Bug 370177 - OAuth consumer management

- Add a user interface for managing OAuth consumers - Add support for Jazz provisional consumer keys - Add an optional component that manages consumer persistence - Add missing license files
author: Samuel Padgett 2012-01-30 19:24:06 (EST)
committer: Michael Fiedler 2012-01-31 13:02:19 (EST)
commit: 34e3643180a95bacc63873b1a3c6fea6e49234db (patch) (side-by-side diff)
tree: 26b2d3b92cea0c5e51ddb584a88604dcb47eeaf7
parent: b7550372a30b7039472e7cc0e1fd0c99e90570c0 (diff)
download: org.eclipse.lyo.server-34e3643180a95bacc63873b1a3c6fea6e49234db.zip
org.eclipse.lyo.server-34e3643180a95bacc63873b1a3c6fea6e49234db.tar.gz
org.eclipse.lyo.server-34e3643180a95bacc63873b1a3c6fea6e49234db.tar.bz2
64 files changed, 3502 insertions, 244 deletions
diff --git a/org.eclipse.lyo.samples.bugzilla/.gitignore b/org.eclipse.lyo.samples.bugzilla/.gitignore
index eb5a316..a8bdbc6 100644
--- a/org.eclipse.lyo.samples.bugzilla/.gitignore
+++ b/org.eclipse.lyo.samples.bugzilla/.gitignore
@@ -1 +1,3 @@
 target
+consumerStore
+/derby.log
diff --git a/org.eclipse.lyo.samples.bugzilla/pom.xml b/org.eclipse.lyo.samples.bugzilla/pom.xml
index d70dba5..249408c 100644
--- a/org.eclipse.lyo.samples.bugzilla/pom.xml
+++ b/org.eclipse.lyo.samples.bugzilla/pom.xml
@@ -88,6 +88,12 @@
 			<version>0.0.1-SNAPSHOT</version>
 		</dependency>
 		
+		<dependency>
+			<groupId>org.eclipse.lyo.server</groupId>
+			<artifactId>oauth-consumer-store</artifactId>
+			<version>0.0.1-SNAPSHOT</version>
+		</dependency>
+		
 	</dependencies>
 
 	<build>
diff --git a/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/BugzillaInitializer.java b/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/BugzillaInitializer.java
index 2436950..a0fc5cf 100644
--- a/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/BugzillaInitializer.java
+++ b/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/BugzillaInitializer.java
@@ -17,8 +17,7 @@
 package org.eclipse.lyo.samples.bugzilla;
 
 import java.io.IOException;
-import java.util.Collection;
-import java.util.Collections;
+import java.sql.SQLException;
 import java.util.Properties;
 
 import javax.servlet.ServletContextEvent;
@@ -36,12 +35,12 @@ import net.oauth.server.OAuthServlet;
 import org.eclipse.lyo.samples.bugzilla.exception.BugzillaOAuthException;
 import org.eclipse.lyo.samples.bugzilla.exception.UnauthroziedException;
 import org.eclipse.lyo.samples.bugzilla.utils.HttpUtils;
-import org.eclipse.lyo.server.oauth.core.Authentication;
+import org.eclipse.lyo.server.oauth.consumerstore.RdfConsumerStore;
+import org.eclipse.lyo.server.oauth.core.Application;
 import org.eclipse.lyo.server.oauth.core.AuthenticationException;
 import org.eclipse.lyo.server.oauth.core.OAuthConfiguration;
 import org.eclipse.lyo.server.oauth.core.OAuthRequest;
-import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
-import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
 import org.eclipse.lyo.server.oauth.core.token.LRUCache;
 import org.eclipse.lyo.server.oauth.core.token.SimpleTokenStrategy;
 
@@ -51,11 +50,17 @@ import com.j2bugzilla.base.ConnectionException;
 import com.j2bugzilla.rpc.LogIn;
 
 public class BugzillaInitializer implements ServletContextListener {
-
+	/**
+	 * The authentication realm for the Bugzilla adapter.
+	 */
+	public final static String REALM = "Bugzilla";
+	
     private static final String CONNECTOR_ATTRIBUTE = "org.eclipse.lyo.samples.bugzilla.BugzillaConnector";
+    private static final String ADMIN_SESSION_ATTRIBUTE = "org.eclipse.lyo.samples.bugzilla.AdminSession";
 	private static String baseUri = null;
     private static String bugzillaUri = null;
 	private static boolean provideHtml = true;
+	private static String admin = null;
 	
 	/*
 	 * We can't rely on session tracking always working for OAuth requests, so store the BugzillaConnector in a map
@@ -68,11 +73,8 @@ public class BugzillaInitializer implements ServletContextListener {
 	public void contextInitialized(ServletContextEvent event) {
 		OAuthConfiguration config = OAuthConfiguration.getInstance();
 
-		// The realm used in 401 unauthorized responses.
-		config.setRealm("Bugzilla");
-
 		// Validates a user's ID and password.
-		config.setAuthentication(new Authentication() {
+		config.setApplication(new Application() {
 			@Override
 			public void login(HttpServletRequest request, String id,
 					String password) throws AuthenticationException {
@@ -82,16 +84,30 @@ public class BugzillaInitializer implements ServletContextListener {
 					LogIn login = new LogIn(id, password);
 					bc.executeMethod(login);
 					request.setAttribute(CONNECTOR_ATTRIBUTE, bc);
+
+					request.getSession().setAttribute(ADMIN_SESSION_ATTRIBUTE,
+							admin != null && admin.equals(id));
 				} catch (Exception e) {
 					throw new AuthenticationException(e.getCause().getMessage(), e);
 				}
 			}
 
 			@Override
-			public String getApplicationName() {
+			public String getName() {
 				// Display name for this application.
 				return "Bugzilla";
 			}
+
+			@Override
+			public boolean isAdminSession(HttpServletRequest request) {
+				return Boolean.TRUE.equals(request.getSession().getAttribute(
+						ADMIN_SESSION_ATTRIBUTE));
+			}
+
+			@Override
+			public String getRealm(HttpServletRequest request) {
+				return REALM;
+			}
 		});
 
 		/*
@@ -117,19 +133,15 @@ public class BugzillaInitializer implements ServletContextListener {
 				keyToConnectorCache.put(oAuthRequest.getAccessor().accessToken, bc);
 			}
 		});
-		
+
 		try {
 			// For now, hard-code the consumers.
-			config.setConsumerStore(new ConsumerStore() {
-				@Override
-				public Collection<LyoOAuthConsumer> load() throws IOException {
-					// Define one consumer with key "key" and secret "secret".
-					LyoOAuthConsumer consumer = new LyoOAuthConsumer("rtc", "sesame");
-					consumer.setName("Rational Team Concert");
-					return Collections.singletonList(consumer);
-				}
-			});
-		} catch (IOException e) {
+			config.setConsumerStore(new RdfConsumerStore());
+		} catch (ConsumerStoreException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		} catch (SQLException e) {
+			// TODO Auto-generated catch block
 			e.printStackTrace();
 		}
 	}
@@ -147,9 +159,11 @@ public class BugzillaInitializer implements ServletContextListener {
             if (props.getProperty("provideHtml") != null) {
                 provideHtml = Boolean.parseBoolean(props.getProperty("provideHtml"));
             }
+            admin = props.getProperty("admin");
             System.out.println("adapter_uri: "  + baseUri);
             System.out.println("bugzilla_uri: " + bugzillaUri);
             System.out.println("provideHtml: "  + provideHtml);
+            System.out.println("admin: " + admin);
             
         } catch (IOException e) {
             e.printStackTrace();
diff --git a/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/ConsumerKeyService.java b/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/ConsumerKeyService.java
deleted file mode 100644
index 6f4dcda..0000000
--- a/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/ConsumerKeyService.java
+++ b/dev/null
@@ -1,59 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2011 IBM Corporation.
- *
- *  All rights reserved. This program and the accompanying materials
- *  are made available under the terms of the Eclipse Public License v1.0
- *  and Eclipse Distribution License v. 1.0 which accompanies this distribution.
- *  
- *  The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
- *  and the Eclipse Distribution License is available at
- *  http://www.eclipse.org/org/documents/edl-v10.php.
- *  
- *  Contributors:
- *  
- *     IBM Corporation - initial API and implementation
- *******************************************************************************/
-
-package org.eclipse.lyo.samples.bugzilla;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-public class ConsumerKeyService extends HttpServlet {
-
-	@Override
-	public void init(ServletConfig config) throws ServletException {
-		super.init(config);
-	}
-
-	@Override
-	public void doGet(HttpServletRequest request, HttpServletResponse response)
-			throws IOException, ServletException {
-
-		returnConsumerKey(request, response);
-	}
-
-	@Override
-	public void doPost(HttpServletRequest request, HttpServletResponse response)
-			throws IOException, ServletException {
-		returnConsumerKey(request, response);
-	}
-
-	private void returnConsumerKey(HttpServletRequest request,
-			HttpServletResponse response) throws IOException, ServletException {
-		// TODO: Properly handle consumer key requests from JTS
-		response.setContentType("application/json");
-		PrintWriter out = response.getWriter();
-		out.print("{\"key\":\"rtc\"}");
-		out.close();
-	}
-
-	private static final long serialVersionUID = -7611240899575174568L;
-
-}
diff --git a/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/utils/HttpUtils.java b/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/utils/HttpUtils.java
index 87f6f3c..b44fed4 100644
--- a/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/utils/HttpUtils.java
+++ b/org.eclipse.lyo.samples.bugzilla/src/main/java/org/eclipse/lyo/samples/bugzilla/utils/HttpUtils.java
@@ -26,6 +26,7 @@ import net.oauth.server.OAuthServlet;
 
 import org.apache.ws.commons.util.Base64;
 import org.apache.ws.commons.util.Base64.DecodingException;
+import org.eclipse.lyo.samples.bugzilla.BugzillaInitializer;
 import org.eclipse.lyo.samples.bugzilla.Credentials;
 import org.eclipse.lyo.samples.bugzilla.exception.BugzillaOAuthException;
 import org.eclipse.lyo.samples.bugzilla.exception.RestException;
@@ -44,10 +45,10 @@ public class HttpUtils {
 	public static final String WWW_AUTHENTICATE_HEADER = "WWW-Authenticate";
 	private static final String BASIC_AUTHORIZATION_PREFIX = "Basic ";
 	private static final String BASIC_AUTHENTICATION_CHALLENGE = BASIC_AUTHORIZATION_PREFIX
-			+ "realm=\"Bugzilla\"";
+			+ "realm=\"" + BugzillaInitializer.REALM + "\"";
 	private static final String OAUTH_AUTHORIZATION_PREFIX = "OAuth ";
 	private static final String OAUTH_AUTHENTICATION_CHALLENGE = OAUTH_AUTHORIZATION_PREFIX
-			+ "realm=\"Bugzilla\"";
+			+ "realm=\"" + BugzillaInitializer.REALM + "\"";
 	
