Refactored dynamic client code & add tenancy handling to authenticators

components/identity-extensions/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/DynamicClientUtil.java

@@ -26,11 +26,8 @@ import org.wso2.carbon.dynamic.client.registration.DynamicClientRegistrationServ
  */
 public class DynamicClientUtil {
 
-	public static DynamicClientRegistrationService getDynamicClientRegistrationService() {
+    public static DynamicClientRegistrationService getDynamicClientRegistrationService() {
-		DynamicClientRegistrationService dynamicClientRegistrationService;
+        PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
-		PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+        return  (DynamicClientRegistrationService) ctx.getOSGiService(DynamicClientRegistrationService.class, null);
-		dynamicClientRegistrationService =
+    }
-				(DynamicClientRegistrationService) ctx.getOSGiService(DynamicClientRegistrationService.class, null);
-		return dynamicClientRegistrationService;
-	}
 }

components/identity-extensions/dynamic-client-registration/dynamic-client-web/src/main/java/org/wso2/carbon/dynamic/client/web/impl/RegistrationServiceImpl.java

@@ -46,30 +46,30 @@ public class RegistrationServiceImpl implements RegistrationService {
     @POST
     @Override
     public Response register(RegistrationProfile profile) {
+        Response response;
         try {
             PrivilegedCarbonContext.startTenantFlow();
             PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
                     MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
             PrivilegedCarbonContext.getThreadLocalCarbonContext().
                     setTenantId(MultitenantConstants.SUPER_TENANT_ID);
-
             DynamicClientRegistrationService dynamicClientRegistrationService = DynamicClientUtil.
-                                                             getDynamicClientRegistrationService();
+                                                                                  getDynamicClientRegistrationService();
-            if(dynamicClientRegistrationService != null){
+            if (dynamicClientRegistrationService != null) {
-                OAuthApplicationInfo info = dynamicClientRegistrationService.
+                OAuthApplicationInfo info = dynamicClientRegistrationService.registerOAuthApplication(profile);
-                                                                 registerOAuthApplication(profile);
                 return Response.status(Response.Status.CREATED).entity(info.toString()).build();
             }
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).
+            response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).
-                               entity("Dynamic Client Registration Service not available.").build();
+                    entity("Dynamic Client Registration Service not available.").build();
         } catch (DynamicClientRegistrationException e) {
             String msg = "Error occurred while registering client '" + profile.getClientName() + "'";
             log.error(msg, e);
-            return Response.status(Response.Status.BAD_REQUEST).entity(
+            response = Response.status(Response.Status.BAD_REQUEST).entity(
                     new FaultResponse(ErrorCode.INVALID_CLIENT_METADATA, msg)).build();
         } finally {
             PrivilegedCarbonContext.endTenantFlow();
         }
+        return response;
     }
 
     @DELETE
@@ -77,26 +77,32 @@ public class RegistrationServiceImpl implements RegistrationService {
     public Response unregister(@QueryParam("applicationName") String applicationName,
                                @QueryParam("userId") String userId,
                                @QueryParam("consumerKey") String consumerKey) {
+        Response response;
         try {
+            PrivilegedCarbonContext.startTenantFlow();
+            PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
+                    MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
+            PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
             DynamicClientRegistrationService dynamicClientRegistrationService = DynamicClientUtil.
-                                                             getDynamicClientRegistrationService();
+                                                                                  getDynamicClientRegistrationService();
-            if(dynamicClientRegistrationService != null){
+            if (dynamicClientRegistrationService != null) {
-                boolean status = dynamicClientRegistrationService.unregisterOAuthApplication(userId,
+                boolean status = dynamicClientRegistrationService.unregisterOAuthApplication(userId, applicationName,
-                                                                                           applicationName,
+                                                                                             consumerKey);
-                                                                                           consumerKey);
+                if (status) {
-                if(status){
                     return Response.status(Response.Status.ACCEPTED).build();
                 }
                 return Response.status(Response.Status.BAD_REQUEST).build();
             }
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).
+            response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).
                     entity("Dynamic Client Registration Service not available.").build();
         } catch (DynamicClientRegistrationException e) {
             String msg = "Error occurred while un-registering client '" + applicationName + "'";
             log.error(msg, e);
-            return Response.serverError().
+            response = Response.serverError().entity(new FaultResponse(ErrorCode.INVALID_CLIENT_METADATA, msg)).build();
-                    entity(new FaultResponse(ErrorCode.INVALID_CLIENT_METADATA, msg)).build();
+        } finally {
+            PrivilegedCarbonContext.endTenantFlow();
         }
+        return response;
     }
 
 }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/ApplicationConstants.java

@@ -26,6 +26,7 @@ public final class ApplicationConstants {
         private ClientMetadata() {
             throw new AssertionError();
         }
+        //todo refactor names
         public static final String OAUTH_CLIENT_ID = "client_id"; //this means consumer key
         public static final String OAUTH_CLIENT_SECRET = "client_secret";
         public static final String OAUTH_REDIRECT_URIS = "redirect_uris";
@@ -36,7 +37,7 @@ public final class ApplicationConstants {
         public static final String APP_CALLBACK_URL = "callback_url";
         public static final String APP_HOME_PAGE = "homepage";
         public static final String OAUTH_CLIENT_CONTACT = "contact";
-        public static final String APP_LOGOURI = "logouri";
+        public static final String APP_LOGO_URI = "logo_uri";
         public static final String OAUTH_CLIENT_SCOPE = "scope";
         public static final String OAUTH_CLIENT_GRANT = "grant_types";
         public static final String OAUTH_CLIENT_RESPONSETYPE = "response_types";

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationException.java

@@ -19,7 +19,7 @@
 package org.wso2.carbon.dynamic.client.registration;
 
 /**
- * Custom exception to be thrown inside DynamicClientRegistration related functionalities.
+ * Custom exception to be thrown inside DynamicClientRegistration related functionality.
  */
 public class DynamicClientRegistrationException extends Exception {
 

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/DynamicClientRegistrationService.java

@@ -21,7 +21,8 @@ package org.wso2.carbon.dynamic.client.registration;
 import org.wso2.carbon.dynamic.client.registration.profile.RegistrationProfile;
 
 /**
- * This class represents the interface to be implemented by DynamicClientRegistrationService.
+ * This class represents the interface to be implemented by DynamicClientRegistrationService which
+ * is used to support the Dynamic-client-authentication protocol.
  */
 public interface DynamicClientRegistrationService {
 
@@ -34,7 +35,7 @@ public interface DynamicClientRegistrationService {
      * @throws DynamicClientRegistrationException
      *
      */
-    public OAuthApplicationInfo registerOAuthApplication(
+    OAuthApplicationInfo registerOAuthApplication(
             RegistrationProfile profile) throws DynamicClientRegistrationException;
 
     /**
@@ -47,7 +48,7 @@ public interface DynamicClientRegistrationService {
      * @throws DynamicClientRegistrationException
      *
      */
-    public boolean unregisterOAuthApplication(String userName, String applicationName,
+    boolean unregisterOAuthApplication(String userName, String applicationName,
                                               String consumerKey) throws DynamicClientRegistrationException;
 
     /**
@@ -58,6 +59,6 @@ public interface DynamicClientRegistrationService {
      * @throws DynamicClientRegistrationException
      *
      */
-    public boolean isOAuthApplicationExists(String applicationName) throws DynamicClientRegistrationException;
+    boolean isOAuthApplicationAvailable(String applicationName) throws DynamicClientRegistrationException;
 
 }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/OAuthApplicationInfo.java

@@ -31,7 +31,7 @@ public class OAuthApplicationInfo {
     private String clientName;
     private String callBackURL;
     private String clientSecret;
-    private Map<String,Object> parameters = new HashMap<String, Object>();
+    private Map<String, Object> parameters = new HashMap<String, Object>();
 
     public String getClientId() {
         return clientId;
@@ -49,39 +49,39 @@ public class OAuthApplicationInfo {
         this.clientSecret = clientSecret;
     }
 
-    public void setClientName(String clientName){
+    public void setClientName(String clientName) {
         this.clientName = clientName;
     }
 
-    public void setCallBackURL(String callBackURL){
+    public void setCallBackURL(String callBackURL) {
         this.callBackURL = callBackURL;
     }
 
-    public void addParameter(String name,Object value){
+    public void addParameter(String name, Object value) {
-        parameters.put(name,value);
+        parameters.put(name, value);
     }
 
-    public Object getParameter(String name){
+    public Object getParameter(String name) {
         return parameters.get(name);
     }
 
-    public String getJsonString(){
+    public String getJsonString() {
         return JSONObject.toJSONString(parameters);
     }
 
-    public String getClientName(){
+    public String getClientName() {
         return clientName;
     }
 
-    public String getCallBackURL(){
+    public String getCallBackURL() {
         return callBackURL;
     }
 
-    public void putAll(Map<String,Object> parameters){
+    public void putAll(Map<String, Object> parameters) {
         this.parameters.putAll(parameters);
     }
 
-    public void removeParameter(String key){
+    public void removeParameter(String key) {
         this.parameters.remove(key);
     }
 

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/impl/DynamicClientRegistrationServiceImpl.java

@@ -38,12 +38,13 @@ import org.wso2.carbon.identity.sso.saml.admin.SAMLSSOConfigAdmin;
 import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO;
 import org.wso2.carbon.registry.core.Registry;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
+
 import java.util.Arrays;
 
 /**
  * Implementation of DynamicClientRegistrationService.
  */
-public class DynamicClientRegistrationImpl implements DynamicClientRegistrationService {
+public class DynamicClientRegistrationServiceImpl implements DynamicClientRegistrationService {
 
     private static final String TOKEN_SCOPE = "tokenScope";
     private static final String MDM = "mdm";
@@ -54,12 +55,14 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
     private static final String ASSERTION_CONSUMER_URI = "https://localhost:9443/mdm/sso/acs";
     private static final String AUDIENCE = "https://null:9443/oauth2/token";
     private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class);
+    private static final String AUTH_TYPE_OAUTH_2 = "oauth2";
+    private static final String OAUTH_CONSUMER_SECRET = "oauthConsumerSecret";
+    private static final int STEP_ORDER = 1;
 
