refactor

core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java

@@ -1,15 +1,13 @@
 package org.keycloak.representations.idm;
 
 import java.util.ArrayList;
-import java.util.HashSet;
 import java.util.List;
-import java.util.Set;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class ResourceRepresentation {
+public class ApplicationRepresentation {
     protected String self; // link
     protected String id;
     protected String name;
@@ -70,14 +68,14 @@ public class ResourceRepresentation {
         this.roles = roles;
     }
 
-    public ResourceRepresentation role(RoleRepresentation role) {
+    public ApplicationRepresentation role(RoleRepresentation role) {
         if (this.roles == null) this.roles = new ArrayList<RoleRepresentation>();
         this.roles.add(role);
         return this;
     }
 
 
-    public ResourceRepresentation role(String role, String description) {
+    public ApplicationRepresentation role(String role, String description) {
         if (this.roles == null) this.roles = new ArrayList<RoleRepresentation>();
         this.roles.add(new RoleRepresentation(role, description));
         return this;
@@ -123,7 +121,7 @@ public class ResourceRepresentation {
         this.credentials = credentials;
     }
 
-    public ResourceRepresentation credential(String type, String value) {
+    public ApplicationRepresentation credential(String type, String value) {
         if (this.credentials == null) credentials = new ArrayList<CredentialRepresentation>();
         CredentialRepresentation cred = new CredentialRepresentation();
         cred.setType(type);

core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java

@@ -17,16 +17,17 @@ public class RealmRepresentation {
     protected boolean enabled;
     protected boolean sslNotRequired;
     protected boolean cookieLoginAllowed;
+    protected boolean registrationAllowed;
     protected String privateKey;
     protected String publicKey;
     protected List<RoleRepresentation> roles;
-    protected List<String> requiredCredentials;
+    protected Set<String> requiredCredentials;
-    protected List<String> requiredResourceCredentials;
+    protected Set<String> requiredApplicationCredentials;
-    protected List<String> requiredOAuthClientCredentials;
+    protected Set<String> requiredOAuthClientCredentials;
     protected List<UserRepresentation> users;
     protected List<RoleMappingRepresentation> roleMappings;
     protected List<ScopeMappingRepresentation> scopeMappings;
-    protected List<ResourceRepresentation> resources;
+    protected List<ApplicationRepresentation> applications;
 
 
     public String getSelf() {
@@ -57,14 +58,14 @@ public class RealmRepresentation {
         return users;
     }
 
-    public List<ResourceRepresentation> getResources() {
+    public List<ApplicationRepresentation> getApplications() {
-        return resources;
+        return applications;
     }
 
-    public ResourceRepresentation resource(String name) {
+    public ApplicationRepresentation resource(String name) {
-        ResourceRepresentation resource = new ResourceRepresentation();
+        ApplicationRepresentation resource = new ApplicationRepresentation();
-        if (resources == null) resources = new ArrayList<ResourceRepresentation>();
+        if (applications == null) applications = new ArrayList<ApplicationRepresentation>();
-        resources.add(resource);
+        applications.add(resource);
         resource.setName(name);
         return resource;
     }
@@ -81,8 +82,8 @@ public class RealmRepresentation {
         return user;
     }
 
-    public void setResources(List<ResourceRepresentation> resources) {
+    public void setApplications(List<ApplicationRepresentation> applications) {
-        this.resources = resources;
+        this.applications = applications;
     }
 
     public boolean isEnabled() {
@@ -141,27 +142,27 @@ public class RealmRepresentation {
         return mapping;
     }
 
-    public List<String> getRequiredCredentials() {
+    public Set<String> getRequiredCredentials() {
         return requiredCredentials;
     }
 
-    public void setRequiredCredentials(List<String> requiredCredentials) {
+    public void setRequiredCredentials(Set<String> requiredCredentials) {
         this.requiredCredentials = requiredCredentials;
     }
 
-    public List<String> getRequiredResourceCredentials() {
+    public Set<String> getRequiredApplicationCredentials() {
-        return requiredResourceCredentials;
+        return requiredApplicationCredentials;
     }
 
-    public void setRequiredResourceCredentials(List<String> requiredResourceCredentials) {
+    public void setRequiredApplicationCredentials(Set<String> requiredApplicationCredentials) {
-        this.requiredResourceCredentials = requiredResourceCredentials;
+        this.requiredApplicationCredentials = requiredApplicationCredentials;
     }
 
-    public List<String> getRequiredOAuthClientCredentials() {
+    public Set<String> getRequiredOAuthClientCredentials() {
         return requiredOAuthClientCredentials;
     }
 
-    public void setRequiredOAuthClientCredentials(List<String> requiredOAuthClientCredentials) {
+    public void setRequiredOAuthClientCredentials(Set<String> requiredOAuthClientCredentials) {
         this.requiredOAuthClientCredentials = requiredOAuthClientCredentials;
     }
 
@@ -196,4 +197,12 @@ public class RealmRepresentation {
     public void setPublicKey(String publicKey) {
         this.publicKey = publicKey;
     }
+
+    public boolean isRegistrationAllowed() {
+        return registrationAllowed;
+    }
+
+    public void setRegistrationAllowed(boolean registrationAllowed) {
+        this.registrationAllowed = registrationAllowed;
+    }
 }

examples/as7-eap-demo/server/src/main/java/org/keycloak/example/demo/DemoApplication.java

@@ -1,6 +1,7 @@
 package org.keycloak.example.demo;
 
 import org.jboss.resteasy.jwt.JsonSerialization;
+import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.models.KeycloakSession;
@@ -40,7 +41,7 @@ public class DemoApplication extends KeycloakApplication {
         defaultRealm.setCookieLoginAllowed(true);
         defaultRealm.setRegistrationAllowed(true);
         manager.generateRealmKeys(defaultRealm);
-        defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
+        defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD);
         defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE);
 
         RealmRepresentation rep = loadJson("META-INF/testrealm.json");

examples/as7-eap-demo/server/src/main/resources/META-INF/persistence.xml

@@ -19,7 +19,7 @@
         <class>org.picketlink.idm.jpa.model.sample.simple.OTPCredentialTypeEntity</class>
         <class>org.picketlink.idm.jpa.model.sample.simple.AttributeTypeEntity</class>
         <class>org.keycloak.services.models.picketlink.mappings.RealmEntity</class>
-        <class>org.keycloak.services.models.picketlink.mappings.ResourceEntity</class>
+        <class>org.keycloak.services.models.picketlink.mappings.ApplicationEntity</class>
 
         <exclude-unlisted-classes>true</exclude-unlisted-classes>
         

examples/as7-eap-demo/server/src/main/resources/META-INF/testrealm.json

@@ -8,7 +8,7 @@
     "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
     "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
     "requiredCredentials": [ "password" ],
-    "requiredResourceCredentials": [ "password" ],
+    "requiredApplicationCredentials": [ "password" ],
     "requiredOAuthClientCredentials": [ "password" ],
     "users" : [
         {
@@ -57,7 +57,7 @@
             "roles": ["user"]
         }
     ],
-    "resources": [
+    "applications": [
         {
             "name": "customer-portal",
             "enabled": true,

examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js

@@ -27,25 +27,9 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location
 
     $http.get('/auth-server/rest/saas/admin/realms').success(function(data) {
         Current.realms = data;
-        var count = 0;
+        if (data.length > 0) {
-        var showrealm = false;
+            Current.realm = data[0];
-        var id = null;
+            $location.url("/realms/" + Current.realm.id);
-        for (var key in data) {
-            if (count > 0) {
-                showrealm = false;
-                break;
-            }
-            id = key;
-            showrealm = true;
-            count++;
-        }
-
-        if (showrealm) {
-            console.log('default redirect to realm: ' + id);
-            Current.realm = Current.realms[id];
-            $location.url("/realms/" + id);
-        } else {
-            //console.log('not redirecting');
         }
     });
 });
@@ -58,49 +42,58 @@ module.controller('RealmListCtrl', function($scope, Realm, Current) {
 module.controller('RealmDropdownCtrl', function($scope, Realm, Current, Auth, $location) {
 //    Current.realms = Realm.get();
     $scope.current = Current;
+    if (Current.realms.length > 0) {
+        console.log('[0]: ' + current.realms[0].realm);
+    }
     $scope.changeRealm = function() {
-        for (var id in Current.realms) {
+        $location.url("/realms/" + $scope.current.realm.id);
-            var val = Current.realms[id];
-            if (val == Current.realm) {
-               $location.url("/realms/" + id);
-               break;
-            }
-        }
     };
     $scope.showNav = function() {
-        var show = false;
+        var show = Current.realms.length > 0;
-        for (var key in Current.realms) {
+        console.log('Show dropdown? ' + show);
-            if (typeof Current.realms[key] != "function") {
-                if (Current.realms[key] == Current.realm) {
-                    $scope.currentRealmId = key;
-                }
-                show = true;
-            }
-        }
         return Auth.loggedIn && show;
     }
 });
 
