Mailing-List: contact commits-help@airavata.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@airavata.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
From: lahiru@apache.org
To: commits@airavata.apache.org
Date: Thu, 19 Mar 2015 15:02:27 -0000
Message-Id: <3f62fff8b9fa46f2b92fed4c48383756@git.apache.org>
Subject: [01/62] [abbrv] airavata git commit: Reorganizing credential store to
 create a light weight stubs artifact - AIRAVATA-1621

Repository: airavata
Updated Branches:
  refs/heads/queue-gfac-rabbitmq 93ed077e8 -> 48be39fea


http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/java/org/apache/airavata/credentialstore/session/ServletRequestHelper.java
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/java/org/apache/airavata/credentialstore/session/ServletRequestHelper.java b/modules/credential-store/credential-store-webapp/src/main/java/org/apache/airavata/credentialstore/session/ServletRequestHelper.java
new file mode 100644
index 0000000..c4a2c47
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/java/org/apache/airavata/credentialstore/session/ServletRequestHelper.java
@@ -0,0 +1,129 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.airavata.credentialstore.session;
+
+import org.apache.airavata.common.context.RequestContext;
+import org.apache.airavata.common.context.WorkflowContext;
+import org.apache.airavata.common.exception.ApplicationSettingsException;
+import org.apache.airavata.common.utils.Constants;
+import org.apache.airavata.common.utils.ServerSettings;
+import org.apache.airavata.security.AuthenticationException;
+import org.apache.commons.codec.binary.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Helper class to extract request information.
+ */
+public class ServletRequestHelper {
+
+    /**
+     * Header names
+     */
+    public static final String AUTHORISATION_HEADER_NAME = "Authorization";
+    private final static Logger logger = LoggerFactory.getLogger(ServletRequestHelper.class);
+    protected void addIdentityInformationToSession(HttpServletRequest servletRequest) throws AuthenticationException {
+
+        addUserToSession(null, servletRequest);
+    }
+
+    public void addUserToSession(String userName, HttpServletRequest servletRequest) throws AuthenticationException {
+
+        if (userName == null) {
+            userName = getUserName(servletRequest);
+        }
+
+        String gatewayId = getGatewayId(servletRequest);
+
+        if (servletRequest.getSession() != null) {
+			try {
+				servletRequest.getSession().setAttribute(Constants.USER_IN_SESSION, userName);
+				servletRequest.getSession().setAttribute(ServerSettings.getDefaultUserGateway(), gatewayId);
+			} catch (ApplicationSettingsException e) {
+                logger.error(e.getMessage(), e);
+			}
+        }
+
+        addToContext(userName, gatewayId);
+    }
+
+    String getUserName(HttpServletRequest httpServletRequest) throws AuthenticationException {
+
+        String basicHeader = httpServletRequest.getHeader(AUTHORISATION_HEADER_NAME);
+
+        if (basicHeader == null) {
+            throw new AuthenticationException("Authorization Required");
+        }
+
+        String[] userNamePasswordArray = basicHeader.split(" ");
+
+        if (userNamePasswordArray == null || userNamePasswordArray.length != 2) {
+            throw new AuthenticationException("Authorization Required");
+        }
+
+        String decodedString = decode(userNamePasswordArray[1]);
+
+        String[] array = decodedString.split(":");
+
+        if (array == null || array.length != 1) {
+            throw new AuthenticationException("Authorization Required");
+        }
+
+        return array[0];
+
+    }
+
+    public String decode(String encoded) {
+        return new String(Base64.decodeBase64(encoded.getBytes()));
+    }
+
+    String getGatewayId(HttpServletRequest request) throws AuthenticationException {
+        String gatewayId = null;
+		try {
+			gatewayId = request.getHeader(ServerSettings.getDefaultUserGateway());
+		} catch (ApplicationSettingsException e1) {
+            logger.error(e1.getMessage(), e1);
+		}
+
+        if (gatewayId == null) {
+            try {
+                gatewayId = ServerSettings.getDefaultUserGateway();
+            } catch (ApplicationSettingsException e) {
+                throw new AuthenticationException("Unable to retrieve default gateway", e);
+            }
+        }
+
+        return gatewayId;
+    }
+
+    public void addToContext(String userName, String gatewayId) {
+
+        RequestContext requestContext = new RequestContext();
+        requestContext.setUserIdentity(userName);
+        requestContext.setGatewayId(gatewayId);
+
+        WorkflowContext.set(requestContext);
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/resources/airavata-server.properties
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/resources/airavata-server.properties b/modules/credential-store/credential-store-webapp/src/main/resources/airavata-server.properties
new file mode 100644
index 0000000..fb02901
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/resources/airavata-server.properties
@@ -0,0 +1,234 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+###########################################################################
+#
+#  This properties file provides configuration for all Airavata Services:
+#  API Server, Registry, Workflow Interpreter, GFac, Orchestrator
+#
+###########################################################################
+
+###########################################################################
+#  API Server Registry Configuration
+###########################################################################
+
+#for derby [AiravataJPARegistry]
+registry.jdbc.driver=org.apache.derby.jdbc.ClientDriver
+registry.jdbc.url=jdbc:derby://localhost:1527/persistent_data;create=true;user=airavata;password=airavata
+# MySql database configuration
+#registry.jdbc.driver=com.mysql.jdbc.Driver
+#registry.jdbc.url=jdbc:mysql://localhost:3306/persistent_data
+registry.jdbc.user=airavata
+registry.jdbc.password=airavata
+start.derby.server.mode=true
+validationQuery=SELECT 1 from CONFIGURATION
+jpa.cache.size=5000
+#jpa.connection.properties=MaxActive=10,MaxIdle=5,MinIdle=2,MaxWait=60000,testWhileIdle=true,testOnBorrow=true
+
+# Properties for default user mode
+default.registry.user=admin
+default.registry.password=admin
+default.registry.password.hash.method=SHA
+default.registry.gateway=default
+
+#ip=127.0.0.1
+
+###########################################################################
+#  Application Catalog DB Configuration
+###########################################################################
+#for derby [AiravataJPARegistry]
+appcatalog.jdbc.driver=org.apache.derby.jdbc.ClientDriver
+appcatalog.jdbc.url=jdbc:derby://localhost:1527/app_catalog;create=true;user=airavata;password=airavata
+# MySql database configuration
+#appcatalog.jdbc.driver=com.mysql.jdbc.Driver
+#appcatalog.jdbc.url=jdbc:mysql://localhost:3306/app_catalog
+appcatalog.jdbc.user=airavata
+appcatalog.jdbc.password=airavata
+appcatalog.validationQuery=SELECT 1 from CONFIGURATION
+
+###########################################################################
+#  Server module Configuration
+###########################################################################
+
+servers=apiserver,orchestrator,gfac,workflowserver
+#shutdown.trategy=NONE
+shutdown.trategy=SELF_TERMINATE
+
+
+apiserver.server.host=localhost
+apiserver.server.port=8930
+apiserver.server.min.threads=50
+workflow.server.host=localhost
+workflow.server.port=8931
+orchestrator.server.host=localhost
+orchestrator.server.port=8940
+gfac.server.host=localhost
+gfac.server.port=8950
+orchestrator.server.min.threads=50
+
+###########################################################################
+# Credential Store module Configuration
+###########################################################################
+credential.store.keystore.url=/Users/lahirugunathilake/Downloads/airavata_sym.jks
+credential.store.keystore.alias=airavata
+credential.store.keystore.password=airavata
+credential.store.jdbc.url=jdbc:derby://localhost:1527/persistent_data;create=true;user=airavata;password=airavata
+credential.store.jdbc.user=airavata
+credential.store.jdbc.password=airavata
+credential.store.jdbc.driver=org.apache.derby.jdbc.ClientDriver
+
+notifier.enabled=false
+#period in milliseconds
+notifier.duration=5000
+
+email.server=smtp.googlemail.com
+email.server.port=465
+email.user=airavata
+email.password=xxx
+email.ssl=true
+email.from=airavata@apache.org
+
+###########################################################################
+# Airavata GFac MyProxy GSI credentials to access Grid Resources.
+###########################################################################
+#
+# Security Configuration used by Airavata Generic Factory Service
+#  to interact with Computational Resources.
+#
+gfac=org.apache.airavata.gfac.server.GfacServer
+myproxy.server=myproxy.teragrid.org
+myproxy.username=ogce
+myproxy.password=
+myproxy.life=3600
+# XSEDE Trusted certificates can be downloaded from https://software.xsede.org/security/xsede-certs.tar.gz
+trusted.cert.location=/Users/lahirugunathilake/Downloads/certificates
+# SSH PKI key pair or ssh password can be used SSH based authentication is used.
+# if user specify both password authentication gets the higher preference
+
+################# ---------- For ssh key pair authentication ------------------- ################
+#public.ssh.key=/path to public key for ssh
+#ssh.username=username for ssh connection
+#private.ssh.key=/path to private key file for ssh
+#ssh.keypass=passphrase for the private key
+
+
+################# ---------- For ssh key pair authentication ------------------- ################
+#ssh.username=username for ssh connection
+#ssh.password=Password for ssh connection
+
+
+
+###########################################################################
+# Airavata Workflow Interpreter Configurations
+###########################################################################
+
+#runInThread=true
+#provenance=true
+#provenanceWriterThreadPoolSize=20
+#gfac.embedded=true
+#workflowserver=org.apache.airavata.api.server.WorkflowServer
+
+
+###########################################################################
+# API Server module Configuration
+###########################################################################
+apiserver=org.apache.airavata.api.server.AiravataAPIServer
+
+###########################################################################
+# Workflow Server module Configuration
+###########################################################################
+
+workflowserver=org.apache.airavata.api.server.WorkflowServer
+
+###########################################################################
+# Advance configuration to change service implementations
+###########################################################################
+# If false, disables two phase commit when submitting jobs
+TwoPhase=true
+#
+# Class which implemented HostScheduler interface. It will determine the which host to submit the request
+#
+host.scheduler=org.apache.airavata.gfac.core.scheduler.impl.SimpleHostScheduler
+
+###########################################################################
+# Monitoring module Configuration
+###########################################################################
+
+#This will be the primary monitoring tool which runs in airavata, in future there will be multiple monitoring
+#mechanisms and one would be able to start a monitor
+monitors=org.apache.airavata.gfac.monitor.impl.pull.qstat.QstatMonitor,org.apache.airavata.gfac.monitor.impl.LocalJobMonitor
+
+
+###########################################################################
+# AMQP Notification Configuration
+###########################################################################
+
+
+amqp.notification.enable=1
+
+amqp.broker.host=localhost
+amqp.broker.port=5672
+amqp.broker.username=guest
+amqp.broker.password=guest
+
+amqp.sender=org.apache.airavata.wsmg.client.amqp.rabbitmq.AMQPSenderImpl
+amqp.topic.sender=org.apache.airavata.wsmg.client.amqp.rabbitmq.AMQPTopicSenderImpl
+amqp.broadcast.sender=org.apache.airavata.wsmg.client.amqp.rabbitmq.AMQPBroadcastSenderImpl
+
+#,org.apache.airavata.gfac.monitor.impl.push.amqp.AMQPMonitor
+#This is the amqp related configuration and this lists down the Rabbitmq host, this is an xsede specific configuration
+amqp.hosts=info1.dyn.teragrid.org,info2.dyn.teragrid.org
+proxy.file.path=/Users/lahirugunathilake/Downloads/x509up_u503876
+connection.name=xsede
+#publisher
+activity.listeners=org.apache.airavata.gfac.core.monitor.AiravataJobStatusUpdator,org.apache.airavata.gfac.core.monitor.AiravataTaskStatusUpdator,org.apache.airavata.gfac.core.monitor.AiravataWorkflowNodeStatusUpdator,org.apache.airavata.api.server.listener.AiravataExperimentStatusUpdator,org.apache.airavata.gfac.core.monitor.GfacInternalStatusUpdator,org.apache.airavata.workflow.engine.util.ProxyMonitorPublisher
+publish.rabbitmq=false
+activity.publisher=org.apache.airavata.messaging.core.impl.RabbitMQPublisher
+rabbitmq.broker.url=amqp://localhost:5672
+rabbitmq.exchange.name=airavata_rabbitmq_exchange
+
+###########################################################################
+# Orchestrator module Configuration
+###########################################################################
+
+#job.submitter=org.apache.airavata.orchestrator.core.impl.GFACEmbeddedJobSubmitter
+job.submitter=org.apache.airavata.orchestrator.core.impl.GFACServiceJobSubmitter
+job.validators=org.apache.airavata.orchestrator.core.validator.impl.SimpleAppDataValidator,org.apache.airavata.orchestrator.core.validator.impl.ExperimentStatusValidator
+submitter.interval=10000
+threadpool.size=10
+start.submitter=true
+embedded.mode=true
+enable.validation=true
+orchestrator=org.apache.airavata.orchestrator.server.OrchestratorServer
+
+###########################################################################
+# Zookeeper Server Configuration
+###########################################################################
+
+embedded.zk=true
+zookeeper.server.host=localhost
+zookeeper.server.port=2181
+airavata-server=/api-server
+orchestrator-server=/orchestrator-server
+gfac-server=/gfac-server
+gfac-experiments=/gfac-experiments
+gfac-server-name=gfac-node0
+orchestrator-server-name=orch-node0
+airavata-server-name=api-node0

