KEYCLOAK-1074 - Allow registration with email as username (without

username as separate field)
2015-03-10 16:28:57 +01:00 · 2015-03-10 16:28:57 +01:00 · b117409531
commit b117409531
parent 453d29f188
24 changed files with 9103 additions and 8703 deletions
--- a/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.Beta1.xml
+++ b/connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-1.2.0.Beta1.xml
@ -93,6 +93,7 @@

        <addColumn tableName="REALM">
            <column name="LOGIN_LIFESPAN" type="INT"/>
+            <column name="REGISTRATION_EMAIL_AS_USERNAME" type="BOOLEAN" defaultValueBoolean="false"/>
        </addColumn>
    </changeSet>
 </databaseChangeLog>
--- a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
@ -11,497 +11,510 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class RealmRepresentation {
-    protected String id;
-    protected String realm;
-    protected Integer notBefore;
-    protected Integer accessTokenLifespan;
-    protected Integer ssoSessionIdleTimeout;
-    protected Integer ssoSessionMaxLifespan;
-    protected Integer accessCodeLifespan;
-    protected Integer accessCodeLifespanUserAction;
-    protected Integer accessCodeLifespanLogin;
-    protected Boolean enabled;
-    protected String sslRequired;
-    protected Boolean passwordCredentialGrantAllowed;
-    protected Boolean registrationAllowed;
-    protected Boolean rememberMe;
-    protected Boolean verifyEmail;
-    protected Boolean resetPasswordAllowed;
-
-    protected Boolean userCacheEnabled;
-    protected Boolean realmCacheEnabled;
-
-    //--- brute force settings
-    protected Boolean bruteForceProtected;
-    protected Integer maxFailureWaitSeconds;
-    protected Integer minimumQuickLoginWaitSeconds;
-    protected Integer waitIncrementSeconds;
-    protected Long quickLoginCheckMilliSeconds;
-    protected Integer maxDeltaTimeSeconds;
-    protected Integer failureFactor;
-    //--- end brute force settings
-
-    protected String privateKey;
-    protected String publicKey;
-    protected String certificate;
-    protected String codeSecret;
-    protected RolesRepresentation roles;
-    protected List<String> defaultRoles;
-    protected Set<String> requiredCredentials;
-    protected String passwordPolicy;
-    protected List<UserRepresentation> users;
-    protected List<ScopeMappingRepresentation> scopeMappings;
-    protected Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings;
-    protected List<ApplicationRepresentation> applications;
-    protected List<OAuthClientRepresentation> oauthClients;
-    protected Map<String, String> browserSecurityHeaders;
-    protected Map<String, String> smtpServer;
-    protected List<UserFederationProviderRepresentation> userFederationProviders;
-    protected String loginTheme;
-    protected String accountTheme;
-    protected String adminTheme;
-    protected String emailTheme;
-    protected Boolean eventsEnabled;
-    protected Long eventsExpiration;
-    protected List<String> eventsListeners;
-    private List<IdentityProviderRepresentation> identityProviders;
-    private List<ProtocolMapperRepresentation> protocolMappers;
-    private Boolean identityFederationEnabled;
-
-    public String getId() {
-        return id;
-    }
-
-    public void setId(String id) {
-        this.id = id;
-    }
-
-    public String getRealm() {
-        return realm;
-    }
-
-    public void setRealm(String realm) {
-        this.realm = realm;
-    }
-
-    public List<UserRepresentation> getUsers() {
-        return users;
-    }
-
-    public List<ApplicationRepresentation> getApplications() {
-        return applications;
-    }
-
-    public ApplicationRepresentation resource(String name) {
-        ApplicationRepresentation resource = new ApplicationRepresentation();
-        if (applications == null) applications = new ArrayList<ApplicationRepresentation>();
-        applications.add(resource);
-        resource.setName(name);
-        return resource;
-    }
-
-    public void setUsers(List<UserRepresentation> users) {
-        this.users = users;
-    }
-
-    public UserRepresentation user(String username) {
-        UserRepresentation user = new UserRepresentation();
-        user.setUsername(username);
-        if (users == null) users = new ArrayList<UserRepresentation>();
-        users.add(user);
-        return user;
-    }
-
-    public void setApplications(List<ApplicationRepresentation> applications) {
-        this.applications = applications;
-    }
-
-    public Boolean isEnabled() {
-        return enabled;
-    }
-
-    public void setEnabled(Boolean enabled) {
-        this.enabled = enabled;
-    }
-
-    public String getSslRequired() {
-        return sslRequired;
-    }
-
-    public void setSslRequired(String sslRequired) {
-        this.sslRequired = sslRequired;
-    }
-
-    public Integer getAccessTokenLifespan() {
-        return accessTokenLifespan;
-    }
-
-    public void setAccessTokenLifespan(Integer accessTokenLifespan) {
-        this.accessTokenLifespan = accessTokenLifespan;
-    }
-
-    public Integer getSsoSessionIdleTimeout() {
-        return ssoSessionIdleTimeout;
-    }
-
-    public void setSsoSessionIdleTimeout(Integer ssoSessionIdleTimeout) {
-        this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
-    }
-
-    public Integer getSsoSessionMaxLifespan() {
-        return ssoSessionMaxLifespan;
-    }
-
-    public void setSsoSessionMaxLifespan(Integer ssoSessionMaxLifespan) {
-        this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
-    }
-
-    public List<ScopeMappingRepresentation> getScopeMappings() {
-        return scopeMappings;
-    }
-
-    public ScopeMappingRepresentation scopeMapping(String username) {
-        ScopeMappingRepresentation mapping = new ScopeMappingRepresentation();
-        mapping.setClient(username);
-        if (scopeMappings == null) scopeMappings = new ArrayList<ScopeMappingRepresentation>();
-        scopeMappings.add(mapping);
-        return mapping;
-    }
-
-    public Set<String> getRequiredCredentials() {
-        return requiredCredentials;
-    }
-
-    public void setRequiredCredentials(Set<String> requiredCredentials) {
-        this.requiredCredentials = requiredCredentials;
-    }
-
-    public String getPasswordPolicy() {
-        return passwordPolicy;
-    }
-
-    public void setPasswordPolicy(String passwordPolicy) {
-        this.passwordPolicy = passwordPolicy;
-    }
-
-    public Integer getAccessCodeLifespan() {
-        return accessCodeLifespan;
-    }
-
-    public void setAccessCodeLifespan(Integer accessCodeLifespan) {
-        this.accessCodeLifespan = accessCodeLifespan;
-    }
-
-    public Integer getAccessCodeLifespanUserAction() {
-        return accessCodeLifespanUserAction;
-    }
-
-    public void setAccessCodeLifespanUserAction(Integer accessCodeLifespanUserAction) {
-        this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
-    }
-
-    public Integer getAccessCodeLifespanLogin() {
-        return accessCodeLifespanLogin;
-    }
-
-    public void setAccessCodeLifespanLogin(Integer accessCodeLifespanLogin) {
-        this.accessCodeLifespanLogin = accessCodeLifespanLogin;
-    }
-
-    public List<String> getDefaultRoles() {
-        return defaultRoles;
-    }
+	protected String id;
+	protected String realm;
+	protected Integer notBefore;
+	protected Integer accessTokenLifespan;
+	protected Integer ssoSessionIdleTimeout;
+	protected Integer ssoSessionMaxLifespan;
+	protected Integer accessCodeLifespan;
+	protected Integer accessCodeLifespanUserAction;
+	protected Integer accessCodeLifespanLogin;
+	protected Boolean enabled;
+	protected String sslRequired;
+	protected Boolean passwordCredentialGrantAllowed;
+	protected Boolean registrationAllowed;
+	protected Boolean registrationEmailAsUsername;
+	protected Boolean rememberMe;
+	protected Boolean verifyEmail;
+	protected Boolean resetPasswordAllowed;
+
+	protected Boolean userCacheEnabled;
+	protected Boolean realmCacheEnabled;
+
+	// --- brute force settings
+	protected Boolean bruteForceProtected;
+	protected Integer maxFailureWaitSeconds;
+	protected Integer minimumQuickLoginWaitSeconds;
+	protected Integer waitIncrementSeconds;
+	protected Long quickLoginCheckMilliSeconds;
+	protected Integer maxDeltaTimeSeconds;
+	protected Integer failureFactor;
+	// --- end brute force settings
+
+	protected String privateKey;
+	protected String publicKey;
+	protected String certificate;
+	protected String codeSecret;
+	protected RolesRepresentation roles;
+	protected List<String> defaultRoles;
+	protected Set<String> requiredCredentials;
+	protected String passwordPolicy;
+	protected List<UserRepresentation> users;
+	protected List<ScopeMappingRepresentation> scopeMappings;
+	protected Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings;
+	protected List<ApplicationRepresentation> applications;
+	protected List<OAuthClientRepresentation> oauthClients;
+	protected Map<String, String> browserSecurityHeaders;
+	protected Map<String, String> smtpServer;
+	protected List<UserFederationProviderRepresentation> userFederationProviders;
+	protected String loginTheme;
+	protected String accountTheme;
+	protected String adminTheme;
+	protected String emailTheme;
+	protected Boolean eventsEnabled;
+	protected Long eventsExpiration;
+	protected List<String> eventsListeners;
+	private List<IdentityProviderRepresentation> identityProviders;
+	private List<ProtocolMapperRepresentation> protocolMappers;
+	private Boolean identityFederationEnabled;
+
+	public String getId() {
+		return id;
+	}
+
+	public void setId(String id) {
+		this.id = id;
+	}
+
+	public String getRealm() {
+		return realm;
+	}
+
+	public void setRealm(String realm) {
+		this.realm = realm;
+	}
+
+	public List<UserRepresentation> getUsers() {
+		return users;
+	}
+
+	public List<ApplicationRepresentation> getApplications() {
+		return applications;
+	}
+
+	public ApplicationRepresentation resource(String name) {
+		ApplicationRepresentation resource = new ApplicationRepresentation();
+		if (applications == null)
+			applications = new ArrayList<ApplicationRepresentation>();
+		applications.add(resource);
+		resource.setName(name);
+		return resource;
+	}
+
+	public void setUsers(List<UserRepresentation> users) {
+		this.users = users;
+	}
+
+	public UserRepresentation user(String username) {
+		UserRepresentation user = new UserRepresentation();
+		user.setUsername(username);
+		if (users == null)
+			users = new ArrayList<UserRepresentation>();
+		users.add(user);
+		return user;
+	}
+
+	public void setApplications(List<ApplicationRepresentation> applications) {
+		this.applications = applications;
+	}
+
+	public Boolean isEnabled() {
+		return enabled;
+	}
+
+	public void setEnabled(Boolean enabled) {
+		this.enabled = enabled;
+	}
+
+	public String getSslRequired() {
+		return sslRequired;
+	}
+
+	public void setSslRequired(String sslRequired) {
+		this.sslRequired = sslRequired;
+	}
+
+	public Integer getAccessTokenLifespan() {
+		return accessTokenLifespan;
+	}
+
+	public void setAccessTokenLifespan(Integer accessTokenLifespan) {
+		this.accessTokenLifespan = accessTokenLifespan;
+	}
+
+	public Integer getSsoSessionIdleTimeout() {
+		return ssoSessionIdleTimeout;
+	}
+
+	public void setSsoSessionIdleTimeout(Integer ssoSessionIdleTimeout) {
+		this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
+	}
+
+	public Integer getSsoSessionMaxLifespan() {
+		return ssoSessionMaxLifespan;
+	}
+
+	public void setSsoSessionMaxLifespan(Integer ssoSessionMaxLifespan) {
+		this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
+	}
+
+	public List<ScopeMappingRepresentation> getScopeMappings() {
+		return scopeMappings;
+	}
+
+	public ScopeMappingRepresentation scopeMapping(String username) {
+		ScopeMappingRepresentation mapping = new ScopeMappingRepresentation();
+		mapping.setClient(username);
+		if (scopeMappings == null)
+			scopeMappings = new ArrayList<ScopeMappingRepresentation>();
+		scopeMappings.add(mapping);
+		return mapping;
+	}
+
+	public Set<String> getRequiredCredentials() {
+		return requiredCredentials;
+	}
+
+	public void setRequiredCredentials(Set<String> requiredCredentials) {
+		this.requiredCredentials = requiredCredentials;
+	}
+
+	public String getPasswordPolicy() {
+		return passwordPolicy;
+	}
+
+	public void setPasswordPolicy(String passwordPolicy) {
+		this.passwordPolicy = passwordPolicy;
+	}
+
+	public Integer getAccessCodeLifespan() {
+		return accessCodeLifespan;
+	}
+
+	public void setAccessCodeLifespan(Integer accessCodeLifespan) {
+		this.accessCodeLifespan = accessCodeLifespan;
+	}
+
+	public Integer getAccessCodeLifespanUserAction() {
+		return accessCodeLifespanUserAction;
+	}
+
+	public void setAccessCodeLifespanUserAction(Integer accessCodeLifespanUserAction) {
+		this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
+	}
+
+	public Integer getAccessCodeLifespanLogin() {
+		return accessCodeLifespanLogin;
+	}
+
+	public void setAccessCodeLifespanLogin(Integer accessCodeLifespanLogin) {
+		this.accessCodeLifespanLogin = accessCodeLifespanLogin;
+	}
+
+	public List<String> getDefaultRoles() {
+		return defaultRoles;
+	}
+
+	public void setDefaultRoles(List<String> defaultRoles) {
+		this.defaultRoles = defaultRoles;
+	}
+
+	public String getPrivateKey() {
+		return privateKey;
+	}
+
+	public void setPrivateKey(String privateKey) {
+		this.privateKey = privateKey;
+	}
+
+	public String getPublicKey() {
+		return publicKey;
+	}
+
+	public void setPublicKey(String publicKey) {
+		this.publicKey = publicKey;
+	}
+
+	public String getCertificate() {
+		return certificate;
+	}
+
+	public void setCertificate(String certificate) {
+		this.certificate = certificate;
+	}
+
+	public String getCodeSecret() {
+		return codeSecret;
+	}
+
+	public void setCodeSecret(String codeSecret) {
+		this.codeSecret = codeSecret;
+	}
+
+	public Boolean isPasswordCredentialGrantAllowed() {
+		return passwordCredentialGrantAllowed;
+	}
+
+	public void setPasswordCredentialGrantAllowed(Boolean passwordCredentialGrantAllowed) {
+		this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
+	}
+
+	public Boolean isRegistrationAllowed() {
+		return registrationAllowed;
+	}
+
+	public void setRegistrationAllowed(Boolean registrationAllowed) {
+		this.registrationAllowed = registrationAllowed;
+	}

-    public void setDefaultRoles(List<String> defaultRoles) {
-        this.defaultRoles = defaultRoles;
-    }
+	public Boolean isRegistrationEmailAsUsername() {
+		return registrationEmailAsUsername;
+	}

-    public String getPrivateKey() {
-        return privateKey;
-    }
+	public void setRegistrationEmailAsUsername(boolean registrationEmailAsUsername) {
+		this.registrationEmailAsUsername = registrationEmailAsUsername;
+	}

-    public void setPrivateKey(String privateKey) {
-        this.privateKey = privateKey;
-    }
+	public Boolean isRememberMe() {
+		return rememberMe;
+	}

-    public String getPublicKey() {
-        return publicKey;
-    }
+	public void setRememberMe(Boolean rememberMe) {
+		this.rememberMe = rememberMe;
+	}

-    public void setPublicKey(String publicKey) {
-        this.publicKey = publicKey;
-    }
+	public Boolean isRealmCacheEnabled() {
+		return realmCacheEnabled;
+	}

-    public String getCertificate() {
-        return certificate;
-    }
+	public void setRealmCacheEnabled(Boolean realmCacheEnabled) {
+		this.realmCacheEnabled = realmCacheEnabled;
+	}

-    public void setCertificate(String certificate) {
-        this.certificate = certificate;
-    }
+	public Boolean isUserCacheEnabled() {
+		return userCacheEnabled;
+	}

-    public String getCodeSecret() {
-        return codeSecret;
-    }
+	public void setUserCacheEnabled(Boolean userCacheEnabled) {
+		this.userCacheEnabled = userCacheEnabled;
+	}

-    public void setCodeSecret(String codeSecret) {
-        this.codeSecret = codeSecret;
-    }
+	public Boolean isVerifyEmail() {
+		return verifyEmail;
+	}

-    public Boolean isPasswordCredentialGrantAllowed() {
-        return passwordCredentialGrantAllowed;
-    }
+	public void setVerifyEmail(Boolean verifyEmail) {
+		this.verifyEmail = verifyEmail;
+	}

-    public void setPasswordCredentialGrantAllowed(Boolean passwordCredentialGrantAllowed) {
-        this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
-    }
+	public Boolean isResetPasswordAllowed() {
+		return resetPasswordAllowed;
+	}

-    public Boolean isRegistrationAllowed() {
-        return registrationAllowed;
-    }
+	public void setResetPasswordAllowed(Boolean resetPassword) {
+		this.resetPasswordAllowed = resetPassword;
+	}

-    public void setRegistrationAllowed(Boolean registrationAllowed) {
-        this.registrationAllowed = registrationAllowed;
-    }
+	public Map<String, String> getBrowserSecurityHeaders() {
+		return browserSecurityHeaders;
+	}

-    public Boolean isRememberMe() {
-        return rememberMe;
-    }
+	public void setBrowserSecurityHeaders(Map<String, String> browserSecurityHeaders) {
+		this.browserSecurityHeaders = browserSecurityHeaders;
+	}

-    public void setRememberMe(Boolean rememberMe) {
-        this.rememberMe = rememberMe;
-    }
+	public Map<String, String> getSmtpServer() {
+		return smtpServer;
+	}

-    public Boolean isRealmCacheEnabled() {
-        return realmCacheEnabled;
-    }
+	public void setSmtpServer(Map<String, String> smtpServer) {
+		this.smtpServer = smtpServer;
+	}

-    public void setRealmCacheEnabled(Boolean realmCacheEnabled) {
-        this.realmCacheEnabled = realmCacheEnabled;
-    }
+	public List<OAuthClientRepresentation> getOauthClients() {
+		return oauthClients;
+	}

-    public Boolean isUserCacheEnabled() {
-        return userCacheEnabled;
-    }
+	public void setOauthClients(List<OAuthClientRepresentation> oauthClients) {
+		this.oauthClients = oauthClients;
+	}

-    public void setUserCacheEnabled(Boolean userCacheEnabled) {
-        this.userCacheEnabled = userCacheEnabled;
-    }
+	public Map<String, List<ScopeMappingRepresentation>> getApplicationScopeMappings() {
+		return applicationScopeMappings;
+	}

-    public Boolean isVerifyEmail() {
-        return verifyEmail;
-    }
+	public void setApplicationScopeMappings(Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings) {
+		this.applicationScopeMappings = applicationScopeMappings;
+	}

-    public void setVerifyEmail(Boolean verifyEmail) {
-        this.verifyEmail = verifyEmail;
-    }
+	public RolesRepresentation getRoles() {
+		return roles;
+	}

-    public Boolean isResetPasswordAllowed() {
-        return resetPasswordAllowed;
-    }
+	public void setRoles(RolesRepresentation roles) {
+		this.roles = roles;
+	}

-    public void setResetPasswordAllowed(Boolean resetPassword) {
-        this.resetPasswordAllowed = resetPassword;
-    }
+	public String getLoginTheme() {
+		return loginTheme;
+	}

-    public Map<String, String> getBrowserSecurityHeaders() {
-        return browserSecurityHeaders;
-    }
+	public void setLoginTheme(String loginTheme) {
+		this.loginTheme = loginTheme;
+	}

-    public void setBrowserSecurityHeaders(Map<String, String> browserSecurityHeaders) {
-        this.browserSecurityHeaders = browserSecurityHeaders;
-    }
+	public String getAccountTheme() {
+		return accountTheme;
+	}

-    public Map<String, String> getSmtpServer() {
-        return smtpServer;
-    }
+	public void setAccountTheme(String accountTheme) {
+		this.accountTheme = accountTheme;
+	}

-    public void setSmtpServer(Map<String, String> smtpServer) {
-        this.smtpServer = smtpServer;
-    }
+	public String getAdminTheme() {
+		return adminTheme;
+	}

-    public List<OAuthClientRepresentation> getOauthClients() {
-        return oauthClients;
-    }
+	public void setAdminTheme(String adminTheme) {
+		this.adminTheme = adminTheme;
+	}

-    public void setOauthClients(List<OAuthClientRepresentation> oauthClients) {
-        this.oauthClients = oauthClients;
-    }
+	public String getEmailTheme() {
+		return emailTheme;
+	}

-    public Map<String, List<ScopeMappingRepresentation>> getApplicationScopeMappings() {
-        return applicationScopeMappings;
-    }
+	public void setEmailTheme(String emailTheme) {
+		this.emailTheme = emailTheme;
+	}

-    public void setApplicationScopeMappings(Map<String, List<ScopeMappingRepresentation>> applicationScopeMappings) {
-        this.applicationScopeMappings = applicationScopeMappings;
-    }
+	public Integer getNotBefore() {
+		return notBefore;
+	}

-    public RolesRepresentation getRoles() {
-        return roles;
-    }
+	public void setNotBefore(Integer notBefore) {
+		this.notBefore = notBefore;
+	}

-    public void setRoles(RolesRepresentation roles) {
-        this.roles = roles;
-    }
+	public Boolean isBruteForceProtected() {
+		return bruteForceProtected;
+	}

-    public String getLoginTheme() {
-        return loginTheme;
-    }
+	public void setBruteForceProtected(Boolean bruteForceProtected) {
+		this.bruteForceProtected = bruteForceProtected;
+	}

-    public void setLoginTheme(String loginTheme) {
-        this.loginTheme = loginTheme;
-    }
+	public Integer getMaxFailureWaitSeconds() {
+		return maxFailureWaitSeconds;
+	}

-    public String getAccountTheme() {
-        return accountTheme;
-    }
+	public void setMaxFailureWaitSeconds(Integer maxFailureWaitSeconds) {
+		this.maxFailureWaitSeconds = maxFailureWaitSeconds;
+	}

-    public void setAccountTheme(String accountTheme) {
-        this.accountTheme = accountTheme;
-    }
+	public Integer getMinimumQuickLoginWaitSeconds() {
+		return minimumQuickLoginWaitSeconds;
+	}

-    public String getAdminTheme() {
-        return adminTheme;
-    }
+	public void setMinimumQuickLoginWaitSeconds(Integer minimumQuickLoginWaitSeconds) {
+		this.minimumQuickLoginWaitSeconds = minimumQuickLoginWaitSeconds;
+	}

-    public void setAdminTheme(String adminTheme) {
-        this.adminTheme = adminTheme;
-    }
+	public Integer getWaitIncrementSeconds() {
+		return waitIncrementSeconds;
+	}

-    public String getEmailTheme() {
-        return emailTheme;
-    }
+	public void setWaitIncrementSeconds(Integer waitIncrementSeconds) {
+		this.waitIncrementSeconds = waitIncrementSeconds;
+	}

-    public void setEmailTheme(String emailTheme) {
-        this.emailTheme = emailTheme;
-    }
+	public Long getQuickLoginCheckMilliSeconds() {
+		return quickLoginCheckMilliSeconds;
+	}

-    public Integer getNotBefore() {
-        return notBefore;
-    }
+	public void setQuickLoginCheckMilliSeconds(Long quickLoginCheckMilliSeconds) {
+		this.quickLoginCheckMilliSeconds = quickLoginCheckMilliSeconds;
+	}

-    public void setNotBefore(Integer notBefore) {
-        this.notBefore = notBefore;
-    }
+	public Integer getMaxDeltaTimeSeconds() {
+		return maxDeltaTimeSeconds;
+	}

-    public Boolean isBruteForceProtected() {
-        return bruteForceProtected;
-    }
+	public void setMaxDeltaTimeSeconds(Integer maxDeltaTimeSeconds) {
+		this.maxDeltaTimeSeconds = maxDeltaTimeSeconds;
+	}

-    public void setBruteForceProtected(Boolean bruteForceProtected) {
-        this.bruteForceProtected = bruteForceProtected;
-    }
+	public Integer getFailureFactor() {
+		return failureFactor;
+	}

-    public Integer getMaxFailureWaitSeconds() {
-        return maxFailureWaitSeconds;
-    }
+	public void setFailureFactor(Integer failureFactor) {
+		this.failureFactor = failureFactor;
+	}

-    public void setMaxFailureWaitSeconds(Integer maxFailureWaitSeconds) {
-        this.maxFailureWaitSeconds = maxFailureWaitSeconds;
-    }
+	public Boolean isEventsEnabled() {
+		return eventsEnabled;
+	}