 	/**
 	 * Gets the credentials from an HTTP request.
@@ -95,8 +96,7 @@ public class HttpUtils {
 	public static void sendUnauthorizedResponse(HttpServletResponse response,
 			UnauthroziedException e) throws IOException, ServletException {
 		if (e instanceof BugzillaOAuthException) {
-			OAuthServlet.handleException(response, e, OAuthConfiguration
-					.getInstance().getRealm());
+			OAuthServlet.handleException(response, e, BugzillaInitializer.REALM);
 		} else {
 			// Accept basic access or OAuth authentication.
 			response.addHeader(WWW_AUTHENTICATE_HEADER,
diff --git a/org.eclipse.lyo.samples.bugzilla/src/main/resources/bugz.properties b/org.eclipse.lyo.samples.bugzilla/src/main/resources/bugz.properties
index 644e011..a68c92d 100644
--- a/org.eclipse.lyo.samples.bugzilla/src/main/resources/bugz.properties
+++ b/org.eclipse.lyo.samples.bugzilla/src/main/resources/bugz.properties
@@ -13,8 +13,7 @@
 #  
 #     IBM Corporation - initial API and implementation
 ###############################################################################
-adapter_uri=http://localhost:8282/bugz
-bugzilla_uri=https://landfill.bugzilla.org/bugzilla-3.4-branch
-username=spadgett@us.ibm.com
-password=lyo
+adapter_uri=http://9.12.224.58:8282/bugz
+bugzilla_uri=https://landfill.bugzilla.org/bugzilla-4.0-branch
 provideHtml=true
+admin=spadgett@us.ibm.com
diff --git a/org.eclipse.lyo.samples.bugzilla/src/main/webapp/WEB-INF/web.xml b/org.eclipse.lyo.samples.bugzilla/src/main/webapp/WEB-INF/web.xml
index 9c921ee..ea312e6 100644
--- a/org.eclipse.lyo.samples.bugzilla/src/main/webapp/WEB-INF/web.xml
+++ b/org.eclipse.lyo.samples.bugzilla/src/main/webapp/WEB-INF/web.xml
@@ -41,10 +41,6 @@
 		<servlet-class>org.eclipse.lyo.samples.bugzilla.RootServicesService</servlet-class>
 	</servlet>
 	<servlet>
-		<servlet-name>ConsumerKeyService</servlet-name>
-		<servlet-class>org.eclipse.lyo.samples.bugzilla.ConsumerKeyService</servlet-class>
-	</servlet>
-	<servlet>
 		<servlet-name>JAX-RS Services</servlet-name>
 		<servlet-class>org.apache.wink.server.internal.servlet.RestServlet</servlet-class>
 		<init-param>
@@ -95,8 +91,4 @@
 		<servlet-name>RootServicesService</servlet-name>
 		<url-pattern>/rootservices</url-pattern>
 	</servlet-mapping>
-	<servlet-mapping>
-		<servlet-name>ConsumerKeyService</servlet-name>
-		<url-pattern>/consumer_key</url-pattern>
-	</servlet-mapping>
 </web-app>
 \ No newline at end of file
diff --git a/org.eclipse.lyo.samples.bugzilla/src/main/webapp/cm/rootservices_rdfxml.jsp b/org.eclipse.lyo.samples.bugzilla/src/main/webapp/cm/rootservices_rdfxml.jsp
index 9194561..5a5b064 100644
--- a/org.eclipse.lyo.samples.bugzilla/src/main/webapp/cm/rootservices_rdfxml.jsp
+++ b/org.eclipse.lyo.samples.bugzilla/src/main/webapp/cm/rootservices_rdfxml.jsp
@@ -33,7 +33,8 @@ String baseUri = (String) request.getAttribute("baseUri");
 	<oslc_cm:cmServiceProviders rdf:resource="<%= baseUri + "/catalog" %>" />
 	<jfs:oauthRealmName>Bugzilla</jfs:oauthRealmName>
 	<jfs:oauthDomain><%= baseUri %></jfs:oauthDomain>
-	<jfs:oauthRequestConsumerKeyUrl rdf:resource="<%= baseUri + "/consumer_key" %>" />
+	<jfs:oauthRequestConsumerKeyUrl rdf:resource="<%= baseUri + "/services/oauth/requestKey" %>" />
+	<jfs:oauthApprovalModuleUrl rdf:resource="<%= baseUri + "/services/oauth/approveKey" %>" />
 	<jfs:oauthRequestTokenUrl rdf:resource="<%= baseUri + "/services/oauth/requestToken" %>"/>
 	<jfs:oauthUserAuthorizationUrl rdf:resource="<%= baseUri + "/services/oauth/authorize" %>" />
 	<jfs:oauthAccessTokenUrl rdf:resource="<%= baseUri + "/services/oauth/accessToken" %>"/>	
diff --git a/org.eclipse.lyo.samples.bugzilla/src/test/java/org/eclipse/lyo/samples/bugzilla/test/TestConnection.java b/org.eclipse.lyo.samples.bugzilla/src/test/java/org/eclipse/lyo/samples/bugzilla/test/TestConnection.java
index f6e2003..b095c5b 100644
--- a/org.eclipse.lyo.samples.bugzilla/src/test/java/org/eclipse/lyo/samples/bugzilla/test/TestConnection.java
+++ b/org.eclipse.lyo.samples.bugzilla/src/test/java/org/eclipse/lyo/samples/bugzilla/test/TestConnection.java
@@ -43,7 +43,7 @@ public class TestConnection extends TestCase {
     static {
         Properties props = new Properties();
         try {
-            props.load(BugzillaInitializer.class.getResourceAsStream("/bugz.properties"));
+            props.load(BugzillaInitializer.class.getResourceAsStream("/test.properties"));
             String username    = props.getProperty("username");
             String password    = props.getProperty("password");
             System.out.println("username: "     + username);
diff --git a/org.eclipse.lyo.samples.bugzilla/src/test/resources/test.properties b/org.eclipse.lyo.samples.bugzilla/src/test/resources/test.properties
new file mode 100644
index 0000000..7b10595
--- a/dev/null
+++ b/org.eclipse.lyo.samples.bugzilla/src/test/resources/test.properties
@@ -0,0 +1,17 @@
+###############################################################################
+# Copyright (c) 2012 IBM Corporation.
+#
+#  All rights reserved. This program and the accompanying materials
+#  are made available under the terms of the Eclipse Public License v1.0
+#  and Eclipse Distribution License v. 1.0 which accompanies this distribution.
+#  
+#  The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
+#  and the Eclipse Distribution License is available at
+#  http://www.eclipse.org/org/documents/edl-v10.php.
+#  
+#  Contributors:
+#  
+#     IBM Corporation - initial API and implementation
+###############################################################################
+username=spadgett@us.ibm.com
+password=eclipse
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/.classpath b/org.eclipse.lyo.server.oauth.consumerstore/.classpath
new file mode 100644
index 0000000..1fa74fd
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/.classpath
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
+	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
+	<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/.gitignore b/org.eclipse.lyo.server.oauth.consumerstore/.gitignore
new file mode 100644
index 0000000..eb5a316
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/.gitignore
@@ -0,0 +1 @@
+target
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/.project b/org.eclipse.lyo.server.oauth.consumerstore/.project
new file mode 100644
index 0000000..5fb7f0f
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/.project
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>org.eclipse.lyo.server.oauth.consumerstore</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.m2e.core.maven2Builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.m2e.core.maven2Nature</nature>
+	</natures>
+</projectDescription>
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/.settings/org.eclipse.jdt.core.prefs b/org.eclipse.lyo.server.oauth.consumerstore/.settings/org.eclipse.jdt.core.prefs
new file mode 100644
index 0000000..7896c64
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,13 @@
+#Fri Jan 27 13:07:24 EST 2012
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
+org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
+org.eclipse.jdt.core.compiler.compliance=1.6
+org.eclipse.jdt.core.compiler.debug.lineNumber=generate
+org.eclipse.jdt.core.compiler.debug.localVariable=generate
+org.eclipse.jdt.core.compiler.debug.sourceFile=generate
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.6
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/.settings/org.eclipse.m2e.core.prefs b/org.eclipse.lyo.server.oauth.consumerstore/.settings/org.eclipse.m2e.core.prefs
new file mode 100644
index 0000000..2cbef5b
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/.settings/org.eclipse.m2e.core.prefs
@@ -0,0 +1,5 @@
+#Fri Jan 27 12:54:15 EST 2012
+activeProfiles=
+eclipse.preferences.version=1
+resolveWorkspaceProjects=true
+version=1
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/about.html b/org.eclipse.lyo.server.oauth.consumerstore/about.html
new file mode 100644
index 0000000..b4e74aa
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/about.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>About</title>
+</head>
+<body lang="EN-US">
+	<h2>About This Content</h2>
+	<p>October 26, 2011</p>
+	<h3>License</h3>
+	<p>
+		The Eclipse Foundation makes available all content in this plug-in
+		(&quot;Content&quot;). Unless otherwise indicated below, the Content
+		is provided to you under the terms and conditions of the Eclipse
+		Public License Version 1.0 (&quot;EPL&quot;) and Eclipse Distribution
+		License Version 1.0 (&quot;EDL&quot;). A copy of the EPL is available
+		at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>
+		and a copy of the EDL is available at <a
+			href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a>.
+		For purposes of the EPL, &quot;Program&quot; will mean the Content.
+	</p>
+	<p>If you did not receive this Content directly from the Eclipse
+		Foundation, the Content is being redistributed by another party
+		(&quot;Redistributor&quot;) and different terms and conditions may
+		apply to your use of any object code in the Content. Check the
+		Redistributor's license that was provided with the Content. If no such
+		license exists, contact the Redistributor. Unless otherwise indicated
+		below, the terms and conditions of the EPL and EDL still apply to any
+		source code in the Content and such source code may be obtained at
+		<a href="http://www.eclipse.org">http://www.eclipse.org</a>.</p>
+</body>
+</html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/license/edl-v10html b/org.eclipse.lyo.server.oauth.consumerstore/license/edl-v10html
new file mode 100644
index 0000000..5c8549b
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/license/edl-v10html
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Distribution License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<p><b>Eclipse Distribution License - v 1.0</b></p>
+
+<p>Copyright (c) 2007, Eclipse Foundation, Inc. and its licensors. </p>
+
+<p>All rights reserved.</p>
+<p>Redistribution and use in source and binary forms, with or without modification, 
+	are permitted provided that the following conditions are met:
+<ul><li>Redistributions of source code must retain the above copyright notice, 
+	this list of conditions and the following disclaimer. </li>
+<li>Redistributions in binary form must reproduce the above copyright notice, 
+	this list of conditions and the following disclaimer in the documentation 
+	and/or other materials provided with the distribution. </li>
+<li>Neither the name of the Eclipse Foundation, Inc. nor the names of its 
+	contributors may be used to endorse or promote products derived from 
+	this software without specific prior written permission. </li></ul>
+</p>
+<p>THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
+POSSIBILITY OF SUCH DAMAGE.</p>
+
+</body>
+
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/license/epl-v10.html b/org.eclipse.lyo.server.oauth.consumerstore/license/epl-v10.html
new file mode 100644
index 0000000..b398acc
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/license/epl-v10.html
@@ -0,0 +1,259 @@
+<!--?xml version="1.0" encoding="ISO-8859-1" ?-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"><head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>Eclipse Public License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<h2>Eclipse Public License - v 1.0</h2>
+
+<p>THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE
+PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR
+DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS
+AGREEMENT.</p>
+
+<p><b>1. DEFINITIONS</b></p>
+
+<p>"Contribution" means:</p>
+
+<p class="list">a) in the case of the initial Contributor, the initial
+code and documentation distributed under this Agreement, and</p>
+<p class="list">b) in the case of each subsequent Contributor:</p>
+<p class="list">i) changes to the Program, and</p>
+<p class="list">ii) additions to the Program;</p>
+<p class="list">where such changes and/or additions to the Program
+originate from and are distributed by that particular Contributor. A
+Contribution 'originates' from a Contributor if it was added to the
+Program by such Contributor itself or anyone acting on such
+Contributor's behalf. Contributions do not include additions to the
+Program which: (i) are separate modules of software distributed in
+conjunction with the Program under their own license agreement, and (ii)
+are not derivative works of the Program.</p>
+
+<p>"Contributor" means any person or entity that distributes
+the Program.</p>
+
+<p>"Licensed Patents" mean patent claims licensable by a
+Contributor which are necessarily infringed by the use or sale of its
+Contribution alone or when combined with the Program.</p>
+
+<p>"Program" means the Contributions distributed in accordance
+with this Agreement.</p>
+
+<p>"Recipient" means anyone who receives the Program under
+this Agreement, including all Contributors.</p>
+
+<p><b>2. GRANT OF RIGHTS</b></p>
+
+<p class="list">a) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free copyright license to reproduce, prepare derivative works
+of, publicly display, publicly perform, distribute and sublicense the
+Contribution of such Contributor, if any, and such derivative works, in
+source code and object code form.</p>
+
+<p class="list">b) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free patent license under Licensed Patents to make, use, sell,
+offer to sell, import and otherwise transfer the Contribution of such
+Contributor, if any, in source code and object code form. This patent
+license shall apply to the combination of the Contribution and the
+Program if, at the time the Contribution is added by the Contributor,
+such addition of the Contribution causes such combination to be covered
+by the Licensed Patents. The patent license shall not apply to any other
+combinations which include the Contribution. No hardware per se is
+licensed hereunder.</p>
+
+<p class="list">c) Recipient understands that although each Contributor
+grants the licenses to its Contributions set forth herein, no assurances
+are provided by any Contributor that the Program does not infringe the
+patent or other intellectual property rights of any other entity. Each
+Contributor disclaims any liability to Recipient for claims brought by
+any other entity based on infringement of intellectual property rights
+or otherwise. As a condition to exercising the rights and licenses
+granted hereunder, each Recipient hereby assumes sole responsibility to
+secure any other intellectual property rights needed, if any. For
+example, if a third party patent license is required to allow Recipient
+to distribute the Program, it is Recipient's responsibility to acquire
+that license before distributing the Program.</p>
+
+<p class="list">d) Each Contributor represents that to its knowledge it
+has sufficient copyright rights in its Contribution, if any, to grant
+the copyright license set forth in this Agreement.</p>
+
+<p><b>3. REQUIREMENTS</b></p>
+
+<p>A Contributor may choose to distribute the Program in object code
+form under its own license agreement, provided that:</p>
+
+<p class="list">a) it complies with the terms and conditions of this
+Agreement; and</p>
+
+<p class="list">b) its license agreement:</p>
+
+<p class="list">i) effectively disclaims on behalf of all Contributors
+all warranties and conditions, express and implied, including warranties
+or conditions of title and non-infringement, and implied warranties or
+conditions of merchantability and fitness for a particular purpose;</p>
+
+<p class="list">ii) effectively excludes on behalf of all Contributors
+all liability for damages, including direct, indirect, special,
+incidental and consequential damages, such as lost profits;</p>
+
+<p class="list">iii) states that any provisions which differ from this
+Agreement are offered by that Contributor alone and not by any other
+party; and</p>
+
+<p class="list">iv) states that source code for the Program is available
+from such Contributor, and informs licensees how to obtain it in a
+reasonable manner on or through a medium customarily used for software
+exchange.</p>
+
+<p>When the Program is made available in source code form:</p>
+
+<p class="list">a) it must be made available under this Agreement; and</p>
+
+<p class="list">b) a copy of this Agreement must be included with each
+copy of the Program.</p>
+
+<p>Contributors may not remove or alter any copyright notices contained
+within the Program.</p>
+
+<p>Each Contributor must identify itself as the originator of its
+Contribution, if any, in a manner that reasonably allows subsequent
+Recipients to identify the originator of the Contribution.</p>
+
+<p><b>4. COMMERCIAL DISTRIBUTION</b></p>
+
+<p>Commercial distributors of software may accept certain
+responsibilities with respect to end users, business partners and the
+like. While this license is intended to facilitate the commercial use of
+the Program, the Contributor who includes the Program in a commercial
+product offering should do so in a manner which does not create
+potential liability for other Contributors. Therefore, if a Contributor
+includes the Program in a commercial product offering, such Contributor
+("Commercial Contributor") hereby agrees to defend and
+indemnify every other Contributor ("Indemnified Contributor")
+against any losses, damages and costs (collectively "Losses")
+arising from claims, lawsuits and other legal actions brought by a third
+party against the Indemnified Contributor to the extent caused by the
+acts or omissions of such Commercial Contributor in connection with its
+distribution of the Program in a commercial product offering. The
+obligations in this section do not apply to any claims or Losses
+relating to any actual or alleged intellectual property infringement. In
+order to qualify, an Indemnified Contributor must: a) promptly notify
+the Commercial Contributor in writing of such claim, and b) allow the
+Commercial Contributor to control, and cooperate with the Commercial
+Contributor in, the defense and any related settlement negotiations. The
+Indemnified Contributor may participate in any such claim at its own
+expense.</p>
+
+<p>For example, a Contributor might include the Program in a commercial
+product offering, Product X. That Contributor is then a Commercial
+Contributor. If that Commercial Contributor then makes performance
+claims, or offers warranties related to Product X, those performance
+claims and warranties are such Commercial Contributor's responsibility
+alone. Under this section, the Commercial Contributor would have to
+defend claims against the other Contributors related to those
+performance claims and warranties, and if a court requires any other
+Contributor to pay any damages as a result, the Commercial Contributor
+must pay those damages.</p>
+
+<p><b>5. NO WARRANTY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS
+PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION,
+ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY
+OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
+responsible for determining the appropriateness of using and
+distributing the Program and assumes all risks associated with its
+exercise of rights under this Agreement , including but not limited to
+the risks and costs of program errors, compliance with applicable laws,
+damage to or loss of data, programs or equipment, and unavailability or
+interruption of operations.</p>
+
+<p><b>6. DISCLAIMER OF LIABILITY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT
+NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING
+WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR
+DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
+HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</p>
+
+<p><b>7. GENERAL</b></p>
+
+<p>If any provision of this Agreement is invalid or unenforceable under
+applicable law, it shall not affect the validity or enforceability of
+the remainder of the terms of this Agreement, and without further action
+by the parties hereto, such provision shall be reformed to the minimum
+extent necessary to make such provision valid and enforceable.</p>
+
+<p>If Recipient institutes patent litigation against any entity
+(including a cross-claim or counterclaim in a lawsuit) alleging that the
+Program itself (excluding combinations of the Program with other
+software or hardware) infringes such Recipient's patent(s), then such
+Recipient's rights granted under Section 2(b) shall terminate as of the
+date such litigation is filed.</p>
+
+<p>All Recipient's rights under this Agreement shall terminate if it
+fails to comply with any of the material terms or conditions of this
+Agreement and does not cure such failure in a reasonable period of time
+after becoming aware of such noncompliance. If all Recipient's rights
+under this Agreement terminate, Recipient agrees to cease use and
+distribution of the Program as soon as reasonably practicable. However,
+Recipient's obligations under this Agreement and any licenses granted by
+Recipient relating to the Program shall continue and survive.</p>
+
+<p>Everyone is permitted to copy and distribute copies of this
+Agreement, but in order to avoid inconsistency the Agreement is
+copyrighted and may only be modified in the following manner. The
+Agreement Steward reserves the right to publish new versions (including
+revisions) of this Agreement from time to time. No one other than the
+Agreement Steward has the right to modify this Agreement. The Eclipse
+Foundation is the initial Agreement Steward. The Eclipse Foundation may
+assign the responsibility to serve as the Agreement Steward to a
+suitable separate entity. Each new version of the Agreement will be
+given a distinguishing version number. The Program (including
+Contributions) may always be distributed subject to the version of the
+Agreement under which it was received. In addition, after a new version
+of the Agreement is published, Contributor may elect to distribute the
+Program (including its Contributions) under the new version. Except as
+expressly stated in Sections 2(a) and 2(b) above, Recipient receives no
+rights or licenses to the intellectual property of any Contributor under
+this Agreement, whether expressly, by implication, estoppel or
+otherwise. All rights in the Program not expressly granted under this
+Agreement are reserved.</p>
+
+<p>This Agreement is governed by the laws of the State of New York and
+the intellectual property laws of the United States of America. No party
+to this Agreement will bring a legal action under this Agreement more
+than one year after the cause of action arose. Each party waives its
+rights to a jury trial in any resulting litigation.</p>
+
+
+
+</body></html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/license/notice.html b/org.eclipse.lyo.server.oauth.consumerstore/license/notice.html
new file mode 100644
index 0000000..6569bbf
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/license/notice.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Foundation Software User Agreement</title>
+</head>
+
+<body lang="EN-US">
+<h2>Eclipse Foundation Software User Agreement</h2>
+<p>February 1, 2011</p>
+
+<h3>Usage Of Content</h3>
+
+<p>THE ECLIPSE FOUNDATION MAKES AVAILABLE SOFTWARE, DOCUMENTATION, INFORMATION AND/OR OTHER MATERIALS FOR OPEN SOURCE PROJECTS
+   (COLLECTIVELY &quot;CONTENT&quot;).  USE OF THE CONTENT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT AND/OR THE TERMS AND
+   CONDITIONS OF LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW.  BY USING THE CONTENT, YOU AGREE THAT YOUR USE
+   OF THE CONTENT IS GOVERNED BY THIS AGREEMENT AND/OR THE TERMS AND CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR
+   NOTICES INDICATED OR REFERENCED BELOW.  IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND THE TERMS AND
+   CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW, THEN YOU MAY NOT USE THE CONTENT.</p>
+
+<h3>Applicable Licenses</h3>
+
+<p>Unless otherwise indicated, all Content made available by the Eclipse Foundation is provided to you under the terms and conditions of the Eclipse Public License Version 1.0
+   (&quot;EPL&quot;).  A copy of the EPL is provided with this Content and is also available at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>.
+   For purposes of the EPL, &quot;Program&quot; will mean the Content.</p>
+
+<p>Content includes, but is not limited to, source code, object code, documentation and other files maintained in the Eclipse Foundation source code
+   repository (&quot;Repository&quot;) in software modules (&quot;Modules&quot;) and made available as downloadable archives (&quot;Downloads&quot;).</p>
+
+<ul>
+       <li>Content may be structured and packaged into modules to facilitate delivering, extending, and upgrading the Content.  Typical modules may include plug-ins (&quot;Plug-ins&quot;), plug-in fragments (&quot;Fragments&quot;), and features (&quot;Features&quot;).</li>
+       <li>Each Plug-in or Fragment may be packaged as a sub-directory or JAR (Java&trade; ARchive) in a directory named &quot;plugins&quot;.</li>
+       <li>A Feature is a bundle of one or more Plug-ins and/or Fragments and associated material.  Each Feature may be packaged as a sub-directory in a directory named &quot;features&quot;.  Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of the Plug-ins
+      and/or Fragments associated with that Feature.</li>
+       <li>Features may also include other Features (&quot;Included Features&quot;). Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of Included Features.</li>
+</ul>
+
+<p>The terms and conditions governing Plug-ins and Fragments should be contained in files named &quot;about.html&quot; (&quot;Abouts&quot;). The terms and conditions governing Features and
+Included Features should be contained in files named &quot;license.html&quot; (&quot;Feature Licenses&quot;).  Abouts and Feature Licenses may be located in any directory of a Download or Module
+including, but not limited to the following locations:</p>
+
+<ul>
+       <li>The top-level (root) directory</li>
+       <li>Plug-in and Fragment directories</li>
+       <li>Inside Plug-ins and Fragments packaged as JARs</li>
+       <li>Sub-directories of the directory named &quot;src&quot; of certain Plug-ins</li>
+       <li>Feature directories</li>
+</ul>
+
+<p>Note: if a Feature made available by the Eclipse Foundation is installed using the Provisioning Technology (as defined below), you must agree to a license (&quot;Feature Update License&quot;) during the
+installation process.  If the Feature contains Included Features, the Feature Update License should either provide you with the terms and conditions governing the Included Features or
+inform you where you can locate them.  Feature Update Licenses may be found in the &quot;license&quot; property of files named &quot;feature.properties&quot; found within a Feature.
+Such Abouts, Feature Licenses, and Feature Update Licenses contain the terms and conditions (or references to such terms and conditions) that govern your use of the associated Content in
+that directory.</p>
+
+<p>THE ABOUTS, FEATURE LICENSES, AND FEATURE UPDATE LICENSES MAY REFER TO THE EPL OR OTHER LICENSE AGREEMENTS, NOTICES OR TERMS AND CONDITIONS.  SOME OF THESE
+OTHER LICENSE AGREEMENTS MAY INCLUDE (BUT ARE NOT LIMITED TO):</p>
+
+<ul>
+       <li>Eclipse Distribution License Version 1.0 (available at <a href="http://www.eclipse.org/licenses/edl-v10.html">http://www.eclipse.org/licenses/edl-v1.0.html</a>)</li>
+       <li>Common Public License Version 1.0 (available at <a href="http://www.eclipse.org/legal/cpl-v10.html">http://www.eclipse.org/legal/cpl-v10.html</a>)</li>
+       <li>Apache Software License 1.1 (available at <a href="http://www.apache.org/licenses/LICENSE">http://www.apache.org/licenses/LICENSE</a>)</li>
+       <li>Apache Software License 2.0 (available at <a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a>)</li>
+       <li>Metro Link Public License 1.00 (available at <a href="http://www.opengroup.org/openmotif/supporters/metrolink/license.html">http://www.opengroup.org/openmotif/supporters/metrolink/license.html</a>)</li>
+       <li>Mozilla Public License Version 1.1 (available at <a href="http://www.mozilla.org/MPL/MPL-1.1.html">http://www.mozilla.org/MPL/MPL-1.1.html</a>)</li>
+</ul>
+
+<p>IT IS YOUR OBLIGATION TO READ AND ACCEPT ALL SUCH TERMS AND CONDITIONS PRIOR TO USE OF THE CONTENT.  If no About, Feature License, or Feature Update License is provided, please
+contact the Eclipse Foundation to determine what terms and conditions govern that particular Content.</p>
+
+
+<h3>Use of Provisioning Technology</h3>
+
+<p>The Eclipse Foundation makes available provisioning software, examples of which include, but are not limited to, p2 and the Eclipse
+   Update Manager (&quot;Provisioning Technology&quot;) for the purpose of allowing users to install software, documentation, information and/or
+   other materials (collectively &quot;Installable Software&quot;). This capability is provided with the intent of allowing such users to
+   install, extend and update Eclipse-based products. Information about packaging Installable Software is available at <a
+       href="http://eclipse.org/equinox/p2/repository_packaging.html">http://eclipse.org/equinox/p2/repository_packaging.html</a>
+   (&quot;Specification&quot;).</p>
+
+<p>You may use Provisioning Technology to allow other parties to install Installable Software. You shall be responsible for enabling the
+   applicable license agreements relating to the Installable Software to be presented to, and accepted by, the users of the Provisioning Technology
+   in accordance with the Specification. By using Provisioning Technology in such a manner and making it available in accordance with the
+   Specification, you further acknowledge your agreement to, and the acquisition of all necessary rights to permit the following:</p>
+
+<ol>
+       <li>A series of actions may occur (&quot;Provisioning Process&quot;) in which a user may execute the Provisioning Technology
+       on a machine (&quot;Target Machine&quot;) with the intent of installing, extending or updating the functionality of an Eclipse-based
+       product.</li>
+       <li>During the Provisioning Process, the Provisioning Technology may cause third party Installable Software or a portion thereof to be
+       accessed and copied to the Target Machine.</li>
+       <li>Pursuant to the Specification, you will provide to the user the terms and conditions that govern the use of the Installable
+       Software (&quot;Installable Software Agreement&quot;) and such Installable Software Agreement shall be accessed from the Target
+       Machine in accordance with the Specification. Such Installable Software Agreement must inform the user of the terms and conditions that govern
+       the Installable Software and must solicit acceptance by the end user in the manner prescribed in such Installable Software Agreement. Upon such
+       indication of agreement by the user, the provisioning Technology will complete installation of the Installable Software.</li>
+</ol>
+
+<h3>Cryptography</h3>
+
+<p>Content may contain encryption software. The country in which you are currently may have restrictions on the import, possession, and use, and/or re-export to
+   another country, of encryption software. BEFORE using any encryption software, please check the country's laws, regulations and policies concerning the import,
+   possession, or use, and re-export of encryption software, to see if this is permitted.</p>
+
+<p><small>Java and all Java-based trademarks are trademarks of Oracle Corporation in the United States, other countries, or both.</small></p>
+</body>
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/pom.xml b/org.eclipse.lyo.server.oauth.consumerstore/pom.xml
new file mode 100644
index 0000000..f2b3ee7
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/pom.xml
@@ -0,0 +1,47 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>org.eclipse.lyo.server</groupId>
+	<artifactId>oauth-consumer-store</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+
+	<dependencies>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>3.8.1</version>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.eclipse.lyo.server</groupId>
+			<artifactId>oauth-core</artifactId>
+			<version>0.0.1-SNAPSHOT</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.derby</groupId>
+			<artifactId>derby</artifactId>
+			<version>10.8.2.2</version>
+		</dependency>
+		<dependency>
+			<groupId>com.hp.hpl.jena</groupId>
+			<artifactId>jena</artifactId>
+			<version>2.6.4</version>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<finalName>oauth-consumer-store</finalName>
+		<outputDirectory>target/classes</outputDirectory>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<version>2.3.2</version>
+				<configuration>
+					<source>1.6</source>
+					<target>1.6</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+</project>
diff --git a/org.eclipse.lyo.server.oauth.consumerstore/src/main/java/org/eclipse/lyo/server/oauth/consumerstore/RdfConsumerStore.java b/org.eclipse.lyo.server.oauth.consumerstore/src/main/java/org/eclipse/lyo/server/oauth/consumerstore/RdfConsumerStore.java
new file mode 100644
index 0000000..00e06b8
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.consumerstore/src/main/java/org/eclipse/lyo/server/oauth/consumerstore/RdfConsumerStore.java
@@ -0,0 +1,200 @@
+/*******************************************************************************
+ * Copyright (c) 2012 IBM Corporation.
+ *
+ *  All rights reserved. This program and the accompanying materials
+ *  are made available under the terms of the Eclipse Public License v1.0
+ *  and Eclipse Distribution License v. 1.0 which accompanies this distribution.
+ *  
+ *  The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
+ *  and the Eclipse Distribution License is available at
+ *  http://www.eclipse.org/org/documents/edl-v10.php.
+ *  
+ *  Contributors:
+ *  
+ *     IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.lyo.server.oauth.consumerstore;
+
+import java.sql.SQLException;
+
+import org.eclipse.lyo.server.oauth.core.consumer.AbstractConsumerStore;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
+import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
+
+import com.hp.hpl.jena.db.DBConnection;
+import com.hp.hpl.jena.db.IDBConnection;
+import com.hp.hpl.jena.rdf.model.Model;
+import com.hp.hpl.jena.rdf.model.ModelFactory;
+import com.hp.hpl.jena.rdf.model.ModelMaker;
+import com.hp.hpl.jena.rdf.model.ResIterator;
+import com.hp.hpl.jena.rdf.model.Resource;
+import com.hp.hpl.jena.shared.JenaException;
+import com.hp.hpl.jena.shared.PropertyNotFoundException;
+import com.hp.hpl.jena.util.FileUtils;
+import com.hp.hpl.jena.vocabulary.RDF;
+
+/**
+ * A simple RDF consumer store backed by an embedded Derby database.
+ * 
+ * @author Samuel Padgett <spadgett@us.ibm.com>
+ */
+public class RdfConsumerStore extends AbstractConsumerStore {
+	protected final static String LYO_OAUTH_NAMESPACE = "http://eclipse.org/lyo/server/oauth#";
+	protected final static String CONSUMER_RESOURCE = LYO_OAUTH_NAMESPACE
+			+ "Consumer";
+	protected final static String CALLBACK_URL = LYO_OAUTH_NAMESPACE
+			+ "callback";
+	protected final static String CONSUMER_NAME = LYO_OAUTH_NAMESPACE
+			+ "consumerName";
+	protected final static String CONSUMER_KEY = LYO_OAUTH_NAMESPACE
+			+ "consumerKey";
+	protected final static String CONSUMER_SECRET = LYO_OAUTH_NAMESPACE
+			+ "consumerSecret";
+	protected final static String PROVISIONAL = LYO_OAUTH_NAMESPACE
+			+ "provisional";
+	protected final static String TRUSTED = LYO_OAUTH_NAMESPACE + "trusted";
+
+	protected final static String DB_URL = "jdbc:derby:consumerStore;create=true"; // URL of database
+	protected final static String DB_USER = ""; // database user id
+	protected final static String DB_PASSWD = ""; // database password
+	protected final static String DB = "Derby"; // database type
+
+	private Model model;
+
+	public RdfConsumerStore() throws SQLException, ConsumerStoreException {
+		initializeModel();
+		loadConsumers();
+	}
+
+	public RdfConsumerStore(Model model) throws ConsumerStoreException {
+		this.model = model;
+		loadConsumers();
+	}
+
+	protected void initializeModel() throws SQLException {
+		IDBConnection conn = new DBConnection(DB_URL, DB_USER, DB_PASSWD, DB);
+		ModelMaker maker = ModelFactory.createModelRDBMaker(conn);
+		model = maker.createDefaultModel();
+		conn.close();
+		
+		// For debugging...
+		model.write(System.out, FileUtils.langTurtle);
+	}
+
+	public void loadConsumers() throws ConsumerStoreException {
+		ResIterator i = model.listResourcesWithProperty(RDF.type,
+				model.createResource(CONSUMER_RESOURCE));
+		while (i.hasNext()) {
+			Resource consumerResource = i.next();
+			try {
+				add(fromResource(consumerResource));
+			} catch (PropertyNotFoundException e) {
+				// The resource is missing some properties.
+				// Not good, but other consumer resources might
+				// be OK, so continue. (Log the error, though.)
+				e.printStackTrace();
+			} catch (JenaException e) {
+				// Some other runtime exception occurred.
+				throw new ConsumerStoreException(e);
+			}
+		}
+	}
+
+	@Override
+	public LyoOAuthConsumer addConsumer(LyoOAuthConsumer consumer)
+			throws ConsumerStoreException {
+		model.begin();
+		try {
+			removeProperties(consumer);
+			toResource(consumer);
+			model.commit();
+			return add(consumer);
+		} catch (JenaException e) {
+			model.abort();
+			throw new ConsumerStoreException(e);
+		}
+	}
+
+	@Override
+	public LyoOAuthConsumer removeConsumer(String consumerKey)
+			throws ConsumerStoreException {
+		model.begin();
+		try {
+			removeProperties(consumerKey);
+			model.commit();
+
+			return remove(consumerKey);
+		} catch (JenaException e) {
+			model.abort();
+			throw new ConsumerStoreException(e);
+		}
+	}
+
+	@Override
+	public LyoOAuthConsumer updateConsumer(LyoOAuthConsumer consumer)
+			throws ConsumerStoreException {
+		// addConsumer() also works for update.
+		return addConsumer(consumer);
+	}
+
+	/**
+	 * Removes any properties previously associated with the consumer.
+	 * 
+	 * @param consumerKey
+	 *            the consumer key
+	 */
+	protected void removeProperties(String consumerKey) {
+		ResIterator i = model.listResourcesWithProperty(
+				model.createProperty(CONSUMER_KEY),
+				model.createLiteral(consumerKey));
+		while (i.hasNext()) {
+			i.next().removeProperties();
+		}
+	}
+	
+	/**
+	 * Removes any properties previously associated with the consumer.
+	 * 
+	 * @param consumer the consumer
+	 */
+	protected void removeProperties(LyoOAuthConsumer consumer) {
+		removeProperties(consumer.consumerKey);
+	}
+
+	protected Resource toResource(LyoOAuthConsumer consumer) {
+		Resource resource = model.createResource();
+		resource.addProperty(RDF.type, model.createResource(CONSUMER_RESOURCE));
+		resource.addProperty(model.createProperty(CONSUMER_NAME),
+				consumer.getName());
+		resource.addProperty(model.createProperty(CONSUMER_KEY),
+				consumer.consumerKey);
+		resource.addProperty(model.createProperty(CONSUMER_SECRET),
+				consumer.consumerSecret);
+		resource.addProperty(model.createProperty(PROVISIONAL),
+				(consumer.isProvisional()) ? "true" : "false");
+		resource.addProperty(model.createProperty(TRUSTED),
+				(consumer.isTrusted()) ? "true" : "false");
+
+		return resource;
+	}
+
+	protected LyoOAuthConsumer fromResource(Resource resource) {
+		String key = resource.getRequiredProperty(
+				model.createProperty(CONSUMER_KEY)).getString();
+		String secret = resource.getRequiredProperty(
+				model.createProperty(CONSUMER_SECRET)).getString();
+		LyoOAuthConsumer consumer = new LyoOAuthConsumer(key, secret);
+		consumer.setName(resource.getRequiredProperty(
+				model.createProperty(CONSUMER_NAME)).getString());
+
+		String provisional = resource.getProperty(
+				model.createProperty(PROVISIONAL)).getString();
+		consumer.setProvisional("true".equals(provisional));
+
+		String trusted = resource.getProperty(model.createProperty(TRUSTED))
+				.getString();
+		consumer.setTrusted("true".equals(trusted));
+
+		return consumer;
+	}
+}
diff --git a/org.eclipse.lyo.server.oauth.core/about.html b/org.eclipse.lyo.server.oauth.core/about.html
new file mode 100644
index 0000000..b4e74aa
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.core/about.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>About</title>
+</head>
+<body lang="EN-US">
+	<h2>About This Content</h2>
+	<p>October 26, 2011</p>
+	<h3>License</h3>
+	<p>
+		The Eclipse Foundation makes available all content in this plug-in
+		(&quot;Content&quot;). Unless otherwise indicated below, the Content
+		is provided to you under the terms and conditions of the Eclipse
+		Public License Version 1.0 (&quot;EPL&quot;) and Eclipse Distribution
+		License Version 1.0 (&quot;EDL&quot;). A copy of the EPL is available
+		at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>
+		and a copy of the EDL is available at <a
+			href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a>.
+		For purposes of the EPL, &quot;Program&quot; will mean the Content.
+	</p>
+	<p>If you did not receive this Content directly from the Eclipse
+		Foundation, the Content is being redistributed by another party
+		(&quot;Redistributor&quot;) and different terms and conditions may
+		apply to your use of any object code in the Content. Check the
+		Redistributor's license that was provided with the Content. If no such
+		license exists, contact the Redistributor. Unless otherwise indicated
+		below, the terms and conditions of the EPL and EDL still apply to any
+		source code in the Content and such source code may be obtained at
+		<a href="http://www.eclipse.org">http://www.eclipse.org</a>.</p>
+</body>
+</html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.core/license/edl-v10html b/org.eclipse.lyo.server.oauth.core/license/edl-v10html
new file mode 100644
index 0000000..5c8549b
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.core/license/edl-v10html
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Distribution License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<p><b>Eclipse Distribution License - v 1.0</b></p>
+
+<p>Copyright (c) 2007, Eclipse Foundation, Inc. and its licensors. </p>
+
+<p>All rights reserved.</p>
+<p>Redistribution and use in source and binary forms, with or without modification, 
+	are permitted provided that the following conditions are met:
+<ul><li>Redistributions of source code must retain the above copyright notice, 
+	this list of conditions and the following disclaimer. </li>
+<li>Redistributions in binary form must reproduce the above copyright notice, 
+	this list of conditions and the following disclaimer in the documentation 
+	and/or other materials provided with the distribution. </li>
+<li>Neither the name of the Eclipse Foundation, Inc. nor the names of its 
+	contributors may be used to endorse or promote products derived from 
+	this software without specific prior written permission. </li></ul>
+</p>
+<p>THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
+POSSIBILITY OF SUCH DAMAGE.</p>
+
+</body>
+
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.core/license/epl-v10.html b/org.eclipse.lyo.server.oauth.core/license/epl-v10.html
new file mode 100644
index 0000000..b398acc
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.core/license/epl-v10.html
@@ -0,0 +1,259 @@
+<!--?xml version="1.0" encoding="ISO-8859-1" ?-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"><head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>Eclipse Public License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<h2>Eclipse Public License - v 1.0</h2>
+
+<p>THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE
+PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR
+DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS
+AGREEMENT.</p>
+
+<p><b>1. DEFINITIONS</b></p>
+
+<p>"Contribution" means:</p>
+
+<p class="list">a) in the case of the initial Contributor, the initial
+code and documentation distributed under this Agreement, and</p>
+<p class="list">b) in the case of each subsequent Contributor:</p>
+<p class="list">i) changes to the Program, and</p>
+<p class="list">ii) additions to the Program;</p>
+<p class="list">where such changes and/or additions to the Program
+originate from and are distributed by that particular Contributor. A
+Contribution 'originates' from a Contributor if it was added to the
+Program by such Contributor itself or anyone acting on such
+Contributor's behalf. Contributions do not include additions to the
+Program which: (i) are separate modules of software distributed in
+conjunction with the Program under their own license agreement, and (ii)
+are not derivative works of the Program.</p>
+
+<p>"Contributor" means any person or entity that distributes
+the Program.</p>
+
+<p>"Licensed Patents" mean patent claims licensable by a
+Contributor which are necessarily infringed by the use or sale of its
+Contribution alone or when combined with the Program.</p>
+
+<p>"Program" means the Contributions distributed in accordance
+with this Agreement.</p>
+
+<p>"Recipient" means anyone who receives the Program under
+this Agreement, including all Contributors.</p>
+
+<p><b>2. GRANT OF RIGHTS</b></p>
+
+<p class="list">a) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free copyright license to reproduce, prepare derivative works
+of, publicly display, publicly perform, distribute and sublicense the
+Contribution of such Contributor, if any, and such derivative works, in
+source code and object code form.</p>
+
+<p class="list">b) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free patent license under Licensed Patents to make, use, sell,
+offer to sell, import and otherwise transfer the Contribution of such
+Contributor, if any, in source code and object code form. This patent
+license shall apply to the combination of the Contribution and the
+Program if, at the time the Contribution is added by the Contributor,
+such addition of the Contribution causes such combination to be covered
+by the Licensed Patents. The patent license shall not apply to any other
+combinations which include the Contribution. No hardware per se is
+licensed hereunder.</p>
+
+<p class="list">c) Recipient understands that although each Contributor
+grants the licenses to its Contributions set forth herein, no assurances
+are provided by any Contributor that the Program does not infringe the
+patent or other intellectual property rights of any other entity. Each
+Contributor disclaims any liability to Recipient for claims brought by
+any other entity based on infringement of intellectual property rights
+or otherwise. As a condition to exercising the rights and licenses
+granted hereunder, each Recipient hereby assumes sole responsibility to
+secure any other intellectual property rights needed, if any. For
+example, if a third party patent license is required to allow Recipient
+to distribute the Program, it is Recipient's responsibility to acquire
+that license before distributing the Program.</p>
+
+<p class="list">d) Each Contributor represents that to its knowledge it
+has sufficient copyright rights in its Contribution, if any, to grant
+the copyright license set forth in this Agreement.</p>
+
+<p><b>3. REQUIREMENTS</b></p>
+
+<p>A Contributor may choose to distribute the Program in object code
+form under its own license agreement, provided that:</p>
+
+<p class="list">a) it complies with the terms and conditions of this
+Agreement; and</p>
+
+<p class="list">b) its license agreement:</p>
+
+<p class="list">i) effectively disclaims on behalf of all Contributors
+all warranties and conditions, express and implied, including warranties
+or conditions of title and non-infringement, and implied warranties or
+conditions of merchantability and fitness for a particular purpose;</p>
+
+<p class="list">ii) effectively excludes on behalf of all Contributors
+all liability for damages, including direct, indirect, special,
+incidental and consequential damages, such as lost profits;</p>
+
+<p class="list">iii) states that any provisions which differ from this
+Agreement are offered by that Contributor alone and not by any other
+party; and</p>
+
+<p class="list">iv) states that source code for the Program is available
+from such Contributor, and informs licensees how to obtain it in a
+reasonable manner on or through a medium customarily used for software
+exchange.</p>
+
+<p>When the Program is made available in source code form:</p>
+
+<p class="list">a) it must be made available under this Agreement; and</p>
+
+<p class="list">b) a copy of this Agreement must be included with each
+copy of the Program.</p>
+
+<p>Contributors may not remove or alter any copyright notices contained
+within the Program.</p>
+
+<p>Each Contributor must identify itself as the originator of its
+Contribution, if any, in a manner that reasonably allows subsequent
+Recipients to identify the originator of the Contribution.</p>
+
+<p><b>4. COMMERCIAL DISTRIBUTION</b></p>
+
+<p>Commercial distributors of software may accept certain
+responsibilities with respect to end users, business partners and the
+like. While this license is intended to facilitate the commercial use of
+the Program, the Contributor who includes the Program in a commercial
+product offering should do so in a manner which does not create
+potential liability for other Contributors. Therefore, if a Contributor
+includes the Program in a commercial product offering, such Contributor
+("Commercial Contributor") hereby agrees to defend and
+indemnify every other Contributor ("Indemnified Contributor")
+against any losses, damages and costs (collectively "Losses")
+arising from claims, lawsuits and other legal actions brought by a third
+party against the Indemnified Contributor to the extent caused by the
+acts or omissions of such Commercial Contributor in connection with its
+distribution of the Program in a commercial product offering. The
+obligations in this section do not apply to any claims or Losses
+relating to any actual or alleged intellectual property infringement. In
+order to qualify, an Indemnified Contributor must: a) promptly notify
+the Commercial Contributor in writing of such claim, and b) allow the
+Commercial Contributor to control, and cooperate with the Commercial
+Contributor in, the defense and any related settlement negotiations. The
+Indemnified Contributor may participate in any such claim at its own
+expense.</p>
+
+<p>For example, a Contributor might include the Program in a commercial
+product offering, Product X. That Contributor is then a Commercial
+Contributor. If that Commercial Contributor then makes performance
+claims, or offers warranties related to Product X, those performance
+claims and warranties are such Commercial Contributor's responsibility
+alone. Under this section, the Commercial Contributor would have to
+defend claims against the other Contributors related to those
+performance claims and warranties, and if a court requires any other
+Contributor to pay any damages as a result, the Commercial Contributor
+must pay those damages.</p>
+
+<p><b>5. NO WARRANTY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS
+PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION,
+ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY
+OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
+responsible for determining the appropriateness of using and
+distributing the Program and assumes all risks associated with its
+exercise of rights under this Agreement , including but not limited to
+the risks and costs of program errors, compliance with applicable laws,
+damage to or loss of data, programs or equipment, and unavailability or
+interruption of operations.</p>
+
+<p><b>6. DISCLAIMER OF LIABILITY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT
+NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING
+WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR
+DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
+HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</p>
+
+<p><b>7. GENERAL</b></p>
+
+<p>If any provision of this Agreement is invalid or unenforceable under
+applicable law, it shall not affect the validity or enforceability of
+the remainder of the terms of this Agreement, and without further action
+by the parties hereto, such provision shall be reformed to the minimum
+extent necessary to make such provision valid and enforceable.</p>
+
+<p>If Recipient institutes patent litigation against any entity
+(including a cross-claim or counterclaim in a lawsuit) alleging that the
+Program itself (excluding combinations of the Program with other
+software or hardware) infringes such Recipient's patent(s), then such
+Recipient's rights granted under Section 2(b) shall terminate as of the
+date such litigation is filed.</p>
+
+<p>All Recipient's rights under this Agreement shall terminate if it
+fails to comply with any of the material terms or conditions of this
+Agreement and does not cure such failure in a reasonable period of time
+after becoming aware of such noncompliance. If all Recipient's rights
+under this Agreement terminate, Recipient agrees to cease use and
+distribution of the Program as soon as reasonably practicable. However,
+Recipient's obligations under this Agreement and any licenses granted by
+Recipient relating to the Program shall continue and survive.</p>
+
+<p>Everyone is permitted to copy and distribute copies of this
+Agreement, but in order to avoid inconsistency the Agreement is
+copyrighted and may only be modified in the following manner. The
+Agreement Steward reserves the right to publish new versions (including
+revisions) of this Agreement from time to time. No one other than the
+Agreement Steward has the right to modify this Agreement. The Eclipse
+Foundation is the initial Agreement Steward. The Eclipse Foundation may
+assign the responsibility to serve as the Agreement Steward to a
+suitable separate entity. Each new version of the Agreement will be
+given a distinguishing version number. The Program (including
+Contributions) may always be distributed subject to the version of the
+Agreement under which it was received. In addition, after a new version
+of the Agreement is published, Contributor may elect to distribute the
+Program (including its Contributions) under the new version. Except as
+expressly stated in Sections 2(a) and 2(b) above, Recipient receives no
+rights or licenses to the intellectual property of any Contributor under
+this Agreement, whether expressly, by implication, estoppel or
+otherwise. All rights in the Program not expressly granted under this
+Agreement are reserved.</p>
+
+<p>This Agreement is governed by the laws of the State of New York and
+the intellectual property laws of the United States of America. No party
+to this Agreement will bring a legal action under this Agreement more
+than one year after the cause of action arose. Each party waives its
+rights to a jury trial in any resulting litigation.</p>
+
+
+
+</body></html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.core/license/notice.html b/org.eclipse.lyo.server.oauth.core/license/notice.html
new file mode 100644
index 0000000..6569bbf
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.core/license/notice.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Foundation Software User Agreement</title>
+</head>
+
+<body lang="EN-US">
+<h2>Eclipse Foundation Software User Agreement</h2>
+<p>February 1, 2011</p>
+
+<h3>Usage Of Content</h3>
+
+<p>THE ECLIPSE FOUNDATION MAKES AVAILABLE SOFTWARE, DOCUMENTATION, INFORMATION AND/OR OTHER MATERIALS FOR OPEN SOURCE PROJECTS
+   (COLLECTIVELY &quot;CONTENT&quot;).  USE OF THE CONTENT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT AND/OR THE TERMS AND
+   CONDITIONS OF LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW.  BY USING THE CONTENT, YOU AGREE THAT YOUR USE
+   OF THE CONTENT IS GOVERNED BY THIS AGREEMENT AND/OR THE TERMS AND CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR
+   NOTICES INDICATED OR REFERENCED BELOW.  IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND THE TERMS AND
+   CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW, THEN YOU MAY NOT USE THE CONTENT.</p>
+
+<h3>Applicable Licenses</h3>
+
+<p>Unless otherwise indicated, all Content made available by the Eclipse Foundation is provided to you under the terms and conditions of the Eclipse Public License Version 1.0
+   (&quot;EPL&quot;).  A copy of the EPL is provided with this Content and is also available at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>.
+   For purposes of the EPL, &quot;Program&quot; will mean the Content.</p>
+
+<p>Content includes, but is not limited to, source code, object code, documentation and other files maintained in the Eclipse Foundation source code
+   repository (&quot;Repository&quot;) in software modules (&quot;Modules&quot;) and made available as downloadable archives (&quot;Downloads&quot;).</p>
+
+<ul>
+       <li>Content may be structured and packaged into modules to facilitate delivering, extending, and upgrading the Content.  Typical modules may include plug-ins (&quot;Plug-ins&quot;), plug-in fragments (&quot;Fragments&quot;), and features (&quot;Features&quot;).</li>
+       <li>Each Plug-in or Fragment may be packaged as a sub-directory or JAR (Java&trade; ARchive) in a directory named &quot;plugins&quot;.</li>
+       <li>A Feature is a bundle of one or more Plug-ins and/or Fragments and associated material.  Each Feature may be packaged as a sub-directory in a directory named &quot;features&quot;.  Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of the Plug-ins
+      and/or Fragments associated with that Feature.</li>
+       <li>Features may also include other Features (&quot;Included Features&quot;). Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of Included Features.</li>
+</ul>
+
+<p>The terms and conditions governing Plug-ins and Fragments should be contained in files named &quot;about.html&quot; (&quot;Abouts&quot;). The terms and conditions governing Features and
+Included Features should be contained in files named &quot;license.html&quot; (&quot;Feature Licenses&quot;).  Abouts and Feature Licenses may be located in any directory of a Download or Module
+including, but not limited to the following locations:</p>
+
+<ul>
+       <li>The top-level (root) directory</li>
+       <li>Plug-in and Fragment directories</li>
+       <li>Inside Plug-ins and Fragments packaged as JARs</li>
+       <li>Sub-directories of the directory named &quot;src&quot; of certain Plug-ins</li>
+       <li>Feature directories</li>
+</ul>
+
+<p>Note: if a Feature made available by the Eclipse Foundation is installed using the Provisioning Technology (as defined below), you must agree to a license (&quot;Feature Update License&quot;) during the
+installation process.  If the Feature contains Included Features, the Feature Update License should either provide you with the terms and conditions governing the Included Features or
+inform you where you can locate them.  Feature Update Licenses may be found in the &quot;license&quot; property of files named &quot;feature.properties&quot; found within a Feature.
+Such Abouts, Feature Licenses, and Feature Update Licenses contain the terms and conditions (or references to such terms and conditions) that govern your use of the associated Content in
+that directory.</p>
+
+<p>THE ABOUTS, FEATURE LICENSES, AND FEATURE UPDATE LICENSES MAY REFER TO THE EPL OR OTHER LICENSE AGREEMENTS, NOTICES OR TERMS AND CONDITIONS.  SOME OF THESE
+OTHER LICENSE AGREEMENTS MAY INCLUDE (BUT ARE NOT LIMITED TO):</p>
+
+<ul>
+       <li>Eclipse Distribution License Version 1.0 (available at <a href="http://www.eclipse.org/licenses/edl-v10.html">http://www.eclipse.org/licenses/edl-v1.0.html</a>)</li>
+       <li>Common Public License Version 1.0 (available at <a href="http://www.eclipse.org/legal/cpl-v10.html">http://www.eclipse.org/legal/cpl-v10.html</a>)</li>
+       <li>Apache Software License 1.1 (available at <a href="http://www.apache.org/licenses/LICENSE">http://www.apache.org/licenses/LICENSE</a>)</li>
+       <li>Apache Software License 2.0 (available at <a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a>)</li>
+       <li>Metro Link Public License 1.00 (available at <a href="http://www.opengroup.org/openmotif/supporters/metrolink/license.html">http://www.opengroup.org/openmotif/supporters/metrolink/license.html</a>)</li>
+       <li>Mozilla Public License Version 1.1 (available at <a href="http://www.mozilla.org/MPL/MPL-1.1.html">http://www.mozilla.org/MPL/MPL-1.1.html</a>)</li>
+</ul>
+
+<p>IT IS YOUR OBLIGATION TO READ AND ACCEPT ALL SUCH TERMS AND CONDITIONS PRIOR TO USE OF THE CONTENT.  If no About, Feature License, or Feature Update License is provided, please
+contact the Eclipse Foundation to determine what terms and conditions govern that particular Content.</p>
+
+
+<h3>Use of Provisioning Technology</h3>
+
+<p>The Eclipse Foundation makes available provisioning software, examples of which include, but are not limited to, p2 and the Eclipse
+   Update Manager (&quot;Provisioning Technology&quot;) for the purpose of allowing users to install software, documentation, information and/or
+   other materials (collectively &quot;Installable Software&quot;). This capability is provided with the intent of allowing such users to
+   install, extend and update Eclipse-based products. Information about packaging Installable Software is available at <a
+       href="http://eclipse.org/equinox/p2/repository_packaging.html">http://eclipse.org/equinox/p2/repository_packaging.html</a>
+   (&quot;Specification&quot;).</p>
+
+<p>You may use Provisioning Technology to allow other parties to install Installable Software. You shall be responsible for enabling the
+   applicable license agreements relating to the Installable Software to be presented to, and accepted by, the users of the Provisioning Technology
+   in accordance with the Specification. By using Provisioning Technology in such a manner and making it available in accordance with the
+   Specification, you further acknowledge your agreement to, and the acquisition of all necessary rights to permit the following:</p>
+
+<ol>
+       <li>A series of actions may occur (&quot;Provisioning Process&quot;) in which a user may execute the Provisioning Technology
+       on a machine (&quot;Target Machine&quot;) with the intent of installing, extending or updating the functionality of an Eclipse-based
+       product.</li>
+       <li>During the Provisioning Process, the Provisioning Technology may cause third party Installable Software or a portion thereof to be
+       accessed and copied to the Target Machine.</li>
+       <li>Pursuant to the Specification, you will provide to the user the terms and conditions that govern the use of the Installable
+       Software (&quot;Installable Software Agreement&quot;) and such Installable Software Agreement shall be accessed from the Target
+       Machine in accordance with the Specification. Such Installable Software Agreement must inform the user of the terms and conditions that govern
+       the Installable Software and must solicit acceptance by the end user in the manner prescribed in such Installable Software Agreement. Upon such
+       indication of agreement by the user, the provisioning Technology will complete installation of the Installable Software.</li>
+</ol>
+
+<h3>Cryptography</h3>
+
+<p>Content may contain encryption software. The country in which you are currently may have restrictions on the import, possession, and use, and/or re-export to
+   another country, of encryption software. BEFORE using any encryption software, please check the country's laws, regulations and policies concerning the import,
+   possession, or use, and re-export of encryption software, to see if this is permitted.</p>
+
+<p><small>Java and all Java-based trademarks are trademarks of Oracle Corporation in the United States, other countries, or both.</small></p>
+</body>
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.core/pom.xml b/org.eclipse.lyo.server.oauth.core/pom.xml
index a3676c4..6f0171b 100644
--- a/org.eclipse.lyo.server.oauth.core/pom.xml
+++ b/org.eclipse.lyo.server.oauth.core/pom.xml
@@ -20,7 +20,7 @@
 			<url>http://oauth.googlecode.com/svn/code/maven</url>
 		</repository>
 	</repositories>
-	
+
 	<dependencies>
 		<dependency>
 			<groupId>junit</groupId>
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/Authentication.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/Application.java
index 35ce4a6..c1b3abe 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/Authentication.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/Application.java
@@ -21,15 +21,15 @@ import javax.servlet.http.HttpServletRequest;
  * Handles authentication with the backend system.
  * 
  * @author Samuel Padgett <spadgett@us.ibm.com>
- * @see OAuthConfiguration#setAuthentication(Authentication)
+ * @see OAuthConfiguration#setApplication(Authentication)
  */
-public interface Authentication {
+public interface Application {
 	/**
 	 * Gets the name of the application to show in the login dialog.
 	 * 
 	 * @return the application name
 	 */
-	public String getApplicationName();
+	public String getName();
 