     @Override
-    public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile)
+    public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws
-            throws DynamicClientRegistrationException {
+                                                                                    DynamicClientRegistrationException {
         OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
-
         String applicationName = profile.getClientName();
 
         if (log.isDebugEnabled()) {
@@ -74,9 +77,10 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
         OAuthApplicationInfo info;
         try {
             info = this.createOAuthApplication(profile);
-        } catch (Exception e) {
+        } catch (DynamicClientRegistrationException e) {
-            throw new DynamicClientRegistrationException(
+            throw new DynamicClientRegistrationException("Can not create OAuth application  : " + applicationName, e);
-                    "Can not create OAuth application  : " + applicationName, e);
+        } catch (IdentityException e) {
+            throw new DynamicClientRegistrationException("Can not create OAuth application  : " + applicationName, e);
         }
 
         if (info == null || info.getJsonString() == null) {
@@ -92,18 +96,14 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
         try {
             JSONObject jsonObject = new JSONObject(info.getJsonString());
             if (jsonObject.has(ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS)) {
-                oAuthApplicationInfo
+                oAuthApplicationInfo.addParameter(ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS,
-                        .addParameter(ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS,
+                                                  jsonObject
-                                      jsonObject
+                                                          .get(ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS));
-                                              .get(ApplicationConstants.ClientMetadata.
-                                                           OAUTH_REDIRECT_URIS));
             }
 
             if (jsonObject.has(ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT)) {
-                oAuthApplicationInfo.addParameter(ApplicationConstants.ClientMetadata.
+                oAuthApplicationInfo.addParameter(ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT, jsonObject
-                                                          OAUTH_CLIENT_GRANT, jsonObject
+                                                          .get(ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT));
-                                                          .get(ApplicationConstants.ClientMetadata.
-                                                                       OAUTH_CLIENT_GRANT));
             }
         } catch (JSONException e) {
             throw new DynamicClientRegistrationException(
@@ -113,8 +113,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
     }
 
     private OAuthApplicationInfo createOAuthApplication(
-            RegistrationProfile profile)
+            RegistrationProfile profile) throws DynamicClientRegistrationException, IdentityException {
-            throws DynamicClientRegistrationException, IdentityException {
 
         //Subscriber's name should be passed as a parameter, since it's under the subscriber
         //the OAuth App is created.
@@ -152,27 +151,22 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
             serviceProvider.setOwner(user);
 
             serviceProvider.setDescription("Service Provider for application " + applicationName);
-
+            ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.getInstance().
-            ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.
+                    getApplicationManagementService();
-                                                   getInstance().getApplicationManagementService();
             if (appMgtService == null) {
-                throw new IllegalStateException(
+                throw new IllegalStateException("Error occurred while retrieving Application Management" + "Service");
-                        "Error occurred while retrieving Application Management" +
-                                "Service");
             }
 
-            ServiceProvider existingServiceProvider = appMgtService.getServiceProvider(
+            ServiceProvider existingServiceProvider = appMgtService.getServiceProvider(applicationName, tenantDomain);
-                    applicationName, tenantDomain);
 
             if (existingServiceProvider == null) {
                 appMgtService.createApplication(serviceProvider, tenantDomain, userName);
             }
 
-            ServiceProvider createdServiceProvider = appMgtService.getServiceProvider(
+            ServiceProvider createdServiceProvider = appMgtService.getServiceProvider(applicationName, tenantDomain);
-                    applicationName, tenantDomain);
             if (createdServiceProvider == null) {
-                throw new DynamicClientRegistrationException(
+                throw new DynamicClientRegistrationException("Couldn't create Service Provider Application " +
-                        "Couldn't create Service Provider Application " + applicationName);
+                                                             applicationName);
             }
             //Set SaaS app option
             createdServiceProvider.setSaasApp(isSaaSApp);
@@ -187,8 +181,8 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
                 log.debug("Creating OAuth App " + applicationName);
             }
 
-            if ((existingServiceProvider == null) || (existingServiceProvider.
+            if ((existingServiceProvider == null) || (existingServiceProvider.getInboundAuthenticationConfig().
-                    getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs().length == 0)) {
+                    getInboundAuthenticationRequestConfigs().length == 0)) {
                 oAuthAdminService.registerOAuthApplicationData(oAuthConsumerApp);
             }
 
@@ -210,14 +204,13 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
             InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = new
                     InboundAuthenticationRequestConfig();
             inboundAuthenticationRequestConfig.setInboundAuthKey(createdApp.getOauthConsumerKey());
-            inboundAuthenticationRequestConfig.setInboundAuthType("oauth2");
+            inboundAuthenticationRequestConfig.setInboundAuthType(AUTH_TYPE_OAUTH_2);
-            if (createdApp.getOauthConsumerSecret() != null && !createdApp.
+            String oauthConsumerSecret = createdApp.getOauthConsumerSecret();
-                    getOauthConsumerSecret()
+            if (oauthConsumerSecret != null && !oauthConsumerSecret.isEmpty()) {
-                    .isEmpty()) {
                 Property property = new Property();
-                property.setName("oauthConsumerSecret");
+                property.setName(OAUTH_CONSUMER_SECRET);
-                property.setValue(createdApp.getOauthConsumerSecret());
+                property.setValue(oauthConsumerSecret);
-                Property[] properties = {property};
+                Property[] properties = { property };
                 inboundAuthenticationRequestConfig.setProperties(properties);
             }
 
@@ -225,7 +218,7 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
             samlssoServiceProviderDTO.setIssuer(MDM);
             samlssoServiceProviderDTO.setAssertionConsumerUrl(ASSERTION_CONSUMER_URI);
             samlssoServiceProviderDTO.setDoSignResponse(true);
-            samlssoServiceProviderDTO.setRequestedAudiences(new String[]{AUDIENCE});
+            samlssoServiceProviderDTO.setRequestedAudiences(new String[] { AUDIENCE });
 
             SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
             configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO);
@@ -240,15 +233,15 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
             localAuth.setEnabled(true);
 
             AuthenticationStep authStep = new AuthenticationStep();
-            authStep.setStepOrder(1);
+            authStep.setStepOrder(STEP_ORDER);
             authStep.setSubjectStep(true);
             authStep.setAttributeStep(true);
 
-            authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[]{localAuth});
+            authStep.setLocalAuthenticatorConfigs(new LocalAuthenticatorConfig[] { localAuth });
 
             LocalAndOutboundAuthenticationConfig localOutboundAuthConfig = new LocalAndOutboundAuthenticationConfig();
             localOutboundAuthConfig.setAuthenticationType(LOCAL);
-            localOutboundAuthConfig.setAuthenticationSteps(new AuthenticationStep[]{authStep});
+            localOutboundAuthConfig.setAuthenticationSteps(new AuthenticationStep[] { authStep });
 
             inboundAuthenticationRequestConfigs[0] = inboundAuthenticationRequestConfig;
             inboundAuthenticationRequestConfigs[1] = samlAuthenticationRequest;
@@ -263,15 +256,13 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
             OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
             oAuthApplicationInfo.setClientId(createdApp.getOauthConsumerKey());
             oAuthApplicationInfo.setCallBackURL(createdApp.getCallbackUrl());
-            oAuthApplicationInfo.setClientSecret(createdApp.getOauthConsumerSecret());
+            oAuthApplicationInfo.setClientSecret(oauthConsumerSecret);
             oAuthApplicationInfo.setClientName(createdApp.getApplicationName());
 
             oAuthApplicationInfo.addParameter(
-                    ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS,
+                    ApplicationConstants.ClientMetadata.OAUTH_REDIRECT_URIS, createdApp.getCallbackUrl());
-                    createdApp.getCallbackUrl());
             oAuthApplicationInfo.addParameter(
-                    ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT,
+                    ApplicationConstants.ClientMetadata.OAUTH_CLIENT_GRANT, createdApp.getGrantTypes());
-                    createdApp.getGrantTypes());
 
             return oAuthApplicationInfo;
         } catch (IdentityApplicationManagementException e) {
@@ -287,20 +278,19 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
     }
 
     protected Registry getConfigSystemRegistry() {
-        return (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().
+        return (Registry) PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType.
-                getRegistry(RegistryType.SYSTEM_CONFIGURATION);
+                                                                                                  SYSTEM_CONFIGURATION);
     }
 
     @Override
-    public boolean unregisterOAuthApplication(String userId, String applicationName,
+    public boolean unregisterOAuthApplication(String userId, String applicationName, String consumerKey) throws
-                                              String consumerKey) throws DynamicClientRegistrationException {
+                                                                                    DynamicClientRegistrationException {
         DynamicClientRegistrationUtil.validateUsername(userId);
         DynamicClientRegistrationUtil.validateApplicationName(applicationName);
         DynamicClientRegistrationUtil.validateConsumerKey(consumerKey);
 
         boolean status = false;
         String tenantDomain = MultitenantUtils.getTenantDomain(userId);
-        String baseUser = CarbonContext.getThreadLocalCarbonContext().getUsername();
         String userName = MultitenantUtils.getTenantAwareUsername(userId);
 
         PrivilegedCarbonContext.startTenantFlow();
@@ -312,9 +302,9 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
         try {
             oAuthAdminService = new OAuthAdminService();
             oAuthConsumerApp = oAuthAdminService.getOAuthApplicationData(consumerKey);
-        } catch (IdentityOAuthAdminException e) {
-            throw new DynamicClientRegistrationException("Error occurred while retrieving application data", e);
         } catch (Exception e) {
+            //We had to catch Exception here because getOAuthApplicationData can throw exceptions of java.lang.Exception
+            // class.
             throw new DynamicClientRegistrationException("Error occurred while retrieving application data", e);
         }
 
@@ -325,17 +315,15 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
 
         try {
             oAuthAdminService.removeOAuthApplicationData(consumerKey);
-
+            ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.getInstance().
-            ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.
+                    getApplicationManagementService();
-                                                    getInstance().getApplicationManagementService();
 
             if (appMgtService == null) {
                 throw new IllegalStateException(
                         "Error occurred while retrieving Application Management" +
-                                "Service");
+                        "Service");
             }
-            ServiceProvider createdServiceProvider = appMgtService.getServiceProvider(
+            ServiceProvider createdServiceProvider = appMgtService.getServiceProvider(applicationName, tenantDomain);
-                    applicationName, tenantDomain);
             if (createdServiceProvider == null) {
                 throw new DynamicClientRegistrationException(
                         "Couldn't retrieve Service Provider Application " + applicationName);
@@ -346,38 +334,31 @@ public class DynamicClientRegistrationImpl implements DynamicClientRegistrationS
             throw new DynamicClientRegistrationException(
                     "Error occurred while removing ServiceProvider for application '" + applicationName + "'", e);
         } catch (IdentityOAuthAdminException e) {
-            throw new DynamicClientRegistrationException("Error occurred while removing application '" +
-                    applicationName + "'", e);
-        } catch (Exception e) {
             throw new DynamicClientRegistrationException("Error occurred while removing application '" +
                                                          applicationName + "'", e);
         } finally {
             PrivilegedCarbonContext.endTenantFlow();
-            PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(baseUser);
         }
         return status;
     }
 