-module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $location, Dialog, Notifications) {
+module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $http, $location, Dialog, Notifications) {
-	$scope.realm = angular.copy(realm);
 	$scope.createRealm = !realm.id;
 
     if ($scope.createRealm) {
-        $scope.realm.enabled = true;
+        $scope.realm = {
-        $scope.realm.requireSsl = true;
+            enabled: true,
-        $scope.realm.cookieLoginAllowed = true;
+            requireSsl: true,
-        $scope.realm.tokenLifespan = 300;
+            cookieLoginAllowed: true,
-        $scope.realm.tokenLifespanUnit = 'SECONDS';
+            tokenLifespan: 300,
-        $scope.realm.accessCodeLifespan = 300;
+            tokenLifespanUnit: 'SECONDS',
-        $scope.realm.accessCodeLifespanUnit = 'SECONDS';
+            accessCodeLifespan: 300,
-        $scope.realm.requiredCredentials = ['password'];
+            accessCodeLifespanUnit: 'SECONDS',
+            requiredCredentials: ['password']
+
+        };
     } else {
-        $scope.realm.name = realm.realm;
+        if (Current.realm == null || Current.realm.id != realm.id) {
-        $scope.realm.requireSsl = !$scope.realm.sslNotRequired;
+            for (var i = 0; i < Current.realms.length; i++) {
+                if (realm.id == Current.realms[i].id) {
+                    Current.realm = Current.realms[i];
+                    break;
+                }
+            }
+        }
+        if (Current.realm == null || Current.realm.id != realm.id) {
+            console.log('should be unreachable');
+            return;
+        }
+        $scope.realm = angular.copy(realm);
+        $scope.realm.requireSsl = !realm.sslNotRequired;
         $scope.realm.tokenLifespanUnit = 'SECONDS';
-        $scope.realm.acessCodeLifespanUnit = 'SECONDS';
+        $scope.realm.accessCodeLifespanUnit = 'SECONDS';
+
     }
 
+    var oldCopy = angular.copy($scope.realm);
+
+
+
     $scope.userCredentialOptions = {
        'multiple' : true,
         'simple_tags' : true,
@@ -110,93 +103,47 @@ module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $lo
 	$scope.changed = $scope.create;
 
 	$scope.$watch('realm', function() {
-		if (!angular.equals($scope.realm, realm)) {
+		if (!angular.equals($scope.realm, oldCopy)) {
 			$scope.changed = true;
 		}
 	}, true);
 
-	$scope.addRole = function() {
-		if ($scope.newRole) {
-			if ($scope.realm.roles) {
-				for ( var i = 0; i < $scope.realm.roles.length; i++) {
-					if ($scope.realm.roles[i] == $scope.newRole) {
-						Notifications.warn("Role already exists");
-						$scope.newRole = null;
-						return;
-					}
-				}
-			}
-
-			if (!$scope.realm.roles) {
-				$scope.realm.roles = [];
-			}
-
-			$scope.realm.roles.push($scope.newRole);
-			$scope.newRole = null;
-		}
-	}
-
-	$scope.removeRole = function(role) {
-		Dialog.confirmDelete(role, 'role', function() {
-			var i = $scope.realm.roles.indexOf(role);
-			if (i > -1) {
-				$scope.realm.roles.splice(i, 1);
-			}
-			
-			if ($scope.realm.initialRoles) {
-				$scope.removeInitialRole(role);
-			}
-		});
-	};
-
-	$scope.addInitialRole = function() {
-		if ($scope.newInitialRole) {
-			if (!$scope.realm.initialRoles) {
-				$scope.realm.initialRoles = [];
-			}
-
-			$scope.realm.initialRoles.push($scope.newInitialRole);
-			$scope.newInitialRole = null;
-		}
-	}
-
-	$scope.removeInitialRole = function(role) {
-		var i = $scope.realm.initialRoles.indexOf(role);
-		if (i > -1) {
-			$scope.realm.initialRoles.splice(i, 1);
-		}
-	};
-
 	$scope.save = function() {
 		if ($scope.realmForm.$valid) {
-            var realmCopy = {
+            var realmCopy = angular.copy($scope.realm);
-                realm: $scope.realm.name,
+            realmCopy.sslNotRequired = !realmCopy.requireSsl;
-                enabled: $scope.realm.enabled,
+            delete realmCopy["requireSsl"];
-                cookieLoginAllowed: $scope.realm.cookieLoginAllowed,
+            delete realmCopy["tokenLifespanUnit"];
-                sslNotRequired: !$scope.realm.requireSsl,
+            delete realmCopy["accessCodeLifespanUnit"];
-                tokenLifespan: $scope.realm.tokenLifespan,
-                accessCodeLifespan: $scope.realm.accessCodeLifespan,
-                requiredCredentials: $scope.realm.requiredCredentials
-
-            };
-
             if ($scope.createRealm) {
 				Realm.save(realmCopy, function(data, headers) {
+                    console.log('creating new realm');
 					var l = headers().location;
 					var id = l.substring(l.lastIndexOf("/") + 1);
-
+                    var data = Realm.query(function() {
-                    var data = Realm.get(function() {
                         Current.realms = data;
-                        Current.realm = Current.realms[id];
+                        for (var i = 0; i < Current.realms.length; i++) {
+                            if (Current.realms[i].id == id) {
+                                Current.realm = Current.realms[i];
+                            }
+                        }
                     });
                     $location.url("/realms/" + id);
 					Notifications.success("Created realm");
 				});
 			} else {
+                console.log('updating realm...');
 				Realm.update(realmCopy, function() {
-                    Current.realms = Realm.get();
+                    var id = realmCopy.id;
-					$scope.changed = false;
+                    var data = Realm.query(function() {
-					realm = angular.copy($scope.realm);
+                        Current.realms = data;
+                        for (var i = 0; i < Current.realms.length; i++) {
+                            if (Current.realms[i].id == id) {
+                                Current.realm = Current.realms[i];
+                            }
+                        }
+                    });
+                    $location.url("/realms/" + id);
 					Notifications.success("Saved changes to realm");
 				});
 			}
@@ -206,7 +153,7 @@ module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, $lo
 	};
 
 	$scope.reset = function() {
-		$scope.realm = angular.copy(realm);
+		$scope.realm = angular.copy(oldCopy);
 		$scope.changed = false;
 		$scope.realmForm.showErrors = false;
 	};

examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js

@@ -132,7 +132,7 @@ module.factory('Role', function($resource) {
 });
 
 module.factory('Application', function($resource) {
-    return $resource('/auth-server/rest/saas/admin/realms/:realm/resources/:id', {
+    return $resource('/auth-server/rest/saas/admin/realms/:realm/applications/:id', {
         realm : '@realm',
         id : '@id'
     },  {

examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular-scenario.js

@@ -22574,7 +22574,7 @@ var ngSubmitDirective = ngDirective(function(scope, element, attrs) {
  * @description
  * Fetches, compiles and includes an external HTML fragment.
  *
- * Keep in mind that Same Origin Policy applies to included resources
+ * Keep in mind that Same Origin Policy applies to included applications
  * (e.g. ngInclude won't work for cross-domain requests on all browsers and for
  *  file:// access on some browsers).
  *

