merged 1.1.3

44 files changed, 1044 insertions, 854 deletions

diff --git a/LICENSE.txt b/LICENSE.txt
index 338979d..895657b 100644..100755
--- a/LICENSE.txt
+++ b/LICENSE.txt
@@ -1,174 +1,174 @@
-                                 Apache License

-                           Version 2.0, January 2004

-                        http://www.apache.org/licenses/

-

-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

-

-   1. Definitions.

-

-      "License" shall mean the terms and conditions for use, reproduction,

-      and distribution as defined by Sections 1 through 9 of this document.

-

-      "Licensor" shall mean the copyright owner or entity authorized by

-      the copyright owner that is granting the License.

-

-      "Legal Entity" shall mean the union of the acting entity and all

-      other entities that control, are controlled by, or are under common

-      control with that entity. For the purposes of this definition,

-      "control" means (i) the power, direct or indirect, to cause the

-      direction or management of such entity, whether by contract or

-      otherwise, or (ii) ownership of fifty percent (50%) or more of the

-      outstanding shares, or (iii) beneficial ownership of such entity.

-

-      "You" (or "Your") shall mean an individual or Legal Entity

-      exercising permissions granted by this License.

-

-      "Source" form shall mean the preferred form for making modifications,

-      including but not limited to software source code, documentation

-      source, and configuration files.

-

-      "Object" form shall mean any form resulting from mechanical

-      transformation or translation of a Source form, including but

-      not limited to compiled object code, generated documentation,

-      and conversions to other media types.

-

-      "Work" shall mean the work of authorship, whether in Source or

-      Object form, made available under the License, as indicated by a

-      copyright notice that is included in or attached to the work

-      (an example is provided in the Appendix below).

-

-      "Derivative Works" shall mean any work, whether in Source or Object

-      form, that is based on (or derived from) the Work and for which the

-      editorial revisions, annotations, elaborations, or other modifications

-      represent, as a whole, an original work of authorship. For the purposes

-      of this License, Derivative Works shall not include works that remain

-      separable from, or merely link (or bind by name) to the interfaces of,

-      the Work and Derivative Works thereof.

-

-      "Contribution" shall mean any work of authorship, including

-      the original version of the Work and any modifications or additions

-      to that Work or Derivative Works thereof, that is intentionally

-      submitted to Licensor for inclusion in the Work by the copyright owner

-      or by an individual or Legal Entity authorized to submit on behalf of

-      the copyright owner. For the purposes of this definition, "submitted"

-      means any form of electronic, verbal, or written communication sent

-      to the Licensor or its representatives, including but not limited to

-      communication on electronic mailing lists, source code control systems,

-      and issue tracking systems that are managed by, or on behalf of, the

-      Licensor for the purpose of discussing and improving the Work, but

-      excluding communication that is conspicuously marked or otherwise

-      designated in writing by the copyright owner as "Not a Contribution."

-

-      "Contributor" shall mean Licensor and any individual or Legal Entity

-      on behalf of whom a Contribution has been received by Licensor and

-      subsequently incorporated within the Work.

-

-   2. Grant of Copyright License. Subject to the terms and conditions of

-      this License, each Contributor hereby grants to You a perpetual,

-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable

-      copyright license to reproduce, prepare Derivative Works of,

-      publicly display, publicly perform, sublicense, and distribute the

-      Work and such Derivative Works in Source or Object form.

-

-   3. Grant of Patent License. Subject to the terms and conditions of

-      this License, each Contributor hereby grants to You a perpetual,

-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable

-      (except as stated in this section) patent license to make, have made,

-      use, offer to sell, sell, import, and otherwise transfer the Work,

-      where such license applies only to those patent claims licensable

-      by such Contributor that are necessarily infringed by their

-      Contribution(s) alone or by combination of their Contribution(s)

-      with the Work to which such Contribution(s) was submitted. If You

-      institute patent litigation against any entity (including a

-      cross-claim or counterclaim in a lawsuit) alleging that the Work

-      or a Contribution incorporated within the Work constitutes direct

-      or contributory patent infringement, then any patent licenses

-      granted to You under this License for that Work shall terminate

-      as of the date such litigation is filed.

-

-   4. Redistribution. You may reproduce and distribute copies of the

-      Work or Derivative Works thereof in any medium, with or without

-      modifications, and in Source or Object form, provided that You

-      meet the following conditions:

-

-      (a) You must give any other recipients of the Work or

-          Derivative Works a copy of this License; and

-

-      (b) You must cause any modified files to carry prominent notices

-          stating that You changed the files; and

-

-      (c) You must retain, in the Source form of any Derivative Works

-          that You distribute, all copyright, patent, trademark, and

-          attribution notices from the Source form of the Work,

-          excluding those notices that do not pertain to any part of

-          the Derivative Works; and

-

-      (d) If the Work includes a "NOTICE" text file as part of its

-          distribution, then any Derivative Works that You distribute must

-          include a readable copy of the attribution notices contained

-          within such NOTICE file, excluding those notices that do not

-          pertain to any part of the Derivative Works, in at least one

-          of the following places: within a NOTICE text file distributed

-          as part of the Derivative Works; within the Source form or

-          documentation, if provided along with the Derivative Works; or,

-          within a display generated by the Derivative Works, if and

-          wherever such third-party notices normally appear. The contents

-          of the NOTICE file are for informational purposes only and

-          do not modify the License. You may add Your own attribution

-          notices within Derivative Works that You distribute, alongside

-          or as an addendum to the NOTICE text from the Work, provided

-          that such additional attribution notices cannot be construed

-          as modifying the License.

-

-      You may add Your own copyright statement to Your modifications and

-      may provide additional or different license terms and conditions

-      for use, reproduction, or distribution of Your modifications, or

-      for any such Derivative Works as a whole, provided Your use,

-      reproduction, and distribution of the Work otherwise complies with

-      the conditions stated in this License.

-

-   5. Submission of Contributions. Unless You explicitly state otherwise,

-      any Contribution intentionally submitted for inclusion in the Work

-      by You to the Licensor shall be under the terms and conditions of

-      this License, without any additional terms or conditions.

-      Notwithstanding the above, nothing herein shall supersede or modify

-      the terms of any separate license agreement you may have executed

-      with Licensor regarding such Contributions.

-

-   6. Trademarks. This License does not grant permission to use the trade

-      names, trademarks, service marks, or product names of the Licensor,

-      except as required for reasonable and customary use in describing the

-      origin of the Work and reproducing the content of the NOTICE file.

-

-   7. Disclaimer of Warranty. Unless required by applicable law or

-      agreed to in writing, Licensor provides the Work (and each

-      Contributor provides its Contributions) on an "AS IS" BASIS,

-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or

-      implied, including, without limitation, any warranties or conditions

-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A

-      PARTICULAR PURPOSE. You are solely responsible for determining the

-      appropriateness of using or redistributing the Work and assume any

-      risks associated with Your exercise of permissions under this License.

-

-   8. Limitation of Liability. In no event and under no legal theory,

-      whether in tort (including negligence), contract, or otherwise,

-      unless required by applicable law (such as deliberate and grossly

-      negligent acts) or agreed to in writing, shall any Contributor be

-      liable to You for damages, including any direct, indirect, special,

-      incidental, or consequential damages of any character arising as a

-      result of this License or out of the use or inability to use the

-      Work (including but not limited to damages for loss of goodwill,

-      work stoppage, computer failure or malfunction, or any and all

-      other commercial damages or losses), even if such Contributor

-      has been advised of the possibility of such damages.

-

-   9. Accepting Warranty or Additional Liability. While redistributing

-      the Work or Derivative Works thereof, You may choose to offer,

-      and charge a fee for, acceptance of support, warranty, indemnity,

-      or other liability obligations and/or rights consistent with this

-      License. However, in accepting such obligations, You may act only

-      on Your own behalf and on Your sole responsibility, not on behalf

-      of any other Contributor, and only if You agree to indemnify,

-      defend, and hold each Contributor harmless for any liability

-      incurred by, or claims asserted against, such Contributor by reason

+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
       of your accepting any such warranty or additional liability.
\ No newline at end of file
diff --git a/doc/CREDITS.txt b/doc/CREDITS.txt
index 23cde66..23cde66 100644..100755
--- a/doc/CREDITS.txt
+++ b/doc/CREDITS.txt
diff --git a/doc/INSTALL.txt b/doc/INSTALL.txt
index 8ca3ae0..a9fd0a1 100644..100755
--- a/doc/INSTALL.txt
+++ b/doc/INSTALL.txt
@@ -1,18 +1,6 @@
-3-Mar-08
-Version 1.0 Release Candidate 3
-
 Shibboleth Discovery Service Installation
 
 Prior to installation you may need to configure the system as described in deployment guide.
 This is currently available at:
 