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/client.xml
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/client.xml b/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/client.xml
new file mode 100644
index 0000000..bc721ed
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/client.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--Licensed to the Apache Software
+	Foundation (ASF) under one or more contributor license agreements. See the
+	NOTICE file distributed with this work for additional information regarding
+	copyright ownership. The ASF licenses this file to you under the Apache License,
+	Version 2.0 (theÏ "License"); you may not use this file except in compliance
+	with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+	Unless required by applicable law or agreed to in writing, software distributed
+	under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
+	OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for
+	the specific language governing permissions and limitations under the License. -->
+
+<config>
+    <client name="acs">
+        <logging
+                logFileName="../logs/oa4mp.log"
+                logName="oa4mp"
+                logSize="1000000"
+                logFileCount="2"
+                debug="true"/>
+        <id>myproxy:oa4mp,2012:/client/5a323fc6fcffcff7a95401046a303520</id>
+        <serviceUri>https://oa4mp.xsede.org/oauth</serviceUri>
+        <callbackUri>https://localhost:8443/credential-store/callback</callbackUri>
+        <!--callbackUri>http://149.165.228.118/PHP-Reference-Gateway/xsede_login.php</callbackUri-->
+        <lifetime>864000</lifetime>
+        <publicKeyFile>/Users/chathuri/dev/airavata/credential-store/oa4mp/oauth-pubkey.pem</publicKeyFile>
+        <privateKeyFile>/Users/chathuri/dev/airavata/credential-store/oa4mp/oauth-privkey.pk8</privateKeyFile>
+    </client>
+
+    <credential-store>
+        <successUri>http://gw120.iu.xsede.org/PHP-Reference-Gateway/</successUri>
+        <errorUri>/credential-store/error.jsp</errorUri>
+        <redirectUri>/credential-store/show-redirect.jsp</redirectUri>
+    </credential-store>
+
+</config>