examples/as7-eap-demo/server/src/main/webapp/saas/admin/lib/angular/angular.js

@@ -13168,7 +13168,7 @@ var ngSubmitDirective = ngDirective(function(scope, element, attrs) {
  * @description
  * Fetches, compiles and includes an external HTML fragment.
  *
- * Keep in mind that Same Origin Policy applies to included resources
+ * Keep in mind that Same Origin Policy applies to included applications
  * (e.g. ngInclude won't work for cross-domain requests on all browsers and for
  *  file:// access on some browsers).
  *

examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/menu.html

@@ -5,9 +5,9 @@
                 <nav id="global-nav">
                     <div data-ng-controller="RealmDropdownCtrl" >
                         <ul class="nav pull-left" data-ng-show="showNav()">
-                            <li class="divider-vertical-right"><a href="#/realms/{{currentRealmId}}">Realm</a></li>
+                            <li class="divider-vertical-right"><a href="#/realms/{{current.realm.id}}">Realm</a></li>
                         </ul>
-                        <select class="nav pull-left" data-ng-show="showNav()" ng-change="changeRealm()" ng-model="current.realm" ng-options="name for (id, name) in current.realms">
+                        <select class="nav pull-left" data-ng-show="showNav()" ng-change="changeRealm()" ng-model="current.realm" ng-options="r.realm for r in current.realms">
                         </select>
                         <!-- <select class="nav pull-left" ng-options="r.name for r in current.realms"></select> -->
                     </div>

examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/realm-detail.html

@@ -22,7 +22,7 @@
                         <label for="realmForm-name" class="control-label">Name</label>
 
                         <div class="controls">
-                            <input class="input-xlarge" type="text" name="name" data-ng-model="realm.name" autofocus
+                            <input class="input-xlarge" type="text" name="name" data-ng-model="realm.realm" autofocus
                                    required>
                         </div>
                     </div>
@@ -139,7 +139,6 @@
                     </button>
                     <button type="submit" data-ng-click="reset()" class="btn" data-ng-show="changed">Clear changes
                     </button>
-                    <a href="#/realms" data-ng-hide="changed">View realms &#187;</a>
                     <button type="submit" data-ng-click="remove()" class="btn btn-danger" data-ng-hide="changed">
                         Delete
                     </button>

examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/realm-menu.html

@@ -15,7 +15,7 @@
                             href="#/create/role/{{realm.id}}">New Role</a></li>
                 </ul>
             </li>
-            <li data-ng-class="path[2] == 'resources' && 'active'"><a href="#/realms/{{realm.id}}/applications">Manage Applications</a></li>
+            <li data-ng-class="path[2] == 'applications' && 'active'"><a href="#/realms/{{realm.id}}/applications">Manage Applications</a></li>
             <li data-ng-class="!path[2] && 'active'"><a href="#/realms/{{realm.id}}">Realm Settings</a></li>
         </ul>
     </nav>

integration/as7-eap6/adapter/src/main/java/org/keycloak/adapters/as7/OAuthAuthenticationServerValve.java

@@ -447,7 +447,7 @@ public class OAuthAuthenticationServerValve extends FormAuthenticator implements
         userSessionManagement.logout(username);
         request.setUserPrincipal(null);
         request.setAuthType(null);
-        // logout user on all declared authenticated resources
+        // logout user on all declared authenticated applications
         logoutResources(username, admin);
         redirectToWelcomePage(request, response);
     }

services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java

@@ -206,7 +206,7 @@ public class AuthenticationManager {
 
         List<RequiredCredentialModel> requiredCredentials = null;
         if (realm.hasRole(user, RealmManager.RESOURCE_ROLE)) {
-            requiredCredentials = realm.getRequiredResourceCredentials();
+            requiredCredentials = realm.getRequiredApplicationCredentials();
         } else if (realm.hasRole(user, RealmManager.IDENTITY_REQUESTER_ROLE)) {
             requiredCredentials = realm.getRequiredOAuthClientCredentials();
         } else {

services/src/main/java/org/keycloak/services/managers/RealmManager.java

@@ -1,21 +1,14 @@
 package org.keycloak.services.managers;
 
-import org.keycloak.representations.idm.CredentialRepresentation;
+import org.jboss.resteasy.logging.Logger;
-import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.representations.idm.*;
-import org.keycloak.representations.idm.ResourceRepresentation;
+import org.keycloak.representations.idm.ApplicationRepresentation;
-import org.keycloak.representations.idm.RoleMappingRepresentation;
-import org.keycloak.representations.idm.RoleRepresentation;
-import org.keycloak.representations.idm.ScopeMappingRepresentation;
-import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.services.models.*;
 
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
-import java.util.ArrayList;
+import java.util.*;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
 import java.util.concurrent.atomic.AtomicLong;
 
 /**
@@ -25,6 +18,7 @@ import java.util.concurrent.atomic.AtomicLong;
  * @version $Revision: 1 $
  */
 public class RealmManager {
+    protected static final Logger logger = Logger.getLogger(RealmManager.class);
     private static AtomicLong counter = new AtomicLong(1);
     public static final String RESOURCE_ROLE = "KEYCLOAK_RESOURCE";
     public static final String IDENTITY_REQUESTER_ROLE = "KEYCLOAK_IDENTITY_REQUESTER";
@@ -72,6 +66,26 @@ public class RealmManager {
         realm.setPublicKey(keyPair.getPublic());
     }
 
+    public void updateRealm(RealmRepresentation rep, RealmModel realm) {
+        if (rep.getRealm() != null) realm.setName(rep.getRealm());
+        realm.setEnabled(rep.isEnabled());
+        realm.setCookieLoginAllowed(rep.isCookieLoginAllowed());
+        realm.setRegistrationAllowed(rep.isRegistrationAllowed());
+        realm.setSslNotRequired((rep.isSslNotRequired()));
+        realm.setAccessCodeLifespan(rep.getAccessCodeLifespan());
+        realm.setTokenLifespan(rep.getTokenLifespan());
+        if (rep.getRequiredOAuthClientCredentials() != null) {
+            realm.updateRequiredOAuthClientCredentials(rep.getRequiredOAuthClientCredentials());
+        }
+        if (rep.getRequiredCredentials() != null) {
+            logger.info("updating required credentials");
+            realm.updateRequiredCredentials(rep.getRequiredCredentials());
+        }
+        if (rep.getRequiredApplicationCredentials() != null) {
+            realm.updateRequiredApplicationCredentials(rep.getRequiredApplicationCredentials());
+        }
+    }
+
     public RealmModel importRealm(RealmRepresentation rep, UserModel realmCreator) {
         //verifyRealmRepresentation(rep);
         RealmModel realm = createRealm(rep.getRealm());
@@ -103,7 +117,7 @@ public class RealmManager {
             }
         }
 
-        if (rep.getRequiredResourceCredentials() != null) {
+        if (rep.getRequiredApplicationCredentials() != null) {
             for (String requiredCred : rep.getRequiredCredentials()) {
                 addResourceRequiredCredential(newRealm, requiredCred);
             }
@@ -130,7 +144,7 @@ public class RealmManager {
             }
         }
 
-        if (rep.getResources() != null) {
+        if (rep.getApplications() != null) {
             createResources(rep, newRealm);
         }
 
@@ -201,7 +215,7 @@ public class RealmManager {
      protected void createResources(RealmRepresentation rep, RealmModel realm) {
         RoleModel loginRole = realm.getRole(RealmManager.RESOURCE_ROLE);
         ResourceManager manager = new ResourceManager(this);
-        for (ResourceRepresentation resourceRep : rep.getResources()) {
+        for (ApplicationRepresentation resourceRep : rep.getApplications()) {
             manager.createResource(realm, loginRole, resourceRep);
         }
     }
@@ -226,21 +240,21 @@ public class RealmManager {
         rep.setAccessCodeLifespan(realm.getAccessCodeLifespan());
         List<RequiredCredentialModel> requiredCredentialModels = realm.getRequiredCredentials();
         if (requiredCredentialModels.size() > 0) {
-            rep.setRequiredCredentials(new ArrayList<String>());
+            rep.setRequiredCredentials(new HashSet<String>());
             for (RequiredCredentialModel cred : requiredCredentialModels) {
                 rep.getRequiredCredentials().add(cred.getType());
             }
         }
-        List<RequiredCredentialModel> requiredResourceCredentialModels = realm.getRequiredResourceCredentials();
+        List<RequiredCredentialModel> requiredResourceCredentialModels = realm.getRequiredApplicationCredentials();
         if (requiredResourceCredentialModels.size() > 0) {
-            rep.setRequiredResourceCredentials(new ArrayList<String>());
+            rep.setRequiredApplicationCredentials(new HashSet<String>());
             for (RequiredCredentialModel cred : requiredResourceCredentialModels) {
-                rep.getRequiredResourceCredentials().add(cred.getType());
+                rep.getRequiredApplicationCredentials().add(cred.getType());
             }
         }
         List<RequiredCredentialModel> requiredOAuthCredentialModels = realm.getRequiredOAuthClientCredentials();
         if (requiredOAuthCredentialModels.size() > 0) {
-            rep.setRequiredOAuthClientCredentials(new ArrayList<String>());
+            rep.setRequiredOAuthClientCredentials(new HashSet<String>());
             for (RequiredCredentialModel cred : requiredOAuthCredentialModels) {
                 rep.getRequiredOAuthClientCredentials().add(cred.getType());
             }

