moving security package and relevant files over to proprietary

LICENSE

@@ -16,6 +16,13 @@ if that directory exists, is licensed under the license defined in "proprietary/
 * Content outside of the above mentioned directories or restrictions above is
 available under the MIT License as defined below.
 
+Portions of this software are licensed as follows:
+
+* All content that resides under the "proprietary/" directory of this repository,
+if that directory exists, is licensed under the license defined in "proprietary/LICENSE".
+* Content outside of the above mentioned directories or restrictions above is
+available under the MIT License as defined below.
+
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights

common/src/main/java/stirling/software/common/configuration/FileFallbackTemplateResolver.java

@@ -10,7 +10,6 @@ import org.thymeleaf.IEngineConfiguration;
 import org.thymeleaf.templateresolver.AbstractConfigurableTemplateResolver;
 import org.thymeleaf.templateresource.FileTemplateResource;
 import org.thymeleaf.templateresource.ITemplateResource;
-
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.model.InputStreamTemplateResource;

common/src/main/java/stirling/software/common/model/ApplicationProperties.java

@@ -64,7 +64,7 @@ public class ApplicationProperties {
 
     @Bean
     public PropertySource<?> dynamicYamlPropertySource(ConfigurableEnvironment environment)
-            throws IOException {
+        throws IOException {
         String configPath = InstallationPathConfig.getSettingsPath();
         log.debug("Attempting to load settings from: " + configPath);
 
@@ -80,7 +80,7 @@ public class ApplicationProperties {
 
         EncodedResource encodedResource = new EncodedResource(resource);
         PropertySource<?> propertySource =
-                new YamlPropertySourceFactory().createPropertySource(null, encodedResource);
+            new YamlPropertySourceFactory().createPropertySource(null, encodedResource);
         environment.getPropertySources().addFirst(propertySource);
 
         log.debug("Loaded properties: " + propertySource.getSource());
@@ -138,25 +138,26 @@ public class ApplicationProperties {
 
         public boolean isUserPass() {
             return (loginMethod.equalsIgnoreCase(LoginMethods.NORMAL.toString())
-                    || loginMethod.equalsIgnoreCase(LoginMethods.ALL.toString()));
+                || loginMethod.equalsIgnoreCase(LoginMethods.ALL.toString()));
         }
 
         public boolean isOauth2Active() {
             return (oauth2 != null
-                    && oauth2.getEnabled()
+                && oauth2.getEnabled()
-                    && !loginMethod.equalsIgnoreCase(LoginMethods.NORMAL.toString()));
+                && !loginMethod.equalsIgnoreCase(LoginMethods.NORMAL.toString()));
         }
 
         public boolean isSaml2Active() {
             return (saml2 != null
-                    && saml2.getEnabled()
+                && saml2.getEnabled()
-                    && !loginMethod.equalsIgnoreCase(LoginMethods.NORMAL.toString()));
+                && !loginMethod.equalsIgnoreCase(LoginMethods.NORMAL.toString()));
         }
 
         @Data
         public static class InitialLogin {
             private String username;
-            @ToString.Exclude private String password;
+            @ToString.Exclude
+            private String password;
         }
 
         @Getter
@@ -179,7 +180,7 @@ public class ApplicationProperties {
             public InputStream getIdpMetadataUri() throws IOException {
                 if (idpMetadataUri.startsWith("classpath:")) {
                     return new ClassPathResource(idpMetadataUri.substring("classpath".length()))
-                            .getInputStream();
+                        .getInputStream();
                 }
                 try {
                     URI uri = new URI(idpMetadataUri);
@@ -234,7 +235,7 @@ public class ApplicationProperties {
 
             public void setScopes(String scopes) {
                 List<String> scopesList =
-                        Arrays.stream(scopes.split(",")).map(String::trim).toList();
+                    Arrays.stream(scopes.split(",")).map(String::trim).toList();
                 this.scopes.addAll(scopesList);
             }
 
@@ -248,10 +249,10 @@ public class ApplicationProperties {
 
             public boolean isSettingsValid() {
                 return !ValidationUtils.isStringEmpty(this.getIssuer())
-                        && !ValidationUtils.isStringEmpty(this.getClientId())
+                    && !ValidationUtils.isStringEmpty(this.getClientId())
-                        && !ValidationUtils.isStringEmpty(this.getClientSecret())
+                    && !ValidationUtils.isStringEmpty(this.getClientSecret())
-                        && !ValidationUtils.isCollectionEmpty(this.getScopes())
+                    && !ValidationUtils.isCollectionEmpty(this.getScopes())
-                        && !ValidationUtils.isStringEmpty(this.getUseAsUsername());
+                    && !ValidationUtils.isStringEmpty(this.getUseAsUsername());
             }
 
