@ -17,16 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 //import java.io.Serializable;
 
-
-
 /**
- * This is an interface to a request scheduler that prioritizes
- * the threads based on the request processing order.
- * The request that enters the request queue first should
- * be processed first.
+ * This is an interface to a request scheduler that prioritizes the threads
+ * based on the request processing order. The request that enters the request
+ * queue first should be processed first.
  * 
  * @version $Revision$ $Date$
  */
@@ -34,14 +30,14 @@ public interface IRequestScheduler {
 
     /**
      * Request entered the request queue processing.
-     *
+     * 
      * @param r request
      */
     public void requestIn(IRequest r);
 
     /**
      * Request exited the request queue processing.
-     *
+     * 
      * @param r request
      */
     public void requestOut(IRequest r);
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
index c32c66985..aa568f082 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
@@ -17,89 +17,75 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * This interface defines storage of request objects
- * in the local database.
+ * This interface defines storage of request objects in the local database.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequestSubsystem {
     public static final String SUB_ID = "request";
 
     /**
-     * Creates a new request queue.
-	 * (Currently unimplemented.  Just use getRequestQueue to create
-	 * an in-memory queue.)
+     * Creates a new request queue. (Currently unimplemented. Just use
+     * getRequestQueue to create an in-memory queue.)
      * <p>
-     * @param name The name of the queue object. This name can be used
-     *    in getRequestQueue to retrieve the queue later.
+     * 
+     * @param name The name of the queue object. This name can be used in
+     *            getRequestQueue to retrieve the queue later.
      * @exception EBaseException failed to create request queue
      */
-    public void createRequestQueue(String name)
-        throws EBaseException;
+    public void createRequestQueue(String name) throws EBaseException;
 
     /**
-     * Retrieves a request queue.  This operation should only be done
-     * once on each queue.  For example, the RA subsystem should retrieve
-     * its queue, and store it somewhere for use by related services, and
-     * servlets.
+     * Retrieves a request queue. This operation should only be done once on
+     * each queue. For example, the RA subsystem should retrieve its queue, and
+     * store it somewhere for use by related services, and servlets.
      * <p>
-     * WARNING: retrieving the same queue twice with result in multi-thread
-     * race conditions.
+     * WARNING: retrieving the same queue twice with result in multi-thread race
+     * conditions.
      * <p>
-     * @param name
-     *    the name of the request queue.  (Ex: "ca" "ra")
-     * @param p
-     *    A policy enforcement module.  This object is called to make
-     *    adjustments to the request, and decide whether it needs agent
-     *    approval.
-     * @param s
-     *    The service object.  This object actually performs the request
-     *    after it is finalized and approved.
-     * @param n
-     *    A notifier object (optional).  The notify() method of this object
-     *    is invoked when the request is completed (COMPLETE, REJECTED or
-     *    CANCELED states).
+     * 
+     * @param name the name of the request queue. (Ex: "ca" "ra")
+     * @param p A policy enforcement module. This object is called to make
+     *            adjustments to the request, and decide whether it needs agent
+     *            approval.
+     * @param s The service object. This object actually performs the request
+     *            after it is finalized and approved.
+     * @param n A notifier object (optional). The notify() method of this object
+     *            is invoked when the request is completed (COMPLETE, REJECTED
+     *            or CANCELED states).
      * @exception EBaseException failed to retrieve request queue
      */
-    public IRequestQueue
-    getRequestQueue(String name, int increment, IPolicy p, IService s, INotify n)
-        throws EBaseException;
+    public IRequestQueue getRequestQueue(String name, int increment, IPolicy p,
+            IService s, INotify n) throws EBaseException;
 
     /**
-     * Retrieves a request queue.  This operation should only be done
-     * once on each queue.  For example, the RA subsystem should retrieve
-     * its queue, and store it somewhere for use by related services, and
-     * servlets.
+     * Retrieves a request queue. This operation should only be done once on
+     * each queue. For example, the RA subsystem should retrieve its queue, and
+     * store it somewhere for use by related services, and servlets.
      * <p>
-     * WARNING: retrieving the same queue twice with result in multi-thread
-     * race conditions.
+     * WARNING: retrieving the same queue twice with result in multi-thread race
+     * conditions.
      * <p>
-     * @param name
-     *    the name of the request queue.  (Ex: "ca" "ra")
-     * @param p
-     *    A policy enforcement module.  This object is called to make
-     *    adjustments to the request, and decide whether it needs agent
-     *    approval.
-     * @param s
-     *    The service object.  This object actually performs the request
-     *    after it is finalized and approved.
-     * @param n
-     *    A notifier object (optional).  The notify() method of this object
-     *    is invoked when the request is completed (COMPLETE, REJECTED or
-     *    CANCELED states).
-     * @param pendingNotifier
-     *    A notifier object (optional).  Like the 'n' argument, except the
-     *    notification happens if the request is made PENDING.  May be the
-     *    same as the 'n' argument if desired.
+     * 
+     * @param name the name of the request queue. (Ex: "ca" "ra")
+     * @param p A policy enforcement module. This object is called to make
+     *            adjustments to the request, and decide whether it needs agent
+     *            approval.
+     * @param s The service object. This object actually performs the request
+     *            after it is finalized and approved.
+     * @param n A notifier object (optional). The notify() method of this object
+     *            is invoked when the request is completed (COMPLETE, REJECTED
+     *            or CANCELED states).
+     * @param pendingNotifier A notifier object (optional). Like the 'n'
+     *            argument, except the notification happens if the request is
+     *            made PENDING. May be the same as the 'n' argument if desired.
      * @exception EBaseException failed to retrieve request queue
      */
-    public IRequestQueue
-    getRequestQueue(String name, int increment, IPolicy p, IService s, INotify n,
-        INotify pendingNotifier)
-        throws EBaseException;
+    public IRequestQueue getRequestQueue(String name, int increment, IPolicy p,
+            IService s, INotify n, INotify pendingNotifier)
+            throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
index 4d877a775..faf8e07e6 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
@@ -17,25 +17,25 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
  * This interface defines access to request virtual list.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
 public interface IRequestVirtualList {
 
     /**
-     * Gets the total size of the result set.  Elements of the
-     * list are numbered from 0..(size-1)
-	 *
+     * Gets the total size of the result set. Elements of the list are numbered
+     * from 0..(size-1)
+     * 
      * @return size of the result set
      */
     int getSize();
 
     /**
      * Gets the element at the specified index
-	 *
+     * 
      * @param index index of the element
      * @return specified request
      */
@@ -43,7 +43,7 @@ public interface IRequestVirtualList {
 
     /**
      * Gets the current index
-	 *
+     * 
      * @return current index
      */
     int getCurrentIndex();
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IService.java b/pki/base/common/src/com/netscape/certsrv/request/IService.java
index aeaf757a6..c7f9719f2 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/IService.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/IService.java
@@ -17,32 +17,28 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * This interface defines how requests are serviced.
- * This covers certificate generation, revocation, renewals,
- * revocation checking, and much more.
+ * This interface defines how requests are serviced. This covers certificate
+ * generation, revocation, renewals, revocation checking, and much more.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
 public interface IService {
 
     /**
-     * Performs the service (such as certificate generation)
-     * represented by this request.
+     * Performs the service (such as certificate generation) represented by this
+     * request.
      * <p>
-     * @param request
-     *    The request that needs service.  The service may use
-     *    attributes stored in the request, and may update the
-     *    values, or store new ones.
-     * @return
-     *    an indication of whether this request is still pending.
-     *    'false' means the request will wait for further notification.
+     * 
+     * @param request The request that needs service. The service may use
+     *            attributes stored in the request, and may update the values,
+     *            or store new ones.
+     * @return an indication of whether this request is still pending. 'false'
+     *         means the request will wait for further notification.
      * @exception EBaseException indicates major processing failure.
      */
-    boolean serviceRequest(IRequest request)
-        throws EBaseException;
+    boolean serviceRequest(IRequest request) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java b/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
index 13cec1618..2977697c2 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
@@ -17,18 +17,16 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * A (localizable) message recorded by a policy module that describes
- * the reason for rejecting a request.
+ * A (localizable) message recorded by a policy module that describes the reason
+ * for rejecting a request.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
-public class PolicyMessage
-    extends EBaseException {
+public class PolicyMessage extends EBaseException {
 
     /**
      *
@@ -38,6 +36,7 @@ public class PolicyMessage
     /**
      * Class constructor that registers policy message.
      * <p>
+     * 
      * @param message message string
      */
     public PolicyMessage(String message) {
diff --git a/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java b/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java
index 2750e3d82..c7cad94f2 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java
@@ -17,10 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
  * This class defines results for policy actions.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public final class PolicyResult {
diff --git a/pki/base/common/src/com/netscape/certsrv/request/RequestId.java b/pki/base/common/src/com/netscape/certsrv/request/RequestId.java
index 01bd65d3b..f8a4133df 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/RequestId.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/RequestId.java
@@ -17,32 +17,34 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
- * The RequestId class represents the identifier for a particular
- * request within a request queue.  This identifier may be used to
- * retrieve the request object itself from the request queue.
+ * The RequestId class represents the identifier for a particular request within
+ * a request queue. This identifier may be used to retrieve the request object
+ * itself from the request queue.
  * <p>
+ * 
  * @version $Revision$ $Date$
  */
 public final class RequestId {
 
     /**
-     * Creates a new RequestId from its string representation. 
+     * Creates a new RequestId from its string representation.
      * <p>
-     * @param   id
-     *    a string containing the decimal (base 10) value for the identifier.
+     * 
+     * @param id a string containing the decimal (base 10) value for the
+     *            identifier.
      */
     public RequestId(String id) {
         mString = id;
     }
 
     /**
-     * Converts the RequestId into its string representation.  The string
-     * form can be stored in a database (such as the LDAP directory)
+     * Converts the RequestId into its string representation. The string form
+     * can be stored in a database (such as the LDAP directory)
      * <p>
-     * @return
-     *    a string containing the decimal (base 10) value for the identifier.
+     * 
+     * @return a string containing the decimal (base 10) value for the
+     *         identifier.
      */
     public String toString() {
         return mString;
@@ -51,6 +53,7 @@ public final class RequestId {
     /**
      * Implements Object.hashCode.
      * <p>
+     * 
      * @return hash code of the object
      */
     public int hashCode() {
@@ -60,7 +63,8 @@ public final class RequestId {
     /**
      * Implements Object.equals.
      * <p>
-     * @param  obj object to compare
+     * 
+     * @param obj object to compare
      * @return true if objects are equal
      */
     public boolean equals(Object obj) {
diff --git a/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java b/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java
index ad3b91e78..b0400402e 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java
@@ -17,21 +17,19 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.request;
 
-
 /**
- * The RequestStatus class represents the current state of a request
- * in a request queue.  The state of the request changes as actions
- * are performed on it.
- *
- * The request is created in the BEGIN state, then general progresses
- * through the PENDING, APPROVED, SVC_PENDING, and COMPLETE states.
- * Some requests may bypass the PENDING state if no agent action is
- * required.
- *
- * Requests may be CANCELED (not implemented) or REJECTED.  These are
- * error conditions, and usually result because the request was invalid
- * or was not approved by an agent.
- *
+ * The RequestStatus class represents the current state of a request in a
+ * request queue. The state of the request changes as actions are performed on
+ * it.
+ * 
+ * The request is created in the BEGIN state, then general progresses through
+ * the PENDING, APPROVED, SVC_PENDING, and COMPLETE states. Some requests may
+ * bypass the PENDING state if no agent action is required.
+ * 
+ * Requests may be CANCELED (not implemented) or REJECTED. These are error
+ * conditions, and usually result because the request was invalid or was not
+ * approved by an agent.
+ * 
  * @version $Revision$ $Date$
  */
 public final class RequestStatus {
@@ -44,22 +42,22 @@ public final class RequestStatus {
     public static String COMPLETE_STRING = "complete";
 
     /**
-     * The initial state of a request. Requests in this state have not
-     * been review by policy.
-     *
-     * While in this state the source of the request (usually the servlet,
-     * but it could be some other protocol module, such as email)
-     * should populate the request with data need to service it.
+     * The initial state of a request. Requests in this state have not been
+     * review by policy.
+     * 
+     * While in this state the source of the request (usually the servlet, but
+     * it could be some other protocol module, such as email) should populate
+     * the request with data need to service it.
      */
     public static RequestStatus BEGIN = new RequestStatus(BEGIN_STRING);
 
     /**
-     * The state of a request that is waiting for action by an agent.
-     * When the agent approves or rejects the request, process will
-     * continue as appropriate.
-     *
-     * In this state there may be PolicyMessages present that indicate
-     * the reason for the pending status.
+     * The state of a request that is waiting for action by an agent. When the
+     * agent approves or rejects the request, process will continue as
+     * appropriate.
+     * 
+     * In this state there may be PolicyMessages present that indicate the
+     * reason for the pending status.
      */
     public static RequestStatus PENDING = new RequestStatus(PENDING_STRING);
 
@@ -67,80 +65,84 @@ public final class RequestStatus {
      * The state of a request that has been approved by an agent, or
      * automatically by the policy engine, but have not been successfully
      * transmitted to the service module.
-     *
-     * These requests are resent to the service during the recovery
-     * process that runs at server startup.
+     * 
+     * These requests are resent to the service during the recovery process that
+     * runs at server startup.
      */
     public static RequestStatus APPROVED = new RequestStatus(APPROVED_STRING);
 
     /**
-     * The state of a request that has been sent to the service, but
-     * has not been fully processed.  The service will invoke the
-     * serviceComplete() method to cause processing to continue.
+     * The state of a request that has been sent to the service, but has not
+     * been fully processed. The service will invoke the serviceComplete()
+     * method to cause processing to continue.
      */
-    public static RequestStatus SVC_PENDING =
-        new RequestStatus(SVC_PENDING_STRING);
+    public static RequestStatus SVC_PENDING = new RequestStatus(
+            SVC_PENDING_STRING);
 
     /**
-     * Not implemented.  This is intended to be a final state that is
-     * reached when a request is removed from the processing queue without
-     * normal notification occurring.  (see REJECTED)
+     * Not implemented. This is intended to be a final state that is reached
+     * when a request is removed from the processing queue without normal
+     * notification occurring. (see REJECTED)
      */
     public static RequestStatus CANCELED = new RequestStatus(CANCELED_STRING);
 
     /**
-     * The state of a request after it is rejected.  When a request is
-     * rejected, the notifier is called prior to making the finl status
-     * change.
-     *
-     * Rejected requests may have PolicyMessages indicating the reason for
-     * the rejection, or AgentMessages, which allow the agent to give
-     * reasons for the action.
+     * The state of a request after it is rejected. When a request is rejected,
+     * the notifier is called prior to making the finl status change.
+     * 
+     * Rejected requests may have PolicyMessages indicating the reason for the
+     * rejection, or AgentMessages, which allow the agent to give reasons for
+     * the action.
      */
     public static RequestStatus REJECTED = new RequestStatus(REJECTED_STRING);
 
     /**
-     * The normal final state of a request.  The completion status attribute
-     * gives other information about the request.  The request is not
-     * necessarily successful, but may indicated that service processing
-     * did not succeed.
+     * The normal final state of a request. The completion status attribute
+     * gives other information about the request. The request is not necessarily
+     * successful, but may indicated that service processing did not succeed.
      */
     public static RequestStatus COMPLETE = new RequestStatus(COMPLETE_STRING);
 
     /**
-     * Converts a string name for a request status into the
-     * request status enum object.
+     * Converts a string name for a request status into the request status enum
+     * object.
      * <p>
-     * @param s
-     *    The string representation of the state.
-     * @return
-     *    request status
+     * 
+     * @param s The string representation of the state.
+     * @return request status
      */
     public static RequestStatus fromString(String s) {
-        if (s.equals(BEGIN_STRING)) return BEGIN;
-        if (s.equals(PENDING_STRING)) return PENDING;
-        if (s.equals(APPROVED_STRING)) return APPROVED;
-        if (s.equals(SVC_PENDING_STRING)) return SVC_PENDING;
-        if (s.equals(CANCELED_STRING)) return CANCELED;
-        if (s.equals(REJECTED_STRING)) return REJECTED;
-        if (s.equals(COMPLETE_STRING)) return COMPLETE;
+        if (s.equals(BEGIN_STRING))
+            return BEGIN;
+        if (s.equals(PENDING_STRING))
+            return PENDING;
+        if (s.equals(APPROVED_STRING))
+            return APPROVED;
+        if (s.equals(SVC_PENDING_STRING))
+            return SVC_PENDING;
+        if (s.equals(CANCELED_STRING))
+            return CANCELED;
+        if (s.equals(REJECTED_STRING))
+            return REJECTED;
+        if (s.equals(COMPLETE_STRING))
+            return COMPLETE;
 
         return null;
     }
 
     /**
-     * Returns the string form of the RequestStatus, which may be used
-     * to record the status in a database.
-	 *
+     * Returns the string form of the RequestStatus, which may be used to record
+     * the status in a database.
+     * 
      * @return request status
      */
     public String toString() {
         return mString;
     }
- 
+
     /**
      * Class constructor. Creates request status from the string.
-	 *
+     * 
      * @param string string describing request status
      */
     private RequestStatus(String string) {
@@ -151,21 +153,25 @@ public final class RequestStatus {
 
     /**
      * Compares request status with specified string.
-	 *
+     * 
      * @param string string describing request status
      */
     public boolean equals(String string) {
-        if (string.equals(mString)) return true;
-        else return false;
+        if (string.equals(mString))
+            return true;
+        else
+            return false;
     }
-  
+
     /**
      * Compares current request status with request status.
-	 *
+     * 
      * @param rs request status
      */
     public boolean equals(RequestStatus rs) {
-        if (mString.equals(rs.mString)) return true;
-        else return false;
+        if (mString.equals(rs.mString))
+            return true;
+        else
+            return false;
     }
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java b/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
index 1fc0657f6..c1e153a81 100644
--- a/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
+++ b/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
@@ -25,31 +25,31 @@ import com.netscape.certsrv.request.RequestStatus;
 /**
  * This interface defines how to update request record.
  * <p>
+ * 
  * @version $Revision$, $Date$
  */
-public interface IRequestMod
-{
-	/**
+public interface IRequestMod {
+    /**
      * Modifies request status.
-	 *
+     * 
      * @param r request
      * @param s request status
      */
-	void modRequestStatus(IRequest r, RequestStatus s);
+    void modRequestStatus(IRequest r, RequestStatus s);
 