 	/**
 	 * Authenticates with the application. On errors, throws an
@@ -46,4 +46,23 @@ public interface Authentication {
 	 */
 	public void login(HttpServletRequest request, String id, String password)
 			throws AuthenticationException;
+
+	/**
+	 * Determines if the current session is an admin session. If so, the user
+	 * will be able to approve, edit, and delete OAuth consumers.
+	 * 
+	 * @param request
+	 *            the HTTP request
+	 * @return if this is an admin session
+	 */
+	public boolean isAdminSession(HttpServletRequest request);
+
+	/**
+	 * Gets the realm to be included in OAuth problem responses.
+	 * 
+	 * @param request
+	 *            the HTTP request
+	 * @return the realm
+	 */
+	public String getRealm(HttpServletRequest request);
 }
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/AuthenticationException.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/AuthenticationException.java
index bf09003..6c0a440 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/AuthenticationException.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/AuthenticationException.java
@@ -19,7 +19,7 @@ package org.eclipse.lyo.server.oauth.core;
  * An exception indicating that authentication failed.
  * 
  * @author Samuel Padgett <spadgett@us.ibm.com>
- * @see Authentication#login(String, char[])
+ * @see Application#login(String, char[])
  */
 public class AuthenticationException extends Exception {
 	private static final long serialVersionUID = -7357859796941279773L;
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthConfiguration.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthConfiguration.java
index 8ead740..dc0af06 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthConfiguration.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthConfiguration.java
@@ -15,13 +15,15 @@
  *******************************************************************************/
 package org.eclipse.lyo.server.oauth.core;
 