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-privkey.pk8
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-privkey.pk8 b/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-privkey.pk8
new file mode 100644
index 0000000..60f5b03
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-privkey.pk8
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCx/4hqCePa3scs
+oyGuwjnNdQCGfoPBlaCfl02Xq4L623EygIVo0faCX1ZZ/gA9ldw0TqZ6weCHfGck
+22TLeFQnJ4plAqJMMUbYwqmhnSsC9zTuc+c/yzcvdw2aCLPkMXnofFUasQEGhPI3
+/avTHOeUYBeu4ZU3u7G2Dp0jMDg1yh95v0FnGAjSPSBWQm1q4sxT90YB8jZyGvZ8
+kRs4S9Ik8Vz1VKNHJ16LZOuThfsRV4Af7vM8jXztjKUsrxQf1ZpKauAvXbJcDS2O
+pTjHWSvASk2pQxnDZDNcENE40MtG7V7qiDblMCuYumO8xnsJIGLreMKnSOQZKnDL
+uoBPNLB9AgMBAAECggEBAIJtcfHxaUr5rwygRJAftec88rOahMUW9Om8Hpkijglv
+PtT4o8kZAP6rCUVL/7Ug2IhjkU2mPvZIS/QP5x3JADDoolo9wdr+yKEQkuffmKLF
+rb2EpFB0ge1/2TGjat2s+11Frb6vMMcsJ6ircnpxVae9ed0lYwfBuwhiUPZ14NpY
+Figcq4mbM1fOmKIc035sR/fRVeuSEYPguw0sZkkx9LPGluvNXypwhfho60WCpxaB
+tgAadJRQgTEqz4kjHDD7xqY0w/KUJyqCOaJHnv2RmrdwrzDWFls6ETcc93PmINJU
+Mt2uLZZdd2nlZki91EhHA5XpPC1LoM2qXKaShfUMDWkCgYEA2oSVtz0ftT1njuX2
+OjsJi3ENOjmSuHaw81h72ZcIskCVrxZVeq0LGJdBQt361Q5ZhtnIgPA1bJXWtQ9s
+miFGkkPiPJb5GI45aLqpv+dJ/F/tXa0Q9LN++hfW8fKN8LejlM6tTiiYs3EqYEXO
+qqcLPoptxak8ZwDkOfj8yvJib6cCgYEA0IesCrCy8fpjVeDQdiAlIZqsecPJ2+Fz
+jLMik2hvAk6Yiyd8DmK8HMtSPfYMN4BhiphW49TXSyIoFEeCRQE8KMdSu3W4Z1wP
+AURZzQL78GRHc1n7EgCi2gzu38rSQDekmaQYr/hw+IlTpURjT68pDGKYXOybbjxu
+zUb67PHaAzsCgYADgs/ZAt1ojxUD4cQECYDMwcNBpT0rQ5TyRACxbVDRdGIzTvuO
+ngsomP2OcnyeQb3EgelL0RA6r2mkvRu0mkZFAVw4NwDHmTlo6l7h23h/2pa4w5gb
+Jmsq34kvmAMZ1AmH0Y5NTC+v6miQ5W49pbNzjMvYujBjQ0tndw2wwRY9zwKBgQDG
+FksgcI/b+z1Hg+Kig5CiJlr25DypibWJD1Wl74ucBmszrNNUmwgU1jOOtl8Ojf6a
+eHH5xOKq9YxbDz65LB4oood9masNTE7YpkQj0lTfG3MgKXatuDr6pVR49CLba8AJ
+Tu9AoeE2xsTVdmxccoiswi/3/a78fZ3HlEiism+lpwKBgCx7aX3MESqgxbf1kHgI
+Tu0nnvu06UwzAhBU6IpGKCqwu8zwfGN/PTTTz95hySUc1S4fSLuHVrdTAQTT3Zwr
+hwX85AxYdiyGhbeXFLue+eDWQ7PxAKXfRAwsKpdC72ixkXVqnVRh2yhRMPqKqnEu
+A5i3nuKHICZgD2fwQf+A8OL6
+-----END PRIVATE KEY-----

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-pubkey.pem
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-pubkey.pem b/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-pubkey.pem
new file mode 100644
index 0000000..f094a6d
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/resources/credential-store/oauth-pubkey.pem
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf+Iagnj2t7HLKMhrsI5
+zXUAhn6DwZWgn5dNl6uC+ttxMoCFaNH2gl9WWf4APZXcNE6mesHgh3xnJNtky3hU
+JyeKZQKiTDFG2MKpoZ0rAvc07nPnP8s3L3cNmgiz5DF56HxVGrEBBoTyN/2r0xzn
+lGAXruGVN7uxtg6dIzA4Ncofeb9BZxgI0j0gVkJtauLMU/dGAfI2chr2fJEbOEvS
+JPFc9VSjRydei2Trk4X7EVeAH+7zPI187YylLK8UH9WaSmrgL12yXA0tjqU4x1kr
+wEpNqUMZw2QzXBDRONDLRu1e6og25TArmLpjvMZ7CSBi63jCp0jkGSpwy7qATzSw
+fQIDAQAB
+-----END PUBLIC KEY-----