-	/**
+    /**
      * Modifies request creation time.
-	 *
+     * 
      * @param r request
      * @param d date
      */
-	void modCreationTime(IRequest r, Date d);
+    void modCreationTime(IRequest r, Date d);
 
-	/**
+    /**
      * Modifies request modification time.
-	 *
+     * 
      * @param r request
      * @param d date
      */
-	void modModificationTime(IRequest r, Date d);
+    void modModificationTime(IRequest r, Date d);
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/security/Credential.java b/pki/base/common/src/com/netscape/certsrv/security/Credential.java
index 9aff49adc..ea6ca400f 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/Credential.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/Credential.java
@@ -17,12 +17,10 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 /**
- * A class represents a credential. A credential contains
- * information that identifies a user. In this case,
- * identifier and password are used.
- *
+ * A class represents a credential. A credential contains information that
+ * identifies a user. In this case, identifier and password are used.
+ * 
  * @version $Revision$, $Date$
  */
 public class Credential implements java.io.Serializable {
@@ -36,7 +34,7 @@ public class Credential implements java.io.Serializable {
 
     /**
      * Constructs credential object.
-     *
+     * 
      * @param id user id
      * @param password user password
      */
@@ -44,10 +42,10 @@ public class Credential implements java.io.Serializable {
         mId = id;
         mPassword = password;
     }
-	
+
     /**
      * Retrieves identifier.
-     *
+     * 
      * @return user id
      */
     public String getIdentifier() {
@@ -56,7 +54,7 @@ public class Credential implements java.io.Serializable {
 
     /**
      * Retrieves password.
-     *
+     * 
      * @return user password
      */
     public String getPassword() {
diff --git a/pki/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java b/pki/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java
index ab910b376..0f9fcdf0e 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/ICryptoSubsystem.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import java.io.IOException;
 import java.security.KeyPair;
 import java.security.cert.CertificateException;
@@ -37,11 +36,10 @@ import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.common.NameValuePairs;
 
-
 /**
- * This interface represents the cryptographics subsystem
- * that provides all the security related functions.
- *
+ * This interface represents the cryptographics subsystem that provides all the
+ * security related functions.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICryptoSubsystem extends ISubsystem {
@@ -49,9 +47,9 @@ public interface ICryptoSubsystem extends ISubsystem {
     public static final String ID = "jss";
 
     /**
-     * Retrieves a list of nicknames of certificates that are
-     * in the installed tokens.
-     *
+     * Retrieves a list of nicknames of certificates that are in the installed
+     * tokens.
+     * 
      * @return a list of comma-separated nicknames
      * @exception EBaseException failed to retrieve nicknames
      */
@@ -59,58 +57,62 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves certificate in pretty-print format by the nickname.
-     *
+     * 
      * @param nickname nickname of certificate
      * @param date not after of the returned certificate must be date
      * @param locale user locale
      * @return certificate in pretty-print format
      * @exception EBaseException failed to retrieve certificate
      */
-    public String getCertPrettyPrint(String nickname, String date,
-        Locale locale) throws EBaseException;
+    public String getCertPrettyPrint(String nickname, String date, Locale locale)
+            throws EBaseException;
+
     public String getRootCertTrustBit(String nickname, String serialno,
-      String issuerName) throws EBaseException;
-    public String getCertPrettyPrint(String nickname, String serialno, 
-      String issuername, Locale locale) throws EBaseException;
-    public String getCertPrettyPrintAndFingerPrint(String nickname, String serialno, 
-      String issuername, Locale locale) throws EBaseException;
+            String issuerName) throws EBaseException;
+
+    public String getCertPrettyPrint(String nickname, String serialno,
+            String issuername, Locale locale) throws EBaseException;
+
+    public String getCertPrettyPrintAndFingerPrint(String nickname,
+            String serialno, String issuername, Locale locale)
+            throws EBaseException;
 
     /**
      * Retrieves the certificate in the pretty print format.
-     *
+     * 
      * @param b64E certificate in mime-64 encoded format
      * @param locale end user locale
      * @return certificate in pretty-print format
      * @exception EBaseException failed to retrieve certificate
      */
-    public String getCertPrettyPrint(String b64E, Locale locale) 
-        throws EBaseException;
+    public String getCertPrettyPrint(String b64E, Locale locale)
+            throws EBaseException;
 
     /**
      * Imports certificate into the server.
-     *
+     * 
      * @param b64E certificate in mime-64 encoded format
      * @param nickname nickname for the importing certificate
      * @param certType certificate type
      * @exception EBaseException failed to import certificate
      */
     public void importCert(String b64E, String nickname, String certType)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Imports certificate into the server.
-     *
+     * 
      * @param signedCert certificate
      * @param nickname nickname for the importing certificate
      * @param certType certificate type
      * @exception EBaseException failed to import certificate
      */
     public void importCert(X509CertImpl signedCert, String nickname,
-        String certType) throws EBaseException;
+            String certType) throws EBaseException;
 
     /**
      * Generates a key pair based on the given parameters.
-     *
+     * 
      * @param properties key parameters
      * @return key pair
      * @exception EBaseException failed to generate key pair
@@ -119,7 +121,7 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves the key pair based on the given nickname.
-     *
+     * 
      * @param nickname nickname of the public key
      * @exception EBaseException failed to retrieve key pair
      */
@@ -127,19 +129,19 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates a key pair based on the given parameters.
-     *
+     * 
      * @param tokenName name of token where key is generated
      * @param alg key algorithm
      * @param keySize key size
      * @return key pair
      * @exception EBaseException failed to generate key pair
      */
-    public KeyPair getKeyPair(String tokenName, String alg,
-        int keySize) throws EBaseException;
+    public KeyPair getKeyPair(String tokenName, String alg, int keySize)
+            throws EBaseException;
 
     /**
      * Generates a key pair based on the given parameters.
-     *
+     * 
      * @param tokenName name of token where key is generated
      * @param alg key algorithm
      * @param keySize key size
@@ -147,12 +149,12 @@ public interface ICryptoSubsystem extends ISubsystem {
      * @return key pair
      * @exception EBaseException failed to generate key pair
      */
-    public KeyPair getKeyPair(String tokenName, String alg,
-        int keySize, PQGParams pqg) throws EBaseException;
+    public KeyPair getKeyPair(String tokenName, String alg, int keySize,
+            PQGParams pqg) throws EBaseException;
 
     /**
      * Generates an ECC key pair based on the given parameters.
-     *
+     * 
      * @param properties key parameters
      * @return key pair
      * @exception EBaseException failed to generate key pair
@@ -161,99 +163,97 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Generates an ECC key pair based on the given parameters.
-     *
+     * 
      * @param token token name
      * @param curveName curve name
      * @param certType type of cert(sslserver etc..)
      * @return key pair
      * @exception EBaseException failed to generate key pair
      */
-    public KeyPair getECCKeyPair(String token, String curveName, String certType) throws EBaseException;
+    public KeyPair getECCKeyPair(String token, String curveName, String certType)
+            throws EBaseException;
 
     /**
-     * Retrieves the signature algorithm of the certificate named
-     * by the given nickname.
-     *
+     * Retrieves the signature algorithm of the certificate named by the given
+     * nickname.
+     * 
      * @param nickname nickname of the certificate
      * @return signature algorithm
-     * @exception EBaseException failed to retrieve signature 
+     * @exception EBaseException failed to retrieve signature
      */
     public String getSignatureAlgorithm(String nickname) throws EBaseException;
 
     /**
      * Checks if the given dn is a valid distinguished name.
-     *
+     * 
      * @param dn distinguished name
      * @exception EBaseException failed to check
      */
     public void isX500DN(String dn) throws EBaseException;
 
     /**
-     * Retrieves CA's signing algorithm id. If it is DSA algorithm,
-     * algorithm is constructed by reading the parameters
-     * ca.dsaP, ca.dsaQ, ca.dsaG.
-     *
+     * Retrieves CA's signing algorithm id. If it is DSA algorithm, algorithm is
+     * constructed by reading the parameters ca.dsaP, ca.dsaQ, ca.dsaG.
+     * 
      * @param algname DSA or RSA
      * @param store configuration store.
      * @return algorithm id
      * @exception EBaseException failed to retrieve algorithm id
      */
-    public AlgorithmId getAlgorithmId(String algname, IConfigStore store) throws EBaseException;
+    public AlgorithmId getAlgorithmId(String algname, IConfigStore store)
+            throws EBaseException;
 
     /**
-     * Retrieves subject name of the certificate that is identified by
-     * the given nickname.
-     *
+     * Retrieves subject name of the certificate that is identified by the given
+     * nickname.
+     * 
      * @param tokenname name of token where the nickname is valid
      * @param nickname nickname of the certificate
      * @return subject name
      * @exception EBaseException failed to get subject name
      */
     public String getCertSubjectName(String tokenname, String nickname)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Retrieves extensions of the certificate that is identified by
-     * the given nickname.
-     *
+     * Retrieves extensions of the certificate that is identified by the given
+     * nickname.
+     * 
      * @param tokenname name of token where the nickname is valid
      * @param nickname nickname of the certificate
      * @return certificate extensions
      * @exception EBaseException failed to get extensions
      */
-    public CertificateExtensions getExtensions(String tokenname, String nickname
-    )
-        throws EBaseException;
+    public CertificateExtensions getExtensions(String tokenname, String nickname)
+            throws EBaseException;
 
     /**
      * Deletes certificate of the given nickname.
-     *
+     * 
      * @param nickname nickname of the certificate
      * @param pathname path where a copy of the deleted certificate is stored
      * @exception EBaseException failed to delete certificate
      */
-    public void deleteTokenCertificate(String nickname, String pathname) 
-        throws EBaseException;
+    public void deleteTokenCertificate(String nickname, String pathname)
+            throws EBaseException;
 
     /**
      * Delete certificate of the given nickname.
-     *
+     * 
      * @param nickname nickname of the certificate
-     * @param notAfterTime The notAfter of the certificate. It 
-     *        is possible to ge t multiple certificates under 
-     *        the same nickname. If one of the certificates match 
-     *        the notAfterTime, then the certificate will get 
-     *        deleted. The format of the notAfterTime has to be 
-     *        in "MMMMM dd, yyyy HH:mm:ss" format.
+     * @param notAfterTime The notAfter of the certificate. It is possible to ge
+     *            t multiple certificates under the same nickname. If one of the
+     *            certificates match the notAfterTime, then the certificate will
+     *            get deleted. The format of the notAfterTime has to be in
+     *            "MMMMM dd, yyyy HH:mm:ss" format.
      * @exception EBaseException failed to delete certificate
      */
-    public void deleteCert(String nickname, String notAfterTime) 
-        throws EBaseException;
+    public void deleteCert(String nickname, String notAfterTime)
+            throws EBaseException;
 
     /**
-     * Retrieves the subject DN of the certificate identified by
-     * the nickname.
-     *
+     * Retrieves the subject DN of the certificate identified by the nickname.
+     * 
      * @param nickname nickname of the certificate
      * @return subject distinguished name
      * @exception EBaseException failed to retrieve subject DN
@@ -262,19 +262,19 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Trusts a certificate for all available purposes.
-     *
+     * 
      * @param nickname nickname of the certificate
      * @param date certificate's not before
      * @param trust "Trust" or other
      * @exception EBaseException failed to trust certificate
      */
-    public void trustCert(String nickname, String date, String trust) 
-        throws EBaseException;
+    public void trustCert(String nickname, String date, String trust)
+            throws EBaseException;
 
     /**
-     * Checks if the given base-64 encoded string contains an extension
-     * or a sequence of extensions.
-     *
+     * Checks if the given base-64 encoded string contains an extension or a
+     * sequence of extensions.
+     * 
      * @param ext extension or sequence of extension encoded in base-64
      * @exception EBaseException failed to check encoding
      */
@@ -282,16 +282,17 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Gets all certificates on all tokens for Certificate Database Management.
-     *
+     * 
      * @return all certificates
      * @exception EBaseException failed to retrieve certificates
      */
     public NameValuePairs getAllCertsManage() throws EBaseException;
+
     public NameValuePairs getUserCerts() throws EBaseException;
 
     /**
      * Gets all CA certificates on all tokens.
-     *
+     * 
      * @return all CA certificates
      * @exception EBaseException failed to retrieve certificates
      */
@@ -300,17 +301,17 @@ public interface ICryptoSubsystem extends ISubsystem {
     public NameValuePairs getRootCerts() throws EBaseException;
 
     public void setRootCertTrust(String nickname, String serialno,
-      String issuername, String trust) throws EBaseException;
+            String issuername, String trust) throws EBaseException;
 
     public void deleteRootCert(String nickname, String serialno,
-      String issuername) throws EBaseException;
+            String issuername) throws EBaseException;
 
     public void deleteUserCert(String nickname, String serialno,
-      String issuername) throws EBaseException;
+            String issuername) throws EBaseException;
 
     /**
      * Retrieves PQG parameters based on key size.
-     *
+     * 
      * @param keysize key size
      * @return pqg parameters
      */
@@ -318,118 +319,118 @@ public interface ICryptoSubsystem extends ISubsystem {
 
     /**
      * Retrieves PQG parameters based on key size.
-     *
+     * 
      * @param keysize key size
      * @param store configuration store
      * @return pqg parameters
      */
     public PQGParams getCAPQG(int keysize, IConfigStore store)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Retrieves extensions of the certificate that is identified by
-     * the given nickname.
-     *
+     * Retrieves extensions of the certificate that is identified by the given
+     * nickname.
+     * 
      * @param tokenname token name
      * @param nickname nickname
      * @return certificate extensions
      */
-    public CertificateExtensions getCertExtensions(String tokenname, String nickname
-    )
-        throws NotInitializedException, TokenException, ObjectNotFoundException,
+    public CertificateExtensions getCertExtensions(String tokenname,
+            String nickname) throws NotInitializedException, TokenException,
+            ObjectNotFoundException,
 
             IOException, CertificateException;
 
     /**
      * Checks if the given token is logged in.
-     *
+     * 
      * @param name token name
      * @return true if token is logged in
-     * @exception EBaseException failed to login 
+     * @exception EBaseException failed to login
      */
     public boolean isTokenLoggedIn(String name) throws EBaseException;
 
     /**
      * Logs into token.
-     *
+     * 
      * @param tokenName name of the token
      * @param pwd token password
      * @exception EBaseException failed to login
      */
-    public void loggedInToken(String tokenName, String pwd) 
-        throws EBaseException;
+    public void loggedInToken(String tokenName, String pwd)
+            throws EBaseException;
 
     /**
      * Generates certificate request from the given key pair.
-     *
+     * 
      * @param subjectName subject name to use in the request
      * @param kp key pair that contains public key material
      * @return certificate request in base-64 encoded format
      * @exception EBaseException failed to generate request
      */
     public String getCertRequest(String subjectName, KeyPair kp)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Checks if fortezza is enabled.
-     *
+     * 
      * @return "true" if fortezza is enabled
      */
     public String isCipherFortezza() throws EBaseException;
 
     /**
      * Retrieves the SSL cipher version.
-     *
+     * 
      * @return cipher version (i.e. "cipherdomestic")
      */
     public String getCipherVersion() throws EBaseException;
 
     /**
      * Retrieves the cipher preferences.
-     *
+     * 
      * @return cipher preferences (i.e. "rc4export,rc2export,...")
      */
     public String getCipherPreferences() throws EBaseException;
 
     /**
      * Sets the current SSL cipher preferences.
-     *
+     * 
      * @param cipherPrefs cipher preferences (i.e. "rc4export,rc2export,...")
      * @exception EBaseException failed to set cipher preferences
      */
-    public void setCipherPreferences(String cipherPrefs)
-        throws EBaseException;
+    public void setCipherPreferences(String cipherPrefs) throws EBaseException;
 
     /**
      * Retrieves a list of currently registered token names.
-     *
+     * 
      * @return list of token names
      * @exception EBaseException failed to retrieve token list
      */
     public String getTokenList() throws EBaseException;
 
     /**
-     * Retrieves all certificates. The result list will not
-     * contain the token tag.
-     *
+     * Retrieves all certificates. The result list will not contain the token
+     * tag.
+     * 
      * @param name token name
      * @return list of certificates without token tag
      * @exception EBaseException failed to retrieve
      */
-    public String getCertListWithoutTokenName(String name) throws EBaseException;
+    public String getCertListWithoutTokenName(String name)
+            throws EBaseException;
 
     /**
      * Retrieves the token name of the internal (software) token.
-     *
+     * 
      * @return the token name
      * @exception EBaseException failed to retrieve token name
      */
     public String getInternalTokenName() throws EBaseException;
 
     /**
-     * Checks to see if the certificate of the given nickname is a
-     * CA certificate.
-     *
+     * Checks to see if the certificate of the given nickname is a CA
+     * certificate.
+     * 
      * @param fullNickname nickname of the certificate to check
      * @return true if it is a CA certificate
      * @exception EBaseException failed to check
@@ -437,33 +438,34 @@ public interface ICryptoSubsystem extends ISubsystem {
     public boolean isCACert(String fullNickname) throws EBaseException;
 
     /**
-     * Adds the specified number of bits of entropy from the system
-	 * entropy generator to the RNG of the default PKCS#11 RNG token.
-     * The default token is set using the modutil command.
-	 * Note that the system entropy generator (usually /dev/random)
-	 * will block until sufficient entropy is collected.
-     *
+     * Adds the specified number of bits of entropy from the system entropy
+     * generator to the RNG of the default PKCS#11 RNG token. The default token
+     * is set using the modutil command. Note that the system entropy generator
+     * (usually /dev/random) will block until sufficient entropy is collected.
+     * 
      * @param bits number of bits of entropy
-     * @exception org.mozilla.jss.util.NotImplementedException If the Crypto device does not support
-     *             adding entropy
-	 * @exception TokenException If there was some other problem with the Crypto device
-	 * @exception IOException If there was a problem reading from the /dev/random
+     * @exception org.mozilla.jss.util.NotImplementedException If the Crypto
+     *                device does not support adding entropy
+     * @exception TokenException If there was some other problem with the Crypto
+     *                device
+     * @exception IOException If there was a problem reading from the
+     *                /dev/random
      */
 
     public void addEntropy(int bits)
-    throws org.mozilla.jss.util.NotImplementedException,
-            IOException,
+            throws org.mozilla.jss.util.NotImplementedException, IOException,
             TokenException;
 