-import java.io.IOException;
+import javax.servlet.http.HttpServletResponse;
 
+import net.oauth.OAuthProblemException;
 import net.oauth.OAuthValidator;
 import net.oauth.SimpleOAuthValidator;
+import net.oauth.http.HttpMessage;
 
-import org.eclipse.lyo.server.oauth.core.consumer.ConsumerRegistry;
 import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
 import org.eclipse.lyo.server.oauth.core.token.SimpleTokenStrategy;
 import org.eclipse.lyo.server.oauth.core.token.TokenStrategy;
 
@@ -32,11 +34,10 @@ import org.eclipse.lyo.server.oauth.core.token.TokenStrategy;
  * @author Samuel Padgett <spadgett@us.ibm.com>
  */
 public class OAuthConfiguration {
-	private String realm;
 	private OAuthValidator validator;
 	private TokenStrategy tokenStrategy;
 	private ConsumerStore consumerStore = null;
-	private Authentication authentication = null;
+	private Application application = null;
 	private boolean v1_0Allowed = true;
 
 	private static final OAuthConfiguration instance = new OAuthConfiguration();
@@ -46,30 +47,11 @@ public class OAuthConfiguration {
 	}
 
 	private OAuthConfiguration() {
-		realm = "Lyo";
 		validator = new SimpleOAuthValidator();
 		tokenStrategy = new SimpleTokenStrategy();
 	}
 
 	/**
-	 * Gets the realm to be included in OAuth problem responses.
-	 * 
-	 * @return the realm
-	 */
-	public String getRealm() {
-		return realm;
-	}
-
-	/**
-	 * Sets the realm to be included in OAuth problem responses.
-	 * 
-	 * @param realm the realm
-	 */
-	public void setRealm(String realm) {
-		this.realm = realm;
-	}
-
-	/**
 	 * Gets the OAuth validator for validating request signatures.
 	 * 
 	 * @return the validator
@@ -118,19 +100,25 @@ public class OAuthConfiguration {
 	 * Sets the store used for managing consumers.
 	 * 
 	 * @param consumerStore the consumer store
-	 * @throws IOException 
+	 * @throws ConsumerStoreException on errors initializing the consumer registry
 	 */
-	public void setConsumerStore(ConsumerStore consumerStore) throws IOException {
+	public void setConsumerStore(ConsumerStore consumerStore) throws ConsumerStoreException {
 		this.consumerStore = consumerStore;
-		ConsumerRegistry.getInstance().init(consumerStore);
 	}
 
-	public Authentication getAuthentication() {
-		return authentication;
+	public Application getApplication() throws OAuthProblemException {
+		if (application == null) {
+			OAuthProblemException e = new OAuthProblemException();
+			e.setParameter(HttpMessage.STATUS_CODE,
+					HttpServletResponse.SC_SERVICE_UNAVAILABLE);
+			throw e;
+		}
+
+		return application;
 	}
 
-	public void setAuthentication(Authentication authentication) {
-		this.authentication = authentication;
+	public void setApplication(Application application) {
+		this.application = application;
 	}
 
 	/**
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthRequest.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthRequest.java
index ad8876d..baf4ee3 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthRequest.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthRequest.java
@@ -29,7 +29,6 @@ import net.oauth.OAuthProblemException;
 import net.oauth.OAuthValidator;
 import net.oauth.server.OAuthServlet;
 
-import org.eclipse.lyo.server.oauth.core.consumer.ConsumerRegistry;
 import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
 
 /**
@@ -63,8 +62,8 @@ public class OAuthRequest {
 		this.httpRequest = request;
 		this.message = OAuthServlet.getMessage(httpRequest, null);
 
-		LyoOAuthConsumer consumer = ConsumerRegistry.getInstance().getConsumer(
-				message);
+		LyoOAuthConsumer consumer = OAuthConfiguration.getInstance()
+				.getConsumerStore().getConsumer(message);
 		if (consumer == null) {
 			throw new OAuthProblemException(
 					OAuth.Problems.CONSUMER_KEY_REJECTED);
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerRegistry.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/AbstractConsumerStore.java
index b0541b9..e0217dd 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerRegistry.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/AbstractConsumerStore.java
@@ -16,51 +16,51 @@
 package org.eclipse.lyo.server.oauth.core.consumer;
 
 import java.io.IOException;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 
 import net.oauth.OAuth;
+import net.oauth.OAuthException;
 import net.oauth.OAuthMessage;
-import net.oauth.OAuthProblemException;
 
 /**
  * Manages the list of OAuth consumers.
  * 
  * @author Samuel Padgett <spadgett@us.ibm.com>
  */
-public class ConsumerRegistry {
+public abstract class AbstractConsumerStore implements ConsumerStore {
 	private Map<String, LyoOAuthConsumer> consumerMap = Collections
 			.synchronizedMap(new HashMap<String, LyoOAuthConsumer>());
-	private static ConsumerRegistry instance = new ConsumerRegistry();
 	
-	public static ConsumerRegistry getInstance() {
-		return instance;
-	}
+	public AbstractConsumerStore() {}
 	
-	private ConsumerRegistry() {}
-
-	public void init(ConsumerStore consumerStore) throws IOException {
-		for (LyoOAuthConsumer consumer : consumerStore.load()) {
+	public void addAll(Collection<LyoOAuthConsumer> consumers) {
+		for (LyoOAuthConsumer consumer : consumers) {
 			consumerMap.put(consumer.consumerKey, consumer);
 		}
 	}
 	
+	public Collection<LyoOAuthConsumer> getAllConsumers() {
+		return consumerMap.values();
+	}
+
 	public LyoOAuthConsumer getConsumer(OAuthMessage requestMessage)
-			throws OAuthProblemException, IOException {
+			throws OAuthException, IOException {
 		requestMessage.requireParameters(OAuth.OAUTH_CONSUMER_KEY);
 		return getConsumer(requestMessage.getConsumerKey());
 	}
-	
+
 	public LyoOAuthConsumer getConsumer(String consumerKey) {
 		return consumerMap.get(consumerKey);
 	}
 	
-//	public LyoOAuthConsumer addConsumer(LyoOAuthConsumer consumer) {
-//		return consumerMap.put(consumer.consumerKey, consumer);
-//	}
-//	
-//	public LyoOAuthConsumer removeConsumer(LyoOAuthConsumer consumer) {
-//		return consumerMap.remove(consumer);
-//	}
+	protected LyoOAuthConsumer add(LyoOAuthConsumer consumer) {
+		return consumerMap.put(consumer.consumerKey, consumer);
+	}
+	
+	protected LyoOAuthConsumer remove(String consumerKey) {
+		return consumerMap.remove(consumerKey);
+	}
 }
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStore.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStore.java
index 284be5b..ec59a9b 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStore.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStore.java
@@ -18,11 +18,91 @@ package org.eclipse.lyo.server.oauth.core.consumer;
 import java.io.IOException;
 import java.util.Collection;
 
+import net.oauth.OAuthException;
+import net.oauth.OAuthMessage;
+
 /**
  * Manages persistence of OAuth consumers.
  * 
  * @author Samuel Padgett <spadgett@us.ibm.com>
  */
 public interface ConsumerStore {
-	public Collection<LyoOAuthConsumer> load() throws IOException;
+	/**
+	 * Gets the consumer for this message.
+	 * 
+	 * @param requestMessage
+	 *            the OAuth message
+	 * 
+	 * @return the consumer
+	 * 
+	 * @throws OAuthException
+	 *             if the OAuth message does not contain a consumer key
+	 * @throws IOException
+	 *             on errors reading the message
+	 * @throws ConsumerStoreException
+	 *             on other errors
+	 */
+	public LyoOAuthConsumer getConsumer(OAuthMessage requestMessage)
+			throws OAuthException, IOException, ConsumerStoreException;
+
+	/**
+	 * Gets all OAuth consumers.
+	 * 
+	 * @return all OAuth consumers, provisional and approved
+	 * 
+	 * @throws ConsumerStoreException
+	 *             on errors
+	 */
+	public Collection<LyoOAuthConsumer> getAllConsumers()
+			throws ConsumerStoreException;
+	
+	/**
+	 * Gets the consumer for a key.
+	 * 
+	 * @param consumerKey
+	 *            the consumer key
+	 * @return the consumer or null if there is no consumer for this key
+	 * 
+	 * @throws ConsumerStoreException
+	 *             on errors
+	 */
+	public LyoOAuthConsumer getConsumer(String consumerKey)
+			throws ConsumerStoreException;
+
+	/**
+	 * Adds a new consumer.
+	 * 
+	 * @param consumer the consumer
+	 * @return the previous consumer associated with this key or null if there wasn't one
+	 * 
+	 * @throws ConsumerStoreException
+	 */
+	public LyoOAuthConsumer addConsumer(LyoOAuthConsumer consumer)
+			throws ConsumerStoreException;
+
+	/**
+	 * Removes a consumer.
+	 * 
+	 * @param key
+	 *            the consumer key
+	 * @return the removed consumer or null if it wasn't previously in the store
+	 * 
+	 * @throws ConsumerStoreException
+	 *             on errors
+	 */
+	public LyoOAuthConsumer removeConsumer(String consumerKey)
+			throws ConsumerStoreException;
+
+	/**
+	 * Updates a consumer.
+	 * 
+	 * @param consumer
+	 *            the consumer
+	 * @return the same consumer or null if it wasn't previously in the store
+	 * 
+	 * @throws ConsumerStoreException
+	 *             on errors
+	 */
+	public LyoOAuthConsumer updateConsumer(LyoOAuthConsumer consumer)
+			throws ConsumerStoreException;
 }
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStoreException.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStoreException.java
new file mode 100644
index 0000000..f0839a6
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/ConsumerStoreException.java
@@ -0,0 +1,41 @@
+package org.eclipse.lyo.server.oauth.core.consumer;
+
+import net.oauth.OAuthException;
+
+/**
+ * Indicates an error occurred loading or saving consumer data.
+ * 
+ * @author Samuel Padgett <spadgett@us.ibm.com>
+ */
+public class ConsumerStoreException extends OAuthException {
+	private static final long serialVersionUID = 1613130197672391627L;
+
+	public ConsumerStoreException() {
+		super();
+	}
+
+	public ConsumerStoreException(String message, Throwable cause) {
+		super(message, cause);
+	}
+
+	public ConsumerStoreException(String message) {
+		super(message);
+	}
+
+	public ConsumerStoreException(Throwable cause) {
+		super(cause);
+	}
+	
+	public String getMessage() {
+		String message = super.getMessage();
+		if (message == null && getCause() != null) {
+			message = getCause().getMessage();
+		}
+		
+		if (message == null) {
+			return "An error occurred.";
+		}
+		
+		return message;
+	}
+}
diff --git a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/LyoOAuthConsumer.java b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/LyoOAuthConsumer.java
index 3e45bf4..210de48 100644
--- a/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/LyoOAuthConsumer.java
+++ b/org.eclipse.lyo.server.oauth.core/src/main/java/org/eclipse/lyo/server/oauth/core/consumer/LyoOAuthConsumer.java
@@ -29,6 +29,7 @@ public class LyoOAuthConsumer extends OAuthConsumer {
 	public enum OAuthVersion { OAUTH_1_0, OAUTH_1_0A };
 	
 	private String name;
+	private boolean provisional = false;
 	private boolean trusted = false;
 
 	/*
@@ -52,6 +53,10 @@ public class LyoOAuthConsumer extends OAuthConsumer {
 		super(callbackURL, consumerKey, consumerSecret, serviceProvider);
 	}
 
+	public String getKey() {
+		return consumerKey;
+	}
+	
 	/**
 	 * Gets the name of the consumer, which might be shown in the login dialog
 	 * and other user interfaces.
@@ -73,6 +78,14 @@ public class LyoOAuthConsumer extends OAuthConsumer {
 		this.name = name;
 	}
 