     @Override
-    public boolean isOAuthApplicationExists(String applicationName) throws DynamicClientRegistrationException {
+    public boolean isOAuthApplicationAvailable(String applicationName) throws DynamicClientRegistrationException {
-        ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.
+        ApplicationManagementService appMgtService = DynamicClientRegistrationDataHolder.getInstance().
-                                                    getInstance().getApplicationManagementService();
+                getApplicationManagementService();
         if (appMgtService == null) {
             throw new IllegalStateException(
                     "Error occurred while retrieving Application Management" +
-                            "Service");
+                    "Service");
         }
         try {
-            if (appMgtService.getServiceProvider(applicationName,
+            return appMgtService.getServiceProvider(applicationName,
-                                                 CarbonContext.getThreadLocalCarbonContext()
+                                                    CarbonContext.getThreadLocalCarbonContext().getTenantDomain()) !=
-                                                              .getTenantDomain()) != null) {
+                   null;
-                return true;
-            }
         } catch (IdentityApplicationManagementException e) {
             throw new DynamicClientRegistrationException(
                     "Error occurred while retrieving information of OAuthApp " + applicationName, e);
         }
-        return false;
     }
 
 }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/internal/DynamicClientRegistrationDataHolder.java

@@ -45,7 +45,7 @@ public class DynamicClientRegistrationDataHolder {
         return applicationManagementService;
     }
 
-    public void setApplicationManagementService(ApplicationManagementService realmService) {
+    public void setApplicationManagementService(ApplicationManagementService applicationManagementService) {
-        this.applicationManagementService = realmService;
+        this.applicationManagementService = applicationManagementService;
     }
 }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/internal/DynamicClientRegistrationServiceComponent.java

@@ -20,9 +20,10 @@ package org.wso2.carbon.dynamic.client.registration.internal;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.osgi.framework.ServiceRegistration;
 import org.osgi.service.component.ComponentContext;
 import org.wso2.carbon.dynamic.client.registration.DynamicClientRegistrationService;
-import org.wso2.carbon.dynamic.client.registration.impl.DynamicClientRegistrationImpl;
+import org.wso2.carbon.dynamic.client.registration.impl.DynamicClientRegistrationServiceImpl;
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
 
 /**
@@ -44,9 +45,9 @@ public class DynamicClientRegistrationServiceComponent {
             log.debug("Starting DynamicClientRegistrationServiceComponent");
         }
         DynamicClientRegistrationService dynamicClientRegistrationService =
-                new DynamicClientRegistrationImpl();
+                new DynamicClientRegistrationServiceImpl();
-        componentContext.getBundleContext().registerService(DynamicClientRegistrationService.class.getName(),
+        componentContext.getBundleContext().registerService(
-                                      dynamicClientRegistrationService, null);
+                DynamicClientRegistrationService.class.getName(), dynamicClientRegistrationService, null);
     }
 
     @SuppressWarnings("unused")

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.registration/src/main/java/org/wso2/carbon/dynamic/client/registration/profile/RegistrationProfile.java

@@ -19,11 +19,11 @@ package org.wso2.carbon.dynamic.client.registration.profile;
 
 /**
  *
- * DTO class to be used when registering a OAuth application.
+ * DTO class to be used when registering an OAuth application.
  *
 * */
 public class RegistrationProfile {
-
+//todo mark mandatory fields
     private String applicationType;
     private String[] redirectUris;
     private String clientName;

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicClientWebAppRegistrationManager.java

@@ -41,11 +41,9 @@ import java.util.*;
 public class DynamicClientWebAppRegistrationManager {
 
     private static DynamicClientWebAppRegistrationManager dynamicClientWebAppRegistrationManager;
-    private static List<RegistrationProfile> registrationProfileList = new ArrayList<>();
     private static Map<String, ServletContext> webAppContexts = new HashMap<>();
 
-    private static final Log log =
+    private static final Log log = LogFactory.getLog(DynamicClientWebAppRegistrationManager.class);
-            LogFactory.getLog(DynamicClientWebAppRegistrationManager.class);
 
     private DynamicClientWebAppRegistrationManager() {
     }
@@ -64,17 +62,14 @@ public class DynamicClientWebAppRegistrationManager {
 
     public OAuthAppDetails registerOAuthApplication(RegistrationProfile registrationProfile) {
         if (log.isDebugEnabled()) {
-            log.debug("Registering OAuth application for web app : " +
+            log.debug("Registering OAuth application for web app : " + registrationProfile.getClientName());
-                      registrationProfile.getClientName());
         }
         if (DynamicClientWebAppRegistrationUtil.validateRegistrationProfile(registrationProfile)) {
             DynamicClientRegistrationService dynamicClientRegistrationService =
-                    DynamicClientWebAppRegistrationDataHolder.getInstance()
+                    DynamicClientWebAppRegistrationDataHolder.getInstance().getDynamicClientRegistrationService();
-                                                             .getDynamicClientRegistrationService();
             try {
                 OAuthApplicationInfo oAuthApplicationInfo =
-                        dynamicClientRegistrationService
+                        dynamicClientRegistrationService.registerOAuthApplication(registrationProfile);
-                                .registerOAuthApplication(registrationProfile);
                 OAuthAppDetails oAuthAppDetails = new OAuthAppDetails();
                 oAuthAppDetails.setWebAppName(registrationProfile.getClientName());
                 oAuthAppDetails.setClientName(oAuthApplicationInfo.getClientName());
@@ -84,19 +79,17 @@ public class DynamicClientWebAppRegistrationManager {
                 if (DynamicClientWebAppRegistrationUtil.putOAuthApplicationData(oAuthAppDetails)) {
                     return oAuthAppDetails;
                 } else {
-                    dynamicClientRegistrationService
+                    dynamicClientRegistrationService.unregisterOAuthApplication(registrationProfile.getOwner(),
-                            .unregisterOAuthApplication(registrationProfile.getOwner(),
                                                         oAuthApplicationInfo.getClientName(),
                                                         oAuthApplicationInfo.getClientId());
-                    log.warn(
+                    log.warn("Error occurred while persisting the OAuth application data in registry.");
-                            "Error occurred while persisting the OAuth application data in registry.");
                 }
             } catch (DynamicClientRegistrationException e) {
                 log.error("Error occurred while registering the OAuth application : " +
                           registrationProfile.getClientName(), e);
             }
         }
-        return new OAuthAppDetails();
+        return null;
     }
 
     public OAuthAppDetails getOAuthApplicationData(String clientName) {
@@ -106,12 +99,13 @@ public class DynamicClientWebAppRegistrationManager {
             log.error("Error occurred while fetching the OAuth application data for web app : " +
                       clientName, e);
         }
-        return new OAuthAppDetails();
+        return null;
     }
 
     public boolean isRegisteredOAuthApplication(String clientName) {
         OAuthAppDetails oAuthAppDetails = this.getOAuthApplicationData(clientName);
-        if (oAuthAppDetails.getClientKey() != null && oAuthAppDetails.getClientSecret() != null) {
+        if (oAuthAppDetails != null && (oAuthAppDetails.getClientKey() != null && oAuthAppDetails.getClientSecret() !=
+                                                                                  null)) {
             return true;
         }
         return false;
@@ -119,66 +113,66 @@ public class DynamicClientWebAppRegistrationManager {
 
     public void saveServletContextToCache(StandardContext context) {
         DynamicClientWebAppRegistrationManager.webAppContexts.put(context.getBaseName(),
-                                                                       context.getServletContext());
+                                                                  context.getServletContext());
     }
 
     public void initiateDynamicClientRegistration() {
         String requiredDynamicClientRegistration, webAppName;
         ServletContext servletContext;
         RegistrationProfile registrationProfile;
-        OAuthAppDetails oAuthAppDetails = new OAuthAppDetails();
+        OAuthAppDetails oAuthAppDetails = null;
         DynamicClientWebAppRegistrationManager dynamicClientWebAppRegistrationManager =
                 DynamicClientWebAppRegistrationManager.getInstance();
-
+        //todo move enumeration to while loop
         Enumeration enumeration = new IteratorEnumeration(DynamicClientWebAppRegistrationManager.
-                                                                webAppContexts.keySet().iterator());
+                webAppContexts.keySet().iterator());
         if (log.isDebugEnabled()) {
             log.debug("Initiating the DynamicClientRegistration service for web-apps");
         }
-        while (enumeration.hasMoreElements()){
+        while (enumeration.hasMoreElements()) {
+            oAuthAppDetails = new OAuthAppDetails();
             webAppName = (String) enumeration.nextElement();
             servletContext = DynamicClientWebAppRegistrationManager.webAppContexts.get(webAppName);
             requiredDynamicClientRegistration = servletContext.getInitParameter(
                     DynamicClientWebAppRegistrationConstants.DYNAMIC_CLIENT_REQUIRED_FLAG);
             //Java web-app section
-            if ((requiredDynamicClientRegistration != null) &&
+            if ((requiredDynamicClientRegistration != null) && (Boolean.
-                (Boolean.parseBoolean(requiredDynamicClientRegistration))) {
+                                                                               parseBoolean(
+                                                                                       requiredDynamicClientRegistration))) {
                 //Check whether this is an already registered application
                 if (!dynamicClientWebAppRegistrationManager.isRegisteredOAuthApplication(webAppName)) {
                     //Construct the RegistrationProfile
                     registrationProfile = DynamicClientWebAppRegistrationUtil.
-                                               constructRegistrationProfile(servletContext,
+                                                        constructRegistrationProfile(servletContext, webAppName);
-                                                                            webAppName);
                     //Register the OAuth application
-                    oAuthAppDetails = dynamicClientWebAppRegistrationManager.registerOAuthApplication(
+                    oAuthAppDetails =
-                            registrationProfile);
+                            dynamicClientWebAppRegistrationManager.registerOAuthApplication(registrationProfile);
 