     /**
-     * Signs the certificate template into the given data and returns
-     * a signed certificate.
-     *
+     * Signs the certificate template into the given data and returns a signed
+     * certificate.
+     * 
      * @param data data that contains certificate template
      * @param certType certificate type
      * @param priKey CA signing key
      * @return certificate
      * @exception EBaseException failed to sign certificate template
      */
-    public X509CertImpl getSignedCert(KeyCertData data, String certType, java.security.PrivateKey priKey) throws EBaseException;
+    public X509CertImpl getSignedCert(KeyCertData data, String certType,
+            java.security.PrivateKey priKey) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java b/pki/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java
index 984425a52..fdf067b57 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java
@@ -17,53 +17,51 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import java.security.PublicKey;
 
 import org.mozilla.jss.crypto.PrivateKey;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * An interface represents a encryption unit.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IEncryptionUnit extends IToken {
 
     /**
      * Retrieves the public key in this unit.
-     *
+     * 
      * @return public key
      */
     public PublicKey getPublicKey();
 
     /**
-     * Wraps data. The given key will be wrapped by the
-     * private key in this unit.
-     *
+     * Wraps data. The given key will be wrapped by the private key in this
+     * unit.
+     * 
      * @param priKey private key to be wrapped
-     * @return wrapped data 
+     * @return wrapped data
      * @exception EBaseException failed to wrap
      */
     public byte[] wrap(PrivateKey priKey) throws EBaseException;
 
     /**
-     * Verifies the given key pair. 
-     *  
+     * Verifies the given key pair.
+     * 
      * @param publicKey public key
      * @param privateKey private key
      */
-    public void verify(PublicKey publicKey, PrivateKey privateKey) throws
-            EBaseException;
+    public void verify(PublicKey publicKey, PrivateKey privateKey)
+            throws EBaseException;
 
     /**
-     * Unwraps data. This method rebuilds the private key by
-     * unwrapping the private key data.
-     *
+     * Unwraps data. This method rebuilds the private key by unwrapping the
+     * private key data.
+     * 
      * @param sessionKey session key that unwrap the private key
-     * @param symmAlgOID symmetric algorithm 
+     * @param symmAlgOID symmetric algorithm
      * @param symmAlgParams symmetric algorithm parameters
      * @param privateKey private key data
      * @param pubKey public key
@@ -71,56 +69,54 @@ public interface IEncryptionUnit extends IToken {
      * @exception EBaseException failed to unwrap
      */
     public PrivateKey unwrap(byte sessionKey[], String symmAlgOID,
-        byte symmAlgParams[], byte privateKey[], 
-        PublicKey pubKey)
-        throws EBaseException;
+            byte symmAlgParams[], byte privateKey[], PublicKey pubKey)
+            throws EBaseException;
 
     /**
-     * Unwraps data. This method rebuilds the private key by
-     * unwrapping the private key data.
-     *
+     * Unwraps data. This method rebuilds the private key by unwrapping the
+     * private key data.
+     * 
      * @param privateKey private key data
      * @param pubKey public key object
      * @return private key object
      * @exception EBaseException failed to unwrap
      */
     public PrivateKey unwrap(byte privateKey[], PublicKey pubKey)
-        throws EBaseException;
-	
+            throws EBaseException;
+
     /**
-     * Encrypts the internal private key (private key to the KRA's
-     * internal storage).
-     *
+     * Encrypts the internal private key (private key to the KRA's internal
+     * storage).
+     * 
      * @param rawPrivate user's private key (key to be archived)
      * @return encrypted data
      * @exception EBaseException failed to encrypt
      */
     public byte[] encryptInternalPrivate(byte rawPrivate[])
-        throws EBaseException;
+            throws EBaseException;
 
     /**
-     * Decrypts the internal private key (private key from the KRA's
-     * internal storage).
-     *
-     * @param wrappedPrivateData unwrapped private key data (key to be recovered)
+     * Decrypts the internal private key (private key from the KRA's internal
+     * storage).
+     * 
+     * @param wrappedPrivateData unwrapped private key data (key to be
+     *            recovered)
      * @return raw private key
      * @exception EBaseException failed to decrypt
      */
     public byte[] decryptInternalPrivate(byte wrappedPrivateData[])
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Decrypts the external private key (private key from the end-user).
-     *
+     * 
      * @param sessionKey session key that protects the user private
-     * @param symmAlgOID symmetric algorithm 
+     * @param symmAlgOID symmetric algorithm
      * @param symmAlgParams symmetric algorithm parameters
      * @param privateKey private key data
      * @return private key data
      * @exception EBaseException failed to decrypt
      */
-    public byte[] decryptExternalPrivate(byte sessionKey[], 
-        String symmAlgOID,
-        byte symmAlgParams[], byte privateKey[])
-        throws EBaseException;
+    public byte[] decryptExternalPrivate(byte sessionKey[], String symmAlgOID,
+            byte symmAlgParams[], byte privateKey[]) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/security/ISigningUnit.java b/pki/base/common/src/com/netscape/certsrv/security/ISigningUnit.java
index 664d5c1f8..93b3c8003 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/ISigningUnit.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/ISigningUnit.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import java.security.PublicKey;
 
 import netscape.security.x509.X509CertImpl;
@@ -28,9 +27,8 @@ import org.mozilla.jss.crypto.X509Certificate;
 import com.netscape.certsrv.base.EBaseException;
 
 /**
- * A class represents the signing unit which is
- * capable of signing data.
- *
+ * A class represents the signing unit which is capable of signing data.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ISigningUnit {
@@ -46,11 +44,11 @@ public interface ISigningUnit {
     /**
      * Retrieves the nickname of the signing certificate.
      */
-    public String getNickname(); 
+    public String getNickname();
 
     /**
      * Retrieves the new nickname in the renewal process.
-     *
+     * 
      * @return new nickname
      * @exception EBaseException failed to get new nickname
      */
@@ -58,39 +56,38 @@ public interface ISigningUnit {
 
     /**
      * Sets new nickname of the signing certificate.
-     *
+     * 
      * @param name nickname
      */
     public void setNewNickName(String name);
 
     /**
      * Retrieves the signing certificate.
-     *
+     * 
      * @return signing certificate
      */
     public X509Certificate getCert();
 
     /**
      * Retrieves the signing certificate.
-     *
+     * 
      * @return signing certificate
      */
     public X509CertImpl getCertImpl();
 
     /**
      * Signs the given data in specific algorithm.
-     *
+     * 
      * @param data data to be signed
      * @param algname signing algorithm to be used
      * @return signed data
      * @exception EBaseException failed to sign
      */
-    public byte[] sign(byte[] data, String algname)
-        throws EBaseException;
-	
+    public byte[] sign(byte[] data, String algname) throws EBaseException;
+
     /**
      * Verifies the signed data.
-     *
+     * 
      * @param data signed data
      * @param signature signature
      * @param algname signing algorithm
@@ -98,18 +95,18 @@ public interface ISigningUnit {
      * @exception EBaseException failed to verify
      */
     public boolean verify(byte[] data, byte[] signature, String algname)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves the default algorithm.
-     *
+     * 
      * @return default signing algorithm
      */
     public SignatureAlgorithm getDefaultSignatureAlgorithm();
 
     /**
      * Retrieves the default algorithm name.
-     *
+     * 
      * @return default signing algorithm name
      */
     public String getDefaultAlgorithm();
@@ -124,15 +121,15 @@ public interface ISigningUnit {
 
     /**
      * Retrieves all supported signing algorithm of this unit.
-     *
+     * 
      * @return a list of signing algorithms
      * @exception EBaseException failed to list
-     */ 
+     */
     public String[] getAllAlgorithms() throws EBaseException;
 
     /**
      * Retrieves the token name of this unit.
-     *
+     * 
      * @return token name
      * @exception EBaseException failed to retrieve name
      */
@@ -140,7 +137,7 @@ public interface ISigningUnit {
 
     /**
      * Updates new nickname and tokename in the configuration file.
-     *
+     * 
      * @param nickname new nickname
      * @param tokenname new tokenname
      */
@@ -148,19 +145,18 @@ public interface ISigningUnit {
 
     /**
      * Checks if the given algorithm name is supported.
-     *
+     * 
      * @param algname algorithm name
      * @return signing algorithm
      * @exception EBaseException failed to check signing algorithm
      */
     public SignatureAlgorithm checkSigningAlgorithmFromName(String algname)
-        throws EBaseException;
+            throws EBaseException;
 
     /**
      * Retrieves the public key associated in this unit.
-     *
+     * 
      * @return public key
      */
     public PublicKey getPublicKey();
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java b/pki/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java
index 02ebc616b..0c741c71f 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/IStorageKeyUnit.java
@@ -17,33 +17,31 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import java.util.Enumeration;
 
 import org.mozilla.jss.crypto.CryptoToken;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * An interface represents a storage key unit. This storage
- * unit contains a storage key pair that is used for
- * encrypting the user private key for long term storage.
- *
+ * An interface represents a storage key unit. This storage unit contains a
+ * storage key pair that is used for encrypting the user private key for long
+ * term storage.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IStorageKeyUnit extends IEncryptionUnit {
 
     /**
      * Retrieves total number of recovery agents.
-     *
+     * 
      * @return total number of recovery agents
      */
     public int getNoOfAgents() throws EBaseException;
 
     /**
-     * Retrieves number of recovery agents required to
-     * perform recovery operation.
+     * Retrieves number of recovery agents required to perform recovery
+     * operation.
      * 
      * @return required number of recovery agents for recovery operation
      */
@@ -51,33 +49,33 @@ public interface IStorageKeyUnit extends IEncryptionUnit {
 
     /**
      * Sets the numer of required recovery agents
-     *
+     * 
      * @param number number of required agents
      */
     public void setNoOfRequiredAgents(int number);
 
     /**
      * Retrieves a list of agents in this unit.
-     *
+     * 
      * @return a list of string-based agent identifiers
      */
     public Enumeration getAgentIdentifiers();
 
     /**
      * Changes agent password.
-     *
+     * 
      * @param id agent id
      * @param oldpwd old password
      * @param newpwd new password
      * @return true if operation successful
      * @exception EBaseException failed to change password
      */
-    public boolean changeAgentPassword(String id, String oldpwd, 
-        String newpwd) throws EBaseException;
+    public boolean changeAgentPassword(String id, String oldpwd, String newpwd)
+            throws EBaseException;
 
     /**
      * Changes M-N recovery scheme.
-     *
+     * 
      * @param n total number of agents
      * @param m required number of agents for recovery operation
      * @param oldcreds all old credentials
@@ -86,11 +84,11 @@ public interface IStorageKeyUnit extends IEncryptionUnit {
      * @exception EBaseException failed to change schema
      */
     public boolean changeAgentMN(int n, int m, Credential oldcreds[],
-        Credential newcreds[]) throws EBaseException;
-	
+            Credential newcreds[]) throws EBaseException;
+
     /**
      * Logins to this unit.
-     *
+     * 
      * @param ac agent's credentials
      * @exception EBaseException failed to login
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/security/IToken.java b/pki/base/common/src/com/netscape/certsrv/security/IToken.java
index 0b79cfcf3..05aff64f9 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/IToken.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/IToken.java
@@ -17,20 +17,18 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * An interface represents a generic token unit.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IToken {
 
     /**
      * Logins to the token unit.
-     *
+     * 
      * @param pin password to access the token
      * @exception EBaseException failed to login to this token
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java b/pki/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java
index 2edfa12a9..96fa74f41 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/ITransportKeyUnit.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import java.security.PublicKey;
 
 import org.mozilla.jss.crypto.CryptoToken;
@@ -26,27 +25,31 @@ import org.mozilla.jss.crypto.SymmetricKey;
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
- * An interface represents the transport key pair. 
- * This key pair is used to protected EE's private 
- * key in transit.
- *
+ * An interface represents the transport key pair. This key pair is used to
+ * protected EE's private key in transit.
+ * 
  * @version $Revision$, $Date$
  */
 public interface ITransportKeyUnit extends IEncryptionUnit {
 
     /**
      * Retrieves public key.
-     *
+     * 
      * @return certificate
      */
     public org.mozilla.jss.crypto.X509Certificate getCertificate();
+
     public SymmetricKey unwrap_sym(byte encSymmKey[]);
+
     public SymmetricKey unwrap_encrypt_sym(byte encSymmKey[]);
-    public PrivateKey unwrap_temp(byte wrappedKeyData[], PublicKey
-	  pubKey) throws EBaseException;
+
+    public PrivateKey unwrap_temp(byte wrappedKeyData[], PublicKey pubKey)
+            throws EBaseException;
+
     public CryptoToken getToken();
-    public String getSigningAlgorithm() throws EBaseException; 
-    public void setSigningAlgorithm(String str) throws EBaseException; 
+
+    public String getSigningAlgorithm() throws EBaseException;
+
+    public void setSigningAlgorithm(String str) throws EBaseException;
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/security/KeyCertData.java b/pki/base/common/src/com/netscape/certsrv/security/KeyCertData.java
index 484e5e73b..18cc98be9 100644
--- a/pki/base/common/src/com/netscape/certsrv/security/KeyCertData.java
+++ b/pki/base/common/src/com/netscape/certsrv/security/KeyCertData.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.security;
 
-
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.util.Properties;
@@ -32,8 +31,7 @@ import com.netscape.certsrv.common.ConfigConstants;
 import com.netscape.certsrv.common.Constants;
 
 /**
- * This class represents a container for storaging
- * data in the security package.
+ * This class represents a container for storaging data in the security package.
  * 
  * @version $Revision$, $Date$
  */
@@ -53,7 +51,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves the key pair from this container.
-     *
+     * 
      * @return key pair
      */
     public KeyPair getKeyPair() {
@@ -62,7 +60,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key pair into this container.
-     *
+     * 
      * @param keypair key pair
      */
     public void setKeyPair(KeyPair keypair) {
@@ -71,7 +69,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves the issuer name from this container.
-     *
+     * 
      * @return issuer name
      */
     public String getIssuerName() {
@@ -80,7 +78,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets the issuer name in this container.
-     *
+     * 
      * @param name issuer name
      */
     public void setIssuerName(String name) {
@@ -89,7 +87,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves certificate server instance name.
-     *
+     * 
      * @return instance name
      */
     public String getCertInstanceName() {
@@ -98,7 +96,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets certificate server instance name.
-     *
+     * 
      * @param name instance name
      */
     public void setCertInstanceName(String name) {
@@ -107,16 +105,16 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves certificate nickname.
-     *
+     * 
      * @return certificate nickname
      */
     public String getCertNickname() {
         return (String) get(Constants.PR_NICKNAME);
     }
-    
+
     /**
      * Sets certificate nickname.
-     *
+     * 
      * @param nickname certificate nickname
      */
     public void setCertNickname(String nickname) {
@@ -125,7 +123,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key length.
-     *
+     * 
      * @return key length
      */
     public String getKeyLength() {
@@ -134,7 +132,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key length.
-     *
+     * 
      * @param len key length
      */
     public void setKeyLength(String len) {
@@ -143,7 +141,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key type.
-     *
+     * 
      * @return key type
      */
     public String getKeyType() {
@@ -152,7 +150,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key type.
-     *
+     * 
      * @param type key type
      */
     public void setKeyType(String type) {
@@ -161,7 +159,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key curve name.
-     *
+     * 
      * @return key curve name
      */
     public String getKeyCurveName() {
@@ -170,7 +168,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key curvename.
-     *
+     * 
      * @param len key curvename
      */
     public void setKeyCurveName(String len) {
@@ -179,7 +177,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves signature algorithm.
-     *
+     * 
      * @return signature algorithm
      */
     public SignatureAlgorithm getSignatureAlgorithm() {
@@ -188,7 +186,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets signature algorithm
-     *
+     * 
      * @param alg signature algorithm
      */
     public void setSignatureAlgorithm(SignatureAlgorithm alg) {
@@ -197,7 +195,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves algorithm used to sign the root CA Cert.
-     *
+     * 
      * @return signature algorithm
      */
     public String getSignedBy() {
@@ -206,7 +204,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets signature algorithm used to sign root CA cert
-     *
+     * 
      * @param alg signature algorithm
      */
     public void setSignedBy(String alg) {
@@ -215,7 +213,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves signature algorithm.
-     *
+     * 
      * @return signature algorithm
      */
     public AlgorithmId getAlgorithmId() {
@@ -224,7 +222,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets algorithm identifier
-     *
+     * 
      * @param id signature algorithm
      */
     public void setAlgorithmId(AlgorithmId id) {
@@ -233,7 +231,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves serial number.
-     *
+     * 
      * @return serial number
      */
     public BigInteger getSerialNumber() {
@@ -242,7 +240,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets serial number.
-     *
+     * 
      * @param num serial number
      */
     public void setSerialNumber(BigInteger num) {
@@ -251,16 +249,16 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves configuration file.
-     *
+     * 
      * @return configuration file
      */
     public IConfigStore getConfigFile() {
-        return (IConfigStore)(get("cmsFile"));
+        return (IConfigStore) (get("cmsFile"));
     }
 