             @Data
@@ -265,12 +266,11 @@ public class ApplicationProperties {
                         case "google" -> getGoogle();
                         case "github" -> getGithub();
                         case "keycloak" -> getKeycloak();
-                        default ->
+                        default -> throw new UnsupportedProviderException(
-                                throw new UnsupportedProviderException(
+                            "Logout from the provider "
-                                        "Logout from the provider "
+                                + registrationId
-                                                + registrationId
+                                + " is not supported. "
-                                                + " is not supported. "
+                                + "Report it at https://github.com/Stirling-Tools/Stirling-PDF/issues");
-                                                + "Report it at https://github.com/Stirling-Tools/Stirling-PDF/issues");
                     };
                 }
             }
@@ -326,7 +326,8 @@ public class ApplicationProperties {
         private Integer port;
         private String name;
         private String username;
-        @ToString.Exclude private String password;
+        @ToString.Exclude
+        private String password;
     }
 
     public enum Driver {
@@ -344,11 +345,11 @@ public class ApplicationProperties {
         @Override
         public String toString() {
             return """
-                    Driver {
+                Driver {
-                      driverName='%s'
+                  driverName='%s'
-                    }
+                }
-                    """
+                """
-                    .formatted(driverName);
+                .formatted(driverName);
         }
     }
 
@@ -365,14 +366,14 @@ public class ApplicationProperties {
 
         public String getHomeDescription() {
             return homeDescription != null && homeDescription.trim().length() > 0
-                    ? homeDescription
+                ? homeDescription
-                    : null;
+                : null;
         }
 
         public String getAppNameNavbar() {
             return appNameNavbar != null && appNameNavbar.trim().length() > 0
-                    ? appNameNavbar
+                ? appNameNavbar
-                    : null;
+                : null;
         }
     }
 
@@ -458,8 +459,8 @@ public class ApplicationProperties {
 
                 public String getProducer() {
                     return producer == null || producer.trim().isEmpty()
-                            ? "Stirling-PDF"
+                        ? "Stirling-PDF"
-                            : producer;
+                        : producer;
                 }
             }
 

common/src/main/java/stirling/software/common/model/api/converters/HTMLToPdfRequest.java

@@ -4,7 +4,6 @@ import io.swagger.v3.oas.annotations.media.Schema;
 
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
 import stirling.software.common.model.api.PDFFile;
 
 @Data

common/src/main/java/stirling/software/common/model/oauth2/GitHubProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/GoogleProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/KeycloakProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/Provider.java

@@ -1,16 +1,13 @@
 package stirling.software.common.model.oauth2;
 
-import static stirling.software.common.model.enumeration.UsernameAttribute.EMAIL;
-
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
-
 import lombok.Data;
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 import stirling.software.common.model.exception.UnsupportedClaimException;
+import static stirling.software.common.model.enumeration.UsernameAttribute.EMAIL;
 
 @Data
 @NoArgsConstructor

common/src/main/java/stirling/software/common/service/PostHogService.java

@@ -26,6 +26,7 @@ import org.springframework.stereotype.Service;
 import com.posthog.java.PostHog;
 
 import stirling.software.common.model.ApplicationProperties;
+import stirling.software.common.service.UserServiceInterface;
 
 @Service
 public class PostHogService {

common/src/main/java/stirling/software/common/util/FileMonitor.java

@@ -17,7 +17,6 @@ import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
 
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.RuntimePathConfig;
 
 @Component

common/src/main/java/stirling/software/common/util/PdfUtils.java

@@ -34,7 +34,6 @@ import org.springframework.web.multipart.MultipartFile;
 import io.github.pixee.security.Filenames;
 
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.service.CustomPDFDocumentFactory;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/ProviderUtils.java

@@ -1,11 +1,19 @@
 package stirling.software.common.util;
 
+<<<<<<<< HEAD:common/src/main/java/stirling/software/common/util/ProviderUtils.java
 import static stirling.software.common.util.ValidationUtils.isCollectionEmpty;
 import static stirling.software.common.util.ValidationUtils.isStringEmpty;
 
 import stirling.software.common.model.oauth2.Provider;
 
 public class ProviderUtils {
+========
+import stirling.software.common.model.provider.Provider;
+import static stirling.software.common.util.ValidationUtil.isCollectionEmpty;
+import static stirling.software.common.util.ValidationUtil.isStringEmpty;
+
+public class ProviderUtil {
+>>>>>>>> 7d4baf22 (renaming module):common/src/main/java/stirling/software/common/util/ProviderUtil.java
 
     public static boolean validateProvider(Provider provider) {
         if (provider == null) {

common/src/main/java/stirling/software/common/util/RequestUriUtils.java

@@ -1,6 +1,6 @@
 package stirling.software.common.util;
 
-public class RequestUriUtils {
+public class RequestUriUtil {
 
     public static boolean isStaticResource(String requestURI) {
         return isStaticResource("", requestURI);

common/src/main/java/stirling/software/common/util/ValidationUtil.java

@@ -0,0 +1,15 @@
+package stirling.software.common.util;
+
+import java.util.Collection;
+import stirling.software.common.model.provider.Provider;
+
+public class ValidationUtil {
+
+    public static boolean isStringEmpty(String input) {
+        return input == null || input.isBlank();
+    }
+
+    public static boolean isCollectionEmpty(Collection<String> input) {
+        return input == null || input.isEmpty();
+    }
+}

common/src/main/java/stirling/software/common/util/misc/InvertFullColorStrategy.java

@@ -18,7 +18,6 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;
 import org.apache.pdfbox.rendering.PDFRenderer;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.web.multipart.MultipartFile;
-
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 
 public class InvertFullColorStrategy extends ReplaceAndInvertColorStrategy {

common/src/main/java/stirling/software/common/util/propertyeditor/StringToArrayListPropertyEditor.java