-    public Integer getMinimumQuickLoginWaitSeconds() {
-        return minimumQuickLoginWaitSeconds;
-    }
+	public void setEventsEnabled(boolean eventsEnabled) {
+		this.eventsEnabled = eventsEnabled;
+	}

-    public void setMinimumQuickLoginWaitSeconds(Integer minimumQuickLoginWaitSeconds) {
-        this.minimumQuickLoginWaitSeconds = minimumQuickLoginWaitSeconds;
-    }
+	public Long getEventsExpiration() {
+		return eventsExpiration;
+	}

-    public Integer getWaitIncrementSeconds() {
-        return waitIncrementSeconds;
-    }
+	public void setEventsExpiration(long eventsExpiration) {
+		this.eventsExpiration = eventsExpiration;
+	}

-    public void setWaitIncrementSeconds(Integer waitIncrementSeconds) {
-        this.waitIncrementSeconds = waitIncrementSeconds;
-    }
+	public List<String> getEventsListeners() {
+		return eventsListeners;
+	}

-    public Long getQuickLoginCheckMilliSeconds() {
-        return quickLoginCheckMilliSeconds;
-    }
+	public void setEventsListeners(List<String> eventsListeners) {
+		this.eventsListeners = eventsListeners;
+	}

-    public void setQuickLoginCheckMilliSeconds(Long quickLoginCheckMilliSeconds) {
-        this.quickLoginCheckMilliSeconds = quickLoginCheckMilliSeconds;
-    }
+	public List<UserFederationProviderRepresentation> getUserFederationProviders() {
+		return userFederationProviders;
+	}

-    public Integer getMaxDeltaTimeSeconds() {
-        return maxDeltaTimeSeconds;
-    }
+	public void setUserFederationProviders(List<UserFederationProviderRepresentation> userFederationProviders) {
+		this.userFederationProviders = userFederationProviders;
+	}

-    public void setMaxDeltaTimeSeconds(Integer maxDeltaTimeSeconds) {
-        this.maxDeltaTimeSeconds = maxDeltaTimeSeconds;
-    }
+	public List<IdentityProviderRepresentation> getIdentityProviders() {
+		if (this.identityProviders == null) {
+			this.identityProviders = new ArrayList<IdentityProviderRepresentation>();
+		}
+
+		return identityProviders;
+	}

-    public Integer getFailureFactor() {
-        return failureFactor;
-    }
+	public void setIdentityProviders(List<IdentityProviderRepresentation> identityProviders) {
+		this.identityProviders = identityProviders;
+	}

-    public void setFailureFactor(Integer failureFactor) {
-        this.failureFactor = failureFactor;
-    }
+	public void addIdentityProvider(IdentityProviderRepresentation identityProviderRepresentation) {
+		getIdentityProviders().add(identityProviderRepresentation);
+	}

-    public Boolean isEventsEnabled() {
-        return eventsEnabled;
-    }
+	public boolean isIdentityFederationEnabled() {
+		return !getIdentityProviders().isEmpty();
+	}

-    public void setEventsEnabled(boolean eventsEnabled) {
-        this.eventsEnabled = eventsEnabled;
-    }
+	public List<ProtocolMapperRepresentation> getProtocolMappers() {
+		return protocolMappers;
+	}

-    public Long getEventsExpiration() {
-        return eventsExpiration;
-    }
-
-    public void setEventsExpiration(long eventsExpiration) {
-        this.eventsExpiration = eventsExpiration;
-    }
-
-    public List<String> getEventsListeners() {
-        return eventsListeners;
-    }
-
-    public void setEventsListeners(List<String> eventsListeners) {
-        this.eventsListeners = eventsListeners;
-    }
-
-    public List<UserFederationProviderRepresentation> getUserFederationProviders() {
-        return userFederationProviders;
-    }
-
-    public void setUserFederationProviders(List<UserFederationProviderRepresentation> userFederationProviders) {
-        this.userFederationProviders = userFederationProviders;
-    }
-
-    public List<IdentityProviderRepresentation> getIdentityProviders() {
-        if (this.identityProviders == null) {
-            this.identityProviders = new ArrayList<IdentityProviderRepresentation>();
-        }
-
-        return identityProviders;
-    }
-
-    public void setIdentityProviders(List<IdentityProviderRepresentation> identityProviders) {
-        this.identityProviders = identityProviders;
-    }
-
-    public void addIdentityProvider(IdentityProviderRepresentation identityProviderRepresentation) {
-        getIdentityProviders().add(identityProviderRepresentation);
-    }
-
-    public boolean isIdentityFederationEnabled() {
-        return !getIdentityProviders().isEmpty();
-    }
-
-    public List<ProtocolMapperRepresentation> getProtocolMappers() {
-        return protocolMappers;
-    }
-
-    public void addProtocolMapper(ProtocolMapperRepresentation rep) {
-        if (protocolMappers == null) protocolMappers = new LinkedList<ProtocolMapperRepresentation>();
-        protocolMappers.add(rep);
-    }
-
-    public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
-        this.protocolMappers = protocolMappers;
-    }
+	public void addProtocolMapper(ProtocolMapperRepresentation rep) {
+		if (protocolMappers == null)
+			protocolMappers = new LinkedList<ProtocolMapperRepresentation>();
+		protocolMappers.add(rep);
+	}
+
+	public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers) {
+		this.protocolMappers = protocolMappers;
+	}
 }
--- a/events/api/src/main/java/org/keycloak/events/Errors.java
+++ b/events/api/src/main/java/org/keycloak/events/Errors.java
@ -5,42 +5,43 @@ package org.keycloak.events;
 */
 public interface Errors {

-    String REALM_DISABLED = "realm_disabled";
+	String REALM_DISABLED = "realm_disabled";

-    String CLIENT_NOT_FOUND = "client_not_found";
-    String CLIENT_DISABLED = "client_disabled";
-    String INVALID_CLIENT_CREDENTIALS = "invalid_client_credentials";
-    String INVALID_CLIENT = "invalid_client";
+	String CLIENT_NOT_FOUND = "client_not_found";
+	String CLIENT_DISABLED = "client_disabled";
+	String INVALID_CLIENT_CREDENTIALS = "invalid_client_credentials";
+	String INVALID_CLIENT = "invalid_client";

-    String USER_NOT_FOUND = "user_not_found";
-    String USER_DISABLED = "user_disabled";
-    String USER_TEMPORARILY_DISABLED = "user_temporarily_disabled";
-    String INVALID_USER_CREDENTIALS = "invalid_user_credentials";
+	String USER_NOT_FOUND = "user_not_found";
+	String USER_DISABLED = "user_disabled";
+	String USER_TEMPORARILY_DISABLED = "user_temporarily_disabled";
+	String INVALID_USER_CREDENTIALS = "invalid_user_credentials";

-    String USERNAME_MISSING = "username_missing";
-    String USERNAME_IN_USE = "username_in_use";
-    String EMAIL_IN_USE = "email_in_use";
+	String USERNAME_MISSING = "username_missing";
+	String USERNAME_IN_USE = "username_in_use";
+	String EMAIL_IN_USE = "email_in_use";

-    String INVALID_REDIRECT_URI = "invalid_redirect_uri";
-    String INVALID_CODE = "invalid_code";
-    String INVALID_TOKEN = "invalid_token";
-    String INVALID_SIGNATURE = "invalid_signature";
-    String INVALID_REGISTRATION = "invalid_registration";
-    String INVALID_FORM = "invalid_form";
-    String EXPIRED_CODE = "expired_code";
+	String INVALID_REDIRECT_URI = "invalid_redirect_uri";
+	String INVALID_CODE = "invalid_code";
+	String INVALID_TOKEN = "invalid_token";
+	String INVALID_SIGNATURE = "invalid_signature";
+	String INVALID_REGISTRATION = "invalid_registration";
+	String INVALID_FORM = "invalid_form";
+	String EXPIRED_CODE = "expired_code";

-    String REGISTRATION_DISABLED = "registration_disabled";
+	String REGISTRATION_DISABLED = "registration_disabled";

-    String REJECTED_BY_USER = "rejected_by_user";
+	String REJECTED_BY_USER = "rejected_by_user";

-    String NOT_ALLOWED = "not_allowed";
+	String NOT_ALLOWED = "not_allowed";

-    String FEDERATED_IDENTITY_EMAIL_EXISTS = "federated_identity_email_exists";
-    String FEDERATED_IDENTITY_USERNAME_EXISTS = "federated_identity_username_exists";
-    String SSL_REQUIRED = "ssl_required";
+	String FEDERATED_IDENTITY_EMAIL_EXISTS = "federated_identity_email_exists";
+	String FEDERATED_IDENTITY_REGISTRATION_EMAIL_MISSING = "federated_identity_registration_email_missing";
+	String FEDERATED_IDENTITY_USERNAME_EXISTS = "federated_identity_username_exists";
+	String SSL_REQUIRED = "ssl_required";

-    String USER_SESSION_NOT_FOUND = "user_session_not_found";
+	String USER_SESSION_NOT_FOUND = "user_session_not_found";

-    String EMAIL_SEND_FAILED = "email_send_failed";
-    String INVALID_EMAIL = "invalid_email";
+	String EMAIL_SEND_FAILED = "email_send_failed";
+	String INVALID_EMAIL = "invalid_email";
 }
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-login-settings.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/realm-login-settings.html
@ -12,7 +12,14 @@
                        <div class="col-sm-4">
                            <input ng-model="realm.registrationAllowed" name="registrationAllowed" id="registrationAllowed" onoffswitch />
                        </div>
-                        <span tooltip-placement="right" tooltip="Enable/disable the registration page.  A link for registration will show on login page too." class="fa fa-info-circle"></span>
+                        <span tooltip-placement="right" tooltip="Enable/disable the registration page. A link for registration will show on login page too." class="fa fa-info-circle"></span>
+                    </div>
+                    <div class="form-group" ng-show="registrationAllowed">
+                        <label for="registrationEmailAsUsername" class="col-sm-2 control-label">Email as username</label>
+                        <div class="col-sm-4">
+                            <input ng-model="realm.registrationEmailAsUsername" name="registrationEmailAsUsername" id="registrationEmailAsUsername" onoffswitch />
+                        </div>
+                        <span tooltip-placement="right" tooltip="If enabled then username field is hidden from registration form and email is used as username for new user." class="fa fa-info-circle"></span>
                    </div>
                    <div class="form-group">
                        <label for="resetPasswordAllowed" class="col-sm-2 control-label">Forget password</label>
--- a/forms/common-themes/src/main/resources/theme/login/base/messages/messages.properties
+++ b/forms/common-themes/src/main/resources/theme/login/base/messages/messages.properties
@ -62,6 +62,7 @@ emailExists=Email already exists

 federatedIdentityEmailExists=User with email already exists. Please login to account management to link the account.
 federatedIdentityUsernameExists=User with username already exists. Please login to account management to link the account.
+federatedIdentityRegistrationEmailMissing=Email is not provided. Use another provider to create account please.  

 loginTitle=Log in to
 loginOauthTitle=Temporary access.
--- a/forms/common-themes/src/main/resources/theme/login/base/register.ftl
+++ b/forms/common-themes/src/main/resources/theme/login/base/register.ftl
@ -6,6 +6,7 @@
        ${rb.registerWith} <strong>${realm.name}</strong>
    <#elseif section = "form">
        <form id="kc-register-form" class="${properties.kcFormClass!}" action="${url.registrationAction}" method="post">
+          <#if !realm.registrationEmailAsUsername>
            <div class="${properties.kcFormGroupClass!}">
                <div class="${properties.kcLabelWrapperClass!}">
                    <label for="username" class="${properties.kcLabelClass!}">${rb.username}</label>
@ -14,7 +15,7 @@
                    <input type="text" id="username" class="${properties.kcInputClass!}" name="username" value="${(register.formData.username!'')?html}" />
                </div>
            </div>
-
+          </#if>
            <div class="${properties.kcFormGroupClass!}">
                <div class="${properties.kcLabelWrapperClass!}">
                    <label for="firstName" class="${properties.kcLabelClass!}">${rb.firstName}</label>
--- a/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/RealmBean.java
+++ b/forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/RealmBean.java
@ -30,39 +30,43 @@ import org.keycloak.representations.idm.CredentialRepresentation;
 */
 public class RealmBean {

-    private RealmModel realm;
+	private RealmModel realm;

-    public RealmBean(RealmModel realmModel) {
-        realm = realmModel;
-    }
+	public RealmBean(RealmModel realmModel) {
+		realm = realmModel;
+	}

-    public String getName() {
-        return realm.getName();
-    }
+	public String getName() {
+		return realm.getName();
+	}

-    public boolean isIdentityFederationEnabled() {
-        return realm.isIdentityFederationEnabled();
-    }
+	public boolean isIdentityFederationEnabled() {
+		return realm.isIdentityFederationEnabled();
+	}

-    public boolean isRegistrationAllowed() {
-        return realm.isRegistrationAllowed();
-    }
+	public boolean isRegistrationAllowed() {
+		return realm.isRegistrationAllowed();
+	}

-    public boolean isResetPasswordAllowed() {
-        return realm.isResetPasswordAllowed();
-    }
+	public boolean isRegistrationEmailAsUsername() {
+		return realm.isRegistrationEmailAsUsername();
+	}

-    public boolean isRememberMe() {
-        return realm.isRememberMe();
-    }
+	public boolean isResetPasswordAllowed() {
+		return realm.isResetPasswordAllowed();
+	}

-    public boolean isPassword() {
-        for (RequiredCredentialModel r : realm.getRequiredCredentials()) {
-            if (r.getType().equals(CredentialRepresentation.PASSWORD)) {
-                return true;
-            }
-        }
-        return false;
-    }
+	public boolean isRememberMe() {
+		return realm.isRememberMe();
+	}
+
+	public boolean isPassword() {
+		for (RequiredCredentialModel r : realm.getRequiredCredentials()) {
+			if (r.getType().equals(CredentialRepresentation.PASSWORD)) {
+				return true;
+			}
+		}
+		return false;
+	}

 }
--- a/model/api/src/main/java/org/keycloak/models/RealmModel.java
+++ b/model/api/src/main/java/org/keycloak/models/RealmModel.java
@ -1,8 +1,5 @@
 package org.keycloak.models;

-import org.keycloak.enums.SslRequired;
-import org.keycloak.provider.ProviderEvent;
-
 import java.security.Key;
 import java.security.PrivateKey;
 import java.security.PublicKey;
@ -11,233 +8,272 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;

+import org.keycloak.enums.SslRequired;
+import org.keycloak.provider.ProviderEvent;
+
 /**
 * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
 * @version $Revision: 1 $
 */
 public interface RealmModel extends RoleContainerModel {
-    interface RealmCreationEvent extends ProviderEvent {
-        RealmModel getCreatedRealm();
-    }
-    interface ClientCreationEvent extends ProviderEvent {
-        ClientModel getCreatedClient();
-    }
-    interface ApplicationCreationEvent extends ClientCreationEvent {
-        ApplicationModel getCreatedApplication();
-    }
-    interface OAuthClientCreationEvent extends ClientCreationEvent {
-        OAuthClientModel getCreatedOAuthClient();
-    }
+	interface RealmCreationEvent extends ProviderEvent {
+		RealmModel getCreatedRealm();
+	}

-    String getId();
+	interface ClientCreationEvent extends ProviderEvent {
+		ClientModel getCreatedClient();
+	}

-    String getName();
+	interface ApplicationCreationEvent extends ClientCreationEvent {
+		ApplicationModel getCreatedApplication();
+	}

-    void setName(String name);
+	interface OAuthClientCreationEvent extends ClientCreationEvent {
+		OAuthClientModel getCreatedOAuthClient();
+	}

-    boolean isEnabled();
+	String getId();

-    void setEnabled(boolean enabled);
+	String getName();

-    SslRequired getSslRequired();
+	void setName(String name);

-    void setSslRequired(SslRequired sslRequired);
+	boolean isEnabled();

-    boolean isRegistrationAllowed();
+	void setEnabled(boolean enabled);

-    void setRegistrationAllowed(boolean registrationAllowed);
+	SslRequired getSslRequired();

-    boolean isPasswordCredentialGrantAllowed();
+	void setSslRequired(SslRequired sslRequired);

-    void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed);
+	boolean isRegistrationAllowed();

-    boolean isRememberMe();
+	void setRegistrationAllowed(boolean registrationAllowed);

-    void setRememberMe(boolean rememberMe);
+	public boolean isRegistrationEmailAsUsername();

-    //--- brute force settings
-    boolean isBruteForceProtected();
-    void setBruteForceProtected(boolean value);
-    int getMaxFailureWaitSeconds();
-    void setMaxFailureWaitSeconds(int val);
-    int getWaitIncrementSeconds();
-    void setWaitIncrementSeconds(int val);
-    int getMinimumQuickLoginWaitSeconds();
-    void setMinimumQuickLoginWaitSeconds(int val);
-    long getQuickLoginCheckMilliSeconds();
-    void setQuickLoginCheckMilliSeconds(long val);
-    int getMaxDeltaTimeSeconds();
-    void setMaxDeltaTimeSeconds(int val);
-    int getFailureFactor();
-    void setFailureFactor(int failureFactor);
-    //--- end brute force settings
+	public void setRegistrationEmailAsUsername(boolean registrationEmailAsUsername);

+	boolean isPasswordCredentialGrantAllowed();

-    boolean isVerifyEmail();
+	void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed);

-    void setVerifyEmail(boolean verifyEmail);
+	boolean isRememberMe();

-    boolean isResetPasswordAllowed();
+	void setRememberMe(boolean rememberMe);

-    void setResetPasswordAllowed(boolean resetPasswordAllowed);
+	// --- brute force settings
+	boolean isBruteForceProtected();

-    int getSsoSessionIdleTimeout();
-    void setSsoSessionIdleTimeout(int seconds);
+	void setBruteForceProtected(boolean value);

-    int getSsoSessionMaxLifespan();
-    void setSsoSessionMaxLifespan(int seconds);
+	int getMaxFailureWaitSeconds();

-    int getAccessTokenLifespan();
+	void setMaxFailureWaitSeconds(int val);

-    void setAccessTokenLifespan(int seconds);
+	int getWaitIncrementSeconds();

-    int getAccessCodeLifespan();
+	void setWaitIncrementSeconds(int val);

-    void setAccessCodeLifespan(int seconds);
+	int getMinimumQuickLoginWaitSeconds();

-    int getAccessCodeLifespanUserAction();
+	void setMinimumQuickLoginWaitSeconds(int val);

-    void setAccessCodeLifespanUserAction(int seconds);
+	long getQuickLoginCheckMilliSeconds();

-    int getAccessCodeLifespanLogin();
+	void setQuickLoginCheckMilliSeconds(long val);

-    void setAccessCodeLifespanLogin(int seconds);
+	int getMaxDeltaTimeSeconds();

-    String getPublicKeyPem();
+	void setMaxDeltaTimeSeconds(int val);

-    void setPublicKeyPem(String publicKeyPem);
+	int getFailureFactor();

-    String getPrivateKeyPem();
+	void setFailureFactor(int failureFactor);

-    void setPrivateKeyPem(String privateKeyPem);
+	// --- end brute force settings

-    PublicKey getPublicKey();
+	boolean isVerifyEmail();

-    void setPublicKey(PublicKey publicKey);
+	void setVerifyEmail(boolean verifyEmail);

-    String getCodeSecret();
+	boolean isResetPasswordAllowed();

-    Key getCodeSecretKey();
+	void setResetPasswordAllowed(boolean resetPasswordAllowed);

-    void setCodeSecret(String codeSecret);
+	int getSsoSessionIdleTimeout();

-    X509Certificate getCertificate();
-    void setCertificate(X509Certificate certificate);
-    String getCertificatePem();
-    void setCertificatePem(String certificate);
+	void setSsoSessionIdleTimeout(int seconds);

-    PrivateKey getPrivateKey();
+	int getSsoSessionMaxLifespan();

-    void setPrivateKey(PrivateKey privateKey);
+	void setSsoSessionMaxLifespan(int seconds);

-    List<RequiredCredentialModel> getRequiredCredentials();
+	int getAccessTokenLifespan();

-    void addRequiredCredential(String cred);
+	void setAccessTokenLifespan(int seconds);

-    PasswordPolicy getPasswordPolicy();
+	int getAccessCodeLifespan();

-    void setPasswordPolicy(PasswordPolicy policy);
+	void setAccessCodeLifespan(int seconds);

-    RoleModel getRoleById(String id);
+	int getAccessCodeLifespanUserAction();

-    List<String> getDefaultRoles();
+	void setAccessCodeLifespanUserAction(int seconds);

-    void addDefaultRole(String name);
+	int getAccessCodeLifespanLogin();

-    void updateDefaultRoles(String[] defaultRoles);
+	void setAccessCodeLifespanLogin(int seconds);

-    ClientModel findClient(String clientId);
+	String getPublicKeyPem();

-    Map<String, ApplicationModel> getApplicationNameMap();
+	void setPublicKeyPem(String publicKeyPem);

-    List<ApplicationModel> getApplications();
+	String getPrivateKeyPem();

-    ApplicationModel addApplication(String name);
+	void setPrivateKeyPem(String privateKeyPem);

-    ApplicationModel addApplication(String id, String name);
+	PublicKey getPublicKey();

-    boolean removeApplication(String id);
+	void setPublicKey(PublicKey publicKey);

-    ApplicationModel getApplicationById(String id);
-    ApplicationModel getApplicationByName(String name);
+	String getCodeSecret();

-    void updateRequiredCredentials(Set<String> creds);
+	Key getCodeSecretKey();

-    OAuthClientModel addOAuthClient(String name);
+	void setCodeSecret(String codeSecret);

-    OAuthClientModel addOAuthClient(String id, String name);
+	X509Certificate getCertificate();

-    OAuthClientModel getOAuthClient(String name);
-    OAuthClientModel getOAuthClientById(String id);
-    boolean removeOAuthClient(String id);
+	void setCertificate(X509Certificate certificate);

-    List<OAuthClientModel> getOAuthClients();
+	String getCertificatePem();

-    Map<String, String> getBrowserSecurityHeaders();
-    void setBrowserSecurityHeaders(Map<String, String> headers);
+	void setCertificatePem(String certificate);

-    Map<String, String> getSmtpConfig();
+	PrivateKey getPrivateKey();

-    void setSmtpConfig(Map<String, String> smtpConfig);
+	void setPrivateKey(PrivateKey privateKey);

-    List<IdentityProviderModel> getIdentityProviders();
-    IdentityProviderModel getIdentityProviderById(String identityProviderId);
-    void addIdentityProvider(IdentityProviderModel identityProvider);
-    void removeIdentityProviderById(String providerId);
-    void updateIdentityProvider(IdentityProviderModel identityProvider);
+	List<RequiredCredentialModel> getRequiredCredentials();

-    List<UserFederationProviderModel> getUserFederationProviders();
+	void addRequiredCredential(String cred);

-    UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority, String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync);
-    void updateUserFederationProvider(UserFederationProviderModel provider);
-    void removeUserFederationProvider(UserFederationProviderModel provider);
-    void setUserFederationProviders(List<UserFederationProviderModel> providers);
+	PasswordPolicy getPasswordPolicy();

-    String getLoginTheme();
+	void setPasswordPolicy(PasswordPolicy policy);

-    void setLoginTheme(String name);
+	RoleModel getRoleById(String id);

-    String getAccountTheme();
+	List<String> getDefaultRoles();

-    void setAccountTheme(String name);
+	void addDefaultRole(String name);

-    String getAdminTheme();
+	void updateDefaultRoles(String[] defaultRoles);

-    void setAdminTheme(String name);
+	ClientModel findClient(String clientId);

-    String getEmailTheme();
+	Map<String, ApplicationModel> getApplicationNameMap();

-    void setEmailTheme(String name);
+	List<ApplicationModel> getApplications();

+	ApplicationModel addApplication(String name);

-    /**
-     * Time in seconds since epoc
-     *
-     * @return
-     */
-    int getNotBefore();
+	ApplicationModel addApplication(String id, String name);

-    void setNotBefore(int notBefore);
+	boolean removeApplication(String id);

-    boolean removeRoleById(String id);
+	ApplicationModel getApplicationById(String id);

-    boolean isEventsEnabled();
+	ApplicationModel getApplicationByName(String name);

-    void setEventsEnabled(boolean enabled);
+	void updateRequiredCredentials(Set<String> creds);

-    long getEventsExpiration();
+	OAuthClientModel addOAuthClient(String name);

-    void setEventsExpiration(long expiration);
+	OAuthClientModel addOAuthClient(String id, String name);