     /**
      * Sets configuration file.
-     *
+     * 
      * @param file configuration file
      */
     public void setConfigFile(IConfigStore file) {
@@ -269,7 +267,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves begining year of validity.
-     *
+     * 
      * @return begining year
      */
     public String getBeginYear() {
@@ -278,7 +276,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets begining year of validity.
-     *
+     * 
      * @param year begining year
      */
     public void setBeginYear(String year) {
@@ -287,7 +285,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending year of validity.
-     *
+     * 
      * @return ending year
      */
     public String getAfterYear() {
@@ -296,7 +294,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending year of validity.
-     *
+     * 
      * @param year ending year
      */
     public void setAfterYear(String year) {
@@ -305,7 +303,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves begining month of validity.
-     *
+     * 
      * @return begining month
      */
     public String getBeginMonth() {
@@ -314,7 +312,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets begining month of validity.
-     *
+     * 
      * @param month begining month
      */
     public void setBeginMonth(String month) {
@@ -323,7 +321,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending month of validity.
-     *
+     * 
      * @return ending month
      */
     public String getAfterMonth() {
@@ -332,7 +330,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending month of validity.
-     *
+     * 
      * @param month ending month
      */
     public void setAfterMonth(String month) {
@@ -341,7 +339,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves begining date of validity.
-     *
+     * 
      * @return begining date
      */
     public String getBeginDate() {
@@ -350,7 +348,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets begining date of validity.
-     *
+     * 
      * @param date begining date
      */
     public void setBeginDate(String date) {
@@ -359,7 +357,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending date of validity.
-     *
+     * 
      * @return ending date
      */
     public String getAfterDate() {
@@ -368,7 +366,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending date of validity.
-     *
+     * 
      * @param date ending date
      */
     public void setAfterDate(String date) {
@@ -377,7 +375,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves starting hour of validity.
-     *
+     * 
      * @return starting hour
      */
     public String getBeginHour() {
@@ -386,7 +384,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets starting hour of validity.
-     *
+     * 
      * @param hour starting hour
      */
     public void setBeginHour(String hour) {
@@ -395,7 +393,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending hour of validity.
-     *
+     * 
      * @return ending hour
      */
     public String getAfterHour() {
@@ -404,7 +402,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending hour of validity.
-     *
+     * 
      * @param hour ending hour
      */
     public void setAfterHour(String hour) {
@@ -413,16 +411,16 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves starting minute of validity.
-     *
+     * 
      * @return starting minute
      */
     public String getBeginMin() {
         return (String) get(Constants.PR_BEGIN_MIN);
     }
-  
+
     /**
      * Sets starting minute of validity.
-     *
+     * 
      * @param min starting minute
      */
     public void setBeginMin(String min) {
@@ -431,7 +429,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending minute of validity.
-     *
+     * 
      * @return ending minute
      */
     public String getAfterMin() {
@@ -440,7 +438,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending minute of validity.
-     *
+     * 
      * @param min ending minute
      */
     public void setAfterMin(String min) {
@@ -449,7 +447,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves starting second of validity.
-     *
+     * 
      * @return starting second
      */
     public String getBeginSec() {
@@ -458,7 +456,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets starting second of validity.
-     *
+     * 
      * @param sec starting second
      */
     public void setBeginSec(String sec) {
@@ -467,7 +465,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves ending second of validity.
-     *
+     * 
      * @return ending second
      */
     public String getAfterSec() {
@@ -476,7 +474,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets ending second of validity.
-     *
+     * 
      * @param sec ending second
      */
     public void setAfterSec(String sec) {
@@ -485,7 +483,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves CA key pair
-     *
+     * 
      * @return CA key pair
      */
     public KeyPair getCAKeyPair() {
@@ -494,7 +492,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets CA key pair
-     *
+     * 
      * @param keypair key pair
      */
     public void setCAKeyPair(KeyPair keypair) {
@@ -503,7 +501,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves extensions
-     *
+     * 
      * @return extensions
      */
     public String getDerExtension() {
@@ -512,7 +510,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets extensions
-     *
+     * 
      * @param ext extensions
      */
     public void setDerExtension(String ext) {
@@ -521,7 +519,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves isCA
-     *
+     * 
      * @return "true" if it is CA
      */
     public String isCA() {
@@ -530,7 +528,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets isCA
-     *
+     * 
      * @param ext "true" if it is CA
      */
     public void setCA(String ext) {
@@ -539,7 +537,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key length
-     *
+     * 
      * @return certificate's key length
      */
     public String getCertLen() {
@@ -548,7 +546,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets key length
-     *
+     * 
      * @param len certificate's key length
      */
     public void setCertLen(String len) {
@@ -557,7 +555,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Client bit
-     *
+     * 
      * @return SSL Client bit
      */
     public String getSSLClientBit() {
@@ -566,7 +564,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Client bit
-     *
+     * 
      * @param sslClientBit SSL Client bit
      */
     public void setSSLClientBit(String sslClientBit) {
@@ -575,7 +573,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Server bit
-     *
+     * 
      * @return SSL Server bit
      */
     public String getSSLServerBit() {
@@ -584,7 +582,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Server bit
-     *
+     * 
      * @param sslServerBit SSL Server bit
      */
     public void setSSLServerBit(String sslServerBit) {
@@ -593,7 +591,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Mail bit
-     *
+     * 
      * @return SSL Mail bit
      */
     public String getSSLMailBit() {
@@ -602,7 +600,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Mail bit
-     *
+     * 
      * @param sslMailBit SSL Mail bit
      */
     public void setSSLMailBit(String sslMailBit) {
@@ -611,7 +609,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL CA bit
-     *
+     * 
      * @return SSL CA bit
      */
     public String getSSLCABit() {
@@ -620,7 +618,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL CA bit
-     *
+     * 
      * @param cabit SSL CA bit
      */
     public void setSSLCABit(String cabit) {
@@ -629,16 +627,16 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Signing bit
-     *
+     * 
      * @return SSL Signing bit
      */
     public String getObjectSigningBit() {
         return (String) get(Constants.PR_OBJECT_SIGNING_BIT);
     }
 
-    /** 
+    /**
      * Retrieves Time Stamping bit
-     *
+     * 
      * @return Time Stamping bit
      */
     public String getTimeStampingBit() {
@@ -647,7 +645,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Signing bit
-     *
+     * 
      * @param objectSigningBit SSL Signing bit
      */
     public void setObjectSigningBit(String objectSigningBit) {
@@ -656,7 +654,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Mail CA bit
-     *
+     * 
      * @return SSL Mail CA bit
      */
     public String getMailCABit() {
@@ -665,7 +663,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Mail CA bit
-     *
+     * 
      * @param mailCABit SSL Mail CA bit
      */
     public void setMailCABit(String mailCABit) {
@@ -674,7 +672,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves SSL Object Signing bit
-     *
+     * 
      * @return SSL Object Signing bit
      */
     public String getObjectSigningCABit() {
@@ -683,7 +681,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets SSL Object Signing bit
-     *
+     * 
      * @param bit SSL Object Signing bit
      */
     public void setObjectSigningCABit(String bit) {
@@ -692,7 +690,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves OCSP Signing flag
-     *
+     * 
      * @return OCSP Signing flag
      */
     public String getOCSPSigning() {
@@ -701,7 +699,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets OCSP Signing flag
-     *
+     * 
      * @param aki OCSP Signing flag
      */
     public void setOCSPSigning(String aki) {
@@ -710,7 +708,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves OCSP No Check flag
-     *
+     * 
      * @return OCSP No Check flag
      */
     public String getOCSPNoCheck() {
@@ -719,7 +717,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets OCSP No Check flag
-     *
+     * 
      * @param noCheck OCSP No Check flag
      */
     public void setOCSPNoCheck(String noCheck) {
@@ -728,7 +726,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Authority Information Access flag
-     *
+     * 
      * @return Authority Information Access flag
      */
     public String getAIA() {
@@ -737,7 +735,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets Authority Information Access flag
-     *
+     * 
      * @param aia Authority Information Access flag
      */
     public void setAIA(String aia) {
@@ -746,7 +744,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Authority Key Identifier flag
-     *
+     * 
      * @return Authority Key Identifier flag
      */
     public String getAKI() {
@@ -755,7 +753,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets Authority Key Identifier flag
-     *
+     * 
      * @param aki Authority Key Identifier flag
      */
     public void setAKI(String aki) {
@@ -764,7 +762,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves Subject Key Identifier flag
-     *
+     * 
      * @return Subject Key Identifier flag
      */
     public String getSKI() {
@@ -773,7 +771,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets Subject Key Identifier flag
-     *
+     * 
      * @param ski Subject Key Identifier flag
      */
     public void setSKI(String ski) {
@@ -782,7 +780,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves key usage extension
-     *
+     * 
      * @return true if key usage extension set
      */
     public boolean getKeyUsageExtension() {
@@ -795,7 +793,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Sets CA extensions
-     *
+     * 
      * @param ext CA extensions
      */
     public void setCAExtensions(CertificateExtensions ext) {
@@ -804,7 +802,7 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves CA extensions
-     *
+     * 
      * @return CA extensions
      */
     public CertificateExtensions getCAExtensions() {
@@ -813,11 +811,10 @@ public class KeyCertData extends Properties {
 
     /**
      * Retrieves hash type
-     *
+     * 
      * @return hash type
      */
     public String getHashType() {
         return (String) get(ConfigConstants.PR_HASH_TYPE);
     }
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java b/pki/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java
index d0f6b4c32..dde3d64e6 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/EDuplicateSelfTestException.java
@@ -20,38 +20,32 @@
 
 package com.netscape.certsrv.selftests;
 
-
 ///////////////////////
 // import statements //
 ///////////////////////
 
-
-
 //////////////////////
 // class definition //
 //////////////////////
 
 /**
  * This class implements a duplicate self test exception.
- * EDuplicateSelfTestExceptions are derived from ESelfTestExceptions
- * in order to allow users to easily do self tests without try-catch clauses.
- *
+ * EDuplicateSelfTestExceptions are derived from ESelfTestExceptions in order to
+ * allow users to easily do self tests without try-catch clauses.
+ * 
  * EDuplicateSelfTestExceptions should be caught by SelfTestSubsystem managers.
  * <P>
  * 
  * @version $Revision$, $Date$
  */
-public class EDuplicateSelfTestException
-    extends ESelfTestException {
-    ////////////////////////
+public class EDuplicateSelfTestException extends ESelfTestException {
+    // //////////////////////
     // default parameters //
-    ////////////////////////
-
-
+    // //////////////////////
 
-    ///////////////////////
+    // /////////////////////
     // helper parameters //
-    ///////////////////////
+    // /////////////////////
 
     /**
      *
@@ -62,32 +56,27 @@ public class EDuplicateSelfTestException
     private String mInstanceParameter = null;
     private String mInstanceValue = null;
 
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
     // EDuplicateSelfTestException parameters //
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
 
-
-
-    ///////////////////////////////////////////////
+    // /////////////////////////////////////////////
     // ESelfTestException parameters (inherited) //
-    ///////////////////////////////////////////////
-
+    // /////////////////////////////////////////////
 
-
-    /////////////////////
+    // ///////////////////
     // default methods //
-    /////////////////////
+    // ///////////////////
 
     /**
      * Constructs a "duplicate" self test exception.
      * <P>
-     *
+     * 
      * @param instanceName duplicate "instanceName" exception details
      */
     public EDuplicateSelfTestException(String instanceName) {
-        super("The self test plugin property named "
-            + instanceName
-            + " already exists.");
+        super("The self test plugin property named " + instanceName
+                + " already exists.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -100,20 +89,17 @@ public class EDuplicateSelfTestException
     }
 
     /**
-     * Constructs a "duplicate" self test exception where the value is always
-     * a duplicate from a name/value pair
+     * Constructs a "duplicate" self test exception where the value is always a
+     * duplicate from a name/value pair
      * <P>
-     *
+     * 
      * @param instanceName duplicate "instanceName" exception details
      * @param instanceValue duplicate "instanceValue" exception details
      */
-    public EDuplicateSelfTestException(String instanceName,
-        String instanceValue) {
-        super("The self test plugin property named "
-            + instanceName
-            + " contains a value of "
-            + instanceValue
-            + " which already exists.");
+    public EDuplicateSelfTestException(String instanceName, String instanceValue) {
+        super("The self test plugin property named " + instanceName
+                + " contains a value of " + instanceValue
+                + " which already exists.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -134,18 +120,16 @@ public class EDuplicateSelfTestException
      * duplicate from a substore.parameter/value pair; (the value passed in may
      * be null).
      * <P>
-     *
+     * 
      * @param instanceStore duplicate "instanceStore" exception details
      * @param instanceParameter duplicate "instanceParameter" exception details
-     * @param instanceValue duplicate "instanceValue" exception details
-     * (may be null)
+     * @param instanceValue duplicate "instanceValue" exception details (may be
+     *            null)
      */
     public EDuplicateSelfTestException(String instanceStore,
-        String instanceParameter,
-        String instanceValue) {
-        super("The self test plugin property named "
-            + instanceStore + "." + instanceParameter
-            + " is a duplicate.");
+            String instanceParameter, String instanceValue) {
+        super("The self test plugin property named " + instanceStore + "."
+                + instanceParameter + " is a duplicate.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -165,14 +149,14 @@ public class EDuplicateSelfTestException
         mInstanceValue = instanceValue;
     }
 
-    ////////////////////
+    // //////////////////
     // helper methods //
-    ////////////////////
+    // //////////////////
 
     /**
      * Returns the instance name associated with this self test.
      * <P>
-     *
+     * 
      * @return name portion of the name/value pair
      */
     public String getInstanceName() {
@@ -182,7 +166,7 @@ public class EDuplicateSelfTestException
     /**
      * Returns the store associated with this self test.
      * <P>
-     *
+     * 
      * @return substore portion of the substore.parameter/value pair
      */
     public String getInstanceStore() {
@@ -192,7 +176,7 @@ public class EDuplicateSelfTestException
     /**
      * Returns the parameter associated with this self test.
      * <P>
-     *
+     * 
      * @return parameter portion of the substore.parameter/value pair
      */
     public String getInstanceParameter() {
@@ -202,27 +186,25 @@ public class EDuplicateSelfTestException
     /**
      * Returns the value associated with this self test.
      * <P>
-     *
+     * 
      * @return value portion of the name/value pair
      */
     public String getInstanceValue() {
         return mInstanceValue;
     }
 
-    /////////////////////////////////////////
+    // ///////////////////////////////////////
     // EDuplicateSelfTestException methods //
-    /////////////////////////////////////////
-
-
+    // ///////////////////////////////////////
 
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
     // ESelfTestException methods (inherited) //
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
 
-    /* Note that all of the following ESelfTestException methods
-     * are inherited from the ESelfTestException class:
-     *
+    /*
+     * Note that all of the following ESelfTestException methods are inherited
+     * from the ESelfTestException class:
+     * 
      * public ESelfTestException( String msg );
      */
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java b/pki/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java
index 119076954..27457f09e 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/EInvalidSelfTestException.java
@@ -20,38 +20,32 @@
 
 package com.netscape.certsrv.selftests;
 
-
 ///////////////////////
 // import statements //
 ///////////////////////
 
-
-
 //////////////////////
 // class definition //
 //////////////////////
 
 /**
  * This class implements an invalid self test exception.
- * EInvalidSelfTestExceptions are derived from ESelfTestExceptions
- * in order to allow users to easily do self tests without try-catch clauses.
- *
+ * EInvalidSelfTestExceptions are derived from ESelfTestExceptions in order to
+ * allow users to easily do self tests without try-catch clauses.
+ * 
  * EInvalidSelfTestExceptions should be caught by SelfTestSubsystem managers.
  * <P>
  * 
  * @version $Revision$, $Date$
  */
-public class EInvalidSelfTestException
-    extends ESelfTestException {
-    ////////////////////////
+public class EInvalidSelfTestException extends ESelfTestException {
+    // //////////////////////
     // default parameters //
-    ////////////////////////
-
-
+    // //////////////////////
 
-    ///////////////////////
+    // /////////////////////
     // helper parameters //
-    ///////////////////////
+    // /////////////////////
 
     /**
      *
@@ -62,32 +56,26 @@ public class EInvalidSelfTestException
     private String mInstanceParameter = null;
     private String mInstanceValue = null;
 
-    //////////////////////////////////////////
+    // ////////////////////////////////////////
     // EInvalidSelfTestException parameters //
-    //////////////////////////////////////////
+    // ////////////////////////////////////////
 
-
-
-    ///////////////////////////////////////////////
+    // /////////////////////////////////////////////
     // ESelfTestException parameters (inherited) //
-    ///////////////////////////////////////////////
-
+    // /////////////////////////////////////////////
 
-
-    /////////////////////
+    // ///////////////////
     // default methods //
-    /////////////////////
+    // ///////////////////
 
     /**
      * Constructs an "invalid" self test exception.
      * <P>
-     *
+     * 
      * @param instanceName invalid "instanceName" exception details
      */
     public EInvalidSelfTestException(String instanceName) {
-        super("The self test plugin named "
-            + instanceName
-            + " is invalid.");
+        super("The self test plugin named " + instanceName + " is invalid.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -103,17 +91,13 @@ public class EInvalidSelfTestException
      * Constructs a "invalid" self test exception where the value is always
      * invalid from a name/value pair
      * <P>
-     *
+     * 
      * @param instanceName invalid "instanceName" exception details
      * @param instanceValue invalid "instanceValue" exception details
      */
-    public EInvalidSelfTestException(String instanceName,
-        String instanceValue) {
-        super("The self test plugin named "
-            + instanceName
-            + " contains a value "
-            + instanceValue
-            + " which is invalid.");
+    public EInvalidSelfTestException(String instanceName, String instanceValue) {
+        super("The self test plugin named " + instanceName
+                + " contains a value " + instanceValue + " which is invalid.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -131,21 +115,19 @@ public class EInvalidSelfTestException
 
     /**
      * Constructs an "invalid" self test exception where the parameter is always
-     * invalid from a substore.parameter/value pair; (the value passed in may
-     * be null).
+     * invalid from a substore.parameter/value pair; (the value passed in may be
+     * null).
      * <P>
-     *
+     * 
      * @param instanceStore invalid "instanceStore" exception details
      * @param instanceParameter invalid "instanceParameter" exception details
-     * @param instanceValue invalid "instanceValue" exception details
-     * (may be null)
+     * @param instanceValue invalid "instanceValue" exception details (may be
+     *            null)
      */
     public EInvalidSelfTestException(String instanceStore,
-        String instanceParameter,
-        String instanceValue) {
-        super("The self test plugin parameter named "
-            + instanceStore + "." + instanceParameter
-            + " is invalid.");
+            String instanceParameter, String instanceValue) {
+        super("The self test plugin parameter named " + instanceStore + "."
+                + instanceParameter + " is invalid.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -165,14 +147,14 @@ public class EInvalidSelfTestException
         mInstanceValue = instanceValue;
     }
 