-https://spaces.internet2.edu/display/SHIB/DiscoveryService
-
-Specifically you may need to edit webpages\wayf.jsp and
-src/conf/wayfconfig.xml.  With no configuration the DiscoveryService
-deploys an internet2 branded GUI and looks for metadata in the file
-"/usr/local/sites.xml" (unix) and "%systemdrive%:\usr\local\sites.xml"
-(Windows)
-
-Then run ant in the top level directory to build the war file suitable
-for deploying into your container.
\ No newline at end of file
+https://spaces.internet2.edu/display/SHIB/DiscoveryService
\ No newline at end of file
diff --git a/doc/README.txt b/doc/README.txt
index 4b8e45a..4b8e45a 100644..100755
--- a/doc/README.txt
+++ b/doc/README.txt
diff --git a/doc/RELEASE-NOTES.txt b/doc/RELEASE-NOTES.txt
new file mode 100755
index 0000000..feac9fd
--- /dev/null
+++ b/doc/RELEASE-NOTES.txt
@@ -0,0 +1,16 @@
+Changes in Release 1.1.3
+=============================================
+The precise Cases changed are.
+
+[SDSJ-88] The IdP has to be encoded before it goes over the wire.
+[SDSJ-89] By default always show some possible results.
+[SDSJ-82] Make <Mdui> extensions available to the JSP.
+[SDSJ-96] Factor MDUI parsing code out from the DS codebase.
+[SDSJ-97] Police for duplicated metadata group names.
+[SDSJ-93] Better error logging for bad selections.
+[SDSJ-91] Logging "likely to fail" DS selections due to metadata gaps.
+[SDSJ-90] Hardening the '_saml_idp' cookie in the centralized DS.
+[SDSJ-61] DS looses last known good data if it is presented with bad metadata
+[SDSJ-99] Strip out "javascript" jsp
+
+And updated to OpenSAML 2.5.1
diff --git a/endorsed/xercesImpl-2.9.1.jar b/endorsed/xercesImpl-2.9.1.jar
deleted file mode 100644
index 8f762e1..0000000
--- a/endorsed/xercesImpl-2.9.1.jar
+++ /dev/null
diff --git a/lib/bcprov-jdk15-1.45.jar b/lib/bcprov-jdk15-1.45.jar
new file mode 100644
index 0000000..409070b
--- /dev/null
+++ b/lib/bcprov-jdk15-1.45.jar
diff --git a/endorsed/serializer-2.9.1.jar b/lib/endorsed/serializer-2.10.0.jar
index de9b007..de9b007 100644
--- a/endorsed/serializer-2.9.1.jar
+++ b/lib/endorsed/serializer-2.10.0.jar
diff --git a/endorsed/xalan-2.7.1.jar b/lib/endorsed/xalan-2.7.1.jar
index 458fa73..458fa73 100644
--- a/endorsed/xalan-2.7.1.jar
+++ b/lib/endorsed/xalan-2.7.1.jar
diff --git a/lib/endorsed/xercesImpl-2.10.0.jar b/lib/endorsed/xercesImpl-2.10.0.jar
new file mode 100644
index 0000000..9dcd8c3
--- /dev/null
+++ b/lib/endorsed/xercesImpl-2.10.0.jar
diff --git a/endorsed/xml-apis-2.9.1.jar b/lib/endorsed/xml-apis-2.10.0.jar
index d42c0ea..4673346 100644
--- a/endorsed/xml-apis-2.9.1.jar
+++ b/lib/endorsed/xml-apis-2.10.0.jar
diff --git a/endorsed/resolver-2.9.1.jar b/lib/endorsed/xml-resolver-1.2.jar
index e535bdc..e535bdc 100644
--- a/endorsed/resolver-2.9.1.jar
+++ b/lib/endorsed/xml-resolver-1.2.jar
diff --git a/lib/esapi-2.0GA.jar b/lib/esapi-2.0GA.jar
new file mode 100644
index 0000000..7bd92fd
--- /dev/null
+++ b/lib/esapi-2.0GA.jar
diff --git a/lib/jargs-1.0.jar b/lib/jargs-1.0.jar
deleted file mode 100644
index cdbc80b..0000000
--- a/lib/jargs-1.0.jar
+++ /dev/null
diff --git a/lib/jcl-over-slf4j-1.6.1.jar b/lib/jcl-over-slf4j-1.6.1.jar
new file mode 100644
index 0000000..c44d8de
--- /dev/null
+++ b/lib/jcl-over-slf4j-1.6.1.jar
diff --git a/lib/jcl104-over-slf4j-1.5.0.jar b/lib/jcl104-over-slf4j-1.5.0.jar
deleted file mode 100644
index dfc7c71..0000000
--- a/lib/jcl104-over-slf4j-1.5.0.jar
+++ /dev/null
diff --git a/lib/joda-time-1.5.2.jar b/lib/joda-time-1.6.2.jar
index 247898f..9b045c3 100644
--- a/lib/joda-time-1.5.2.jar
+++ b/lib/joda-time-1.6.2.jar
diff --git a/lib/jul-to-slf4j-1.6.1.jar b/lib/jul-to-slf4j-1.6.1.jar
new file mode 100644
index 0000000..e240f3b
--- /dev/null
+++ b/lib/jul-to-slf4j-1.6.1.jar
diff --git a/lib/log4j-over-slf4j-1.6.1.jar b/lib/log4j-over-slf4j-1.6.1.jar
new file mode 100644
index 0000000..c4025f4
--- /dev/null
+++ b/lib/log4j-over-slf4j-1.6.1.jar
diff --git a/lib/logback-classic-0.9.29.jar b/lib/logback-classic-0.9.29.jar
new file mode 100644
index 0000000..bf60161
--- /dev/null
+++ b/lib/logback-classic-0.9.29.jar
diff --git a/lib/logback-core-0.9.29.jar b/lib/logback-core-0.9.29.jar
new file mode 100644
index 0000000..19eecac
--- /dev/null
+++ b/lib/logback-core-0.9.29.jar
diff --git a/lib/not-yet-commons-ssl-0.3.9.jar b/lib/not-yet-commons-ssl-0.3.9.jar
index cb1bee3..9e38f97 100644
--- a/lib/not-yet-commons-ssl-0.3.9.jar
+++ b/lib/not-yet-commons-ssl-0.3.9.jar
diff --git a/lib/opensaml-2.5.1.jar b/lib/opensaml-2.5.1.jar
new file mode 100644
index 0000000..9142deb
--- /dev/null
+++ b/lib/opensaml-2.5.1.jar
diff --git a/lib/openws-1.1.0.jar b/lib/openws-1.1.0.jar
deleted file mode 100644
index ae2cc1f..0000000
--- a/lib/openws-1.1.0.jar
+++ /dev/null
diff --git a/lib/openws-1.4.2.jar b/lib/openws-1.4.2.jar
new file mode 100644
index 0000000..108826e
--- /dev/null
+++ b/lib/openws-1.4.2.jar
diff --git a/lib/shibboleth-discovery-service-1.1.3.jar b/lib/shibboleth-discovery-service-1.1.3.jar
new file mode 100644
index 0000000..cf5c648
--- /dev/null
+++ b/lib/shibboleth-discovery-service-1.1.3.jar
diff --git a/lib/slf4j-api-1.6.1.jar b/lib/slf4j-api-1.6.1.jar
new file mode 100644
index 0000000..f1f4fdd
--- /dev/null
+++ b/lib/slf4j-api-1.6.1.jar
diff --git a/lib/xmlsec-1.4.5.jar b/lib/xmlsec-1.4.5.jar
new file mode 100644
index 0000000..ac432ba
--- /dev/null
+++ b/lib/xmlsec-1.4.5.jar
diff --git a/lib/xmltooling-1.3.2.jar b/lib/xmltooling-1.3.2.jar
new file mode 100644
index 0000000..66e5272
--- /dev/null
+++ b/lib/xmltooling-1.3.2.jar
diff --git a/src/installer/lib/ant-extensions-13Apr2008.jar b/src/installer/lib/ant-extensions-13Apr2008.jar
new file mode 100644
index 0000000..8694196
--- /dev/null
+++ b/src/installer/lib/ant-extensions-13Apr2008.jar
diff --git a/src/installer/lib/bcprov-jdk15-1.45.jar b/src/installer/lib/bcprov-jdk15-1.45.jar
new file mode 100644
index 0000000..409070b
--- /dev/null
+++ b/src/installer/lib/bcprov-jdk15-1.45.jar
diff --git a/src/installer/resources/build.xml b/src/installer/resources/build.xml
index ae85dfa..32bfbd7 100755
--- a/src/installer/resources/build.xml
+++ b/src/installer/resources/build.xml
@@ -1,46 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <project name="Shibboleth Discovery Service" basedir="../../.." default="install">
 
-    <property name="installer.dir" value="${basedir}/src/installer" />
-    <property name="resources.dir" value="${installer.dir}/resources" />
-    <property name="webapp.dir" value="${basedir}/src/main/webapp" />
-    <property name="war.name" value="discovery" />
+    <property name="installer.dir" value="${basedir}/src/installer"/>
+    <property name="resources.dir" value="${installer.dir}/resources"/>
+    <property name="webapp.dir" value="${basedir}/src/main/webapp"/>
+    <property name="war.name" value="discovery"/>
         
     <!-- Installation specific property file -->
-    <property file="${resources.dir}/install.properties" />
+    <property file="${resources.dir}/install.properties"/>
     
     <!-- Load ant-contrib tasks -->
-    <taskdef resource="net/sf/antcontrib/antlib.xml" />
+    <taskdef resource="net/sf/antcontrib/antlib.xml"/>
+    
+    <!-- Load Internet2 ant extensions -->
+    <taskdef resource="edu/internet2/middleware/ant/antlib.xml"/>
 
     <!-- install - for deployment -->
     <target name="install" description="Creates the discovery service home directory, install configuration files, and create the service's WAR.">
 
-        <input message="Is this a new installation? Answering 'yes' will overwrite your current configuration."
-               addproperty="new.install"
-               validargs="yes,no"
-               defaultvalue="no" />
-
+        <input message="Where should the Shibboleth Discovery Service software be installed?" addproperty="ds.home.input" defaultvalue="${ds.home}"/>
+        <var name="ds.home" value="${ds.home.input}"/>
+            
+        <pathToAbsolutePath path="${ds.home}" addproperty="ds.home.path"/>
+        <pathToUrl path="${ds.home}" addproperty="ds.home.url"/>
+        
         <if>
-            <equals arg1="${new.install}" arg2="yes" />
+            <available file="${ds.home.path}" property="ds.home.exists"/>
             <then>
-                <input message="Where should the Shibboleth Discovert Service software be installed?"
-                       addproperty="ds.home.input"
-                       defaultvalue="${ds.home}" />
-                <var name="ds.home" value="${ds.home.input}" />
+                <input message="The directory '${ds.home.path}' already exists.  Would you like to overwrite your existing configuration?" addproperty="install.config" validargs="yes,no" defaultvalue="no"/>
+            </then>
+            <else>
+                <var name="install.config" value="yes"/>
+            </else>
+        </if>
 