-    Set<String> getEventsListeners();
+	OAuthClientModel getOAuthClient(String name);

-    void setEventsListeners(Set<String> listeners);
+	OAuthClientModel getOAuthClientById(String id);

-    ApplicationModel getMasterAdminApp();
+	boolean removeOAuthClient(String id);

-    void setMasterAdminApp(ApplicationModel app);
+	List<OAuthClientModel> getOAuthClients();

-    ClientModel findClientById(String id);
+	Map<String, String> getBrowserSecurityHeaders();

-    boolean isIdentityFederationEnabled();
+	void setBrowserSecurityHeaders(Map<String, String> headers);
+
+	Map<String, String> getSmtpConfig();
+
+	void setSmtpConfig(Map<String, String> smtpConfig);
+
+	List<IdentityProviderModel> getIdentityProviders();
+
+	IdentityProviderModel getIdentityProviderById(String identityProviderId);
+
+	void addIdentityProvider(IdentityProviderModel identityProvider);
+
+	void removeIdentityProviderById(String providerId);
+
+	void updateIdentityProvider(IdentityProviderModel identityProvider);
+
+	List<UserFederationProviderModel> getUserFederationProviders();
+
+	UserFederationProviderModel addUserFederationProvider(String providerName, Map<String, String> config, int priority,
+			String displayName, int fullSyncPeriod, int changedSyncPeriod, int lastSync);
+
+	void updateUserFederationProvider(UserFederationProviderModel provider);
+
+	void removeUserFederationProvider(UserFederationProviderModel provider);
+
+	void setUserFederationProviders(List<UserFederationProviderModel> providers);
+
+	String getLoginTheme();
+
+	void setLoginTheme(String name);
+
+	String getAccountTheme();
+
+	void setAccountTheme(String name);
+
+	String getAdminTheme();
+
+	void setAdminTheme(String name);
+
+	String getEmailTheme();
+
+	void setEmailTheme(String name);
+
+	/**
+	 * Time in seconds since epoc
+	 * 
+	 * @return
+	 */
+	int getNotBefore();
+
+	void setNotBefore(int notBefore);
+
+	boolean removeRoleById(String id);
+
+	boolean isEventsEnabled();
+
+	void setEventsEnabled(boolean enabled);
+
+	long getEventsExpiration();
+
+	void setEventsExpiration(long expiration);
+
+	Set<String> getEventsListeners();
+
+	void setEventsListeners(Set<String> listeners);
+
+	ApplicationModel getMasterAdminApp();
+
+	void setMasterAdminApp(ApplicationModel app);
+
+	ClientModel findClientById(String id);
+
+	boolean isIdentityFederationEnabled();
 }
--- a/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
+++ b/model/api/src/main/java/org/keycloak/models/entities/RealmEntity.java
@ -10,394 +10,402 @@ import java.util.Map;
 */
 public class RealmEntity extends AbstractIdentifiableEntity {

-    private String name;
-    private boolean enabled;
-    private String sslRequired;
-    private boolean registrationAllowed;
-    private boolean rememberMe;
-    private boolean verifyEmail;
-    private boolean passwordCredentialGrantAllowed;
-    private boolean resetPasswordAllowed;
-    private String passwordPolicy;
-    //--- brute force settings
-    private boolean bruteForceProtected;
-    private int maxFailureWaitSeconds;
-    private int minimumQuickLoginWaitSeconds;
-    private int waitIncrementSeconds;
-    private long quickLoginCheckMilliSeconds;
-    private int maxDeltaTimeSeconds;
-    private int failureFactor;
-    //--- end brute force settings
-
-    private int ssoSessionIdleTimeout;
-    private int ssoSessionMaxLifespan;
-    private int accessTokenLifespan;
-    private int accessCodeLifespan;
-    private int accessCodeLifespanUserAction;
-    private int accessCodeLifespanLogin;
-    private int notBefore;
-
-    private String publicKeyPem;
-    private String privateKeyPem;
-    private String certificatePem;
-    private String codeSecret;
-
-    private String loginTheme;
-    private String accountTheme;
-    private String adminTheme;
-    private String emailTheme;
-
-    // We are using names of defaultRoles (not ids)
-    private List<String> defaultRoles = new ArrayList<String>();
-
-    private List<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
-    private List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
-    private List<IdentityProviderEntity> identityProviders = new ArrayList<IdentityProviderEntity>();
-
-    private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
-    private Map<String, String> smtpConfig = new HashMap<String, String>();
-    private Map<String, String> socialConfig = new HashMap<String, String>();
-
-    private boolean eventsEnabled;
-    private long eventsExpiration;
-    private List<String> eventsListeners = new ArrayList<String>();
-
-    private String adminAppId;
-
-    public String getName() {
-        return name;
-    }
-
-    public void setName(String name) {
-        this.name = name;
-    }
-
-    public boolean isEnabled() {
-        return enabled;
-    }
-
-    public void setEnabled(boolean enabled) {
-        this.enabled = enabled;
-    }
-
-    public String getSslRequired() {
-        return sslRequired;
-    }
-
-    public void setSslRequired(String sslRequired) {
-        this.sslRequired = sslRequired;
-    }
-
-    public boolean isPasswordCredentialGrantAllowed() {
-        return passwordCredentialGrantAllowed;
-    }
-
-    public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
-        this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
-    }
-
-    public boolean isRegistrationAllowed() {
-        return registrationAllowed;
-    }
-
-    public void setRegistrationAllowed(boolean registrationAllowed) {
-        this.registrationAllowed = registrationAllowed;
-    }
-
-    public boolean isRememberMe() {
-        return rememberMe;
-    }
-
-    public void setRememberMe(boolean rememberMe) {
-        this.rememberMe = rememberMe;
-    }
-
-    public boolean isVerifyEmail() {
-        return verifyEmail;
-    }
-
-    public void setVerifyEmail(boolean verifyEmail) {
-        this.verifyEmail = verifyEmail;
-    }
-
-    public boolean isResetPasswordAllowed() {
-        return resetPasswordAllowed;
-    }
-
-    public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
-        this.resetPasswordAllowed = resetPasswordAllowed;
-    }
+	private String name;
+	private boolean enabled;
+	private String sslRequired;
+	private boolean registrationAllowed;
+	protected boolean registrationEmailAsUsername;
+	private boolean rememberMe;
+	private boolean verifyEmail;
+	private boolean passwordCredentialGrantAllowed;
+	private boolean resetPasswordAllowed;
+	private String passwordPolicy;
+	// --- brute force settings
+	private boolean bruteForceProtected;
+	private int maxFailureWaitSeconds;
+	private int minimumQuickLoginWaitSeconds;
+	private int waitIncrementSeconds;
+	private long quickLoginCheckMilliSeconds;
+	private int maxDeltaTimeSeconds;
+	private int failureFactor;
+	// --- end brute force settings
+
+	private int ssoSessionIdleTimeout;
+	private int ssoSessionMaxLifespan;
+	private int accessTokenLifespan;
+	private int accessCodeLifespan;
+	private int accessCodeLifespanUserAction;
+	private int accessCodeLifespanLogin;
+	private int notBefore;
+
+	private String publicKeyPem;
+	private String privateKeyPem;
+	private String certificatePem;
+	private String codeSecret;
+
+	private String loginTheme;
+	private String accountTheme;
+	private String adminTheme;
+	private String emailTheme;
+
+	// We are using names of defaultRoles (not ids)
+	private List<String> defaultRoles = new ArrayList<String>();
+
+	private List<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
+	private List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
+	private List<IdentityProviderEntity> identityProviders = new ArrayList<IdentityProviderEntity>();
+
+	private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
+	private Map<String, String> smtpConfig = new HashMap<String, String>();
+	private Map<String, String> socialConfig = new HashMap<String, String>();
+
+	private boolean eventsEnabled;
+	private long eventsExpiration;
+	private List<String> eventsListeners = new ArrayList<String>();
+
+	private String adminAppId;
+
+	public String getName() {
+		return name;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public boolean isEnabled() {
+		return enabled;
+	}
+
+	public void setEnabled(boolean enabled) {
+		this.enabled = enabled;
+	}
+
+	public String getSslRequired() {
+		return sslRequired;
+	}
+
+	public void setSslRequired(String sslRequired) {
+		this.sslRequired = sslRequired;
+	}
+
+	public boolean isPasswordCredentialGrantAllowed() {
+		return passwordCredentialGrantAllowed;
+	}
+
+	public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
+		this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
+	}
+
+	public boolean isRegistrationAllowed() {
+		return registrationAllowed;
+	}
+
+	public void setRegistrationAllowed(boolean registrationAllowed) {
+		this.registrationAllowed = registrationAllowed;
+	}
+
+	public boolean isRegistrationEmailAsUsername() {
+		return registrationEmailAsUsername;
+	}
+
+	public void setRegistrationEmailAsUsername(boolean registrationEmailAsUsername) {
+		this.registrationEmailAsUsername = registrationEmailAsUsername;
+	}
+
+	public boolean isRememberMe() {
+		return rememberMe;
+	}
+
+	public void setRememberMe(boolean rememberMe) {
+		this.rememberMe = rememberMe;
+	}
+
+	public boolean isVerifyEmail() {
+		return verifyEmail;
+	}
+
+	public void setVerifyEmail(boolean verifyEmail) {
+		this.verifyEmail = verifyEmail;
+	}

-    public String getPasswordPolicy() {
-        return passwordPolicy;
-    }
-
-    public void setPasswordPolicy(String passwordPolicy) {
-        this.passwordPolicy = passwordPolicy;
-    }
+	public boolean isResetPasswordAllowed() {
+		return resetPasswordAllowed;
+	}

-    public boolean isBruteForceProtected() {
-        return bruteForceProtected;
-    }
+	public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
+		this.resetPasswordAllowed = resetPasswordAllowed;
+	}

-    public void setBruteForceProtected(boolean bruteForceProtected) {
-        this.bruteForceProtected = bruteForceProtected;
-    }
+	public String getPasswordPolicy() {
+		return passwordPolicy;
+	}

-    public int getMaxFailureWaitSeconds() {
-        return maxFailureWaitSeconds;
-    }
+	public void setPasswordPolicy(String passwordPolicy) {
+		this.passwordPolicy = passwordPolicy;
+	}

-    public void setMaxFailureWaitSeconds(int maxFailureWaitSeconds) {
-        this.maxFailureWaitSeconds = maxFailureWaitSeconds;
-    }
+	public boolean isBruteForceProtected() {
+		return bruteForceProtected;
+	}

-    public int getMinimumQuickLoginWaitSeconds() {
-        return minimumQuickLoginWaitSeconds;
-    }
+	public void setBruteForceProtected(boolean bruteForceProtected) {
+		this.bruteForceProtected = bruteForceProtected;
+	}

-    public void setMinimumQuickLoginWaitSeconds(int minimumQuickLoginWaitSeconds) {
-        this.minimumQuickLoginWaitSeconds = minimumQuickLoginWaitSeconds;
-    }
+	public int getMaxFailureWaitSeconds() {
+		return maxFailureWaitSeconds;
+	}

-    public int getWaitIncrementSeconds() {
-        return waitIncrementSeconds;
-    }
+	public void setMaxFailureWaitSeconds(int maxFailureWaitSeconds) {
+		this.maxFailureWaitSeconds = maxFailureWaitSeconds;
+	}

-    public void setWaitIncrementSeconds(int waitIncrementSeconds) {
-        this.waitIncrementSeconds = waitIncrementSeconds;
-    }
+	public int getMinimumQuickLoginWaitSeconds() {
+		return minimumQuickLoginWaitSeconds;
+	}

-    public long getQuickLoginCheckMilliSeconds() {
-        return quickLoginCheckMilliSeconds;
-    }
+	public void setMinimumQuickLoginWaitSeconds(int minimumQuickLoginWaitSeconds) {
+		this.minimumQuickLoginWaitSeconds = minimumQuickLoginWaitSeconds;
+	}

-    public void setQuickLoginCheckMilliSeconds(long quickLoginCheckMilliSeconds) {
-        this.quickLoginCheckMilliSeconds = quickLoginCheckMilliSeconds;
-    }
+	public int getWaitIncrementSeconds() {
+		return waitIncrementSeconds;
+	}

-    public int getMaxDeltaTimeSeconds() {
-        return maxDeltaTimeSeconds;
-    }
+	public void setWaitIncrementSeconds(int waitIncrementSeconds) {
+		this.waitIncrementSeconds = waitIncrementSeconds;
+	}

-    public void setMaxDeltaTimeSeconds(int maxDeltaTimeSeconds) {
-        this.maxDeltaTimeSeconds = maxDeltaTimeSeconds;
-    }
+	public long getQuickLoginCheckMilliSeconds() {
+		return quickLoginCheckMilliSeconds;
+	}

-    public int getFailureFactor() {
-        return failureFactor;
-    }
+	public void setQuickLoginCheckMilliSeconds(long quickLoginCheckMilliSeconds) {
+		this.quickLoginCheckMilliSeconds = quickLoginCheckMilliSeconds;
+	}

-    public void setFailureFactor(int failureFactor) {
-        this.failureFactor = failureFactor;
-    }
+	public int getMaxDeltaTimeSeconds() {
+		return maxDeltaTimeSeconds;
+	}

-    public int getSsoSessionIdleTimeout() {
-        return ssoSessionIdleTimeout;
-    }
+	public void setMaxDeltaTimeSeconds(int maxDeltaTimeSeconds) {
+		this.maxDeltaTimeSeconds = maxDeltaTimeSeconds;
+	}

-    public void setSsoSessionIdleTimeout(int ssoSessionIdleTimeout) {
-        this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
-    }
+	public int getFailureFactor() {
+		return failureFactor;
+	}

-    public int getSsoSessionMaxLifespan() {
-        return ssoSessionMaxLifespan;
-    }
+	public void setFailureFactor(int failureFactor) {
+		this.failureFactor = failureFactor;
+	}

-    public void setSsoSessionMaxLifespan(int ssoSessionMaxLifespan) {
-        this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
-    }
+	public int getSsoSessionIdleTimeout() {
+		return ssoSessionIdleTimeout;
+	}

-    public int getAccessTokenLifespan() {
-        return accessTokenLifespan;
-    }
+	public void setSsoSessionIdleTimeout(int ssoSessionIdleTimeout) {
+		this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
+	}

-    public void setAccessTokenLifespan(int accessTokenLifespan) {
-        this.accessTokenLifespan = accessTokenLifespan;
-    }
+	public int getSsoSessionMaxLifespan() {
+		return ssoSessionMaxLifespan;
+	}

-    public int getAccessCodeLifespan() {
-        return accessCodeLifespan;
-    }
+	public void setSsoSessionMaxLifespan(int ssoSessionMaxLifespan) {
+		this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
+	}

-    public void setAccessCodeLifespan(int accessCodeLifespan) {
-        this.accessCodeLifespan = accessCodeLifespan;
-    }
+	public int getAccessTokenLifespan() {
+		return accessTokenLifespan;
+	}

-    public int getAccessCodeLifespanUserAction() {
-        return accessCodeLifespanUserAction;
-    }
+	public void setAccessTokenLifespan(int accessTokenLifespan) {
+		this.accessTokenLifespan = accessTokenLifespan;
+	}

-    public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
-        this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
-    }
-    public int getAccessCodeLifespanLogin() {
-        return accessCodeLifespanLogin;
-    }
+	public int getAccessCodeLifespan() {
+		return accessCodeLifespan;
+	}

-    public void setAccessCodeLifespanLogin(int accessCodeLifespanLogin) {
-        this.accessCodeLifespanLogin = accessCodeLifespanLogin;
-    }
+	public void setAccessCodeLifespan(int accessCodeLifespan) {
+		this.accessCodeLifespan = accessCodeLifespan;
+	}

-    public int getNotBefore() {
-        return notBefore;
-    }
+	public int getAccessCodeLifespanUserAction() {
+		return accessCodeLifespanUserAction;
+	}

-    public void setNotBefore(int notBefore) {
-        this.notBefore = notBefore;
-    }
+	public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
+		this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
+	}

-    public String getPublicKeyPem() {
-        return publicKeyPem;
-    }
+	public int getAccessCodeLifespanLogin() {
+		return accessCodeLifespanLogin;
+	}

-    public void setPublicKeyPem(String publicKeyPem) {
-        this.publicKeyPem = publicKeyPem;
-    }
+	public void setAccessCodeLifespanLogin(int accessCodeLifespanLogin) {
+		this.accessCodeLifespanLogin = accessCodeLifespanLogin;
+	}

-    public String getPrivateKeyPem() {
-        return privateKeyPem;
-    }
+	public int getNotBefore() {
+		return notBefore;
+	}

-    public void setPrivateKeyPem(String privateKeyPem) {
-        this.privateKeyPem = privateKeyPem;
-    }
+	public void setNotBefore(int notBefore) {
+		this.notBefore = notBefore;
+	}

-    public String getCodeSecret() {
-        return codeSecret;
-    }
+	public String getPublicKeyPem() {
+		return publicKeyPem;
+	}

-    public void setCodeSecret(String codeSecret) {
-        this.codeSecret = codeSecret;
-    }
+	public void setPublicKeyPem(String publicKeyPem) {
+		this.publicKeyPem = publicKeyPem;
+	}

-    public String getLoginTheme() {
-        return loginTheme;
-    }
+	public String getPrivateKeyPem() {
+		return privateKeyPem;
+	}

-    public void setLoginTheme(String loginTheme) {
-        this.loginTheme = loginTheme;
-    }
+	public void setPrivateKeyPem(String privateKeyPem) {
+		this.privateKeyPem = privateKeyPem;
+	}

-    public String getAccountTheme() {
-        return accountTheme;
-    }
+	public String getCodeSecret() {
+		return codeSecret;
+	}

-    public void setAccountTheme(String accountTheme) {
-        this.accountTheme = accountTheme;
-    }
+	public void setCodeSecret(String codeSecret) {
+		this.codeSecret = codeSecret;
+	}

-    public String getAdminTheme() {
-        return adminTheme;
-    }
+	public String getLoginTheme() {
+		return loginTheme;
+	}

-    public void setAdminTheme(String adminTheme) {
-        this.adminTheme = adminTheme;
-    }
+	public void setLoginTheme(String loginTheme) {
+		this.loginTheme = loginTheme;
+	}

-    public String getEmailTheme() {
-        return emailTheme;
-    }
-
-    public void setEmailTheme(String emailTheme) {
-        this.emailTheme = emailTheme;
-    }
-
-    public List<String> getDefaultRoles() {
-        return defaultRoles;
-    }
-
-    public void setDefaultRoles(List<String> defaultRoles) {
-        this.defaultRoles = defaultRoles;
-    }
-
-    public List<RequiredCredentialEntity> getRequiredCredentials() {
-        return requiredCredentials;
-    }
-
-    public void setRequiredCredentials(List<RequiredCredentialEntity> requiredCredentials) {
-        this.requiredCredentials = requiredCredentials;
-    }
-
-    public Map<String, String> getBrowserSecurityHeaders() {
-        return browserSecurityHeaders;
-    }
-
-    public void setBrowserSecurityHeaders(Map<String, String> browserSecurityHeaders) {
-        this.browserSecurityHeaders = browserSecurityHeaders;
-    }
-
-    public Map<String, String> getSmtpConfig() {
-        return smtpConfig;
-    }
-
-    public void setSmtpConfig(Map<String, String> smtpConfig) {
-        this.smtpConfig = smtpConfig;
-    }
+	public String getAccountTheme() {
+		return accountTheme;
+	}

-    public Map<String, String> getSocialConfig() {
-        return socialConfig;
-    }
+	public void setAccountTheme(String accountTheme) {
+		this.accountTheme = accountTheme;
+	}

-    public void setSocialConfig(Map<String, String> socialConfig) {
-        this.socialConfig = socialConfig;
-    }
+	public String getAdminTheme() {
+		return adminTheme;
+	}

-    public boolean isEventsEnabled() {
-        return eventsEnabled;
-    }
+	public void setAdminTheme(String adminTheme) {
+		this.adminTheme = adminTheme;
+	}

-    public void setEventsEnabled(boolean eventsEnabled) {
-        this.eventsEnabled = eventsEnabled;
-    }
+	public String getEmailTheme() {
+		return emailTheme;
+	}

-    public long getEventsExpiration() {
-        return eventsExpiration;
-    }
+	public void setEmailTheme(String emailTheme) {
+		this.emailTheme = emailTheme;
+	}

-    public void setEventsExpiration(long eventsExpiration) {
-        this.eventsExpiration = eventsExpiration;
-    }
+	public List<String> getDefaultRoles() {
+		return defaultRoles;
+	}

-    public List<String> getEventsListeners() {
-        return eventsListeners;
-    }
+	public void setDefaultRoles(List<String> defaultRoles) {
+		this.defaultRoles = defaultRoles;
+	}

-    public void setEventsListeners(List<String> eventsListeners) {
-        this.eventsListeners = eventsListeners;
-    }
+	public List<RequiredCredentialEntity> getRequiredCredentials() {
+		return requiredCredentials;
+	}

-    public String getAdminAppId() {
-        return adminAppId;
-    }
+	public void setRequiredCredentials(List<RequiredCredentialEntity> requiredCredentials) {
+		this.requiredCredentials = requiredCredentials;
+	}

-    public void setAdminAppId(String adminAppId) {
-        this.adminAppId = adminAppId;
-    }
+	public Map<String, String> getBrowserSecurityHeaders() {
+		return browserSecurityHeaders;
+	}

-    public List<UserFederationProviderEntity> getUserFederationProviders() {
-        return userFederationProviders;
-    }
+	public void setBrowserSecurityHeaders(Map<String, String> browserSecurityHeaders) {
+		this.browserSecurityHeaders = browserSecurityHeaders;
+	}

-    public void setUserFederationProviders(List<UserFederationProviderEntity> userFederationProviders) {
-        this.userFederationProviders = userFederationProviders;
-    }
+	public Map<String, String> getSmtpConfig() {
+		return smtpConfig;
+	}

-    public List<IdentityProviderEntity> getIdentityProviders() {
-        return identityProviders;
-    }
+	public void setSmtpConfig(Map<String, String> smtpConfig) {
+		this.smtpConfig = smtpConfig;
+	}

-    public void setIdentityProviders(List<IdentityProviderEntity> identityProviders) {
-        this.identityProviders = identityProviders;
-    }
+	public Map<String, String> getSocialConfig() {
+		return socialConfig;
+	}

-    public String getCertificatePem() {
-        return certificatePem;
-    }
+	public void setSocialConfig(Map<String, String> socialConfig) {
+		this.socialConfig = socialConfig;
+	}

-    public void setCertificatePem(String certificatePem) {
-        this.certificatePem = certificatePem;
-    }
+	public boolean isEventsEnabled() {
+		return eventsEnabled;
+	}
+
+	public void setEventsEnabled(boolean eventsEnabled) {
+		this.eventsEnabled = eventsEnabled;
+	}
+
+	public long getEventsExpiration() {
+		return eventsExpiration;
+	}
+
+	public void setEventsExpiration(long eventsExpiration) {
+		this.eventsExpiration = eventsExpiration;
+	}
+
+	public List<String> getEventsListeners() {
+		return eventsListeners;
+	}
+
+	public void setEventsListeners(List<String> eventsListeners) {
+		this.eventsListeners = eventsListeners;
+	}
+
+	public String getAdminAppId() {
+		return adminAppId;
+	}
+
+	public void setAdminAppId(String adminAppId) {
+		this.adminAppId = adminAppId;
+	}
+
+	public List<UserFederationProviderEntity> getUserFederationProviders() {
+		return userFederationProviders;
+	}
+
+	public void setUserFederationProviders(List<UserFederationProviderEntity> userFederationProviders) {
+		this.userFederationProviders = userFederationProviders;
+	}
+
+	public List<IdentityProviderEntity> getIdentityProviders() {
+		return identityProviders;
+	}
+
+	public void setIdentityProviders(List<IdentityProviderEntity> identityProviders) {
+		this.identityProviders = identityProviders;
+	}
+
+	public String getCertificatePem() {
+		return certificatePem;
+	}
+
+	public void setCertificatePem(String certificatePem) {
+		this.certificatePem = certificatePem;
+	}
 }
-
-
--- a/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@ -1,5 +1,13 @@
 package org.keycloak.models.utils;

+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
 import org.keycloak.models.ApplicationModel;
 import org.keycloak.models.ClaimMask;
 import org.keycloak.models.ClientIdentityProviderMappingModel;
@ -31,337 +39,331 @@ import org.keycloak.representations.idm.UserFederationProviderRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.representations.idm.UserSessionRepresentation;