@@ -9,7 +9,6 @@ import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.security.RedactionArea;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/propertyeditor/StringToMapPropertyEditor.java

@@ -14,7 +14,8 @@ public class StringToMapPropertyEditor extends PropertyEditorSupport {
     @Override
     public void setAsText(String text) throws IllegalArgumentException {
         try {
-            TypeReference<HashMap<String, String>> typeRef = new TypeReference<>() {};
+            TypeReference<HashMap<String, String>> typeRef =
+                new TypeReference<>() {};
             Map<String, String> map = objectMapper.readValue(text, typeRef);
             setValue(map);
         } catch (Exception e) {

common/src/test/java/stirling/software/common/util/ProviderUtilsTest.java

@@ -19,7 +19,11 @@ import stirling.software.common.model.oauth2.GoogleProvider;
 import stirling.software.common.model.oauth2.Provider;
 
 @ExtendWith(MockitoExtension.class)
+<<<<<<<< HEAD:common/src/test/java/stirling/software/common/util/ProviderUtilsTest.java
 class ProviderUtilsTest {
+========
+class ProviderUtilTest {
+>>>>>>>> 7d4baf22 (renaming module):common/src/test/java/stirling/software/common/util/ProviderUtilTest.java
 
     @Test
     void testSuccessfulValidation() {
@@ -29,13 +33,21 @@ class ProviderUtilsTest {
         when(provider.getClientSecret()).thenReturn("clientSecret");
         when(provider.getScopes()).thenReturn(List.of("read:user"));
 
+<<<<<<<< HEAD:common/src/test/java/stirling/software/common/util/ProviderUtilsTest.java
         Assertions.assertTrue(ProviderUtils.validateProvider(provider));
+========
+        assertTrue(ProviderUtil.validateProvider(provider));
+>>>>>>>> 7d4baf22 (renaming module):common/src/test/java/stirling/software/common/util/ProviderUtilTest.java
     }
 
     @ParameterizedTest
     @MethodSource("providerParams")
     void testUnsuccessfulValidation(Provider provider) {
+<<<<<<<< HEAD:common/src/test/java/stirling/software/common/util/ProviderUtilsTest.java
         Assertions.assertFalse(ProviderUtils.validateProvider(provider));
+========
+        assertFalse(ProviderUtil.validateProvider(provider));
+>>>>>>>> 7d4baf22 (renaming module):common/src/test/java/stirling/software/common/util/ProviderUtilTest.java
     }
 
     public static Stream<Arguments> providerParams() {

common/src/test/java/stirling/software/common/util/RequestUriUtilTest.java

@@ -0,0 +1,26 @@
+package stirling.software.common.util;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import org.junit.jupiter.api.Test;
+
+public class RequestUriUtilTest {
+
+    @Test
+    public void testIsStaticResource() {
+        assertTrue(RequestUriUtil.isStaticResource("/css/styles.css"));
+        assertTrue(RequestUriUtil.isStaticResource("/js/script.js"));
+        assertTrue(RequestUriUtil.isStaticResource("/images/logo.png"));
+        assertTrue(RequestUriUtil.isStaticResource("/public/index.html"));
+        assertTrue(RequestUriUtil.isStaticResource("/pdfjs/pdf.worker.js"));
+        assertTrue(RequestUriUtil.isStaticResource("/api/v1/info/status"));
+        assertTrue(RequestUriUtil.isStaticResource("/some-path/icon.svg"));
+        assertFalse(RequestUriUtil.isStaticResource("/api/v1/users"));
+        assertFalse(RequestUriUtil.isStaticResource("/api/v1/orders"));
+        assertFalse(RequestUriUtil.isStaticResource("/"));
+        assertTrue(RequestUriUtil.isStaticResource("/login"));
+        assertFalse(RequestUriUtil.isStaticResource("/register"));
+        assertFalse(RequestUriUtil.isStaticResource("/api/v1/products"));
+    }
+}