+        <if>
+            <equals arg1="${install.config}" arg2="yes"/>
+            <then>
                 <propertyfile file="${resources.dir}/install.properties">
-                    <entry key="ds.home" value="${ds.home}" />
+                    <entry key="ds.home" value="${ds.home}"/>
                 </propertyfile>
 
-                <mkdir dir="${ds.home}" />
-                <mkdir dir="${ds.home}/conf" />
-                <mkdir dir="${ds.home}/logs" />
-                <mkdir dir="${ds.home}/metadata" />
-                <mkdir dir="${ds.home}/war" />
+                <mkdir dir="${ds.home}"/>
+                <mkdir dir="${ds.home}/conf"/>
+                <mkdir dir="${ds.home}/logs"/>
+                <mkdir dir="${ds.home}/metadata"/>
+                <mkdir dir="${ds.home}/war"/>
 
                 <copy todir="${ds.home}/conf" preservelastmodified="true" overwrite="true">
-                    <fileset dir="${resources.dir}" includes="wayfconfig.xml,logging.xml" />
+                    <fileset dir="${resources.dir}" includes="wayfconfig.xml,logging.xml"/>
                     <filterset begintoken="$" endtoken="$">
-                        <filter token="DS_HOME" value="${ds.home}" />
+                        <filter token="DS_HOME" value="${ds.home}"/>
                     </filterset>
                 </copy>
             </then>
@@ -49,20 +59,20 @@
         <!-- create - always - the web.xml -->
         <copy file="${webapp.dir}/WEB-INF/web.xml" todir="${installer.dir}" preservelastmodified="true" overwrite="true">
             <filterset begintoken="$" endtoken="$">
-                <filter token="DS_HOME" value="${ds.home}" />
+                <filter token="DS_HOME" value="${ds.home}"/>
             </filterset>
         </copy>
 
         <!-- build the war file -->
         <war warfile="${ds.home}/war/${war.name}.war" webxml="${installer.dir}/web.xml">
-            <lib dir="${basedir}/lib" />
-            <webinf dir="${webapp.dir}/WEB-INF" excludes="web.xml" />
-            <fileset dir="${webapp.dir}" excludes="WEB-INF/**" />
+            <lib dir="${basedir}/lib"/>
+            <webinf dir="${webapp.dir}/WEB-INF" excludes="web.xml"/>
+            <fileset dir="${webapp.dir}" excludes="WEB-INF/**"/>
         </war>
         
         <!-- Remove generated web.xml -->
-        <delete file="${installer.dir}/web.xml" />
+        <delete file="${installer.dir}/web.xml"/>
                 
     </target>
 
-</project>
\ No newline at end of file
+</project>
diff --git a/src/installer/resources/install.properties b/src/installer/resources/install.properties
index 28cbcf0..28cbcf0 100644..100755
--- a/src/installer/resources/install.properties
+++ b/src/installer/resources/install.properties
diff --git a/src/installer/resources/logging.xml b/src/installer/resources/logging.xml
index 5a6fc6e..0a5c91f 100644..100755
--- a/src/installer/resources/logging.xml
+++ b/src/installer/resources/logging.xml
@@ -1,5 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
-
 <configuration>
 
     <!-- 
@@ -7,22 +6,22 @@
      -->
     <appender name="DS_LOG" class="ch.qos.logback.core.rolling.RollingFileAppender">
         <File>$DS_HOME$/logs/discoveryService.log</File>
-        <ImmediateFlush>true</ImmediateFlush>
 
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
             <FileNamePattern>$DS_HOME$/etc/DiscoveryService/logs/discovery-%d{yyyy-MM-dd}.log</FileNamePattern>
         </rollingPolicy>
 
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>%date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n</Pattern>
-        </layout>
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <charset>UTF-8</charset>
+            <Pattern>%date{HH:mm:ss.SSS} - %level [%logger:%line] - %msg%n%ex{full}%n</Pattern>
+        </encoder>
     </appender>
 
     <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
-        <ImmediateFlush>true</ImmediateFlush>
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>%date{HH:mm:ss.SSS} %level [%logger] %msg%n%ex{full}%n</Pattern>
-        </layout>
+        <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <charset>UTF-8</charset>
+            <Pattern>%date{HH:mm:ss.SSS} - %level [%logger:%line] - %msg%n%ex{full}%n</Pattern>
+        </encoder>
     </appender>
     
     <!--
@@ -32,19 +31,19 @@
 
     <!-- Logs IdP, but not OpenSAML, messages -->
     <logger name="edu.internet2.middleware.shibboleth">
-        <level value="WARN" />
+        <level value="WARN"/>
         <!-- Appender, DS_LOG, is inherited from the root logger -->
     </logger>
 
     <!-- Logs OpenSAML, but not IdP, messages -->
     <logger name="org.opensaml">
-        <level value="INFO" />
+        <level value="INFO"/>
         <!-- Appender, DS_LOG, is inherited from the root logger -->
     </logger>
 
     <root>
-        <level value="WARN" />
-        <appender-ref ref="DS_LOG" />
+        <level value="WARN"/>
+        <appender-ref ref="DS_LOG"/>
     </root>
 
 </configuration>
diff --git a/src/installer/resources/wayfconfig.xml b/src/installer/resources/wayfconfig.xml
index 02d7270..e0d8b36 100644..100755
--- a/src/installer/resources/wayfconfig.xml
+++ b/src/installer/resources/wayfconfig.xml
@@ -1,7 +1,5 @@
-<?xml version="1.0"?>
-<WayfConfig 
-        xmlns="urn:mace:shibboleth:wayf:config:1.0" 
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
+<?xml version="1.0" encoding="UTF-8"?>
+<WayfConfig xmlns="urn:mace:shibboleth:wayf:config:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 
 <!-- The default behaviour of Service is controlled via the elements
      and attributes below.  Non default behaviour is achieved by
@@ -18,11 +16,12 @@
      The jspFile & errorJspFile attributes control the display
 
      The provideList attribute controls whether a single list of all
-     possible IdPs is presented.  The default wayf.jsp works best
-     if this is true when provideListofList is true.
+     possible IdPs is presented.  This also controls whether the
+     Quick search dialog is presented.
      
      The provideListOfList attribute controls whether multiple lists
-     are presented (one for each MetadataProvider).
+     are presented (one for each MetadataProvider). Rather than all
+     the entities as one.
 
      The showUsableIdPs attribute controls the contents of the above
      lists.  The single list (provideList=true) is trimmed by
@@ -38,8 +37,24 @@
             jspFile="wayf.jsp"
             errorJspFile="wayferror.jsp"
             provideList="false"
+            warnOnBadBinding="false"
+            warnOnNoSAML2="false"
             provideListOfList="true"
             showUnusableIdPs="true">
+
+<!--
+     warnOnNoSAML2 causes the DS to issue a warning when it receives a
+     DS protocol message from an SP which is declared to not support
+     SAML2 in its metadata.  The JIRA case 
+     https://issues.shibboleth.net/jira/browse/SDSJ-91 has more details.
+
+     warnOnBadBinding describes what to do iof the metadata has a badly 
+     formed <DiscoveryResponse> false (or not present) means that the bad 
+     SP is removed from the metadata and an error written to the log file.
+     True means that we just note this in the log file.
+     THIS SETTING IS SYSTEM WIDE ONLY.
+-->
+
             <SearchIgnore>
                 <IgnoreText>Institution</IgnoreText>
                 <IgnoreText>University</IgnoreText>
@@ -62,7 +77,7 @@
      NOTE - for windows installation with an explicit DOS device ("C:\etc\discoveryservice")
      The url below should be "file:///$DS_HOME$/metadata/sites.xml
      
-      -->
+-->
 
       <MetadataProvider displayName="SWAMID" identifier="SWAMID"
                 url="http://md.swamid.se/md/swamid-no-interfederation-combined.xml"
@@ -76,7 +91,7 @@
                 backingFile="/opt/shibboleth-ds/metadata/kalmarcentral2.xml"
                 url="http://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&amp;set=saml2&amp;exclude=sweden&amp;mimetype=application/xml"/>
 
-<!-- If the WAYF is to handle data from more than one metadata source
+<!-- If the DS is to handle data from more than one metadata source
      then more metadataproviders can be provided, as below
         
        <MetadataProvider 
@@ -84,27 +99,45 @@
                 identifier="SecondSite"
                 backingFile="$DS_HOME$/metadata/ukfed_store.xml"
                 url="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml"/>
+
+      White and black list providers are defined as filters inside a provider:
+      
+       <MetadataProvider 
+
+                displayName="WhiteListed Metadata"
+                identifier="White"
+                type="edu.internet2.middleware.shibboleth.metadata.provider.XMLMetadata"
+                backingFile="$DS_HOME$/metadata/whitelist_store.xml"
+                url="http://metadata.ukfederation.org.uk/ukfederation-test.xml">
+
+          <Filter identifier="false" 
+                type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.ListFilter"
+                excludeEntries="true">
+              <EntityId>https://idp.edina.ac.uk/shibboleth</EntityId>
+              <EntityId>https://dlib-adidp.ucs.ed.ac.uk/shibboleth</EntityId>
+              <EntityId>https://idp.edina.ac.uk/shibboleth-devel</EntityId>
+              <EntityId>https://idp.edina.ac.uk/shibboleth-devel-13</EntityId>
+         </Filter>
+       </MetadataProvider>
+
+     NOTE that the resulting metadata has to include any SP which may need service from
+     this DS.   
+     
+     For a black list, set excludeEntries="true" (the listed Entities will be excluded), for 
+     a while list, set it to "false" (the listed entries will be included). 
+
 -->
 