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/WEB-INF/web.xml
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/WEB-INF/web.xml b/modules/credential-store/credential-store-webapp/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000..252f889
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- ~ Licensed to the Apache Software Foundation (ASF) under one ~ or more
+    contributor license agreements. See the NOTICE file ~ distributed with this
+    work for additional information ~ regarding copyright ownership. The ASF
+    licenses this file ~ to you under the Apache License, Version 2.0 (the ~
+    "License"); you may not use this file except in compliance ~ with the License.
+    You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0
+    ~ ~ Unless required by applicable law or agreed to in writing, ~ software
+    distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT
+    WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the
+    License for the ~ specific language governing permissions and limitations
+    ~ under the License. -->
+
+<!-- This web.xml file is not required when using Servlet 3.0 container,
+     see implementation details http://jersey.java.net/nonav/documentation/latest/jax-rs.html#d4e194 -->
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xmlns="http://java.sun.com/xml/ns/javaee"
+         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+         id="WebApp_ID" version="2.5">
+
+    <listener>
+        <listener-class>org.apache.airavata.credential.store.servlet.CredentialBootstrapper</listener-class>
+    </listener>
+
+    <context-param>
+        <param-name>oa4mp:client.config.file</param-name>
+        <param-value>${catalina.home}/webapps/credential-store/WEB-INF/classes/credential-store/client.xml</param-value>
+    </context-param>
+
+    <!-- Credential store parameters -->
+    <context-param>
+        <param-name>credential-store-jdbc-url</param-name>
+        <param-value>jdbc:mysql://localhost/airavata</param-value>
+    </context-param>
+
+    <context-param>
+        <param-name>credential-store-db-user</param-name>
+        <param-value>root</param-value>
+    </context-param>
+
+    <context-param>
+        <param-name>credential-store-db-password</param-name>
+        <param-value>root123</param-value>
+    </context-param>
+
+    <context-param>
+        <param-name>credential-store-db-driver</param-name>
+        <param-value>com.mysql.jdbc.Driver</param-value>
+    </context-param>
+
+    <!-- ========================= Security Related Configurations go here ================================== -->
+
+    <filter>
+        <filter-name>CORS Filter</filter-name>
+        <filter-class>org.ebaysf.web.cors.CORSFilter</filter-class>
+        <init-param>
+            <description>A comma separated list of allowed origins. Note: An '*' cannot be used for an allowed origin when using credentials.</description>
+            <param-name>cors.allowed.origins</param-name>
+            <param-value>*</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.allowed.methods</param-name>
+            <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.allowed.headers</param-name>
+            <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.exposed.headers</param-name>
+            <param-value></param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.support.credentials</param-name>
+            <param-value>true</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.logging.enabled</param-name>
+            <param-value>false</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.preflight.maxage</param-name>
+            <param-value>1800</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cors.request.decorate</param-name>
+            <param-value>true</param-value>
+        </init-param>
+    </filter>
+
+    <filter-mapping>
+        <filter-name>CORS Filter</filter-name>
+        <url-pattern>/user-store/*</url-pattern>
+    </filter-mapping>
+
+    <!-- ================================ End Security Related Configurations =============================== -->
+
+    <!-- Credential Store Configurations -->
+    <servlet>
+        <servlet-name>credential-store-start</servlet-name>
+        <!--internal name of the servlet-->
+        <servlet-class>org.apache.airavata.credential.store.servlet.CredentialStoreStartServlet</servlet-class>
+
+        <load-on-startup>1</load-on-startup>
+        <!--load as soon as tomcat starts?-->
+    </servlet>
+
+    <servlet-mapping>
+        <servlet-name>credential-store-start</servlet-name>
+        <!--the servlet-name above-->
+        <url-pattern>/acs-start-servlet</url-pattern>
+        <!--what needs to be in the url, so http://foo.org/client/simple-->
+    </servlet-mapping>
+
+    <servlet>
+        <servlet-name>callback</servlet-name>
+        <!--internal name of the servlet-->
+        <servlet-class>org.apache.airavata.credential.store.servlet.CredentialStoreCallbackServlet</servlet-class>
+        <load-on-startup>1</load-on-startup>
+        <!--load as soon as tomcat starts?-->
+    </servlet>
+
+    <servlet-mapping>
+        <servlet-name>callback</servlet-name>
+        <!--the servlet-name above-->
+        <url-pattern>/callback</url-pattern>
+        <!--what needs to be in the url, so http://foo.org/client/simple-->
+    </servlet-mapping>
+</web-app>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/acs/index.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/acs/index.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/acs/index.jsp
new file mode 100644
index 0000000..e7626fa
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/acs/index.jsp
@@ -0,0 +1,44 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+  
+<html>
+<body>
+<h2>Sample Portal</h2>
+<p>This demonstrates how portal can use Credential Store to obtain community credentials ...</p>
+<form name="input" action="../acs-start-servlet" method="post">
+
+    <table border="0">
+        <tr>
+            <td>Gateway Name</td>
+            <td><input type="text" name="gatewayName"></td>
+        </tr>
+        <tr>
+            <td>Portal Username</td>
+            <td><input type="text" name="portalUserName"></td>
+        </tr>
+        <tr>
+            <td>Contact Email</td>
+            <td><input type="text" name="email"></td>
+        </tr>
+    </table>
+
+    <input type="submit" value="Submit">
+</form>
+</body>
+</html>

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/error.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/error.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/error.jsp
new file mode 100644
index 0000000..adc430d
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/error.jsp
@@ -0,0 +1,53 @@
+<%@ page import="org.apache.airavata.credential.store.util.CredentialStoreConstants" %>
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+  
+
+<%
+    String gatewayName = request.getParameter(CredentialStoreConstants.GATEWAY_NAME_QUERY_PARAMETER);
+    String portalUserName = request.getParameter(CredentialStoreConstants.PORTAL_USER_QUERY_PARAMETER);
+    Throwable exception = (Throwable) request.getAttribute("exception");
+
+%>
+
+<html>
+<body>
+<h1>Credential Store</h1>
+<p>An error occurred while processing</p>
+<p>
+    Gateway Name - <%=gatewayName%>. Portal user name - <%=portalUserName%>.
+    Exception -
+
+</p>
+
+<p>
+    <%
+
+        out.println("Exception - " + exception.getMessage());
+        out.println();
+        StackTraceElement[] elements = exception.getStackTrace();
+        for (StackTraceElement element : elements) {
+            out.print("         ");
+            out.println(element.toString());
+        }
+
+    %>
+</p>
+</body>
+</html>

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/password-credentials.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/password-credentials.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/password-credentials.jsp
new file mode 100644
index 0000000..59a1e04
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/password-credentials.jsp
@@ -0,0 +1,33 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+<html>
+<body>
+<h2>Store Passwords</h2>
+<p>This demonstrates how portal can use Credential Store to obtain community credentials ...</p>
+<form name="input" action="../airavata-registry-rest-services/credential-store" method="post">
+
+    Gateway Name   : <input type="text" name="gatewayName"><br>
+    Portal Username: <input type="text" name="portalUserName"><br>
+    Contact Email: <input type="text" name="email">
+
+    <input type="submit" value="Submit">
+</form>
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/show-redirect.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/show-redirect.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/show-redirect.jsp
new file mode 100644
index 0000000..84b54cf
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/show-redirect.jsp
@@ -0,0 +1,44 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+  
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+
+<%
+    String redirectUrlInRequest = (String) request.getAttribute("redirectUrl");
+%>
+
+<html>
+<head>
+    <script type="text/javascript">
+        <!--
+        function redirect(){
+            window.location = "<%=redirectUrlInRequest%>"
+        }
+        //-->
+    </script>
+</head>
+<body onLoad="setTimeout('redirect()', 1000)">
+<h2>You will be now redirect to MyProxy portal !</h2>
+<p>
+    If your browser didn't redirect to MyProxy Portal within 1 minute click following link,
+    <br><br> <a href="<%=redirectUrlInRequest%>"><%=redirectUrlInRequest%></a>
+</p>
+
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/success.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/success.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/success.jsp
new file mode 100644
index 0000000..f2964d0
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/credential-store/success.jsp
@@ -0,0 +1,25 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+  
+<html>
+<body>
+<h1>Credential Store</h1>
+<p>Certificate Successfully Stored !</p>
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/acs.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/acs.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/acs.jsp
new file mode 100644
index 0000000..94bc6d9
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/acs.jsp
@@ -0,0 +1,62 @@
+<%@ page import="org.apache.airavata.sample.gateway.SampleGateway" %>
+<%--
+  Created by IntelliJ IDEA.
+  User: thejaka
+  Date: 8/5/13
+  Time: 4:48 PM
+  To change this template use File | Settings | File Templates.
+--%>
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+
+<html>
+<body>
+
+<table width="100%" border="0">
+    <tr bgcolor="#999999"><td align="right"><a href="user.jsp"><font color="#f5f5f5">Home</font> </a> <a href="logout.jsp"><font color="#f5f5f5">Logout</font></a></td></tr>
+</table>
+
+<h2>Sample Gateway</h2>
+
+
+
+<p>This demonstrates how portal can use Credential Store to obtain community credentials ...</p>
+<form name="input" action="https://localhost:8443/airavata/acs-start-servlet" method="post">
+
+    <table border="0">
+        <tr>
+            <td>Gateway Name</td>
+            <td><input type="text" name="gatewayName" value="default" readonly="readonly"></td>
+        </tr>
+        <tr>
+            <td>Portal Username</td>
+            <td><input type="text" name="portalUserName"></td>
+        </tr>
+        <tr>
+            <td>Contact Email</td>
+            <td><input type="text" name="email"></td>
+        </tr>
+    </table>
+
+    <input type="submit" value="Submit">
+</form>
+</body>
+</html>