-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
 /**
 * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
 * @version $Revision: 1 $
 */
 public class ModelToRepresentation {
-    public static UserRepresentation toRepresentation(UserModel user) {
-        UserRepresentation rep = new UserRepresentation();
-        rep.setId(user.getId());
-        rep.setUsername(user.getUsername());
-        rep.setLastName(user.getLastName());
-        rep.setFirstName(user.getFirstName());
-        rep.setEmail(user.getEmail());
-        rep.setEnabled(user.isEnabled());
-        rep.setEmailVerified(user.isEmailVerified());
-        rep.setTotp(user.isTotp());
-        rep.setFederationLink(user.getFederationLink());
+	public static UserRepresentation toRepresentation(UserModel user) {
+		UserRepresentation rep = new UserRepresentation();
+		rep.setId(user.getId());
+		rep.setUsername(user.getUsername());
+		rep.setLastName(user.getLastName());
+		rep.setFirstName(user.getFirstName());
+		rep.setEmail(user.getEmail());
+		rep.setEnabled(user.isEnabled());
+		rep.setEmailVerified(user.isEmailVerified());
+		rep.setTotp(user.isTotp());
+		rep.setFederationLink(user.getFederationLink());

-        List<String> reqActions = new ArrayList<String>();
-        for (UserModel.RequiredAction ra : user.getRequiredActions()){
-            reqActions.add(ra.name());
-        }
+		List<String> reqActions = new ArrayList<String>();
+		for (UserModel.RequiredAction ra : user.getRequiredActions()) {
+			reqActions.add(ra.name());
+		}

-        rep.setRequiredActions(reqActions);
+		rep.setRequiredActions(reqActions);

-        if (user.getAttributes() != null && !user.getAttributes().isEmpty()) {
-            Map<String, String> attrs = new HashMap<String, String>();
-            attrs.putAll(user.getAttributes());
-            rep.setAttributes(attrs);
-        }
-        return rep;
-    }
+		if (user.getAttributes() != null && !user.getAttributes().isEmpty()) {
+			Map<String, String> attrs = new HashMap<String, String>();
+			attrs.putAll(user.getAttributes());
+			rep.setAttributes(attrs);
+		}
+		return rep;
+	}

-    public static RoleRepresentation toRepresentation(RoleModel role) {
-        RoleRepresentation rep = new RoleRepresentation();
-        rep.setId(role.getId());
-        rep.setName(role.getName());
-        rep.setDescription(role.getDescription());
-        rep.setComposite(role.isComposite());
-        return rep;
-    }
+	public static RoleRepresentation toRepresentation(RoleModel role) {
+		RoleRepresentation rep = new RoleRepresentation();
+		rep.setId(role.getId());
+		rep.setName(role.getName());
+		rep.setDescription(role.getDescription());
+		rep.setComposite(role.isComposite());
+		return rep;
+	}

-    public static RealmRepresentation toRepresentation(RealmModel realm, boolean internal) {
-        RealmRepresentation rep = new RealmRepresentation();
-        rep.setId(realm.getId());
-        rep.setRealm(realm.getName());
-        rep.setEnabled(realm.isEnabled());
-        rep.setNotBefore(realm.getNotBefore());
-        rep.setSslRequired(realm.getSslRequired().name().toLowerCase());
-        rep.setPublicKey(realm.getPublicKeyPem());
-        if (internal) {
-            rep.setPrivateKey(realm.getPrivateKeyPem());
-            String privateKeyPem = realm.getPrivateKeyPem();
-            if (realm.getCertificatePem() == null && privateKeyPem != null) {
-                KeycloakModelUtils.generateRealmCertificate(realm);
-            }
-            rep.setCodeSecret(realm.getCodeSecret());
-        }
-        rep.setCertificate(realm.getCertificatePem());
-        rep.setPasswordCredentialGrantAllowed(realm.isPasswordCredentialGrantAllowed());
-        rep.setRegistrationAllowed(realm.isRegistrationAllowed());
-        rep.setRememberMe(realm.isRememberMe());
-        rep.setBruteForceProtected(realm.isBruteForceProtected());
-        rep.setMaxFailureWaitSeconds(realm.getMaxFailureWaitSeconds());
-        rep.setMinimumQuickLoginWaitSeconds(realm.getMinimumQuickLoginWaitSeconds());
-        rep.setWaitIncrementSeconds(realm.getWaitIncrementSeconds());
-        rep.setQuickLoginCheckMilliSeconds(realm.getQuickLoginCheckMilliSeconds());
-        rep.setMaxDeltaTimeSeconds(realm.getMaxDeltaTimeSeconds());
-        rep.setFailureFactor(realm.getFailureFactor());
-        rep.setVerifyEmail(realm.isVerifyEmail());
-        rep.setResetPasswordAllowed(realm.isResetPasswordAllowed());
-        rep.setAccessTokenLifespan(realm.getAccessTokenLifespan());
-        rep.setSsoSessionIdleTimeout(realm.getSsoSessionIdleTimeout());
-        rep.setSsoSessionMaxLifespan(realm.getSsoSessionMaxLifespan());
-        rep.setAccessCodeLifespan(realm.getAccessCodeLifespan());
-        rep.setAccessCodeLifespanUserAction(realm.getAccessCodeLifespanUserAction());
-        rep.setAccessCodeLifespanLogin(realm.getAccessCodeLifespanLogin());
-        rep.setSmtpServer(realm.getSmtpConfig());
-        rep.setBrowserSecurityHeaders(realm.getBrowserSecurityHeaders());
-        rep.setAccountTheme(realm.getAccountTheme());
-        rep.setLoginTheme(realm.getLoginTheme());
-        rep.setAdminTheme(realm.getAdminTheme());
-        rep.setEmailTheme(realm.getEmailTheme());
-        if (realm.getPasswordPolicy() != null) {
-            rep.setPasswordPolicy(realm.getPasswordPolicy().toString());
-        }
+	public static RealmRepresentation toRepresentation(RealmModel realm, boolean internal) {
+		RealmRepresentation rep = new RealmRepresentation();
+		rep.setId(realm.getId());
+		rep.setRealm(realm.getName());
+		rep.setEnabled(realm.isEnabled());
+		rep.setNotBefore(realm.getNotBefore());
+		rep.setSslRequired(realm.getSslRequired().name().toLowerCase());
+		rep.setPublicKey(realm.getPublicKeyPem());
+		if (internal) {
+			rep.setPrivateKey(realm.getPrivateKeyPem());
+			String privateKeyPem = realm.getPrivateKeyPem();
+			if (realm.getCertificatePem() == null && privateKeyPem != null) {
+				KeycloakModelUtils.generateRealmCertificate(realm);
+			}
+			rep.setCodeSecret(realm.getCodeSecret());
+		}
+		rep.setCertificate(realm.getCertificatePem());
+		rep.setPasswordCredentialGrantAllowed(realm.isPasswordCredentialGrantAllowed());
+		rep.setRegistrationAllowed(realm.isRegistrationAllowed());
+		rep.setRegistrationEmailAsUsername(realm.isRegistrationEmailAsUsername());
+		rep.setRememberMe(realm.isRememberMe());
+		rep.setBruteForceProtected(realm.isBruteForceProtected());
+		rep.setMaxFailureWaitSeconds(realm.getMaxFailureWaitSeconds());
+		rep.setMinimumQuickLoginWaitSeconds(realm.getMinimumQuickLoginWaitSeconds());
+		rep.setWaitIncrementSeconds(realm.getWaitIncrementSeconds());
+		rep.setQuickLoginCheckMilliSeconds(realm.getQuickLoginCheckMilliSeconds());
+		rep.setMaxDeltaTimeSeconds(realm.getMaxDeltaTimeSeconds());
+		rep.setFailureFactor(realm.getFailureFactor());
+		rep.setVerifyEmail(realm.isVerifyEmail());
+		rep.setResetPasswordAllowed(realm.isResetPasswordAllowed());
+		rep.setAccessTokenLifespan(realm.getAccessTokenLifespan());
+		rep.setSsoSessionIdleTimeout(realm.getSsoSessionIdleTimeout());
+		rep.setSsoSessionMaxLifespan(realm.getSsoSessionMaxLifespan());
+		rep.setAccessCodeLifespan(realm.getAccessCodeLifespan());
+		rep.setAccessCodeLifespanUserAction(realm.getAccessCodeLifespanUserAction());
+		rep.setAccessCodeLifespanLogin(realm.getAccessCodeLifespanLogin());
+		rep.setSmtpServer(realm.getSmtpConfig());
+		rep.setBrowserSecurityHeaders(realm.getBrowserSecurityHeaders());
+		rep.setAccountTheme(realm.getAccountTheme());
+		rep.setLoginTheme(realm.getLoginTheme());
+		rep.setAdminTheme(realm.getAdminTheme());
+		rep.setEmailTheme(realm.getEmailTheme());
+		if (realm.getPasswordPolicy() != null) {
+			rep.setPasswordPolicy(realm.getPasswordPolicy().toString());
+		}

-        List<String> defaultRoles = realm.getDefaultRoles();
-        if (!defaultRoles.isEmpty()) {
-            List<String> roleStrings = new ArrayList<String>();
-            roleStrings.addAll(defaultRoles);
-            rep.setDefaultRoles(roleStrings);
-        }
+		List<String> defaultRoles = realm.getDefaultRoles();
+		if (!defaultRoles.isEmpty()) {
+			List<String> roleStrings = new ArrayList<String>();
+			roleStrings.addAll(defaultRoles);
+			rep.setDefaultRoles(roleStrings);
+		}

-        List<RequiredCredentialModel> requiredCredentialModels = realm.getRequiredCredentials();
-        if (requiredCredentialModels.size() > 0) {
-            rep.setRequiredCredentials(new HashSet<String>());
-            for (RequiredCredentialModel cred : requiredCredentialModels) {
-                rep.getRequiredCredentials().add(cred.getType());
-            }
-        }
+		List<RequiredCredentialModel> requiredCredentialModels = realm.getRequiredCredentials();
+		if (requiredCredentialModels.size() > 0) {
+			rep.setRequiredCredentials(new HashSet<String>());
+			for (RequiredCredentialModel cred : requiredCredentialModels) {
+				rep.getRequiredCredentials().add(cred.getType());
+			}
+		}

-        List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders();
-        if (fedProviderModels.size() > 0) {
-            List<UserFederationProviderRepresentation> fedProviderReps = new ArrayList<UserFederationProviderRepresentation>();
-            for (UserFederationProviderModel model : fedProviderModels) {
-                UserFederationProviderRepresentation fedProvRep = toRepresentation(model);
-                fedProviderReps.add(fedProvRep);
-            }
-            rep.setUserFederationProviders(fedProviderReps);
-        }
+		List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders();
+		if (fedProviderModels.size() > 0) {
+			List<UserFederationProviderRepresentation> fedProviderReps = new ArrayList<UserFederationProviderRepresentation>();
+			for (UserFederationProviderModel model : fedProviderModels) {
+				UserFederationProviderRepresentation fedProvRep = toRepresentation(model);
+				fedProviderReps.add(fedProvRep);
+			}
+			rep.setUserFederationProviders(fedProviderReps);
+		}

-        for (IdentityProviderModel provider : realm.getIdentityProviders()) {
-            rep.addIdentityProvider(toRepresentation(provider));
-        }
+		for (IdentityProviderModel provider : realm.getIdentityProviders()) {
+			rep.addIdentityProvider(toRepresentation(provider));
+		}

-        return rep;
-    }
+		return rep;
+	}

-    public static RealmEventsConfigRepresentation toEventsConfigReprensetation(RealmModel realm) {
-        RealmEventsConfigRepresentation rep = new RealmEventsConfigRepresentation();
-        rep.setEventsEnabled(realm.isEventsEnabled());
+	public static RealmEventsConfigRepresentation toEventsConfigReprensetation(RealmModel realm) {
+		RealmEventsConfigRepresentation rep = new RealmEventsConfigRepresentation();
+		rep.setEventsEnabled(realm.isEventsEnabled());

-        if (realm.getEventsExpiration() != 0) {
-            rep.setEventsExpiration(realm.getEventsExpiration());
-        }
+		if (realm.getEventsExpiration() != 0) {
+			rep.setEventsExpiration(realm.getEventsExpiration());
+		}

-        if (realm.getEventsListeners() != null) {
-            rep.setEventsListeners(new LinkedList<String>(realm.getEventsListeners()));
-        }
-        return rep;
-    }
+		if (realm.getEventsListeners() != null) {
+			rep.setEventsListeners(new LinkedList<String>(realm.getEventsListeners()));
+		}
+		return rep;
+	}

-    public static CredentialRepresentation toRepresentation(UserCredentialModel cred) {
-        CredentialRepresentation rep = new CredentialRepresentation();
-        rep.setType(CredentialRepresentation.SECRET);
-        rep.setValue(cred.getValue());
-        return rep;
-    }
+	public static CredentialRepresentation toRepresentation(UserCredentialModel cred) {
+		CredentialRepresentation rep = new CredentialRepresentation();
+		rep.setType(CredentialRepresentation.SECRET);
+		rep.setValue(cred.getValue());
+		return rep;
+	}

-    public static ClaimRepresentation toRepresentation(ClientModel model) {
-        ClaimRepresentation rep = new ClaimRepresentation();
-        rep.setAddress(ClaimMask.hasAddress(model.getAllowedClaimsMask()));
-        rep.setEmail(ClaimMask.hasEmail(model.getAllowedClaimsMask()));
-        rep.setGender(ClaimMask.hasGender(model.getAllowedClaimsMask()));
-        rep.setLocale(ClaimMask.hasLocale(model.getAllowedClaimsMask()));
-        rep.setName(ClaimMask.hasName(model.getAllowedClaimsMask()));
-        rep.setPhone(ClaimMask.hasPhone(model.getAllowedClaimsMask()));
-        rep.setPicture(ClaimMask.hasPicture(model.getAllowedClaimsMask()));
-        rep.setProfile(ClaimMask.hasProfile(model.getAllowedClaimsMask()));
-        rep.setWebsite(ClaimMask.hasWebsite(model.getAllowedClaimsMask()));
-        rep.setUsername(ClaimMask.hasUsername(model.getAllowedClaimsMask()));
-        return rep;
-    }
+	public static ClaimRepresentation toRepresentation(ClientModel model) {
+		ClaimRepresentation rep = new ClaimRepresentation();
+		rep.setAddress(ClaimMask.hasAddress(model.getAllowedClaimsMask()));
+		rep.setEmail(ClaimMask.hasEmail(model.getAllowedClaimsMask()));
+		rep.setGender(ClaimMask.hasGender(model.getAllowedClaimsMask()));
+		rep.setLocale(ClaimMask.hasLocale(model.getAllowedClaimsMask()));
+		rep.setName(ClaimMask.hasName(model.getAllowedClaimsMask()));
+		rep.setPhone(ClaimMask.hasPhone(model.getAllowedClaimsMask()));
+		rep.setPicture(ClaimMask.hasPicture(model.getAllowedClaimsMask()));
+		rep.setProfile(ClaimMask.hasProfile(model.getAllowedClaimsMask()));
+		rep.setWebsite(ClaimMask.hasWebsite(model.getAllowedClaimsMask()));
+		rep.setUsername(ClaimMask.hasUsername(model.getAllowedClaimsMask()));
+		return rep;
+	}

-    public static FederatedIdentityRepresentation toRepresentation(FederatedIdentityModel socialLink) {
-        FederatedIdentityRepresentation rep = new FederatedIdentityRepresentation();
-        rep.setUserName(socialLink.getUserName());
-        rep.setIdentityProvider(socialLink.getIdentityProvider());
-        rep.setUserId(socialLink.getUserId());
-        return rep;
-    }
+	public static FederatedIdentityRepresentation toRepresentation(FederatedIdentityModel socialLink) {
+		FederatedIdentityRepresentation rep = new FederatedIdentityRepresentation();
+		rep.setUserName(socialLink.getUserName());
+		rep.setIdentityProvider(socialLink.getIdentityProvider());
+		rep.setUserId(socialLink.getUserId());
+		return rep;
+	}

-    public static UserSessionRepresentation toRepresentation(UserSessionModel session) {
-        UserSessionRepresentation rep = new UserSessionRepresentation();
-        rep.setId(session.getId());
-        rep.setStart(((long)session.getStarted()) * 1000L);
-        rep.setLastAccess(((long)session.getLastSessionRefresh())* 1000L);
-        rep.setUser(session.getUser().getUsername());
-        rep.setIpAddress(session.getIpAddress());
-        for (ClientSessionModel clientSession : session.getClientSessions()) {
-            ClientModel client = clientSession.getClient();
-            if (client instanceof ApplicationModel) {
-                rep.getApplications().put(client.getId(), client.getClientId());
-            } else if (client instanceof OAuthClientModel) {
-                rep.getClients().put(client.getId(), client.getClientId());
-            }
-        }
-        return rep;
-    }
+	public static UserSessionRepresentation toRepresentation(UserSessionModel session) {
+		UserSessionRepresentation rep = new UserSessionRepresentation();
+		rep.setId(session.getId());
+		rep.setStart(((long) session.getStarted()) * 1000L);
+		rep.setLastAccess(((long) session.getLastSessionRefresh()) * 1000L);
+		rep.setUser(session.getUser().getUsername());
+		rep.setIpAddress(session.getIpAddress());
+		for (ClientSessionModel clientSession : session.getClientSessions()) {
+			ClientModel client = clientSession.getClient();
+			if (client instanceof ApplicationModel) {
+				rep.getApplications().put(client.getId(), client.getClientId());
+			} else if (client instanceof OAuthClientModel) {
+				rep.getClients().put(client.getId(), client.getClientId());
+			}
+		}
+		return rep;
+	}

-    public static ApplicationRepresentation toRepresentation(ApplicationModel applicationModel) {
-        ApplicationRepresentation rep = new ApplicationRepresentation();
-        rep.setId(applicationModel.getId());
-        rep.setName(applicationModel.getName());
-        rep.setEnabled(applicationModel.isEnabled());
-        rep.setAdminUrl(applicationModel.getManagementUrl());
-        rep.setPublicClient(applicationModel.isPublicClient());
-        rep.setFrontchannelLogout(applicationModel.isFrontchannelLogout());
-        rep.setProtocol(applicationModel.getProtocol());
-        rep.setAttributes(applicationModel.getAttributes());
-        rep.setFullScopeAllowed(applicationModel.isFullScopeAllowed());
-        rep.setBearerOnly(applicationModel.isBearerOnly());
-        rep.setSurrogateAuthRequired(applicationModel.isSurrogateAuthRequired());
-        rep.setBaseUrl(applicationModel.getBaseUrl());
-        rep.setNotBefore(applicationModel.getNotBefore());
-        rep.setNodeReRegistrationTimeout(applicationModel.getNodeReRegistrationTimeout());
+	public static ApplicationRepresentation toRepresentation(ApplicationModel applicationModel) {
+		ApplicationRepresentation rep = new ApplicationRepresentation();
+		rep.setId(applicationModel.getId());
+		rep.setName(applicationModel.getName());
+		rep.setEnabled(applicationModel.isEnabled());
+		rep.setAdminUrl(applicationModel.getManagementUrl());
+		rep.setPublicClient(applicationModel.isPublicClient());
+		rep.setFrontchannelLogout(applicationModel.isFrontchannelLogout());
+		rep.setProtocol(applicationModel.getProtocol());
+		rep.setAttributes(applicationModel.getAttributes());
+		rep.setFullScopeAllowed(applicationModel.isFullScopeAllowed());
+		rep.setBearerOnly(applicationModel.isBearerOnly());
+		rep.setSurrogateAuthRequired(applicationModel.isSurrogateAuthRequired());
+		rep.setBaseUrl(applicationModel.getBaseUrl());
+		rep.setNotBefore(applicationModel.getNotBefore());
+		rep.setNodeReRegistrationTimeout(applicationModel.getNodeReRegistrationTimeout());

-        Set<String> redirectUris = applicationModel.getRedirectUris();
-        if (redirectUris != null) {
-            rep.setRedirectUris(new LinkedList<String>(redirectUris));
-        }
+		Set<String> redirectUris = applicationModel.getRedirectUris();
+		if (redirectUris != null) {
+			rep.setRedirectUris(new LinkedList<String>(redirectUris));
+		}

-        Set<String> webOrigins = applicationModel.getWebOrigins();
-        if (webOrigins != null) {
-            rep.setWebOrigins(new LinkedList<String>(webOrigins));
-        }
+		Set<String> webOrigins = applicationModel.getWebOrigins();
+		if (webOrigins != null) {
+			rep.setWebOrigins(new LinkedList<String>(webOrigins));
+		}

-        if (!applicationModel.getDefaultRoles().isEmpty()) {
-            rep.setDefaultRoles(applicationModel.getDefaultRoles().toArray(new String[0]));
-        }
+		if (!applicationModel.getDefaultRoles().isEmpty()) {
+			rep.setDefaultRoles(applicationModel.getDefaultRoles().toArray(new String[0]));
+		}

-        if (!applicationModel.getRegisteredNodes().isEmpty()) {
-            rep.setRegisteredNodes(new HashMap<String, Integer>(applicationModel.getRegisteredNodes()));
-        }
+		if (!applicationModel.getRegisteredNodes().isEmpty()) {
+			rep.setRegisteredNodes(new HashMap<String, Integer>(applicationModel.getRegisteredNodes()));
+		}

-        if (!applicationModel.getIdentityProviders().isEmpty()) {
-            rep.setIdentityProviders(toRepresentation(applicationModel.getIdentityProviders()));
-        }
+		if (!applicationModel.getIdentityProviders().isEmpty()) {
+			rep.setIdentityProviders(toRepresentation(applicationModel.getIdentityProviders()));
+		}

-        if (!applicationModel.getProtocolMappers().isEmpty()) {
-            List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
-            for (ProtocolMapperModel model : applicationModel.getProtocolMappers()) {
-                mappings.add(toRepresentation(model));
-            }
-            rep.setProtocolMappers(mappings);
-        }
+		if (!applicationModel.getProtocolMappers().isEmpty()) {
+			List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
+			for (ProtocolMapperModel model : applicationModel.getProtocolMappers()) {
+				mappings.add(toRepresentation(model));
+			}
+			rep.setProtocolMappers(mappings);
+		}

-        return rep;
-    }
+		return rep;
+	}

-    private static List<ClientIdentityProviderMappingRepresentation> toRepresentation(List<ClientIdentityProviderMappingModel> identityProviders) {
-        ArrayList<ClientIdentityProviderMappingRepresentation> representations = new ArrayList<ClientIdentityProviderMappingRepresentation>();
+	private static List<ClientIdentityProviderMappingRepresentation> toRepresentation(
+			List<ClientIdentityProviderMappingModel> identityProviders) {
+		ArrayList<ClientIdentityProviderMappingRepresentation> representations = new ArrayList<ClientIdentityProviderMappingRepresentation>();

-        for (ClientIdentityProviderMappingModel model : identityProviders) {
-            ClientIdentityProviderMappingRepresentation representation = new ClientIdentityProviderMappingRepresentation();
+		for (ClientIdentityProviderMappingModel model : identityProviders) {
+			ClientIdentityProviderMappingRepresentation representation = new ClientIdentityProviderMappingRepresentation();

-            representation.setId(model.getIdentityProvider());
-            representation.setRetrieveToken(model.isRetrieveToken());
+			representation.setId(model.getIdentityProvider());
+			representation.setRetrieveToken(model.isRetrieveToken());

-            representations.add(representation);
-        }
+			representations.add(representation);
+		}

-        return representations;
-    }
+		return representations;
+	}

-    public static OAuthClientRepresentation toRepresentation(OAuthClientModel model) {
-        OAuthClientRepresentation rep = new OAuthClientRepresentation();
-        rep.setId(model.getId());
-        rep.setName(model.getClientId());
-        rep.setEnabled(model.isEnabled());
-        rep.setPublicClient(model.isPublicClient());
-        rep.setFrontchannelLogout(model.isFrontchannelLogout());
-        rep.setProtocol(model.getProtocol());
-        rep.setAttributes(model.getAttributes());
-        rep.setFullScopeAllowed(model.isFullScopeAllowed());
-        rep.setDirectGrantsOnly(model.isDirectGrantsOnly());
-        Set<String> redirectUris = model.getRedirectUris();
-        if (redirectUris != null) {
-            rep.setRedirectUris(new LinkedList<String>(redirectUris));
-        }
+	public static OAuthClientRepresentation toRepresentation(OAuthClientModel model) {
+		OAuthClientRepresentation rep = new OAuthClientRepresentation();
+		rep.setId(model.getId());
+		rep.setName(model.getClientId());
+		rep.setEnabled(model.isEnabled());
+		rep.setPublicClient(model.isPublicClient());
+		rep.setFrontchannelLogout(model.isFrontchannelLogout());
+		rep.setProtocol(model.getProtocol());
+		rep.setAttributes(model.getAttributes());
+		rep.setFullScopeAllowed(model.isFullScopeAllowed());
+		rep.setDirectGrantsOnly(model.isDirectGrantsOnly());
+		Set<String> redirectUris = model.getRedirectUris();
+		if (redirectUris != null) {
+			rep.setRedirectUris(new LinkedList<String>(redirectUris));
+		}