-    ////////////////////
+    // //////////////////
     // helper methods //
-    ////////////////////
+    // //////////////////
 
     /**
      * Returns the instance name associated with this self test.
      * <P>
-     *
+     * 
      * @return name portion of the name/value pair
      */
     public String getInstanceName() {
@@ -182,7 +164,7 @@ public class EInvalidSelfTestException
     /**
      * Returns the store associated with this self test.
      * <P>
-     *
+     * 
      * @return substore portion of the substore.parameter/value pair
      */
     public String getInstanceStore() {
@@ -192,7 +174,7 @@ public class EInvalidSelfTestException
     /**
      * Returns the parameter associated with this self test.
      * <P>
-     *
+     * 
      * @return parameter portion of the substore.parameter/value pair
      */
     public String getInstanceParameter() {
@@ -202,27 +184,25 @@ public class EInvalidSelfTestException
     /**
      * Returns the value associated with this self test.
      * <P>
-     *
+     * 
      * @return value portion of the name/value pair
      */
     public String getInstanceValue() {
         return mInstanceValue;
     }
 
-    ///////////////////////////////////////
+    // /////////////////////////////////////
     // EInvalidSelfTestException methods //
-    ///////////////////////////////////////
-
-
+    // /////////////////////////////////////
 
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
     // ESelfTestException methods (inherited) //
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
 
-    /* Note that all of the following ESelfTestException methods
-     * are inherited from the ESelfTestException class:
-     *
+    /*
+     * Note that all of the following ESelfTestException methods are inherited
+     * from the ESelfTestException class:
+     * 
      * public ESelfTestException( String msg );
      */
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java b/pki/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java
index 88fa14cb0..0dc8ef233 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/EMissingSelfTestException.java
@@ -20,38 +20,32 @@
 
 package com.netscape.certsrv.selftests;
 
-
 ///////////////////////
 // import statements //
 ///////////////////////
 
-
-
 //////////////////////
 // class definition //
 //////////////////////
 
 /**
  * This class implements a missing self test exception.
- * EMissingSelfTestExceptions are derived from ESelfTestExceptions
- * in order to allow users to easily do self tests without try-catch clauses.
- *
+ * EMissingSelfTestExceptions are derived from ESelfTestExceptions in order to
+ * allow users to easily do self tests without try-catch clauses.
+ * 
  * EMissingSelfTestExceptions should be caught by SelfTestSubsystem managers.
  * <P>
  * 
  * @version $Revision$, $Date$
  */
-public class EMissingSelfTestException
-    extends ESelfTestException {
-    ////////////////////////
+public class EMissingSelfTestException extends ESelfTestException {
+    // //////////////////////
     // default parameters //
-    ////////////////////////
-
-
+    // //////////////////////
 
-    ///////////////////////
+    // /////////////////////
     // helper parameters //
-    ///////////////////////
+    // /////////////////////
 
     /**
      *
@@ -62,26 +56,22 @@ public class EMissingSelfTestException
     private String mInstanceParameter = null;
     private String mInstanceValue = null;
 
-    //////////////////////////////////////////
+    // ////////////////////////////////////////
     // EMissingSelfTestException parameters //
-    //////////////////////////////////////////
+    // ////////////////////////////////////////
 
-
-
-    ///////////////////////////////////////////////
+    // /////////////////////////////////////////////
     // ESelfTestException parameters (inherited) //
-    ///////////////////////////////////////////////
-
+    // /////////////////////////////////////////////
 
-
-    /////////////////////
+    // ///////////////////
     // default methods //
-    /////////////////////
+    // ///////////////////
 
     /**
      * Constructs a "missing" self test exception where the name is null
      * <P>
-     *
+     * 
      */
     public EMissingSelfTestException() {
         super("The self test plugin property name is null.");
@@ -91,13 +81,12 @@ public class EMissingSelfTestException
      * Constructs a "missing" self test exception where the name is always
      * missing from a name/value pair.
      * <P>
-     *
+     * 
      * @param instanceName missing "instanceName" exception details
      */
     public EMissingSelfTestException(String instanceName) {
-        super("The self test plugin property named "
-            + instanceName
-            + " does not exist.");
+        super("The self test plugin property named " + instanceName
+                + " does not exist.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -113,16 +102,14 @@ public class EMissingSelfTestException
      * Constructs a "missing" self test exception where the value is always
      * missing from a name/value pair; (the value passed in is always null).
      * <P>
-     *
+     * 
      * @param instanceName missing "instanceName" exception details
-     * @param instanceValue missing "instanceValue" exception details
-     * (always null)
+     * @param instanceValue missing "instanceValue" exception details (always
+     *            null)
      */
-    public EMissingSelfTestException(String instanceName,
-        String instanceValue) {
-        super("The self test plugin property named "
-            + instanceName
-            + " contains no values.");
+    public EMissingSelfTestException(String instanceName, String instanceValue) {
+        super("The self test plugin property named " + instanceName
+                + " contains no values.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -140,21 +127,19 @@ public class EMissingSelfTestException
 
     /**
      * Constructs a "missing" self test exception where the parameter is always
-     * missing from a substore.parameter/value pair; (the value passed in may
-     * be null).
+     * missing from a substore.parameter/value pair; (the value passed in may be
+     * null).
      * <P>
-     *
+     * 
      * @param instanceStore missing "instanceStore" exception details
      * @param instanceParameter missing "instanceParameter" exception details
-     * @param instanceValue missing "instanceValue" exception details
-     * (may be null)
+     * @param instanceValue missing "instanceValue" exception details (may be
+     *            null)
      */
     public EMissingSelfTestException(String instanceStore,
-        String instanceParameter,
-        String instanceValue) {
-        super("The self test plugin property named "
-            + instanceStore + "." + instanceParameter
-            + " is missing.");
+            String instanceParameter, String instanceValue) {
+        super("The self test plugin property named " + instanceStore + "."
+                + instanceParameter + " is missing.");
 
         // strip preceding/trailing whitespace
         // from passed-in String parameters
@@ -174,14 +159,14 @@ public class EMissingSelfTestException
         mInstanceValue = instanceValue;
     }
 
-    ////////////////////
+    // //////////////////
     // helper methods //
-    ////////////////////
+    // //////////////////
 
     /**
      * Returns the instance name associated with this self test.
      * <P>
-     *
+     * 
      * @return name portion of the name/value pair
      */
     public String getInstanceName() {
@@ -191,7 +176,7 @@ public class EMissingSelfTestException
     /**
      * Returns the store associated with this self test.
      * <P>
-     *
+     * 
      * @return substore portion of the substore.parameter/value pair
      */
     public String getInstanceStore() {
@@ -201,7 +186,7 @@ public class EMissingSelfTestException
     /**
      * Returns the parameter associated with this self test.
      * <P>
-     *
+     * 
      * @return parameter portion of the substore.parameter/value pair
      */
     public String getInstanceParameter() {
@@ -211,27 +196,25 @@ public class EMissingSelfTestException
     /**
      * Returns the value associated with this self test.
      * <P>
-     *
+     * 
      * @return value portion of the name/value pair
      */
     public String getInstanceValue() {
         return mInstanceValue;
     }
 
-    ///////////////////////////////////////
+    // /////////////////////////////////////
     // EMissingSelfTestException methods //
-    ///////////////////////////////////////
-
-
+    // /////////////////////////////////////
 
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
     // ESelfTestException methods (inherited) //
-    ////////////////////////////////////////////
+    // //////////////////////////////////////////
 
-    /* Note that all of the following ESelfTestException methods
-     * are inherited from the ESelfTestException class:
-     *
+    /*
+     * Note that all of the following ESelfTestException methods are inherited
+     * from the ESelfTestException class:
+     * 
      * public ESelfTestException( String msg );
      */
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java b/pki/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java
index e465517c7..273f561a7 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/ESelfTestException.java
@@ -20,108 +20,101 @@
 
 package com.netscape.certsrv.selftests;
 
-
 ///////////////////////
 // import statements //
 ///////////////////////
 
 import com.netscape.certsrv.base.EBaseException;
 
-
 //////////////////////
 // class definition //
 //////////////////////
 
 /**
- * This class implements a self test exception. ESelfTestExceptions
- * are derived from EBaseExceptions in order to allow users
- * to easily do self tests without try-catch clauses.
- *
+ * This class implements a self test exception. ESelfTestExceptions are derived
+ * from EBaseExceptions in order to allow users to easily do self tests without
+ * try-catch clauses.
+ * 
  * ESelfTestExceptions should be caught by SelfTestSubsystem managers.
  * <P>
  * 
  * @version $Revision$, $Date$
  */
-public class ESelfTestException
-    extends EBaseException {
-    ////////////////////////
+public class ESelfTestException extends EBaseException {
+    // //////////////////////
     // default parameters //
-    ////////////////////////
-
-
+    // //////////////////////
 
-    ///////////////////////////////////
+    // /////////////////////////////////
     // ESelfTestException parameters //
-    ///////////////////////////////////
+    // /////////////////////////////////
 
     /**
      *
      */
     private static final long serialVersionUID = -8001373369705595891L;
-    private static final String SELFTEST_RESOURCES = SelfTestResources.class.getName();
+    private static final String SELFTEST_RESOURCES = SelfTestResources.class
+            .getName();
 
-
-    ///////////////////////////////////////////
+    // /////////////////////////////////////////
     // EBaseException parameters (inherited) //
-    ///////////////////////////////////////////
+    // /////////////////////////////////////////
 
-    /* Note that all of the following EBaseException parameters
-     * are inherited from the EBaseException class:
-     *
+    /*
+     * Note that all of the following EBaseException parameters are inherited
+     * from the EBaseException class:
+     * 
      * public Object mParams[];
      */
 
-
-
-    /////////////////////
+    // ///////////////////
     // default methods //
-    /////////////////////
+    // ///////////////////
 
     /**
      * Constructs a self test exception.
      * <P>
-     *
+     * 
      * @param msg exception details
      */
     public ESelfTestException(String msg) {
         super(msg);
     }
 
-
-    ////////////////////////////////
+    // //////////////////////////////
     // ESelfTestException methods //
-    ////////////////////////////////
+    // //////////////////////////////
 
     /**
      * Returns the bundle file name.
      * <P>
+     * 
      * @return name of bundle class associated with this exception.
      */
     protected String getBundleName() {
         return SELFTEST_RESOURCES;
     }
 
-
-    ////////////////////////////////////////
+    // //////////////////////////////////////
     // EBaseException methods (inherited) //
-    ////////////////////////////////////////
+    // //////////////////////////////////////
 
-    /* Note that all of the following EBaseException methods
-     * are inherited from the EBaseException class:
-     *
+    /*
+     * Note that all of the following EBaseException methods are inherited from
+     * the EBaseException class:
+     * 
      * public EBaseException( String msgFormat );
-     *
+     * 
      * public EBaseException( String msgFormat, String param );
-     *
+     * 
      * public EBaseException( String msgFormat, Exception param );
-     *
+     * 
      * public EBaseException( String msgFormat, Object params[] );
-     *
+     * 
      * public Object[] getParameters();
-     *
+     * 
      * public String toString();
-     *
+     * 
      * public String toString( Locale locale );
      */
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java b/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java
index f881a285e..875cd8a02 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTest.java
@@ -20,7 +20,6 @@
 
 package com.netscape.certsrv.selftests;
 
-
 ///////////////////////
 // import statements //
 ///////////////////////
@@ -30,7 +29,6 @@ import java.util.Locale;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.logging.ILogEventListener;
 
-
 //////////////////////
 // class definition //
 //////////////////////
@@ -42,86 +40,78 @@ import com.netscape.certsrv.logging.ILogEventListener;
  * @version $Revision$, $Date$
  */
 public interface ISelfTest {
-    ////////////////////////
+    // //////////////////////
     // default parameters //
-    ////////////////////////
-
-
+    // //////////////////////
 
-    //////////////////////////
+    // ////////////////////////
     // ISelfTest parameters //
-    //////////////////////////
+    // ////////////////////////
 
     public static final String PROP_PLUGIN = "plugin";
 
-    /////////////////////
+    // ///////////////////
     // default methods //
-    /////////////////////
+    // ///////////////////
 
-
-
-    ///////////////////////
+    // /////////////////////
     // ISelfTest methods //
-    ///////////////////////
+    // /////////////////////
 
     /**
-     * Initializes this subsystem with the configuration store
-     * associated with this instance name.
+     * Initializes this subsystem with the configuration store associated with
+     * this instance name.
      * <P>
-     *
+     * 
      * @param subsystem the associated subsystem
-     * @param instanceName the name of this self test instance 
+     * @param instanceName the name of this self test instance
      * @param parameters configuration store (self test parameters)
      * @exception EDuplicateSelfTestException subsystem has duplicate name/value
      * @exception EInvalidSelfTestException subsystem has invalid name/value
      * @exception EMissingSelfTestException subsystem has missing name/value
      */
-    public void initSelfTest(ISelfTestSubsystem subsystem,
-        String instanceName,
-        IConfigStore parameters)
-        throws EDuplicateSelfTestException,
-            EInvalidSelfTestException,
-            EMissingSelfTestException;
+    public void initSelfTest(ISelfTestSubsystem subsystem, String instanceName,
+            IConfigStore parameters) throws EDuplicateSelfTestException,
+            EInvalidSelfTestException, EMissingSelfTestException;
 
     /**
      * Notifies this subsystem if it is in execution mode.
      * <P>
-     *
+     * 
      * @exception ESelfTestException failed to start
      */
-    public void startupSelfTest()
-        throws ESelfTestException;
+    public void startupSelfTest() throws ESelfTestException;
 
     /**
-     * Stops this subsystem. The subsystem may call shutdownSelfTest
-     * anytime after initialization.
+     * Stops this subsystem. The subsystem may call shutdownSelfTest anytime
+     * after initialization.
      * <P>
      */
     public void shutdownSelfTest();
 
     /**
-     * Returns the name associated with this self test. This method may
-     * return null if the self test has not been intialized.
+     * Returns the name associated with this self test. This method may return
+     * null if the self test has not been intialized.
      * <P>
-     *
+     * 
      * @return instanceName of this self test
      */
     public String getSelfTestName();
 
     /**
-     * Returns the root configuration storage (self test parameters)
-     * associated with this subsystem.
+     * Returns the root configuration storage (self test parameters) associated
+     * with this subsystem.
      * <P>
-     *
+     * 
      * @return configuration store (self test parameters) of this subsystem
      */
     public IConfigStore getSelfTestConfigStore();
 
     /**
-     * Retrieves description associated with an individual self test.
-     * This method may return null.
+     * Retrieves description associated with an individual self test. This
+     * method may return null.
      * <P>
-     *
+     * 
      * @param locale locale of the client that requests the description
      * @return description of self test
      */
@@ -130,11 +120,9 @@ public interface ISelfTest {
     /**
      * Execute an individual self test.
      * <P>
-     *
+     * 
      * @param logger specifies logging subsystem
      * @exception ESelfTestException self test exception
      */
-    public void runSelfTest(ILogEventListener logger)
-        throws ESelfTestException;
+    public void runSelfTest(ILogEventListener logger) throws ESelfTestException;
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java b/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java
index 3391bdd1d..8ff652df8 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java
@@ -20,7 +20,6 @@
 
 package com.netscape.certsrv.selftests;
 
-
 ///////////////////////
 // import statements //
 ///////////////////////
@@ -28,7 +27,6 @@ package com.netscape.certsrv.selftests;
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.logging.ILogEventListener;
 
-
 //////////////////////
 // class definition //
 //////////////////////
@@ -39,17 +37,14 @@ import com.netscape.certsrv.logging.ILogEventListener;
  * 
  * @version $Revision$, $Date$
  */
-public interface ISelfTestSubsystem
-    extends ISubsystem {
-    ////////////////////////
+public interface ISelfTestSubsystem extends ISubsystem {
+    // //////////////////////
     // default parameters //
-    ////////////////////////
-
+    // //////////////////////
 
-
-    //////////////////////////////////
+    // ////////////////////////////////
     // ISelfTestSubsystem constants //
-    //////////////////////////////////
+    // ////////////////////////////////
 
     public static final String ID = "selftests";
     public static final String PROP_CONTAINER = "container";
@@ -60,21 +55,17 @@ public interface ISelfTestSubsystem
     public static final String PROP_ON_DEMAND = "onDemand";
     public static final String PROP_STARTUP = "startup";
 
-    ///////////////////////////////////////
+    // /////////////////////////////////////
     // ISubsystem parameters (inherited) //
-    ///////////////////////////////////////
-
+    // /////////////////////////////////////
 
-
-    /////////////////////
+    // ///////////////////
     // default methods //
-    /////////////////////
-
+    // ///////////////////
 
-
-    ////////////////////////////////
+    // //////////////////////////////
     // ISelfTestSubsystem methods //
-    ////////////////////////////////
+    // //////////////////////////////
 
     //
     // methods associated with the list of on demand self tests
@@ -84,7 +75,7 @@ public interface ISelfTestSubsystem
      * List the instance names of all the self tests enabled to run on demand
      * (in execution order); may return null.
      * <P>
-     *
+     * 
      * @return list of self test instance names run on demand
      */
     public String[] listSelfTestsEnabledOnDemand();
@@ -92,72 +83,70 @@ public interface ISelfTestSubsystem
     /**
      * Enable the specified self test to be executed on demand.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
-     * @param isCritical isCritical is either a critical failure (true) or
-     * a non-critical failure (false)
+     * @param isCritical isCritical is either a critical failure (true) or a
+     *            non-critical failure (false)
      * @exception EInvalidSelfTestException subsystem has invalid name/value
      * @exception EMissingSelfTestException subsystem has missing name/value
      */
-    //  public void enableSelfTestOnDemand( String instanceName,
-    //                                      boolean isCritical )
-    //  throws EInvalidSelfTestException, EMissingSelfTestException;
-
+    // public void enableSelfTestOnDemand( String instanceName,
+    // boolean isCritical )
+    // throws EInvalidSelfTestException, EMissingSelfTestException;
 