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/callback.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/callback.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/callback.jsp
new file mode 100644
index 0000000..560f64f
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/callback.jsp
@@ -0,0 +1,78 @@
+<%@ page import="org.apache.airavata.sample.gateway.SampleGateway" %>
+<%--
+  Created by IntelliJ IDEA.
+  User: thejaka
+  Date: 8/5/13
+  Time: 4:48 PM
+  To change this template use File | Settings | File Templates.
+--%>
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+<%
+    SampleGateway sampleGateway = (SampleGateway)session.getAttribute(SampleGateway.GATEWAY_SESSION);
+
+    boolean success = false;
+
+    String tokenId = request.getParameter("tokenId");
+
+    if (tokenId != null) {
+        sampleGateway.updateTokenId(tokenId);
+        success = true;
+    }
+%>
+
+<html>
+<body>
+
+<table width="100%" border="0">
+    <tr bgcolor="#999999"><td align="right"><a href="user.jsp"><font color="#f5f5f5">Home</font> </a> <a href="logout.jsp"><font color="#f5f5f5">Logout</font></a></td></tr>
+</table>
+
+<h2>Sample Gateway</h2>
+<%
+    out.println("The received token id - ");
+    out.println(tokenId);
+
+    if (success) {
+%>
+<p>Token id successfully updated.</p>
+
+<p>
+    View users who obtained token id.
+<ol>
+    <li><a href="list_users.jsp">List Users</a></li>
+</ol>
+</p>
+
+<%
+    } else {
+
+%>
+<p> Error updating token id.</p>
+<%
+
+    }
+
+%>
+
+
+</body>
+</html>

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/list_users.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/list_users.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/list_users.jsp
new file mode 100644
index 0000000..36883b7
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/list_users.jsp
@@ -0,0 +1,78 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+<%@ page import="org.apache.airavata.sample.gateway.SampleGateway" %>
+<%@ page import="java.util.List" %>
+<%@ page import="org.apache.airavata.sample.gateway.userstore.User" %>
+<%--
+  Created by IntelliJ IDEA.
+  User: thejaka
+  Date: 8/5/13
+  Time: 12:30 PM
+  To change this template use File | Settings | File Templates.
+--%>
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+<%
+    SampleGateway sampleGateway = (SampleGateway)session.getAttribute(SampleGateway.GATEWAY_SESSION);
+%>
+
+<html>
+<head>
+    <title>List Users</title>
+</head>
+<body>
+
+<table width="100%" border="0">
+    <tr bgcolor="#999999"><td align="right"><a href="user.jsp"><font color="#f5f5f5">Home</font> </a> <a href="logout.jsp"><font color="#f5f5f5">Logout</font></a></td></tr>
+</table>
+
+<h1>Sample Gateway</h1>
+
+
+<p> This page lists all users and their attributes. </p>
+
+<table>
+    <tr>
+        <td>UserName</td>
+        <td>E-Mail</td>
+        <td>TokenId</td>
+    </tr>
+<%
+    List<User> userList = sampleGateway.getAllUsers();
+    for (User u : userList) {
+%>
+    <tr>
+        <td>
+            <%=u.getUserName() %>
+        </td>
+        <td>
+            <%=u.getEmail() %>
+        </td>
+        <td>
+            <%=u.getToken() %>
+        </td>
+
+    </tr>
+    <%
+        }
+    %>
+</table>
+
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/logout.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/logout.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/logout.jsp
new file mode 100644
index 0000000..63d90be
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/logout.jsp
@@ -0,0 +1,35 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+<%@ page import="org.apache.airavata.sample.gateway.SampleGateway" %><%
+    session.removeAttribute("userName");
+    session.removeAttribute(SampleGateway.GATEWAY_SESSION);
+    session.invalidate();
+%>
+
+<html>
+<head>
+    <script language=javascript>
+        function redirect(){
+            window.location = "../index.jsp";
+        }
+    </script>
+</head>
+<body onload="redirect()">
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/user.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/user.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/user.jsp
new file mode 100644
index 0000000..1fd1957
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/gateway/user.jsp
@@ -0,0 +1,102 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership. The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+<%@ page import="org.apache.airavata.sample.gateway.SampleGateway" %>
+<%--
+  Created by IntelliJ IDEA.
+  User: thejaka
+  Date: 7/31/13
+  Time: 5:08 PM
+  To change this template use File | Settings | File Templates.
+--%>
+<%@ page contentType="text/html;charset=UTF-8" language="java" %>
+<%
+    String loginScreen = request.getParameter("loginScreen");
+
+    String user = (String)session.getAttribute("userName");
+    boolean authenticate = false;
+
+    if (loginScreen != null && loginScreen.equals("true")) {
+        SampleGateway sampleGateway = null;
+        sampleGateway = (SampleGateway) session.getAttribute(SampleGateway.GATEWAY_SESSION);
+
+        if (sampleGateway == null) {
+            sampleGateway = new SampleGateway(session.getServletContext());
+        }
+
+        session.setAttribute(SampleGateway.GATEWAY_SESSION, sampleGateway);
+
+        user = request.getParameter("username");
+        String password = request.getParameter("password");
+
+        authenticate = sampleGateway.authenticate(user, password);
+    } else {
+        authenticate = true;
+    }
+
+%>
+<html>
+
+<head>
+    <title>Manage</title>
+</head>
+<body>
+
+<table width="100%" border="0">
+    <tr bgcolor="#999999"><td align="right"><a href="user.jsp"><font color="#f5f5f5">Home</font> </a> <a href="logout.jsp"><font color="#f5f5f5">Logout</font></a></td></tr>
+</table>
+
+<h1>Sample Gateway</h1>
+
+<%
+    if (authenticate) {
+
+        session.setAttribute("userName", user);
+
+        if (SampleGateway.isAdmin(user)) {
+%>
+<h1>Administration</h1>
+<p>
+    This page allows administration functionality.
+<ol>
+    <li><a href="acs.jsp">Retrieve Credentials</a></li>
+    <li><a href="list_users.jsp">List Users</a></li>
+</ol>
+</p>
+
+
+<%
+     } else {
+%>
+
+<p> You are a normal user. Click <a href="job.jsp">here</a> to configure and run "Echo" workflow on a GRID machine.</p>
+
+<%
+     }
+    } else {
+%>
+
+<h1>Authentication failed</h1>
+
+<%
+    }
+%>
+
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/images/airavata-logo-2.png
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/images/airavata-logo-2.png b/modules/credential-store/credential-store-webapp/src/main/webapp/images/airavata-logo-2.png
new file mode 100644
index 0000000..4baf51b
Binary files /dev/null and b/modules/credential-store/credential-store-webapp/src/main/webapp/images/airavata-logo-2.png differ