-        Set<String> webOrigins = model.getWebOrigins();
-        if (webOrigins != null) {
-            rep.setWebOrigins(new LinkedList<String>(webOrigins));
-        }
-        rep.setNotBefore(model.getNotBefore());
+		Set<String> webOrigins = model.getWebOrigins();
+		if (webOrigins != null) {
+			rep.setWebOrigins(new LinkedList<String>(webOrigins));
+		}
+		rep.setNotBefore(model.getNotBefore());

-        if (!model.getIdentityProviders().isEmpty()) {
-            rep.setIdentityProviders(toRepresentation(model.getIdentityProviders()));
-        }
+		if (!model.getIdentityProviders().isEmpty()) {
+			rep.setIdentityProviders(toRepresentation(model.getIdentityProviders()));
+		}

-        if (!model.getProtocolMappers().isEmpty()) {
-                List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
-                for (ProtocolMapperModel mapper : model.getProtocolMappers()) {
-                    mappings.add(toRepresentation(mapper));
-                }
-                rep.setProtocolMappers(mappings);
-        }
+		if (!model.getProtocolMappers().isEmpty()) {
+			List<ProtocolMapperRepresentation> mappings = new LinkedList<ProtocolMapperRepresentation>();
+			for (ProtocolMapperModel mapper : model.getProtocolMappers()) {
+				mappings.add(toRepresentation(mapper));
+			}
+			rep.setProtocolMappers(mappings);
+		}

-        return rep;
-    }
+		return rep;
+	}

-    public static UserFederationProviderRepresentation toRepresentation(UserFederationProviderModel model) {
-        UserFederationProviderRepresentation rep = new UserFederationProviderRepresentation();
-        rep.setId(model.getId());
-        rep.setConfig(model.getConfig());
-        rep.setProviderName(model.getProviderName());
-        rep.setPriority(model.getPriority());
-        rep.setDisplayName(model.getDisplayName());
-        rep.setFullSyncPeriod(model.getFullSyncPeriod());
-        rep.setChangedSyncPeriod(model.getChangedSyncPeriod());
-        rep.setLastSync(model.getLastSync());
-        return rep;
-    }
+	public static UserFederationProviderRepresentation toRepresentation(UserFederationProviderModel model) {
+		UserFederationProviderRepresentation rep = new UserFederationProviderRepresentation();
+		rep.setId(model.getId());
+		rep.setConfig(model.getConfig());
+		rep.setProviderName(model.getProviderName());
+		rep.setPriority(model.getPriority());
+		rep.setDisplayName(model.getDisplayName());
+		rep.setFullSyncPeriod(model.getFullSyncPeriod());
+		rep.setChangedSyncPeriod(model.getChangedSyncPeriod());
+		rep.setLastSync(model.getLastSync());
+		return rep;
+	}

-    public static IdentityProviderRepresentation toRepresentation(IdentityProviderModel identityProviderModel) {
-        IdentityProviderRepresentation providerRep = new IdentityProviderRepresentation();
+	public static IdentityProviderRepresentation toRepresentation(IdentityProviderModel identityProviderModel) {
+		IdentityProviderRepresentation providerRep = new IdentityProviderRepresentation();

-        providerRep.setInternalId(identityProviderModel.getInternalId());
-        providerRep.setProviderId(identityProviderModel.getProviderId());
-        providerRep.setId(identityProviderModel.getId());
-        providerRep.setName(identityProviderModel.getName());
-        providerRep.setEnabled(identityProviderModel.isEnabled());
-        providerRep.setStoreToken(identityProviderModel.isStoreToken());
-        providerRep.setUpdateProfileFirstLogin(identityProviderModel.isUpdateProfileFirstLogin());
-        providerRep.setAuthenticateByDefault(identityProviderModel.isAuthenticateByDefault());
-        providerRep.setConfig(identityProviderModel.getConfig());
+		providerRep.setInternalId(identityProviderModel.getInternalId());
+		providerRep.setProviderId(identityProviderModel.getProviderId());
+		providerRep.setId(identityProviderModel.getId());
+		providerRep.setName(identityProviderModel.getName());
+		providerRep.setEnabled(identityProviderModel.isEnabled());
+		providerRep.setStoreToken(identityProviderModel.isStoreToken());
+		providerRep.setUpdateProfileFirstLogin(identityProviderModel.isUpdateProfileFirstLogin());
+		providerRep.setAuthenticateByDefault(identityProviderModel.isAuthenticateByDefault());
+		providerRep.setConfig(identityProviderModel.getConfig());

-        return providerRep;
-    }
+		return providerRep;
+	}

-    public static ProtocolMapperRepresentation toRepresentation(ProtocolMapperModel model) {
-        ProtocolMapperRepresentation rep = new ProtocolMapperRepresentation();
-        rep.setId(model.getId());
-        rep.setProtocol(model.getProtocol());
-        Map<String, String> config = new HashMap<String, String>();
-        config.putAll(model.getConfig());
-        rep.setConfig(config);
-        rep.setName(model.getName());
-        rep.setProtocolMapper(model.getProtocolMapper());
-        rep.setConsentText(model.getConsentText());
-        rep.setConsentRequired(model.isConsentRequired());
-        return rep;
-    }
+	public static ProtocolMapperRepresentation toRepresentation(ProtocolMapperModel model) {
+		ProtocolMapperRepresentation rep = new ProtocolMapperRepresentation();
+		rep.setId(model.getId());
+		rep.setProtocol(model.getProtocol());
+		Map<String, String> config = new HashMap<String, String>();
+		config.putAll(model.getConfig());
+		rep.setConfig(config);
+		rep.setName(model.getName());
+		rep.setProtocolMapper(model.getProtocolMapper());
+		rep.setConsentText(model.getConsentText());
+		rep.setConsentRequired(model.isConsentRequired());
+		return rep;
+	}

 }
--- a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
--- a/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
+++ b/model/file/src/main/java/org/keycloak/models/file/adapter/RealmAdapter.java
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/RealmAdapter.java
--- a/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
+++ b/model/invalidation-cache/model-adapters/src/main/java/org/keycloak/models/cache/entities/CachedRealm.java
@ -1,19 +1,5 @@
 package org.keycloak.models.cache.entities;

-import org.keycloak.enums.SslRequired;
-import org.keycloak.models.ApplicationModel;
-import org.keycloak.models.ClaimTypeModel;
-import org.keycloak.models.IdentityProviderModel;
-import org.keycloak.models.OAuthClientModel;
-import org.keycloak.models.PasswordPolicy;
-import org.keycloak.models.ProtocolMapperModel;
-import org.keycloak.models.RealmModel;
-import org.keycloak.models.RealmProvider;
-import org.keycloak.models.RequiredCredentialModel;
-import org.keycloak.models.RoleModel;
-import org.keycloak.models.UserFederationProviderModel;
-import org.keycloak.models.cache.RealmCache;
-
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
@ -22,329 +8,347 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;

+import org.keycloak.enums.SslRequired;
+import org.keycloak.models.ApplicationModel;
+import org.keycloak.models.IdentityProviderModel;
+import org.keycloak.models.OAuthClientModel;
+import org.keycloak.models.PasswordPolicy;
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.RealmProvider;
+import org.keycloak.models.RequiredCredentialModel;
+import org.keycloak.models.RoleModel;
+import org.keycloak.models.UserFederationProviderModel;
+import org.keycloak.models.cache.RealmCache;
+
 /**
 * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
 * @version $Revision: 1 $
 */
 public class CachedRealm {

-    private String id;
-    private String name;
-    private boolean enabled;
-    private SslRequired sslRequired;
-    private boolean registrationAllowed;
-    private boolean rememberMe;
-    private boolean verifyEmail;
-    private boolean passwordCredentialGrantAllowed;
-    private boolean resetPasswordAllowed;
-    private boolean identityFederationEnabled;
-    //--- brute force settings
-    private boolean bruteForceProtected;
-    private int maxFailureWaitSeconds;
-    private int minimumQuickLoginWaitSeconds;
-    private int waitIncrementSeconds;
-    private long quickLoginCheckMilliSeconds;
-    private int maxDeltaTimeSeconds;
-    private int failureFactor;
-    //--- end brute force settings
-
-    private int ssoSessionIdleTimeout;
-    private int ssoSessionMaxLifespan;
-    private int accessTokenLifespan;
-    private int accessCodeLifespan;
-    private int accessCodeLifespanUserAction;
-    private int accessCodeLifespanLogin;
-    private int notBefore;
-    private PasswordPolicy passwordPolicy;
-
-    private String publicKeyPem;
-    private String privateKeyPem;
-    private String certificatePem;
-    private String codeSecret;
-
-    private String loginTheme;
-    private String accountTheme;
-    private String adminTheme;
-    private String emailTheme;
-    private String masterAdminApp;
-
-    private List<RequiredCredentialModel> requiredCredentials = new ArrayList<RequiredCredentialModel>();
-    private List<UserFederationProviderModel> userFederationProviders = new ArrayList<UserFederationProviderModel>();
-    private List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
-
-    private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
-    private Map<String, String> smtpConfig = new HashMap<String, String>();
-
-    private boolean eventsEnabled;
-    private long eventsExpiration;
-    private Set<String> eventsListeners = new HashSet<String>();
-    private List<String> defaultRoles = new LinkedList<String>();
-    private Map<String, String> realmRoles = new HashMap<String, String>();
-    private Map<String, String> applications = new HashMap<String, String>();
-    private Map<String, String> clients = new HashMap<String, String>();
-
-    public CachedRealm() {
-    }
-
-    public CachedRealm(RealmCache cache, RealmProvider delegate, RealmModel model) {
-        id = model.getId();
-        name = model.getName();
-        enabled = model.isEnabled();
-        sslRequired = model.getSslRequired();
-        registrationAllowed = model.isRegistrationAllowed();
-        rememberMe = model.isRememberMe();
-        verifyEmail = model.isVerifyEmail();
-        passwordCredentialGrantAllowed = model.isPasswordCredentialGrantAllowed();
-        resetPasswordAllowed = model.isResetPasswordAllowed();
-        identityFederationEnabled = model.isIdentityFederationEnabled();
-        //--- brute force settings
-        bruteForceProtected = model.isBruteForceProtected();
-        maxFailureWaitSeconds = model.getMaxFailureWaitSeconds();
-        minimumQuickLoginWaitSeconds = model.getMinimumQuickLoginWaitSeconds();
-        waitIncrementSeconds = model.getWaitIncrementSeconds();
-        quickLoginCheckMilliSeconds = model.getQuickLoginCheckMilliSeconds();
-        maxDeltaTimeSeconds = model.getMaxDeltaTimeSeconds();
-        failureFactor = model.getFailureFactor();
-        //--- end brute force settings
-
-        ssoSessionIdleTimeout = model.getSsoSessionIdleTimeout();
-        ssoSessionMaxLifespan = model.getSsoSessionMaxLifespan();
-        accessTokenLifespan = model.getAccessTokenLifespan();
-        accessCodeLifespan = model.getAccessCodeLifespan();
-        accessCodeLifespanUserAction = model.getAccessCodeLifespanUserAction();
-        accessCodeLifespanLogin = model.getAccessCodeLifespanLogin();
-        notBefore = model.getNotBefore();
-        passwordPolicy = model.getPasswordPolicy();
-
-        publicKeyPem = model.getPublicKeyPem();
-        privateKeyPem = model.getPrivateKeyPem();
-        certificatePem = model.getCertificatePem();
-        codeSecret = model.getCodeSecret();
-
-        loginTheme = model.getLoginTheme();
-        accountTheme = model.getAccountTheme();
-        adminTheme = model.getAdminTheme();
-        emailTheme = model.getEmailTheme();
-
-        requiredCredentials = model.getRequiredCredentials();
-        userFederationProviders = model.getUserFederationProviders();
-
-        this.identityProviders = new ArrayList<IdentityProviderModel>();
-
-        for (IdentityProviderModel identityProviderModel : model.getIdentityProviders()) {
-            this.identityProviders.add(new IdentityProviderModel(identityProviderModel));
-        }
-
-        smtpConfig.putAll(model.getSmtpConfig());
-        browserSecurityHeaders.putAll(model.getBrowserSecurityHeaders());
-
-        eventsEnabled = model.isEventsEnabled();
-        eventsExpiration = model.getEventsExpiration();
-        eventsListeners.addAll(model.getEventsListeners());
-        defaultRoles.addAll(model.getDefaultRoles());
-        masterAdminApp = model.getMasterAdminApp().getId();
-
-        for (RoleModel role : model.getRoles()) {
-            realmRoles.put(role.getName(), role.getId());
-            CachedRole cachedRole = new CachedRealmRole(role, model);
-            cache.addCachedRole(cachedRole);
-        }
-
-        for (ApplicationModel app : model.getApplications()) {
-            applications.put(app.getName(), app.getId());
-            CachedApplication cachedApp = new CachedApplication(cache, delegate, model, app);
-            cache.addCachedApplication(cachedApp);
-        }
-
-        for (OAuthClientModel client : model.getOAuthClients()) {
-            clients.put(client.getClientId(), client.getId());
-            CachedOAuthClient cachedApp = new CachedOAuthClient(cache, delegate, model, client);
-            cache.addCachedOAuthClient(cachedApp);
-        }
-
-    }
-
-
-    public String getId() {
-        return id;
-    }
-
-    public String getMasterAdminApp() {
-        return masterAdminApp;
-    }
-
-    public String getName() {
-        return name;
-    }
-
-    public List<String> getDefaultRoles() {
-        return defaultRoles;
-    }
-
-    public Map<String, String> getRealmRoles() {
-        return realmRoles;
-    }
-
-    public Map<String, String> getApplications() {
-        return applications;
-    }
-
-    public Map<String, String> getClients() {
-        return clients;
-    }
-
-    public boolean isEnabled() {
-        return enabled;
-    }
-
-    public SslRequired getSslRequired() {
-        return sslRequired;
-    }
-
-    public boolean isRegistrationAllowed() {
-        return registrationAllowed;
-    }
-
-    public boolean isPasswordCredentialGrantAllowed() {
-        return passwordCredentialGrantAllowed;
-    }
-
-    public boolean isRememberMe() {
-        return this.rememberMe;
-    }
-
-    public boolean isBruteForceProtected() {
-        return bruteForceProtected;
-    }
-
-    public int getMaxFailureWaitSeconds() {
-        return this.maxFailureWaitSeconds;
-    }
+	private String id;
+	private String name;
+	private boolean enabled;
+	private SslRequired sslRequired;
+	private boolean registrationAllowed;
+	protected boolean registrationEmailAsUsername;
+	private boolean rememberMe;
+	private boolean verifyEmail;
+	private boolean passwordCredentialGrantAllowed;
+	private boolean resetPasswordAllowed;
+	private boolean identityFederationEnabled;
+	// --- brute force settings
+	private boolean bruteForceProtected;
+	private int maxFailureWaitSeconds;
+	private int minimumQuickLoginWaitSeconds;
+	private int waitIncrementSeconds;
+	private long quickLoginCheckMilliSeconds;
+	private int maxDeltaTimeSeconds;
+	private int failureFactor;
+	// --- end brute force settings
+
+	private int ssoSessionIdleTimeout;
+	private int ssoSessionMaxLifespan;
+	private int accessTokenLifespan;
+	private int accessCodeLifespan;
+	private int accessCodeLifespanUserAction;
+	private int accessCodeLifespanLogin;
+	private int notBefore;
+	private PasswordPolicy passwordPolicy;
+
+	private String publicKeyPem;
+	private String privateKeyPem;
+	private String certificatePem;
+	private String codeSecret;
+
+	private String loginTheme;
+	private String accountTheme;
+	private String adminTheme;
+	private String emailTheme;
+	private String masterAdminApp;
+
+	private List<RequiredCredentialModel> requiredCredentials = new ArrayList<RequiredCredentialModel>();
+	private List<UserFederationProviderModel> userFederationProviders = new ArrayList<UserFederationProviderModel>();
+	private List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
+
+	private Map<String, String> browserSecurityHeaders = new HashMap<String, String>();
+	private Map<String, String> smtpConfig = new HashMap<String, String>();
+
+	private boolean eventsEnabled;
+	private long eventsExpiration;
+	private Set<String> eventsListeners = new HashSet<String>();
+	private List<String> defaultRoles = new LinkedList<String>();
+	private Map<String, String> realmRoles = new HashMap<String, String>();
+	private Map<String, String> applications = new HashMap<String, String>();
+	private Map<String, String> clients = new HashMap<String, String>();
+
+	public CachedRealm() {
+	}
+
+	public CachedRealm(RealmCache cache, RealmProvider delegate, RealmModel model) {
+		id = model.getId();
+		name = model.getName();
+		enabled = model.isEnabled();
+		sslRequired = model.getSslRequired();
+		registrationAllowed = model.isRegistrationAllowed();
+		registrationEmailAsUsername = model.isRegistrationEmailAsUsername();
+		rememberMe = model.isRememberMe();
+		verifyEmail = model.isVerifyEmail();
+		passwordCredentialGrantAllowed = model.isPasswordCredentialGrantAllowed();
+		resetPasswordAllowed = model.isResetPasswordAllowed();
+		identityFederationEnabled = model.isIdentityFederationEnabled();
+		// --- brute force settings
+		bruteForceProtected = model.isBruteForceProtected();
+		maxFailureWaitSeconds = model.getMaxFailureWaitSeconds();
+		minimumQuickLoginWaitSeconds = model.getMinimumQuickLoginWaitSeconds();
+		waitIncrementSeconds = model.getWaitIncrementSeconds();
+		quickLoginCheckMilliSeconds = model.getQuickLoginCheckMilliSeconds();
+		maxDeltaTimeSeconds = model.getMaxDeltaTimeSeconds();
+		failureFactor = model.getFailureFactor();
+		// --- end brute force settings
+
+		ssoSessionIdleTimeout = model.getSsoSessionIdleTimeout();
+		ssoSessionMaxLifespan = model.getSsoSessionMaxLifespan();
+		accessTokenLifespan = model.getAccessTokenLifespan();
+		accessCodeLifespan = model.getAccessCodeLifespan();
+		accessCodeLifespanUserAction = model.getAccessCodeLifespanUserAction();
+		accessCodeLifespanLogin = model.getAccessCodeLifespanLogin();
+		notBefore = model.getNotBefore();
+		passwordPolicy = model.getPasswordPolicy();
+
+		publicKeyPem = model.getPublicKeyPem();
+		privateKeyPem = model.getPrivateKeyPem();
+		certificatePem = model.getCertificatePem();
+		codeSecret = model.getCodeSecret();
+
+		loginTheme = model.getLoginTheme();
+		accountTheme = model.getAccountTheme();
+		adminTheme = model.getAdminTheme();
+		emailTheme = model.getEmailTheme();
+
+		requiredCredentials = model.getRequiredCredentials();
+		userFederationProviders = model.getUserFederationProviders();
+
+		this.identityProviders = new ArrayList<IdentityProviderModel>();
+
+		for (IdentityProviderModel identityProviderModel : model.getIdentityProviders()) {
+			this.identityProviders.add(new IdentityProviderModel(identityProviderModel));
+		}
+
+		smtpConfig.putAll(model.getSmtpConfig());
+		browserSecurityHeaders.putAll(model.getBrowserSecurityHeaders());
+
+		eventsEnabled = model.isEventsEnabled();
+		eventsExpiration = model.getEventsExpiration();
+		eventsListeners.addAll(model.getEventsListeners());
+		defaultRoles.addAll(model.getDefaultRoles());
+		masterAdminApp = model.getMasterAdminApp().getId();
+
+		for (RoleModel role : model.getRoles()) {
+			realmRoles.put(role.getName(), role.getId());
+			CachedRole cachedRole = new CachedRealmRole(role, model);
+			cache.addCachedRole(cachedRole);
+		}
+
+		for (ApplicationModel app : model.getApplications()) {
+			applications.put(app.getName(), app.getId());
+			CachedApplication cachedApp = new CachedApplication(cache, delegate, model, app);
+			cache.addCachedApplication(cachedApp);
+		}
+
+		for (OAuthClientModel client : model.getOAuthClients()) {
+			clients.put(client.getClientId(), client.getId());
+			CachedOAuthClient cachedApp = new CachedOAuthClient(cache, delegate, model, client);
+			cache.addCachedOAuthClient(cachedApp);
+		}
+
+	}
+
+	public String getId() {
+		return id;
+	}
+
+	public String getMasterAdminApp() {
+		return masterAdminApp;
+	}
+
+	public String getName() {
+		return name;
+	}
+
+	public List<String> getDefaultRoles() {
+		return defaultRoles;
+	}
+
+	public Map<String, String> getRealmRoles() {
+		return realmRoles;
+	}
+
+	public Map<String, String> getApplications() {
+		return applications;
+	}
+
+	public Map<String, String> getClients() {
+		return clients;
+	}
+
+	public boolean isEnabled() {
+		return enabled;
+	}
+
+	public SslRequired getSslRequired() {
+		return sslRequired;
+	}
+
+	public boolean isRegistrationAllowed() {
+		return registrationAllowed;
+	}
+
+	public boolean isRegistrationEmailAsUsername() {
+		return registrationEmailAsUsername;
+	}
+
+	public boolean isPasswordCredentialGrantAllowed() {
+		return passwordCredentialGrantAllowed;
+	}
+
+	public boolean isRememberMe() {
+		return this.rememberMe;
+	}

-    public int getWaitIncrementSeconds() {
-        return this.waitIncrementSeconds;
-    }
+	public boolean isBruteForceProtected() {
+		return bruteForceProtected;
+	}

-    public int getMinimumQuickLoginWaitSeconds() {
-        return this.minimumQuickLoginWaitSeconds;
-    }
+	public int getMaxFailureWaitSeconds() {
+		return this.maxFailureWaitSeconds;
+	}

-    public long getQuickLoginCheckMilliSeconds() {
-        return quickLoginCheckMilliSeconds;
-    }
-
-    public int getMaxDeltaTimeSeconds() {
-        return maxDeltaTimeSeconds;
-    }
-
-    public int getFailureFactor() {
-        return failureFactor;
-    }
-
-    public boolean isVerifyEmail() {
-        return verifyEmail;
-    }
-
-    public boolean isResetPasswordAllowed() {
-        return resetPasswordAllowed;
-    }
+	public int getWaitIncrementSeconds() {
+		return this.waitIncrementSeconds;
+	}

-    public int getSsoSessionIdleTimeout() {
-        return ssoSessionIdleTimeout;
-    }
+	public int getMinimumQuickLoginWaitSeconds() {
+		return this.minimumQuickLoginWaitSeconds;
+	}
+
+	public long getQuickLoginCheckMilliSeconds() {
+		return quickLoginCheckMilliSeconds;
+	}
+
+	public int getMaxDeltaTimeSeconds() {
+		return maxDeltaTimeSeconds;
+	}
+
+	public int getFailureFactor() {
+		return failureFactor;
+	}

-    public int getSsoSessionMaxLifespan() {
-        return ssoSessionMaxLifespan;
-    }
+	public boolean isVerifyEmail() {
+		return verifyEmail;
+	}

-    public int getAccessTokenLifespan() {
-        return accessTokenLifespan;
-    }
+	public boolean isResetPasswordAllowed() {
+		return resetPasswordAllowed;
+	}
+
+	public int getSsoSessionIdleTimeout() {
+		return ssoSessionIdleTimeout;
+	}

-    public int getAccessCodeLifespan() {
-        return accessCodeLifespan;
-    }
+	public int getSsoSessionMaxLifespan() {
+		return ssoSessionMaxLifespan;
+	}