services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java

@@ -6,7 +6,7 @@ import org.jboss.resteasy.logging.Logger;
 import org.keycloak.TokenIdGenerator;
 import org.keycloak.representations.idm.admin.LogoutAction;
 import org.keycloak.services.models.RealmModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 
 import javax.ws.rs.client.Entity;
 import javax.ws.rs.core.Form;
@@ -29,14 +29,14 @@ public class ResourceAdminManager {
                 .disableTrustManager() // todo fix this, should have a trust manager or a good default
                 .build();
 
-        List<ResourceModel> resources = realm.getResources();
+        List<ApplicationModel> resources = realm.getApplications();
         logger.info("logging out " + resources.size() + " resoures.");
-        for (ResourceModel resource : resources) {
+        for (ApplicationModel resource : resources) {
             logoutResource(realm, resource, user, client);
         }
     }
 
-    protected boolean logoutResource(RealmModel realm, ResourceModel resource, String user, ResteasyClient client) {
+    protected boolean logoutResource(RealmModel realm, ApplicationModel resource, String user, ResteasyClient client) {
         LogoutAction adminAction = new LogoutAction(TokenIdGenerator.generateId(), System.currentTimeMillis() / 1000 + 30, resource.getName(), user);
         String token = new TokenManager().encodeToken(realm, adminAction);
         Form form = new Form();

services/src/main/java/org/keycloak/services/managers/ResourceManager.java

@@ -1,18 +1,13 @@
 package org.keycloak.services.managers;
 
-import org.keycloak.representations.idm.CredentialRepresentation;
+import org.keycloak.representations.idm.*;
-import org.keycloak.representations.idm.ResourceRepresentation;
+import org.keycloak.representations.idm.ApplicationRepresentation;
-import org.keycloak.representations.idm.RoleMappingRepresentation;
-import org.keycloak.representations.idm.RoleRepresentation;
-import org.keycloak.representations.idm.ScopeMappingRepresentation;
 import org.keycloak.services.models.RealmModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.RoleModel;
 import org.keycloak.services.models.UserCredentialModel;
 import org.keycloak.services.models.UserModel;
 
-import java.util.List;
-
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
@@ -25,8 +20,8 @@ public class ResourceManager {
         this.realmManager = realmManager;
     }
 
-    public ResourceModel createResource(RealmModel realm, RoleModel loginRole, ResourceRepresentation resourceRep) {
+    public ApplicationModel createResource(RealmModel realm, RoleModel loginRole, ApplicationRepresentation resourceRep) {
-        ResourceModel resource = realm.addResource(resourceRep.getName());
+        ApplicationModel resource = realm.addApplication(resourceRep.getName());
         resource.setEnabled(resourceRep.isEnabled());
         resource.setManagementUrl(resourceRep.getAdminUrl());
         resource.setSurrogateAuthRequired(resourceRep.isSurrogateAuthRequired());
@@ -78,12 +73,12 @@ public class ResourceManager {
         return resource;
     }
 
-    public ResourceModel createResource(RealmModel realm, ResourceRepresentation resourceRep) {
+    public ApplicationModel createResource(RealmModel realm, ApplicationRepresentation resourceRep) {
         RoleModel loginRole = realm.getRole(RealmManager.RESOURCE_ROLE);
         return createResource(realm, loginRole, resourceRep);
     }
 
-    public void updateResource(ResourceRepresentation rep, ResourceModel resource) {
+    public void updateResource(ApplicationRepresentation rep, ApplicationModel resource) {
         resource.setName(rep.getName());
         resource.setEnabled(rep.isEnabled());
         resource.setManagementUrl(rep.getAdminUrl());
@@ -92,13 +87,13 @@ public class ResourceManager {
 
     }
 
-    public ResourceRepresentation toRepresentation(ResourceModel resourceModel) {
+    public ApplicationRepresentation toRepresentation(ApplicationModel applicationModel) {
-        ResourceRepresentation rep = new ResourceRepresentation();
+        ApplicationRepresentation rep = new ApplicationRepresentation();
-        rep.setId(resourceModel.getId());
+        rep.setId(applicationModel.getId());
-        rep.setName(resourceModel.getName());
+        rep.setName(applicationModel.getName());
-        rep.setEnabled(resourceModel.isEnabled());
+        rep.setEnabled(applicationModel.isEnabled());
-        rep.setAdminUrl(resourceModel.getManagementUrl());
+        rep.setAdminUrl(applicationModel.getManagementUrl());
-        rep.setSurrogateAuthRequired(resourceModel.isSurrogateAuthRequired());
+        rep.setSurrogateAuthRequired(applicationModel.isSurrogateAuthRequired());
         return rep;
 
     }

services/src/main/java/org/keycloak/services/managers/TokenManager.java

@@ -6,7 +6,7 @@ import org.jboss.resteasy.jwt.JsonSerialization;
 import org.keycloak.representations.SkeletonKeyScope;
 import org.keycloak.representations.SkeletonKeyToken;
 import org.keycloak.services.models.RealmModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.RoleModel;
 import org.keycloak.services.models.UserModel;
 
@@ -66,7 +66,7 @@ public class TokenManager {
                 }
             }
         }
-        for (ResourceModel resource : realm.getResources()) {
+        for (ApplicationModel resource : realm.getApplications()) {
             Set<String> mapping = resource.getRoleMappings(user);
             if (mapping != null && mapping.size() > 0 && (scopeMap == null || scopeMap.containsKey(resource.getName()))) {
                 Set<String> scope = resource.getScope(client);
@@ -131,9 +131,9 @@ public class TokenManager {
         }
 
         if (accessCodeEntry.getResourceRolesRequested().size() > 0) {
-            Map<String, ResourceModel> resourceMap = realm.getResourceNameMap();
+            Map<String, ApplicationModel> resourceMap = realm.getResourceNameMap();
             for (String resourceName : accessCodeEntry.getResourceRolesRequested().keySet()) {
-                ResourceModel resource = resourceMap.get(resourceName);
+                ApplicationModel resource = resourceMap.get(resourceName);
                 SkeletonKeyToken.Access access = token.addAccess(resourceName).verifyCaller(resource.isSurrogateAuthRequired());
                 for (RoleModel role : accessCodeEntry.getResourceRolesRequested().get(resourceName)) {
                     access.addRole(role.getName());
@@ -166,7 +166,7 @@ public class TokenManager {
 
 
     public SkeletonKeyToken createAccessToken(RealmModel realm, UserModel user) {
-        List<ResourceModel> resources = realm.getResources();
+        List<ApplicationModel> resources = realm.getApplications();
         SkeletonKeyToken token = new SkeletonKeyToken();
         token.id(RealmManager.generateId());
         token.issuedNow();
@@ -186,7 +186,7 @@ public class TokenManager {
             token.setRealmAccess(access);
         }
         if (resources != null) {
-            for (ResourceModel resource : resources) {
+            for (ApplicationModel resource : resources) {
                 Set<String> mapping = resource.getRoleMappings(user);
                 if (mapping == null) continue;
                 SkeletonKeyToken.Access access = token.addAccess(resource.getName())

services/src/main/java/org/keycloak/services/models/ApplicationModel.java

@@ -7,7 +7,7 @@ import java.util.Set;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public interface ResourceModel {
+public interface ApplicationModel {
     void updateResource();
 