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/index.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/index.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/index.jsp
new file mode 100644
index 0000000..1bf0ed6
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/index.jsp
@@ -0,0 +1,26 @@
+<%--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
+<html>
+<body>
+<img src="images/airavata-logo-2.png">
+<h2>Airavata Credential Store</h2>
+<p>Welcome to Airavata Credential Store Web Application</p>
+
+<p><a href="user-store/add.jsp"><b>Manage Local User Store</b></a></p>
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/add.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/add.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/add.jsp
new file mode 100644
index 0000000..f37684d
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/add.jsp
@@ -0,0 +1,142 @@
+<%--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+<%@ page import="org.apache.airavata.credentialstore.local.LocalUserStore" %>
+
+<html>
+
+<head>
+    <script language="javascript" type="text/javascript">
+        function validatePassword(fld1name, regString) {
+            var stringValue = document.getElementsByName(fld1name)[0].value;
+            var errorMessage = "";
+            if(regString != "null" && !stringValue.match(new RegExp(regString))){
+                errorMessage = "Password does not meet minimum requirements. Password length must be at least 6 " +
+                        "characters.";
+                return errorMessage;
+            }else if(regString != "null" && stringValue == ''){
+                return errorMessage;
+            }
+
+            if (stringValue == '') {
+                errorMessage = "Empty passwords are not allowed. Please enter a valid password";
+                return errorMessage;
+            }
+
+            return errorMessage;
+        }
+
+        function validateUsername(fld1name) {
+            var stringValue = document.getElementsByName(fld1name)[0].value;
+            var errorMessage = "";
+
+            if (stringValue == '') {
+                errorMessage = "Empty user names are not allowed. Please enter a valid user name.";
+                return errorMessage;
+            }
+
+            return errorMessage;
+        }
+
+        function checkPasswordsMatching(fld1name, fld2name) {
+
+            var stringValue1 = document.getElementsByName(fld1name)[0].value;
+            var stringValue2 = document.getElementsByName(fld2name)[0].value;
+            var errorMessage = "";
+
+            if (stringValue1 != stringValue2) {
+                errorMessage = "Confirm password does not match with the password. Please re-enter passwords.";
+                return errorMessage;
+            }
+
+            return errorMessage;
+
+        }
+
+        function validate() {
+            var reason = "";
+
+            reason = validateUsername("username");
+
+            if (reason != "") {
+                alert(reason);
+                return false;
+            }
+
+            reason = validatePassword("newPassword", <%=LocalUserStore.getPasswordRegularExpression()%>);
+
+            if (reason != "") {
+                alert(reason);
+                document.getElementsByName("newPassword")[0].clear();
+                return false;
+            }
+
+            reason = checkPasswordsMatching("newPassword", "confirmPassword");
+
+            if (reason != "") {
+                alert(reason);
+                document.getElementsByName("newPassword")[0].clear();
+                document.getElementsByName("confirmPassword")[0].clear();
+                return false;
+            }
+
+            return true;
+        }
+
+        function doProcess() {
+            if (validate() == true) {
+                document.registration.submit();
+            }
+        }
+
+
+    </script>
+</head>
+
+<body>
+<img src="../images/airavata-logo-2.png">
+<h2>Airavata Credential Store - Local User Store</h2>
+<p><b>Manage Local User Store - Add New User</b></p>
+
+<form action="index.jsp" name="registration" method="POST">
+
+    <input type="hidden" name="operation" value="addUser">
+    <table>
+        <tr>
+            <td>User Name</td>
+            <td><input type="text" name="username" maxlength="150"></td>
+        </tr>
+        <tr>
+            <td>Password</td>
+            <td><input type="password" name="newPassword"/></td>
+        </tr>
+        <tr>
+            <td>Re-Type Password</td>
+            <td><input type="password" name="confirmPassword"/></td>
+        </tr>
+    </table>
+
+    <table>
+        <tr>
+            <td><input type="button" value="Add" onclick= 'doProcess()'></td>
+            <td><a href="index.jsp"><input type="button" value="Cancel" name="Cancel"/> </a> </td>
+        </tr>
+    </table>
+
+</form>
+
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/index.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/index.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/index.jsp
new file mode 100644
index 0000000..732c0c7
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/index.jsp
@@ -0,0 +1,138 @@
+<%--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
+<%@ page import = "org.apache.airavata.credentialstore.local.LocalUserStore" %>
+<%@ page import="org.apache.airavata.credentialstore.basic.BasicAccessAuthenticator" %>
+<%@ page import="org.apache.airavata.credentialstore.session.HttpAuthenticatorFilter" %>
+<%@ page import="java.util.List" %>
+<%@ page import="org.apache.airavata.common.utils.Constants" %>
+<%
+
+    LocalUserStore localUserStore = (LocalUserStore)session.getAttribute("LocalUserStore");
+
+    if (localUserStore == null) {
+
+        String operatingUser = (String) session.getAttribute(Constants.USER_IN_SESSION);
+
+        if (operatingUser == null || !operatingUser.equals("admin")) {
+            HttpAuthenticatorFilter.sendUnauthorisedError(response, "Insufficient privileges to perform user operations." +
+                    " Only admin user is allowed to perform user operations.");
+
+            return;
+        }
+
+        localUserStore = new LocalUserStore(application);
+
+        session.setAttribute("LocalUserStore", localUserStore);
+    }
+
+    String operation = request.getParameter("operation");
+    if (operation != null) {
+        if (operation.equals("addUser")) {
+            String userName = request.getParameter("username");
+            String password = request.getParameter("newPassword");
+
+            localUserStore.addUser(userName, password);
+        } else if (operation.equals("deleteUser")) {
+            String[] usersToDelete = request.getParameterValues("user-id");
+
+            for (String deleteUser : usersToDelete) {
+                localUserStore.deleteUser(deleteUser);
+            }
+        }
+    }
+
+    List<String> allUsers = localUserStore.getUsers();
+
+%>
+
+<html>
+<head>
+    <script language="javascript" type="text/javascript">
+
+        function validate() {
+            var checkSelected = false;
+            for (var i = 0; i < <%=allUsers.size()%>; i++) {
+                if (document.main["user-id"][i].checked) {
+                    checkSelected = true;
+                }
+            }
+            if (checkSelected) {
+                var answer = confirm("Are you sure you want to delete selected users from the system ?");
+                if (answer) {
+                    return true;
+                }
+            } else {
+                alert("Select at least one user to delete.");
+            }
+            return false;
+        }
+
+        function doProcess() {
+            if (validate() == true) {
+                document.main.submit();
+            }
+        }
+
+    </script>
+</head>
+<body>
+<img src="../images/airavata-logo-2.png">
+<h2>Airavata REST API - Local User Store</h2>
+<p><b>Manage Local User Store</b></p>
+
+
+<form action="index.jsp" name="main" method="POST">
+    <table>
+        <tr>
+            <td>&nbsp;</td>
+            <td>All Users</td>
+        </tr>
+        <%
+            for (String user : allUsers) {
+        %>
+
+        <tr>
+            <td><input type="checkbox" name="user-id" value="<%=user%>"></td>
+            <td><%=user%>
+            </td>
+            <td><a href="password.jsp?username=<%=user%>">Change Password</a></td>
+        </tr>
+
+        <%
+            }
+        %>
+    </table>
+
+    <br>
+
+    <table width="100">
+        <tr>
+            <td>
+                <a href="add.jsp"><input type="button" value="Add" name="Add"/></a>
+            </td>
+            <td>&nbsp;</td>
+            <input type="hidden" name="operation" value="deleteUser">
+            <td><input type="button" value="Delete" onclick="doProcess()"></td>
+        </tr>
+    </table>
+
+</form>
+
+