                 } else {
-                    oAuthAppDetails =
+                    oAuthAppDetails = dynamicClientWebAppRegistrationManager.getOAuthApplicationData(webAppName);
-                            dynamicClientWebAppRegistrationManager.getOAuthApplicationData(webAppName);
                 }
             } else if (requiredDynamicClientRegistration == null) {
                 //Jaggery apps
-                JaggeryOAuthConfigurationSettings jaggeryOAuthConfigurationSettings = DynamicClientWebAppRegistrationUtil
+                JaggeryOAuthConfigurationSettings jaggeryOAuthConfigurationSettings =
-                        .getJaggeryAppOAuthSettings(servletContext);
+                        DynamicClientWebAppRegistrationUtil.getJaggeryAppOAuthSettings(servletContext);
                 if (jaggeryOAuthConfigurationSettings.isRequireDynamicClientRegistration()) {
-                    if (!dynamicClientWebAppRegistrationManager
+                    if (!dynamicClientWebAppRegistrationManager.isRegisteredOAuthApplication(webAppName)) {
-                            .isRegisteredOAuthApplication(webAppName)) {
+                        registrationProfile = DynamicClientWebAppRegistrationUtil.
-                        registrationProfile = DynamicClientWebAppRegistrationUtil
+                                                      constructRegistrationProfile(jaggeryOAuthConfigurationSettings,
-                                .constructRegistrationProfile(jaggeryOAuthConfigurationSettings, webAppName);
+                                                                                   webAppName);
-                        oAuthAppDetails = dynamicClientWebAppRegistrationManager
+                        oAuthAppDetails = dynamicClientWebAppRegistrationManager.
-                                .registerOAuthApplication(registrationProfile);
+                                                                          registerOAuthApplication(registrationProfile);
                     } else {
-                        oAuthAppDetails = dynamicClientWebAppRegistrationManager
+                        oAuthAppDetails = dynamicClientWebAppRegistrationManager.getOAuthApplicationData(webAppName);
-                                .getOAuthApplicationData(webAppName);
                     }
                 }
             }
             //Add client credentials to the web-context
-            if (oAuthAppDetails.getClientKey() != null) {
+            if ((oAuthAppDetails != null && oAuthAppDetails.getClientKey() != null) && !oAuthAppDetails.getClientKey().isEmpty()) {
                 DynamicClientWebAppRegistrationUtil.addClientCredentialsToWebContext(oAuthAppDetails,
-                                                                                     servletContext);
+                                                          servletContext);
-                log.info("Added OAuth application credentials to webapp context of webapp : " + webAppName);
+                log.info("Added OAuth application credentials to webapp context of webapp : " +
+                         webAppName);
             }
         }
     }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/dto/JaggeryOAuthConfigurationSettings.java

@@ -22,7 +22,7 @@ import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
 /**
- * Represents OAuthConfiguration data.
+ * Represents OAuthConfiguration data required to create OAuth service provider for Jaggery apps.
  */
 @XmlRootElement(name = "OAuthSettings")
 public class JaggeryOAuthConfigurationSettings {

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/dto/OAuthAppDetails.java

@@ -22,7 +22,7 @@ import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
 /**
- * Represents an OAuth application with basic data.
+ * Represents an OAuth application with basic necessary data.
  */
 @XmlRootElement(name = "OAuthAppDetails")
 public class OAuthAppDetails {

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationDataHolder.java

@@ -44,10 +44,11 @@ public class DynamicClientWebAppRegistrationDataHolder {
     }
 
     public ConfigurationContextService getConfigurationContextService() {
-        if(configurationContextService != null){
+        if (configurationContextService != null) {
             return configurationContextService;
         } else {
-            throw new IllegalStateException("ConfigurationContext service has not initialized properly");
+            throw new IllegalStateException(
+                    "ConfigurationContext service has not initialized properly");
         }
     }
 
@@ -57,10 +58,11 @@ public class DynamicClientWebAppRegistrationDataHolder {
     }
 
     public DynamicClientRegistrationService getDynamicClientRegistrationService() {
-        if(dynamicClientRegistrationService != null){
+        if (dynamicClientRegistrationService != null) {
             return dynamicClientRegistrationService;
         } else {
-            throw new IllegalStateException("DynamicClientRegistration service has not initialized properly");
+            throw new IllegalStateException(
+                    "DynamicClientRegistration service has not initialized properly");
         }
     }
 
@@ -70,7 +72,7 @@ public class DynamicClientWebAppRegistrationDataHolder {
     }
 
     public RealmService getRealmService() {
-        if(realmService != null){
+        if (realmService != null) {
             return realmService;
         } else {
             throw new IllegalStateException("RealmService has not initialized properly");
@@ -82,7 +84,7 @@ public class DynamicClientWebAppRegistrationDataHolder {
     }
 
     public RegistryService getRegistryService() {
-        if(registryService != null){
+        if (registryService != null) {
             return registryService;
         } else {
             throw new IllegalStateException("Registry Service has not initialized properly");

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/internal/DynamicClientWebAppRegistrationServiceComponent.java

@@ -58,114 +58,119 @@ import org.wso2.carbon.utils.ConfigurationContextService;
  */
 public class DynamicClientWebAppRegistrationServiceComponent {
 
-	private ServiceTracker serviceTracker;
+    private static Log log =
-	private static Log log = LogFactory.getLog(DynamicClientWebAppRegistrationServiceComponent.class);
+            LogFactory.getLog(DynamicClientWebAppRegistrationServiceComponent.class);
 
-	@SuppressWarnings("unused")
+    @SuppressWarnings("unused")
-	protected void activate(ComponentContext componentContext) {
+    protected void activate(ComponentContext componentContext) {
         componentContext.getBundleContext().registerService(ServerStartupObserver.class.getName(),
-                                               new WebAppRegistrationServerStartupObserver(), null) ;
+                                                            new WebAppRegistrationServerStartupObserver(), null);
-	}
+    }
 
-	@SuppressWarnings("unused")
+    @SuppressWarnings("unused")
-	protected void deactivate(ComponentContext componentContext) {
+    protected void deactivate(ComponentContext componentContext) {
 
-	}
+    }
 
-	/**
+    /**
-	 * Sets Realm Service.
+     * Sets Realm Service.
-	 *
+     *
-	 * @param realmService An instance of RealmService
+     * @param realmService An instance of RealmService
-	 */
+     */
-	protected void setRealmService(RealmService realmService) {
+    protected void setRealmService(RealmService realmService) {
-		if (log.isDebugEnabled()) {
+        if (log.isDebugEnabled()) {
-			log.debug("Setting Realm Service");
+            log.debug("Setting Realm Service");
-		}
+        }
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setRealmService(realmService);
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setRealmService(realmService);
-	}
+    }
 
-	/**
+    /**
-	 * Unsets Realm Service.
+     * Unsets Realm Service.
-	 *
+     *
-	 * @param realmService An instance of RealmService
+     * @param realmService An instance of RealmService
-	 */
+     */
-	protected void unsetRealmService(RealmService realmService) {
+    protected void unsetRealmService(RealmService realmService) {
-		if (log.isDebugEnabled()) {
+        if (log.isDebugEnabled()) {
-			log.debug("Unsetting Realm Service");
+            log.debug("Unsetting Realm Service");
-		}
+        }
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setRealmService(null);
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setRealmService(null);
-	}
+    }
 
-	/**
+    /**
-	 * Sets Registry Service.
+     * Sets Registry Service.
-	 *
+     *
-	 * @param registryService An instance of RegistryService
+     * @param registryService An instance of RegistryService
-	 */
+     */
-	protected void setRegistryService(RegistryService registryService) {
+    protected void setRegistryService(RegistryService registryService) {
-		if (log.isDebugEnabled()) {
+        if (log.isDebugEnabled()) {
-			log.debug("Setting Registry Service");
+            log.debug("Setting Registry Service");
-		}
+        }
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setRegistryService(registryService);
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setRegistryService(registryService);
-	}
+    }
 
-	/**
+    /**
-	 * Unsets Registry Service.
+     * Unsets Registry Service.
-	 *
+     *
-	 * @param registryService An instance of RegistryService
+     * @param registryService An instance of RegistryService
-	 */
+     */
-	protected void unsetRegistryService(RegistryService registryService) {
+    protected void unsetRegistryService(RegistryService registryService) {
-		if (log.isDebugEnabled()) {
+        if (log.isDebugEnabled()) {
-			log.debug("Un setting Registry Service");
+            log.debug("Un setting Registry Service");
-		}
+        }
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setRegistryService(null);
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setRegistryService(null);
-	}
+    }
 
-	/**
+    /**
-	 * Sets Dynamic Client Registration Service.
+     * Sets Dynamic Client Registration Service.
-	 *
+     *
-	 * @param dynamicClientRegistrationService An instance of DynamicClientRegistrationService
+     * @param dynamicClientRegistrationService An instance of DynamicClientRegistrationService
-	 */
+     */
-	protected void setDynamicClientService(DynamicClientRegistrationService dynamicClientRegistrationService) {
+    protected void setDynamicClientService(
-		if (log.isDebugEnabled()) {
+            DynamicClientRegistrationService dynamicClientRegistrationService) {
-			log.debug("Setting Dynamic Client Registration Service");
+        if (log.isDebugEnabled()) {
-		}
+            log.debug("Setting Dynamic Client Registration Service");
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setDynamicClientRegistrationService(
+        }
-				dynamicClientRegistrationService);
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setDynamicClientRegistrationService(
-	}
+                dynamicClientRegistrationService);
+    }
 
-	/**
+    /**
-	 * Unsets Dynamic Client Registration Service.
+     * Unsets Dynamic Client Registration Service.
-	 *
+     *
-	 * @param dynamicClientRegistrationService An instance of DynamicClientRegistrationService
+     * @param dynamicClientRegistrationService An instance of DynamicClientRegistrationService
-	 */
+     */
-	protected void unsetDynamicClientService(DynamicClientRegistrationService dynamicClientRegistrationService) {
+    protected void unsetDynamicClientService(
-		if (log.isDebugEnabled()) {
+            DynamicClientRegistrationService dynamicClientRegistrationService) {
-			log.debug("Un setting Dynamic Client Registration Service");
+        if (log.isDebugEnabled()) {
-		}
+            log.debug("Un setting Dynamic Client Registration Service");
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setDynamicClientRegistrationService(null);
+        }
-	}
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setDynamicClientRegistrationService(null);
+    }
 
-	/**
+    /**
-	 * Sets ConfigurationContext Service.
+     * Sets ConfigurationContext Service.
-	 *
+     *
-	 * @param configurationContextService An instance of ConfigurationContextService
+     * @param configurationContextService An instance of ConfigurationContextService
-	 */
+     */
-	protected void setConfigurationContextService(ConfigurationContextService configurationContextService) {
+    protected void setConfigurationContextService(
-		if (log.isDebugEnabled()) {
+            ConfigurationContextService configurationContextService) {
-			log.debug("Setting ConfigurationContextService");
+        if (log.isDebugEnabled()) {
-		}
+            log.debug("Setting ConfigurationContextService");
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setConfigurationContextService(configurationContextService);
+        }
-	}
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setConfigurationContextService(
+                configurationContextService);
+    }
 