     /**
      * Disable the specified self test from being able to be executed on demand.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
-    //  public void disableSelfTestOnDemand( String instanceName )
-    //  throws EMissingSelfTestException;
-
+    // public void disableSelfTestOnDemand( String instanceName )
+    // throws EMissingSelfTestException;
 
     /**
      * Determine if the specified self test is enabled to be executed on demand.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @return true if the specified self test is enabled on demand
      * @exception EMissingSelfTestException subsystem has missing name
      */
     public boolean isSelfTestEnabledOnDemand(String instanceName)
-        throws EMissingSelfTestException;
+            throws EMissingSelfTestException;
 
     /**
-     * Determine if failure of the specified self test is fatal when 
-     * it is executed on demand.
+     * Determine if failure of the specified self test is fatal when it is
+     * executed on demand.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
-     * @return true if failure of the specified self test is fatal when
-     * it is executed on demand
+     * @return true if failure of the specified self test is fatal when it is
+     *         executed on demand
      * @exception EMissingSelfTestException subsystem has missing name
      */
     public boolean isSelfTestCriticalOnDemand(String instanceName)
-        throws EMissingSelfTestException;
+            throws EMissingSelfTestException;
 
     /**
      * Execute all self tests specified to be run on demand.
      * <P>
-     *
+     * 
      * @exception EMissingSelfTestException subsystem has missing name
      * @exception ESelfTestException self test exception
      */
-    public void runSelfTestsOnDemand()
-        throws EMissingSelfTestException, ESelfTestException;
+    public void runSelfTestsOnDemand() throws EMissingSelfTestException,
+            ESelfTestException;
 
     //
     // methods associated with the list of startup self tests
     //
 
     /**
-     * List the instance names of all the self tests enabled to run
-     * at server startup (in execution order); may return null.
+     * List the instance names of all the self tests enabled to run at server
+     * startup (in execution order); may return null.
      * <P>
-     *
+     * 
      * @return list of self test instance names run at server startup
      */
     public String[] listSelfTestsEnabledAtStartup();
@@ -165,73 +154,71 @@ public interface ISelfTestSubsystem
     /**
      * Enable the specified self test at server startup.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
-     * @param isCritical isCritical is either a critical failure (true) or
-     * a non-critical failure (false)
+     * @param isCritical isCritical is either a critical failure (true) or a
+     *            non-critical failure (false)
      * @exception EInvalidSelfTestException subsystem has invalid name/value
      * @exception EMissingSelfTestException subsystem has missing name/value
      */
-    //  public void enableSelfTestAtStartup( String instanceName,
-    //                                       boolean isCritical )
-    //  throws EInvalidSelfTestException, EMissingSelfTestException;
-
+    // public void enableSelfTestAtStartup( String instanceName,
+    // boolean isCritical )
+    // throws EInvalidSelfTestException, EMissingSelfTestException;
 
     /**
      * Disable the specified self test at server startup.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
-    //  public void disableSelfTestAtStartup( String instanceName )
-    //  throws EMissingSelfTestException;
-
+    // public void disableSelfTestAtStartup( String instanceName )
+    // throws EMissingSelfTestException;
 
     /**
-     * Determine if the specified self test is executed automatically
-     * at server startup.
+     * Determine if the specified self test is executed automatically at server
+     * startup.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @return true if the specified self test is executed at server startup
      * @exception EMissingSelfTestException subsystem has missing name
      */
     public boolean isSelfTestEnabledAtStartup(String instanceName)
-        throws EMissingSelfTestException;
+            throws EMissingSelfTestException;
 
     /**
-     * Determine if failure of the specified self test is fatal to
-     * server startup.
+     * Determine if failure of the specified self test is fatal to server
+     * startup.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
-     * @return true if failure of the specified self test is fatal to
-     * server startup
+     * @return true if failure of the specified self test is fatal to server
+     *         startup
      * @exception EMissingSelfTestException subsystem has missing name
      */
     public boolean isSelfTestCriticalAtStartup(String instanceName)
-        throws EMissingSelfTestException;
+            throws EMissingSelfTestException;
 
     /**
      * Execute all self tests specified to be run at server startup.
      * <P>
-     *
+     * 
      * @exception EMissingSelfTestException subsystem has missing name
      * @exception ESelfTestException self test exception
      */
-    public void runSelfTestsAtStartup()
-        throws EMissingSelfTestException, ESelfTestException;
+    public void runSelfTestsAtStartup() throws EMissingSelfTestException,
+            ESelfTestException;
 
     //
     // methods associated with the list of self test instances
     //
 
     /**
-     * Retrieve an individual self test from the instances list
-     * given its instance name.
+     * Retrieve an individual self test from the instances list given its
+     * instance name.
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @return individual self test
      */
@@ -242,10 +229,10 @@ public interface ISelfTestSubsystem
     //
 
     /**
-     * Returns the ILogEventListener of this subsystem.
-     * This method may return null.
+     * Returns the ILogEventListener of this subsystem. This method may return
+     * null.
      * <P>
-     *
+     * 
      * @return ILogEventListener of this subsystem
      */
     public ILogEventListener getSelfTestLogger();
@@ -253,104 +240,97 @@ public interface ISelfTestSubsystem
     /**
      * This method represents the log interface for the self test subsystem.
      * <P>
-     *
+     * 
      * @param logger log event listener
      * @param msg self test log message
      */
     public void log(ILogEventListener logger, String msg);
 
     /**
-     * Register an individual self test on the instances list AND
-     * on the "on demand" list (note that the specified self test
-     * will be appended to the end of each list).
+     * Register an individual self test on the instances list AND on the
+     * "on demand" list (note that the specified self test will be appended to
+     * the end of each list).
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
-     * @param isCritical isCritical is either a critical failure (true) or
-     * a non-critical failure (false)
+     * @param isCritical isCritical is either a critical failure (true) or a
+     *            non-critical failure (false)
      * @param instance individual self test
      * @exception EDuplicateSelfTestException subsystem has duplicate name
      * @exception EInvalidSelfTestException subsystem has invalid name/value
      * @exception EMissingSelfTestException subsystem has missing name/value
      */
-    //  public void registerSelfTestOnDemand( String instanceName,
-    //                                        boolean isCritical,
-    //                                        ISelfTest instance )
-    //  throws EDuplicateSelfTestException,
-    //         EInvalidSelfTestException,
-    //         EMissingSelfTestException;
-
+    // public void registerSelfTestOnDemand( String instanceName,
+    // boolean isCritical,
+    // ISelfTest instance )
+    // throws EDuplicateSelfTestException,
+    // EInvalidSelfTestException,
+    // EMissingSelfTestException;
 
     /**
-     * Deregister an individual self test on the instances list AND
-     * on the "on demand" list (note that the specified self test
-     * will be removed from each list).
+     * Deregister an individual self test on the instances list AND on the
+     * "on demand" list (note that the specified self test will be removed from
+     * each list).
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
-    //  public void deregisterSelfTestOnDemand( String instanceName )
-    //  throws EMissingSelfTestException;
-
+    // public void deregisterSelfTestOnDemand( String instanceName )
+    // throws EMissingSelfTestException;
 
     /**
-     * Register an individual self test on the instances list AND
-     * on the "startup" list (note that the specified self test
-     * will be appended to the end of each list).
+     * Register an individual self test on the instances list AND on the
+     * "startup" list (note that the specified self test will be appended to the
+     * end of each list).
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
-     * @param isCritical isCritical is either a critical failure (true) or
-     * a non-critical failure (false)
+     * @param isCritical isCritical is either a critical failure (true) or a
+     *            non-critical failure (false)
      * @param instance individual self test
      * @exception EDuplicateSelfTestException subsystem has duplicate name
      * @exception EInvalidSelfTestException subsystem has invalid name/value
      * @exception EMissingSelfTestException subsystem has missing name/value
      */
-    //  public void registerSelfTestAtStartup( String instanceName,
-    //                                         boolean isCritical,
-    //                                         ISelfTest instance )
-    //  throws EDuplicateSelfTestException,
-    //         EInvalidSelfTestException,
-    //         EMissingSelfTestException;
-
+    // public void registerSelfTestAtStartup( String instanceName,
+    // boolean isCritical,
+    // ISelfTest instance )
+    // throws EDuplicateSelfTestException,
+    // EInvalidSelfTestException,
+    // EMissingSelfTestException;
 
     /**
-     * Deregister an individual self test on the instances list AND
-     * on the "startup" list (note that the specified self test
-     * will be removed from each list).
+     * Deregister an individual self test on the instances list AND on the
+     * "startup" list (note that the specified self test will be removed from
+     * each list).
      * <P>
-     *
+     * 
      * @param instanceName instance name of self test
      * @exception EMissingSelfTestException subsystem has missing name
      */
-    //  public void deregisterSelfTestAtStartup( String instanceName )
-    //  throws EMissingSelfTestException;
-
+    // public void deregisterSelfTestAtStartup( String instanceName )
+    // throws EMissingSelfTestException;
 
-
-    ////////////////////////////////////
+    // //////////////////////////////////
     // ISubsystem methods (inherited) //
-    ////////////////////////////////////
-
-    /* Note that all of the following ISubsystem methods
-     * are inherited from the ISubsystem class:
-     *
-     *    public String getId();
-     *
-     *    public void setId( String id )
-     *    throws EBaseException;
-     *
-     *    public void init( ISubsystem owner, IConfigStore config )
-     *    throws EBaseException;
-     *
-     *    public void startup()
-     *    throws EBaseException;
-     *
-     *    public void shutdown();
-     *
-     *    public IConfigStore getConfigStore();
+    // //////////////////////////////////
+
+    /*
+     * Note that all of the following ISubsystem methods are inherited from the
+     * ISubsystem class:
+     * 
+     * public String getId();
+     * 
+     * public void setId( String id ) throws EBaseException;
+     * 
+     * public void init( ISubsystem owner, IConfigStore config ) throws
+     * EBaseException;
+     * 
+     * public void startup() throws EBaseException;
+     * 
+     * public void shutdown();
+     * 
+     * public IConfigStore getConfigStore();
      */
 }
-
diff --git a/pki/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java b/pki/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java
index c396c14b1..7d69dfd6d 100644
--- a/pki/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/selftests/SelfTestResources.java
@@ -17,10 +17,8 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.selftests;
 
-
 import java.util.ListResourceBundle;
 
-
 /**
  * A class represents a resource bundle for Self Tests.
  * <P>
@@ -36,6 +34,5 @@ public class SelfTestResources extends ListResourceBundle {
         return contents;
     }
 
-    static final Object[][] contents = {
-        };
+    static final Object[][] contents = {};
 }
diff --git a/pki/base/common/src/com/netscape/certsrv/template/ArgList.java b/pki/base/common/src/com/netscape/certsrv/template/ArgList.java
index 72288a73c..4ea2fb48c 100644
--- a/pki/base/common/src/com/netscape/certsrv/template/ArgList.java
+++ b/pki/base/common/src/com/netscape/certsrv/template/ArgList.java
@@ -20,11 +20,10 @@ package com.netscape.certsrv.template;
 import java.util.Vector;
 
 /**
- * This class represents a list of arguments
- * that will be returned to the end-user via
- * the template framework.
+ * This class represents a list of arguments that will be returned to the
+ * end-user via the template framework.
  * <p>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ArgList implements IArgValue {
@@ -39,16 +38,16 @@ public class ArgList implements IArgValue {
 
     /**
      * Adds an argument to the list.
-     *
+     * 
      * @param arg argument to be added
      */
     public void add(IArgValue arg) {
         mList.addElement(arg);
     }
 
-    /** 
+    /**
      * Returns the number of arguments in the list.
-     *
+     * 
      * @return size of the list
      */
     public int size() {
@@ -56,9 +55,8 @@ public class ArgList implements IArgValue {
     }
 
     /**
-     * Returns the argument at the given position
-     * Position starts from 0.
-     *
+     * Returns the argument at the given position Position starts from 0.
+     * 
      * @param pos position
      * @return argument
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/template/ArgSet.java b/pki/base/common/src/com/netscape/certsrv/template/ArgSet.java
index 249bb4420..a50763a2c 100644
--- a/pki/base/common/src/com/netscape/certsrv/template/ArgSet.java
+++ b/pki/base/common/src/com/netscape/certsrv/template/ArgSet.java
@@ -21,12 +21,10 @@ import java.util.Enumeration;
 import java.util.Hashtable;
 
 /**
- * This class represents a set of arguments.
- * Unlike ArgList, this set of arguments is 
- * not ordered.
+ * This class represents a set of arguments. Unlike ArgList, this set of
+ * arguments is not ordered.
  * <p>
- * Each argument in the set is tagged with
- * a name (key).
+ * Each argument in the set is tagged with a name (key).
  * <p>
  * 
  * @version $Revision$, $Date$
@@ -36,7 +34,7 @@ public class ArgSet implements IArgValue {
 
     /**
      * Returns a list of argument names.
-     *
+     * 
      * @return list of argument names
      */
     public Enumeration getNames() {
@@ -45,17 +43,17 @@ public class ArgSet implements IArgValue {
 
     /**
      * Sets string argument into the set with the given name.
-     *
+     * 
      * @param name argument name
      * @param arg argument in string
      */
     public void set(String name, String arg) {
-        mArgs.put(name, new ArgString (arg));
+        mArgs.put(name, new ArgString(arg));
     }
 
     /**
      * Sets argument into the set with the given name.
-     *
+     * 
      * @param name argument name
      * @param arg argument value
      */
@@ -65,7 +63,7 @@ public class ArgSet implements IArgValue {
 
     /**
      * Retrieves argument from the set.
-     *
+     * 
      * @param name argument name
      * @return argument value
      */
diff --git a/pki/base/common/src/com/netscape/certsrv/template/ArgString.java b/pki/base/common/src/com/netscape/certsrv/template/ArgString.java
index 385338ca9..4fb982eb6 100644
--- a/pki/base/common/src/com/netscape/certsrv/template/ArgString.java
+++ b/pki/base/common/src/com/netscape/certsrv/template/ArgString.java
@@ -17,11 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.template;
 
-
-
 /**
  * This class represents a string-based argument.
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class ArgString implements IArgValue {
@@ -29,7 +27,7 @@ public class ArgString implements IArgValue {
 
     /**
      * Constructs a string-based argument value.
-     *
+     * 
      * @param value argument value
      */
     public ArgString(String value) {
@@ -38,7 +36,7 @@ public class ArgString implements IArgValue {
 
     /**
      * Returns the argument value.
-     *
+     * 
      * @return argument value
      */
     public String getValue() {
diff --git a/pki/base/common/src/com/netscape/certsrv/template/IArgValue.java b/pki/base/common/src/com/netscape/certsrv/template/IArgValue.java
index d679f0a1f..27694a066 100644
--- a/pki/base/common/src/com/netscape/certsrv/template/IArgValue.java
+++ b/pki/base/common/src/com/netscape/certsrv/template/IArgValue.java
@@ -18,10 +18,9 @@
 package com.netscape.certsrv.template;
 
 /**
- * This interface presents a generic argument value.
- * Argument value can be in string, in a list, or 
- * in a set.
- *
+ * This interface presents a generic argument value. Argument value can be in
+ * string, in a list, or in a set.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IArgValue {
diff --git a/pki/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java b/pki/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java
index 0fec3043f..4806da66d 100644
--- a/pki/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java
+++ b/pki/base/common/src/com/netscape/certsrv/tks/ITKSAuthority.java
@@ -17,16 +17,14 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.tks;
 
-
 import com.netscape.certsrv.base.ISubsystem;
 import com.netscape.certsrv.request.IRequestQueue;
 
-
 /**
- * An interface represents a Registration Authority that is
- * responsible for certificate enrollment operations.
+ * An interface represents a Registration Authority that is responsible for
+ * certificate enrollment operations.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface ITKSAuthority extends ISubsystem {
@@ -36,23 +34,21 @@ public interface ITKSAuthority extends ISubsystem {
     public static final String PROP_REGISTRATION = "Registration";
     public static final String PROP_GATEWAY = "gateway";
     public static final String PROP_NICKNAME = "certNickname";
-    //public final static String PROP_PUBLISH_SUBSTORE = "publish";
-    //public final static String PROP_LDAP_PUBLISH_SUBSTORE = "ldappublish";
+    // public final static String PROP_PUBLISH_SUBSTORE = "publish";
+    // public final static String PROP_LDAP_PUBLISH_SUBSTORE = "ldappublish";
     public final static String PROP_CONNECTOR = "connector";
     public final static String PROP_NEW_NICKNAME = "newNickname";
 
-
-
     /**
      * Retrieves the request queue of this registration authority.
-     *
+     * 
      * @return RA's request queue
      */
     public IRequestQueue getRequestQueue();
 
     /**
      * Returns the nickname of the RA certificate.
-     *
+     * 
      * @return the nickname of the RA certificate
      */
     public String getNickname();
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java
index c57117251..1251eca62 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/Certificates.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
 import java.security.cert.X509Certificate;
 
-
 /**
- * This class defines the strong authentication basic elements,
- * the X509 certificates.
- *
+ * This class defines the strong authentication basic elements, the X509
+ * certificates.
+ * 
  * @version $Revision$, $Date$
  */
 public class Certificates {
@@ -33,6 +31,7 @@ public class Certificates {
 
     /**
      * Constructs strong authenticator.
+     * 
      * @param certs a list of X509Certificates
      */
     public Certificates(X509Certificate certs[]) {
@@ -41,6 +40,7 @@ public class Certificates {
 
     /**
      * Retrieves certificates.
+     * 
      * @return a list of X509Certificates
      */
     public X509Certificate[] getCertificates() {
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java
index ca4634a67..70e2fa818 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/EUsrGrpException.java
@@ -17,14 +17,12 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
 import com.netscape.certsrv.base.EBaseException;
 