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/password.jsp
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/password.jsp b/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/password.jsp
new file mode 100644
index 0000000..9a316ee
--- /dev/null
+++ b/modules/credential-store/credential-store-webapp/src/main/webapp/user-store/password.jsp
@@ -0,0 +1,157 @@
+<%--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+
+<%@ page import="org.apache.airavata.credentialstore.local.LocalUserStore" %>
+
+<%
+    String userName = request.getParameter("username");
+    if (userName == null) {
+        response.sendRedirect("index.jsp");
+    }
+
+    String password = request.getParameter("newPassword");
+    String confirmPassword = request.getParameter("confirmPassword");
+
+    if (password != null && confirmPassword != null && password.equals(confirmPassword)) {
+        LocalUserStore localUserStore = (LocalUserStore)session.getAttribute("LocalUserStore");
+        localUserStore.changePasswordByAdmin(userName, password);
+
+        response.sendRedirect("password.jsp?message=\"Password successfully change for user "
+                + userName + "\"&username=" + userName);
+    }
+
+%>
+
+<html>
+<head>
+    <script language="javascript" type="text/javascript">
+        function validatePassword(fld1name, regString) {
+            var stringValue = document.getElementsByName(fld1name)[0].value;
+            var errorMessage = "";
+            if(regString != "null" && !stringValue.match(new RegExp(regString))){
+                errorMessage = "Password does not meet minimum requirements. Password length must be at least 6 " +
+                        "characters.";
+                return errorMessage;
+            }else if(regString != "null" && stringValue == ''){
+                return errorMessage;
+            }
+
+            if (stringValue == '') {
+                errorMessage = "Empty passwords are not allowed. Please enter a valid password";
+                return errorMessage;
+            }
+
+            return errorMessage;
+        }
+
+        function validateUsername(fld1name) {
+            var stringValue = document.getElementsByName(fld1name)[0].value;
+            var errorMessage = "";
+
+            if (stringValue == '') {
+                errorMessage = "Empty user names are not allowed. Please enter a valid user name.";
+                return errorMessage;
+            }
+
+            return errorMessage;
+        }
+
+        function checkPasswordsMatching(fld1name, fld2name) {
+
+            var stringValue1 = document.getElementsByName(fld1name)[0].value;
+            var stringValue2 = document.getElementsByName(fld2name)[0].value;
+            var errorMessage = "";
+
+            if (stringValue1 != stringValue2) {
+                errorMessage = "Confirm password does not match with the password. Please re-enter passwords.";
+                return errorMessage;
+            }
+
+            return errorMessage;
+
+        }
+
+        function validate() {
+            var reason = "";
+
+            reason = validatePassword("newPassword", <%=LocalUserStore.getPasswordRegularExpression()%>);
+
+            if (reason != "") {
+                alert(reason);
+                document.getElementsByName("newPassword")[0].clear();
+                return false;
+            }
+
+            reason = checkPasswordsMatching("newPassword", "confirmPassword");
+
+            if (reason != "") {
+                alert(reason);
+                document.getElementsByName("newPassword")[0].clear();
+                document.getElementsByName("confirmPassword")[0].clear();
+                return false;
+            }
+
+            return true;
+        }
+
+        function doProcess() {
+            if (validate() == true) {
+                document.passwordForm.submit();
+            }
+        }
+
+        function displayMessage() {
+            var msg = <%=request.getParameter("message")%>;
+            if (msg != null) {
+                alert(msg);
+            }
+        }
+
+
+    </script>
+</head>
+
+<body onload="displayMessage()">
+<img src="../images/airavata-logo-2.png">
+<h2>Airavata REST API - Local User Store</h2>
+<p><b>Manage Local User Store - Change Password of user - <%=userName%></b></p>
+
+<form action="password.jsp" name="passwordForm" method="POST">
+
+    <input type="hidden" name="username" value="<%=userName%>">
+    <table>
+        <tr>
+            <td>New Password</td>
+            <td><input type="password" name="newPassword"/></td>
+        </tr>
+        <tr>
+            <td>Re-Type Password</td>
+            <td><input type="password" name="confirmPassword"/></td>
+        </tr>
+    </table>
+
+    <table>
+        <tr>
+            <td><input type="button" value="Change" onclick= 'doProcess()'></td>
+            <td><a href="index.jsp"><input type="button" value="Cancel" name="Cancel"/> </a> </td>
+        </tr>
+    </table>
+
+</form>
+
+</body>
+</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/cs-thrift-descriptions/credentialStoreCPI.thrift
----------------------------------------------------------------------
diff --git a/modules/credential-store/cs-thrift-descriptions/credentialStoreCPI.thrift b/modules/credential-store/cs-thrift-descriptions/credentialStoreCPI.thrift
new file mode 100644
index 0000000..f35e884
--- /dev/null
+++ b/modules/credential-store/cs-thrift-descriptions/credentialStoreCPI.thrift
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+/*
+ * Component Programming Interface definition for Apache Airavata GFac Service.
+ *
+*/
+
+include "credentialStoreDataModel.thrift"
+include "credentialStoreErrors.thrift"
+
+namespace java org.apache.airavata.credential.store.cpi
+
+const string CS_CPI_VERSION = "0.15.0"
+
+service CredentialStoreService {
+
+  /** Query CS server to fetch the CPI version */
+  string getCSServiceVersion(),
+
+  /**
+  * This method is to add SSHCredential which will return the token Id in success
+  **/
+  string addSSHCredential (1: required credentialStoreDataModel.SSHCredential sshCredential)
+                        throws (1:credentialStoreErrors.CredentialStoreException csException);
+
+  string addCertificateCredential (1: required credentialStoreDataModel.CertificateCredential certificateCredential)
+                        throws (1:credentialStoreErrors.CredentialStoreException csException);
+
+  string addPasswordCredential (1: required credentialStoreDataModel.PasswordCredential passwordCredential)
+                        throws (1:credentialStoreErrors.CredentialStoreException csException);
+
+  credentialStoreDataModel.SSHCredential getSSHCredential (1: required string tokenId, 2: required string gatewayId)
+                        throws (1:credentialStoreErrors.CredentialStoreException csException);
+
+  credentialStoreDataModel.CertificateCredential getCertificateCredential (1: required string tokenId, 2: required string gatewayId)
+                        throws (1:credentialStoreErrors.CredentialStoreException csException);
+
+  credentialStoreDataModel.PasswordCredential getPasswordCredential (1: required string tokenId, 2: required string gatewayId)
+                        throws (1:credentialStoreErrors.CredentialStoreException csException);
+
+
+
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/cs-thrift-descriptions/credentialStoreDataModel.thrift
----------------------------------------------------------------------
diff --git a/modules/credential-store/cs-thrift-descriptions/credentialStoreDataModel.thrift b/modules/credential-store/cs-thrift-descriptions/credentialStoreDataModel.thrift
new file mode 100644
index 0000000..ce4dc46
--- /dev/null
+++ b/modules/credential-store/cs-thrift-descriptions/credentialStoreDataModel.thrift
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+namespace java org.apache.airavata.credential.store.datamodel
+namespace php Airavata.Model.Credential.Store
+
+
+const string DEFAULT_ID = "DO_NOT_SET_AT_CLIENTS"
+
+
+struct SSHCredential {
+    1: required string gatewayId,
+    2: required string username,
+    3: required string passphrase,
+    4: optional string publicKey,
+    5: optional string privateKey,
+    6: optional i64 persistedTime,
+    7: optional string token
+}
+
+struct CommunityUser {
+    1: required string gatewayName,
+    2: required string username,
+    3: required string userEmail
+}
+
+struct CertificateCredential {
+    1: required CommunityUser communityUser,
+    2: required string x509Cert,
+    3: optional string notAfter,
+    4: optional string privateKey,
+    5: optional i64 lifeTime,
+    6: optional string notBefore
+    7: optional i64 persistedTime,
+    8: optional string token
+}
+
+struct PasswordCredential {
+    1: required string username,
+    2: required string password,
+    3: optional i64 persistedTime,
+    4: optional string token
+}