+	public boolean isProvisional() {
+		return provisional;
+	}
+
+	public void setProvisional(boolean provisional) {
+		this.provisional = provisional;
+	}
+
 	/**
 	 * Answers if this consumer is trusted. If a consumer is trusted, a login
 	 * prompt might be skipped if the user is already authenticated with this
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/.gitignore b/org.eclipse.lyo.server.oauth.webapp.sample/.gitignore
index eb5a316..a8bdbc6 100644
--- a/org.eclipse.lyo.server.oauth.webapp.sample/.gitignore
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/.gitignore
@@ -1 +1,3 @@
 target
+consumerStore
+/derby.log
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/about.html b/org.eclipse.lyo.server.oauth.webapp.sample/about.html
new file mode 100644
index 0000000..b4e74aa
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/about.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>About</title>
+</head>
+<body lang="EN-US">
+	<h2>About This Content</h2>
+	<p>October 26, 2011</p>
+	<h3>License</h3>
+	<p>
+		The Eclipse Foundation makes available all content in this plug-in
+		(&quot;Content&quot;). Unless otherwise indicated below, the Content
+		is provided to you under the terms and conditions of the Eclipse
+		Public License Version 1.0 (&quot;EPL&quot;) and Eclipse Distribution
+		License Version 1.0 (&quot;EDL&quot;). A copy of the EPL is available
+		at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>
+		and a copy of the EDL is available at <a
+			href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a>.
+		For purposes of the EPL, &quot;Program&quot; will mean the Content.
+	</p>
+	<p>If you did not receive this Content directly from the Eclipse
+		Foundation, the Content is being redistributed by another party
+		(&quot;Redistributor&quot;) and different terms and conditions may
+		apply to your use of any object code in the Content. Check the
+		Redistributor's license that was provided with the Content. If no such
+		license exists, contact the Redistributor. Unless otherwise indicated
+		below, the terms and conditions of the EPL and EDL still apply to any
+		source code in the Content and such source code may be obtained at
+		<a href="http://www.eclipse.org">http://www.eclipse.org</a>.</p>
+</body>
+</html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/license/edl-v10html b/org.eclipse.lyo.server.oauth.webapp.sample/license/edl-v10html
new file mode 100644
index 0000000..5c8549b
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/license/edl-v10html
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Distribution License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<p><b>Eclipse Distribution License - v 1.0</b></p>
+
+<p>Copyright (c) 2007, Eclipse Foundation, Inc. and its licensors. </p>
+
+<p>All rights reserved.</p>
+<p>Redistribution and use in source and binary forms, with or without modification, 
+	are permitted provided that the following conditions are met:
+<ul><li>Redistributions of source code must retain the above copyright notice, 
+	this list of conditions and the following disclaimer. </li>
+<li>Redistributions in binary form must reproduce the above copyright notice, 
+	this list of conditions and the following disclaimer in the documentation 
+	and/or other materials provided with the distribution. </li>
+<li>Neither the name of the Eclipse Foundation, Inc. nor the names of its 
+	contributors may be used to endorse or promote products derived from 
+	this software without specific prior written permission. </li></ul>
+</p>
+<p>THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
+POSSIBILITY OF SUCH DAMAGE.</p>
+
+</body>
+
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/license/epl-v10.html b/org.eclipse.lyo.server.oauth.webapp.sample/license/epl-v10.html
new file mode 100644
index 0000000..b398acc
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/license/epl-v10.html
@@ -0,0 +1,259 @@
+<!--?xml version="1.0" encoding="ISO-8859-1" ?-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"><head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>Eclipse Public License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<h2>Eclipse Public License - v 1.0</h2>
+
+<p>THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE
+PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR
+DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS
+AGREEMENT.</p>
+
+<p><b>1. DEFINITIONS</b></p>
+
+<p>"Contribution" means:</p>
+
+<p class="list">a) in the case of the initial Contributor, the initial
+code and documentation distributed under this Agreement, and</p>
+<p class="list">b) in the case of each subsequent Contributor:</p>
+<p class="list">i) changes to the Program, and</p>
+<p class="list">ii) additions to the Program;</p>
+<p class="list">where such changes and/or additions to the Program
+originate from and are distributed by that particular Contributor. A
+Contribution 'originates' from a Contributor if it was added to the
+Program by such Contributor itself or anyone acting on such
+Contributor's behalf. Contributions do not include additions to the
+Program which: (i) are separate modules of software distributed in
+conjunction with the Program under their own license agreement, and (ii)
+are not derivative works of the Program.</p>
+
+<p>"Contributor" means any person or entity that distributes
+the Program.</p>
+
+<p>"Licensed Patents" mean patent claims licensable by a
+Contributor which are necessarily infringed by the use or sale of its
+Contribution alone or when combined with the Program.</p>
+
+<p>"Program" means the Contributions distributed in accordance
+with this Agreement.</p>
+
+<p>"Recipient" means anyone who receives the Program under
+this Agreement, including all Contributors.</p>
+
+<p><b>2. GRANT OF RIGHTS</b></p>
+
+<p class="list">a) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free copyright license to reproduce, prepare derivative works
+of, publicly display, publicly perform, distribute and sublicense the
+Contribution of such Contributor, if any, and such derivative works, in
+source code and object code form.</p>
+
+<p class="list">b) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free patent license under Licensed Patents to make, use, sell,
+offer to sell, import and otherwise transfer the Contribution of such
+Contributor, if any, in source code and object code form. This patent
+license shall apply to the combination of the Contribution and the
+Program if, at the time the Contribution is added by the Contributor,
+such addition of the Contribution causes such combination to be covered
+by the Licensed Patents. The patent license shall not apply to any other
+combinations which include the Contribution. No hardware per se is
+licensed hereunder.</p>
+
+<p class="list">c) Recipient understands that although each Contributor
+grants the licenses to its Contributions set forth herein, no assurances
+are provided by any Contributor that the Program does not infringe the
+patent or other intellectual property rights of any other entity. Each
+Contributor disclaims any liability to Recipient for claims brought by
+any other entity based on infringement of intellectual property rights
+or otherwise. As a condition to exercising the rights and licenses
+granted hereunder, each Recipient hereby assumes sole responsibility to
+secure any other intellectual property rights needed, if any. For
+example, if a third party patent license is required to allow Recipient
+to distribute the Program, it is Recipient's responsibility to acquire
+that license before distributing the Program.</p>
+
+<p class="list">d) Each Contributor represents that to its knowledge it
+has sufficient copyright rights in its Contribution, if any, to grant
+the copyright license set forth in this Agreement.</p>
+
+<p><b>3. REQUIREMENTS</b></p>
+
+<p>A Contributor may choose to distribute the Program in object code
+form under its own license agreement, provided that:</p>
+
+<p class="list">a) it complies with the terms and conditions of this
+Agreement; and</p>
+
+<p class="list">b) its license agreement:</p>
+
+<p class="list">i) effectively disclaims on behalf of all Contributors
+all warranties and conditions, express and implied, including warranties
+or conditions of title and non-infringement, and implied warranties or
+conditions of merchantability and fitness for a particular purpose;</p>
+
+<p class="list">ii) effectively excludes on behalf of all Contributors
+all liability for damages, including direct, indirect, special,
+incidental and consequential damages, such as lost profits;</p>
+
+<p class="list">iii) states that any provisions which differ from this
+Agreement are offered by that Contributor alone and not by any other
+party; and</p>
+
+<p class="list">iv) states that source code for the Program is available
+from such Contributor, and informs licensees how to obtain it in a
+reasonable manner on or through a medium customarily used for software
+exchange.</p>
+
+<p>When the Program is made available in source code form:</p>
+
+<p class="list">a) it must be made available under this Agreement; and</p>
+
+<p class="list">b) a copy of this Agreement must be included with each
+copy of the Program.</p>
+
+<p>Contributors may not remove or alter any copyright notices contained
+within the Program.</p>
+
+<p>Each Contributor must identify itself as the originator of its
+Contribution, if any, in a manner that reasonably allows subsequent
+Recipients to identify the originator of the Contribution.</p>
+
+<p><b>4. COMMERCIAL DISTRIBUTION</b></p>
+
+<p>Commercial distributors of software may accept certain
+responsibilities with respect to end users, business partners and the
+like. While this license is intended to facilitate the commercial use of
+the Program, the Contributor who includes the Program in a commercial
+product offering should do so in a manner which does not create
+potential liability for other Contributors. Therefore, if a Contributor
+includes the Program in a commercial product offering, such Contributor
+("Commercial Contributor") hereby agrees to defend and
+indemnify every other Contributor ("Indemnified Contributor")
+against any losses, damages and costs (collectively "Losses")
+arising from claims, lawsuits and other legal actions brought by a third
+party against the Indemnified Contributor to the extent caused by the
+acts or omissions of such Commercial Contributor in connection with its
+distribution of the Program in a commercial product offering. The
+obligations in this section do not apply to any claims or Losses
+relating to any actual or alleged intellectual property infringement. In
+order to qualify, an Indemnified Contributor must: a) promptly notify
+the Commercial Contributor in writing of such claim, and b) allow the
+Commercial Contributor to control, and cooperate with the Commercial
+Contributor in, the defense and any related settlement negotiations. The
+Indemnified Contributor may participate in any such claim at its own
+expense.</p>
+
+<p>For example, a Contributor might include the Program in a commercial
+product offering, Product X. That Contributor is then a Commercial
+Contributor. If that Commercial Contributor then makes performance
+claims, or offers warranties related to Product X, those performance
+claims and warranties are such Commercial Contributor's responsibility
+alone. Under this section, the Commercial Contributor would have to
+defend claims against the other Contributors related to those
+performance claims and warranties, and if a court requires any other
+Contributor to pay any damages as a result, the Commercial Contributor
+must pay those damages.</p>
+
+<p><b>5. NO WARRANTY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS
+PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION,
+ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY
+OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
+responsible for determining the appropriateness of using and
+distributing the Program and assumes all risks associated with its
+exercise of rights under this Agreement , including but not limited to
+the risks and costs of program errors, compliance with applicable laws,
+damage to or loss of data, programs or equipment, and unavailability or
+interruption of operations.</p>
+
+<p><b>6. DISCLAIMER OF LIABILITY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT
+NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING
+WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR
+DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
+HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</p>
+
+<p><b>7. GENERAL</b></p>
+
+<p>If any provision of this Agreement is invalid or unenforceable under
+applicable law, it shall not affect the validity or enforceability of
+the remainder of the terms of this Agreement, and without further action
+by the parties hereto, such provision shall be reformed to the minimum
+extent necessary to make such provision valid and enforceable.</p>
+
+<p>If Recipient institutes patent litigation against any entity
+(including a cross-claim or counterclaim in a lawsuit) alleging that the
+Program itself (excluding combinations of the Program with other
+software or hardware) infringes such Recipient's patent(s), then such
+Recipient's rights granted under Section 2(b) shall terminate as of the
+date such litigation is filed.</p>
+
+<p>All Recipient's rights under this Agreement shall terminate if it
+fails to comply with any of the material terms or conditions of this
+Agreement and does not cure such failure in a reasonable period of time
+after becoming aware of such noncompliance. If all Recipient's rights
+under this Agreement terminate, Recipient agrees to cease use and
+distribution of the Program as soon as reasonably practicable. However,
+Recipient's obligations under this Agreement and any licenses granted by
+Recipient relating to the Program shall continue and survive.</p>
+
+<p>Everyone is permitted to copy and distribute copies of this
+Agreement, but in order to avoid inconsistency the Agreement is
+copyrighted and may only be modified in the following manner. The
+Agreement Steward reserves the right to publish new versions (including
+revisions) of this Agreement from time to time. No one other than the
+Agreement Steward has the right to modify this Agreement. The Eclipse
+Foundation is the initial Agreement Steward. The Eclipse Foundation may
+assign the responsibility to serve as the Agreement Steward to a
+suitable separate entity. Each new version of the Agreement will be
+given a distinguishing version number. The Program (including
+Contributions) may always be distributed subject to the version of the
+Agreement under which it was received. In addition, after a new version
+of the Agreement is published, Contributor may elect to distribute the
+Program (including its Contributions) under the new version. Except as
+expressly stated in Sections 2(a) and 2(b) above, Recipient receives no
+rights or licenses to the intellectual property of any Contributor under
+this Agreement, whether expressly, by implication, estoppel or
+otherwise. All rights in the Program not expressly granted under this
+Agreement are reserved.</p>
+
+<p>This Agreement is governed by the laws of the State of New York and
+the intellectual property laws of the United States of America. No party
+to this Agreement will bring a legal action under this Agreement more
+than one year after the cause of action arose. Each party waives its
+rights to a jury trial in any resulting litigation.</p>
+
+
+
+</body></html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/license/notice.html b/org.eclipse.lyo.server.oauth.webapp.sample/license/notice.html
new file mode 100644
index 0000000..6569bbf
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/license/notice.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Foundation Software User Agreement</title>
+</head>
+
+<body lang="EN-US">
+<h2>Eclipse Foundation Software User Agreement</h2>
+<p>February 1, 2011</p>
+
+<h3>Usage Of Content</h3>
+
+<p>THE ECLIPSE FOUNDATION MAKES AVAILABLE SOFTWARE, DOCUMENTATION, INFORMATION AND/OR OTHER MATERIALS FOR OPEN SOURCE PROJECTS
+   (COLLECTIVELY &quot;CONTENT&quot;).  USE OF THE CONTENT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT AND/OR THE TERMS AND
+   CONDITIONS OF LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW.  BY USING THE CONTENT, YOU AGREE THAT YOUR USE
+   OF THE CONTENT IS GOVERNED BY THIS AGREEMENT AND/OR THE TERMS AND CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR
+   NOTICES INDICATED OR REFERENCED BELOW.  IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND THE TERMS AND
+   CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW, THEN YOU MAY NOT USE THE CONTENT.</p>
+
+<h3>Applicable Licenses</h3>
+
+<p>Unless otherwise indicated, all Content made available by the Eclipse Foundation is provided to you under the terms and conditions of the Eclipse Public License Version 1.0
+   (&quot;EPL&quot;).  A copy of the EPL is provided with this Content and is also available at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>.
+   For purposes of the EPL, &quot;Program&quot; will mean the Content.</p>
+
+<p>Content includes, but is not limited to, source code, object code, documentation and other files maintained in the Eclipse Foundation source code
+   repository (&quot;Repository&quot;) in software modules (&quot;Modules&quot;) and made available as downloadable archives (&quot;Downloads&quot;).</p>
+
+<ul>
+       <li>Content may be structured and packaged into modules to facilitate delivering, extending, and upgrading the Content.  Typical modules may include plug-ins (&quot;Plug-ins&quot;), plug-in fragments (&quot;Fragments&quot;), and features (&quot;Features&quot;).</li>
+       <li>Each Plug-in or Fragment may be packaged as a sub-directory or JAR (Java&trade; ARchive) in a directory named &quot;plugins&quot;.</li>
+       <li>A Feature is a bundle of one or more Plug-ins and/or Fragments and associated material.  Each Feature may be packaged as a sub-directory in a directory named &quot;features&quot;.  Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of the Plug-ins
+      and/or Fragments associated with that Feature.</li>
+       <li>Features may also include other Features (&quot;Included Features&quot;). Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of Included Features.</li>
+</ul>
+
+<p>The terms and conditions governing Plug-ins and Fragments should be contained in files named &quot;about.html&quot; (&quot;Abouts&quot;). The terms and conditions governing Features and
+Included Features should be contained in files named &quot;license.html&quot; (&quot;Feature Licenses&quot;).  Abouts and Feature Licenses may be located in any directory of a Download or Module
+including, but not limited to the following locations:</p>
+
+<ul>
+       <li>The top-level (root) directory</li>
+       <li>Plug-in and Fragment directories</li>
+       <li>Inside Plug-ins and Fragments packaged as JARs</li>
+       <li>Sub-directories of the directory named &quot;src&quot; of certain Plug-ins</li>
+       <li>Feature directories</li>
+</ul>
+
+<p>Note: if a Feature made available by the Eclipse Foundation is installed using the Provisioning Technology (as defined below), you must agree to a license (&quot;Feature Update License&quot;) during the
+installation process.  If the Feature contains Included Features, the Feature Update License should either provide you with the terms and conditions governing the Included Features or
+inform you where you can locate them.  Feature Update Licenses may be found in the &quot;license&quot; property of files named &quot;feature.properties&quot; found within a Feature.
+Such Abouts, Feature Licenses, and Feature Update Licenses contain the terms and conditions (or references to such terms and conditions) that govern your use of the associated Content in
+that directory.</p>
+
+<p>THE ABOUTS, FEATURE LICENSES, AND FEATURE UPDATE LICENSES MAY REFER TO THE EPL OR OTHER LICENSE AGREEMENTS, NOTICES OR TERMS AND CONDITIONS.  SOME OF THESE
+OTHER LICENSE AGREEMENTS MAY INCLUDE (BUT ARE NOT LIMITED TO):</p>
+
+<ul>
+       <li>Eclipse Distribution License Version 1.0 (available at <a href="http://www.eclipse.org/licenses/edl-v10.html">http://www.eclipse.org/licenses/edl-v1.0.html</a>)</li>
+       <li>Common Public License Version 1.0 (available at <a href="http://www.eclipse.org/legal/cpl-v10.html">http://www.eclipse.org/legal/cpl-v10.html</a>)</li>
+       <li>Apache Software License 1.1 (available at <a href="http://www.apache.org/licenses/LICENSE">http://www.apache.org/licenses/LICENSE</a>)</li>
+       <li>Apache Software License 2.0 (available at <a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a>)</li>
+       <li>Metro Link Public License 1.00 (available at <a href="http://www.opengroup.org/openmotif/supporters/metrolink/license.html">http://www.opengroup.org/openmotif/supporters/metrolink/license.html</a>)</li>
+       <li>Mozilla Public License Version 1.1 (available at <a href="http://www.mozilla.org/MPL/MPL-1.1.html">http://www.mozilla.org/MPL/MPL-1.1.html</a>)</li>
+</ul>
+
+<p>IT IS YOUR OBLIGATION TO READ AND ACCEPT ALL SUCH TERMS AND CONDITIONS PRIOR TO USE OF THE CONTENT.  If no About, Feature License, or Feature Update License is provided, please
+contact the Eclipse Foundation to determine what terms and conditions govern that particular Content.</p>
+
+
+<h3>Use of Provisioning Technology</h3>
+
+<p>The Eclipse Foundation makes available provisioning software, examples of which include, but are not limited to, p2 and the Eclipse
+   Update Manager (&quot;Provisioning Technology&quot;) for the purpose of allowing users to install software, documentation, information and/or
+   other materials (collectively &quot;Installable Software&quot;). This capability is provided with the intent of allowing such users to
+   install, extend and update Eclipse-based products. Information about packaging Installable Software is available at <a
+       href="http://eclipse.org/equinox/p2/repository_packaging.html">http://eclipse.org/equinox/p2/repository_packaging.html</a>
+   (&quot;Specification&quot;).</p>
+
+<p>You may use Provisioning Technology to allow other parties to install Installable Software. You shall be responsible for enabling the
+   applicable license agreements relating to the Installable Software to be presented to, and accepted by, the users of the Provisioning Technology
+   in accordance with the Specification. By using Provisioning Technology in such a manner and making it available in accordance with the
+   Specification, you further acknowledge your agreement to, and the acquisition of all necessary rights to permit the following:</p>
+
+<ol>
+       <li>A series of actions may occur (&quot;Provisioning Process&quot;) in which a user may execute the Provisioning Technology
+       on a machine (&quot;Target Machine&quot;) with the intent of installing, extending or updating the functionality of an Eclipse-based
+       product.</li>
+       <li>During the Provisioning Process, the Provisioning Technology may cause third party Installable Software or a portion thereof to be
+       accessed and copied to the Target Machine.</li>
+       <li>Pursuant to the Specification, you will provide to the user the terms and conditions that govern the use of the Installable
+       Software (&quot;Installable Software Agreement&quot;) and such Installable Software Agreement shall be accessed from the Target
+       Machine in accordance with the Specification. Such Installable Software Agreement must inform the user of the terms and conditions that govern
+       the Installable Software and must solicit acceptance by the end user in the manner prescribed in such Installable Software Agreement. Upon such
+       indication of agreement by the user, the provisioning Technology will complete installation of the Installable Software.</li>
+</ol>
+
+<h3>Cryptography</h3>
+
+<p>Content may contain encryption software. The country in which you are currently may have restrictions on the import, possession, and use, and/or re-export to
+   another country, of encryption software. BEFORE using any encryption software, please check the country's laws, regulations and policies concerning the import,
+   possession, or use, and re-export of encryption software, to see if this is permitted.</p>
+
+<p><small>Java and all Java-based trademarks are trademarks of Oracle Corporation in the United States, other countries, or both.</small></p>
+</body>
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/pom.xml b/org.eclipse.lyo.server.oauth.webapp.sample/pom.xml
index 6d87404..710abaf 100644
--- a/org.eclipse.lyo.server.oauth.webapp.sample/pom.xml
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/pom.xml
@@ -25,11 +25,21 @@
 			<version>0.0.1-SNAPSHOT</version>
 		</dependency>
 		<dependency>
+			<groupId>org.eclipse.lyo.server</groupId>
+			<artifactId>oauth-consumer-store</artifactId>
+			<version>0.0.1-SNAPSHOT</version>
+		</dependency>
+		<dependency>
 			<groupId>org.apache.wink</groupId>
 			<artifactId>wink-server</artifactId>
 			<version>1.1.3-incubating</version>
 		</dependency>
 		<dependency>
+			<groupId>org.apache.wink</groupId>
+			<artifactId>wink-json4j</artifactId>
+			<version>1.1.3-incubating</version>
+		</dependency>
+		<dependency>
 			<groupId>org.apache.geronimo.specs</groupId>
 			<artifactId>geronimo-servlet_2.5_spec</artifactId>
 			<version>1.2</version>
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/src/main/java/org/eclipse/lyo/server/oauth/webapp/sample/SecureHelloWorld.java b/org.eclipse.lyo.server.oauth.webapp.sample/src/main/java/org/eclipse/lyo/server/oauth/webapp/sample/SecureHelloWorld.java
index e50f0d5..8cb142a 100644
--- a/org.eclipse.lyo.server.oauth.webapp.sample/src/main/java/org/eclipse/lyo/server/oauth/webapp/sample/SecureHelloWorld.java
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/src/main/java/org/eclipse/lyo/server/oauth/webapp/sample/SecureHelloWorld.java
@@ -16,8 +16,7 @@
 package org.eclipse.lyo.server.oauth.webapp.sample;
 
 import java.io.IOException;
-import java.util.Collection;
-import java.util.Collections;
+import java.sql.SQLException;
 
 import javax.servlet.ServletContextEvent;
 import javax.servlet.ServletContextListener;
@@ -34,12 +33,12 @@ import javax.ws.rs.core.Response.Status;
 import net.oauth.OAuthException;
 import net.oauth.server.OAuthServlet;
 
-import org.eclipse.lyo.server.oauth.core.Authentication;
+import org.eclipse.lyo.server.oauth.consumerstore.RdfConsumerStore;
+import org.eclipse.lyo.server.oauth.core.Application;
 import org.eclipse.lyo.server.oauth.core.AuthenticationException;
 import org.eclipse.lyo.server.oauth.core.OAuthConfiguration;
 import org.eclipse.lyo.server.oauth.core.OAuthRequest;
-import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
-import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
 
 /**
  * A simple OAuth example using the Lyo OAuth provider framework.
@@ -56,6 +55,11 @@ public class SecureHelloWorld implements ServletContextListener {
 	private HttpServletResponse httpResponse;
 
 	/**
+	 * The OAuth realm for this application.
+	 */
+	public static final String REALM = "Hello";
+	
+	/**
 	 * Initialize the OAuth provider when the webapp loads.
 	 * 
 	 * @param event
@@ -65,11 +69,8 @@ public class SecureHelloWorld implements ServletContextListener {
 	public void contextInitialized(ServletContextEvent event) {
 		OAuthConfiguration config = OAuthConfiguration.getInstance();
 
-		// The realm used in 401 unauthorized responses.
-		config.setRealm("Hello");
-
 		// Validates a user's ID and password.
-		config.setAuthentication(new Authentication() {
+		config.setApplication(new Application() {
 			@Override
 			public void login(HttpServletRequest request, String id,
 					String password) throws AuthenticationException {
@@ -78,27 +79,32 @@ public class SecureHelloWorld implements ServletContextListener {
 				if ("bogus".equals(password)) {
 					throw new AuthenticationException("Invalid ID or password.");
 				}
+				
+				request.getSession().setAttribute("admin", "admin".equals(id));
 			}
 
 			@Override
-			public String getApplicationName() {
-				// Display name for this application.
+			public String getName() {
 				return "Hello World";
 			}
-		});
 