+
 <!-- Plugins are extensible, the identifier is required, as is the
      type, the rest is for the plugin to define -->
 
 
      <!-- The Cookie Plugin is part of the standard distribution it interrogates and sets the _saml_idp
           cookie.  According to parameterization it can just delete the cookie -->
-     <Plugin
-        identifier="CookiePlugin"
-        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
-        alwaysFollow = "FALSE"
-        deleteCookie = "FALSE"
-	cacheExpiration = "604800"/> 
+     <Plugin identifier="CookiePlugin" type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" alwaysFollow="FALSE" deleteCookie="FALSE" cacheExpiration="604800"/> 
 
-     <Plugin
-        identifier="DeleteCookiePlugin"
-        type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin"
-        alwaysFollow = "FALSE"
-        deleteCookie = "TRUE"
-        cacheExpiration = "604800"/> 
+     <Plugin identifier="DeleteCookiePlugin" type="edu.internet2.middleware.shibboleth.wayf.plugins.provider.SamlCookiePlugin" alwaysFollow="FALSE" deleteCookie="TRUE" cacheExpiration="604800"/> 
 
 	<!-- Other plugins are declared similarly 
      <Plugin
@@ -129,27 +162,6 @@
       -->
 
 
- <!-- The ClearCache handler causes the cookie to be deleted.  The jsp shipped
-     with the WAYF refers to this handler -->
-    
-<!--    
-    <DiscoveryServiceHandler
-        location=".+/ClearCache.wayf">
-        <PluginInstance identifier="DeleteCookiePlugin"/>
-    </DiscoveryServiceHandler>  
--->
-
-<!-- Example of how to constrain a DiscoveryService to one (or more)
-     explicit metadata sources.  (The default is to use all metadata
-     sources)
-
-    <DiscoveryServiceHandler location=".+/SecondOnly.wayf" >
-
-        <Federation identifier="SecondSite"/>
-        <PluginInstance identifier="CookiePlugin"/>
-    </DiscoveryServiceHandler>  
--->
-
 <!--  The Javascript handler downloads javascript arrays with the IdPs and the cookies -->
     <DiscoveryServiceHandler
         location=".+/js.wayf"
diff --git a/src/main/webapp/Suggest.js b/src/main/webapp/Suggest.js
new file mode 100755
index 0000000..537064b
--- /dev/null
+++ b/src/main/webapp/Suggest.js
@@ -0,0 +1,362 @@
+function TypeAheadControl(list, box, orig, submit, optype, ie6hack)
+{
+   //
+   // Squirrel away the parameters we were given
+   //
+   this.elementList = list;
+   this.textBox = box;
+   this.origin = orig;
+   this.submit = submit;
+   this.optype = optype;
+   this.results = 0;
+   //
+   // Change these as needed
+   //
+   this.maxResults = 10; // How many to show
+   this.alwaysShowResult = true; // Show dropdown even if there are more that ,axResult results
+   this.ie6hack = ie6hack;
+   var myThis = this;
+
+   //
+   // Setup the lowercase names
+   //
+   var i = 0;
+   while (i < list.length) {
+     if (null == list[i]) {
+        list.length = i;
+        break;
+     }
+     list[i][2] = list[i][0].toLowerCase();
+     i++;
+   }
+   //
+   // Set up the 'dropDown'
+   //
+   this.dropDown = document.createElement('div');
+   this.dropDown.className = 'dropdown';
+   this.dropDown.style.visibility = 'hidden';
+   this.dropDown.style.width = box.offsetWidth;
+   this.dropDown.current = -1;
+   document.body.appendChild(this.dropDown);
+
+   //
+   // mouse listeners for the dropdown box
+   //
+   this.dropDown.onmouseover = function(event) {
+       if (!event) {
+          event = window.event;
+       }
+       target = event.target;
+       if (!target) {
+          target = event.srcElement;
+       }
+       myThis.select(target);
+   }
+   
+   this.dropDown.onmousedown = function(event) {
+       if (-1 != myThis.dropDown.current) {
+          myThis.textBox.value = myThis.results[myThis.dropDown.current][0];
+       }
+   }
+
+   //
+   // Add the listeners to the text box
+   //
+   this.textBox.onkeyup = function(event) {
+     //
+     // get window even if needed (because of browser oddities)
+     //
+     if (!event) {
+       event = window.event;
+     }
+     myThis.handleKeyUp(event);
+   };
+
+   this.textBox.onkeydown = function(event) {
+     if (!event) {
+       event = window.event;
+     }
+
+     myThis.handleKeyDown(event);
+   };
+
+   this.textBox.onblur = function() {
+     myThis.hideDrop();
+   };
+
+   this.textBox.onfocus = function() {
+     myThis.handleChange();
+   };
+
+};
+//
+// Given a name return the first maxresults, or all possibles
+//
+TypeAheadControl.prototype.getPossible = function(name) {
+   var possibles = [];
+   var inIndex = 0;
+   var outIndex = 0;
+   name = name.toLowerCase();
+   var strIndex = 0;
+   var str;
+   var ostr;
+
+   while (outIndex <= this.maxResults && inIndex < this.elementList.length) {
+      strIndex = this.elementList[inIndex][2].indexOf(name);
+      if (-1 != strIndex) {
+         //
+         // a hit
+         //
+         str = this.elementList[inIndex][0];
+         possibles[outIndex] = new Array(str, this.elementList[inIndex][1]);
+         outIndex ++;
+       } else {
+         //
+         // Check entityId
+         strIndex = this.elementList[inIndex][1].indexOf(name);
+         if (-1 != strIndex) {
+            //
+            // a hit
+            //
+            str = this.elementList[inIndex][0];
+            possibles[outIndex] = new Array(str, this.elementList[inIndex][1]);
+            outIndex ++;
+         }
+      }
+       inIndex ++;
+    }
+    //
+    // reset the cursor to the top
+    //
+    this.dropDown.current = -1;
+
+    return possibles;
+};
+
+TypeAheadControl.prototype.handleKeyUp = function(event) {
+  var key = event.keyCode;
+
+  if (27 == key) {
+     //
+     // Escape - clear
+     //
+     this.textBox.value = '';
+     this.handleChange();
+  } else if (8 == key || 32 == key || (key >= 46 && key < 112) || key > 123) {
+     //
+     // Backspace, Space and >=Del to <F1 and > F12
+     //
+     this.handleChange();
+  }
+};
+ 
+TypeAheadControl.prototype.handleKeyDown = function(event) {
+
+   var key = event.keyCode;
+
+   if (38 == key) {
+      //
+      // up arrow
+      //
+      this.upSelect();
+
+   } else if (40 == key) {
+      //
+      // down arrow
+      //
+      this.downSelect();
+   }
+};
+
+TypeAheadControl.prototype.hideDrop = function() {
+   var i = 0;
+   if (null != this.ie6hack) {
+      while (i < this.ie6hack.length) {
+         this.ie6hack[i].style.visibility = 'visible';
+         i++;
+      }
+   }
+   this.dropDown.style.visibility = 'hidden';
+   if (-1 == this.dropDown.current) {
+     this.doUnselected();
+   }
+};
+
+TypeAheadControl.prototype.showDrop = function() {
+   var i = 0;
+   if (null != this.ie6hack) {
+      while (i < this.ie6hack.length) {
+         this.ie6hack[i].style.visibility = 'hidden';
+         i++;
+      }
+   }
+   this.dropDown.style.visibility = 'visible';
+};
+
+
+TypeAheadControl.prototype.doSelected = function() {
+   this.submit.value='Select';
+   this.optype.value = 'selection';
+};
+
+TypeAheadControl.prototype.doUnselected = function() {
+   this.submit.value='Search';
+   
+   this.optype.value = 'search';
+};
+
+TypeAheadControl.prototype.handleChange = function() {
+
+  var val = this.textBox.value;
+  var res = this.getPossible(val);
+
+  if (0 == val.length ||
+      0 == res.length || 
+      (!this.alwaysShowResult && this.maxResults < res.length)) {
+     this.hideDrop();
+     this.doUnselected();
+     this.results = [];
+     this.dropDown.current = -1;
+  } else {
+     this.results = res;
+     this.populateDropDown(res);
+     if (1 == res.length) {
+        this.select(this.dropDown.childNodes[0]);
+        this.doSelected();
+     } else {
+        this.doUnselected();
+     }
+  }
+};
+
+//
+// A lot of the stuff below comes from 
+// http://www.webreference.com/programming/javascript/ncz/column2
+//
+// With thanks to Nicholas C Zakas
+//
+TypeAheadControl.prototype.populateDropDown = function(list) {
+    this.dropDown.innerHTML = '';
+    var i = 0;
+    var div;
+    while (i < list.length) {
+      div = document.createElement('div');
+      div.appendChild(document.createTextNode(list[i][0]));
+//      div.style.zIndex = '1000';
+      this.dropDown.appendChild(div);
+      i++;
+    }
+    var off = this.getXY();
+    this.dropDown.style.left = off[0] + 'px';
+    this.dropDown.style.top = off[1] + 'px';
+    this.showDrop();
+};
+
+TypeAheadControl.prototype.getXY = function() {
+
+   var node = this.textBox;
+   var sumX = 0;
+   var sumY = node.offsetHeight;
+   
+   while(node.tagName != 'BODY') {
+     sumX += node.offsetLeft;
+     sumY += node.offsetTop;
+     node = node.offsetParent;
+   }
+   //
+   // And add in the offset for the Body
+   //
+   sumX += node.offsetLeft;
+   sumY += node.offsetTop;
+
+   return [sumX, sumY];
+};
+
+TypeAheadControl.prototype.select = function(selected) {
+    var i = 0;
+    var node;
+    this.dropDown.current = -1;
+    this.doUnselected();
+    while (i < this.dropDown.childNodes.length) {
+       node = this.dropDown.childNodes[i];
+       if (node == selected) {
+          //
+          // Highlight it
+          //
+          node.className = 'current';
+          //
+          // turn on the button
+          //
+	    this.doSelected();
+          //
+          // setup the cursor
+          //
+          this.dropDown.current = i;
+          //
+          // and the value for the Server
+          //
+          this.origin.value = this.results[i][1];
+          this.origin.textValue = this.results[i][0];
+       } else {
+          node.className = '';
+       }
+       i++;
+    }
+    this.textBox.focus();
+};
+
+TypeAheadControl.prototype.downSelect = function() {
+    if (this.results.length > 0) {
+
+      if (-1 == this.dropDown.current) {
+         //
+         // mimic a select()
+         //
+         this.dropDown.current = 0;
+         this.dropDown.childNodes[0].className = 'current';
+         this.doSelected();
+         this.origin.value = this.results[0][1];
+         this.origin.textValue = this.results[0][0];
+
+      } else if (this.dropDown.current < (this.results.length-1)) {
+         //
+         // turn off highlight
+         //
+         this.dropDown.childNodes[this.dropDown.current].className = '';
+         //
+         // move cursor
+         //
+         this.dropDown.current++;
+         //
+         // and 'select'
+         //
+         this.dropDown.childNodes[this.dropDown.current].className = 'current';
+         this.doSelected();
+         this.origin.value = this.results[this.dropDown.current][1];
+         this.origin.textValue = this.results[this.dropDown.current][0];
+      }
+   }
+};
+
+
+TypeAheadControl.prototype.upSelect = function() {
+  if ((this.results.length > 0) &&
+      (this.dropDown.current > 0)) {
+    
+       //
+       // turn off highlight
+       //
+       this.dropDown.childNodes[this.dropDown.current].className = '';
+       //
+       // move cursor
+       //
+       this.dropDown.current--;
+       //
+       // and 'select'
+       //
+       this.dropDown.childNodes[this.dropDown.current].className = 'current';
+       this.doSelected();
+       this.origin.value = this.results[this.dropDown.current][1];
+       this.origin.textValue = this.results[this.dropDown.current][0];
+    }
+};
\ No newline at end of file
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index d815e30..ef5f00e 100644..100755
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -1,55 +1,50 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>