     UserModel getResourceUser();

services/src/main/java/org/keycloak/services/models/RealmModel.java

@@ -61,7 +61,6 @@ public interface RealmModel {
 
     List<RequiredCredentialModel> getRequiredCredentials();
 
-    void addRequiredCredential(RequiredCredentialModel cred);
     void addRequiredCredential(String cred);
 
     boolean validatePassword(UserModel user, String password);
@@ -80,11 +79,11 @@ public interface RealmModel {
 
     List<RoleModel> getRoles();
 
-    Map<String, ResourceModel> getResourceNameMap();
+    Map<String, ApplicationModel> getResourceNameMap();
 
-    List<ResourceModel> getResources();
+    List<ApplicationModel> getApplications();
 
-    ResourceModel addResource(String name);
+    ApplicationModel addApplication(String name);
 
     boolean hasRole(UserModel user, RoleModel role);
 
@@ -102,19 +101,23 @@ public interface RealmModel {
 
     RoleModel getRoleById(String id);
 
-    void addRequiredResourceCredential(RequiredCredentialModel cred);
 
-    List<RequiredCredentialModel> getRequiredResourceCredentials();
+    List<RequiredCredentialModel> getRequiredApplicationCredentials();
 
-    void addRequiredOAuthClientCredential(RequiredCredentialModel cred);
 
     List<RequiredCredentialModel> getRequiredOAuthClientCredentials();
 
     boolean hasRole(UserModel user, String role);
 
-    ResourceModel getResourceById(String id);
+    ApplicationModel getApplicationById(String id);
 
     void addRequiredOAuthClientCredential(String type);
 
     void addRequiredResourceCredential(String type);
+
+    void updateRequiredCredentials(Set<String> creds);
+
+    void updateRequiredOAuthClientCredentials(Set<String> creds);
+
+    void updateRequiredApplicationCredentials(Set<String> creds);
 }

services/src/main/java/org/keycloak/services/models/picketlink/ApplicationAdapter.java

@@ -1,10 +1,9 @@
 package org.keycloak.services.models.picketlink;
 
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.RoleModel;
 import org.keycloak.services.models.UserModel;
-import org.keycloak.services.models.picketlink.mappings.ResourceData;
+import org.keycloak.services.models.picketlink.mappings.ApplicationData;
-import org.keycloak.services.models.picketlink.relationships.ResourceRelationship;
 import org.keycloak.services.models.picketlink.relationships.ScopeRelationship;
 import org.picketlink.idm.IdentityManager;
 import org.picketlink.idm.PartitionManager;
@@ -24,14 +23,14 @@ import java.util.Set;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class ResourceAdapter implements ResourceModel {
+public class ApplicationAdapter implements ApplicationModel {
-    protected ResourceData resource;
+    protected ApplicationData resource;
     protected RealmAdapter realm;
     protected IdentityManager idm;
     protected PartitionManager partitionManager;
     protected RelationshipManager relationshipManager;
 
-    public ResourceAdapter(ResourceData resource, RealmAdapter realm, PartitionManager partitionManager) {
+    public ApplicationAdapter(ApplicationData resource, RealmAdapter realm, PartitionManager partitionManager) {
         this.resource = resource;
         this.realm = realm;
         this.partitionManager = partitionManager;

services/src/main/java/org/keycloak/services/models/picketlink/RealmAdapter.java

@@ -1,24 +1,21 @@
 package org.keycloak.services.models.picketlink;
 
 import org.bouncycastle.openssl.PEMWriter;
+import org.jboss.resteasy.logging.Logger;
 import org.jboss.resteasy.security.PemUtils;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.models.KeycloakSession;
 import org.keycloak.services.models.RealmModel;
 import org.keycloak.services.models.RequiredCredentialModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.RoleModel;
 import org.keycloak.services.models.UserCredentialModel;
 import org.keycloak.services.models.UserModel;
 import org.keycloak.services.models.picketlink.mappings.RealmData;
-import org.keycloak.services.models.picketlink.mappings.ResourceData;
+import org.keycloak.services.models.picketlink.mappings.ApplicationData;
-import org.keycloak.services.models.picketlink.relationships.OAuthClientRequiredCredentialRelationship;
+import org.keycloak.services.models.picketlink.relationships.*;
-import org.keycloak.services.models.picketlink.relationships.RealmAdminRelationship;
+import org.keycloak.services.models.picketlink.relationships.RequiredApplicationCredentialRelationship;
-import org.keycloak.services.models.picketlink.relationships.RequiredCredentialRelationship;
-import org.keycloak.services.models.picketlink.relationships.ResourceRelationship;
-import org.keycloak.services.models.picketlink.relationships.ResourceRequiredCredentialRelationship;
-import org.keycloak.services.models.picketlink.relationships.ScopeRelationship;
 import org.picketlink.idm.IdentityManager;
 import org.picketlink.idm.PartitionManager;
 import org.picketlink.idm.RelationshipManager;
@@ -55,6 +52,7 @@ import java.util.Set;
  * @version $Revision: 1 $
  */
 public class RealmAdapter implements RealmModel {
+    protected static final Logger logger = Logger.getLogger(RealmManager.class);
 
     protected RealmData realm;
     protected volatile transient PublicKey publicKey;
@@ -251,28 +249,34 @@ public class RealmAdapter implements RealmModel {
 
     @Override
     public List<RequiredCredentialModel> getRequiredCredentials() {
-        RelationshipQuery<RequiredCredentialRelationship> query = getRelationshipManager().createRelationshipQuery(RequiredCredentialRelationship.class);
+        List<RequiredCredentialRelationship> results = getRequiredCredentialRelationships();
-        query.setParameter(RequiredCredentialRelationship.REALM, realm.getName());
-        List<RequiredCredentialRelationship> results = query.getResultList();
         return getRequiredCredentialModels(results);
     }
 
+    protected List<RequiredCredentialRelationship> getRequiredCredentialRelationships() {
+        RelationshipQuery<RequiredCredentialRelationship> query = getRelationshipManager().createRelationshipQuery(RequiredCredentialRelationship.class);
+        query.setParameter(RequiredCredentialRelationship.REALM, realm.getName());
+        return query.getResultList();
+    }
 
-    @Override
+
-    public void addRequiredResourceCredential(RequiredCredentialModel cred) {
+    public void addRequiredApplicationCredential(RequiredCredentialModel cred) {
-        ResourceRequiredCredentialRelationship relationship = new ResourceRequiredCredentialRelationship();
+        RequiredApplicationCredentialRelationship relationship = new RequiredApplicationCredentialRelationship();
         addRequiredCredential(cred, relationship);
     }
 
     @Override
-    public List<RequiredCredentialModel> getRequiredResourceCredentials() {
+    public List<RequiredCredentialModel> getRequiredApplicationCredentials() {
-        RelationshipQuery<ResourceRequiredCredentialRelationship> query = getRelationshipManager().createRelationshipQuery(ResourceRequiredCredentialRelationship.class);
+        List<RequiredApplicationCredentialRelationship> results = getResourceRequiredCredentialRelationships();
-        query.setParameter(ResourceRequiredCredentialRelationship.REALM, realm.getName());
-        List<ResourceRequiredCredentialRelationship> results = query.getResultList();
         return getRequiredCredentialModels(results);
     }
 
-    @Override
+    protected List<RequiredApplicationCredentialRelationship> getResourceRequiredCredentialRelationships() {
+        RelationshipQuery<RequiredApplicationCredentialRelationship> query = getRelationshipManager().createRelationshipQuery(RequiredApplicationCredentialRelationship.class);
+        query.setParameter(RequiredApplicationCredentialRelationship.REALM, realm.getName());
+        return query.getResultList();
+    }
+
     public void addRequiredOAuthClientCredential(RequiredCredentialModel cred) {
         OAuthClientRequiredCredentialRelationship relationship = new OAuthClientRequiredCredentialRelationship();
         addRequiredCredential(cred, relationship);
@@ -280,15 +284,16 @@ public class RealmAdapter implements RealmModel {
 