-    public int getAccessCodeLifespanUserAction() {
-        return accessCodeLifespanUserAction;
-    }
-    public int getAccessCodeLifespanLogin() {
-        return accessCodeLifespanLogin;
-    }
-
-    public String getPublicKeyPem() {
-        return publicKeyPem;
-    }
-
-    public String getPrivateKeyPem() {
-        return privateKeyPem;
-    }
-
-    public String getCodeSecret() {
-        return codeSecret;
-    }
-
-    public List<RequiredCredentialModel> getRequiredCredentials() {
-        return requiredCredentials;
-    }
-
-    public PasswordPolicy getPasswordPolicy() {
-        return passwordPolicy;
-    }
-
-    public boolean isIdentityFederationEnabled() {
-        return identityFederationEnabled;
-    }
-
-    public Map<String, String> getSmtpConfig() {
-        return smtpConfig;
-    }
-
-    public Map<String, String> getBrowserSecurityHeaders() {
-        return browserSecurityHeaders;
-    }
-
-    public String getLoginTheme() {
-        return loginTheme;
-    }
-
-    public String getAccountTheme() {
-        return accountTheme;
-    }
-
-    public String getAdminTheme() {
-        return this.adminTheme;
-    }
-
-    public String getEmailTheme() {
-        return emailTheme;
-    }
-
-    public int getNotBefore() {
-        return notBefore;
-    }
-
-    public boolean isEventsEnabled() {
-        return eventsEnabled;
-    }
-
-    public long getEventsExpiration() {
-        return eventsExpiration;
-    }
-
-    public Set<String> getEventsListeners() {
-        return eventsListeners;
-    }
-
-    public List<UserFederationProviderModel> getUserFederationProviders() {
-        return userFederationProviders;
-    }
-
-    public String getCertificatePem() {
-        return certificatePem;
-    }
-
-    public List<IdentityProviderModel> getIdentityProviders() {
-        return identityProviders;
-    }
+	public int getAccessTokenLifespan() {
+		return accessTokenLifespan;
+	}
+
+	public int getAccessCodeLifespan() {
+		return accessCodeLifespan;
+	}
+
+	public int getAccessCodeLifespanUserAction() {
+		return accessCodeLifespanUserAction;
+	}
+
+	public int getAccessCodeLifespanLogin() {
+		return accessCodeLifespanLogin;
+	}
+
+	public String getPublicKeyPem() {
+		return publicKeyPem;
+	}
+
+	public String getPrivateKeyPem() {
+		return privateKeyPem;
+	}
+
+	public String getCodeSecret() {
+		return codeSecret;
+	}
+
+	public List<RequiredCredentialModel> getRequiredCredentials() {
+		return requiredCredentials;
+	}
+
+	public PasswordPolicy getPasswordPolicy() {
+		return passwordPolicy;
+	}
+
+	public boolean isIdentityFederationEnabled() {
+		return identityFederationEnabled;
+	}
+
+	public Map<String, String> getSmtpConfig() {
+		return smtpConfig;
+	}
+
+	public Map<String, String> getBrowserSecurityHeaders() {
+		return browserSecurityHeaders;
+	}
+
+	public String getLoginTheme() {
+		return loginTheme;
+	}
+
+	public String getAccountTheme() {
+		return accountTheme;
+	}
+
+	public String getAdminTheme() {
+		return this.adminTheme;
+	}
+
+	public String getEmailTheme() {
+		return emailTheme;
+	}
+
+	public int getNotBefore() {
+		return notBefore;
+	}
+
+	public boolean isEventsEnabled() {
+		return eventsEnabled;
+	}
+
+	public long getEventsExpiration() {
+		return eventsExpiration;
+	}
+
+	public Set<String> getEventsListeners() {
+		return eventsListeners;
+	}
+
+	public List<UserFederationProviderModel> getUserFederationProviders() {
+		return userFederationProviders;
+	}
+
+	public String getCertificatePem() {
+		return certificatePem;
+	}
+
+	public List<IdentityProviderModel> getIdentityProviders() {
+		return identityProviders;
+	}
 }
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RealmEntity.java
@ -1,5 +1,13 @@
 package org.keycloak.models.jpa.entities;

+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
 import javax.persistence.CascadeType;
 import javax.persistence.CollectionTable;
 import javax.persistence.Column;
@ -15,432 +23,433 @@ import javax.persistence.NamedQuery;
 import javax.persistence.OneToMany;
 import javax.persistence.OneToOne;
 import javax.persistence.Table;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;

 /**
 * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
 * @version $Revision: 1 $
 */
-@Table(name="REALM")
+@Table(name = "REALM")
@Entity
-@NamedQueries({
-        @NamedQuery(name="getAllRealms", query="select realm from RealmEntity realm"),
-        @NamedQuery(name="getRealmByName", query="select realm from RealmEntity realm where realm.name = :name"),
-})
+@NamedQueries({ @NamedQuery(name = "getAllRealms", query = "select realm from RealmEntity realm"),
+		@NamedQuery(name = "getRealmByName", query = "select realm from RealmEntity realm where realm.name = :name"), })
 public class RealmEntity {
-    @Id
-    @Column(name="ID", length = 36)
-    protected String id;
-
-    @Column(name="NAME", unique = true)
-    protected String name;
-
-    @Column(name="ENABLED")
-    protected boolean enabled;
-    @Column(name="SSL_REQUIRED")
-    protected String sslRequired;
-    @Column(name="REGISTRATION_ALLOWED")
-    protected boolean registrationAllowed;
-    @Column(name="PASSWORD_CRED_GRANT_ALLOWED")
-    protected boolean passwordCredentialGrantAllowed;
-    @Column(name="VERIFY_EMAIL")
-    protected boolean verifyEmail;
-    @Column(name="RESET_PASSWORD_ALLOWED")
-    protected boolean resetPasswordAllowed;
-    @Column(name="REMEMBER_ME")
-    protected boolean rememberMe;
-    @Column(name="PASSWORD_POLICY")
-    protected String passwordPolicy;
-
-    @Column(name="SSO_IDLE_TIMEOUT")
-    private int ssoSessionIdleTimeout;
-    @Column(name="SSO_MAX_LIFESPAN")
-    private int ssoSessionMaxLifespan;
-    @Column(name="ACCESS_TOKEN_LIFESPAN")
-    protected int accessTokenLifespan;
-    @Column(name="ACCESS_CODE_LIFESPAN")
-    protected int accessCodeLifespan;
-    @Column(name="USER_ACTION_LIFESPAN")
-    protected int accessCodeLifespanUserAction;
-    @Column(name="LOGIN_LIFESPAN")
-    protected int accessCodeLifespanLogin;
-    @Column(name="NOT_BEFORE")
-    protected int notBefore;
-
-    @Column(name="PUBLIC_KEY", length = 2048)
-    protected String publicKeyPem;
-    @Column(name="PRIVATE_KEY", length = 2048)
-    protected String privateKeyPem;
-    @Column(name="CERTIFICATE", length = 2048)
-    protected String certificatePem;
-    @Column(name="CODE_SECRET", length = 255)
-    protected String codeSecret;
-
-    @Column(name="LOGIN_THEME")
-    protected String loginTheme;
-    @Column(name="ACCOUNT_THEME")
-    protected String accountTheme;
-    @Column(name="ADMIN_THEME")
-    protected String adminTheme;
-    @Column(name="EMAIL_THEME")
-    protected String emailTheme;
-
-    @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
-    Collection<RealmAttributeEntity> attributes = new ArrayList<RealmAttributeEntity>();
-
-    @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
-    Collection<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
-
-    @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true)
-    @JoinTable(name="FED_PROVIDERS")
-    List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
-
-    @OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
-    @JoinTable(name="REALM_APPLICATION", joinColumns={ @JoinColumn(name="APPLICATION_ID") }, inverseJoinColumns={ @JoinColumn(name="REALM_ID") })
-    Collection<ApplicationEntity> applications = new ArrayList<ApplicationEntity>();
-
-    @OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
-    Collection<RoleEntity> roles = new ArrayList<RoleEntity>();
-
-    @ElementCollection
-    @MapKeyColumn(name="NAME")
-    @Column(name="VALUE")
-    @CollectionTable(name="REALM_SMTP_CONFIG", joinColumns={ @JoinColumn(name="REALM_ID") })
-    protected Map<String, String> smtpConfig = new HashMap<String, String>();
-
-    @OneToMany(fetch = FetchType.LAZY, cascade ={CascadeType.REMOVE}, orphanRemoval = true)
-    @JoinTable(name="REALM_DEFAULT_ROLES", joinColumns = { @JoinColumn(name="REALM_ID")}, inverseJoinColumns = { @JoinColumn(name="ROLE_ID")})
-    protected Collection<RoleEntity> defaultRoles = new ArrayList<RoleEntity>();
-
-    @Column(name="EVENTS_ENABLED")
-    protected boolean eventsEnabled;
-    @Column(name="EVENTS_EXPIRATION")
-    protected long eventsExpiration;
-
-    @ElementCollection
-    @Column(name="VALUE")
-    @CollectionTable(name="REALM_EVENTS_LISTENERS", joinColumns={ @JoinColumn(name="REALM_ID") })
-    protected Set<String> eventsListeners = new HashSet<String>();
-
-    @OneToOne
-    @JoinColumn(name="MASTER_ADMIN_APP")
-    protected ApplicationEntity masterAdminApp;
-
-    @OneToMany(cascade ={CascadeType.REMOVE}, orphanRemoval = true, mappedBy = "realm")
-    protected List<IdentityProviderEntity> identityProviders = new ArrayList<IdentityProviderEntity>();
-
-    public String getId() {
-        return id;
-    }
-
-    public void setId(String id) {
-        this.id = id;
-    }
-
-    public String getName() {
-        return name;
-    }
-
-    public void setName(String name) {
-        this.name = name;
-    }
-
-    public boolean isEnabled() {
-        return enabled;
-    }
-
-    public void setEnabled(boolean enabled) {
-        this.enabled = enabled;
-    }
-
-    public String getSslRequired() {
-        return sslRequired;
-    }
-
-    public void setSslRequired(String sslRequired) {
-        this.sslRequired = sslRequired;
-    }
-
-    public boolean isPasswordCredentialGrantAllowed() {
-        return passwordCredentialGrantAllowed;
-    }
-
-    public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
-        this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
-    }
-
-    public boolean isRegistrationAllowed() {
-        return registrationAllowed;
-    }
-
-    public void setRegistrationAllowed(boolean registrationAllowed) {
-        this.registrationAllowed = registrationAllowed;
-    }
-
-    public boolean isRememberMe() {
-        return rememberMe;
-    }
-
-    public void setRememberMe(boolean rememberMe) {
-        this.rememberMe = rememberMe;
-    }
+	@Id
+	@Column(name = "ID", length = 36)
+	protected String id;
+
+	@Column(name = "NAME", unique = true)
+	protected String name;
+
+	@Column(name = "ENABLED")
+	protected boolean enabled;
+	@Column(name = "SSL_REQUIRED")
+	protected String sslRequired;
+	@Column(name = "REGISTRATION_ALLOWED")
+	protected boolean registrationAllowed;
+	@Column(name = "REGISTRATION_EMAIL_AS_USERNAME")
+	protected boolean registrationEmailAsUsername;
+	@Column(name = "PASSWORD_CRED_GRANT_ALLOWED")
+	protected boolean passwordCredentialGrantAllowed;
+	@Column(name = "VERIFY_EMAIL")
+	protected boolean verifyEmail;
+	@Column(name = "RESET_PASSWORD_ALLOWED")
+	protected boolean resetPasswordAllowed;
+	@Column(name = "REMEMBER_ME")
+	protected boolean rememberMe;
+	@Column(name = "PASSWORD_POLICY")
+	protected String passwordPolicy;
+
+	@Column(name = "SSO_IDLE_TIMEOUT")
+	private int ssoSessionIdleTimeout;
+	@Column(name = "SSO_MAX_LIFESPAN")
+	private int ssoSessionMaxLifespan;
+	@Column(name = "ACCESS_TOKEN_LIFESPAN")
+	protected int accessTokenLifespan;
+	@Column(name = "ACCESS_CODE_LIFESPAN")
+	protected int accessCodeLifespan;
+	@Column(name = "USER_ACTION_LIFESPAN")
+	protected int accessCodeLifespanUserAction;
+	@Column(name = "LOGIN_LIFESPAN")
+	protected int accessCodeLifespanLogin;
+	@Column(name = "NOT_BEFORE")
+	protected int notBefore;
+
+	@Column(name = "PUBLIC_KEY", length = 2048)
+	protected String publicKeyPem;
+	@Column(name = "PRIVATE_KEY", length = 2048)
+	protected String privateKeyPem;
+	@Column(name = "CERTIFICATE", length = 2048)
+	protected String certificatePem;
+	@Column(name = "CODE_SECRET", length = 255)
+	protected String codeSecret;
+
+	@Column(name = "LOGIN_THEME")
+	protected String loginTheme;
+	@Column(name = "ACCOUNT_THEME")
+	protected String accountTheme;
+	@Column(name = "ADMIN_THEME")
+	protected String adminTheme;
+	@Column(name = "EMAIL_THEME")
+	protected String emailTheme;
+
+	@OneToMany(cascade = { CascadeType.REMOVE }, orphanRemoval = true, mappedBy = "realm")
+	Collection<RealmAttributeEntity> attributes = new ArrayList<RealmAttributeEntity>();
+
+	@OneToMany(cascade = { CascadeType.REMOVE }, orphanRemoval = true, mappedBy = "realm")
+	Collection<RequiredCredentialEntity> requiredCredentials = new ArrayList<RequiredCredentialEntity>();
+
+	@OneToMany(cascade = { CascadeType.REMOVE }, orphanRemoval = true)
+	@JoinTable(name = "FED_PROVIDERS")
+	List<UserFederationProviderEntity> userFederationProviders = new ArrayList<UserFederationProviderEntity>();
+
+	@OneToMany(fetch = FetchType.LAZY, cascade = { CascadeType.REMOVE }, orphanRemoval = true)
+	@JoinTable(name = "REALM_APPLICATION", joinColumns = { @JoinColumn(name = "APPLICATION_ID") }, inverseJoinColumns = { @JoinColumn(name = "REALM_ID") })
+	Collection<ApplicationEntity> applications = new ArrayList<ApplicationEntity>();
+
+	@OneToMany(fetch = FetchType.LAZY, cascade = { CascadeType.REMOVE }, orphanRemoval = true, mappedBy = "realm")
+	Collection<RoleEntity> roles = new ArrayList<RoleEntity>();
+
+	@ElementCollection
+	@MapKeyColumn(name = "NAME")
+	@Column(name = "VALUE")
+	@CollectionTable(name = "REALM_SMTP_CONFIG", joinColumns = { @JoinColumn(name = "REALM_ID") })
+	protected Map<String, String> smtpConfig = new HashMap<String, String>();
+
+	@OneToMany(fetch = FetchType.LAZY, cascade = { CascadeType.REMOVE }, orphanRemoval = true)
+	@JoinTable(name = "REALM_DEFAULT_ROLES", joinColumns = { @JoinColumn(name = "REALM_ID") }, inverseJoinColumns = { @JoinColumn(name = "ROLE_ID") })
+	protected Collection<RoleEntity> defaultRoles = new ArrayList<RoleEntity>();
+
+	@Column(name = "EVENTS_ENABLED")
+	protected boolean eventsEnabled;
+	@Column(name = "EVENTS_EXPIRATION")
+	protected long eventsExpiration;
+
+	@ElementCollection
+	@Column(name = "VALUE")
+	@CollectionTable(name = "REALM_EVENTS_LISTENERS", joinColumns = { @JoinColumn(name = "REALM_ID") })
+	protected Set<String> eventsListeners = new HashSet<String>();
+
+	@OneToOne
+	@JoinColumn(name = "MASTER_ADMIN_APP")
+	protected ApplicationEntity masterAdminApp;
+
+	@OneToMany(cascade = { CascadeType.REMOVE }, orphanRemoval = true, mappedBy = "realm")
+	protected List<IdentityProviderEntity> identityProviders = new ArrayList<IdentityProviderEntity>();
+
+	public String getId() {
+		return id;
+	}
+
+	public void setId(String id) {
+		this.id = id;
+	}
+
+	public String getName() {
+		return name;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public boolean isEnabled() {
+		return enabled;
+	}
+
+	public void setEnabled(boolean enabled) {
+		this.enabled = enabled;
+	}
+
+	public String getSslRequired() {
+		return sslRequired;
+	}
+
+	public void setSslRequired(String sslRequired) {
+		this.sslRequired = sslRequired;
+	}
+
+	public boolean isPasswordCredentialGrantAllowed() {
+		return passwordCredentialGrantAllowed;
+	}
+
+	public void setPasswordCredentialGrantAllowed(boolean passwordCredentialGrantAllowed) {
+		this.passwordCredentialGrantAllowed = passwordCredentialGrantAllowed;
+	}
+
+	public boolean isRegistrationAllowed() {
+		return registrationAllowed;
+	}
+
+	public void setRegistrationAllowed(boolean registrationAllowed) {
+		this.registrationAllowed = registrationAllowed;
+	}
+
+	public boolean isRegistrationEmailAsUsername() {
+		return registrationEmailAsUsername;
+	}

-    public boolean isVerifyEmail() {
-        return verifyEmail;
-    }
-
-    public void setVerifyEmail(boolean verifyEmail) {
-        this.verifyEmail = verifyEmail;
-    }
-
-    public boolean isResetPasswordAllowed() {
-        return resetPasswordAllowed;
-    }
-
-    public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
-        this.resetPasswordAllowed = resetPasswordAllowed;
-    }
-
-    public int getSsoSessionIdleTimeout() {
-        return ssoSessionIdleTimeout;
-    }
-
-    public void setSsoSessionIdleTimeout(int ssoSessionIdleTimeout) {
-        this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
-    }
-
-    public int getSsoSessionMaxLifespan() {
-        return ssoSessionMaxLifespan;
-    }
-
-    public void setSsoSessionMaxLifespan(int ssoSessionMaxLifespan) {
-        this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
-    }
-
-    public int getAccessTokenLifespan() {
-        return accessTokenLifespan;
-    }
-
-    public void setAccessTokenLifespan(int accessTokenLifespan) {
-        this.accessTokenLifespan = accessTokenLifespan;
-    }
-
-    public int getAccessCodeLifespan() {
-        return accessCodeLifespan;
-    }
-
-    public void setAccessCodeLifespan(int accessCodeLifespan) {
-        this.accessCodeLifespan = accessCodeLifespan;
-    }
-
-    public int getAccessCodeLifespanUserAction() {
-        return accessCodeLifespanUserAction;
-    }
-
-    public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
-        this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
-    }
-    public int getAccessCodeLifespanLogin() {
-        return accessCodeLifespanLogin;
-    }
-
-    public void setAccessCodeLifespanLogin(int accessCodeLifespanLogin) {
-        this.accessCodeLifespanLogin = accessCodeLifespanLogin;
-    }
-
-    public String getPublicKeyPem() {
-        return publicKeyPem;
-    }
-
-    public void setPublicKeyPem(String publicKeyPem) {
-        this.publicKeyPem = publicKeyPem;
-    }
-
-    public String getPrivateKeyPem() {
-        return privateKeyPem;
-    }
-
-    public void setPrivateKeyPem(String privateKeyPem) {
-        this.privateKeyPem = privateKeyPem;
-    }
-
-    public String getCodeSecret() {
-        return codeSecret;
-    }
-
-    public void setCodeSecret(String codeSecret) {
-        this.codeSecret = codeSecret;
-    }
-
-    public Collection<RequiredCredentialEntity> getRequiredCredentials() {
-        return requiredCredentials;
-    }
-
-    public void setRequiredCredentials(Collection<RequiredCredentialEntity> requiredCredentials) {
-        this.requiredCredentials = requiredCredentials;
-    }
-
-    public Collection<ApplicationEntity> getApplications() {
-        return applications;
-    }
-
-    public void setApplications(Collection<ApplicationEntity> applications) {
-        this.applications = applications;
-    }
-
-    public Collection<RoleEntity> getRoles() {
-        return roles;
-    }
-
-    public void setRoles(Collection<RoleEntity> roles) {
-        this.roles = roles;
-    }
-
-    public void addRole(RoleEntity role) {
-        if (roles == null) {
-            roles = new ArrayList<RoleEntity>();
-        }
-        roles.add(role);
-    }
-
-    public Map<String, String> getSmtpConfig() {
-        return smtpConfig;
-    }
-
-    public void setSmtpConfig(Map<String, String> smtpConfig) {
-        this.smtpConfig = smtpConfig;
-    }
-
-    public Collection<RoleEntity> getDefaultRoles() {
-        return defaultRoles;
-    }
-
-    public void setDefaultRoles(Collection<RoleEntity> defaultRoles) {
-        this.defaultRoles = defaultRoles;
-    }
-
-    public String getPasswordPolicy() {
-        return passwordPolicy;
-    }
-
-    public void setPasswordPolicy(String passwordPolicy) {
-        this.passwordPolicy = passwordPolicy;
-    }
-
-    public String getLoginTheme() {
-        return loginTheme;
-    }
-
-    public void setLoginTheme(String theme) {
-        this.loginTheme = theme;
-    }
-
-    public String getAccountTheme() {
-        return accountTheme;
-    }
-
-    public void setAccountTheme(String theme) {
-        this.accountTheme = theme;
-    }
-
-    public String getAdminTheme() {
-        return adminTheme;
-    }
-
-    public void setAdminTheme(String adminTheme) {
-        this.adminTheme = adminTheme;
-    }
-
-    public String getEmailTheme() {
-        return emailTheme;
-    }
-
-    public void setEmailTheme(String emailTheme) {
-        this.emailTheme = emailTheme;
-    }
-
-    public int getNotBefore() {
-        return notBefore;
-    }
-
-    public void setNotBefore(int notBefore) {
-        this.notBefore = notBefore;
-    }
-
-    public boolean isEventsEnabled() {
-        return eventsEnabled;
-    }
-
-    public void setEventsEnabled(boolean eventsEnabled) {
-        this.eventsEnabled = eventsEnabled;
-    }
-
-    public long getEventsExpiration() {
-        return eventsExpiration;
-    }
-
-    public void setEventsExpiration(long eventsExpiration) {
-        this.eventsExpiration = eventsExpiration;
-    }
-
-    public Set<String> getEventsListeners() {
-        return eventsListeners;
-    }
-
-    public void setEventsListeners(Set<String> eventsListeners) {
-        this.eventsListeners = eventsListeners;
-    }
-
-    public ApplicationEntity getMasterAdminApp() {
-        return masterAdminApp;
-    }
-
-    public void setMasterAdminApp(ApplicationEntity masterAdminApp) {
-        this.masterAdminApp = masterAdminApp;
-    }
-
-    public List<UserFederationProviderEntity> getUserFederationProviders() {
-        return userFederationProviders;
-    }
+	public void setRegistrationEmailAsUsername(boolean registrationEmailAsUsername) {
+		this.registrationEmailAsUsername = registrationEmailAsUsername;
+	}

-    public void setUserFederationProviders(List<UserFederationProviderEntity> userFederationProviders) {
-        this.userFederationProviders = userFederationProviders;
-    }
+	public boolean isRememberMe() {
+		return rememberMe;
+	}

-    public Collection<RealmAttributeEntity> getAttributes() {
-        return attributes;
-    }
+	public void setRememberMe(boolean rememberMe) {
+		this.rememberMe = rememberMe;
+	}

-    public void setAttributes(Collection<RealmAttributeEntity> attributes) {
-        this.attributes = attributes;
-    }
+	public boolean isVerifyEmail() {
+		return verifyEmail;
+	}

-    public String getCertificatePem() {
-        return certificatePem;
-    }
+	public void setVerifyEmail(boolean verifyEmail) {
+		this.verifyEmail = verifyEmail;
+	}

-    public void setCertificatePem(String certificatePem) {
-        this.certificatePem = certificatePem;
-    }
+	public boolean isResetPasswordAllowed() {
+		return resetPasswordAllowed;
+	}

-    public List<IdentityProviderEntity> getIdentityProviders() {
-        return this.identityProviders;
-    }
+	public void setResetPasswordAllowed(boolean resetPasswordAllowed) {
+		this.resetPasswordAllowed = resetPasswordAllowed;
+	}
+
+	public int getSsoSessionIdleTimeout() {
+		return ssoSessionIdleTimeout;
+	}
+
+	public void setSsoSessionIdleTimeout(int ssoSessionIdleTimeout) {
+		this.ssoSessionIdleTimeout = ssoSessionIdleTimeout;
+	}

-    public void setIdentityProviders(List<IdentityProviderEntity> identityProviders) {
-        this.identityProviders = identityProviders;
-    }
+	public int getSsoSessionMaxLifespan() {
+		return ssoSessionMaxLifespan;
+	}