-

-<!DOCTYPE web-app

-    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

-    "http://java.sun.com/dtd/web-app_2_3.dtd">

-

-<web-app>

-

-	<servlet>

-		<servlet-name>WAYF</servlet-name>

-		<display-name>Shibboleth WAYF Service</display-name>

-		<servlet-class>edu.internet2.middleware.shibboleth.wayf.WayfService</servlet-class>

-		<init-param>

-			<param-name>WAYFConfigFileLocation</param-name>

-			<param-value>$DS_HOME$/conf/wayfconfig.xml</param-value>

-		</init-param>

-		<init-param>

-			<param-name>WAYFLogConfig</param-name>

-			<param-value>$DS_HOME$/conf/logging.xml</param-value>

+<?xml version="1.0" encoding="UTF-8"?>
+<web-app>
+
+	<servlet>
+		<servlet-name>WAYF</servlet-name>
+		<display-name>Shibboleth WAYF Service</display-name>
+		<servlet-class>edu.internet2.middleware.shibboleth.wayf.WayfService</servlet-class>
+		<init-param>
+			<param-name>WAYFConfigFileLocation</param-name>
+			<param-value>$DS_HOME$/conf/wayfconfig.xml</param-value>
+		</init-param>
+		<init-param>
+			<param-name>WAYFLogConfig</param-name>
+			<param-value>$DS_HOME$/conf/logging.xml</param-value>
 		</init-param>
         <init-param>
             <param-name>WAYFLogConfigPollFrequency</param-name>
             <param-value>300000</param-value>
-        </init-param>

-	</servlet>

-

-<!-- We specify two mappings - old style http:/host/shibboleth-wayf/WAYF/ and the new style

-     whereby the precise name influences the behavior.  See the configuration file for 

-     examples -->

-

-	<servlet-mapping>

-		<servlet-name>WAYF</servlet-name>

-		<url-pattern>/WAYF</url-pattern>

-	</servlet-mapping>

-

-	<servlet-mapping>

-		<servlet-name>WAYF</servlet-name>

-		<url-pattern>*.wayf</url-pattern>

-	</servlet-mapping>

- 
-        <servlet-mapping>
-                <servlet-name>WAYF</servlet-name>
-                <url-pattern>/DS</url-pattern>
-        </servlet-mapping>
+        </init-param>
+	</servlet>
+
+<!-- We specify two mappings - old style http:/host/shibboleth-wayf/WAYF/ and the new style
+     whereby the precise name influences the behavior.  See the configuration file for 
+     examples -->
+
+	<servlet-mapping>
+		<servlet-name>WAYF</servlet-name>
+		<url-pattern>/WAYF</url-pattern>
+	</servlet-mapping>
+
+	<servlet-mapping>
+		<servlet-name>WAYF</servlet-name>
+		<url-pattern>*.wayf</url-pattern>
+	</servlet-mapping>
+
+	<servlet-mapping>
+		<servlet-name>WAYF</servlet-name>
+		<url-pattern>/DS</url-pattern>
+	</servlet-mapping>
+
+	<servlet-mapping>
+		<servlet-name>WAYF</servlet-name>
+		<url-pattern>*.ds</url-pattern>
+	</servlet-mapping>
 
-        <servlet-mapping>
-                <servlet-name>WAYF</servlet-name>
-                <url-pattern>*.ds</url-pattern>
-        </servlet-mapping>
-