enterprise/.gitignore

@@ -0,0 +1,196 @@
+### Eclipse ###
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.exe
+*.swp
+*~.nib
+local.properties
+.settings/
+.loadpath
+.recommenders
+.classpath
+.project
+version.properties
+
+#### Stirling-PDF Files ###
+pipeline/watchedFolders/
+pipeline/finishedFolders/
+customFiles/
+configs/
+watchedFolders/
+clientWebUI/
+!cucumber/
+!cucumber/exampleFiles/
+!cucumber/exampleFiles/example_html.zip
+exampleYmlFiles/stirling/
+/testing/file_snapshots
+SwaggerDoc.json
+
+# Gradle
+.gradle
+.lock
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# PyDev specific (Python IDE for Eclipse)
+*.pydevproject
+
+# CDT-specific (C/C++ Development Tooling)
+.cproject
+
+# CDT- autotools
+.autotools
+
+# Java annotation processor (APT)
+.factorypath
+
+# PDT-specific (PHP Development Tools)
+.buildpath
+
+# sbteclipse plugin
+.target
+
+# Tern plugin
+.tern-project
+
+# TeXlipse plugin
+.texlipse
+
+# STS (Spring Tool Suite)
+.springBeans
+
+# Code Recommenders
+.recommenders/
+
+# Annotation Processing
+.apt_generated/
+.apt_generated_test/
+
+# Scala IDE specific (Scala & Java development for Eclipse)
+.cache-main
+.scala_dependencies
+.worksheet
+
+# Uncomment this line if you wish to ignore the project description file.
+# Typically, this file would be tracked if it contains build/dependency configurations:
+#.project
+
+### Eclipse Patch ###
+# Spring Boot Tooling
+.sts4-cache/
+
+### Git ###
+# Created by git for backups. To disable backups in Git:
+# $ git config --global mergetool.keepBackup false
+*.orig
+
+# Created by git when using merge tools for conflicts
+*.BACKUP.*
+*.BASE.*
+*.LOCAL.*
+*.REMOTE.*
+*_BACKUP_*.txt
+*_BASE_*.txt
+*_LOCAL_*.txt
+*_REMOTE_*.txt
+
+### Java ###
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+*.db
+/build
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*.pyo
+
+# Virtual environments
+.env*
+.venv*
+env*/
+venv*/
+ENV/
+env.bak/
+venv.bak/
+
+# VS Code
+/.vscode/**/*
+!/.vscode/settings.json
+!/.vscode/extensions.json
+
+# IntelliJ IDEA
+.idea/
+*.iml
+out/
+
+# Ignore Mac DS_Store files
+.DS_Store
+**/.DS_Store
+
+# cucumber
+/cucumber/reports/**
+
+# Certs and Security Files
+*.p12
+*.pk8
+*.pem
+*.crt
+*.cer
+*.cert
+*.der
+*.key
+*.csr
+*.kdbx
+*.jks
+*.asc
+
+# SSH Keys
+*.pub
+*.priv
+id_rsa
+id_rsa.pub
+id_ecdsa
+id_ecdsa.pub
+id_ed25519
+id_ed25519.pub
+.ssh/
+*ssh
+
+# cache
+.cache
+.ruff_cache
+.mypy_cache
+.pytest_cache
+.ipynb_checkpoints
+
+**/jcef-bundle/
+
+# node_modules
+node_modules/
+*.mjs

enterprise/LICENSE

@@ -0,0 +1,45 @@
+§§Stirling PDF Enterprise Edition (EE) license (the “EE License”)
+
+Copyright (c) 2025-present Stirling Tools
+
+With regard to the Stirling PDF Software:
+
+This software and associated documentation files (the "Software") may only be
+used in production, if you (and any entity that you represent) have agreed to,
+and are in compliance with, the Stirling PDF Terms of Service, available
+at https://www.stirlingpdf.com/terms-and-conditions (the “EE Terms”), or other
+agreement governing the use of the Software, as agreed by you and Stirling PDF,
+and otherwise have a valid Stirling PDF Enterprise Edition subscription for the
+correct number of user seats. Subject to the foregoing sentence, you are free to
+modify this Software and publish patches to the Software. You agree that Stirling PDF
+and/or its licensors (as applicable) retain all right, title and interest in and
+to all such modifications and/or patches, and all such modifications and/or
+patches may only be used, copied, modified, displayed, distributed, or otherwise
+exploited with a valid Stirling PDF Enterprise Edition subscription for the  correct
+number of user seats.  Notwithstanding the foregoing, you may copy and modify
+the Software for development and testing purposes, without requiring a
+subscription.  You agree that Stirling PDF and/or its licensors (as applicable) retain
+all right, title and interest in and to all such modifications.  You are not
+granted any other rights beyond what is expressly stated herein. Subject to the
+foregoing, it is forbidden to copy, merge, publish, distribute, sublicense,
+and/or sell the Software.
+
+This EE License applies only to the part of this Software that is not
+distributed as part of MIT License. Any part of this Software
+distributed as part of MIT License or is served client-side as an image, font,
+cascading stylesheet (CSS), file which produces or is compiled, arranged,
+augmented, or combined into client-side JavaScript, in whole or in part, is
+copyrighted under the MIT Expat license. The full text of this EE License shall
+be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+For all third party components incorporated into the Stirling PDF Software, those
+components are licensed under the original license provided by the owner of the
+applicable component.