-    public void addIdentityProvider(IdentityProviderEntity entity) {
-        entity.setRealm(this);
-        getIdentityProviders().add(entity);
-    }
+	public void setSsoSessionMaxLifespan(int ssoSessionMaxLifespan) {
+		this.ssoSessionMaxLifespan = ssoSessionMaxLifespan;
+	}
+
+	public int getAccessTokenLifespan() {
+		return accessTokenLifespan;
+	}
+
+	public void setAccessTokenLifespan(int accessTokenLifespan) {
+		this.accessTokenLifespan = accessTokenLifespan;
+	}
+
+	public int getAccessCodeLifespan() {
+		return accessCodeLifespan;
+	}
+
+	public void setAccessCodeLifespan(int accessCodeLifespan) {
+		this.accessCodeLifespan = accessCodeLifespan;
+	}
+
+	public int getAccessCodeLifespanUserAction() {
+		return accessCodeLifespanUserAction;
+	}
+
+	public void setAccessCodeLifespanUserAction(int accessCodeLifespanUserAction) {
+		this.accessCodeLifespanUserAction = accessCodeLifespanUserAction;
+	}
+
+	public int getAccessCodeLifespanLogin() {
+		return accessCodeLifespanLogin;
+	}
+
+	public void setAccessCodeLifespanLogin(int accessCodeLifespanLogin) {
+		this.accessCodeLifespanLogin = accessCodeLifespanLogin;
+	}
+
+	public String getPublicKeyPem() {
+		return publicKeyPem;
+	}
+
+	public void setPublicKeyPem(String publicKeyPem) {
+		this.publicKeyPem = publicKeyPem;
+	}
+
+	public String getPrivateKeyPem() {
+		return privateKeyPem;
+	}
+
+	public void setPrivateKeyPem(String privateKeyPem) {
+		this.privateKeyPem = privateKeyPem;
+	}
+
+	public String getCodeSecret() {
+		return codeSecret;
+	}
+
+	public void setCodeSecret(String codeSecret) {
+		this.codeSecret = codeSecret;
+	}
+
+	public Collection<RequiredCredentialEntity> getRequiredCredentials() {
+		return requiredCredentials;
+	}
+
+	public void setRequiredCredentials(Collection<RequiredCredentialEntity> requiredCredentials) {
+		this.requiredCredentials = requiredCredentials;
+	}
+
+	public Collection<ApplicationEntity> getApplications() {
+		return applications;
+	}
+
+	public void setApplications(Collection<ApplicationEntity> applications) {
+		this.applications = applications;
+	}
+
+	public Collection<RoleEntity> getRoles() {
+		return roles;
+	}
+
+	public void setRoles(Collection<RoleEntity> roles) {
+		this.roles = roles;
+	}
+
+	public void addRole(RoleEntity role) {
+		if (roles == null) {
+			roles = new ArrayList<RoleEntity>();
+		}
+		roles.add(role);
+	}
+
+	public Map<String, String> getSmtpConfig() {
+		return smtpConfig;
+	}
+
+	public void setSmtpConfig(Map<String, String> smtpConfig) {
+		this.smtpConfig = smtpConfig;
+	}
+
+	public Collection<RoleEntity> getDefaultRoles() {
+		return defaultRoles;
+	}
+
+	public void setDefaultRoles(Collection<RoleEntity> defaultRoles) {
+		this.defaultRoles = defaultRoles;
+	}
+
+	public String getPasswordPolicy() {
+		return passwordPolicy;
+	}
+
+	public void setPasswordPolicy(String passwordPolicy) {
+		this.passwordPolicy = passwordPolicy;
+	}
+
+	public String getLoginTheme() {
+		return loginTheme;
+	}
+
+	public void setLoginTheme(String theme) {
+		this.loginTheme = theme;
+	}
+
+	public String getAccountTheme() {
+		return accountTheme;
+	}
+
+	public void setAccountTheme(String theme) {
+		this.accountTheme = theme;
+	}
+
+	public String getAdminTheme() {
+		return adminTheme;
+	}
+
+	public void setAdminTheme(String adminTheme) {
+		this.adminTheme = adminTheme;
+	}
+
+	public String getEmailTheme() {
+		return emailTheme;
+	}
+
+	public void setEmailTheme(String emailTheme) {
+		this.emailTheme = emailTheme;
+	}
+
+	public int getNotBefore() {
+		return notBefore;
+	}
+
+	public void setNotBefore(int notBefore) {
+		this.notBefore = notBefore;
+	}
+
+	public boolean isEventsEnabled() {
+		return eventsEnabled;
+	}
+
+	public void setEventsEnabled(boolean eventsEnabled) {
+		this.eventsEnabled = eventsEnabled;
+	}
+
+	public long getEventsExpiration() {
+		return eventsExpiration;
+	}
+
+	public void setEventsExpiration(long eventsExpiration) {
+		this.eventsExpiration = eventsExpiration;
+	}
+
+	public Set<String> getEventsListeners() {
+		return eventsListeners;
+	}
+
+	public void setEventsListeners(Set<String> eventsListeners) {
+		this.eventsListeners = eventsListeners;
+	}
+
+	public ApplicationEntity getMasterAdminApp() {
+		return masterAdminApp;
+	}
+
+	public void setMasterAdminApp(ApplicationEntity masterAdminApp) {
+		this.masterAdminApp = masterAdminApp;
+	}
+
+	public List<UserFederationProviderEntity> getUserFederationProviders() {
+		return userFederationProviders;
+	}
+
+	public void setUserFederationProviders(List<UserFederationProviderEntity> userFederationProviders) {
+		this.userFederationProviders = userFederationProviders;
+	}
+
+	public Collection<RealmAttributeEntity> getAttributes() {
+		return attributes;
+	}
+
+	public void setAttributes(Collection<RealmAttributeEntity> attributes) {
+		this.attributes = attributes;
+	}
+
+	public String getCertificatePem() {
+		return certificatePem;
+	}
+
+	public void setCertificatePem(String certificatePem) {
+		this.certificatePem = certificatePem;
+	}
+
+	public List<IdentityProviderEntity> getIdentityProviders() {
+		return this.identityProviders;
+	}
+
+	public void setIdentityProviders(List<IdentityProviderEntity> identityProviders) {
+		this.identityProviders = identityProviders;
+	}
+
+	public void addIdentityProvider(IdentityProviderEntity entity) {
+		entity.setRealm(this);
+		getIdentityProviders().add(entity);
+	}

 }
-
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
--- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
@ -21,58 +21,59 @@ import org.keycloak.representations.idm.CredentialRepresentation;
 */
 public class ApplianceBootstrap {

-    private static final Logger logger = Logger.getLogger(ApplianceBootstrap.class);
+	private static final Logger logger = Logger.getLogger(ApplianceBootstrap.class);

-    public void bootstrap(KeycloakSessionFactory sessionFactory, String contextPath) {
-        KeycloakSession session = sessionFactory.create();
-        session.getTransaction().begin();
+	public void bootstrap(KeycloakSessionFactory sessionFactory, String contextPath) {
+		KeycloakSession session = sessionFactory.create();
+		session.getTransaction().begin();

-        try {
-            bootstrap(session, contextPath);
-            session.getTransaction().commit();
-        } finally {
-            session.close();
-        }
-    }
+		try {
+			bootstrap(session, contextPath);
+			session.getTransaction().commit();
+		} finally {
+			session.close();
+		}
+	}

-    public void bootstrap(KeycloakSession session, String contextPath) {
-        String adminRealmName = Config.getAdminRealm();
-        if (session.realms().getRealm(adminRealmName) != null) {
-            return;
-        }
+	public void bootstrap(KeycloakSession session, String contextPath) {
+		String adminRealmName = Config.getAdminRealm();
+		if (session.realms().getRealm(adminRealmName) != null) {
+			return;
+		}

-        logger.info("Initializing " + adminRealmName + " realm");
+		logger.info("Initializing " + adminRealmName + " realm");

-        RealmManager manager = new RealmManager(session);
-        manager.setContextPath(contextPath);
-        RealmModel realm = manager.createRealm(adminRealmName, adminRealmName);
-        realm.setName(adminRealmName);
-        realm.setEnabled(true);
-        realm.addRequiredCredential(CredentialRepresentation.PASSWORD);
-        realm.setSsoSessionIdleTimeout(1800);
-        realm.setAccessTokenLifespan(60);
-        realm.setSsoSessionMaxLifespan(36000);
-        realm.setAccessCodeLifespan(60);
-        realm.setAccessCodeLifespanUserAction(300);
-        realm.setSslRequired(SslRequired.EXTERNAL);
-        realm.setRegistrationAllowed(false);
-        KeycloakModelUtils.generateRealmKeys(realm);
+		RealmManager manager = new RealmManager(session);
+		manager.setContextPath(contextPath);
+		RealmModel realm = manager.createRealm(adminRealmName, adminRealmName);
+		realm.setName(adminRealmName);
+		realm.setEnabled(true);
+		realm.addRequiredCredential(CredentialRepresentation.PASSWORD);
+		realm.setSsoSessionIdleTimeout(1800);
+		realm.setAccessTokenLifespan(60);
+		realm.setSsoSessionMaxLifespan(36000);
+		realm.setAccessCodeLifespan(60);
+		realm.setAccessCodeLifespanUserAction(300);
+		realm.setSslRequired(SslRequired.EXTERNAL);
+		realm.setRegistrationAllowed(false);
+		realm.setRegistrationEmailAsUsername(false);
+		KeycloakModelUtils.generateRealmKeys(realm);

-        UserModel adminUser = session.users().addUser(realm, "admin");
-        adminUser.setEnabled(true);
-        UserCredentialModel password = new UserCredentialModel();
-        password.setType(UserCredentialModel.PASSWORD);
-        password.setValue("admin");
-        session.users().updateCredential(realm, adminUser, password);
-        adminUser.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
+		UserModel adminUser = session.users().addUser(realm, "admin");
+		adminUser.setEnabled(true);
+		UserCredentialModel password = new UserCredentialModel();
+		password.setType(UserCredentialModel.PASSWORD);
+		password.setValue("admin");
+		session.users().updateCredential(realm, adminUser, password);
+		adminUser.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);

-        RoleModel adminRole = realm.getRole(AdminRoles.ADMIN);
-        adminUser.grantRole(adminRole);
+		RoleModel adminRole = realm.getRole(AdminRoles.ADMIN);
+		adminUser.grantRole(adminRole);

-        ApplicationModel accountApp = realm.getApplicationNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
-        for (String r : accountApp.getDefaultRoles()) {
-            adminUser.grantRole(accountApp.getRole(r));
-        }
-    }
+		ApplicationModel accountApp = realm.getApplicationNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
+		for (String r : accountApp.getDefaultRoles()) {
+			adminUser.grantRole(accountApp.getRole(r));
+		}
+	}

 }
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
--- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
--- a/services/src/main/java/org/keycloak/services/validation/Validation.java
+++ b/services/src/main/java/org/keycloak/services/validation/Validation.java
@ -1,83 +1,86 @@
 package org.keycloak.services.validation;

-import org.keycloak.models.PasswordPolicy;
-import org.keycloak.representations.idm.CredentialRepresentation;
-import org.keycloak.services.messages.Messages;
-
-import javax.ws.rs.core.MultivaluedMap;
 import java.util.List;
 import java.util.regex.Pattern;

+import javax.ws.rs.core.MultivaluedMap;
+
+import org.keycloak.models.PasswordPolicy;
+import org.keycloak.models.RealmModel;
+import org.keycloak.representations.idm.CredentialRepresentation;
+import org.keycloak.services.messages.Messages;
+
 public class Validation {

-    // Actually allow same emails like angular. See ValidationTest.testEmailValidation()
-    private static final Pattern EMAIL_PATTERN = Pattern.compile("[a-zA-Z0-9!#$%&'*+/=?^_`{|}~.-]+@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*");
+	// Actually allow same emails like angular. See ValidationTest.testEmailValidation()
+	private static final Pattern EMAIL_PATTERN = Pattern
+			.compile("[a-zA-Z0-9!#$%&'*+/=?^_`{|}~.-]+@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*");

-    public static String validateRegistrationForm(MultivaluedMap<String, String> formData, List<String> requiredCredentialTypes) {
-        if (isEmpty(formData.getFirst("firstName"))) {
-            return Messages.MISSING_FIRST_NAME;
-        }
+	public static String validateRegistrationForm(RealmModel realm, MultivaluedMap<String, String> formData,
+			List<String> requiredCredentialTypes) {
+		if (isEmpty(formData.getFirst("firstName"))) {
+			return Messages.MISSING_FIRST_NAME;
+		}

-        if (isEmpty(formData.getFirst("lastName"))) {
-            return Messages.MISSING_LAST_NAME;
-        }
+		if (isEmpty(formData.getFirst("lastName"))) {
+			return Messages.MISSING_LAST_NAME;
+		}

-        if (isEmpty(formData.getFirst("email"))) {
-            return Messages.MISSING_EMAIL;
-        }
+		if (isEmpty(formData.getFirst("email"))) {
+			return Messages.MISSING_EMAIL;
+		}

-        if (!isEmailValid(formData.getFirst("email"))) {
-            return Messages.INVALID_EMAIL;
-        }
+		if (!isEmailValid(formData.getFirst("email"))) {
+			return Messages.INVALID_EMAIL;
+		}

-        if (isEmpty(formData.getFirst("username"))) {
-            return Messages.MISSING_USERNAME;
-        }
+		if (!realm.isRegistrationEmailAsUsername() && isEmpty(formData.getFirst("username"))) {
+			return Messages.MISSING_USERNAME;
+		}

-        if (requiredCredentialTypes.contains(CredentialRepresentation.PASSWORD)) {
-            if (isEmpty(formData.getFirst(CredentialRepresentation.PASSWORD))) {
-                return Messages.MISSING_PASSWORD;
-            }
+		if (requiredCredentialTypes.contains(CredentialRepresentation.PASSWORD)) {
+			if (isEmpty(formData.getFirst(CredentialRepresentation.PASSWORD))) {
+				return Messages.MISSING_PASSWORD;
+			}

-            if (!formData.getFirst("password").equals(formData.getFirst("password-confirm"))) {
-                return Messages.INVALID_PASSWORD_CONFIRM;
-            }
-        }
+			if (!formData.getFirst("password").equals(formData.getFirst("password-confirm"))) {
+				return Messages.INVALID_PASSWORD_CONFIRM;
+			}
+		}

-        return null;
-    }
+		return null;
+	}

-    public static String validatePassword(MultivaluedMap<String, String> formData, PasswordPolicy policy) {
-        return policy.validate(formData.getFirst("password"));
-    }
+	public static String validatePassword(MultivaluedMap<String, String> formData, PasswordPolicy policy) {
+		return policy.validate(formData.getFirst("password"));
+	}

-    public static String validateUpdateProfileForm(MultivaluedMap<String, String> formData) {
-        if (isEmpty(formData.getFirst("firstName"))) {
-            return Messages.MISSING_FIRST_NAME;
-        }
+	public static String validateUpdateProfileForm(MultivaluedMap<String, String> formData) {
+		if (isEmpty(formData.getFirst("firstName"))) {
+			return Messages.MISSING_FIRST_NAME;
+		}

-        if (isEmpty(formData.getFirst("lastName"))) {
-            return Messages.MISSING_LAST_NAME;
-        }
+		if (isEmpty(formData.getFirst("lastName"))) {
+			return Messages.MISSING_LAST_NAME;
+		}

-        if (isEmpty(formData.getFirst("email"))) {
-            return Messages.MISSING_EMAIL;
-        }
+		if (isEmpty(formData.getFirst("email"))) {
+			return Messages.MISSING_EMAIL;
+		}

-        if (!isEmailValid(formData.getFirst("email"))) {
-            return Messages.INVALID_EMAIL;
-        }
+		if (!isEmailValid(formData.getFirst("email"))) {
+			return Messages.INVALID_EMAIL;
+		}

-        return null;
-    }
+		return null;
+	}

-    public static boolean isEmpty(String s) {
-        return s == null || s.length() == 0;
-    }
-
-    public static boolean isEmailValid(String email) {
-        return EMAIL_PATTERN.matcher(email).matches();
-    }
+	public static boolean isEmpty(String s) {
+		return s == null || s.length() == 0;
+	}

+	public static boolean isEmailValid(String email) {
+		return EMAIL_PATTERN.matcher(email).matches();
+	}

 }
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java
@ -21,6 +21,21 @@
 */
 package org.keycloak.testsuite.admin;

+import java.io.IOException;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+import javax.ws.rs.client.ClientRequestContext;
+import javax.ws.rs.client.ClientRequestFilter;
+import javax.ws.rs.client.Entity;
+import javax.ws.rs.client.WebTarget;
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriBuilder;
+
 import org.junit.Assert;
 import org.junit.ClassRule;
 import org.junit.Test;
@ -41,252 +56,275 @@ import org.keycloak.services.resources.admin.AdminRoot;
 import org.keycloak.testsuite.rule.AbstractKeycloakRule;
 import org.keycloak.testutils.KeycloakServer;

-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientRequestFilter;
-import javax.ws.rs.client.Entity;
-import javax.ws.rs.client.WebTarget;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriBuilder;
-import java.io.IOException;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
 /**
 * Tests Undertow Adapter
- *
+ * 
 * @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
 */
 public class AdminAPITest {

-    @ClassRule
-    public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
-        @Override
-        protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
-        }
-    };
+	@ClassRule
+	public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
+		@Override
+		protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
+		}
+	};

-    private static String createToken() {
-        KeycloakSession session = keycloakRule.startSession();
-        try {
-            RealmManager manager = new RealmManager(session);
+	private static String createToken() {
+		KeycloakSession session = keycloakRule.startSession();
+		try {
+			RealmManager manager = new RealmManager(session);

-            RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
-            ApplicationModel adminConsole = adminRealm.getApplicationByName(Constants.ADMIN_CONSOLE_APPLICATION);
-            TokenManager tm = new TokenManager();
-            UserModel admin = session.users().getUserByUsername("admin", adminRealm);
-            UserSessionModel userSession = session.sessions().createUserSession(adminRealm, admin, "admin", null, "form", false);
-            AccessToken token = tm.createClientAccessToken(session, tm.getAccess(null, adminConsole, admin), adminRealm, adminConsole, admin, userSession, null);
-            return tm.encodeToken(adminRealm, token);
-        } finally {
-            keycloakRule.stopSession(session, true);
-        }
-    }
+			RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
+			ApplicationModel adminConsole = adminRealm.getApplicationByName(Constants.ADMIN_CONSOLE_APPLICATION);
+			TokenManager tm = new TokenManager();
+			UserModel admin = session.users().getUserByUsername("admin", adminRealm);
+			UserSessionModel userSession = session.sessions().createUserSession(adminRealm, admin, "admin", null, "form",
+					false);
+			AccessToken token = tm.createClientAccessToken(session, tm.getAccess(null, adminConsole, admin), adminRealm,
+					adminConsole, admin, userSession, null);
+			return tm.encodeToken(adminRealm, token);
+		} finally {
+			keycloakRule.stopSession(session, true);
+		}
+	}

-    protected void testCreateRealm(RealmRepresentation rep) {
-        String token = createToken();
-        final String authHeader = "Bearer " + token;
-        ClientRequestFilter authFilter = new ClientRequestFilter() {
-            @Override
-            public void filter(ClientRequestContext requestContext) throws IOException {
-                requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, authHeader);
-            }
-        };
-        Client client = ClientBuilder.newBuilder().register(authFilter).build();
-        UriBuilder authBase = UriBuilder.fromUri("http://localhost:8081/auth");
-        WebTarget adminRealms = client.target(AdminRoot.realmsUrl(authBase));
-        String realmName = rep.getRealm();
-        WebTarget realmTarget = adminRealms.path(realmName);
+	protected void testCreateRealm(RealmRepresentation rep) {
+		String token = createToken();
+		final String authHeader = "Bearer " + token;
+		ClientRequestFilter authFilter = new ClientRequestFilter() {
+			@Override
+			public void filter(ClientRequestContext requestContext) throws IOException {
+				requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, authHeader);
+			}
+		};
+		Client client = ClientBuilder.newBuilder().register(authFilter).build();
+		UriBuilder authBase = UriBuilder.fromUri("http://localhost:8081/auth");
+		WebTarget adminRealms = client.target(AdminRoot.realmsUrl(authBase));
+		String realmName = rep.getRealm();
+		WebTarget realmTarget = adminRealms.path(realmName);

+		// create with just name, enabled, and id, just like admin console
+		RealmRepresentation newRep = new RealmRepresentation();
+		newRep.setRealm(rep.getRealm());
+		newRep.setEnabled(rep.isEnabled());
+		{
+			Response response = adminRealms.request().post(Entity.json(newRep));
+			Assert.assertEquals(201, response.getStatus());
+			response.close();
+		}
+		// todo test with full import with initial create
+		RealmRepresentation storedRealm = realmTarget.request().get(RealmRepresentation.class);
+		checkRealmRep(newRep, storedRealm);

-        // create with just name, enabled, and id, just like admin console
-        RealmRepresentation newRep = new RealmRepresentation();
-        newRep.setRealm(rep.getRealm());
-        newRep.setEnabled(rep.isEnabled());
-        {
-            Response response = adminRealms.request().post(Entity.json(newRep));
-            Assert.assertEquals(201, response.getStatus());
-            response.close();
-        }
-        // todo test with full import with initial create
-        RealmRepresentation storedRealm = realmTarget.request().get(RealmRepresentation.class);
-        checkRealmRep(newRep, storedRealm);
+		Response updateResponse = realmTarget.request().put(Entity.json(rep));
+		Assert.assertEquals(204, updateResponse.getStatus());
+		updateResponse.close();
+		storedRealm = realmTarget.request().get(RealmRepresentation.class);
+		checkRealmRep(rep, storedRealm);

-        Response updateResponse = realmTarget.request().put(Entity.json(rep));
-        Assert.assertEquals(204, updateResponse.getStatus());
-        updateResponse.close();
-        storedRealm = realmTarget.request().get(RealmRepresentation.class);
-        checkRealmRep(rep, storedRealm);
+		if (rep.getApplications() != null) {
+			WebTarget applicationsTarget = realmTarget.path("applications");
+			for (ApplicationRepresentation appRep : rep.getApplications()) {
+				ApplicationRepresentation newApp = new ApplicationRepresentation();
+				if (appRep.getId() != null)
+					newApp.setId(appRep.getId());
+				newApp.setName(appRep.getName());
+				if (appRep.getSecret() != null) {
+					newApp.setSecret(appRep.getSecret());
+				}
+				Response appCreateResponse = applicationsTarget.request().post(Entity.json(newApp));
+				Assert.assertEquals(201, appCreateResponse.getStatus());
+				appCreateResponse.close();
+				WebTarget appTarget = applicationsTarget.path(appRep.getName());
+				CredentialRepresentation cred = appTarget.path("client-secret").request().get(CredentialRepresentation.class);
+				if (appRep.getSecret() != null)
+					Assert.assertEquals(appRep.getSecret(), cred.getValue());
+				CredentialRepresentation newCred = appTarget.path("client-secret").request()
+						.post(null, CredentialRepresentation.class);
+				Assert.assertNotEquals(newCred.getValue(), cred.getValue());

-        if (rep.getApplications() != null) {
-            WebTarget applicationsTarget = realmTarget.path("applications");
-            for (ApplicationRepresentation appRep : rep.getApplications()) {
-                ApplicationRepresentation newApp = new ApplicationRepresentation();
-                if (appRep.getId() != null) newApp.setId(appRep.getId());
-                newApp.setName(appRep.getName());
-                if (appRep.getSecret() != null) {
-                    newApp.setSecret(appRep.getSecret());
-                }
-                Response appCreateResponse = applicationsTarget.request().post(Entity.json(newApp));
-                Assert.assertEquals(201, appCreateResponse.getStatus());
-                appCreateResponse.close();
-                WebTarget appTarget = applicationsTarget.path(appRep.getName());
-                CredentialRepresentation cred = appTarget.path("client-secret").request().get(CredentialRepresentation.class);
-                if (appRep.getSecret() != null) Assert.assertEquals(appRep.getSecret(), cred.getValue());
-                CredentialRepresentation newCred = appTarget.path("client-secret").request().post(null, CredentialRepresentation.class);
-                Assert.assertNotEquals(newCred.getValue(), cred.getValue());
+				Response appUpdateResponse = appTarget.request().put(Entity.json(appRep));
+				Assert.assertEquals(204, appUpdateResponse.getStatus());
+				appUpdateResponse.close();

-                Response appUpdateResponse = appTarget.request().put(Entity.json(appRep));
-                Assert.assertEquals(204, appUpdateResponse.getStatus());
-                appUpdateResponse.close();
+				ApplicationRepresentation storedApp = appTarget.request().get(ApplicationRepresentation.class);

+				checkAppUpdate(appRep, storedApp);

-                ApplicationRepresentation storedApp = appTarget.request().get(ApplicationRepresentation.class);
+			}
+		}