-
 /**
  * A class represents a Identity exception.
  * <P>
- *
+ * 
  * @version $Revision$, $Date$
  */
 public class EUsrGrpException extends EBaseException {
@@ -36,12 +34,14 @@ public class EUsrGrpException extends EBaseException {
     /**
      * Identity resource class name.
      */
-    private static final String USRGRP_RESOURCES = UsrGrpResources.class.getName();
+    private static final String USRGRP_RESOURCES = UsrGrpResources.class
+            .getName();
 
     /**
      * Constructs a usr/grp management exception
+     * 
      * @param msgFormat exception details in message string format
-     * <P>
+     *            <P>
      */
     public EUsrGrpException(String msgFormat) {
         super(msgFormat);
@@ -49,9 +49,10 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a Identity exception.
+     * 
      * @param msgFormat exception details in message string format
      * @param param message string parameter
-     * <P>
+     *            <P>
      */
     public EUsrGrpException(String msgFormat, String param) {
         super(msgFormat, param);
@@ -59,8 +60,9 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a Identity exception.
+     * 
      * @param e system exception
-     * <P>
+     *            <P>
      */
     public EUsrGrpException(String msgFormat, Exception e) {
         super(msgFormat, e);
@@ -68,9 +70,10 @@ public class EUsrGrpException extends EBaseException {
 
     /**
      * Constructs a Identity exception.
+     * 
      * @param msgFormat exception details in message string format
      * @param params list of message format parameters
-     * <P>
+     *            <P>
      */
     public EUsrGrpException(String msgFormat, Object params[]) {
         super(msgFormat, params);
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java
index a9d789e65..b6a526e53 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/ICertUserLocator.java
@@ -17,32 +17,32 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
 import netscape.ldap.LDAPException;
 
 import com.netscape.certsrv.ldap.ELdapException;
 
-
 /**
- * This interface defines a certificate mapping strategy to locate
- * a user
- *
+ * This interface defines a certificate mapping strategy to locate a user
+ * 
  * @version $Revision$, $Date$
  */
 public interface ICertUserLocator {
 
     /**
      * Returns a user whose certificates match with the given certificates
+     * 
      * @return an user interface
-     * @exception EUsrGrpException thrown when failed to build user 
-     * @exception LDAPException thrown when LDAP internal database is not available
+     * @exception EUsrGrpException thrown when failed to build user
+     * @exception LDAPException thrown when LDAP internal database is not
+     *                available
      * @exception ELdapException thrown when the LDAP search failed
      */
-    public IUser locateUser(Certificates certs) throws
-            EUsrGrpException, LDAPException, ELdapException;
+    public IUser locateUser(Certificates certs) throws EUsrGrpException,
+            LDAPException, ELdapException;
 
     /**
      * Retrieves description.
+     * 
      * @return description
      */
     public String getDescription();
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java
index 778b9aab2..cddb649cc 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroup.java
@@ -17,53 +17,58 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
 import java.util.Enumeration;
 
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
- * This interface defines the basic interfaces for
- * an identity group. (get/set methods for a group entry attributes)
- *
+ * This interface defines the basic interfaces for an identity group. (get/set
+ * methods for a group entry attributes)
+ * 
  * @version $Revision$, $Date$
  */
 public interface IGroup extends IAttrSet, IGroupConstants {
 
     /**
      * Retrieves the group name.
+     * 
      * @return the group name
      */
     public String getName();
 
     /**
      * Retrieves group identifier.
+     * 
      * @return the group id
      */
     public String getGroupID();
 
     /**
      * Retrieves group description.
+     * 
      * @return description
      */
     public String getDescription();
 
     /**
      * Checks if the given name is member of this group.
+     * 
      * @param name the given name
-     * @return true if the given name is the member of this group; otherwise false.
+     * @return true if the given name is the member of this group; otherwise
+     *         false.
      */
     public boolean isMember(String name);
 
     /**
      * Adds new member.
+     * 
      * @param name the given name.
      */
     public void addMemberName(String name);
 
     /**
      * Retrieves a list of member names.
+     * 
      * @return a list of member names for this group.
      */
     public Enumeration getMemberNames();
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java
index 2f8711ceb..22d89455c 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IGroupConstants.java
@@ -17,12 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
-
-
 /**
  * This interface defines the attribute names for a group entry
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IGroupConstants {
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java
index 94bdf8857..103b1026e 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IIdEvaluator.java
@@ -17,9 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
-
-
 /**
  * A class represents an ID evaluator.
  * <P>
@@ -29,8 +26,9 @@ package com.netscape.certsrv.usrgrp;
 public interface IIdEvaluator {
 
     /**
-     * Evaluates if the given value satisfies the ID evaluation:
-     * is a user a member of a group
+     * Evaluates if the given value satisfies the ID evaluation: is a user a
+     * member of a group
+     * 
      * @param type the type of evaluator, in this case, it is group
      * @param id the user id for the given user
      * @param op operator, only "=" and "!=" are supported
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java
index e575c58bd..7ab4dac81 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUGSubsystem.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
 import java.security.cert.X509Certificate;
 import java.util.Enumeration;
 
@@ -25,12 +24,10 @@ import netscape.ldap.LDAPException;
 
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * This class defines low-level LDAP usr/grp management
- * usr/grp information is located remotely on another
- * LDAP server.
- *
+ * This class defines low-level LDAP usr/grp management usr/grp information is
+ * located remotely on another LDAP server.
+ * 
  * @version $Revision$, $Date$
  */
 public interface IUGSubsystem extends ISubsystem, IUsrGrp {
@@ -47,6 +44,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Retrieves a user from LDAP
+     * 
      * @param userid the given user id
      * @exception EUsrGrpException thrown when failed to find the user
      */
@@ -54,6 +52,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Searches for users that matches the filter.
+     * 
      * @param filter search filter for efficiency
      * @return list of users
      * @exception EUsrGrpException thrown when any internal error occurs
@@ -62,48 +61,57 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Adds the given user to the internal database
+     * 
      * @param identity the given user
      * @exception EUsrGrpException thrown when failed to add user to the group
-     * @exception LDAPException thrown when the LDAP internal database is not available
+     * @exception LDAPException thrown when the LDAP internal database is not
+     *                available
      */
     public void addUser(IUser identity) throws EUsrGrpException, LDAPException;
 
     /**
      * Adds a user certificate to user
+     * 
      * @param identity user interface
-     * @exception EUsrGrpException thrown when failed to add the user certificate to the given user
-     * @exception LDAPException thrown when the LDAP internal database is not available
+     * @exception EUsrGrpException thrown when failed to add the user
+     *                certificate to the given user
+     * @exception LDAPException thrown when the LDAP internal database is not
+     *                available
      */
     public void addUserCert(IUser identity) throws EUsrGrpException,
             LDAPException;
 
     /**
-     * Removes a user certificate for a user entry
-     * given a user certificate DN (actually, a combination of version,
-     * serialNumber, issuerDN, and SubjectDN), and it gets removed
-     * @param identity the given user whose user certificate is going to be
-     * be removed.
+     * Removes a user certificate for a user entry given a user certificate DN
+     * (actually, a combination of version, serialNumber, issuerDN, and
+     * SubjectDN), and it gets removed
+     * 
+     * @param identity the given user whose user certificate is going to be be
+     *            removed.
      * @exception EUsrGrpException thrown when failed to remove user certificate
      */
     public void removeUserCert(IUser identity) throws EUsrGrpException;
 
     /**
      * Removes identity.
+     * 
      * @param userid the given user id
      * @exception EUsrGrpException thrown when failed to remove user
      */
     public void removeUser(String userid) throws EUsrGrpException;
 
     /**
-     * Modifies user attributes.  Certs are handled separately
-     * @param identity the given identity which contains all the user
-     * attributes being modified
+     * Modifies user attributes. Certs are handled separately
+     * 
+     * @param identity the given identity which contains all the user attributes
+     *            being modified
      * @exception EUsrGrpException thrown when modification failed
      */
     public void modifyUser(IUser identity) throws EUsrGrpException;
 
     /**
      * Finds groups that match the filter.
+     * 
      * @param filter the search filter
      * @return a list of groups that match the given search filter
      */
@@ -111,24 +119,27 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Find a group for the given name
+     * 
      * @param name the given name
      * @return a group that matched the given name
      */
     public IGroup findGroup(String name);
 
     /**
-     * List groups.  This method is more efficient than findGroups because
-     * this method retrieves group names and description only. Each 
-     * retrieved group just contains group name and description.
+     * List groups. This method is more efficient than findGroups because this
+     * method retrieves group names and description only. Each retrieved group
+     * just contains group name and description.
+     * 
      * @param filter the search filter
-     * @return a list of groups, each group just contains group name and
-     * its description.
+     * @return a list of groups, each group just contains group name and its
+     *         description.
      * @exception EUsrGrpException thrown when failed to list groups
      */
     public Enumeration listGroups(String filter) throws EUsrGrpException;
 
     /**
      * Retrieves a group from LDAP for the given group name
+     * 
      * @param name the given group name
      * @return a group interface
      */
@@ -136,37 +147,44 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Retrieves a group from LDAP for the given DN.
-     * @param DN the given DN 
+     * 
+     * @param DN the given DN
      * @return a group interface for the given DN.
      */
     public IGroup getGroup(String DN);
 
     /**
      * Checks if the given group exists.
+     * 
      * @param name the given group name
-     * @return true if the given group exists in the internal database; otherwise false.
+     * @return true if the given group exists in the internal database;
+     *         otherwise false.
      */
     public boolean isGroupPresent(String name);
 
     /**
      * Checks if the given context is a member of the given group
+     * 
      * @param uid the given user id
      * @param name the given group name
-     * @return true if the user with the given user id is a member of the given 
-     * group
+     * @return true if the user with the given user id is a member of the given
+     *         group
      */
     public boolean isMemberOf(String uid, String name);
+
     public boolean isMemberOf(IUser id, String name);
 
     /**
      * Adds a group of identities.
+     * 
      * @param group the given group
      * @exception EUsrGrpException thrown when failed to add group.
      */
     public void addGroup(IGroup group) throws EUsrGrpException;
 
     /**
-     * Removes a group.  Can't remove SUPER_CERT_ADMINS
+     * Removes a group. Can't remove SUPER_CERT_ADMINS
+     * 
      * @param name the given group name
      * @exception EUsrGrpException thrown when the given group failed to remove
      */
@@ -174,24 +192,27 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Modifies a group.
+     * 
      * @param group the given group which contain all group attributes being
-     * modified.
+     *            modified.
      * @exception EUsrGrpException thrown when failed to modify group.
      */
     public void modifyGroup(IGroup group) throws EUsrGrpException;
 
     /**
      * Removes the user with the given id from the given group
+     * 
      * @param grp the given group
      * @param userid the given user id
      * @exception EUsrGrpException thrown when failed to remove the user from
-     * the given group
+     *                the given group
      */
     public void removeUserFromGroup(IGroup grp, String userid)
-        throws EUsrGrpException;
+            throws EUsrGrpException;
 
     /**
      * Create user with the given id.
+     * 
      * @param id the user with the given id.
      * @return a new user
      */
@@ -199,6 +220,7 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Create group with the given id.
+     * 
      * @param id the group with the given id.
      * @return a new group
      */
@@ -206,24 +228,29 @@ public interface IUGSubsystem extends ISubsystem, IUsrGrp {
 
     /**
      * Get string representation of the given certificate
+     * 
      * @param cert given certificate
      * @return the string representation of the given certificate
      */
     public String getCertificateString(X509Certificate cert);
 
     /**
-     * Searchs for identities that matches the certificate locater
-     * generated filter.
+     * Searchs for identities that matches the certificate locater generated
+     * filter.
+     * 
      * @param filter search filter
      * @return an user
      * @exception EUsrGrpException thrown when failed to find user
-     * @exception LDAPException thrown when the internal database is not available
+     * @exception LDAPException thrown when the internal database is not
+     *                available
      */
-    public IUser findUsersByCert(String filter) throws
-            EUsrGrpException, LDAPException;
+    public IUser findUsersByCert(String filter) throws EUsrGrpException,
+            LDAPException;
 
     /**
-     * Get user locator which does the mapping between the user and the certificate.
+     * Get user locator which does the mapping between the user and the
+     * certificate.
+     * 
      * @return CertUserLocator
      */
     public ICertUserLocator getCertUserLocator();
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUser.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUser.java
index 398ccb71e..fea2f56a8 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUser.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUser.java
@@ -17,136 +17,154 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
 import java.security.cert.X509Certificate;
 
 import com.netscape.certsrv.base.IAttrSet;
 
-
 /**
- * This interface defines the basic interfaces for
- * a user identity. (get/set methods for a user entry attributes)
- *
+ * This interface defines the basic interfaces for a user identity. (get/set
+ * methods for a user entry attributes)
+ * 
  * @version $Revision$, $Date$
  */
 public interface IUser extends IAttrSet, IUserConstants {
 
     /**
      * Retrieves name.
+     * 
      * @return user name
      */
     public String getName();
 
     /**
      * Retrieves user identifier.
+     * 
      * @return user id
      */
     public String getUserID();
 
     /**
      * Retrieves user full name.
+     * 
      * @return user fullname
      */
     public String getFullName();
 
     /**
      * Retrieves user phonenumber.
+     * 
      * @return user phonenumber
      */
     public String getPhone();
 
     /**
      * Retrieves user state
+     * 
      * @return user state
      */
     public String getState();
 
     /**
      * Sets user full name.
+     * 
      * @param name the given full name
      */
     public void setFullName(String name);
 
     /**
      * Sets user ldap DN.
+     * 
      * @param userdn the given user DN
      */
     public void setUserDN(String userdn);
 
     /**
      * Gets user ldap dn
+     * 
      * @return user DN
      */
     public String getUserDN();
 
     /**
      * Retrieves user password.
+     * 
      * @return user password
      */
     public String getPassword();
 
     /**
      * Sets user password.
+     * 
      * @param p the given password
      */
     public void setPassword(String p);
 
     /**
      * Sets user phonenumber
-     * @param p user phonenumber 
+     * 
+     * @param p user phonenumber
      */
     public void setPhone(String p);
 
     /**
      * Sets user state
+     * 
      * @param p the given user state
      */
     public void setState(String p);
 
     /**
      * Sets user type
+     * 
      * @param userType the given user type
      */
     public void setUserType(String userType);
 
     /**
      * Gets user email address.
+     * 
      * @return email address
      */
     public String getEmail();
 
     /**
      * Sets user email address.
+     * 
      * @param email the given email address
      */
     public void setEmail(String email);
 
     /**
      * Gets list of certificates from this user
+     * 
      * @return list of certificates
      */
     public X509Certificate[] getX509Certificates();
 
     /**
      * Sets list of certificates in this user
+     * 
      * @param certs list of certificates
      */
     public void setX509Certificates(X509Certificate certs[]);
 
     /**
      * Get certificate DN
+     * 
      * @return certificate DN
      */
     public String getCertDN();
 
     /**
      * Set certificate DN
+     * 
      * @param userdn the given DN
      */
     public void setCertDN(String userdn);
 
     /**
      * Get user type
+     * 
      * @return user type.
      */
     public String getUserType();
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java
index f24e9fb4f..f66f01c73 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUserConstants.java
@@ -17,12 +17,9 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.usrgrp;
 
-
-
-
 /**
  * This interface defines the attribute names for a user entry
- *
+ * 
  * @version $Revision$, $Date$
  */
 public interface IUserConstants {
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java
index 17b00c883..af842ff6e 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/IUsrGrp.java
@@ -20,50 +20,54 @@ package com.netscape.certsrv.usrgrp;
 import netscape.ldap.LDAPException;
 
 /**
- * This interface defines the basic capabilities of
- * a usr/group manager. (get/add/modify/remove users or groups)
- *
+ * This interface defines the basic capabilities of a usr/group manager.
+ * (get/add/modify/remove users or groups)
+ * 
  * @version $Revision$, $Date$
  */
 public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Retrieves usr/grp manager identifier.
+     * 
      * @return id
      */
     public String getId();
 
     /**
      * Retrieves the description
+     * 
      * @return description
      */
     public String getDescription();
 
     /**
      * Retrieves an identity
+     * 
      * @param userid the user id for the given user
      * @return user interface
      */
     public IUser getUser(String userid) throws EUsrGrpException;
 
     /**
-     * Adds a user identity to the LDAP server. For example,
-     * <code>
+     * Adds a user identity to the LDAP server. For example, <code>
      *   User user = new User("joe");
      *   user.setFullName("joe doe");
      *   user.setPassword("secret");
      *   usrgrp.addUser(user);
      * </code>
+     * 
      * @param user an user interface
      * @exception EUsrGrpException thrown when some of the user attribute values
-     * are null
+     *                are null
      * @exception LDAPException thrown when the LDAP internal database is not
-     * available, or the add operation failed
+     *                available, or the add operation failed
      */
     public void addUser(IUser user) throws EUsrGrpException, LDAPException;
 
     /**
      * Removes a user.
+     * 
      * @param userid the user id for the given user
      * @exception EUsrGrpException thrown when failed to remove user
      */
@@ -71,6 +75,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Modifies user.
+     * 
      * @param user the user interface which contains the modified information
      * @exception EUsrGrpException thrown when failed to modify user
      */
@@ -78,6 +83,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Retrieves an identity group
+     * 
      * @param groupid the given group id.
      * @return the group interface
      */
@@ -85,6 +91,7 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Adds a group
+     * 
      * @param group the given group
      * @exception EUsrGrpException thrown when failed to add the group.
      */
@@ -92,16 +99,18 @@ public interface IUsrGrp extends IIdEvaluator {
 
     /**
      * Modifies a group
-     * @param group the given group contains the new information for modification.
+     * 
+     * @param group the given group contains the new information for
+     *            modification.
      * @exception EUsrGrpException thrown when failed to modify the group.
      */
     public void modifyGroup(IGroup group) throws EUsrGrpException;
 
     /**
      * Removes a group
+     * 
      * @param name the group name
-     * @exception EUsrGrpException thrown when failed to remove the given
-     * group.
+     * @exception EUsrGrpException thrown when failed to remove the given group.
      */
     public void removeGroup(String name) throws EUsrGrpException;
 
diff --git a/pki/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java b/pki/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java
index ed4f28b83..7e04ff9ab 100644
--- a/pki/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java
+++ b/pki/base/common/src/com/netscape/certsrv/usrgrp/UsrGrpResources.java
@@ -20,9 +20,8 @@ package com.netscape.certsrv.usrgrp;
 import java.util.ListResourceBundle;
 