-	/**
+    /**
-	 * Unsets ConfigurationContext Service.
+     * Unsets ConfigurationContext Service.
-	 *
+     *
-	 * @param configurationContextService An instance of ConfigurationContextService
+     * @param configurationContextService An instance of ConfigurationContextService
-	 */
+     */
-	protected void unsetConfigurationContextService(ConfigurationContextService configurationContextService) {
+    protected void unsetConfigurationContextService(
-		if (log.isDebugEnabled()) {
+            ConfigurationContextService configurationContextService) {
-			log.debug("Un-setting ConfigurationContextService");
+        if (log.isDebugEnabled()) {
-		}
+            log.debug("Un-setting ConfigurationContextService");
-		DynamicClientWebAppRegistrationDataHolder.getInstance().setConfigurationContextService(null);
+        }
-	}
+        DynamicClientWebAppRegistrationDataHolder.getInstance().setConfigurationContextService(null);
+    }
 }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/listner/DynamicClientWebAppDeploymentLifecycleListener.java

@@ -40,8 +40,7 @@ public class DynamicClientWebAppDeploymentLifecycleListener implements Lifecycle
     public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
         if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType())) {
             StandardContext context = (StandardContext) lifecycleEvent.getLifecycle();
-            DynamicClientWebAppRegistrationManager.getInstance().saveServletContextToCache(
+            DynamicClientWebAppRegistrationManager.getInstance().saveServletContextToCache(context);
-                    context);
         }
     }
 }

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/util/DynamicClientWebAppRegistrationUtil.java

@@ -62,9 +62,8 @@ public class DynamicClientWebAppRegistrationUtil {
     public static Registry getGovernanceRegistry() throws DynamicClientRegistrationException {
         try {
             int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
-            return DynamicClientWebAppRegistrationDataHolder.getInstance().getRegistryService()
+            return DynamicClientWebAppRegistrationDataHolder.getInstance().getRegistryService().
-                                                      .getGovernanceSystemRegistry(
+                    getGovernanceSystemRegistry(tenantId);
-                                                              tenantId);
         } catch (RegistryException e) {
             throw new DynamicClientRegistrationException(
                     "Error in retrieving governance registry instance: " +
@@ -75,8 +74,7 @@ public class DynamicClientWebAppRegistrationUtil {
     public static OAuthAppDetails getOAuthApplicationData(String appName)
             throws DynamicClientRegistrationException {
         Resource resource;
-        String resourcePath =
+        String resourcePath = DynamicClientWebAppRegistrationConstants.OAUTH_APP_DATA_REGISTRY_PATH + "/" + appName;
-                DynamicClientWebAppRegistrationConstants.OAUTH_APP_DATA_REGISTRY_PATH + "/" + appName;
         try {
             if (log.isDebugEnabled()) {
                 log.debug("Retrieving OAuth application " + appName + " data from Registry");
@@ -86,9 +84,8 @@ public class DynamicClientWebAppRegistrationUtil {
                 JAXBContext context = JAXBContext.newInstance(OAuthAppDetails.class);
                 Unmarshaller unmarshaller = context.createUnmarshaller();
                 return (OAuthAppDetails) unmarshaller.unmarshal(
-                        new StringReader(new String((byte[]) resource.getContent(), Charset
+                        new StringReader(new String((byte[]) resource.getContent(), Charset.forName(
-                                .forName(
+                                DynamicClientWebAppRegistrationConstants.CharSets.CHARSET_UTF8))));
-                                        DynamicClientWebAppRegistrationConstants.CharSets.CHARSET_UTF8))));
             }
             return new OAuthAppDetails();
         } catch (JAXBException e) {
@@ -96,13 +93,12 @@ public class DynamicClientWebAppRegistrationUtil {
                     "Error occurred while parsing the OAuth application data : " + appName, e);
         } catch (RegistryException e) {
             throw new DynamicClientRegistrationException(
-                    "Error occurred while retrieving the Registry resource of OAuth application : " +
+                    "Error occurred while retrieving the Registry resource of OAuth application : " + appName, e);
-                    appName, e);
         }
     }
 
-    public static boolean putOAuthApplicationData(OAuthAppDetails oAuthAppDetails)
+    public static boolean putOAuthApplicationData(OAuthAppDetails oAuthAppDetails) throws
-            throws DynamicClientRegistrationException {
+                                                                                   DynamicClientRegistrationException {
         boolean status;
         try {
             if (log.isDebugEnabled()) {
@@ -113,15 +109,12 @@ public class DynamicClientWebAppRegistrationUtil {
             Marshaller marshaller = context.createMarshaller();
             marshaller.marshal(oAuthAppDetails, writer);
 
-            Resource resource =
+            Resource resource = DynamicClientWebAppRegistrationUtil.getGovernanceRegistry().newResource();
-                    DynamicClientWebAppRegistrationUtil.getGovernanceRegistry().newResource();
             resource.setContent(writer.toString());
             resource.setMediaType(DynamicClientWebAppRegistrationConstants.ContentTypes.MEDIA_TYPE_XML);
-            String resourcePath =
+            String resourcePath = DynamicClientWebAppRegistrationConstants.OAUTH_APP_DATA_REGISTRY_PATH + "/" +
-                    DynamicClientWebAppRegistrationConstants.OAUTH_APP_DATA_REGISTRY_PATH + "/" +
                     oAuthAppDetails.getWebAppName();
-            status =
+            status = DynamicClientWebAppRegistrationUtil.putRegistryResource(resourcePath, resource);
-                    DynamicClientWebAppRegistrationUtil.putRegistryResource(resourcePath, resource);
         } catch (RegistryException e) {
             throw new DynamicClientRegistrationException(
                     "Error occurred while persisting OAuth application data : " +
@@ -134,53 +127,42 @@ public class DynamicClientWebAppRegistrationUtil {
         return status;
     }
 
-    public static boolean putRegistryResource(String path,
+    public static boolean putRegistryResource(String path, Resource resource) throws DynamicClientRegistrationException {
-                                              Resource resource)
-            throws DynamicClientRegistrationException {
-        boolean status;
         try {
-            Registry governanceRegistry = DynamicClientWebAppRegistrationUtil
+            Registry governanceRegistry = DynamicClientWebAppRegistrationUtil.getGovernanceRegistry();
-                    .getGovernanceRegistry();
             governanceRegistry.beginTransaction();
             governanceRegistry.put(path, resource);
             governanceRegistry.commitTransaction();
-            status = true;
+            return true;
         } catch (RegistryException e) {
-            throw new DynamicClientRegistrationException(
+            throw new DynamicClientRegistrationException("Error occurred while persisting registry resource : " +
-                    "Error occurred while persisting registry resource : " +
+                                                         e.getMessage(), e);
-                    e.getMessage(), e);
         }
-        return status;
     }
 
-    public static Resource getRegistryResource(String path)
+    public static Resource getRegistryResource(String path) throws DynamicClientRegistrationException {
-            throws DynamicClientRegistrationException {
         try {
-            Registry governanceRegistry = DynamicClientWebAppRegistrationUtil
+            Registry governanceRegistry = DynamicClientWebAppRegistrationUtil.getGovernanceRegistry();
-                    .getGovernanceRegistry();
             if (governanceRegistry.resourceExists(path)) {
                 return governanceRegistry.get(path);
             }
             return null;
         } catch (RegistryException e) {
-            throw new DynamicClientRegistrationException(
+            throw new DynamicClientRegistrationException("Error in retrieving registry resource : " +
-                    "Error in retrieving registry resource : " +
+                                                         e.getMessage(), e);
-                    e.getMessage(), e);
         }
     }
 
     public static String getUserName() {
         String username = "";
-        RealmService realmService =
+        RealmService realmService = DynamicClientWebAppRegistrationDataHolder.getInstance().getRealmService();
-                DynamicClientWebAppRegistrationDataHolder.getInstance().getRealmService();
         if (realmService != null) {
             username = realmService.getBootstrapRealmConfiguration().getAdminUserName();
         }
         return username;
     }
 
-    public static RegistrationProfile constructRegistrationProfile(ServletContext servletContext,
+    public static RegistrationProfile constructRegistrationProfile(ServletContext servletContext, String webAppName) {
-                                                                   String webAppName) {
         RegistrationProfile registrationProfile;
         registrationProfile = new RegistrationProfile();
         registrationProfile.setGrantType(servletContext.getInitParameter(
@@ -193,18 +175,16 @@ public class DynamicClientWebAppRegistrationUtil {
         if ((callbackURL != null) && !callbackURL.isEmpty()) {
             registrationProfile.setCallbackUrl(callbackURL);
         } else {
-            registrationProfile.setCallbackUrl(DynamicClientWebAppRegistrationUtil.getCallbackUrl(
+            registrationProfile.setCallbackUrl(DynamicClientWebAppRegistrationUtil.getCallbackUrl(webAppName));
-                    webAppName));
         }
         registrationProfile.setClientName(webAppName);
         registrationProfile.setSaasApp(Boolean.parseBoolean(servletContext.getInitParameter(
                 DynamicClientWebAppRegistrationUtil.OAUTH_PARAM_SAAS_APP)));
-
         return registrationProfile;
     }
 