     @Override
     public List<RequiredCredentialModel> getRequiredOAuthClientCredentials() {
-        RelationshipQuery<OAuthClientRequiredCredentialRelationship> query = getRelationshipManager().createRelationshipQuery(OAuthClientRequiredCredentialRelationship.class);
+        List<OAuthClientRequiredCredentialRelationship> results = getOAuthClientRequiredCredentialRelationships();
-        query.setParameter(ResourceRequiredCredentialRelationship.REALM, realm.getName());
-        List<OAuthClientRequiredCredentialRelationship> results = query.getResultList();
         return getRequiredCredentialModels(results);
     }
 
+    protected List<OAuthClientRequiredCredentialRelationship> getOAuthClientRequiredCredentialRelationships() {
+        RelationshipQuery<OAuthClientRequiredCredentialRelationship> query = getRelationshipManager().createRelationshipQuery(OAuthClientRequiredCredentialRelationship.class);
+        query.setParameter(RequiredApplicationCredentialRelationship.REALM, realm.getName());
+        return query.getResultList();
+    }
 
-
-    @Override
     public void addRequiredCredential(RequiredCredentialModel cred) {
         RequiredCredentialRelationship relationship = new RequiredCredentialRelationship();
         addRequiredCredential(cred, relationship);
@@ -316,6 +321,65 @@ public class RealmAdapter implements RealmModel {
         getRelationshipManager().add(relationship);
     }
 
+    @Override
+    public void updateRequiredCredentials(Set<String> creds) {
+        List<RequiredCredentialRelationship> relationships = getRequiredCredentialRelationships();
+        RelationshipManager rm = getRelationshipManager();
+        Set<String> already = new HashSet<String>();
+        for (RequiredCredentialRelationship rel : relationships) {
+            if (!creds.contains(rel.getCredentialType())) {
+                rm.remove(rel);
+            } else {
+                already.add(rel.getCredentialType());
+            }
+        }
+        for (String cred : creds) {
+            logger.info("updating cred: " + cred);
+            if (!already.contains(cred)) {
+                addRequiredCredential(cred);
+            }
+        }
+    }
+
+    @Override
+    public void updateRequiredOAuthClientCredentials(Set<String> creds) {
+        List<OAuthClientRequiredCredentialRelationship> relationships = getOAuthClientRequiredCredentialRelationships();
+        RelationshipManager rm = getRelationshipManager();
+        Set<String> already = new HashSet<String>();
+        for (RequiredCredentialRelationship rel : relationships) {
+            if (!creds.contains(rel.getCredentialType())) {
+                rm.remove(rel);
+            } else {
+                already.add(rel.getCredentialType());
+            }
+        }
+        for (String cred : creds) {
+            if (!already.contains(cred)) {
+                addRequiredOAuthClientCredential(cred);
+            }
+        }
+    }
+
+    @Override
+    public void updateRequiredApplicationCredentials(Set<String> creds) {
+        List<RequiredApplicationCredentialRelationship> relationships = getResourceRequiredCredentialRelationships();
+        RelationshipManager rm = getRelationshipManager();
+        Set<String> already = new HashSet<String>();
+        for (RequiredCredentialRelationship rel : relationships) {
+            if (!creds.contains(rel.getCredentialType())) {
+                rm.remove(rel);
+            } else {
+                already.add(rel.getCredentialType());
+            }
+        }
+        for (String cred : creds) {
+            if (!already.contains(cred)) {
+                addRequiredResourceCredential(cred);
+            }
+        }
+    }
+
+
     @Override
     public void addRequiredCredential(String type) {
         RequiredCredentialModel model = initRequiredCredentialModel(type);
@@ -331,7 +395,7 @@ public class RealmAdapter implements RealmModel {
     @Override
     public void addRequiredResourceCredential(String type) {
         RequiredCredentialModel model = initRequiredCredentialModel(type);
-        addRequiredResourceCredential(model);
+        addRequiredApplicationCredential(model);
     }
 
     protected RequiredCredentialModel initRequiredCredentialModel(String type) {
@@ -444,9 +508,9 @@ public class RealmAdapter implements RealmModel {
      * @return
      */
     @Override
-    public Map<String, ResourceModel> getResourceNameMap() {
+    public Map<String, ApplicationModel> getResourceNameMap() {
-        Map<String, ResourceModel> resourceMap = new HashMap<String, ResourceModel>();
+        Map<String, ApplicationModel> resourceMap = new HashMap<String, ApplicationModel>();
-        for (ResourceModel resource : getResources()) {
+        for (ApplicationModel resource : getApplications()) {
             resourceMap.put(resource.getName(), resource);
         }
         return resourceMap;
@@ -458,27 +522,27 @@ public class RealmAdapter implements RealmModel {
      * @return
      */
     @Override
-    public ResourceModel getResourceById(String id) {
+    public ApplicationModel getApplicationById(String id) {
         RelationshipQuery<ResourceRelationship> query = getRelationshipManager().createRelationshipQuery(ResourceRelationship.class);
         query.setParameter(ResourceRelationship.REALM, realm.getName());
         query.setParameter(ResourceRelationship.RESOURCE, id);
         List<ResourceRelationship> results = query.getResultList();
         if (results.size() == 0) return null;
-        ResourceData resource = partitionManager.getPartition(ResourceData.class, id);
+        ApplicationData resource = partitionManager.getPartition(ApplicationData.class, id);
-        ResourceModel model = new ResourceAdapter(resource, this, partitionManager);
+        ApplicationModel model = new ApplicationAdapter(resource, this, partitionManager);
         return model;
     }
 
 
     @Override
-    public List<ResourceModel> getResources() {
+    public List<ApplicationModel> getApplications() {
         RelationshipQuery<ResourceRelationship> query = getRelationshipManager().createRelationshipQuery(ResourceRelationship.class);
         query.setParameter(ResourceRelationship.REALM, realm.getName());
         List<ResourceRelationship> results = query.getResultList();
-        List<ResourceModel> resources = new ArrayList<ResourceModel>();
+        List<ApplicationModel> resources = new ArrayList<ApplicationModel>();
         for (ResourceRelationship relationship : results) {
-            ResourceData resource = partitionManager.getPartition(ResourceData.class, relationship.getResource());
+            ApplicationData resource = partitionManager.getPartition(ApplicationData.class, relationship.getResource());
-            ResourceModel model = new ResourceAdapter(resource, this, partitionManager);
+            ApplicationModel model = new ApplicationAdapter(resource, this, partitionManager);
             resources.add(model);
         }
 
@@ -486,19 +550,19 @@ public class RealmAdapter implements RealmModel {
     }
 
     @Override
-    public ResourceModel addResource(String name) {
+    public ApplicationModel addApplication(String name) {
-        ResourceData resourceData = new ResourceData(RealmManager.generateId());
+        ApplicationData applicationData = new ApplicationData(RealmManager.generateId());
         User resourceUser = new User(name);
         idm.add(resourceUser);
-        resourceData.setResourceUser(resourceUser);
+        applicationData.setResourceUser(resourceUser);
-        resourceData.setResourceName(name);
+        applicationData.setResourceName(name);
-        resourceData.setResourceUser(resourceUser);
+        applicationData.setResourceUser(resourceUser);
-        partitionManager.add(resourceData);
+        partitionManager.add(applicationData);
         ResourceRelationship resourceRelationship = new ResourceRelationship();
         resourceRelationship.setRealm(realm.getName());
-        resourceRelationship.setResource(resourceData.getName());
+        resourceRelationship.setResource(applicationData.getName());
         getRelationshipManager().add(resourceRelationship);
-        ResourceModel resource = new ResourceAdapter(resourceData, this, partitionManager);
+        ApplicationModel resource = new ApplicationAdapter(applicationData, this, partitionManager);
         resource.addRole("*");
         resource.addScope(new UserAdapter(resourceUser, idm), "*");
         return resource;

services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationData.java

@@ -9,17 +9,17 @@ import org.picketlink.idm.model.sample.User;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class ResourceData extends AbstractPartition {
+public class ApplicationData extends AbstractPartition {
     private String resourceName;
     private boolean enabled;
     private boolean surrogateAuthRequired;
     private String managementUrl;
     private User resourceUser;
 
-    public ResourceData() {
+    public ApplicationData() {
         super(null);
     }
-    public ResourceData(String name) {
+    public ApplicationData(String name) {
         super(name);
     }
 

services/src/main/java/org/keycloak/services/models/picketlink/mappings/ApplicationEntity.java