+			@Override
+			public boolean isAdminSession(HttpServletRequest request) {
+				return Boolean.TRUE
+						.equals(request.getSession().getAttribute("admin"));
+			}
+
+			@Override
+			public String getRealm(HttpServletRequest request) {
+				return REALM;
+			}
+		});
+		
 		try {
-			// The consumers.
-			config.setConsumerStore(new ConsumerStore() {
-				@Override
-				public Collection<LyoOAuthConsumer> load() throws IOException {
-					// Define one consumer with key "key" and secret "secret".
-					LyoOAuthConsumer consumer = new LyoOAuthConsumer("key", "secret");
-					consumer.setName("Hello World Consumer");
-					return Collections.singletonList(consumer);
-				}
-			});
-		} catch (IOException e) {
+			config.setConsumerStore(new RdfConsumerStore());
+		} catch (ConsumerStoreException e) {
+			e.printStackTrace();
+		} catch (SQLException e) {
 			e.printStackTrace();
 		}
 	}
@@ -114,8 +120,7 @@ public class SecureHelloWorld implements ServletContextListener {
 			request.validate();
 		} catch (OAuthException e) {
 			// Request failed validation. Send an unauthorized response.
-			OAuthServlet.handleException(httpResponse, e, OAuthConfiguration
-					.getInstance().getRealm());
+			OAuthServlet.handleException(httpResponse, e, REALM);
 			return Response.status(Status.UNAUTHORIZED).build();
 		}
 
diff --git a/org.eclipse.lyo.server.oauth.webapp.sample/src/main/webapp/WEB-INF/web.xml b/org.eclipse.lyo.server.oauth.webapp.sample/src/main/webapp/WEB-INF/web.xml
index 40474b6..aa90a2b 100644
--- a/org.eclipse.lyo.server.oauth.webapp.sample/src/main/webapp/WEB-INF/web.xml
+++ b/org.eclipse.lyo.server.oauth.webapp.sample/src/main/webapp/WEB-INF/web.xml
@@ -3,7 +3,7 @@
  "http://java.sun.com/dtd/web-app_2_3.dtd" >
 
 <web-app>
-	<display-name>Eclipse Lyo OAuth Provider Framework</display-name>
+	<display-name>Eclipse Lyo OAuth Provider Framework Sample</display-name>
 	<servlet>
 		<servlet-name>JAX-RS Services</servlet-name>
 		<servlet-class>
diff --git a/org.eclipse.lyo.server.oauth.webapp/about.html b/org.eclipse.lyo.server.oauth.webapp/about.html
new file mode 100644
index 0000000..b4e74aa
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/about.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>About</title>
+</head>
+<body lang="EN-US">
+	<h2>About This Content</h2>
+	<p>October 26, 2011</p>
+	<h3>License</h3>
+	<p>
+		The Eclipse Foundation makes available all content in this plug-in
+		(&quot;Content&quot;). Unless otherwise indicated below, the Content
+		is provided to you under the terms and conditions of the Eclipse
+		Public License Version 1.0 (&quot;EPL&quot;) and Eclipse Distribution
+		License Version 1.0 (&quot;EDL&quot;). A copy of the EPL is available
+		at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>
+		and a copy of the EDL is available at <a
+			href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a>.
+		For purposes of the EPL, &quot;Program&quot; will mean the Content.
+	</p>
+	<p>If you did not receive this Content directly from the Eclipse
+		Foundation, the Content is being redistributed by another party
+		(&quot;Redistributor&quot;) and different terms and conditions may
+		apply to your use of any object code in the Content. Check the
+		Redistributor's license that was provided with the Content. If no such
+		license exists, contact the Redistributor. Unless otherwise indicated
+		below, the terms and conditions of the EPL and EDL still apply to any
+		source code in the Content and such source code may be obtained at
+		<a href="http://www.eclipse.org">http://www.eclipse.org</a>.</p>
+</body>
+</html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.webapp/license/edl-v10html b/org.eclipse.lyo.server.oauth.webapp/license/edl-v10html
new file mode 100644
index 0000000..5c8549b
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/license/edl-v10html
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Distribution License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<p><b>Eclipse Distribution License - v 1.0</b></p>
+
+<p>Copyright (c) 2007, Eclipse Foundation, Inc. and its licensors. </p>
+
+<p>All rights reserved.</p>
+<p>Redistribution and use in source and binary forms, with or without modification, 
+	are permitted provided that the following conditions are met:
+<ul><li>Redistributions of source code must retain the above copyright notice, 
+	this list of conditions and the following disclaimer. </li>
+<li>Redistributions in binary form must reproduce the above copyright notice, 
+	this list of conditions and the following disclaimer in the documentation 
+	and/or other materials provided with the distribution. </li>
+<li>Neither the name of the Eclipse Foundation, Inc. nor the names of its 
+	contributors may be used to endorse or promote products derived from 
+	this software without specific prior written permission. </li></ul>
+</p>
+<p>THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
+POSSIBILITY OF SUCH DAMAGE.</p>
+
+</body>
+
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.webapp/license/epl-v10.html b/org.eclipse.lyo.server.oauth.webapp/license/epl-v10.html
new file mode 100644
index 0000000..b398acc
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/license/epl-v10.html
@@ -0,0 +1,259 @@
+<!--?xml version="1.0" encoding="ISO-8859-1" ?-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"><head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>Eclipse Public License - Version 1.0</title>
+<style type="text/css">
+  body {
+    size: 8.5in 11.0in;
+    margin: 0.25in 0.5in 0.25in 0.5in;
+    tab-interval: 0.5in;
+    }
+  p {  	
+    margin-left: auto;
+    margin-top:  0.5em;
+    margin-bottom: 0.5em;
+    }
+  p.list {
+  	margin-left: 0.5in;
+    margin-top:  0.05em;
+    margin-bottom: 0.05em;
+    }
+  </style>
+
+</head>
+
+<body lang="EN-US">
+
+<h2>Eclipse Public License - v 1.0</h2>
+
+<p>THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE
+PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR
+DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS
+AGREEMENT.</p>
+
+<p><b>1. DEFINITIONS</b></p>
+
+<p>"Contribution" means:</p>
+
+<p class="list">a) in the case of the initial Contributor, the initial
+code and documentation distributed under this Agreement, and</p>
+<p class="list">b) in the case of each subsequent Contributor:</p>
+<p class="list">i) changes to the Program, and</p>
+<p class="list">ii) additions to the Program;</p>
+<p class="list">where such changes and/or additions to the Program
+originate from and are distributed by that particular Contributor. A
+Contribution 'originates' from a Contributor if it was added to the
+Program by such Contributor itself or anyone acting on such
+Contributor's behalf. Contributions do not include additions to the
+Program which: (i) are separate modules of software distributed in
+conjunction with the Program under their own license agreement, and (ii)
+are not derivative works of the Program.</p>
+
+<p>"Contributor" means any person or entity that distributes
+the Program.</p>
+
+<p>"Licensed Patents" mean patent claims licensable by a
+Contributor which are necessarily infringed by the use or sale of its
+Contribution alone or when combined with the Program.</p>
+
+<p>"Program" means the Contributions distributed in accordance
+with this Agreement.</p>
+
+<p>"Recipient" means anyone who receives the Program under
+this Agreement, including all Contributors.</p>
+
+<p><b>2. GRANT OF RIGHTS</b></p>
+
+<p class="list">a) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free copyright license to reproduce, prepare derivative works
+of, publicly display, publicly perform, distribute and sublicense the
+Contribution of such Contributor, if any, and such derivative works, in
+source code and object code form.</p>
+
+<p class="list">b) Subject to the terms of this Agreement, each
+Contributor hereby grants Recipient a non-exclusive, worldwide,
+royalty-free patent license under Licensed Patents to make, use, sell,
+offer to sell, import and otherwise transfer the Contribution of such
+Contributor, if any, in source code and object code form. This patent
+license shall apply to the combination of the Contribution and the
+Program if, at the time the Contribution is added by the Contributor,
+such addition of the Contribution causes such combination to be covered
+by the Licensed Patents. The patent license shall not apply to any other
+combinations which include the Contribution. No hardware per se is
+licensed hereunder.</p>
+
+<p class="list">c) Recipient understands that although each Contributor
+grants the licenses to its Contributions set forth herein, no assurances
+are provided by any Contributor that the Program does not infringe the
+patent or other intellectual property rights of any other entity. Each
+Contributor disclaims any liability to Recipient for claims brought by
+any other entity based on infringement of intellectual property rights
+or otherwise. As a condition to exercising the rights and licenses
+granted hereunder, each Recipient hereby assumes sole responsibility to
+secure any other intellectual property rights needed, if any. For
+example, if a third party patent license is required to allow Recipient
+to distribute the Program, it is Recipient's responsibility to acquire
+that license before distributing the Program.</p>
+
+<p class="list">d) Each Contributor represents that to its knowledge it
+has sufficient copyright rights in its Contribution, if any, to grant
+the copyright license set forth in this Agreement.</p>
+
+<p><b>3. REQUIREMENTS</b></p>
+
+<p>A Contributor may choose to distribute the Program in object code
+form under its own license agreement, provided that:</p>
+
+<p class="list">a) it complies with the terms and conditions of this
+Agreement; and</p>
+
+<p class="list">b) its license agreement:</p>
+
+<p class="list">i) effectively disclaims on behalf of all Contributors
+all warranties and conditions, express and implied, including warranties
+or conditions of title and non-infringement, and implied warranties or
+conditions of merchantability and fitness for a particular purpose;</p>
+
+<p class="list">ii) effectively excludes on behalf of all Contributors
+all liability for damages, including direct, indirect, special,
+incidental and consequential damages, such as lost profits;</p>
+
+<p class="list">iii) states that any provisions which differ from this
+Agreement are offered by that Contributor alone and not by any other
+party; and</p>
+
+<p class="list">iv) states that source code for the Program is available
+from such Contributor, and informs licensees how to obtain it in a
+reasonable manner on or through a medium customarily used for software
+exchange.</p>
+
+<p>When the Program is made available in source code form:</p>
+
+<p class="list">a) it must be made available under this Agreement; and</p>
+
+<p class="list">b) a copy of this Agreement must be included with each
+copy of the Program.</p>
+
+<p>Contributors may not remove or alter any copyright notices contained
+within the Program.</p>
+
+<p>Each Contributor must identify itself as the originator of its
+Contribution, if any, in a manner that reasonably allows subsequent
+Recipients to identify the originator of the Contribution.</p>
+
+<p><b>4. COMMERCIAL DISTRIBUTION</b></p>
+
+<p>Commercial distributors of software may accept certain
+responsibilities with respect to end users, business partners and the
+like. While this license is intended to facilitate the commercial use of
+the Program, the Contributor who includes the Program in a commercial
+product offering should do so in a manner which does not create
+potential liability for other Contributors. Therefore, if a Contributor
+includes the Program in a commercial product offering, such Contributor
+("Commercial Contributor") hereby agrees to defend and
+indemnify every other Contributor ("Indemnified Contributor")
+against any losses, damages and costs (collectively "Losses")
+arising from claims, lawsuits and other legal actions brought by a third
+party against the Indemnified Contributor to the extent caused by the
+acts or omissions of such Commercial Contributor in connection with its
+distribution of the Program in a commercial product offering. The
+obligations in this section do not apply to any claims or Losses
+relating to any actual or alleged intellectual property infringement. In
+order to qualify, an Indemnified Contributor must: a) promptly notify
+the Commercial Contributor in writing of such claim, and b) allow the
+Commercial Contributor to control, and cooperate with the Commercial
+Contributor in, the defense and any related settlement negotiations. The
+Indemnified Contributor may participate in any such claim at its own
+expense.</p>
+
+<p>For example, a Contributor might include the Program in a commercial
+product offering, Product X. That Contributor is then a Commercial
+Contributor. If that Commercial Contributor then makes performance
+claims, or offers warranties related to Product X, those performance
+claims and warranties are such Commercial Contributor's responsibility
+alone. Under this section, the Commercial Contributor would have to
+defend claims against the other Contributors related to those
+performance claims and warranties, and if a court requires any other
+Contributor to pay any damages as a result, the Commercial Contributor
+must pay those damages.</p>
+
+<p><b>5. NO WARRANTY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS
+PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION,
+ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY
+OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
+responsible for determining the appropriateness of using and
+distributing the Program and assumes all risks associated with its
+exercise of rights under this Agreement , including but not limited to
+the risks and costs of program errors, compliance with applicable laws,
+damage to or loss of data, programs or equipment, and unavailability or
+interruption of operations.</p>
+
+<p><b>6. DISCLAIMER OF LIABILITY</b></p>
+
+<p>EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT
+NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING
+WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR
+DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
+HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</p>
+
+<p><b>7. GENERAL</b></p>
+
+<p>If any provision of this Agreement is invalid or unenforceable under
+applicable law, it shall not affect the validity or enforceability of
+the remainder of the terms of this Agreement, and without further action
+by the parties hereto, such provision shall be reformed to the minimum
+extent necessary to make such provision valid and enforceable.</p>
+
+<p>If Recipient institutes patent litigation against any entity
+(including a cross-claim or counterclaim in a lawsuit) alleging that the
+Program itself (excluding combinations of the Program with other
+software or hardware) infringes such Recipient's patent(s), then such
+Recipient's rights granted under Section 2(b) shall terminate as of the
+date such litigation is filed.</p>
+
+<p>All Recipient's rights under this Agreement shall terminate if it
+fails to comply with any of the material terms or conditions of this
+Agreement and does not cure such failure in a reasonable period of time
+after becoming aware of such noncompliance. If all Recipient's rights
+under this Agreement terminate, Recipient agrees to cease use and
+distribution of the Program as soon as reasonably practicable. However,
+Recipient's obligations under this Agreement and any licenses granted by
+Recipient relating to the Program shall continue and survive.</p>
+
+<p>Everyone is permitted to copy and distribute copies of this
+Agreement, but in order to avoid inconsistency the Agreement is
+copyrighted and may only be modified in the following manner. The
+Agreement Steward reserves the right to publish new versions (including
+revisions) of this Agreement from time to time. No one other than the
+Agreement Steward has the right to modify this Agreement. The Eclipse
+Foundation is the initial Agreement Steward. The Eclipse Foundation may
+assign the responsibility to serve as the Agreement Steward to a
+suitable separate entity. Each new version of the Agreement will be
+given a distinguishing version number. The Program (including
+Contributions) may always be distributed subject to the version of the
+Agreement under which it was received. In addition, after a new version
+of the Agreement is published, Contributor may elect to distribute the
+Program (including its Contributions) under the new version. Except as
+expressly stated in Sections 2(a) and 2(b) above, Recipient receives no
+rights or licenses to the intellectual property of any Contributor under
+this Agreement, whether expressly, by implication, estoppel or
+otherwise. All rights in the Program not expressly granted under this
+Agreement are reserved.</p>
+
+<p>This Agreement is governed by the laws of the State of New York and
+the intellectual property laws of the United States of America. No party
+to this Agreement will bring a legal action under this Agreement more
+than one year after the cause of action arose. Each party waives its
+rights to a jury trial in any resulting litigation.</p>
+
+
+
+</body></html>
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.webapp/license/notice.html b/org.eclipse.lyo.server.oauth.webapp/license/notice.html
new file mode 100644
index 0000000..6569bbf
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/license/notice.html
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
+<title>Eclipse Foundation Software User Agreement</title>
+</head>
+
+<body lang="EN-US">
+<h2>Eclipse Foundation Software User Agreement</h2>
+<p>February 1, 2011</p>
+
+<h3>Usage Of Content</h3>
+
+<p>THE ECLIPSE FOUNDATION MAKES AVAILABLE SOFTWARE, DOCUMENTATION, INFORMATION AND/OR OTHER MATERIALS FOR OPEN SOURCE PROJECTS
+   (COLLECTIVELY &quot;CONTENT&quot;).  USE OF THE CONTENT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT AND/OR THE TERMS AND
+   CONDITIONS OF LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW.  BY USING THE CONTENT, YOU AGREE THAT YOUR USE
+   OF THE CONTENT IS GOVERNED BY THIS AGREEMENT AND/OR THE TERMS AND CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR
+   NOTICES INDICATED OR REFERENCED BELOW.  IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND THE TERMS AND
+   CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW, THEN YOU MAY NOT USE THE CONTENT.</p>
+
+<h3>Applicable Licenses</h3>
+
+<p>Unless otherwise indicated, all Content made available by the Eclipse Foundation is provided to you under the terms and conditions of the Eclipse Public License Version 1.0
+   (&quot;EPL&quot;).  A copy of the EPL is provided with this Content and is also available at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>.
+   For purposes of the EPL, &quot;Program&quot; will mean the Content.</p>
+
+<p>Content includes, but is not limited to, source code, object code, documentation and other files maintained in the Eclipse Foundation source code
+   repository (&quot;Repository&quot;) in software modules (&quot;Modules&quot;) and made available as downloadable archives (&quot;Downloads&quot;).</p>
+
+<ul>
+       <li>Content may be structured and packaged into modules to facilitate delivering, extending, and upgrading the Content.  Typical modules may include plug-ins (&quot;Plug-ins&quot;), plug-in fragments (&quot;Fragments&quot;), and features (&quot;Features&quot;).</li>
+       <li>Each Plug-in or Fragment may be packaged as a sub-directory or JAR (Java&trade; ARchive) in a directory named &quot;plugins&quot;.</li>
+       <li>A Feature is a bundle of one or more Plug-ins and/or Fragments and associated material.  Each Feature may be packaged as a sub-directory in a directory named &quot;features&quot;.  Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of the Plug-ins
+      and/or Fragments associated with that Feature.</li>
+       <li>Features may also include other Features (&quot;Included Features&quot;). Within a Feature, files named &quot;feature.xml&quot; may contain a list of the names and version numbers of Included Features.</li>
+</ul>
+
+<p>The terms and conditions governing Plug-ins and Fragments should be contained in files named &quot;about.html&quot; (&quot;Abouts&quot;). The terms and conditions governing Features and
+Included Features should be contained in files named &quot;license.html&quot; (&quot;Feature Licenses&quot;).  Abouts and Feature Licenses may be located in any directory of a Download or Module
+including, but not limited to the following locations:</p>
+
+<ul>
+       <li>The top-level (root) directory</li>
+       <li>Plug-in and Fragment directories</li>
+       <li>Inside Plug-ins and Fragments packaged as JARs</li>
+       <li>Sub-directories of the directory named &quot;src&quot; of certain Plug-ins</li>
+       <li>Feature directories</li>
+</ul>
+
+<p>Note: if a Feature made available by the Eclipse Foundation is installed using the Provisioning Technology (as defined below), you must agree to a license (&quot;Feature Update License&quot;) during the
+installation process.  If the Feature contains Included Features, the Feature Update License should either provide you with the terms and conditions governing the Included Features or
+inform you where you can locate them.  Feature Update Licenses may be found in the &quot;license&quot; property of files named &quot;feature.properties&quot; found within a Feature.
+Such Abouts, Feature Licenses, and Feature Update Licenses contain the terms and conditions (or references to such terms and conditions) that govern your use of the associated Content in
+that directory.</p>
+
+<p>THE ABOUTS, FEATURE LICENSES, AND FEATURE UPDATE LICENSES MAY REFER TO THE EPL OR OTHER LICENSE AGREEMENTS, NOTICES OR TERMS AND CONDITIONS.  SOME OF THESE
+OTHER LICENSE AGREEMENTS MAY INCLUDE (BUT ARE NOT LIMITED TO):</p>
+
+<ul>
+       <li>Eclipse Distribution License Version 1.0 (available at <a href="http://www.eclipse.org/licenses/edl-v10.html">http://www.eclipse.org/licenses/edl-v1.0.html</a>)</li>
+       <li>Common Public License Version 1.0 (available at <a href="http://www.eclipse.org/legal/cpl-v10.html">http://www.eclipse.org/legal/cpl-v10.html</a>)</li>
+       <li>Apache Software License 1.1 (available at <a href="http://www.apache.org/licenses/LICENSE">http://www.apache.org/licenses/LICENSE</a>)</li>
+       <li>Apache Software License 2.0 (available at <a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a>)</li>
+       <li>Metro Link Public License 1.00 (available at <a href="http://www.opengroup.org/openmotif/supporters/metrolink/license.html">http://www.opengroup.org/openmotif/supporters/metrolink/license.html</a>)</li>
+       <li>Mozilla Public License Version 1.1 (available at <a href="http://www.mozilla.org/MPL/MPL-1.1.html">http://www.mozilla.org/MPL/MPL-1.1.html</a>)</li>
+</ul>
+
+<p>IT IS YOUR OBLIGATION TO READ AND ACCEPT ALL SUCH TERMS AND CONDITIONS PRIOR TO USE OF THE CONTENT.  If no About, Feature License, or Feature Update License is provided, please
+contact the Eclipse Foundation to determine what terms and conditions govern that particular Content.</p>
+
+
+<h3>Use of Provisioning Technology</h3>
+
+<p>The Eclipse Foundation makes available provisioning software, examples of which include, but are not limited to, p2 and the Eclipse
+   Update Manager (&quot;Provisioning Technology&quot;) for the purpose of allowing users to install software, documentation, information and/or
+   other materials (collectively &quot;Installable Software&quot;). This capability is provided with the intent of allowing such users to
+   install, extend and update Eclipse-based products. Information about packaging Installable Software is available at <a
+       href="http://eclipse.org/equinox/p2/repository_packaging.html">http://eclipse.org/equinox/p2/repository_packaging.html</a>
+   (&quot;Specification&quot;).</p>
+
+<p>You may use Provisioning Technology to allow other parties to install Installable Software. You shall be responsible for enabling the
+   applicable license agreements relating to the Installable Software to be presented to, and accepted by, the users of the Provisioning Technology
+   in accordance with the Specification. By using Provisioning Technology in such a manner and making it available in accordance with the
+   Specification, you further acknowledge your agreement to, and the acquisition of all necessary rights to permit the following:</p>
+
+<ol>
+       <li>A series of actions may occur (&quot;Provisioning Process&quot;) in which a user may execute the Provisioning Technology
+       on a machine (&quot;Target Machine&quot;) with the intent of installing, extending or updating the functionality of an Eclipse-based
+       product.</li>
+       <li>During the Provisioning Process, the Provisioning Technology may cause third party Installable Software or a portion thereof to be
+       accessed and copied to the Target Machine.</li>
+       <li>Pursuant to the Specification, you will provide to the user the terms and conditions that govern the use of the Installable
+       Software (&quot;Installable Software Agreement&quot;) and such Installable Software Agreement shall be accessed from the Target
+       Machine in accordance with the Specification. Such Installable Software Agreement must inform the user of the terms and conditions that govern
+       the Installable Software and must solicit acceptance by the end user in the manner prescribed in such Installable Software Agreement. Upon such
+       indication of agreement by the user, the provisioning Technology will complete installation of the Installable Software.</li>
+</ol>
+
+<h3>Cryptography</h3>
+
+<p>Content may contain encryption software. The country in which you are currently may have restrictions on the import, possession, and use, and/or re-export to
+   another country, of encryption software. BEFORE using any encryption software, please check the country's laws, regulations and policies concerning the import,
+   possession, or use, and re-export of encryption software, to see if this is permitted.</p>
+
+<p><small>Java and all Java-based trademarks are trademarks of Oracle Corporation in the United States, other countries, or both.</small></p>
+</body>
+</html>
+
diff --git a/org.eclipse.lyo.server.oauth.webapp/pom.xml b/org.eclipse.lyo.server.oauth.webapp/pom.xml
index 9e91ae4..ae85c1c 100644
--- a/org.eclipse.lyo.server.oauth.webapp/pom.xml
+++ b/org.eclipse.lyo.server.oauth.webapp/pom.xml
@@ -54,6 +54,11 @@
 			<artifactId>wink-server</artifactId>
 			<version>1.1.3-incubating</version>
 		</dependency>
+		<dependency>
+			<groupId>org.apache.wink</groupId>
+			<artifactId>wink-json4j</artifactId>
+			<version>1.1.3-incubating</version>
+		</dependency>
 	</dependencies>
 