-    public static RegistrationProfile constructRegistrationProfile(
+    public static RegistrationProfile constructRegistrationProfile(JaggeryOAuthConfigurationSettings
-            JaggeryOAuthConfigurationSettings jaggeryOAuthConfigurationSettings, String webAppName) {
+                                                                 jaggeryOAuthConfigurationSettings, String webAppName) {
         RegistrationProfile registrationProfile = new RegistrationProfile();
         if (jaggeryOAuthConfigurationSettings != null) {
             registrationProfile.setGrantType(jaggeryOAuthConfigurationSettings.getGrantType());
@@ -215,18 +195,17 @@ public class DynamicClientWebAppRegistrationUtil {
             if (jaggeryOAuthConfigurationSettings.getCallbackURL() != null) {
                 registrationProfile.setCallbackUrl(jaggeryOAuthConfigurationSettings.getCallbackURL());
             } else {
-                registrationProfile.setCallbackUrl(
+                registrationProfile.setCallbackUrl(DynamicClientWebAppRegistrationUtil.getCallbackUrl(webAppName));
-                        DynamicClientWebAppRegistrationUtil.getCallbackUrl(webAppName));
             }
         } else {
-            log.warn(
+            log.warn("Please configure OAuth settings properly for jaggery app : " + webAppName);
-                    "Please configure OAuth settings properly for jaggery app : " + webAppName);
         }
         return registrationProfile;
     }
 
     public static boolean validateRegistrationProfile(RegistrationProfile registrationProfile) {
         boolean status = true;
+        //todo fix this
         if (registrationProfile.getGrantType() == null) {
             status = false;
             log.warn("Required parameter 'grantType' is missing for initiating Dynamic-Client " +
@@ -241,14 +220,11 @@ public class DynamicClientWebAppRegistrationUtil {
     }
 
     public static JaggeryOAuthConfigurationSettings getJaggeryAppOAuthSettings(ServletContext servletContext) {
-        JaggeryOAuthConfigurationSettings
+        JaggeryOAuthConfigurationSettings jaggeryOAuthConfigurationSettings = new JaggeryOAuthConfigurationSettings();
-                jaggeryOAuthConfigurationSettings = new JaggeryOAuthConfigurationSettings();
         try {
-            InputStream inputStream =
+            InputStream inputStream = servletContext.getResourceAsStream(JAGGERY_APP_OAUTH_CONFIG_PATH);
-                    servletContext.getResourceAsStream(JAGGERY_APP_OAUTH_CONFIG_PATH);
             if (inputStream != null) {
-                JsonReader reader =
+                JsonReader reader = new JsonReader(new InputStreamReader(inputStream, CHARSET_UTF_8));
-                        new JsonReader(new InputStreamReader(inputStream, CHARSET_UTF_8));
                 reader.beginObject();
                 while (reader.hasNext()) {
                     String key = reader.nextName();
@@ -307,7 +283,7 @@ public class DynamicClientWebAppRegistrationUtil {
 
     public static void addClientCredentialsToWebContext(OAuthAppDetails oAuthAppDetails,
                                                         ServletContext servletContext) {
-        if(oAuthAppDetails != null){
+        if (oAuthAppDetails != null) {
             //Check for client credentials
             if ((oAuthAppDetails.getClientKey() != null && !oAuthAppDetails.getClientKey().isEmpty()) &&
                 (oAuthAppDetails.getClientSecret() != null && !oAuthAppDetails.getClientSecret().isEmpty())) {

components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java

@@ -46,6 +46,7 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
         private PermissionMethod() {
             throw new AssertionError();
         }
+
         public static final String READ = "read";
         public static final String WRITE = "write";
         public static final String DELETE = "delete";
@@ -70,12 +71,13 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
                 getPermissionManagerService();
         try {
             Permission permission = permissionManagerService.getPermission(properties);
-            if((permission != null) && (accessTokenDO.getAuthzUser() != null)) {
+            if ((permission != null) && (accessTokenDO.getAuthzUser() != null)) {
                 String username = accessTokenDO.getAuthzUser().getUserName();
                 UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
-                if(userRealm != null && userRealm.getAuthorizationManager() != null){
+                if (userRealm != null && userRealm.getAuthorizationManager() != null) {
-                    status = userRealm.getAuthorizationManager().isUserAuthorized(username, permission.getPath(),
+                    status = userRealm.getAuthorizationManager()
-                                                                                  PermissionMethod.READ);
+                                      .isUserAuthorized(username, permission.getPath(),
+                                                        PermissionMethod.READ);
                 }
             }
         } catch (PermissionManagementException e) {

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticationFrameworkUtil.java

@@ -62,8 +62,8 @@ public class AuthenticationFrameworkUtil {
             String username = apiKeyValidationDTO.getEndUserName();
             PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username);
             try {
-                PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(
+                PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(IdentityUtil.
-                        IdentityUtil.getTenantIdOFUser(username));
+                                                                                           getTenantIdOFUser(username));
             } catch (IdentityException e) {
                 throw new AuthenticationException("Error occurred while retrieving the tenant ID of user '" +
                         username + "'", e);

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticationInfo.java

@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * you may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.webapp.authenticator.framework;
+
+import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
+
+/**
+ * DTO class to hold the information of authenticated user AND STATUS.
+ */
+public class AuthenticationInfo {
+
+    private WebappAuthenticator.Status status = WebappAuthenticator.Status.FAILURE;
+    private String username;
+    private String tenantDomain;
+    private int tenantId = -1;
+
+    public WebappAuthenticator.Status getStatus() {
+        return status;
+    }
+
+    public void setStatus(
+            WebappAuthenticator.Status status) {
+        this.status = status;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getTenantDomain() {
+        return tenantDomain;
+    }
+
+    public void setTenantDomain(String tenantDomain) {
+        this.tenantDomain = tenantDomain;
+    }
+
+    public int getTenantId() {
+        return tenantId;
+    }
+
+    public void setTenantId(int tenantId) {
+        this.tenantId = tenantId;
+    }
+}

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticatorFrameworkDataHolder.java

@@ -23,7 +23,7 @@ import org.wso2.carbon.device.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.user.core.service.RealmService;
 
-public class DataHolder {
+public class AuthenticatorFrameworkDataHolder {
 
     private WebappAuthenticatorRepository repository;
     private RealmService realmService;
@@ -31,11 +31,12 @@ public class DataHolder {
     private SCEPManager scepManager;
     private OAuth2TokenValidationService oAuth2TokenValidationService;
 
-    private static DataHolder thisInstance = new DataHolder();
+    private static AuthenticatorFrameworkDataHolder
+            thisInstance = new AuthenticatorFrameworkDataHolder();
 
-    private DataHolder() {}
+    private AuthenticatorFrameworkDataHolder() {}
 
-    public static DataHolder getInstance() {
+    public static AuthenticatorFrameworkDataHolder getInstance() {
         return thisInstance;
     }
 

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java

@@ -22,6 +22,7 @@ import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
 import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
@@ -31,9 +32,9 @@ import java.util.Arrays;
 import java.util.List;
 import java.util.StringTokenizer;
 
-public class WebappAuthenticationHandler extends CarbonTomcatValve {
+public class WebappAuthenticationValve extends CarbonTomcatValve {
 
-    private static final Log log = LogFactory.getLog(WebappAuthenticationHandler.class);
+    private static final Log log = LogFactory.getLog(WebappAuthenticationValve.class);
     private static final String BYPASS_URIS = "bypass-uris";
 
     @Override
@@ -44,16 +45,13 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {
             return;
         }
 
-        String byPassURIs = request.getContext().findParameter(WebappAuthenticationHandler.BYPASS_URIS);
+        String byPassURIs = request.getContext().findParameter(WebappAuthenticationValve.BYPASS_URIS);
-
-        if(byPassURIs != null && !byPassURIs.isEmpty()) {
 
+        if (byPassURIs != null && !byPassURIs.isEmpty()) {
             List<String> requestURI = Arrays.asList(byPassURIs.split(","));
-
+            if (requestURI != null && requestURI.size() > 0) {
-            if(requestURI != null && requestURI.size() > 0) {
                 for (String pathURI : requestURI) {
                     pathURI = pathURI.replace("\n", "").replace("\r", "").trim();
-
                     if (request.getRequestURI().equals(pathURI)) {
                         this.getNext().invoke(request, response, compositeValve);
                         return;
@@ -68,8 +66,21 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {
             AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
             return;
         }
-        WebappAuthenticator.Status status = authenticator.authenticate(request, response);
+        AuthenticationInfo authenticationInfo = authenticator.authenticate(request, response);
-        this.processResponse(request, response, compositeValve, status);
+        if (authenticationInfo.getTenantId() != -1) {
+            try {
+                PrivilegedCarbonContext.startTenantFlow();
+                PrivilegedCarbonContext privilegedCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+                privilegedCarbonContext.setTenantId(authenticationInfo.getTenantId());
+                privilegedCarbonContext.setTenantDomain(authenticationInfo.getTenantDomain());
+                privilegedCarbonContext.setUsername(authenticationInfo.getUsername());
+                this.processRequest(request, response, compositeValve, authenticationInfo.getStatus());
+            } finally {
+                PrivilegedCarbonContext.endTenantFlow();
+            }
+        } else {
+            this.processRequest(request, response, compositeValve, authenticationInfo.getStatus());
+        }
     }
 
     private boolean isAdminService(Request request) {
@@ -93,7 +104,7 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {
                 }
                 StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/");
                 if (!tokenizer.hasMoreTokens()) {
-                   return false;
+                    return false;
                 }
                 ctx = tokenizer.nextToken();
             }
@@ -101,8 +112,8 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {
         return (ctx.equalsIgnoreCase("carbon") || ctx.equalsIgnoreCase("services"));
     }
 
-    private void processResponse(Request request, Response response, CompositeValve compositeValve,
+    private void processRequest(Request request, Response response, CompositeValve compositeValve,
-                                 WebappAuthenticator.Status status) {
+                                WebappAuthenticator.Status status) {
         switch (status) {
             case SUCCESS:
             case CONTINUE:
@@ -111,7 +122,9 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {
             case FAILURE:
                 String msg = "Failed to authorize incoming request";
                 log.error(msg);
-                AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+                AuthenticationFrameworkUtil
+                        .handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED,
+                                        msg);
                 break;
         }
     }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java

@@ -26,12 +26,12 @@ import java.util.Map;
 public class WebappAuthenticatorFactory {
 
     public static WebappAuthenticator getAuthenticator(String authScheme) {
-        return DataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticator(authScheme);
+        return AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticator(authScheme);
     }
 
     public static WebappAuthenticator getAuthenticator(Request request) {
         Map<String, WebappAuthenticator> authenticators =
-                DataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticators();
+                AuthenticatorFrameworkDataHolder.getInstance().getWebappAuthenticatorRepository().getAuthenticators();
         for (WebappAuthenticator authenticator : authenticators.values()) {
             if (authenticator.canHandle(request)) {
                 return authenticator;

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java

@@ -1,71 +0,0 @@
-/*
- *   Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
- *
- *   WSO2 Inc. licenses this file to you under the Apache License,
- *   Version 2.0 (the "License"); you may not use this file except
- *   in compliance with the License.
- *   You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing,
- *   software distributed under the License is distributed on an
- *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *   KIND, either express or implied.  See the License for the
- *   specific language governing permissions and limitations
- *   under the License.
- *
- */
-package org.wso2.carbon.webapp.authenticator.framework;
-
-import org.apache.catalina.connector.Request;
-import org.apache.catalina.connector.Response;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
-import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
-import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
-
-import javax.servlet.http.HttpServletResponse;
-
-public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
-
-    private static final String AUTHENTICATION_SCHEME = "authentication-scheme";
-    private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class);
-
-    @Override
-    public void invoke(Request request, Response response, CompositeValve compositeValve) {
-
-        String authScheme = request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME);
-
-        if (authScheme == null || authScheme.isEmpty()) {
-            this.getNext().invoke(request, response, compositeValve);
-            return;
-        }
-
-        WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme);
-        if (authenticator == null) {
-            String msg = "Failed to load an appropriate authenticator to authenticate the request";
-            AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-            return;
-        }
-        WebappAuthenticator.Status status = authenticator.authenticate(request, response);
-        this.processResponse(request, response, compositeValve, status);
-    }
-
-    private void processResponse(Request request, Response response, CompositeValve compositeValve,
-                                 WebappAuthenticator.Status status) {
-        switch (status) {
-            case SUCCESS:
-            case CONTINUE:
-                this.getNext().invoke(request, response, compositeValve);
-                break;
-            case FAILURE:
-                String msg = "Failed to authorize incoming request";
-                log.error(msg);
-                AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
-                break;
-        }
-    }
-
-}