enterprise/build.gradle

@@ -0,0 +1,125 @@
+plugins {
+    id 'java-library'
+    id 'io.spring.dependency-management' version '1.1.7'
+}
+
+group = 'stirling.software'
+version = '0.46.0'
+
+repositories {
+    mavenCentral()
+    maven { url = "https://build.shibboleth.net/maven/releases" }
+    maven { url = "https://maven.pkg.github.com/jcefmaven/jcefmaven" }
+}
+
+java {
+    // 17 is lowest but we support and recommend 21
+    sourceCompatibility = JavaVersion.VERSION_17
+}
+
+ext {
+    lombokVersion = "1.18.38"
+}
+
+sourceSets {
+    main {
+        java {
+            if (System.getenv("DOCKER_ENABLE_SECURITY") == "false") {
+                exclude 'stirling/software/enterprise/security/UserAuthenticationFilter.java'
+                exclude 'stirling/software/enterprise/security/UserBasedRateLimitingFilter.java'
+                exclude 'stirling/software/enterprise/security/CustomAuthenticationSuccessHandler.java'
+                exclude 'stirling/software/enterprise/security/CustomLogoutSuccessHandler.java'
+                exclude 'stirling/software/enterprise/security/FirstLoginFilter.java'
+                exclude 'stirling/software/enterprise/security/IPRateLimitingFilter.java'
+                exclude 'stirling/software/enterprise/security/RateLimitResetScheduler.java'
+                exclude 'stirling/software/enterprise/security/CustomAuthenticationFailureHandler.java'
+                exclude 'stirling/software/enterprise/security/InitialSecuritySetup.java'
+                exclude 'stirling/software/enterprise/security/configuration/**'
+                exclude 'stirling/software/enterprise/security/controller/**'
+                exclude 'stirling/software/enterprise/security/database/**'
+                exclude 'stirling/software/enterprise/security/oauth2/**'
+                exclude 'stirling/software/enterprise/security/saml2/**'
+                exclude 'stirling/software/enterprise/security/service/**'
+                exclude 'stirling/software/enterprise/security/session/**'
+                exclude 'stirling/software/enterprise/security/model/ApiKeyAuthenticationToken.java'
+                exclude 'stirling/software/enterprise/security/model/AttemptCounter.java'
+                exclude 'stirling/software/enterprise/security/model/Authority.java'
+                exclude 'stirling/software/enterprise/security/model/BackupNotFoundException.java'
+                exclude 'stirling/software/enterprise/security/model/PersistentLogin.java'
+                exclude 'stirling/software/enterprise/security/model/SessionEntity.java'
+                exclude 'stirling/software/enterprise/security/model/User.java'
+            }
+        }
+
+        test {
+            java {
+                if (System.getenv("DOCKER_ENABLE_SECURITY") == "false") {
+                    exclude 'stirling/software/enterprise/security/**'
+                }
+            }
+        }
+    }
+}
+
+configurations.all {
+    exclude group: 'commons-logging', module: 'commons-logging'
+    exclude group: "org.springframework.boot", module: "spring-boot-starter-tomcat"
+}
+
+dependencyManagement {
+    imports {
+        mavenBom 'org.springframework.boot:spring-boot-dependencies:3.4.5'
+    }
+}
+
+dependencies {
+    implementation project(':common')
+
+    implementation 'org.springframework.boot:spring-boot-starter-jetty'
+    implementation 'io.swagger.core.v3:swagger-core-jakarta:2.2.30'
+    implementation 'org.springframework:spring-webmvc:6.2.6'
+    implementation 'com.posthog.java:posthog:1.2.0'
+
+    // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17
+    implementation 'com.bucket4j:bucket4j_jdk17-core:8.14.0'
+    implementation 'io.github.pixee:java-security-toolkit:1.2.1'
+    implementation 'org.bouncycastle:bcprov-jdk18on:1.80'
+
+    if (System.getenv('DOCKER_ENABLE_SECURITY') != 'false') {
+        implementation 'io.micrometer:micrometer-registry-prometheus'
+
+        implementation 'org.springframework.boot:spring-boot-starter-security'
+        implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE'
+        implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+        implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
+
+        implementation "org.springframework.session:spring-session-core:3.4.3"
+        implementation "org.springframework:spring-jdbc:6.2.6"
+
+        implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
+        // Don't upgrade h2database
+        runtimeOnly "com.h2database:h2:2.3.232"
+        runtimeOnly "org.postgresql:postgresql:42.7.5"
+        constraints {
+            implementation "org.opensaml:opensaml-core:$openSamlVersion"
+            implementation "org.opensaml:opensaml-saml-api:$openSamlVersion"
+            implementation "org.opensaml:opensaml-saml-impl:$openSamlVersion"
+        }
+        implementation "org.springframework.security:spring-security-saml2-service-provider:$springSecuritySamlVersion"
+        // implementation 'org.springframework.security:spring-security-core:$springSecuritySamlVersion'
+        implementation 'com.coveo:saml-client:5.0.0'
+
+    }
+
+    compileOnly "org.projectlombok:lombok:$lombokVersion"
+    annotationProcessor "org.projectlombok:lombok:$lombokVersion"
+
+    testImplementation platform('org.junit:junit-bom:5.10.0')
+    testImplementation 'org.junit.jupiter:junit-jupiter'
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+//    testRuntimeOnly 'org.mockito:mockito-inline:5.2.0'
+}
+
+test {
+    useJUnitPlatform()
+}

enterprise/src/main/java/stirling/software/enterprise/security/configuration/DatabaseConfig.java