-	<mime-mapping>

-		<extension>css</extension>

-		<mime-type>text/css</mime-type>

-	</mime-mapping>

-</web-app>

+	<mime-mapping>
+		<extension>css</extension>
+		<mime-type>text/css</mime-type>
+	</mime-mapping>
+</web-app>
diff --git a/src/main/webapp/images/incommon.gif b/src/main/webapp/images/incommon.gif
index 01949cf..01949cf 100644..100755
--- a/src/main/webapp/images/incommon.gif
+++ b/src/main/webapp/images/incommon.gif
diff --git a/src/main/webapp/images/logo.jpg b/src/main/webapp/images/logo.jpg
index b8a7c23..b8a7c23 100644..100755
--- a/src/main/webapp/images/logo.jpg
+++ b/src/main/webapp/images/logo.jpg
diff --git a/src/main/webapp/static.html b/src/main/webapp/static.html
new file mode 100755
index 0000000..c35b8a3
--- /dev/null
+++ b/src/main/webapp/static.html
@@ -0,0 +1,163 @@
+<HTML>
+<!-- Collect Stylesheet from the DS - this is needed for the autosuggest stuff -->
+<link rel="stylesheet" title="normal" type="text/css"
+    href="static.css" />
+<title>Static Discovery Service with centralised hinting</title>
+<Body>
+<p>
+This is a boring, but static web page which shows how an signle SP can
+configure their own "Discovery Service" without recouse to a Java
+Container but taking full advantage of the centralised cookie server
+in the Federation Discovery Service.
+</p>
+<p>This is not meant to be pretty - it is meant to be easy for SP's
+(who understand HTML) to understand and develop.  It is however
+targetted at a single SP.  Sites running multiple SPs and wanting a
+single Discovery will still need to deploy a real DS, or deploy this
+as an embedded wayf on each SP.
+</p>
+<p>
+There is obviously plenty of room for adding all the visual sugar and
+branding that we want at the three levels</p>
+<ul>
+<li>A World Wide "This is a Discovery" look and feel</li>
+<li>A Federation branding</li>
+<li>"Corporate" Branding</li>
+</ul>
+
+<p>Just for fun, this Discovery service points to the I2Wiki, a Shib 2
+SP (and so with an easier configuration).  To make things even more
+fun it has access to metadata (mostly statically loaded) for 6
+Federations.  (UK, InCommon, MAMS, Switch AcoNet and Renater)</p>
+
+<!-- This is where the real lifting starts.  We start with a
+placemarker where the previously visit --> 
+
+<div id="Hints"> </div>
+
+<h3>Enter Organization Name</h3>
+
+<!-- The below is for a Shib2 SP.  
+
+In order to make the changes you need two know four things
+
+1) The EntityID of your SP.  
+
+   In this case "https://sh2testsp1.iay.org.uk/shibboleth"
+
+2) The return address for the disocvery protocol.  Dpending on how you
+   configure your sessioninitiators this may include other garnish (like
+   &target=cookie)
+
+   In this case "https://sh2testsp1.iay.org.uk/Shibboleth.sso/DS"
+
+3) The address of the Servlet running the centralized DS 
+
+   In this case "https://dlib-adidp.ucs.ed.ac.uk/"
+
+4) The name of the JS and Browser discovery services ("discovery/i2full.wayf" 
+   and "discovery/jsfull.wayf" respectively.
+
+You then need to plug them into the form below:
+
+-->
+
+<form autocomplete="OFF" action="https://dlib-adidp.ucs.ed.ac.uk/discovery/i2full.wayf">
+<!-- This is where your entity goes -->
+<input type="hidden" name="entityID" value="https://sh2testsp1.iay.org.uk/shibboleth" />
+<!-- and your potentially garnished return address -->
+<input type="hidden" name="returnX"  value="https://sh2testsp1.iay.org.uk/Shibboleth.sso/DS" />
+<!-- the rest is fixed -->
+<input type="hidden" name="returnIDParam" value="entityID" />
+<input type="hidden" name="action"   value="search" id="selectOrSearch" />
+<input type="hidden" name="cache"    value="perm" />
+<input type="hidden" name="origin"   value="unspec" id="enterOrigin"/>
+<table border="0" cellpadding="0" cellspacing="0" width="400pr">
+ <tr>
+  <td>
+   <input type="text" name="string" value="" id="enterText" tabindex="50" size="54" />
+  </td><td align="right">
+   <input type="submit" id="enterSubmit" value="Search"/>
+  </td>
+ </tr>
+</table>
+</form>
+<noscript> 
+<!-- Fallback to Shibboleth DS session initiator for non-JavaScript users.  
+     You construct the URL using the  values above -->
+<p>
+Your browser is not javascript enabled.  Go to the Discovery Service <a href="https://dlib-adidp.ucs.ed.ac.uk/discovery/i2full.wayf?entityID=https://spaces.internet2.edu/shibboleth&return=https://spaces.internet2.edu/Shibboleth.sso/Login">here</a>
+</p>
+</noscript>
+<h3>Configuring</h3>
+
+Details on how to set this up this are embedded as comments in this
+web page.  Currently a lot of the configuration is manual.  Future
+versions will be as automatic as possible and the only configuration
+required will be the link which is displayed when there is not
+javascript enabled.
+
+
+<script language="javascript" 
+        type="text/javascript"
+        src="https://dlib-adidp.ucs.ed.ac.uk/discovery/jsfull.wayf?entityID=https://spaces.internet2.edu/shibboleth&return=https://spaces.internet2.edu/Shibboleth.sso/Login">
+        </script>
+
+<!-- Collect the autosuggest code -->
+
+<script language="javascript" 
+        type="text/javascript"
+        src="https://dlib-adidp.ucs.ed.ac.uk/discovery/Suggest.js">
+</script>
+
+<!-- And some code to set up the rest of the page.  You need to plug the DS base address in below -->
+
+<script language="javascript" 
+           type="text/javascript">
+
+<!--  
+window.onload = function() {
+
+  var wayfAddress="https://dlib-adidp.ucs.ed.ac.uk/";
+  var i = 0;
+  var hints = document.getElementById("Hints");
+
+  //
+  // Make the hints visible
+  //
+  if (theHints.length > 1) {
+     var h3 = document.createElement("h3");
+     h3.innerHTML+="Previously visited sites";
+     hints.appendChild(h3);
+  }
+
+  //
+  // And populate them
+  //
+  while (i < theHints.length) {
+    var a = document.createElement("a");
+    a.href = wayfAddress + theHints[i][0];
+    a.innerHTML += theHints[i][1];
+    hints.appendChild(a);
+    hints.appendChild(document.createElement("p"));
+    i++;
+  }
+    
+  //
+  // And set up the autohint.  NOTE you can set up you own
+  // site list by providing your own 2 dimensional array
+  // instead of "theElements" below.
+  //
+  var ie6Hack = [ ];
+  var control = new TypeAheadControl(theElements,
+             document.getElementById("enterText"),
+             document.getElementById("enterOrigin"),
+             document.getElementById("enterSubmit"),
+             document.getElementById("selectOrSearch"),
+             ie6Hack);
+  document.getElementById("enterText").focus();
+}
+-->
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/src/main/webapp/static2.html b/src/main/webapp/static2.html
new file mode 100755
index 0000000..470b099
--- /dev/null
+++ b/src/main/webapp/static2.html
@@ -0,0 +1,160 @@
+<HTML>
+<!-- Collect Stylesheet from the DS - this is needed for the autosuggest stuff -->
+<link rel="stylesheet" title="normal" type="text/css"
+    href="static.css" />
+<title>Static Discovery Service with centralised hinting</title>
+<Body>
+<p>
+This is a boring, but static web page which shows how an signle SP can
+configure their own "Discovery Service" without recouse to a Java
+Container but taking full advantage of the centralised cookie server
+in the Federation Discovery Service.
+</p>
+<p>
+This DS points at a test SP in the UK Federation, and uses the
+Shib/SAML1 protocol.  It is a lot harder to configure (a lot like
+setting up one a "WAYFless URLS".  Consider it motivation to upgrade
+from SAML1 to SAML2...
+</p>
+
+<!-- This is where the real lifting starts.  We start with a placemarker where the previously visit -->
+<div id="Hints">
+</div>
+<h3>Enter Organization Name</h3>
+
+<!-- The below is for a Shib2 SP.  
+
+In order to make the changes you need two know five things
+
+1) The EntityID of your SP.  
+
+   In this case "https://sh2testsp1.iay.org.uk/shibboleth"
+
+2) The return address for the login.  Dpending on how you
+   configure your sessioninitiators this may include other garnish (like
+   &target=cookie)
+
+   In this case "https://sh2testsp1.iay.org.uk/Shibboleth.sso/DS"
+
+3) The "shire" (the protocol return address)
+
+   In this case "https://sh2testsp1.iay.org.uk/Shibboleth.sso/SAML/POST"
+
+4) The address of the Servlet running the centralized DS 
+
+   In this case "https://sh2testsp1.iay.org.uk/secure/printenv.cgi"
+
+5) The name of the JS and Browser discovery services ("discovery/i2.wayf" 
+   and "discovery/js.wayf" respectively.
+
+You then need to plug them into the form below:
+
+
+-->
+<form autocomplete="OFF" action="https://dlib-adidp.ucs.ed.ac.uk/discovery/i2.wayf">
+<!-- This is where your entity goes -->
+<input type="hidden" name="providerId" value="https://sh2testsp1.iay.org.uk/shibboleth" />
+<!-- and your potentially garnished return address -->
+<input type="hidden" name="target" value="https://sh2testsp1.iay.org.uk/secure/printenv.cgi" />
+<!-- and the "Shire" -->
+<input type="hidden" name="shire" value="https://sh2testsp1.iay.org.uk/Shibboleth.sso/SAML/POST" />
+
+<!-- the rest is fixed -->
+<input type="hidden" name="action"   value="search" id="selectOrSearch" />
+<input type="hidden" name="cache"    value="perm" />
+<input type="hidden" name="origin"   value="unspec" id="enterOrigin"/>
+<table border="0" cellpadding="0" cellspacing="0" width="400pr">
+ <tr>
+  <td>
+   <input type="text" name="string" value="" id="enterText" tabindex="50" size="54" />
+  </td><td align="right">
+   <input type="submit" id="enterSubmit" value="Search"/>
+  </td>
+ </tr>
+</table>
+</form>
+<noscript> 
+<!-- Fallback to Shibboleth DS session initiator for non-JavaScript users.  
+     You construct the URL using the  values above -->
+<p>
+Your browser is not javascript enabled.  Go to the Discovery Service <a href="https://dlib-adidp.ucs.ed.ac.uk/discovery/i2.wayf?entityID=https://spaces.internet2.edu/shibboleth&return=https://spaces.internet2.edu/Shibboleth.sso/Login">here</a>
+</p>
+</noscript>
+
+
+<h3>Configuring</h3>
+
+Details on how to set this up this are embedded as comments in this
+web page.  Currently a lot of the configuration is manual.  Although
+it would be feasible to automate this just as is planned for Shib2
+SPs, the duplication seems needless given that the product has a 9
+month shelf life.
+
+
+
+
+<!-- Collect the hints and the IdP list -->
+
+<script language="javascript" 
+        type="text/javascript"
+        src="https://dlib-adidp.ucs.ed.ac.uk/discovery/js.wayf?shire=https%3A%2F%2Fsh2testsp1.iay.org.uk%2FShibboleth.sso%2FSAML%2FPOST&time=1249284798&target=https%3A%2F%2Fsh2testsp1.iay.org.uk%2Fsecure%2Fprintenv.cgi&providerId=https%3A%2F%2Fsh2testsp1.iay.org.uk%2Fshibboleth"
+</script>
+
+<!-- Collect the autosuggest code -->
+
+<script language="javascript" 
+        type="text/javascript"
+        src="https://dlib-adidp.ucs.ed.ac.uk/discovery/Suggest.js">
+</script>
+
+<!-- And some code to set up the rest of the page.  You need to plug the DS base address in below -->
+
+<script language="javascript" 
+           type="text/javascript">
+
+<!--  
+window.onload = function() {
+
+  var wayfAddress="https://dlib-adidp.ucs.ed.ac.uk/";
+  var i = 0;
+  var hints = document.getElementById("Hints");
+
+  //
+  // Make the hints visible
+  //
+  if (theHints.length > 1) {
+     var h3 = document.createElement("h3");
+     h3.innerHTML+="Previously visited sites";
+     hints.appendChild(h3);
+  }
+
+  //
+  // And populate them
+  //
+  while (i < theHints.length) {
+    var a = document.createElement("a");
+    a.href = wayfAddress + theHints[i][0];
+    a.innerHTML += theHints[i][1];
+    hints.appendChild(a);
+    hints.appendChild(document.createElement("p"));
+    i++;
+  }
+    
+  //
+  // And set up the autohint
+  //
+  var ie6Hack = [ ];
+  var control = new TypeAheadControl(theElements,