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java

@@ -25,6 +25,7 @@ import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.CharChunk;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.wso2.carbon.webapp.authenticator.framework.Constants;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 
 public class BasicAuthAuthenticator implements WebappAuthenticator {
 
@@ -45,8 +46,8 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public Status authenticate(Request request, Response response) {
+    public AuthenticationInfo authenticate(Request request, Response response) {
-        return Status.CONTINUE;
+        return new AuthenticationInfo();
     }
 
     @Override

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java

@@ -5,13 +5,13 @@ import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
-import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.scep.SCEPException;
 import org.wso2.carbon.device.mgt.core.scep.SCEPManager;
 import org.wso2.carbon.device.mgt.core.scep.TenantedDeviceWrapper;
-import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 
 import java.security.cert.X509Certificate;
 
@@ -27,56 +27,47 @@ public class CertificateAuthenticator implements WebappAuthenticator {
     @Override
     public boolean canHandle(Request request) {
         String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER);
-
         if (certVerificationHeader != null && !certVerificationHeader.isEmpty()) {
-
             String certHeader = request.getHeader(certVerificationHeader);
-
             return certHeader != null;
         }
-
         return false;
     }
 
     @Override
-    public Status authenticate(Request request, Response response) {
+    public AuthenticationInfo authenticate(Request request, Response response) {
 
+        AuthenticationInfo authenticationInfo = new AuthenticationInfo();
         String requestUri = request.getRequestURI();
         if (requestUri == null || requestUri.isEmpty()) {
-            return Status.CONTINUE;
+            authenticationInfo.setStatus(Status.CONTINUE);
         }
 
         String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER);
-
         try {
             if (certVerificationHeader != null && !certVerificationHeader.isEmpty()) {
 
                 String certHeader = request.getHeader(certVerificationHeader);
+                if (certHeader != null &&
+                    AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService().
+                            verifySignature(certHeader)) {
 
-                if (certHeader != null && DataHolder.getInstance().getCertificateManagementService().
+                    X509Certificate certificate =
-                        verifySignature(certHeader)) {
+                            AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService().
-
+                                    extractCertificateFromSignature(certHeader);
-                    X509Certificate certificate = DataHolder.getInstance().getCertificateManagementService().
+                    String challengeToken = AuthenticatorFrameworkDataHolder.getInstance().
-                            extractCertificateFromSignature(certHeader);
+                            getCertificateManagementService().extractChallengeToken(certificate);
-                    String challengeToken = DataHolder.getInstance().getCertificateManagementService().
-                            extractChallengeToken(certificate);
-
-                    if(challengeToken != null) {
 
+                    if (challengeToken != null) {
                         challengeToken = challengeToken.substring(challengeToken.indexOf("(") + 1).trim();
-
+                        SCEPManager scepManager = AuthenticatorFrameworkDataHolder.getInstance().getScepManager();
-                        SCEPManager scepManager = DataHolder.getInstance().getScepManager();
                         DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
                         deviceIdentifier.setId(challengeToken);
                         deviceIdentifier.setType(DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_IOS);
-
                         TenantedDeviceWrapper tenantedDeviceWrapper = scepManager.getValidatedDevice(deviceIdentifier);
-
+                        authenticationInfo.setTenantDomain(tenantedDeviceWrapper.getTenantDomain());
-                        PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+                        authenticationInfo.setTenantId(tenantedDeviceWrapper.getTenantId());
-                        ctx.setTenantId(tenantedDeviceWrapper.getTenantId());
+                        authenticationInfo.setStatus(Status.CONTINUE);
-                        ctx.setTenantDomain(tenantedDeviceWrapper.getTenantDomain());
-
-                        return Status.SUCCESS;
                     }
                 }
             }
@@ -85,8 +76,7 @@ public class CertificateAuthenticator implements WebappAuthenticator {
         } catch (SCEPException e) {
             log.error("SCEPException occurred ", e);
         }
-
+        return authenticationInfo;
-        return Status.FAILURE;
     }
 
     @Override

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java

@@ -28,14 +28,14 @@ import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.core.util.KeyStoreManager;
 import org.wso2.carbon.user.api.TenantManager;
 import org.wso2.carbon.user.api.UserStoreException;
 import org.wso2.carbon.user.api.UserStoreManager;
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
-import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
 
 import java.security.interfaces.RSAPublicKey;
 import java.text.ParseException;
@@ -49,26 +49,28 @@ public class JWTAuthenticator implements WebappAuthenticator {
 	private static final Log log = LogFactory.getLog(JWTAuthenticator.class);
 	public static final String SIGNED_JWT_AUTH_USERNAME = "Username";
 	private static final String JWT_AUTHENTICATOR = "JWT";
+	private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
 
     @Override
     public boolean canHandle(Request request) {
-	    String authorizationHeader = request.getHeader(HTTPConstants.HEADER_AUTHORIZATION);
+	    String authorizationHeader = request.getHeader(JWTAuthenticator.JWT_ASSERTION_HEADER);
-	    if(decodeAuthorizationHeader(authorizationHeader) != null){
+	    if((authorizationHeader != null) && !authorizationHeader.isEmpty()){
 		    return true;
 	    }
 	    return false;
     }
 
     @Override
-	public Status authenticate(Request request, Response response) {
+	public AuthenticationInfo authenticate(Request request, Response response) {
 		String requestUri = request.getRequestURI();
+	    AuthenticationInfo authenticationInfo = new AuthenticationInfo();
 		if (requestUri == null || "".equals(requestUri)) {
-			return Status.CONTINUE;
+			authenticationInfo.setStatus(Status.CONTINUE);
 		}
 		StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
 		String context = tokenizer.nextToken();
 		if (context == null || "".equals(context)) {
-			return Status.CONTINUE;
+            authenticationInfo.setStatus(Status.CONTINUE);
 		}
 
 		if (log.isDebugEnabled()) {
@@ -76,8 +78,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
 		}
 
 		//Get the filesystem keystore default primary certificate
-		KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(
+		KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
-				MultitenantConstants.SUPER_TENANT_ID);
 		try {
 			keyStoreManager.getDefaultPrimaryCertificate();
 			String authorizationHeader = request.getHeader(HTTPConstants.HEADER_AUTHORIZATION);
@@ -89,38 +90,33 @@ public class JWTAuthenticator implements WebappAuthenticator {
 				String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME);
 				String tenantDomain = MultitenantUtils.getTenantDomain(username);
 				username = MultitenantUtils.getTenantAwareUsername(username);
-				TenantManager tenantManager = DataHolder.getInstance().getRealmService().getTenantManager();
+				TenantManager tenantManager = AuthenticatorFrameworkDataHolder.getInstance().getRealmService().
+                        getTenantManager();
 				int tenantId = tenantManager.getTenantId(tenantDomain);
-
 				if (tenantId == -1) {
 					log.error("tenantDomain is not valid. username : " + username + ", tenantDomain " +
 					          ": " + tenantDomain);
-					return Status.FAILURE;
+				} else {
-				}
+                    UserStoreManager userStore = AuthenticatorFrameworkDataHolder.getInstance().getRealmService().
-
+                            getTenantUserRealm(tenantId).getUserStoreManager();
-				UserStoreManager userStore = DataHolder.getInstance().getRealmService().
+                    if (userStore.isExistingUser(username)) {
-						getTenantUserRealm(tenantId).getUserStoreManager();
+                        authenticationInfo.setTenantId(tenantId);
-				if (userStore.isExistingUser(username)) {
+                        authenticationInfo.setUsername(username);
-					PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+                        authenticationInfo.setTenantDomain(tenantDomain);
-					ctx.setTenantId(tenantId);
+                        authenticationInfo.setStatus(Status.CONTINUE);
-					ctx.setUsername(username);
+                    }
-					return Status.SUCCESS;
+                }
-				}
+    		}
-			}
 		} catch (UserStoreException e) {
 			log.error("Error occurred while obtaining the user.", e);
-			return Status.FAILURE;
 		} catch (ParseException e) {
 			log.error("Error occurred while parsing the JWT header.", e);
-			return Status.FAILURE;
 		} catch (JOSEException e) {
 			log.error("Error occurred while verifying the JWT header.", e);
-			return Status.FAILURE;
 		} catch (Exception e) {
 			log.error("Error occurred while verifying the JWT header.", e);
-			return Status.FAILURE;
 		}
-		return Status.CONTINUE;
+		return authenticationInfo;
 	}
 
 	private String decodeAuthorizationHeader(String authorizationHeader) {

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java

@@ -25,16 +25,12 @@ import org.apache.commons.logging.LogFactory;
 import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.MessageBytes;
 import org.wso2.carbon.apimgt.core.gateway.APITokenAuthenticator;
-import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.identity.base.IdentityException;
 import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO;
 import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
-import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
+import org.wso2.carbon.webapp.authenticator.framework.*;
-import org.wso2.carbon.webapp.authenticator.framework.AuthenticationFrameworkUtil;
-import org.wso2.carbon.webapp.authenticator.framework.Constants;
-import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
 
 import java.util.StringTokenizer;
 import java.util.regex.Matcher;
@@ -55,8 +51,7 @@ public class OAuthAuthenticator implements WebappAuthenticator {
     @Override
     public boolean canHandle(Request request) {
         MessageBytes authorization =
-                request.getCoyoteRequest().getMimeHeaders().
+                request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
-                        getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
         String tokenValue;
         if (authorization != null) {
             authorization.toBytes();
@@ -71,35 +66,34 @@ public class OAuthAuthenticator implements WebappAuthenticator {
     }
 
     @Override
-    public Status authenticate(Request request, Response response) {
+    public AuthenticationInfo authenticate(Request request, Response response) {
         String requestUri = request.getRequestURI();
         String requestMethod = request.getMethod();
+        AuthenticationInfo authenticationInfo = new AuthenticationInfo();
         if (requestUri == null || "".equals(requestUri)) {
-            return Status.CONTINUE;
+            authenticationInfo.setStatus(Status.CONTINUE);
+            return authenticationInfo;
         }
 
         StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
         String context = tokenizer.nextToken();
         if (context == null || "".equals(context)) {
-            return Status.CONTINUE;
+            authenticationInfo.setStatus(Status.CONTINUE);
         }
         String apiVersion = tokenizer.nextToken();
-        String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion,
+        String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
-                                                                         requestUri,
+        //String authLevel = "any";
-                                                                         requestMethod);
         try {
             if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) {
-                AuthenticationFrameworkUtil
+                AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion,
-                        .handleNoMatchAuthScheme(request, response, requestMethod,
+                                                                    context);
-                                                 apiVersion, context);
+                authenticationInfo.setStatus(Status.CONTINUE);
-                return Status.CONTINUE;
             } else {
                 String bearerToken = this.getBearerToken(request);
                 // Create a OAuth2TokenValidationRequestDTO object for validating access token
                 OAuth2TokenValidationRequestDTO dto = new OAuth2TokenValidationRequestDTO();
                 //Set the access token info
-                OAuth2TokenValidationRequestDTO.OAuth2AccessToken oAuth2AccessToken =
+                OAuth2TokenValidationRequestDTO.OAuth2AccessToken oAuth2AccessToken = dto.new OAuth2AccessToken();
-                        dto.new OAuth2AccessToken();
                 oAuth2AccessToken.setTokenType(OAuthAuthenticator.BEARER_TOKEN_TYPE);
                 oAuth2AccessToken.setIdentifier(bearerToken);
                 dto.setAccessToken(oAuth2AccessToken);
@@ -109,36 +103,32 @@ public class OAuthAuthenticator implements WebappAuthenticator {
                 resourceContextParam.setKey(OAuthAuthenticator.RESOURCE_KEY);
                 resourceContextParam.setValue(requestUri + ":" + requestMethod);
 
-                OAuth2TokenValidationRequestDTO.TokenValidationContextParam []
+                OAuth2TokenValidationRequestDTO.TokenValidationContextParam[]
                         tokenValidationContextParams = new OAuth2TokenValidationRequestDTO.TokenValidationContextParam[1];
                 tokenValidationContextParams[0] = resourceContextParam;
                 dto.setContext(tokenValidationContextParams);
 
                 OAuth2TokenValidationResponseDTO oAuth2TokenValidationResponseDTO =
-                        DataHolder.getInstance().
+                        AuthenticatorFrameworkDataHolder.getInstance().getoAuth2TokenValidationService().validate(dto);
-                                getoAuth2TokenValidationService().validate(dto);
                 if (oAuth2TokenValidationResponseDTO.isValid()) {
                     String username = oAuth2TokenValidationResponseDTO.getAuthorizedUser();
                     try {
-                        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(
+                        authenticationInfo.setUsername(username);
-                                IdentityUtil.getTenantIdOFUser(username));
+                        authenticationInfo.setTenantDomain(MultitenantUtils.getTenantDomain(username));
-                        PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username);
+                        authenticationInfo.setTenantId(IdentityUtil.getTenantIdOFUser(username));
-                        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
-                                MultitenantUtils.getTenantDomain(username));
                     } catch (IdentityException e) {
                         throw new AuthenticationException(
-                                "Error occurred while retrieving the tenant ID of user '" +
+                                "Error occurred while retrieving the tenant ID of user '" + username + "'", e);
-                                username + "'", e);
+                    }
+                    if (oAuth2TokenValidationResponseDTO.isValid()) {
+                        authenticationInfo.setStatus(Status.CONTINUE);
                     }
-                    boolean isAuthenticated = oAuth2TokenValidationResponseDTO.isValid();
-                    return (isAuthenticated) ? Status.SUCCESS : Status.FAILURE;
                 }
             }
         } catch (AuthenticationException e) {
             log.error("Failed to authenticate the incoming request", e);
-            return Status.FAILURE;
         }
-        return Status.FAILURE;
+        return authenticationInfo;
     }
 
     @Override

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/WebappAuthenticator.java

@@ -20,6 +20,7 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator;
 
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
 
 public interface WebappAuthenticator {
 
@@ -29,7 +30,7 @@ public interface WebappAuthenticator {
 
     boolean canHandle(Request request);
 
-    Status authenticate(Request request, Response response);
+    AuthenticationInfo authenticate(Request request, Response response);
 
     String getName();
 

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizationValve.java

@@ -38,14 +38,13 @@ public class PermissionAuthorizationValve extends CarbonTomcatValve {
     @Override
     public void invoke(Request request, Response response, CompositeValve compositeValve) {
 
-        String permissionStatus =
+        String permissionStatus = request.getContext().findParameter(AUTHORIZATION_ENABLED);
-                request.getContext().findParameter(AUTHORIZATION_ENABLED);
         if (permissionStatus == null || permissionStatus.isEmpty()) {
             this.processResponse(request, response, compositeValve, WebappAuthenticator.Status.CONTINUE);
             return;
         }
         // check whether the permission checking function is enabled in web.xml
-        boolean isEnabled = new Boolean(permissionStatus);
+        boolean isEnabled = Boolean.valueOf(permissionStatus);
         if (!isEnabled) {
             this.processResponse(request, response, compositeValve, WebappAuthenticator.Status.CONTINUE);
             return;

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java

@@ -44,13 +44,11 @@ public class PermissionAuthorizer {
         String requestUri = request.getRequestURI();
         String requestMethod = request.getMethod();
 
-        if (requestUri == null || requestUri.isEmpty() ||
+        if (requestUri == null || requestUri.isEmpty() || requestMethod == null || requestMethod.isEmpty()) {
-                requestMethod == null || requestMethod.isEmpty()) {
             return WebappAuthenticator.Status.CONTINUE;
         }
 
-        PermissionManagerServiceImpl
+        PermissionManagerServiceImpl registryBasedPermissionManager = PermissionManagerServiceImpl.getInstance();
-                registryBasedPermissionManager = PermissionManagerServiceImpl.getInstance();
         Properties properties = new Properties();
         properties.put("",requestUri);
         properties.put("",requestMethod);

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java

@@ -27,8 +27,8 @@ import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
 import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
 import org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer;
 import org.wso2.carbon.user.core.service.RealmService;
-import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
+import org.wso2.carbon.webapp.authenticator.framework.AuthenticatorFrameworkDataHolder;
-import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticationHandler;
+import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticationValve;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
 import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository;
 import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
@@ -77,15 +77,14 @@ public class WebappAuthenticatorFrameworkServiceComponent {
             WebappAuthenticatorConfig.init();
             WebappAuthenticatorRepository repository = new WebappAuthenticatorRepository();
             for (AuthenticatorConfig config : WebappAuthenticatorConfig.getInstance().getAuthenticators()) {
-                WebappAuthenticator authenticator =
+                WebappAuthenticator authenticator = (WebappAuthenticator) Class.forName(config.getClassName()).
-                        (WebappAuthenticator) Class.forName(config.getClassName()).newInstance();
+                        newInstance();
                 repository.addAuthenticator(authenticator);
             }
-            DataHolder.getInstance().setWebappAuthenticatorRepository(repository);
+            AuthenticatorFrameworkDataHolder.getInstance().setWebappAuthenticatorRepository(repository);
 
             List<CarbonTomcatValve> valves = new ArrayList<CarbonTomcatValve>();
-            valves.add(new WebappAuthenticationHandler());
+            valves.add(new WebappAuthenticationValve());
-            //valves.add(new PermissionAuthorizationValve());
             TomcatValveContainer.addValves(valves);
 
             if (log.isDebugEnabled()) {
@@ -105,18 +104,18 @@ public class WebappAuthenticatorFrameworkServiceComponent {
         if (log.isDebugEnabled()) {
             log.debug("RealmService acquired");
         }
-        DataHolder.getInstance().setRealmService(realmService);
+        AuthenticatorFrameworkDataHolder.getInstance().setRealmService(realmService);
     }
 
     protected void unsetRealmService(RealmService realmService) {
-        DataHolder.getInstance().setRealmService(null);
+        AuthenticatorFrameworkDataHolder.getInstance().setRealmService(null);
     }
 
     protected void setCertificateManagementService(CertificateManagementService certificateManagementService) {
         if (log.isDebugEnabled()) {
             log.debug("Setting certificate management service");
         }
-        DataHolder.getInstance().setCertificateManagementService(certificateManagementService);
+        AuthenticatorFrameworkDataHolder.getInstance().setCertificateManagementService(certificateManagementService);
     }
 
     protected void unsetCertificateManagementService(CertificateManagementService certificateManagementService) {
@@ -124,14 +123,14 @@ public class WebappAuthenticatorFrameworkServiceComponent {
             log.debug("Removing certificate management service");
         }
 
-        DataHolder.getInstance().setCertificateManagementService(null);
+        AuthenticatorFrameworkDataHolder.getInstance().setCertificateManagementService(null);
     }
 
     protected void setSCEPManagementService(SCEPManager scepManager) {
         if (log.isDebugEnabled()) {
             log.debug("Setting SCEP management service");
         }
-        DataHolder.getInstance().setScepManager(scepManager);
+        AuthenticatorFrameworkDataHolder.getInstance().setScepManager(scepManager);
     }
 
     protected void unsetSCEPManagementService(SCEPManager scepManager) {
@@ -139,7 +138,7 @@ public class WebappAuthenticatorFrameworkServiceComponent {
             log.debug("Removing SCEP management service");
         }
 
-        DataHolder.getInstance().setScepManager(null);
+        AuthenticatorFrameworkDataHolder.getInstance().setScepManager(null);
     }
 
     /**
@@ -151,7 +150,7 @@ public class WebappAuthenticatorFrameworkServiceComponent {
         if (log.isDebugEnabled()) {
             log.debug("Setting OAuth2TokenValidationService Service");
         }
-        DataHolder.getInstance().setoAuth2TokenValidationService(tokenValidationService);
+        AuthenticatorFrameworkDataHolder.getInstance().setoAuth2TokenValidationService(tokenValidationService);
     }
 
     /**
@@ -163,6 +162,6 @@ public class WebappAuthenticatorFrameworkServiceComponent {
         if (log.isDebugEnabled()) {
             log.debug("Unsetting OAuth2TokenValidationService Service");
         }
-        DataHolder.getInstance().setoAuth2TokenValidationService(null);
+        AuthenticatorFrameworkDataHolder.getInstance().setoAuth2TokenValidationService(null);
     }
 }