@@ -15,9 +15,9 @@ import java.io.Serializable;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-@IdentityManaged(ResourceData.class)
+@IdentityManaged(ApplicationData.class)
 @Entity
-public class ResourceEntity implements Serializable {
+public class ApplicationEntity implements Serializable {
     @OneToOne
     @Id
     @OwnerReference

services/src/main/java/org/keycloak/services/models/picketlink/relationships/RequiredApplicationCredentialRelationship.java

@@ -4,5 +4,5 @@ package org.keycloak.services.models.picketlink.relationships;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class ResourceRequiredCredentialRelationship extends RequiredCredentialRelationship {
+public class RequiredApplicationCredentialRelationship extends RequiredCredentialRelationship {
 }

services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java

@@ -6,8 +6,8 @@ import org.keycloak.services.managers.TokenManager;
 import org.keycloak.services.models.KeycloakSessionFactory;
 import org.keycloak.services.models.picketlink.PicketlinkKeycloakSession;
 import org.keycloak.services.models.picketlink.PicketlinkKeycloakSessionFactory;
+import org.keycloak.services.models.picketlink.mappings.ApplicationEntity;
 import org.keycloak.services.models.picketlink.mappings.RealmEntity;
-import org.keycloak.services.models.picketlink.mappings.ResourceEntity;
 import org.keycloak.social.SocialRequestManager;
 import org.picketlink.idm.PartitionManager;
 import org.picketlink.idm.config.IdentityConfigurationBuilder;
@@ -98,7 +98,7 @@ public class KeycloakApplication extends Application {
                         OTPCredentialTypeEntity.class,
                         AttributeTypeEntity.class,
                         RealmEntity.class,
-                        ResourceEntity.class
+                        ApplicationEntity.class
                 )
                 .supportGlobalRelationship(org.picketlink.idm.model.Relationship.class)
                 .addContextInitializer(new JPAContextInitializer(null) {

services/src/main/java/org/keycloak/services/resources/admin/ApplicationResource.java

@@ -2,53 +2,45 @@ package org.keycloak.services.resources.admin;
 
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.logging.Logger;
-import org.keycloak.representations.idm.ResourceRepresentation;
+import org.keycloak.representations.idm.ApplicationRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.managers.ResourceManager;
 import org.keycloak.services.models.RealmModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.UserModel;
 import org.keycloak.services.resources.Transaction;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
-import javax.ws.rs.NotFoundException;
-import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
-import java.util.ArrayList;
-import java.util.List;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class RealmResourceResource {
+public class ApplicationResource {
     protected static final Logger logger = Logger.getLogger(RealmAdminResource.class);
     protected UserModel admin;
     protected RealmModel realm;
-    protected ResourceModel resourceModel;
+    protected ApplicationModel applicationModel;
 
-    public RealmResourceResource(UserModel admin, RealmModel realm, ResourceModel resourceModel) {
+    public ApplicationResource(UserModel admin, RealmModel realm, ApplicationModel applicationModel) {
         this.admin = admin;
         this.realm = realm;
-        this.resourceModel = resourceModel;
+        this.applicationModel = applicationModel;
     }
 
     @PUT
     @Consumes(MediaType.APPLICATION_JSON)
-    public void update(final ResourceRepresentation rep) {
+    public void update(final ApplicationRepresentation rep) {
         new Transaction() {
             @Override
             protected void runImpl() {
                 ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
-                resourceManager.updateResource(rep, resourceModel);
+                resourceManager.updateResource(rep, applicationModel);
             }
         }.run();
     }
@@ -57,12 +49,12 @@ public class RealmResourceResource {
     @GET
     @NoCache
     @Produces(MediaType.APPLICATION_JSON)
-    public ResourceRepresentation getResource(final @PathParam("id") String id) {
+    public ApplicationRepresentation getResource(final @PathParam("id") String id) {
         return new Transaction() {
             @Override
-            protected ResourceRepresentation callImpl() {
+            protected ApplicationRepresentation callImpl() {
                ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
-                return resourceManager.toRepresentation(resourceModel);
+                return resourceManager.toRepresentation(applicationModel);
             }
         }.call();
     }

services/src/main/java/org/keycloak/services/resources/admin/ApplicationsResource.java

@@ -2,11 +2,11 @@ package org.keycloak.services.resources.admin;
 
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.logging.Logger;
-import org.keycloak.representations.idm.ResourceRepresentation;
+import org.keycloak.representations.idm.ApplicationRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.managers.ResourceManager;
 import org.keycloak.services.models.RealmModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.UserModel;
 import org.keycloak.services.resources.Transaction;
 
@@ -14,7 +14,6 @@ import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.NotFoundException;
 import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
@@ -29,12 +28,12 @@ import java.util.List;
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
  * @version $Revision: 1 $
  */
-public class RealmResourcesResource {
+public class ApplicationsResource {
     protected static final Logger logger = Logger.getLogger(RealmAdminResource.class);
     protected UserModel admin;
     protected RealmModel realm;
 
-    public RealmResourcesResource(UserModel admin, RealmModel realm) {
+    public ApplicationsResource(UserModel admin, RealmModel realm) {
         this.admin = admin;
         this.realm = realm;
     }
@@ -42,15 +41,15 @@ public class RealmResourcesResource {
     @GET
     @Produces(MediaType.APPLICATION_JSON)
     @NoCache
-    public List<ResourceRepresentation> getResources() {
+    public List<ApplicationRepresentation> getResources() {
         return new Transaction() {
             @Override
-            protected List<ResourceRepresentation> callImpl() {
+            protected List<ApplicationRepresentation> callImpl() {
-                List<ResourceRepresentation> rep = new ArrayList<ResourceRepresentation>();
+                List<ApplicationRepresentation> rep = new ArrayList<ApplicationRepresentation>();
-                List<ResourceModel> resourceModels = realm.getResources();
+                List<ApplicationModel> applicationModels = realm.getApplications();
                 ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
-                for (ResourceModel resourceModel : resourceModels) {
+                for (ApplicationModel applicationModel : applicationModels) {
-                    rep.add(resourceManager.toRepresentation(resourceModel));
+                    rep.add(resourceManager.toRepresentation(applicationModel));
                 }
                 return rep;
             }
@@ -59,27 +58,27 @@ public class RealmResourcesResource {
 
     @POST
     @Consumes(MediaType.APPLICATION_JSON)
-    public Response createResource(final @Context UriInfo uriInfo, final ResourceRepresentation rep) {
+    public Response createResource(final @Context UriInfo uriInfo, final ApplicationRepresentation rep) {
         return new Transaction() {
             @Override
             protected Response callImpl() {
                 ResourceManager resourceManager = new ResourceManager(new RealmManager(session));
-                ResourceModel resourceModel = resourceManager.createResource(realm, rep);
+                ApplicationModel applicationModel = resourceManager.createResource(realm, rep);
-                return Response.created(uriInfo.getAbsolutePathBuilder().path(resourceModel.getId()).build()).build();
+                return Response.created(uriInfo.getAbsolutePathBuilder().path(applicationModel.getId()).build()).build();
             }
         }.call();
     }
 
     @Path("{id}")
-    public RealmResourceResource getResource(final @PathParam("id") String id) {
+    public ApplicationResource getResource(final @PathParam("id") String id) {
         return new Transaction(false) {
             @Override
-            protected RealmResourceResource callImpl() {
+            protected ApplicationResource callImpl() {
-                ResourceModel resourceModel = realm.getResourceById(id);
+                ApplicationModel applicationModel = realm.getApplicationById(id);
-                if (resourceModel == null) {
+                if (applicationModel == null) {
                     throw new NotFoundException();
                 }
-                return new RealmResourceResource(admin, realm, resourceModel);
+                return new ApplicationResource(admin, realm, applicationModel);
             }
         }.call();
 

services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java

@@ -7,17 +7,13 @@ import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.models.RealmModel;
-import org.keycloak.services.models.RequiredCredentialModel;
 import org.keycloak.services.models.RoleModel;
 import org.keycloak.services.models.UserModel;
-import org.keycloak.services.resources.PublicRealmResource;
 import org.keycloak.services.resources.Transaction;
 
 import javax.ws.rs.Consumes;
-import javax.ws.rs.ForbiddenException;
 import javax.ws.rs.GET;
 import javax.ws.rs.InternalServerErrorException;
-import javax.ws.rs.NotAuthorizedException;
 import javax.ws.rs.NotFoundException;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
@@ -25,15 +21,10 @@ import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriBuilder;
 import javax.ws.rs.core.UriInfo;
 import java.util.ArrayList;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
 