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/cs-thrift-descriptions/credentialStoreErrors.thrift
----------------------------------------------------------------------
diff --git a/modules/credential-store/cs-thrift-descriptions/credentialStoreErrors.thrift b/modules/credential-store/cs-thrift-descriptions/credentialStoreErrors.thrift
new file mode 100644
index 0000000..148d7f2
--- /dev/null
+++ b/modules/credential-store/cs-thrift-descriptions/credentialStoreErrors.thrift
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+/*
+* This file describes the definitions of the Error Messages that can occur
+*  when invoking Apache Airavata Services through the API. In addition Thrift provides
+*  built in funcationality to raise TApplicationException for all internal server errors.
+*/
+
+namespace java org.apache.airavata.credential.store.exception
+namespace php Airavata.Credential.Store.Error
+
+exception CredentialStoreException {
+  1: required string message
+}

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/cs-thrift-descriptions/generate-cs-stubs.sh
----------------------------------------------------------------------
diff --git a/modules/credential-store/cs-thrift-descriptions/generate-cs-stubs.sh b/modules/credential-store/cs-thrift-descriptions/generate-cs-stubs.sh
new file mode 100755
index 0000000..a1ca01f
--- /dev/null
+++ b/modules/credential-store/cs-thrift-descriptions/generate-cs-stubs.sh
@@ -0,0 +1,134 @@
+#! /usr/bin/env bash
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This script will regenerate the thrift code for Airavata Credential Store Server Skeltons and Client Stubs.
+
+
+# Global Constants used across the script
+REQUIRED_THRIFT_VERSION='0.9.1'
+BASE_TARGET_DIR='target'
+CS_SERVICE_DIR='../credential-store-stubs/src/main/java'
+
+# The Function fail prints error messages on failure and quits the script.
+fail() {
+    echo $@
+    exit 1
+}
+
+# The function add_license_header adds the ASF V2 license header to all java files within the specified generated
+#   directory. The function also adds suppress all warnings annotation to all public classes and enums
+#  To Call:
+#   add_license_header $generated_code_directory
+add_license_header() {
+
+    # Fetch the generated code directory passed as the argument
+    GENERATED_CODE_DIR=$1
+
+    # For all generated thrift code, add the suppress all warnings annotation
+    #  NOTE: In order to save the original file as a backup, use sed -i.orig in place of sed -i ''
+    find ${GENERATED_CODE_DIR} -name '*.java' -print0 | xargs -0 sed -i '' -e 's/public class /@SuppressWarnings("all") public class /'
+    find ${GENERATED_CODE_DIR} -name '*.java' -print0 | xargs -0 sed -i '' -e 's/public enum /@SuppressWarnings("all") public enum /'
+
+    # For each java file within the generated directory, add the ASF V2 LICENSE header
+    for f in $(find ${GENERATED_CODE_DIR} -name '*.java'); do
+      cat - ${f} >${f}-with-license <<EOF
+    /*
+     * Licensed to the Apache Software Foundation (ASF) under one or more
+     * contributor license agreements.  See the NOTICE file distributed with
+     * this work for additional information regarding copyright ownership.
+     * The ASF licenses this file to You under the Apache License, Version 2.0
+     * (the "License"); you may not use this file except in compliance with
+     * the License.  You may obtain a copy of the License at
+     *
+     *     http://www.apache.org/licenses/LICENSE-2.0
+     *
+     * Unless required by applicable law or agreed to in writing, software
+     * distributed under the License is distributed on an "AS IS" BASIS,
+     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     * See the License for the specific language governing permissions and
+     * limitations under the License.
+     */
+EOF
+    mv ${f}-with-license ${f}
+    done
+}
+
+# The function compares every generated java file with the one in specified existing source location. If the comparison
+#   shows a difference, then it replaces with the newly generated file (with added license header).
+#  To Call:
+#   copy_changed_files $generated_code_directory $existing_source_directory
+copy_changed_files() {
+
+    # Read all the function arguments
+    GENERATED_CODE_DIR=$1
+    WORKSPACE_SRC_DIR=$2
+
+    echo "Generated sources are in ${GENERATED_CODE_DIR}"
+    echo "Destination workspace is in ${WORKSPACE_SRC_DIR}"
+
+    # Check if the newly generated files exist in the targetted workspace, if not copy. Only changed files will be synced.
+    #  the extra slash to GENERATED_CODE_DIR is needed to ensure the parent directory itself is not copied.
+    rsync -auv ${GENERATED_CODE_DIR}/ ${WORKSPACE_SRC_DIR}
+}
+
+# Generation of thrift files will require installing Apache Thrift. Please add thrift to your path.
+#  Verify is thrift is installed, is in the path is at a specified version.
+VERSION=$(thrift -version 2>/dev/null | grep -F "${REQUIRED_THRIFT_VERSION}" |  wc -l)
+if [ "$VERSION" -ne 1 ] ; then
+    echo "****************************************************"
+    echo "*** thrift is not installed or is not in the path"
+    echo "***   expecting 'thrift -version' to return ${REQUIRED_THRIFT_VERSION}"
+    echo "*** generated code will not be updated"
+    fail "****************************************************"
+fi
+
+# Initialize the thrift arguments.
+#  Since most of the Airavata API and Data Models have includes, use recursive option by default.
+#  Generate all the files in target directory
+THRIFT_ARGS="-r -o ${BASE_TARGET_DIR}"
+# Ensure the required target directories exists, if not create.
+mkdir -p ${BASE_TARGET_DIR}
+
+#######################################################################
+# Generate/Update the Credential Store CPI service stubs
+#  To start with both the servicer and client are in same package, but
+#  needs to be split using a common generated api-boilerplate-code
+#######################################################################
+
+#Java generation directory
+JAVA_GEN_DIR=${BASE_TARGET_DIR}/gen-java
+
+# As a precaution  remove and previously generated files if exists
+rm -rf ${JAVA_GEN_DIR}
+
+# Using thrift Java generator, generate the java classes based on Airavata API. This
+#   The airavataAPI.thrift includes rest of data models.
+thrift ${THRIFT_ARGS} --gen java credentialStoreCPI.thrift || fail unable to generate java thrift classes
+thrift ${THRIFT_ARGS} --gen java credentialStoreDataModel.thrift || fail unable to generate java thrift classes
+
+
+# For the generated java classes add the ASF V2 License header
+add_license_header $JAVA_GEN_DIR
+
+# Compare the newly generated classes with existing java generated skeleton/stub sources and replace the changed ones.
+copy_changed_files ${JAVA_GEN_DIR} ${CS_SERVICE_DIR}
+
+# CleanUp: Delete the base target build directory
+#rm -rf ${BASE_TARGET_DIR}
+
+echo "Successfully generated new sources, compared against exiting code and replaced the changed files"
+exit 0

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/pom.xml
----------------------------------------------------------------------
diff --git a/modules/credential-store/pom.xml b/modules/credential-store/pom.xml
new file mode 100644
index 0000000..370cc9b
--- /dev/null
+++ b/modules/credential-store/pom.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file
+    distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under
+    the Apache License, Version 2.0 (theÏ "License"); you may not use this file except in compliance with the License. You may
+    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
+    in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+    ANY ~ KIND, either express or implied. See the License for the specific language governing permissions and limitations under
+    the License. -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <parent>
+        <groupId>org.apache.airavata</groupId>
+        <artifactId>airavata</artifactId>
+        <version>0.15-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>credential-store</artifactId>
+    <packaging>pom</packaging>
+    <name>Airavata Credential Store</name>
+    <url>http://airavata.apache.org/</url>
+
+    <profiles>
+        <profile>
+            <id>default</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <modules>
+                <module>credential-store-service</module>
+                <module>credential-store-stubs</module>
+                <module>credential-store-webapp</module>
+            </modules>
+        </profile>
+    </profiles>
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+    </properties>
+</project>

http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 512f21d..8f48edc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -520,7 +520,7 @@
 				<module>modules/registry</module>
 				<module>modules/app-catalog</module>
 				<module>modules/security</module>
-				<module>modules/credential-store-service</module>
+				<module>modules/credential-store</module>
 				<module>modules/orchestrator</module>
 				<module>tools</module>
 				<module>modules/server</module>
@@ -605,7 +605,7 @@
 				<module>modules/workflow-model</module>
 				<module>modules/registry</module>
 				<module>modules/security</module>
-				<module>modules/credential-store-service</module>
+				<module>modules/credential-store</module>
 				<module>modules/orchestrator</module>
 				<module>tools</module>
 				<module>modules/server</module>