-                checkAppUpdate(appRep, storedApp);
+		// delete realm
+		{
+			Response response = adminRealms.path(realmName).request().delete();
+			Assert.assertEquals(204, response.getStatus());
+			response.close();

-            }
-        }
+		}
+		client.close();
+	}

-        // delete realm
-        {
-            Response response = adminRealms.path(realmName).request().delete();
-            Assert.assertEquals(204, response.getStatus());
-            response.close();
+	protected void checkAppUpdate(ApplicationRepresentation appRep, ApplicationRepresentation storedApp) {
+		if (appRep.getName() != null)
+			Assert.assertEquals(appRep.getName(), storedApp.getName());
+		if (appRep.isEnabled() != null)
+			Assert.assertEquals(appRep.isEnabled(), storedApp.isEnabled());
+		if (appRep.isBearerOnly() != null)
+			Assert.assertEquals(appRep.isBearerOnly(), storedApp.isBearerOnly());
+		if (appRep.isPublicClient() != null)
+			Assert.assertEquals(appRep.isPublicClient(), storedApp.isPublicClient());
+		if (appRep.isFullScopeAllowed() != null)
+			Assert.assertEquals(appRep.isFullScopeAllowed(), storedApp.isFullScopeAllowed());
+		if (appRep.getAdminUrl() != null)
+			Assert.assertEquals(appRep.getAdminUrl(), storedApp.getAdminUrl());
+		if (appRep.getBaseUrl() != null)
+			Assert.assertEquals(appRep.getBaseUrl(), storedApp.getBaseUrl());
+		if (appRep.isSurrogateAuthRequired() != null)
+			Assert.assertEquals(appRep.isSurrogateAuthRequired(), storedApp.isSurrogateAuthRequired());

-        }
-        client.close();
-    }
+		if (appRep.getNotBefore() != null) {
+			Assert.assertEquals(appRep.getNotBefore(), storedApp.getNotBefore());
+		}
+		if (appRep.getDefaultRoles() != null) {
+			Set<String> set = new HashSet<String>();
+			for (String val : appRep.getDefaultRoles()) {
+				set.add(val);
+			}
+			Set<String> storedSet = new HashSet<String>();
+			for (String val : storedApp.getDefaultRoles()) {
+				storedSet.add(val);
+			}

-    protected void checkAppUpdate(ApplicationRepresentation appRep, ApplicationRepresentation storedApp) {
-        if (appRep.getName() != null) Assert.assertEquals(appRep.getName(), storedApp.getName());
-        if (appRep.isEnabled() != null) Assert.assertEquals(appRep.isEnabled(), storedApp.isEnabled());
-        if (appRep.isBearerOnly() != null) Assert.assertEquals(appRep.isBearerOnly(), storedApp.isBearerOnly());
-        if (appRep.isPublicClient() != null) Assert.assertEquals(appRep.isPublicClient(), storedApp.isPublicClient());
-        if (appRep.isFullScopeAllowed() != null) Assert.assertEquals(appRep.isFullScopeAllowed(), storedApp.isFullScopeAllowed());
-        if (appRep.getAdminUrl() != null) Assert.assertEquals(appRep.getAdminUrl(), storedApp.getAdminUrl());
-        if (appRep.getBaseUrl() != null) Assert.assertEquals(appRep.getBaseUrl(), storedApp.getBaseUrl());
-        if (appRep.isSurrogateAuthRequired() != null) Assert.assertEquals(appRep.isSurrogateAuthRequired(), storedApp.isSurrogateAuthRequired());
+			Assert.assertEquals(set, storedSet);
+		}

-        if (appRep.getNotBefore() != null) {
-            Assert.assertEquals(appRep.getNotBefore(), storedApp.getNotBefore());
-        }
-        if (appRep.getDefaultRoles() != null) {
-            Set<String> set = new HashSet<String>();
-            for (String val : appRep.getDefaultRoles()) {
-                set.add(val);
-            }
-            Set<String> storedSet = new HashSet<String>();
-            for (String val : storedApp.getDefaultRoles()) {
-                storedSet.add(val);
-            }
+		List<String> redirectUris = appRep.getRedirectUris();
+		if (redirectUris != null) {
+			Set<String> set = new HashSet<String>();
+			for (String val : appRep.getRedirectUris()) {
+				set.add(val);
+			}
+			Set<String> storedSet = new HashSet<String>();
+			for (String val : storedApp.getRedirectUris()) {
+				storedSet.add(val);
+			}

-            Assert.assertEquals(set, storedSet);
-        }
+			Assert.assertEquals(set, storedSet);
+		}

-        List<String> redirectUris = appRep.getRedirectUris();
-        if (redirectUris != null) {
-            Set<String> set = new HashSet<String>();
-            for (String val : appRep.getRedirectUris()) {
-                set.add(val);
-            }
-            Set<String> storedSet = new HashSet<String>();
-            for (String val : storedApp.getRedirectUris()) {
-                storedSet.add(val);
-            }
+		List<String> webOrigins = appRep.getWebOrigins();
+		if (webOrigins != null) {
+			Set<String> set = new HashSet<String>();
+			for (String val : appRep.getWebOrigins()) {
+				set.add(val);
+			}
+			Set<String> storedSet = new HashSet<String>();
+			for (String val : storedApp.getWebOrigins()) {
+				storedSet.add(val);
+			}

-            Assert.assertEquals(set, storedSet);
-        }
+			Assert.assertEquals(set, storedSet);
+		}
+	}

-        List<String> webOrigins = appRep.getWebOrigins();
-        if (webOrigins != null) {
-            Set<String> set = new HashSet<String>();
-            for (String val : appRep.getWebOrigins()) {
-                set.add(val);
-            }
-            Set<String> storedSet = new HashSet<String>();
-            for (String val : storedApp.getWebOrigins()) {
-                storedSet.add(val);
-            }
+	protected void checkRealmRep(RealmRepresentation rep, RealmRepresentation storedRealm) {
+		if (rep.getId() != null) {
+			Assert.assertEquals(rep.getId(), storedRealm.getId());
+		}
+		if (rep.getRealm() != null) {
+			Assert.assertEquals(rep.getRealm(), storedRealm.getRealm());
+		}
+		if (rep.isEnabled() != null)
+			Assert.assertEquals(rep.isEnabled(), storedRealm.isEnabled());
+		if (rep.isBruteForceProtected() != null)
+			Assert.assertEquals(rep.isBruteForceProtected(), storedRealm.isBruteForceProtected());
+		if (rep.getMaxFailureWaitSeconds() != null)
+			Assert.assertEquals(rep.getMaxFailureWaitSeconds(), storedRealm.getMaxFailureWaitSeconds());
+		if (rep.getMinimumQuickLoginWaitSeconds() != null)
+			Assert.assertEquals(rep.getMinimumQuickLoginWaitSeconds(), storedRealm.getMinimumQuickLoginWaitSeconds());
+		if (rep.getWaitIncrementSeconds() != null)
+			Assert.assertEquals(rep.getWaitIncrementSeconds(), storedRealm.getWaitIncrementSeconds());
+		if (rep.getQuickLoginCheckMilliSeconds() != null)
+			Assert.assertEquals(rep.getQuickLoginCheckMilliSeconds(), storedRealm.getQuickLoginCheckMilliSeconds());
+		if (rep.getMaxDeltaTimeSeconds() != null)
+			Assert.assertEquals(rep.getMaxDeltaTimeSeconds(), storedRealm.getMaxDeltaTimeSeconds());
+		if (rep.getFailureFactor() != null)
+			Assert.assertEquals(rep.getFailureFactor(), storedRealm.getFailureFactor());
+		if (rep.isPasswordCredentialGrantAllowed() != null)
+			Assert.assertEquals(rep.isPasswordCredentialGrantAllowed(), storedRealm.isPasswordCredentialGrantAllowed());
+		if (rep.isRegistrationAllowed() != null)
+			Assert.assertEquals(rep.isRegistrationAllowed(), storedRealm.isRegistrationAllowed());
+		if (rep.isRegistrationEmailAsUsername() != null)
+			Assert.assertEquals(rep.isRegistrationEmailAsUsername(), storedRealm.isRegistrationEmailAsUsername());
+		if (rep.isRememberMe() != null)
+			Assert.assertEquals(rep.isRememberMe(), storedRealm.isRememberMe());
+		if (rep.isVerifyEmail() != null)
+			Assert.assertEquals(rep.isVerifyEmail(), storedRealm.isVerifyEmail());
+		if (rep.isResetPasswordAllowed() != null)
+			Assert.assertEquals(rep.isResetPasswordAllowed(), storedRealm.isResetPasswordAllowed());
+		if (rep.getSslRequired() != null)
+			Assert.assertEquals(rep.getSslRequired(), storedRealm.getSslRequired());
+		if (rep.getAccessCodeLifespan() != null)
+			Assert.assertEquals(rep.getAccessCodeLifespan(), storedRealm.getAccessCodeLifespan());
+		if (rep.getAccessCodeLifespanUserAction() != null)
+			Assert.assertEquals(rep.getAccessCodeLifespanUserAction(), storedRealm.getAccessCodeLifespanUserAction());
+		if (rep.getNotBefore() != null)
+			Assert.assertEquals(rep.getNotBefore(), storedRealm.getNotBefore());
+		if (rep.getAccessTokenLifespan() != null)
+			Assert.assertEquals(rep.getAccessTokenLifespan(), storedRealm.getAccessTokenLifespan());
+		if (rep.getSsoSessionIdleTimeout() != null)
+			Assert.assertEquals(rep.getSsoSessionIdleTimeout(), storedRealm.getSsoSessionIdleTimeout());
+		if (rep.getSsoSessionMaxLifespan() != null)
+			Assert.assertEquals(rep.getSsoSessionMaxLifespan(), storedRealm.getSsoSessionMaxLifespan());
+		if (rep.getRequiredCredentials() != null) {
+			Assert.assertNotNull(storedRealm.getRequiredCredentials());
+			for (String cred : rep.getRequiredCredentials()) {
+				Assert.assertTrue(storedRealm.getRequiredCredentials().contains(cred));
+			}
+		}
+		if (rep.getLoginTheme() != null)
+			Assert.assertEquals(rep.getLoginTheme(), storedRealm.getLoginTheme());
+		if (rep.getAccountTheme() != null)
+			Assert.assertEquals(rep.getAccountTheme(), storedRealm.getAccountTheme());
+		if (rep.getAdminTheme() != null)
+			Assert.assertEquals(rep.getAdminTheme(), storedRealm.getAdminTheme());
+		if (rep.getEmailTheme() != null)
+			Assert.assertEquals(rep.getEmailTheme(), storedRealm.getEmailTheme());

-            Assert.assertEquals(set, storedSet);
-        }
-    }
+		if (rep.getPasswordPolicy() != null)
+			Assert.assertEquals(rep.getPasswordPolicy(), storedRealm.getPasswordPolicy());

-    protected void checkRealmRep(RealmRepresentation rep, RealmRepresentation storedRealm) {
-        if (rep.getId() != null) {
-            Assert.assertEquals(rep.getId(), storedRealm.getId());
-        }
-        if (rep.getRealm() != null) {
-            Assert.assertEquals(rep.getRealm(), storedRealm.getRealm());
-        }
-        if (rep.isEnabled() != null) Assert.assertEquals(rep.isEnabled(), storedRealm.isEnabled());
-        if (rep.isBruteForceProtected() != null) Assert.assertEquals(rep.isBruteForceProtected(), storedRealm.isBruteForceProtected());
-        if (rep.getMaxFailureWaitSeconds() != null) Assert.assertEquals(rep.getMaxFailureWaitSeconds(), storedRealm.getMaxFailureWaitSeconds());
-        if (rep.getMinimumQuickLoginWaitSeconds() != null) Assert.assertEquals(rep.getMinimumQuickLoginWaitSeconds(), storedRealm.getMinimumQuickLoginWaitSeconds());
-        if (rep.getWaitIncrementSeconds() != null) Assert.assertEquals(rep.getWaitIncrementSeconds(), storedRealm.getWaitIncrementSeconds());
-        if (rep.getQuickLoginCheckMilliSeconds() != null) Assert.assertEquals(rep.getQuickLoginCheckMilliSeconds(), storedRealm.getQuickLoginCheckMilliSeconds());
-        if (rep.getMaxDeltaTimeSeconds() != null) Assert.assertEquals(rep.getMaxDeltaTimeSeconds(), storedRealm.getMaxDeltaTimeSeconds());
-        if (rep.getFailureFactor() != null) Assert.assertEquals(rep.getFailureFactor(), storedRealm.getFailureFactor());
-        if (rep.isPasswordCredentialGrantAllowed() != null) Assert.assertEquals(rep.isPasswordCredentialGrantAllowed(), storedRealm.isPasswordCredentialGrantAllowed());
-        if (rep.isRegistrationAllowed() != null) Assert.assertEquals(rep.isRegistrationAllowed(), storedRealm.isRegistrationAllowed());
-        if (rep.isRememberMe() != null) Assert.assertEquals(rep.isRememberMe(), storedRealm.isRememberMe());
-        if (rep.isVerifyEmail() != null) Assert.assertEquals(rep.isVerifyEmail(), storedRealm.isVerifyEmail());
-        if (rep.isResetPasswordAllowed() != null) Assert.assertEquals(rep.isResetPasswordAllowed(), storedRealm.isResetPasswordAllowed());
-        if (rep.getSslRequired() != null) Assert.assertEquals(rep.getSslRequired(), storedRealm.getSslRequired());
-        if (rep.getAccessCodeLifespan() != null) Assert.assertEquals(rep.getAccessCodeLifespan(), storedRealm.getAccessCodeLifespan());
-        if (rep.getAccessCodeLifespanUserAction() != null)
-            Assert.assertEquals(rep.getAccessCodeLifespanUserAction(), storedRealm.getAccessCodeLifespanUserAction());
-        if (rep.getNotBefore() != null) Assert.assertEquals(rep.getNotBefore(), storedRealm.getNotBefore());
-        if (rep.getAccessTokenLifespan() != null) Assert.assertEquals(rep.getAccessTokenLifespan(), storedRealm.getAccessTokenLifespan());
-        if (rep.getSsoSessionIdleTimeout() != null) Assert.assertEquals(rep.getSsoSessionIdleTimeout(), storedRealm.getSsoSessionIdleTimeout());
-        if (rep.getSsoSessionMaxLifespan() != null) Assert.assertEquals(rep.getSsoSessionMaxLifespan(), storedRealm.getSsoSessionMaxLifespan());
-        if (rep.getRequiredCredentials() != null) {
-            Assert.assertNotNull(storedRealm.getRequiredCredentials());
-            for (String cred : rep.getRequiredCredentials()) {
-                Assert.assertTrue(storedRealm.getRequiredCredentials().contains(cred));
-            }
-        }
-        if (rep.getLoginTheme() != null) Assert.assertEquals(rep.getLoginTheme(), storedRealm.getLoginTheme());
-        if (rep.getAccountTheme() != null) Assert.assertEquals(rep.getAccountTheme(), storedRealm.getAccountTheme());
-        if (rep.getAdminTheme() != null) Assert.assertEquals(rep.getAdminTheme(), storedRealm.getAdminTheme());
-        if (rep.getEmailTheme() != null) Assert.assertEquals(rep.getEmailTheme(), storedRealm.getEmailTheme());
+		if (rep.getDefaultRoles() != null) {
+			Assert.assertNotNull(storedRealm.getDefaultRoles());
+			for (String role : rep.getDefaultRoles()) {
+				Assert.assertTrue(storedRealm.getDefaultRoles().contains(role));
+			}
+		}

-        if (rep.getPasswordPolicy() != null) Assert.assertEquals(rep.getPasswordPolicy(), storedRealm.getPasswordPolicy());
+		if (rep.getSmtpServer() != null) {
+			Assert.assertEquals(rep.getSmtpServer(), storedRealm.getSmtpServer());
+		}

-        if (rep.getDefaultRoles() != null) {
-            Assert.assertNotNull(storedRealm.getDefaultRoles());
-            for (String role : rep.getDefaultRoles()) {
-                Assert.assertTrue(storedRealm.getDefaultRoles().contains(role));
-            }
-        }
+		if (rep.getBrowserSecurityHeaders() != null) {
+			Assert.assertEquals(rep.getBrowserSecurityHeaders(), storedRealm.getBrowserSecurityHeaders());
+		}

-        if (rep.getSmtpServer() != null) {
-            Assert.assertEquals(rep.getSmtpServer(), storedRealm.getSmtpServer());
-        }
+	}

-        if (rep.getBrowserSecurityHeaders() != null) {
-            Assert.assertEquals(rep.getBrowserSecurityHeaders(), storedRealm.getBrowserSecurityHeaders());
-        }
+	protected void testCreateRealm(String path) {
+		RealmRepresentation rep = KeycloakServer.loadJson(getClass().getResourceAsStream(path), RealmRepresentation.class);
+		Assert.assertNotNull(rep);
+		testCreateRealm(rep);
+	}

-    }
-
-    protected void testCreateRealm(String path) {
-        RealmRepresentation rep = KeycloakServer.loadJson(getClass().getResourceAsStream(path), RealmRepresentation.class);
-        Assert.assertNotNull(rep);
-        testCreateRealm(rep);
-    }
-
-    @Test
-    public void testAdminApi() {
-        RealmRepresentation empty = new RealmRepresentation();
-        empty.setEnabled(true);
-        empty.setRealm("empty");
-        testCreateRealm(empty);
-        testCreateRealm("/admin-test/testrealm.json");
-    }
+	@Test
+	public void testAdminApi() {
+		RealmRepresentation empty = new RealmRepresentation();
+		empty.setEnabled(true);
+		empty.setRealm("empty");
+		testCreateRealm(empty);
+		testCreateRealm("/admin-test/testrealm.json");
+	}

 }
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ModelTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/ModelTest.java
@ -1,5 +1,7 @@
 package org.keycloak.testsuite.model;

+import java.util.HashMap;
+
 import org.junit.Assert;
 import org.junit.Test;
 import org.keycloak.enums.SslRequired;
@ -9,67 +11,67 @@ import org.keycloak.models.utils.KeycloakModelUtils;
 import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;

-import java.util.HashMap;
-
 public class ModelTest extends AbstractModelTest {

-    @Test
-    public void importExportRealm() {
-        RealmModel realm = realmManager.createRealm("original");
-        realm.setRegistrationAllowed(true);
-        realm.setResetPasswordAllowed(true);
-        realm.setSslRequired(SslRequired.EXTERNAL);
-        realm.setVerifyEmail(true);
-        realm.setAccessTokenLifespan(1000);
-        realm.setPasswordPolicy(new PasswordPolicy("length"));
-        realm.setAccessCodeLifespan(1001);
-        realm.setAccessCodeLifespanUserAction(1002);
-        KeycloakModelUtils.generateRealmKeys(realm);
-        realm.addDefaultRole("default-role");
+	@Test
+	public void importExportRealm() {
+		RealmModel realm = realmManager.createRealm("original");
+		realm.setRegistrationAllowed(true);
+		realm.setRegistrationEmailAsUsername(true);
+		realm.setResetPasswordAllowed(true);
+		realm.setSslRequired(SslRequired.EXTERNAL);
+		realm.setVerifyEmail(true);
+		realm.setAccessTokenLifespan(1000);
+		realm.setPasswordPolicy(new PasswordPolicy("length"));
+		realm.setAccessCodeLifespan(1001);
+		realm.setAccessCodeLifespanUserAction(1002);
+		KeycloakModelUtils.generateRealmKeys(realm);
+		realm.addDefaultRole("default-role");

-        HashMap<String, String> smtp = new HashMap<String,String>();
-        smtp.put("from", "auto@keycloak");
-        smtp.put("hostname", "localhost");
-        realm.setSmtpConfig(smtp);
+		HashMap<String, String> smtp = new HashMap<String, String>();
+		smtp.put("from", "auto@keycloak");
+		smtp.put("hostname", "localhost");
+		realm.setSmtpConfig(smtp);

-        HashMap<String, String> social = new HashMap<String,String>();
-        social.put("google.key", "1234");
-        social.put("google.secret", "5678");
-        //FIXME: KEYCLOAK-883
-//        realm.setSocialConfig(social);
+		HashMap<String, String> social = new HashMap<String, String>();
+		social.put("google.key", "1234");
+		social.put("google.secret", "5678");
+		// FIXME: KEYCLOAK-883
+		// realm.setSocialConfig(social);

-        RealmModel persisted = realmManager.getRealm(realm.getId());
-        assertEquals(realm, persisted);
+		RealmModel persisted = realmManager.getRealm(realm.getId());
+		assertEquals(realm, persisted);

-        RealmModel copy = importExport(realm, "copy");
-        assertEquals(realm, copy);
-    }
+		RealmModel copy = importExport(realm, "copy");
+		assertEquals(realm, copy);
+	}

-    public static void assertEquals(RealmModel expected, RealmModel actual) {
-        Assert.assertEquals(expected.isRegistrationAllowed(), actual.isRegistrationAllowed());
-        Assert.assertEquals(expected.isResetPasswordAllowed(), actual.isResetPasswordAllowed());
-        Assert.assertEquals(expected.getSslRequired(), actual.getSslRequired());
-        Assert.assertEquals(expected.isVerifyEmail(), actual.isVerifyEmail());
-        Assert.assertEquals(expected.getAccessTokenLifespan(), actual.getAccessTokenLifespan());
+	public static void assertEquals(RealmModel expected, RealmModel actual) {
+		Assert.assertEquals(expected.isRegistrationAllowed(), actual.isRegistrationAllowed());
+		Assert.assertEquals(expected.isRegistrationEmailAsUsername(), actual.isRegistrationEmailAsUsername());
+		Assert.assertEquals(expected.isResetPasswordAllowed(), actual.isResetPasswordAllowed());
+		Assert.assertEquals(expected.getSslRequired(), actual.getSslRequired());
+		Assert.assertEquals(expected.isVerifyEmail(), actual.isVerifyEmail());
+		Assert.assertEquals(expected.getAccessTokenLifespan(), actual.getAccessTokenLifespan());

-        Assert.assertEquals(expected.getAccessCodeLifespan(), actual.getAccessCodeLifespan());
-        Assert.assertEquals(expected.getAccessCodeLifespanUserAction(), actual.getAccessCodeLifespanUserAction());
-        Assert.assertEquals(expected.getPublicKeyPem(), actual.getPublicKeyPem());
-        Assert.assertEquals(expected.getPrivateKeyPem(), actual.getPrivateKeyPem());
+		Assert.assertEquals(expected.getAccessCodeLifespan(), actual.getAccessCodeLifespan());
+		Assert.assertEquals(expected.getAccessCodeLifespanUserAction(), actual.getAccessCodeLifespanUserAction());
+		Assert.assertEquals(expected.getPublicKeyPem(), actual.getPublicKeyPem());
+		Assert.assertEquals(expected.getPrivateKeyPem(), actual.getPrivateKeyPem());

-        Assert.assertEquals(expected.getDefaultRoles(), actual.getDefaultRoles());
+		Assert.assertEquals(expected.getDefaultRoles(), actual.getDefaultRoles());

-        Assert.assertEquals(expected.getSmtpConfig(), actual.getSmtpConfig());
-        //FIXME: KEYCLOAK-883
-//        Assert.assertEquals(expected.getSocialConfig(), actual.getSocialConfig());
-    }
+		Assert.assertEquals(expected.getSmtpConfig(), actual.getSmtpConfig());
+		// FIXME: KEYCLOAK-883
+		// Assert.assertEquals(expected.getSocialConfig(), actual.getSocialConfig());
+	}

-    private RealmModel importExport(RealmModel src, String copyName) {
-        RealmRepresentation representation = ModelToRepresentation.toRepresentation(src, true);
-        representation.setRealm(copyName);
-        representation.setId(copyName);
-        RealmModel copy = realmManager.importRealm(representation);
-        return realmManager.getRealm(copy.getId());
-    }
+	private RealmModel importExport(RealmModel src, String copyName) {
+		RealmRepresentation representation = ModelToRepresentation.toRepresentation(src, true);
+		representation.setRealm(copyName);
+		representation.setId(copyName);
+		RealmModel copy = realmManager.importRealm(representation);
+		return realmManager.getRealm(copy.getId());
+	}

 }
--- a/testsuite/integration/src/test/resources/admin-test/testrealm.json
+++ b/testsuite/integration/src/test/resources/admin-test/testrealm.json
@ -3,6 +3,7 @@
    "enabled": true,
    "sslRequired": "external",
    "registrationAllowed": true,
+    "registrationEmailAsUsername": true,
    "resetPasswordAllowed": true,
    "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
    "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",