@@ -0,0 +1,164 @@
+<<<<<<<< HEAD:common/src/main/java/stirling/software/common/configuration/DatabaseConfig.java
+package stirling.software.SPDF.config.security.database;
+========
+package stirling.software.enterprise.security.configuration;
+>>>>>>>> 7d4baf22 (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/configuration/DatabaseConfig.java
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Qualifier;
+<<<<<<<< HEAD:common/src/main/java/stirling/software/common/configuration/DatabaseConfig.java
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+========
+import org.springframework.boot.autoconfigure.domain.EntityScan;
+>>>>>>>> 7d4baf22 (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/configuration/DatabaseConfig.java
+import org.springframework.boot.jdbc.DataSourceBuilder;
+import org.springframework.boot.jdbc.DatabaseDriver;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+<<<<<<<< HEAD:common/src/main/java/stirling/software/common/configuration/DatabaseConfig.java
+import org.springframework.context.annotation.Lazy;
+
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+
+========
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
+>>>>>>>> 7d4baf22 (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/configuration/DatabaseConfig.java
+import stirling.software.common.configuration.InstallationPathConfig;
+import stirling.software.common.model.ApplicationProperties;
+import stirling.software.common.model.exception.UnsupportedProviderException;
+
+@Slf4j
+@Getter
+@Lazy
+@Configuration
+<<<<<<<< HEAD:common/src/main/java/stirling/software/common/configuration/DatabaseConfig.java
+@ConditionalOnProperty(name = "premium.proFeatures.database", havingValue = "true")
+========
+@EnableJpaRepositories(basePackages = "stirling.software.enterprise.security.database.repository")
+@EntityScan({"stirling.software.enterprise.security.model"})
+>>>>>>>> 7d4baf22 (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/configuration/DatabaseConfig.java
+public class DatabaseConfig {
+
+    public final String DATASOURCE_DEFAULT_URL;
+
+    public static final String DATASOURCE_URL_TEMPLATE = "jdbc:%s://%s:%4d/%s";
+    public static final String DEFAULT_USERNAME = "sa";
+
+    private final ApplicationProperties.Datasource datasource;
+    private final boolean runningProOrHigher;
+
+    public DatabaseConfig(
+            ApplicationProperties.Datasource datasource,
+            @Qualifier("runningProOrHigher") boolean runningProOrHigher) {
+        DATASOURCE_DEFAULT_URL =
+                "jdbc:h2:file:"
+                        + InstallationPathConfig.getConfigPath()
+                        + "stirling-pdf-DB-2.3.232;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE;MODE=PostgreSQL";
+        log.debug("Database URL: {}", DATASOURCE_DEFAULT_URL);
+        this.datasource = datasource;
+        this.runningProOrHigher = runningProOrHigher;
+    }
+
+    /**
+     * Creates the <code>DataSource</code> for the connection to the DB. If <code>useDefault</code>
+     * is set to <code>true</code>, it will use the default H2 DB. If it is set to <code>false
+     * </code>, it will use the user's custom configuration set in the settings.yml.
+     *
+     * @return a <code>DataSource</code> using the configuration settings in the settings.yml
+     * @throws UnsupportedProviderException if the type of database selected is not supported
+     */
+    @Bean
+    @Qualifier("dataSource")
+    public DataSource dataSource() throws UnsupportedProviderException {
+        DataSourceBuilder<?> dataSourceBuilder = DataSourceBuilder.create();
+
+        if (!runningProOrHigher) {
+            return useDefaultDataSource(dataSourceBuilder);
+        }
+
+        if (!datasource.isEnableCustomDatabase()) {
+            return useDefaultDataSource(dataSourceBuilder);
+        }
+
+        log.info("Using custom database configuration");
+
+        if (!datasource.getCustomDatabaseUrl().isBlank()) {
+            if (datasource.getCustomDatabaseUrl().contains("postgresql")) {
+                dataSourceBuilder.driverClassName(DatabaseDriver.POSTGRESQL.getDriverClassName());
+            }
+
+            dataSourceBuilder.url(datasource.getCustomDatabaseUrl());
+        } else {
+            dataSourceBuilder.driverClassName(getDriverClassName(datasource.getType()));
+            dataSourceBuilder.url(
+                    generateCustomDataSourceUrl(
+                            datasource.getType(),
+                            datasource.getHostName(),
+                            datasource.getPort(),
+                            datasource.getName()));
+        }
+        dataSourceBuilder.username(datasource.getUsername());
+        dataSourceBuilder.password(datasource.getPassword());
+
+        return dataSourceBuilder.build();
+    }
+
+    private DataSource useDefaultDataSource(DataSourceBuilder<?> dataSourceBuilder) {
+        log.info("Using default H2 database");
+
+        dataSourceBuilder.url(DATASOURCE_DEFAULT_URL)
+            .driverClassName(DatabaseDriver.H2.getDriverClassName())
+            .username(DEFAULT_USERNAME);
+
+        return dataSourceBuilder.build();
+    }
+
+    /**
+     * Generate the URL the <code>DataSource</code> will use to connect to the database
+     *
+     * @param dataSourceType the type of the database
+     * @param hostname the host name
+     * @param port the port number to use for the database
+     * @param dataSourceName the name the database to connect to
+     * @return the <code>DataSource</code> URL
+     */
+    private String generateCustomDataSourceUrl(
+            String dataSourceType, String hostname, Integer port, String dataSourceName) {
+        return DATASOURCE_URL_TEMPLATE.formatted(dataSourceType, hostname, port, dataSourceName);
+    }
+
+    /**
+     * Selects the database driver based on the type of database chosen.
+     *
+     * @param driverName the type of the driver (e.g. 'h2', 'postgresql')
+     * @return the fully qualified driver for the database chosen
+     * @throws UnsupportedProviderException when an unsupported database is selected
+     */
+    private String getDriverClassName(String driverName) throws UnsupportedProviderException {
+        try {
+            ApplicationProperties.Driver driver =
+                    ApplicationProperties.Driver.valueOf(driverName.toUpperCase());
+
+            switch (driver) {
+                case H2 -> {
+                    log.debug("H2 driver selected");
+                    return DatabaseDriver.H2.getDriverClassName();
+                }
+                case POSTGRESQL -> {
+                    log.debug("Postgres driver selected");
+                    return DatabaseDriver.POSTGRESQL.getDriverClassName();
+                }
+                default -> {
+                    log.warn("{} driver selected", driverName);
+                    throw new UnsupportedProviderException(
+                            driverName + " is not currently supported");
+                }
+            }
+        } catch (IllegalArgumentException e) {
+            log.warn("Unknown driver: {}", driverName);
+            throw new UnsupportedProviderException(driverName + " is not currently supported");
+        }
+    }
+}

enterprise/src/main/java/stirling/software/enterprise/security/configuration/SecurityConfiguration.java