 	<build>
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/ConsumersService.java b/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/ConsumersService.java
new file mode 100644
index 0000000..4c74250
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/ConsumersService.java
@@ -0,0 +1,190 @@
+/*******************************************************************************
+ * Copyright (c) 2012 IBM Corporation.
+ *
+ *  All rights reserved. This program and the accompanying materials
+ *  are made available under the terms of the Eclipse Public License v1.0
+ *  and Eclipse Distribution License v. 1.0 which accompanies this distribution.
+ *  
+ *  The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
+ *  and the Eclipse Distribution License is available at
+ *  http://www.eclipse.org/org/documents/edl-v10.php.
+ *  
+ *  Contributors:
+ *  
+ *     IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.lyo.server.oauth.webapp.services;
+
+import java.util.Collection;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.DELETE;
+import javax.ws.rs.FormParam;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.Response.Status;
+
+import net.oauth.OAuthProblemException;
+
+import org.apache.wink.json4j.JSONArray;
+import org.apache.wink.json4j.JSONException;
+import org.apache.wink.json4j.JSONObject;
+import org.eclipse.lyo.server.oauth.core.OAuthConfiguration;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
+import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
+
+/**
+ * Manages OAuth consumers for this provider.
+ * 
+ * @author Samuel Padgett <spadgett@us.ibm.com>
+ */
+@Path("/oauth/consumers")
+public class ConsumersService {
+	
+	@Context protected HttpServletRequest httpRequest;
+	@Context protected HttpServletResponse httpResponse;
+
+	@GET
+	@Produces({ MediaType.APPLICATION_JSON })
+	public Response getAllConsumers() throws JSONException {
+		try {
+			if (!OAuthConfiguration.getInstance().getApplication()
+					.isAdminSession(httpRequest)) {
+				return Response.status(Status.FORBIDDEN)
+						.type(MediaType.TEXT_PLAIN)
+						.entity("You must be an administrator.").build();
+			}
+
+			Collection<LyoOAuthConsumer> consumers = OAuthConfiguration
+					.getInstance().getConsumerStore().getAllConsumers();
+			JSONArray provisionalConsumers = new JSONArray();
+			JSONArray approvedConsumers = new JSONArray();
+
+			for (LyoOAuthConsumer consumer : consumers) {
+				if (consumer.isProvisional()) {
+					provisionalConsumers.add(asJson(consumer));
+				} else {
+					approvedConsumers.add(asJson(consumer));
+				}
+			}
+
+			JSONObject response = new JSONObject();
+			response.put("provisional", provisionalConsumers);
+			response.put("approved", approvedConsumers);
+
+			return Response.ok(response.write()).type(MediaType.APPLICATION_JSON)
+					.build();
+		} catch (ConsumerStoreException e) {
+			return handleConsumerStoreException(e);
+		} catch (OAuthProblemException e) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
+		}
+	}
+	
+	/**
+	 * Updates an OAuth consumer.
+	 * 
+	 * @param key
+	 *            the consumer key
+	 * @param name
+	 *            the new name or null
+	 * @param trusted
+	 *            "true" the consumer is trusted. Can be null.
+	 * @param provisional
+	 *            "true" if the consumer is provisional or "false" if the
+	 *            consumer is authorized. Can be null.
+	 * @return the HTTP response
+	 */
+	@POST
+	@Path("/{key}")
+	@Consumes({ MediaType.APPLICATION_FORM_URLENCODED })
+	public Response updateConsumer(@PathParam("key") String key,
+			@FormParam("name") String name,
+			@FormParam("trusted") String trusted,
+			@FormParam("provisional") String provisional) {
+		try {
+			if (!OAuthConfiguration.getInstance().getApplication()
+					.isAdminSession(httpRequest)) {
+				return Response.status(Status.FORBIDDEN)
+						.type(MediaType.TEXT_PLAIN)
+						.entity("You must be an administrator.").build();
+			}
+			
+			ConsumerStore store = OAuthConfiguration.getInstance()
+					.getConsumerStore();
+			LyoOAuthConsumer consumer = store.getConsumer(key);
+			if (consumer == null) {
+				return Response.status(Status.NOT_FOUND).build();
+			}
+			if (name != null) {
+				consumer.setName(name);
+			}
+			if (trusted != null) {
+				consumer.setTrusted("true".equals(trusted));
+			}
+			if (provisional != null) {
+				consumer.setProvisional("true".equals(provisional));
+			}
+			store.updateConsumer(consumer);
+			
+			return Response.noContent().build();
+		} catch (ConsumerStoreException e) {
+			return handleConsumerStoreException(e);
+		} catch (OAuthProblemException e) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
+		}
+	}
+
+	/**
+	 * Deletes an OAuth consumer.
+	 * 
+	 * @param key
+	 *            the consumer key
+	 * @return the HTTP response
+	 */
+	@DELETE
+	@Path("/{key}")
+	public Response removeConsumer(@PathParam("key") String key) {
+		try {
+			if (!OAuthConfiguration.getInstance().getApplication()
+					.isAdminSession(httpRequest)) {
+				return Response.status(Status.FORBIDDEN)
+						.type(MediaType.TEXT_PLAIN)
+						.entity("You must be an administrator.").build();
+			}
+			
+			OAuthConfiguration.getInstance().getConsumerStore()
+					.removeConsumer(key);
+			return Response.noContent().build();
+		} catch (ConsumerStoreException e) {
+			return handleConsumerStoreException(e);
+		} catch (OAuthProblemException e) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
+		}
+	}
+
+	protected Response handleConsumerStoreException(ConsumerStoreException e) {
+		e.printStackTrace();
+		return Response.status(Status.CONFLICT).type(MediaType.TEXT_PLAIN)
+				.entity(e.getMessage()).build();
+	}
+
+	protected JSONObject asJson(LyoOAuthConsumer consumer) throws JSONException {
+		JSONObject o = new JSONObject();
+		o.put("name", consumer.getName());
+		o.put("key", consumer.consumerKey);
+		o.put("provisional", consumer.isProvisional());
+		o.put("trusted", consumer.isTrusted());
+
+		return o;
+	}
+}
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/OAuthService.java b/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/OAuthService.java
index e1f7c59..58c5d47 100644
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/OAuthService.java
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/java/org/eclipse/lyo/server/oauth/webapp/services/OAuthService.java
@@ -16,16 +16,21 @@
 package org.eclipse.lyo.server.oauth.webapp.services;
 
 import java.io.IOException;
+import java.net.InetAddress;
 import java.net.URISyntaxException;
 import java.util.List;
+import java.util.UUID;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.Consumes;
 import javax.ws.rs.FormParam;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
@@ -42,11 +47,14 @@ import net.oauth.OAuthProblemException;
 import net.oauth.OAuthValidator;
 import net.oauth.server.OAuthServlet;
 
-import org.eclipse.lyo.server.oauth.core.Authentication;
+import org.apache.wink.json4j.JSON;
+import org.apache.wink.json4j.JSONException;
+import org.apache.wink.json4j.JSONObject;
+import org.eclipse.lyo.server.oauth.core.Application;
 import org.eclipse.lyo.server.oauth.core.AuthenticationException;
 import org.eclipse.lyo.server.oauth.core.OAuthConfiguration;
 import org.eclipse.lyo.server.oauth.core.OAuthRequest;
-import org.eclipse.lyo.server.oauth.core.consumer.ConsumerRegistry;
+import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
 import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
 import org.eclipse.lyo.server.oauth.core.token.TokenStrategy;
 
@@ -155,8 +163,8 @@ public class OAuthService {
 			String consumerKey = config.getTokenStrategy()
 					.validateRequestToken(httpRequest, message);
 			
-			LyoOAuthConsumer consumer = ConsumerRegistry.getInstance()
-					.getConsumer(consumerKey);
+			LyoOAuthConsumer consumer = OAuthConfiguration.getInstance()
+					.getConsumerStore().getConsumer(consumerKey);
 
 			// Pass some data to the JSP.
 			httpRequest.setAttribute("requestToken", message.getToken());
@@ -168,16 +176,9 @@ public class OAuthService {
 			httpRequest.setAttribute("callbackConfirmed", new Boolean(
 					callbackConfirmed));
 
-			Authentication auth = config.getAuthentication();
-			if (auth == null) {
-				return Response.status(Status.SERVICE_UNAVAILABLE)
-						.type(MediaType.TEXT_PLAIN)
-						.entity("OAuth service is not configured.").build();
-			}
-
 			// The application name is displayed on the OAuth login page.
 			httpRequest.setAttribute("applicationName",
-					auth.getApplicationName());
+					config.getApplication().getName());
 
 			// Show the login page.
 			httpRequest.getRequestDispatcher("/oauth/login.jsp").forward(
@@ -237,11 +238,11 @@ public class OAuthService {
 	public Response login(@FormParam("id") String id,
 			@FormParam("password") String password,
 			@FormParam("requestToken") String requestToken) {
-		Authentication auth = OAuthConfiguration.getInstance()
-				.getAuthentication();
-
 		try {
-			auth.login(httpRequest, id, password);
+			OAuthConfiguration.getInstance().getApplication()
+					.login(httpRequest, id, password);
+		} catch (OAuthException e) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
 		} catch (AuthenticationException e) {
 			String message = e.getMessage();
 			if (message == null || "".equals(message)) {
@@ -259,7 +260,7 @@ public class OAuthService {
 					.entity("Request token invalid.")
 					.type(MediaType.TEXT_PLAIN).build();
 		}
-		
+
 		return Response.noContent().build();
 	}
 
@@ -310,9 +311,193 @@ public class OAuthService {
 	}
 
 	/**
+	 * Generates a provisional consumer key. This request must be later approved
+	 * by an administrator.
+	 * 
+	 * @return a JSON response with the provisional key
+	 * @throws IOException
+	 * @throws NullPointerException
+	 * @see <a href="https://jazz.net/wiki/bin/view/Main/RootServicesSpecAddendum2">Jazz Root Services Spec Addendum2</a>
+	 */
+	@POST
+	@Path("/requestKey")
+	// Some consumers do not set an appropriate Content-Type header.
+	//@Consumes({ MediaType.APPLICATION_JSON })
+	@Produces({ MediaType.APPLICATION_JSON })
+	public Response provisionalKey()
+			throws NullPointerException, IOException {
+		try {
+			// Create the consumer from the request.
+			JSONObject request = (JSONObject) JSON.parse(httpRequest
+					.getInputStream());
+
+			String name = null;
+			if (request.has("name") && request.get("name") != null) {
+				name = request.getString("name");
+			}
+			
+			if (name == null || name.trim().equals("")) {
+				name = getRemoteHost();
+			}
+
+			String secret = request.getString("secret");
+
+			boolean trusted = false;
+			if (request.has("trusted")) {
+				trusted = "true".equals(request.getString("trusted"));
+			}
+
+			String key = UUID.randomUUID().toString();
+			LyoOAuthConsumer consumer = new LyoOAuthConsumer(key, secret);
+			consumer.setName(name);
+			consumer.setProvisional(true);
+			consumer.setTrusted(trusted);
+			
+			// Add the consumer to the store.
+			OAuthConfiguration.getInstance().getConsumerStore().addConsumer(consumer);
+
+			// Respond with the consumer key.
+			JSONObject response = new JSONObject();
+			response.put("key", key);
+			
+			return Response.ok(response.write()).build();
+		} catch (JSONException e) {
+			e.printStackTrace();
+			return Response.status(Status.BAD_REQUEST).build();
+		} catch (ConsumerStoreException e) {
+			e.printStackTrace();
+			return Response.status(Status.SERVICE_UNAVAILABLE)
+					.type(MediaType.TEXT_PLAIN).entity(e.getMessage()).build();
+		}
+	}
+
+	/**
+	 * Shows the approval page for a single provisional consumer. Shows the
+	 * consumer management page instead if no key is passed in.
+	 * 
+	 * @param key
+	 *            the consumer
+	 * @return the approve consumer page
+	 * @throws ServletException
+	 *             on errors showing the JSP
+	 * @throws IOException
+	 *             on errors showing the JSP
+	 * @see #showConsumerKeyManagementPage()
+	 */
+	@GET
+	@Path("/approveKey")
+	@Produces({ MediaType.TEXT_HTML })
+	public Response showApproveKeyPage(@QueryParam("key") String key)
+			throws ServletException, IOException {
+		if (key == null || "".equals(key)) {
+			return showConsumerKeyManagementPage();
+		}
+
+		try {
+			Application app = OAuthConfiguration.getInstance().getApplication();
+			
+			// The application name is displayed on approval page.
+			httpRequest.setAttribute("applicationName", app.getName());
+
+			if (!app.isAdminSession(httpRequest)) {
+				return showAdminLogin();
+			}
+
+			LyoOAuthConsumer provisionalConsumer = OAuthConfiguration
+					.getInstance().getConsumerStore().getConsumer(key);
+
+			if (provisionalConsumer == null) {
+				return Response.status(Status.BAD_REQUEST).build();
+			}
+
+			httpRequest.setAttribute("consumerName",
+					provisionalConsumer.getName());
+			httpRequest.setAttribute("consumerKey",
+					provisionalConsumer.consumerKey);
+			httpRequest
+					.setAttribute("trusted", provisionalConsumer.isTrusted());
+			final String dispatchTo = (provisionalConsumer.isProvisional()) ? "/oauth/approveKey.jsp"
+					: "/oauth/keyAlreadyApproved.jsp";
+			httpRequest.getRequestDispatcher(dispatchTo).forward(httpRequest,
+					httpResponse);
+			return null;
+
+		} catch (ConsumerStoreException e) {
+			e.printStackTrace();
+			return Response.status(Status.CONFLICT).type(MediaType.TEXT_PLAIN)
+					.entity(e.getMessage()).build();
+		} catch (OAuthProblemException e) {
+			return respondWithOAuthProblem(e);
+		}
+	}
+
+	/**
+	 * Shows the consumer management page, which allows administrator to approve
+	 * or remove OAuth consumers.
+	 * 
+	 * @return the consumer management page
+	 * @throws ServletException
+	 *             on JSP errors
+	 * @throws IOException
+	 *             on JSP errors
+	 */
+	@GET
+	@Path("/admin")
+	public Response showConsumerKeyManagementPage() throws ServletException,
+			IOException {
+		try {
+			Application app = OAuthConfiguration.getInstance().getApplication();
+
+			httpRequest.setAttribute("applicationName", app.getName());
+			if (!app.isAdminSession(httpRequest)) {
+				return showAdminLogin();
+			}
+		} catch (OAuthException e) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
+		}
+
+		httpRequest.getRequestDispatcher("/oauth/manage.jsp").forward(
+				httpRequest, httpResponse);
+		return null;
+	}
+	
+	/**
+	 * Validates that the ID and password are for an administrator. This is used
+	 * by the admin login page to protect the OAuth administration pages.
+	 * 
+	 * @return the response, 409 if login failed or 204 if successful
+	 */
+	@POST
+	@Path("/adminLogin")
+	public Response login(@FormParam("id") String id,
+			@FormParam("password") String password) {
+		try {
+			Application app = OAuthConfiguration.getInstance().getApplication();
+			app.login(httpRequest, id, password);
+
+			if (app.isAdminSession(httpRequest)) {
+				return Response.noContent().build();
+			}
+
+			return Response.status(Status.CONFLICT)
+					.entity("The user '" + id + "' is not an administrator.")
+					.type(MediaType.TEXT_PLAIN).build();
+		} catch (OAuthException e) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
+		} catch (AuthenticationException e) {
+			String message = e.getMessage();
+			if (message == null || "".equals(message)) {
+				message = "Incorrect username or password.";
+			}
+			return Response.status(Status.CONFLICT).entity(message)
+					.type(MediaType.TEXT_PLAIN).build();
+		}
+	}
+
+	/**
 	 * Validates this is a known consumer and the request is valid using
-	 * {@link OAuthValidator#validateMessage(net.oauth.OAuthMessage, OAuthAccessor)}
-	 * . Does <b>not</b> check for any tokens
+	 * {@link OAuthValidator#validateMessage(net.oauth.OAuthMessage, OAuthAccessor)}.
+	 * Does <b>not</b> check for any tokens.
 	 * 
 	 * @return an OAuthRequest
 	 * @throws OAuthException
@@ -355,8 +540,41 @@ public class OAuthService {
 