+             document.getElementById("enterText"),
+             document.getElementById("enterOrigin"),
+             document.getElementById("enterSubmit"),
+             document.getElementById("selectOrSearch"),
+             ie6Hack);
+  document.getElementById("enterText").focus();
+
+  
+}
+-->
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/src/main/webapp/wayf.css b/src/main/webapp/wayf.css
index 744056b..768df92 100644..100755
--- a/src/main/webapp/wayf.css
+++ b/src/main/webapp/wayf.css
@@ -54,3 +54,21 @@ span.warning {
 	text-align: center;
 	margin-top: 1.5em;
 }
+
+div.dropdown {
+    -moz-box-sizing: border-box;
+    box-sizing: border-box;
+    border: 1px solid black;
+    position: absolute;   
+}
+
+div.dropdown div {
+    background-color: white;
+    cursor: default;
+    padding: 0px 3px;
+}
+
+div.dropdown div.current {
+    background-color: #3366cc;
+    color: white;
+}
diff --git a/src/main/webapp/wayf.jsp b/src/main/webapp/wayf.jsp
deleted file mode 100755
index 35174dc..0000000
--- a/src/main/webapp/wayf.jsp
+++ /dev/null
@@ -1,500 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
-        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html>
-
-<%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
-<%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
-
-<logic:present name="showComments" scope="Request">
-
-<!-- TO CONFIGURE THIS FOR A SPECIFIC SITE
-     =====================================
-
-     Before you deploy this jsp you need to look for CONFIG below.
-     These mark places where you should make changes. 
-
-     If you want to make more profound changes but only to the jsp,
-     you should read the sections marked PROGRAMMING NOTE below.-->
-
-<!-- PROGRAMMING NOTE
-
-     "requestURL" contains the URL that was specified to get the
-     WAYF going.  The jsp uses it mostly for submitting result back to
-     the WAYF and error reporting -->
-
-</logic:present>
-
-    <jsp:useBean id="requestURL" scope="request" class="java.lang.String"/>
-
-<logic:present name="showComments" scope="Request">
-
-<!-- PROGRAMMING NOTE
-
-     shire, target, provider and time are all part of the Shibboleth
-     1.3 discovery protocol and need to be specified as parameters to the WAYF
-
-     entityID, return, returnIDParam are all part of the
-     SAML Discovery protocol
-
-     In addition to the above.  The WAYF may also supply the following to
-     the jsp.
-
-     "cookieList" If this exists it represents the contents of the
-         _saml_idp cookie (possibly filtered to remove IdPs which
-         cannot serve the SP).  It is a Collection of IdPSite objects,
-         which themselves have the following properties:
-
-       "name" The uri for the IdP, which needs to be returned to the
-              WAYF in the "origin" parameter.
-
-       "displayName" User friendly name (taken from its alias)
-
-       "addressFor" The (ungarnished) URL for the IdP. This could be
-              used to create a direct hyperlink to the IdP
-
-     "sites" If this exists it contains all the possible IdPs for for
-         the SP (possibly filtered).  It is a Collection of IdPSite
-         Objects which are described above.  This is only present if
-         provideList was defined true in the configuration.
-
-     "siteLists" If this exists it contains all the possible metadata
-         files which can service for the SP (possibly filtered).  It
-         is a collection of IdPSiteSetEntry Objects which have two
-         properties:
-
-         "name" This is the displayName from the Metadata element in
-            the WAYF configuration file
-
-         "sites" This represents the IdPs.  Again it is a collection
-            of IdPSite Objects
-
-         It is only present if provideListOfList was defined true in
-         the configuration.
-
-     "singleSiteList" if this is present, then there is only one
-         IdPSiteSetEntry Object in "siteLists".
-
-     "searchresultempty" If this is present then it means that a
-         search was performed, but no suitable IdPs were returned.
-
-     "searchresults" If this is present it represents the list of IdPs
-         which matched a previous search.  It is a Collection of
-         IdPSite Objects. -->
-
-<!-- PROGRAMMING NOTE
-
-     The jsp communicates back to the WAYF via the parameters listed
-     above, and:
-
-        "action" what the WAYF has to do.  Possible contents are:
-
-            "lookup" - refresh the screen.
-            "search" - perform a search on the contents parameter "string"
-            "selection" - redirect to the IdP with the uri "origin"
-
-        "cache" preserve any selection in the _saml_idp cookie. A
-            value of "session" makes the cookie last for the browser
-            session, "perm" gives it the lifetime specified in the
-            configuration file.  -->
-
-</logic:present>
-
-<head>
-    <link rel="stylesheet" title="normal" type="text/css"
-    href="wayf.css" /> <title>Identity Provider Selection</title>
-    </head>
-
-<body>
-    <div class="head">
-        <h1>
-
-Select an identity provider
-
-        </h1>
-    </div>
-
-    <div class="selector">
-    <p class="text">
-
-<!--CONFIG-->
-
-The Service you are trying to reach requires that you
-authenticate with your home institution, please select it from the
-list below.
-
-    </p>
-    <logic:present name="cookieList" scope="request">
-
-        <h2>
-
-Recently used institutions:
-
-        </h2>   
-
-<logic:present name="showComments" scope="Request">
-
-<!-- PROGRAMMING NOTE
- 
-     Generate a hyperlink back to the WAYF.  Note that we are
-     simulating the user having specified a permanent cookie -->
-
-</logic:present>
-        <logic:iterate id="site" name="cookieList">
-            <p  class="text">
-              <logic:present name="entityID" scope="request">
-
-                <bean:define id="returnIDParam" name="returnIDParam"/>
-                <bean:define id="ei" name="entityID" />
-                <bean:define id="re" name="returnX"/>
-
-                 <a href="<bean:write name="requestURL" />?entityID=<%= java.net.URLEncoder.encode(ei.toString(), "utf-8") %>&return=<%= java.net.URLEncoder.encode(re.toString(), "utf-8") %>&returnIDxParam=<%= java.net.URLEncoder.encode( returnIDParam.toString(), "utf-8" ) %>&cache=perm&action=selection&origin=<jsp:getProperty name="site" property="name" />">
-                    <jsp:getProperty name="site" property="displayName" />
-                </a>
-              </logic:present>
-              <logic:notPresent name="entityID" scope="request">
-                <bean:define id="targ" name="target" />
-                <bean:define id="shire" name="shire" />
-                <bean:define id="pid" name="providerId" />
-                <a href="<bean:write name="requestURL" />?target=<%= java.net.URLEncoder.encode(targ.toString(),"utf-8") %>&shire=<%= java.net.URLEncoder.encode(shire.toString(),"utf-8") %>&providerId=<%= java.net.URLEncoder.encode(pid.toString(),"utf-8") %>&time=<bean:write name="time" />&cache=perm&action=selection&origin=<jsp:getProperty name="site" property="name" />">
-                    <jsp:getProperty name="site"
-                    property="displayName" />
-                </a>
-              </logic:notPresent>
-            </p>
-        </logic:iterate>
-
-<logic:present name="showComments" scope="Request">
-
-<!-- PROGRAMMING NOTE
-
-     We defined the ClearCache.Wayf service in wayfconfig.  So we know
-     it is here.  This will empty the cookie and loop -->
-
-</logic:present>
-
-        <form method="get" action="ClearCache.wayf" >
-          <logic:notPresent name="entityID" scope="request">
-            <input type="hidden" name="shire" value="<bean:write name="shire" />" />
-            <input type="hidden" name="target" value="<bean:write name="target" />" />
-            <input type="hidden" name="providerId" value="<bean:write name="providerId" />" />
-            <logic:present name="time" scope="request">
-               <input type="hidden" name="time" value="<bean:write name="time" />" />
-            </logic:present>
-          </logic:notPresent>
-          <logic:present name="entityID" scope="request">
-            <input type="hidden" name="entityID" value="<bean:write name="entityID" />" />
-            <input type="hidden" name="returnX" value="<bean:write name="returnX" />" />
-            <input type="hidden" name="returnIDParam" value="<bean:write name="returnIDParam" />" />
-          </logic:present>
-          <input type="submit" value="Clear" />
-        </form>
-
-    </logic:present>
-
-    <div class="list">
-
-        <h2>
-
-Choose from a list:
-
-        </h2>
-
-        <logic:present name="sites" scope="request">
-        <logic:notPresent name="siteLists" scope="request">
-
-            <form method="get" action="<bean:write name="requestURL" />">
-                <logic:notPresent name="entityID" scope="request">
-                    <input type="hidden" name="shire" value="<bean:write name="shire" />" />
-                    <input type="hidden" name="target" value="<bean:write name="target" />" />
-                    <input type="hidden" name="providerId" value="<bean:write name="providerId" />" />
-                    <logic:present name="time" scope="request">
-                         <input type="hidden" name="time" value="<bean:write name="time" />" />
-                    </logic:present>
-                </logic:notPresent>
-                <logic:present name="entityID" scope="request">
-                    <input type="hidden" name="entityID" value="<bean:write name="entityID" />" />
-                    <input type="hidden" name="returnX" value="<bean:write name="returnX" />" />
-                    <input type="hidden" name="returnIDParam" value="<bean:write name="returnIDParam" />" />
-                 </logic:present>
-                 <input type="hidden" name="action" value="selection" />
-                 <select name="origin">      
-                     <logic:iterate id="site" name="sites">
-                         <option value="<jsp:getProperty name="site" property="name" />">
-                             <jsp:getProperty name="site" property="displayName" />
-                         </option>
-                     </logic:iterate>
-                 </select>
-                 <input type="submit" value="Select" />
-                 <select name="cache">
-                     <option value="false"> Do not remember</option>
-                     <option value="session" selected="selected"> Remember for session</option>
-                     <option value="perm"> Remember for a week</option>
-                 </select>
-            </form>
-        </logic:notPresent>
-        </logic:present>
-
-<logic:present name="showComments" scope="Request">
-
-<!-- PROGRAMMING NOTE
-     Build two tables side by side, one with the Federation names and 'ALL' (if apposite)
-     and the other will be dynamically populated with the members of that federation.
-
-     This needs to work in the face of no javascript, so we initially populate the 
-     Right hand list with all the IdPs.  The first Selection in the Left hand Table will
-     shrink this list
-
-     The 'lists of all IdPs' is derived from the one which java gives us (if it did)
-     otherwise it is derived by a double iteration through the List of Lists.  This
-     makes for complicated looking code, but it's dead simple really.
-
- -->
-
-</logic:present>
-
-        <logic:present name="siteLists" scope="request">
-          <form method="get" action="<bean:write name="requestURL" />">
-             <logic:notPresent name="entityID" scope="request">
-                 <input type="hidden" name="shire" value="<bean:write name="shire" />" />