@@ -0,0 +1,321 @@
+package stirling.software.enterprise.security.configuration;
+
+import java.util.Optional;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.DependsOn;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.security.authentication.ProviderManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
+import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
+import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
+import org.springframework.security.web.savedrequest.NullRequestCache;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import stirling.software.common.configuration.AppConfig;
+import stirling.software.common.model.ApplicationProperties;
+import stirling.software.enterprise.security.CustomAuthenticationFailureHandler;
+import stirling.software.enterprise.security.CustomAuthenticationSuccessHandler;
+import stirling.software.enterprise.security.CustomLogoutSuccessHandler;
+import stirling.software.enterprise.security.filter.FirstLoginFilter;
+import stirling.software.enterprise.security.filter.IPRateLimitingFilter;
+import stirling.software.enterprise.security.filter.UserAuthenticationFilter;
+import stirling.software.enterprise.security.database.repository.JPATokenRepositoryImpl;
+import stirling.software.enterprise.security.database.repository.PersistentLoginRepository;
+import stirling.software.enterprise.security.model.User;
+import stirling.software.enterprise.security.oauth2.CustomOAuth2AuthenticationFailureHandler;
+import stirling.software.enterprise.security.oauth2.CustomOAuth2AuthenticationSuccessHandler;
+import stirling.software.enterprise.security.saml2.CustomSaml2AuthenticationFailureHandler;
+import stirling.software.enterprise.security.saml2.CustomSaml2AuthenticationSuccessHandler;
+import stirling.software.enterprise.security.saml2.CustomSaml2ResponseAuthenticationConverter;
+import stirling.software.enterprise.security.service.CustomOAuth2UserService;
+import stirling.software.enterprise.security.service.CustomUserDetailsService;
+import stirling.software.enterprise.security.service.LoginAttemptService;
+import stirling.software.enterprise.security.service.UserService;
+import stirling.software.enterprise.security.session.SessionPersistentRegistry;
+
+@Configuration
+@EnableWebSecurity
+@EnableMethodSecurity
+@Slf4j
+@DependsOn("runningProOrHigher")
+public class SecurityConfiguration {
+
+    private final CustomUserDetailsService userDetailsService;
+    private final UserService userService;
+    private final boolean loginEnabledValue;
+    private final boolean runningProOrHigher;
+
+    private final ApplicationProperties applicationProperties;
+    private final AppConfig appConfig;
+    private final UserAuthenticationFilter userAuthenticationFilter;
+    private final LoginAttemptService loginAttemptService;
+    private final FirstLoginFilter firstLoginFilter;
+    private final SessionPersistentRegistry sessionRegistry;
+    private final PersistentLoginRepository persistentLoginRepository;
+    private final GrantedAuthoritiesMapper oAuth2userAuthoritiesMapper;
+    private final RelyingPartyRegistrationRepository saml2RelyingPartyRegistrations;
+    private final OpenSaml4AuthenticationRequestResolver saml2AuthenticationRequestResolver;
+
+    public SecurityConfiguration(
+        PersistentLoginRepository persistentLoginRepository,
+        CustomUserDetailsService userDetailsService,
+        @Lazy UserService userService,
+        @Qualifier("loginEnabled") boolean loginEnabledValue,
+        @Qualifier("runningProOrHigher") boolean runningProOrHigher,
+        AppConfig appConfig,
+        ApplicationProperties applicationProperties,
+        UserAuthenticationFilter userAuthenticationFilter,
+        LoginAttemptService loginAttemptService,
+        FirstLoginFilter firstLoginFilter,
+        SessionPersistentRegistry sessionRegistry,
+        @Autowired(required = false) GrantedAuthoritiesMapper oAuth2userAuthoritiesMapper,
+        @Autowired(required = false)
+        RelyingPartyRegistrationRepository saml2RelyingPartyRegistrations,
+        @Autowired(required = false)
+        OpenSaml4AuthenticationRequestResolver saml2AuthenticationRequestResolver) {
+        this.userDetailsService = userDetailsService;
+        this.userService = userService;
+        this.loginEnabledValue = loginEnabledValue;
+        this.runningProOrHigher = runningProOrHigher;
+        this.appConfig = appConfig;
+        this.applicationProperties = applicationProperties;
+        this.userAuthenticationFilter = userAuthenticationFilter;
+        this.loginAttemptService = loginAttemptService;
+        this.firstLoginFilter = firstLoginFilter;
+        this.sessionRegistry = sessionRegistry;
+        this.persistentLoginRepository = persistentLoginRepository;
+        this.oAuth2userAuthoritiesMapper = oAuth2userAuthoritiesMapper;
+        this.saml2RelyingPartyRegistrations = saml2RelyingPartyRegistrations;
+        this.saml2AuthenticationRequestResolver = saml2AuthenticationRequestResolver;
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        if (applicationProperties.getSecurity().getCsrfDisabled() || !loginEnabledValue) {
+            http.csrf(csrf -> csrf.disable());
+        }
+
+        if (loginEnabledValue) {
+            http.addFilterBefore(
+                userAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+            if (!applicationProperties.getSecurity().getCsrfDisabled()) {
+                CookieCsrfTokenRepository cookieRepo =
+                    CookieCsrfTokenRepository.withHttpOnlyFalse();
+                CsrfTokenRequestAttributeHandler requestHandler =
+                    new CsrfTokenRequestAttributeHandler();
+                requestHandler.setCsrfRequestAttributeName(null);
+                http.csrf(
+                    csrf ->
+                        csrf.ignoringRequestMatchers(
+                                request -> {