 /**
  * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -49,9 +40,9 @@ public class RealmAdminResource {
         this.realm = realm;
     }
 
-    @Path("resources")
+    @Path("applications")
-    public RealmResourcesResource getResources() {
+    public ApplicationsResource getResources() {
-        return new RealmResourcesResource(admin, realm);
+        return new ApplicationsResource(admin, realm);
     }
 
     @GET
@@ -86,6 +77,19 @@ public class RealmAdminResource {
         }.call();
     }
 
+    @PUT
+    @Consumes("application/json")
+    public void updateRealm(final RealmRepresentation rep) {
+        new Transaction() {
+            @Override
+            protected void runImpl() {
+                logger.info("updating realm: " + rep.getRealm());
+                new RealmManager(session).updateRealm(rep, realm);
+            }
+        }.run();
+
+    }
+
     @Path("roles/{id}")
     @GET
     @NoCache

services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java

@@ -28,6 +28,7 @@ import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriBuilder;
 import javax.ws.rs.core.UriInfo;
 import java.net.URI;
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -52,18 +53,18 @@ public class RealmsAdminResource {
     @GET
     @NoCache
     @Produces("application/json")
-    public Response getRealms() {
+    public List<RealmRepresentation> getRealms() {
         return new Transaction() {
             @Override
-            protected  Response callImpl() {
+            protected  List<RealmRepresentation> callImpl() {
                 logger.info(("getRealms()"));
+                RealmManager realmManager = new RealmManager(session);
                 List<RealmModel> realms = session.getRealms(admin);
-                Map<String, String> map = new HashMap<String, String>();
+                List<RealmRepresentation> reps = new ArrayList<RealmRepresentation>();
                 for (RealmModel realm : realms) {
-                    map.put(realm.getId(), realm.getName());
+                    reps.add(realmManager.toRepresentation(realm));
                 }
-                return Response.ok(new GenericEntity<Map<String, String>>(map){})
+                return reps;
-                               .cacheControl(noCache).build();
             }
         }.call();
     }

services/src/test/java/org/keycloak/test/AdapterTest.java

@@ -18,7 +18,9 @@ import org.keycloak.services.models.UserCredentialModel;
 import org.keycloak.services.resources.KeycloakApplication;
 
 
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.StringTokenizer;
 
 /**
@@ -89,8 +91,14 @@ public class AdapterTest {
     public void test2RequiredCredential() throws Exception {
         test1CreateRealm();
         realmModel.addRequiredCredential(CredentialRepresentation.PASSWORD);
-        realmModel.addRequiredCredential(CredentialRepresentation.TOTP);
         List<RequiredCredentialModel> storedCreds = realmModel.getRequiredCredentials();
+        Assert.assertEquals(1, storedCreds.size());
+
+        Set<String> creds = new HashSet<String>();
+        creds.add(CredentialRepresentation.PASSWORD);
+        creds.add(CredentialRepresentation.TOTP);
+        realmModel.updateRequiredCredentials(creds);
+        storedCreds = realmModel.getRequiredCredentials();
         Assert.assertEquals(2, storedCreds.size());
         boolean totp = false;
         boolean password = false;

services/src/test/java/org/keycloak/test/ImportTest.java

@@ -6,18 +6,18 @@ import org.junit.Before;
 import org.junit.FixMethodOrder;
 import org.junit.Test;
 import org.junit.runners.MethodSorters;
+import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.models.KeycloakSession;
 import org.keycloak.services.models.KeycloakSessionFactory;
 import org.keycloak.services.models.RealmModel;
 import org.keycloak.services.models.RequiredCredentialModel;
-import org.keycloak.services.models.ResourceModel;
+import org.keycloak.services.models.ApplicationModel;
 import org.keycloak.services.models.RoleModel;
 import org.keycloak.services.models.UserModel;
 import org.keycloak.services.resources.KeycloakApplication;
 import org.keycloak.services.resources.SaasService;
-import org.keycloak.services.resources.SaasService;
 
 import java.util.List;
 import java.util.Set;
@@ -59,7 +59,7 @@ public class ImportTest {
         defaultRealm.setCookieLoginAllowed(true);
         defaultRealm.setRegistrationAllowed(true);
         manager.generateRealmKeys(defaultRealm);
-        defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
+        defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD);
         RoleModel role = defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE);
         UserModel admin = defaultRealm.addUser("admin");
         defaultRealm.grantRole(admin, role);
@@ -78,7 +78,7 @@ public class ImportTest {
         Set<String> scopes = realm.getScope(user);
         System.out.println("Scopes size: " + scopes.size());
         Assert.assertTrue(scopes.contains("*"));
-        List<ResourceModel> resources = realm.getResources();
+        List<ApplicationModel> resources = realm.getApplications();
         Assert.assertEquals(2, resources.size());
         List<RealmModel> realms = identitySession.getRealms(admin);
         Assert.assertEquals(1, realms.size());
@@ -96,7 +96,7 @@ public class ImportTest {
         defaultRealm.setCookieLoginAllowed(true);
         defaultRealm.setRegistrationAllowed(true);
         manager.generateRealmKeys(defaultRealm);
-        defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
+        defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD);
         RoleModel role = defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE);
         UserModel admin = defaultRealm.addUser("admin");
         defaultRealm.grantRole(admin, role);

services/src/test/java/org/keycloak/test/InstallationManager.java

@@ -1,5 +1,6 @@
 package org.keycloak.test;
 
+import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.models.RealmModel;
 import org.keycloak.services.models.RequiredCredentialModel;
@@ -21,7 +22,7 @@ public class InstallationManager {
         defaultRealm.setCookieLoginAllowed(true);
         defaultRealm.setRegistrationAllowed(true);
         manager.generateRealmKeys(defaultRealm);
-        defaultRealm.addRequiredCredential(RequiredCredentialModel.PASSWORD);
+        defaultRealm.addRequiredCredential(CredentialRepresentation.PASSWORD);
         defaultRealm.addRole(SaasService.REALM_CREATOR_ROLE);
     }
 

services/src/test/resources/META-INF/persistence.xml

@@ -19,7 +19,7 @@
         <class>org.picketlink.idm.jpa.model.sample.simple.OTPCredentialTypeEntity</class>
         <class>org.picketlink.idm.jpa.model.sample.simple.AttributeTypeEntity</class>
         <class>org.keycloak.services.models.picketlink.mappings.RealmEntity</class>
-        <class>org.keycloak.services.models.picketlink.mappings.ResourceEntity</class>
+        <class>org.keycloak.services.models.picketlink.mappings.ApplicationEntity</class>
 
         <exclude-unlisted-classes>true</exclude-unlisted-classes>
 

services/src/test/resources/testrealm-demo.json

@@ -8,7 +8,7 @@
     "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
     "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
     "requiredCredentials": [ "password" ],
-    "requiredResourceCredentials": [ "password" ],
+    "requiredApplicationCredentials": [ "password" ],
     "requiredOAuthClientCredentials": [ "password" ],
     "users" : [
         {
@@ -57,7 +57,7 @@
             "roles": ["user"]
         }
     ],
-    "resources": [
+    "applications": [
         {
             "name": "customer-portal",
             "enabled": true,

services/src/test/resources/testrealm.json

@@ -4,7 +4,7 @@
     "tokenLifespan": 6000,
     "accessCodeLifespan": 30,
     "requiredCredentials": [ "password" ],
-    "requiredResourceCredentials": [ "password" ],
+    "requiredApplicationCredentials": [ "password" ],
     "requiredOAuthClientCredentials": [ "password" ],
     "users": [
         {
@@ -63,7 +63,7 @@
             "roles": ["*"]
         }
     ],
-    "resources": [
+    "applications": [
         {
             "name": "Application",
             "enabled": true,