 	protected Response respondWithOAuthProblem(OAuthException e)
 			throws IOException, ServletException {
-		OAuthServlet.handleException(httpResponse, e, OAuthConfiguration
-				.getInstance().getRealm());
+		try {
+			OAuthServlet.handleException(httpResponse, e, OAuthConfiguration
+					.getInstance().getApplication().getRealm(httpRequest));
+		} catch (OAuthProblemException serviceUnavailableException) {
+			return Response.status(Status.SERVICE_UNAVAILABLE).build();
+		}
+		
 		return Response.status(Status.UNAUTHORIZED).build();
 	}
+
+	private String getRemoteHost() {
+		try {
+			// Try to get the hostname of the consumer.
+			return InetAddress.getByName(httpRequest.getRemoteHost())
+					.getCanonicalHostName();
+		} catch (Exception e) {
+			/*
+			 * Not fatal, and we shouldn't fail here. Fall back to returning
+			 * ServletRequest.getRemoveHost(). It might be the IP address, but
+			 * that's better than nothing.
+			 */
+			return httpRequest.getRemoteHost();
+		}
+	}
+
+	private Response showAdminLogin() throws ServletException, IOException {
+		StringBuffer callback = httpRequest.getRequestURL();
+		String query = httpRequest.getQueryString();
+		if (query != null) {
+			callback.append('?');
+			callback.append(query);
+		}
+		httpRequest.setAttribute("callback", callback.toString());
+		httpRequest.getRequestDispatcher("/oauth/adminLogin.jsp").forward(
+				httpRequest, httpResponse);
+		return null;
+	}
 }
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/WEB-INF/oauth-services b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/WEB-INF/oauth-services
index f280254..fc66f85 100644
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/WEB-INF/oauth-services
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/WEB-INF/oauth-services
@@ -1 +1,2 @@
+org.eclipse.lyo.server.oauth.webapp.services.ConsumersService
 org.eclipse.lyo.server.oauth.webapp.services.OAuthService
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/adminLogin.jsp b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/adminLogin.jsp
new file mode 100644
index 0000000..4ce2691
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/adminLogin.jsp
@@ -0,0 +1,61 @@
+<!DOCTYPE html>
+
+<%@ page language="java" contentType="text/html; UTF-8"
+	pageEncoding="UTF-8"%>
+<%@ page isELIgnored ="false" %> 
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+
+<html lang="en">
+
+<head>
+<meta charset="utf-8">
+<title><c:out value="${applicationName}">Administer</c:out> - Log In</title>
+<link type="text/css" href="<%=request.getContextPath()%>/oauth/stylesheets/theme.css" rel="stylesheet" ></link>
+<script
+	data-dojo-config="async: true"
+    type="text/javascript"
+    src="http://ajax.googleapis.com/ajax/libs/dojo/1.7.1/dojo/dojo.js">
+</script>
+<script type="text/javascript" src="<%=request.getContextPath()%>/oauth/scripts/adminLogin.js"></script>
+</head>
+
+<body>
+	<div id="content">
+		<%-- Creative Commons Image: http://openclipart.org/detail/211/shiny-key-by-tiothy --%>
+		<img src="<%=request.getContextPath()%>/oauth/images/key.png" style="float: right;">
+		<h1><c:out value="${applicationName}">Administer</c:out> - Log In</h1>
+
+		<form id="loginForm">
+		
+			<div>You must log in as an OAuth administrator to continue.</div>
+
+			<div id="error" class="error" style="display: hidden;"></div>
+			<input type="hidden" id="callback" value="<c:out value="${callback}"/>">
+			
+			<div>
+				<label for="id">Username:</label>
+			</div>
+			<div>
+			 	<input id="id" name="id" type="text" class="textField" required autofocus></input>
+				<script type="text/javascript">
+					// If no native HTML5 autofocus support, focus the ID field using JavaScript.
+		    		if (!("autofocus" in document.createElement("input"))) {
+		      			document.getElementById("id").focus();
+		    		}
+		  		</script>
+			</div>
+	
+			<div>
+				<label for="password">Password:</label>
+			</div>
+				<input id="password" name="password" type="password" class="textField"></input>
+			<div>
+			</div>
+			<div>
+				<input type="submit" value="Continue">
+			</div>
+		</form>
+	</div>
+</body>
+
+</html>
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/approveKey.jsp b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/approveKey.jsp
new file mode 100644
index 0000000..da952d2
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/approveKey.jsp
@@ -0,0 +1,113 @@
+<!DOCTYPE html>
+
+<%@ page language="java" contentType="text/html; UTF-8"
+	pageEncoding="UTF-8"%>
+<%@ page isELIgnored="false"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+
+<html lang="en">
+
+<head>
+<meta charset="utf-8">
+<title>Approve <c:out value="${applicationName}">OAuth</c:out>
+	Consumer</title>
+<link type="text/css"
+	href="<%=request.getContextPath()%>/oauth/stylesheets/theme.css" rel="stylesheet"></link>
+<script data-dojo-config="async: true" type="text/javascript"
+	src="http://ajax.googleapis.com/ajax/libs/dojo/1.7.1/dojo/dojo.js">
+</script>
+<script type="text/javascript">
+require([ "dojo/dom", "dojo/dom-style", "dojo/on", "dojo/_base/event", "dojo/_base/xhr", "dojo/ready" ],
+		function(dom, domStyle, on, event, xhr, ready) {
+	ready(function () {
+		on(dom.byId('approveConsumer'), 'submit', function(e) {
+			event.stop(e);
+			xhr.post({
+				url : 'consumers/' + encodeURIComponent(dom.byId('key').value),
+				content : {
+					provisional : 'false',
+					name : dom.byId('name').value,
+					trusted: (dom.byId('trusted').checked) ? 'true' : 'false'
+				},
+				load : function(response) {
+					domStyle.set('keyApproved', 'display', 'block');
+					domStyle.set('approveConsumer', 'display', 'none');
+				},
+				error : function() {
+					alert('An error occurred.');
+				}
+			});
+		});
+		
+		on(dom.byId('deny'), 'click', function(e) {
+			event.stop(e);
+			xhr.del({
+				url : 'consumers/' + encodeURIComponent(dom.byId('key').value),
+				load : function(response) {
+					domStyle.set('keyRejected', 'display', 'block');
+					domStyle.set('approveConsumer', 'display', 'none');
+				},
+				error : function() {
+					alert('An error occurred.');
+				}
+			});
+		});
+	});
+});
+</script>
+</head>
+
+<body>
+	<%-- Creative Commons Image: http://openclipart.org/detail/211/shiny-key-by-tiothy --%>
+	<img src="<%=request.getContextPath()%>/oauth/images/key.png"
+		style="float: right;">
+
+	<p id="keyApproved" style="display: none;">
+		You have <b>approved</b> consumer
+		<c:out value="${consumerKey}" />. Close the browser window to
+		continue.
+	</p>
+
+	<p id="keyRejected" style="display: none;">
+		You have <b>rejected</b> consumer
+		<c:out value="${consumerKey}" />. Close the browser window to
+		continue.
+	</p>
+
+	<form id="approveConsumer">
+		<div>
+			Allow this consumer to access <b><c:out
+					value="${applicationName}">Your Application</c:out></b>?
+		</div>
+
+		<div id="error" class="error" style="display: hidden;"></div>
+		<input type="hidden" id="key" name="key"
+			value="<c:out value="${consumerKey}"/>">
+
+		<table>
+			<tr>
+				<th><label for="name">Name:</label></th>
+				<td><input type="text" id="name" name="name"
+					value="<c:out value="${consumerName}"/>"
+					style="width: 100%;"
+					placeholder="Type a name for the consumer" required autofocus></td>
+			</tr>
+			<tr>
+				<th><label for="id">Key:</label></th>
+				<td><c:out value="${consumerKey}" /></td>
+			</tr>
+			<tr>
+				<td colspan="2"><input type="checkbox" id="trusted"
+					name="trusted" <c:if test="${trusted}">checked</c:if>> <label
+					for="trusted">Trusted</label></td>
+			</tr>
+		</table>
+
+		<div class="buttonBox">
+			<input type="submit" value="Allow">
+			<button type="button" id="deny">Deny</button>
+		</div>
+	</form>
+</body>
+
+</html>
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/key.png b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/key.png
index a3ddf0b..a3ddf0b 100644
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/key.png
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/key.png
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/no.gif b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/no.gif
new file mode 100644
index 0000000..2877ea2
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/no.gif
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/yes.gif b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/yes.gif
new file mode 100644
index 0000000..8202d32
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/images/yes.gif
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/keyAlreadyApproved.jsp b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/keyAlreadyApproved.jsp
new file mode 100644
index 0000000..9a30cb3
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/keyAlreadyApproved.jsp
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+
+<%@ page language="java" contentType="text/html; UTF-8"
+	pageEncoding="UTF-8"%>
+<%@ page isELIgnored="false"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+
+<html lang="en">
+
+<head>
+<meta charset="utf-8">
+<title><c:out value="${applicationName}">OAuth</c:out> Consumer
+	Approved</title>
+<link type="text/css"
+	href="<%=request.getContextPath()%>/oauth/stylesheets/theme.css" rel="stylesheet"></link>
+</head>
+<body>
+	<p>
+		<b><c:out value="${applicationName}">OAuth</c:out></b>
+		consumer
+		<b><c:out value="${consumerName}">
+			<c:out value="${consumerKey}" />
+		</c:out></b>
+		is already approved.
+	</p>
+	<p>
+		<a href="admin" target="_blank">Manage Consumers</a>
+	</p>
+</body>
+</html>
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.jsp b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.jsp
index 91fdc4e..d39b5ad 100644
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.jsp
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.jsp
@@ -9,20 +9,20 @@
 
 <head>
 <meta charset="utf-8">
-<title>Log In</title>
-<link type="text/css" href="<%=request.getContextPath()%>/oauth/theme.css" rel="stylesheet" ></link>
+<title>Connect to <c:out value="${applicationName}">Your Application</c:out></title>
+<link type="text/css" href="<%=request.getContextPath()%>/oauth/stylesheets/theme.css" rel="stylesheet" ></link>
 <script
 	data-dojo-config="async: true"
     type="text/javascript"
     src="http://ajax.googleapis.com/ajax/libs/dojo/1.7.1/dojo/dojo.js">
 </script>
-<script type="text/javascript" src="<%=request.getContextPath()%>/oauth/login.js"></script>
+<script type="text/javascript" src="<%=request.getContextPath()%>/oauth/scripts/login.js"></script>
 </head>
 
 <body>
 	<div id="content">
 		<%-- Creative Commons Image: http://openclipart.org/detail/211/shiny-key-by-tiothy --%>
-		<img src="<%=request.getContextPath()%>/oauth/key.png" style="float: right;">
+		<img src="<%=request.getContextPath()%>/oauth/images/key.png" style="float: right;">
 		<h1>Connect to <c:out value="${applicationName}">Your Application</c:out></h1>
 
 		<form id="loginForm">
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/manage.jsp b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/manage.jsp
new file mode 100644
index 0000000..fdc7925
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/manage.jsp
@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+
+<%@ page language="java" contentType="text/html; UTF-8"
+	pageEncoding="UTF-8"%>
+<%@ page isELIgnored="false"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+
+<html lang="en">
+
+<head>
+<meta charset="utf-8">
+<title><c:out value="${applicationName}"/> - Manage OAuth Consumers</title>
+<link type="text/css"
+	href="<%=request.getContextPath()%>/oauth/stylesheets/theme.css" rel="stylesheet"></link>
+<link type="text/css"
+	href="<%=request.getContextPath()%>/oauth/stylesheets/admin.css" rel="stylesheet"></link>
+<script data-dojo-config="async: true" type="text/javascript"
+	src="http://ajax.googleapis.com/ajax/libs/dojo/1.7.1/dojo/dojo.js">
+</script>
+<script type="text/javascript" src="<%=request.getContextPath()%>/oauth/scripts/manage.js"></script>
+</head>
+
+<body>
+	<h1><c:out value="${applicationName}"/> - Manage OAuth Consumers</h1>
+
+	<div class="content">
+
+		<%-- Creative Commons Image: http://openclipart.org/detail/211/shiny-key-by-tiothy --%>
+		<img src="<%=request.getContextPath()%>/oauth/images/key.png"
+			style="float: right;">
+
+		<div id="error" class="error" style="display: none;"></div>
+
+		<h2>Pending</h2>
+
+		<p id="noPendingMessage" class="message" style="display: none;">No pending consumers.</p>
+		<table id="pendingTable" class="consumers" style="display: none;">
+			<thead>
+				<tr>
+					<th class="consumerName">Name</th>
+					<th class="consumerKey">Key</th>
+					<th class="trusted">Trusted</th>
+					<th class="actions">Actions</th>
+				</tr>
+			</thead>
+			<tbody></tbody>
+		</table>
+
+		<h2>Active</h2>
+
+		<p id="noApprovedMessage" class="message" style="display: none;">No approved consumers.</p>
+		<table id="approvedTable" class="consumers" style="display: none;">
+			<thead>
+				<tr>
+					<th class="consumerName">Name</th>
+					<th class="consumerKey">Key</th>
+					<th class="trusted">Trusted</th>
+					<th class="actions">Actions</th>
+				</tr>
+			</thead>
+			<tbody></tbody>
+		</table>
+	</div>
+</body>
+
+</html>
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.js b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/adminLogin.js
index c788d51..9311e8c 100644
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.js
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/adminLogin.js
@@ -27,22 +27,19 @@ require([ "dojo/dom", "dojo/dom-construct", "dojo/on", "dojo/_base/event",
 		errorNode.style.display = 'block';
 	}
 
-	function returnToConsumer() {
+	function callback() {
 		var callback = dom.byId('callback').value;
 		if (callback) {
 			window.location = callback;
-		} else {
-			dom.byId('content').innerHTML =
-				'<div class="message">Request authorized. Close the browser window to continue.</div>';
 		}
 	}
 	
 	function submit() {
 		xhr.post({
-			url : 'login',
+			url : 'adminLogin',
 			form : 'loginForm',
 			load : function() {
-				returnToConsumer();
+				callback();
 			},
 			error : function(error, ioArgs) {
 				showError(ioArgs.xhr.responseText);
@@ -50,20 +47,10 @@ require([ "dojo/dom", "dojo/dom-construct", "dojo/on", "dojo/_base/event",
 		});
 	}
 
-	function cancel() {
-		dom.byId('content').innerHTML =
-			'<div class="message">Access denied. Close the browser window to continue.</div>';
-	}
-
 	ready(function() {
 		on(dom.byId('loginForm'), 'submit', function(e) {
 			event.stop(e);
 			submit();
 		});
-
-		on(dom.byId('cancel'), 'click', function(e) {
-			event.stop(e);
-			cancel();
-		});
 	});
 });
 \ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.js b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/login.js
index c788d51..c788d51 100644
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/login.js
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/login.js
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/manage.js b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/manage.js
new file mode 100644
index 0000000..82db0f3
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/scripts/manage.js
@@ -0,0 +1,237 @@
+/*******************************************************************************
+ * Copyright (c) 2012 IBM Corporation.
+ *
+ *  All rights reserved. This program and the accompanying materials
+ *  are made available under the terms of the Eclipse Public License v1.0
+ *  and Eclipse Distribution License v. 1.0 which accompanies this distribution.
+ *  
+ *  The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
+ *  and the Eclipse Distribution License is available at
+ *  http://www.eclipse.org/org/documents/edl-v10.php.
+ *  
+ *  Contributors:
+ *  
+ *     IBM Corporation - initial API and implementation
+ *******************************************************************************/
+require([ "dojo/dom", "dojo/dom-construct", "dojo/dom-style", "dojo/on",
+		"dojo/_base/array", "dojo/_base/xhr", "dojo/ready" ], function(dom,
+		domConstruct, domStyle, on, array, xhr, ready) {
+	var pending = {};
+	var approved = {};
+
+	function showError(message) {
+		var errorNode = dom.byId('error');
+		if (message) {
+			domConstruct.empty(errorNode);
+			errorNode.appendChild(document.createTextNode(message));
+		} else {
+			errorNode.innerHTML = 'An error occurred.';
+		}
+		domStyle.set(errorNode, 'display', 'block');
+	}
+
+	function clearError() {
+		domStyle.set('error', 'display', 'none');
+	}
+	
+	function isEmpty(map) {
+		for (key in map) {
+	        if (map.hasOwnProperty(key)) {
+	        	return false;
+	        }
+	    }
+		
+		return true;
+	}
+	
+	function showNoPending() {
+		domStyle.set('pendingTable', 'display', 'none');
+		domStyle.set('noPendingMessage', 'display', 'block');
+	}
+
+	function showNoApproved() {
+		domStyle.set('approvedTable', 'display', 'none');
+		domStyle.set('noApprovedMessage', 'display', 'block');
+	}
+	
+	function approve(consumer) {
+		var name = dom.byId('name-' + consumer.key).value;
+		if (!name) {
+			showError('You must give the consumer a name.');
+			return;
+		}
+		
+		xhr.post({
+			url : 'consumers/' + encodeURIComponent(consumer.key),
+			content : {
+				provisional : 'false',
+				name : name
+			},
+			load : function(response) {
+				clearError();
+				
+				consumer.name = name;
+				consumer.provisional = false;
+				
+				delete pending[consumer.key];
+				approved[consumer.key] = consumer;
+				
+				// Update the page.
+				domConstruct.destroy('tableRow-' + consumer.key);
+				var tbody = dom.byId('approvedTable').getElementsByTagName('tbody')[0];
+				createTableRow(consumer, tbody);
+				
+				if (isEmpty(pending)) {
+					showNoPending();
+				}
+				
+				domStyle.set('approvedTable', 'display', 'block');
+				domStyle.set('noApprovedMessage', 'display', 'none');
+			},
+			error : function() {
+				showError();
+			}
+		});
+	}
+	
+	function remove(consumer) {
+		if (confirm('Delete consumer ' + consumer.name + ' (' + consumer.key
+				+ ')?')) {
+			xhr.del({
+				url : 'consumers/' + encodeURIComponent(consumer.key),
+				load : function(response) {
+					clearError();
+					domConstruct.destroy('tableRow-' + consumer.key);
+					if (consumer.provisional) {
+						delete pending[consumer.key];
+						if (isEmpty(pending)) {
+							showNoPending();
+						}
+					} else {
+						delete approved[consumer.key];
+						if (isEmpty(approved)) {
+							showNoApproved();
+						}
+					}
+				},
+				error : function() {
+					showError();
+				}
+			});
+		}
+	}
+	
+	var PROVISIONAL_ACTIONS = [ {
+		name : 'Approve',
+		icon : '../../oauth/images/yes.gif',
+		callback : approve
+	}, {
+		name : 'Deny',
+		icon : '../../oauth/images/no.gif',
+		callback : remove
+	} ];
+
+	var APPROVED_ACTIONS = [ {
+		name : 'Remove',
+		icon : '../../oauth/images/no.gif',
+		callback : remove
+	} ];
+
+	function createActions(consumer, node) {
+		var actions = (consumer.provisional) ? PROVISIONAL_ACTIONS
+				: APPROVED_ACTIONS;
+		array.forEach(actions, function(action) {
+			var img = domConstruct.create('img', {
+				'src' : action.icon,
+				'title' : action.name,
+				'class' : 'action'
+			}, node);
+			on(img, 'click', function() {
+				action.callback(consumer);
+			});
+		});
+	}
+
+	function createTableRow(consumer, tbody) {
+		var tr = domConstruct.create('tr', {
+			'id' : 'tableRow-' + consumer.key
+		}, tbody);
+		
+		var name = domConstruct.create('td', null, tr);
+		if (consumer.provisional) {
+			domConstruct.create('input', {
+				'type' : 'text',
+				'required' : 'true',
+				'id' : 'name-' + consumer.key,
+				'value' : consumer.name
+			}, name);
+		} else {
+			name.appendChild(document.createTextNode(consumer.name))
+		}
+		
+		var key = domConstruct.create('td', null, tr);
+		key.appendChild(document.createTextNode(consumer.key));
+		
+		var trusted = domConstruct.create('td', null, tr);
+		trusted.appendChild(document.createTextNode(consumer.trusted))
+		
+		var actionsNode = domConstruct.create('td', {
+			style : 'text-align: center;'
+		}, tr);
+		createActions(consumer, actionsNode);
+
+		return tr;
+	}
+
+	function populateTable(table, consumerArray) {
+		var tbody = table.getElementsByTagName('tbody')[0];
+		consumerArray.sort(function(left, right) {
+			if (left.name === right.name) {
+				return 0;
+			}
+			
+			return (left.name < right.name) ? -1 : 1;
+		});
+		array.forEach(consumerArray, function(consumer) {
+			if (consumer.provisional) {
+				pending[consumer.key] = consumer;
+			} else {
+				approved[consumer.key] = consumer;
+			}
+			createTableRow(consumer, tbody);
+		});
+		domStyle.set(table, 'display', 'block');
+	}
+
+	function showConsumers(consumers) {
+		if (consumers.provisional.length === 0) {
+			showNoPending();
+		} else {
+			populateTable(dom.byId('pendingTable'), consumers.provisional);
+		}
+
+		if (consumers.approved.length === 0) {
+			showNoApproved();
+		} else {
+			populateTable(dom.byId('approvedTable'), consumers.approved);
+		}
+	}
+
+	function load() {
+		xhr.get({
+			url : 'consumers',
+			headers : {
+				'Accept' : 'application/json'
+			},
+			handleAs : 'json',
+			load : showConsumers,
+			error : function() {
+				showError();
+			}
+		});
+	}
+
+	ready(function() {
+		load();
+	});
+});
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/stylesheets/admin.css b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/stylesheets/admin.css
new file mode 100644
index 0000000..fd0d9d5
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/stylesheets/admin.css
@@ -0,0 +1,59 @@
+body {
+	background-color: #F8F8F8;
+}
+
+.content {
+	background-color: #FDFDFD;
+	border-color: #BBBBBB;
+	border-radius: 5px 5px 5px 5px;
+	border-style: solid;
+	border-width: 1px;
+	margin: 0 auto;
+	padding: 10px;
+	position: relative;
+}
+
+.consumers thead {
+	background-color: #F8F8F8;
+}
+
+.message {
+	color: #666666;
+}
+
+th.consumerName, th.consumerKey {
+	width: 25em;
+}
+
+th.trusted, th.actions {
+	width: 5em;
+}
+
+th {
+	text-align: left;
+}
+
+tbody tr:hover {
+	background-color: #FFF4E2;
+}
+
+td img {
+	visibility: hidden;
+}
+
+tr:hover td img {
+	visibility: visible;
+}
+
+.action {
+	filter: progid:DXImageTransform.Microsoft.Alpha(opacity=50 );
+	-moz-opacity: 0.5;
+	opacity: 0.5;
+	padding: 0 0.25em;
+}
+
+.action:hover {
+	filter: progid:DXImageTransform.Microsoft.Alpha(opacity=100 );
+	-moz-opacity: 1;
+	opacity: 1;
+}
+\ No newline at end of file
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/stylesheets/theme.css b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/stylesheets/theme.css
new file mode 100644
index 0000000..c65a774
--- a/dev/null
+++ b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/stylesheets/theme.css
@@ -0,0 +1,39 @@
+body {
+	font-family: Arial, sans-serif;
+	font-size: 9pt;
+}
+
+h1 {
+	font-size: 16pt;
+	font-weight: normal;
+}
+
+h2 {
+	font-size: 12pt;
+	font-weight: normal;
+	margin-top: 0.25em;
+}
+
+label {
+	color: #666666;
+	text-align: right;
+}
+
+.textField {
+	width: 400px;
+	margin-bottom: 1em;
+}
+
+.error {
+	color: red;
+	padding-top: 0.5em;
+	padding-bottom: 0.5em;
+}
+
+.buttonBox {
+	margin-top: 1em;
+}
+
+form table th {
+	text-align: right;
+}
diff --git a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/theme.css b/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/theme.css
deleted file mode 100644
index aa2c16e..0000000
--- a/org.eclipse.lyo.server.oauth.webapp/src/main/webapp/oauth/theme.css
+++ b/dev/null
@@ -1,20 +0,0 @@
-body {
-	font-family: Arial, sans-serif;
-	font-size: 9pt;
-}
-
-label {
-	color: #666666;
-	text-align: right;
-}
-
-.textField {
-	width: 400px;
-	margin-bottom: 1em;
-}
-
-.error {
-	color: red;
-	padding-top: 5px;
-	padding-bottom: 5px;
-}
author	Samuel Padgett	2012-01-30 19:24:06 (EST)
committer	Michael Fiedler	2012-01-31 13:02:19 (EST)
commit	34e3643180a95bacc63873b1a3c6fea6e49234db (patch) (side-by-side diff)
tree	26b2d3b92cea0c5e51ddb584a88604dcb47eeaf7
parent	b7550372a30b7039472e7cc0e1fd0c99e90570c0 (diff)
download	org.eclipse.lyo.server-34e3643180a95bacc63873b1a3c6fea6e49234db.zip org.eclipse.lyo.server-34e3643180a95bacc63873b1a3c6fea6e49234db.tar.gz org.eclipse.lyo.server-34e3643180a95bacc63873b1a3c6fea6e49234db.tar.bz2