-                 <input type="hidden" name="target" value="<bean:write name="target" />" />
-                 <input type="hidden" name="providerId" value="<bean:write name="providerId" />" />
-                 <logic:present name="time" scope="request">
-                    <input type="hidden" name="time" value="<bean:write name="time" />" />
-                 </logic:present>
-             </logic:notPresent>
-             <logic:present name="entityID" scope="request">
-                 <input type="hidden" name="entityID" value="<bean:write name="entityID" />" />
-                 <input type="hidden" name="returnX" value="<bean:write name="returnX" />" />
-                 <input type="hidden" name="returnIDParam" value="<bean:write name="returnIDParam" />" />
-              </logic:present>
-             <table id="tab">
-               <tr>
-                <th>Federation </th>
-                <th>Institution</th>
-               </tr>
-               <tr><td>
-                 <select name="FedSelector" size="10" id="FedSelect" 
-                             onchange="changedFed(this.form.origin,
-                                                  this.form.FedSelector[this.form.FedSelector.selectedIndex].value);">
-                   <logic:iterate id="siteset" name="siteLists">
-                     <logic:present name="singleSiteList" scope="request">
-
-                       <!-- Only One site so select it -->
-
-                       <option value="<jsp:getProperty name="siteset" property="name"/>" selected="selected">
-                         <jsp:getProperty name="siteset" property="name"/>
-                       </option>
-                     </logic:present>
-                     <logic:notPresent name="singleSiteList" scope="request">
-                       <option value="<jsp:getProperty name="siteset" property="name"/>">
-                         <jsp:getProperty name="siteset" property="name"/>
-                       </option>
-                     </logic:notPresent>
-                   </logic:iterate>
-                   <logic:notPresent name="singleSiteList" scope="request">
-
-                     <!-- More than one site so select the 'All' -->
-
-                     <option value="ALL" selected="selected">
-                         All Sites
-                     </option>
-                   </logic:notPresent>
-                 </select></td><td>
-                 <input type="hidden" name="action" value="selection" />
-                 <select name="origin" size="10" id="originIdp"> 
-                   <logic:present name="sites" scope="request">
-                     <logic:iterate id="site" name="sites">
-                       <option value="<jsp:getProperty name="site" property="name" />">
-                         <jsp:getProperty name="site" property="displayName" />
-                       </option>
-                     </logic:iterate>
-                   </logic:present>
-
-                   <logic:notPresent name="sites" scope="request">
-                     <logic:iterate id="siteset" name="siteLists">
-                       <logic:iterate id="site" name="siteset" property="sites">
-                         <option value="<jsp:getProperty name="site" property="name" />">
-                           <jsp:getProperty name="site" property="displayName" />
-                         </option>
-                       </logic:iterate>
-                     </logic:iterate>        
-                   </logic:notPresent>
-                 </select>
-               </td></tr>
-             </table>
-             <p>
-               <input type="submit" value="Select" />
-               <select name="cache">
-                 <option value="false"> Do not remember</option>
-                 <option value="session" selected="selected"> Remember for session</option>
-                 <option value="perm"> Remember for a week</option>
-               </select>
-             </p>
-           </form>
-        </logic:present>
-        </div>
-        <div class="search">
-            <span class="option">or</span>
-
-            <h2>
-
-Search by keyword:
-
-            </h2>
-
-            <form method="get" action="<bean:write name="requestURL" />">
-                <p>
-
-                <logic:notPresent name="entityID" scope="request">
-                    <input type="hidden" name="shire" value="<bean:write name="shire" />" />
-                    <input type="hidden" name="target" value="<bean:write name="target" />" />
-                    <input type="hidden" name="providerId" value="<bean:write name="providerId" />" />
-                    <logic:present name="time" scope="request">
-                         <input type="hidden" name="time" value="<bean:write name="time" />" />
-                    </logic:present>
-                </logic:notPresent>
-                <logic:present name="entityID" scope="request">
-                    <input type="hidden" name="entityID" value="<bean:write name="entityID" />" />
-                    <input type="hidden" name="returnX" value="<bean:write name="returnX" />" />
-                    <input type="hidden" name="returnIDParam" value="<bean:write name="returnIDParam" />" />
-                 </logic:present>
-
-                    <input type="hidden" name="action" value="search" />
-                    <input type="text" name="string" />
-                    <input type="submit" value="Search" />
-                </p>
-            </form>
-
-            <logic:present name="searchResultsEmpty" scope="request">
-                <p class="error">
-
-No provider was found that matches your search criteria, please try again.
-
-                </p>
-            </logic:present>
-
-            <logic:present name="searchresults" scope="request">
-                <h3>
-
-Search results:
-
-                </h3>
-                <form method="get" action="<bean:write name="requestURL" />">
-                    <ul>
-                        <logic:iterate id="currResult" name="searchresults">
-                            <li>
-                                <input type="radio" name="origin" value="<jsp:getProperty name="currResult" property="name" />" />
-                                <jsp:getProperty name="currResult" property="displayName" />
-                            </li>
-                        </logic:iterate>
-                    </ul>
-                    <p>
-                  <logic:notPresent name="entityID" scope="request">
-                      <input type="hidden" name="shire" value="<bean:write name="shire" />" />
-                      <input type="hidden" name="target" value="<bean:write name="target" />" />
-                      <input type="hidden" name="providerId" value="<bean:write name="providerId" />" />
-                      <logic:present name="time" scope="request">
-                           <input type="hidden" name="time" value="<bean:write name="time" />" />
-                      </logic:present>
-                  </logic:notPresent>
-                  <logic:present name="entityID" scope="request">
-                      <input type="hidden" name="entityID" value="<bean:write name="entityID" />" />
-                      <input type="hidden" name="returnX" value="<bean:write name="returnX" />" />
-                      <input type="hidden" name="returnIDParam" value="<bean:write name="returnIDParam" />" />
-                   </logic:present>
-                   <input type="hidden" name="action" value="selection" />
-                   <input type="submit" value="Select" />
-                   <select name="cache">
-                     <option value="false"> Do not remember</option>
-                     <option value="session" selected="selected"> Remember for session</option>
-                     <option value="perm"> Remember for a week</option>
-                   </select>
-                      </p>
-                </form>     
-            </logic:present>
-        </div>
-    </div>
-
-    <div class="footer">
-        <p class="text">
-<!--CONFIG-->
-Need assistance? Send mail to <a href="mailto:user@domain"> administrator's name</a> with description.
-        </p>
-        <div class="logo"><img src="images/internet2.gif" alt="InQueue" /></div>
-    </div>
-
-<logic:present name="showComments" scope="Request">
-
-<!--PROGRAMMING NOTE
-  
-  We need to program the on changed selector.  Note that option.InnterText only
-  works on IE, options.remove doesn't work on Firefox, and that
-  options.add doesn't work on Safari.  Hence the somewhat strange manipulations
-  to delete & populate the list of options.
-
-  X        is the select object for the right hand table
-  Selected is the name selected in the left hand table
-
--->
-
-</logic:present>
-
-<logic:present name="siteLists" scope="request">
-<script language="javascript" type="text/javascript">
-<!--
-
-function changedFed(X, Selected) {
-
-  <logic:notPresent name="singleSiteList" scope="request">
-
-     while (X.length > 0) {
-        X.options[(X.length-1)] = null;
-     }
-  
-  
-    <logic:iterate id="siteset" name="siteLists">
-      if (Selected == "<jsp:getProperty name="siteset" property="name"/>") {
-        var opt;
-        <logic:iterate id="site" name="siteset" property="sites">
-          opt = new Option ("<jsp:getProperty name="site" property="displayName" />");
-          X.options[X.length] = opt;
-          opt.value = "<jsp:getProperty name="site" property="name" />";
-        </logic:iterate>
-      }
-    </logic:iterate>
-  
-      if (Selected == "ALL") {
-        var opt;
-  
-      <logic:present name="sites" scope="request">
-          <logic:iterate id="site" name="sites">
-            opt = new Option("<jsp:getProperty name="site" property="displayName" />");
-            X.options[X.length] = opt;
-            opt.value = "<jsp:getProperty name="site" property="name" />";
-          </logic:iterate>
-      </logic:present>
-  
-      <logic:notPresent name="sites" scope="request">
-          <logic:iterate id="siteset" name="siteLists">
-            <logic:iterate id="site" name="siteset" property="sites">
-              opt = new Option ("<jsp:getProperty name="site" property="displayName" />");
-              X.options[X.length] = opt;
-              opt.value = "<jsp:getProperty name="site" property="name" />";
-            </logic:iterate>
-          </logic:iterate>
-      </logic:notPresent>
-    }
-  
-  </logic:notPresent>
-   
-  
-}
--->
-</script>
-</logic:present>
- 
-  
-</body>
-</html>
-  
diff --git a/src/main/webapp/wayferror.jsp b/src/main/webapp/wayferror.jsp
deleted file mode 100755
index 5e72816..0000000
--- a/src/main/webapp/wayferror.jsp
+++ /dev/null
@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html 
-	PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
-	"DTD/xhtml1-strict.dtd">
-	<%@ taglib uri="/WEB-INF/tlds/struts-logic.tld" prefix="logic" %>
-	<%@ taglib uri="/WEB-INF/tlds/struts-bean.tld" prefix="bean" %>
-	
-	<jsp:useBean id="requestURL" scope="application" class="java.lang.String"/>
-	<jsp:useBean id="errorText" scope="request" class="java.lang.String"/>
-
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
-	<link rel="stylesheet" type="text/css" href="main.css" />
-	<title>Access System Failure</title>
-</head>
-
-<body>
-<div class="head">
-<img src="images/logo.jpg" alt="Logo" />
-<h1>Inter-institutional Access System Failure</h1>
-</div>
-
-<p>The inter-institutional access system experienced a technical failure.</p>
-
-<p>Please email <a href="mailto:user@domain"> administrator's name</a> and include the following error message:</p>
-
-<p class="error">WAYF failure at (<bean:write name="requestURL" />)</p>
-
-<p><bean:write name="errorText" /></p>
-
-
-</body>
-</html>
\ No newline at end of file