 /**
- * A class represents a resource bundle for the 
- * user/group manager
- *
+ * A class represents a resource bundle for the user/group manager
+ * 
  * @deprecated
  * @version $Revision$, $Date$
  */
@@ -30,6 +29,7 @@ public class UsrGrpResources extends ListResourceBundle {
 
     /**
      * Returns the content of this resource.
+     * 
      * @return the content of this resource.
      */
     public Object[][] getContents() {
@@ -37,8 +37,7 @@ public class UsrGrpResources extends ListResourceBundle {
     }
 
     /**
-     * Constants. The suffix represents the number of
-     * possible parameters.
+     * Constants. The suffix represents the number of possible parameters.
      */
 
     static final Object[][] contents = {};
diff --git a/pki/base/common/src/com/netscape/certsrv/util/HttpInput.java b/pki/base/common/src/com/netscape/certsrv/util/HttpInput.java
index 4f68bf635..abbf2edc1 100644
--- a/pki/base/common/src/com/netscape/certsrv/util/HttpInput.java
+++ b/pki/base/common/src/com/netscape/certsrv/util/HttpInput.java
@@ -26,19 +26,16 @@ import javax.servlet.http.HttpServletRequest;
 
 import netscape.ldap.LDAPDN;
 
-public class HttpInput
-{
-   public static int getPortNumberInInt(HttpServletRequest request, String name)
-        throws IOException
-    {
+public class HttpInput {
+    public static int getPortNumberInInt(HttpServletRequest request, String name)
+            throws IOException {
         String val = request.getParameter(name);
         int p = Integer.parseInt(val);
         return p;
     }
-                                                                                
+
     public static String getBoolean(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String val = request.getParameter(name);
         if (val.equals("true") || val.equals("false")) {
             return val;
@@ -47,8 +44,7 @@ public class HttpInput
     }
 
     public static String getCheckbox(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String val = request.getParameter(name);
         if (val == null || val.equals("")) {
             return "off";
@@ -59,8 +55,7 @@ public class HttpInput
     }
 
     public static String getInteger(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String val = request.getParameter(name);
         int p = 0;
         try {
@@ -75,9 +70,8 @@ public class HttpInput
         return val;
     }
 
-    public static String getInteger(HttpServletRequest request, String name, 
-          int min, int max) throws IOException
-    {
+    public static String getInteger(HttpServletRequest request, String name,
+            int min, int max) throws IOException {
         String val = getInteger(request, name);
         int p = Integer.parseInt(val);
         if (p < min || p > max) {
@@ -85,41 +79,36 @@ public class HttpInput
         }
         return val;
     }
-                                                                                
+
     public static String getPortNumber(HttpServletRequest request, String name)
-        throws IOException
-    {
-        String v =  getInteger(request, name);         
+            throws IOException {
+        String v = getInteger(request, name);
         return v;
     }
-                                                                                
+
     public static String getString(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String val = request.getParameter(name);
         return val;
     }
 
     public static String getString(HttpServletRequest request, String name,
-            int minlen, int maxlen) throws IOException
-    {
+            int minlen, int maxlen) throws IOException {
         String val = request.getParameter(name);
         if (val.length() < minlen || val.length() > maxlen) {
-            throw new IOException("String length of '" + val + 
-               "' is out of range");
+            throw new IOException("String length of '" + val
+                    + "' is out of range");
         }
         return val;
     }
-                                                                                
+
     public static String getLdapDatabase(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getURL(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String v = getString(request, name);
         try {
             URL u = new URL(v);
@@ -128,168 +117,161 @@ public class HttpInput
         }
         return v;
     }
-                                                                                
+
     public static String getUID(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getPassword(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
 
     public static String getKeyType(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String v = getString(request, name);
         if (v.equals("rsa")) {
-          return v;
+            return v;
         }
         if (v.equals("ecc")) {
-          return v;
+            return v;
         }
         throw new IOException("Invalid key type '" + v + "' not supported.");
     }
-                                                                                
+
     public static String getKeySize(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String i = getInteger(request, name);
-        if (i.equals("256") || i.equals("512") || i.equals("1024") ||
-           i.equals("2048") || i.equals("4096")) {
-          return i;
+        if (i.equals("256") || i.equals("512") || i.equals("1024")
+                || i.equals("2048") || i.equals("4096")) {
+            return i;
         }
-        throw new IOException("Invalid key length '" + i + "'. Currently supported key lengths are 256, 512, 1024, 2048, 4096.");
+        throw new IOException(
+                "Invalid key length '"
+                        + i
+                        + "'. Currently supported key lengths are 256, 512, 1024, 2048, 4096.");
     }
 
-    public static String getKeySize(HttpServletRequest request, String name, String keyType)
-        throws IOException
-    {
+    public static String getKeySize(HttpServletRequest request, String name,
+            String keyType) throws IOException {
         String i = getInteger(request, name);
         if (keyType.equals("rsa")) {
-          if (i.equals("256") || i.equals("512") || i.equals("1024") ||
-             i.equals("2048") || i.equals("4096")) {
-            return i;
-          } else {
-            throw new IOException("Invalid key length '" + i + "'. Currently supported RSA key lengths are 256, 512, 1024, 2048, 4096.");
-          }
+            if (i.equals("256") || i.equals("512") || i.equals("1024")
+                    || i.equals("2048") || i.equals("4096")) {
+                return i;
+            } else {
+                throw new IOException(
+                        "Invalid key length '"
+                                + i
+                                + "'. Currently supported RSA key lengths are 256, 512, 1024, 2048, 4096.");
+            }
         }
         if (keyType.equals("ecc")) {
-          int p = 0;
-          try {
-            p = Integer.parseInt(i);
-          } catch (NumberFormatException e) {
-            throw new IOException("Input '" + i + "' is not an integer");
-          }
-          if ((p >= 112) && (p <= 571))
-            return i;
-          else {
-            throw new IOException("Invalid key length '" + i + "'. Please consult your security officer for a proper length, or take the default value. Here are examples of some commonly used key lengths: 256, 384, 521.");
-          }
-/*
-
-          if (i.equals("256") || i.equals("384") || i.equals("521")) { 
-            return i;
-          } else {
-            throw new IOException("Invalid key length '" + i + "'. Currently supported ECC key lengths are 256, 384, 521.");
-          }
-*/
+            int p = 0;
+            try {
+                p = Integer.parseInt(i);
+            } catch (NumberFormatException e) {
+                throw new IOException("Input '" + i + "' is not an integer");
+            }
+            if ((p >= 112) && (p <= 571))
+                return i;
+            else {
+                throw new IOException(
+                        "Invalid key length '"
+                                + i
+                                + "'. Please consult your security officer for a proper length, or take the default value. Here are examples of some commonly used key lengths: 256, 384, 521.");
+            }
+            /*
+             * 
+             * if (i.equals("256") || i.equals("384") || i.equals("521")) {
+             * return i; } else { throw new IOException("Invalid key length '" +
+             * i + "'. Currently supported ECC key lengths are 256, 384, 521.");
+             * }
+             */
         }
         throw new IOException("Invalid key type '" + keyType + "'");
     }
-                                                                                
+
     public static String getDN(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String v = getString(request, name);
         String dn[] = LDAPDN.explodeDN(v, true);
         if (dn == null || dn.length <= 0) {
-           throw new IOException("Invalid DN " + v + " in " + name);
+            throw new IOException("Invalid DN " + v + " in " + name);
         }
         return v;
     }
-                                                                                
+
     public static String getID(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getName(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getCertRequest(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getCertChain(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getCert(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
 
     public static String getNickname(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getHostname(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getTokenName(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
 
-    public static String getReplicationAgreementName(HttpServletRequest request, String name)
-        throws IOException
-    {
+    public static String getReplicationAgreementName(
+            HttpServletRequest request, String name) throws IOException {
         return getString(request, name);
     }
-                                                                                
+
     public static String getEmail(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         String v = getString(request, name);
         if (v.indexOf('@') == -1) {
-           throw new IOException("Invalid email " + v);
+            throw new IOException("Invalid email " + v);
         }
         return v;
     }
-                                                                                
+
     public static String getDomainName(HttpServletRequest request, String name)
-        throws IOException
-    {
+            throws IOException {
         return getString(request, name);
     }
-                                                                                
-    public static String getSecurityDomainName(HttpServletRequest request, String name)       
-        throws IOException
-    {
+
+    public static String getSecurityDomainName(HttpServletRequest request,
+            String name) throws IOException {
         String v = getName(request, name);
         Pattern p = Pattern.compile("[A-Za-z0-9]+[A-Za-z0-9 -]*");
         Matcher m = p.matcher(v);
         if (!m.matches()) {
-            throw new IOException("Invalid characters found in Security Domain Name " + v + ". Valid characters are A-Z, a-z, 0-9, dash and space");
+            throw new IOException(
+                    "Invalid characters found in Security Domain Name "
+                            + v
+                            + ". Valid characters are A-Z, a-z, 0-9, dash and space");
         }
         return v;
     }
diff --git a/pki/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java b/pki/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java
index c98812369..8846a99a0 100644
--- a/pki/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java
+++ b/pki/base/common/src/com/netscape/certsrv/util/IStatsSubsystem.java
@@ -17,26 +17,21 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.util;
 
-
 import java.util.Date;
 
 import com.netscape.certsrv.base.ISubsystem;
 
-
 /**
- * A class represents a internal subsystem. This subsystem
- * can be loaded into cert server kernel to perform
- * statistics collection.
+ * A class represents a internal subsystem. This subsystem can be loaded into
+ * cert server kernel to perform statistics collection.
  * <P>
  * 
  * @author thomask
  * @version $Revision$, $Date$
  */
-public interface IStatsSubsystem extends ISubsystem
-{
+public interface IStatsSubsystem extends ISubsystem {
     /**
-     * Retrieves the start time since startup or 
-     * clearing of statistics.
+     * Retrieves the start time since startup or clearing of statistics.
      */
     public Date getStartTime();
 
diff --git a/pki/base/common/src/com/netscape/certsrv/util/StatsEvent.java b/pki/base/common/src/com/netscape/certsrv/util/StatsEvent.java
index 7c510b889..9e004b629 100644
--- a/pki/base/common/src/com/netscape/certsrv/util/StatsEvent.java
+++ b/pki/base/common/src/com/netscape/certsrv/util/StatsEvent.java
@@ -17,7 +17,6 @@
 // --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.util;
 
-
 import java.util.Enumeration;
 import java.util.Vector;
 
@@ -28,167 +27,149 @@ import java.util.Vector;
  * @author thomask
  * @version $Revision$, $Date$
  */
-public class StatsEvent
-{
-  private String mName = null;
-  private long mMin = -1;
-  private long mMax = -1;
-  private long mTimeTaken = 0;
-  private long mTimeTakenSqSum = 0;
-  private long mNoOfOperations = 0;
-  private Vector mSubEvents = new Vector();
-  private StatsEvent mParent = null;
-
-  public StatsEvent(StatsEvent parent)
-  {
-    mParent = parent;
-  }
-  
-  public void setName(String name) 
-  {
-    mName = name;
-  }
-
-  /**
-   * Retrieves Transaction name.
-   */ 
-  public String getName() 
-  {
-    return mName;
-  }
-    
-  public void addSubEvent(StatsEvent st)
-  {
-    mSubEvents.addElement(st);
-  }
-
-  /**
-   * Retrieves a list of sub transaction names.
-   */
-  public Enumeration getSubEventNames()
-  {
-    Vector names = new Vector();
-    Enumeration e = mSubEvents.elements();
-    while (e.hasMoreElements()) {
-      StatsEvent st = (StatsEvent)e.nextElement();
-      names.addElement(st.getName());
-    }
-    return names.elements();
-  }  
-
-  /** 
-   * Retrieves a sub transaction.
-   */
-  public StatsEvent getSubEvent(String name)
-  {
-    Enumeration e = mSubEvents.elements();
-    while (e.hasMoreElements()) {
-      StatsEvent st = (StatsEvent)e.nextElement();
-      if (st.getName().equals(name)) {
-        return st;
-      }
-    }
-    return null;
-  }
-
-  public void resetCounters()
-  {
-    mMin = -1;
-    mMax = -1;
-    mNoOfOperations = 0;
-    mTimeTaken = 0;
-    mTimeTakenSqSum = 0;
-    Enumeration e = getSubEventNames();
-    while (e.hasMoreElements()) {
-      String n = (String)e.nextElement();
-      StatsEvent c = getSubEvent(n);
-      c.resetCounters();
-    }
-  }
-
-  public long getMax()
-  {
-    return mMax;
-  }
-
-  public long getMin()
-  {
-    return mMin;
-  }
-
-  public void incNoOfOperations(long c)
-  {
-    mNoOfOperations += c;
-  }
-
-  public long getTimeTakenSqSum()
-  {
-    return mTimeTakenSqSum;
-  }
-
-  public long getPercentage()
-  {
-    if (mParent == null || mParent.getTimeTaken() == 0) {
-      return 100;
-    } else {
-      return (mTimeTaken * 100 / mParent.getTimeTaken());
-    }
-  }
-
-  public long getStdDev()
-  {
-    if (getNoOfOperations() == 0) {
-      return 0;
-    } else {
-      long a = getTimeTakenSqSum();
-      long b = (-2 * getAvg() *getTimeTaken());
-      long c = getAvg() * getAvg() * getNoOfOperations();
-      return (long)Math.sqrt((a + b + c)/getNoOfOperations());
-    }
-  }
-
-  public long getAvg()
-  {
-    if (mNoOfOperations == 0) {
-      return -1;
-    } else {
-      return mTimeTaken/mNoOfOperations;
-    }
-  }
-
-  /**
-   * Retrieves number of operations performed.
-   */
-  public long getNoOfOperations()
-  {
-    return mNoOfOperations;
-  }
- 
-  public void incTimeTaken(long c)
-  {
-    if (mMin == -1) {
-      mMin = c;
-    } else {
-      if (c < mMin) {
-        mMin = c;
-      }
-    }
-    if (mMax == -1) {
-      mMax = c;
-    } else {
-      if (c > mMax) {
-        mMax = c;
-      }
-    }
-    mTimeTaken += c;
-    mTimeTakenSqSum += (c * c);
-  }
-
-  /**
-   * Retrieves total time token in msec.
-   */
-  public long getTimeTaken()
-  {
-    return mTimeTaken;
-  }
+public class StatsEvent {
+    private String mName = null;
+    private long mMin = -1;
+    private long mMax = -1;
+    private long mTimeTaken = 0;
+    private long mTimeTakenSqSum = 0;
+    private long mNoOfOperations = 0;
+    private Vector mSubEvents = new Vector();
+    private StatsEvent mParent = null;
+
+    public StatsEvent(StatsEvent parent) {
+        mParent = parent;
+    }
+
+    public void setName(String name) {
+        mName = name;
+    }
+
+    /**
+     * Retrieves Transaction name.
+     */
+    public String getName() {
+        return mName;
+    }
+
+    public void addSubEvent(StatsEvent st) {
+        mSubEvents.addElement(st);
+    }
+
+    /**
+     * Retrieves a list of sub transaction names.
+     */
+    public Enumeration getSubEventNames() {
+        Vector names = new Vector();
+        Enumeration e = mSubEvents.elements();
+        while (e.hasMoreElements()) {
+            StatsEvent st = (StatsEvent) e.nextElement();
+            names.addElement(st.getName());
+        }
+        return names.elements();
+    }
+
+    /**
+     * Retrieves a sub transaction.
+     */
+    public StatsEvent getSubEvent(String name) {
+        Enumeration e = mSubEvents.elements();
+        while (e.hasMoreElements()) {
+            StatsEvent st = (StatsEvent) e.nextElement();
+            if (st.getName().equals(name)) {
+                return st;
+            }
+        }
+        return null;
+    }
+
+    public void resetCounters() {
+        mMin = -1;
+        mMax = -1;
+        mNoOfOperations = 0;
+        mTimeTaken = 0;
+        mTimeTakenSqSum = 0;
+        Enumeration e = getSubEventNames();
+        while (e.hasMoreElements()) {
+            String n = (String) e.nextElement();
+            StatsEvent c = getSubEvent(n);
+            c.resetCounters();
+        }
+    }
+
+    public long getMax() {
+        return mMax;
+    }
+
+    public long getMin() {
+        return mMin;
+    }
+
+    public void incNoOfOperations(long c) {
+        mNoOfOperations += c;
+    }
+
+    public long getTimeTakenSqSum() {
+        return mTimeTakenSqSum;
+    }
+
+    public long getPercentage() {
+        if (mParent == null || mParent.getTimeTaken() == 0) {
+            return 100;
+        } else {
+            return (mTimeTaken * 100 / mParent.getTimeTaken());
+        }
+    }
+
+    public long getStdDev() {
+        if (getNoOfOperations() == 0) {
+            return 0;
+        } else {
+            long a = getTimeTakenSqSum();
+            long b = (-2 * getAvg() * getTimeTaken());
+            long c = getAvg() * getAvg() * getNoOfOperations();
+            return (long) Math.sqrt((a + b + c) / getNoOfOperations());
+        }
+    }
+
+    public long getAvg() {
+        if (mNoOfOperations == 0) {
+            return -1;
+        } else {
+            return mTimeTaken / mNoOfOperations;
+        }
+    }
+
+    /**
+     * Retrieves number of operations performed.
+     */
+    public long getNoOfOperations() {
+        return mNoOfOperations;
+    }
+
+    public void incTimeTaken(long c) {
+        if (mMin == -1) {
+            mMin = c;
+        } else {
+            if (c < mMin) {
+                mMin = c;
+            }
+        }
+        if (mMax == -1) {
+            mMax = c;
+        } else {
+            if (c > mMax) {
+                mMax = c;
+            }
+        }
+        mTimeTaken += c;
+        mTimeTakenSqSum += (c * c);
+    }
+
+    /**
+     * Retrieves total time token in msec.
+     */
+    public long getTimeTaken() {
+        return mTimeTaken;
+    }
 }
-- 
cgit