+                                    String apiKey = request.getHeader("X-API-KEY");
+                                    // If there's no API key, don't ignore CSRF
+                                    // (return false)
+                                    if (apiKey == null || apiKey.trim().isEmpty()) {
+                                        return false;
+                                    }
+                                    // Validate API key using existing UserService
+                                    try {
+                                        Optional<User> user =
+                                            userService.getUserByApiKey(apiKey);
+                                        // If API key is valid, ignore CSRF (return
+                                        // true)
+                                        // If API key is invalid, don't ignore CSRF
+                                        // (return false)
+                                        return user.isPresent();
+                                    } catch (Exception e) {
+                                        // If there's any error validating the API
+                                        // key, don't ignore CSRF
+                                        return false;
+                                    }
+                                })
+                            .csrfTokenRepository(cookieRepo)
+                            .csrfTokenRequestHandler(requestHandler));
+            }
+            http.addFilterBefore(rateLimitingFilter(), UsernamePasswordAuthenticationFilter.class);
+            http.addFilterAfter(firstLoginFilter, UsernamePasswordAuthenticationFilter.class);
+            http.sessionManagement(
+                sessionManagement ->
+                    sessionManagement
+                        .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
+                        .maximumSessions(10)
+                        .maxSessionsPreventsLogin(false)
+                        .sessionRegistry(sessionRegistry)
+                        .expiredUrl("/login?logout=true"));
+            http.authenticationProvider(daoAuthenticationProvider());
+            http.requestCache(requestCache -> requestCache.requestCache(new NullRequestCache()));
+            http.logout(
+                logout ->
+                    logout.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
+                        .logoutSuccessHandler(
+                            new CustomLogoutSuccessHandler(applicationProperties, appConfig))
+                        .clearAuthentication(true)
+                        .invalidateHttpSession(true)
+                        .deleteCookies("JSESSIONID", "remember-me"));
+            http.rememberMe(
+                rememberMeConfigurer -> // Use the configurator directly
+                    rememberMeConfigurer
+                        .tokenRepository(persistentTokenRepository())
+                        .tokenValiditySeconds( // 14 days
+                            14 * 24 * 60 * 60)
+                        .userDetailsService( // Your existing UserDetailsService
+                            userDetailsService)
+                        .useSecureCookie( // Enable secure cookie
+                            true)
+                        .rememberMeParameter( // Form parameter name
+                            "remember-me")
+                        .rememberMeCookieName( // Cookie name
+                            "remember-me")
+                        .alwaysRemember(false));
+            http.authorizeHttpRequests(
+                authz ->
+                    authz.requestMatchers(
+                            req -> {
+                                String uri = req.getRequestURI();
+                                String contextPath = req.getContextPath();
+                                // Remove the context path from the URI
+                                String trimmedUri =
+                                    uri.startsWith(contextPath)
+                                        ? uri.substring(
+                                        contextPath.length())
+                                        : uri;
+                                return trimmedUri.startsWith("/login")
+                                    || trimmedUri.startsWith("/oauth")
+                                    || trimmedUri.startsWith("/saml2")
+                                    || trimmedUri.endsWith(".svg")
+                                    || trimmedUri.startsWith("/register")
+                                    || trimmedUri.startsWith("/error")
+                                    || trimmedUri.startsWith("/images/")
+                                    || trimmedUri.startsWith("/public/")
+                                    || trimmedUri.startsWith("/css/")
+                                    || trimmedUri.startsWith("/fonts/")
+                                    || trimmedUri.startsWith("/js/")
+                                    || trimmedUri.startsWith(
+                                    "/api/v1/info/status");
+                            })
+                        .permitAll()
+                        .anyRequest()
+                        .authenticated());
+            // Handle User/Password Logins
+            if (applicationProperties.getSecurity().isUserPass()) {
+                http.formLogin(
+                    formLogin ->
+                        formLogin
+                            .loginPage("/login")
+                            .successHandler(
+                                new CustomAuthenticationSuccessHandler(
+                                    loginAttemptService, userService))
+                            .failureHandler(
+                                new CustomAuthenticationFailureHandler(
+                                    loginAttemptService, userService))
+                            .defaultSuccessUrl("/")
+                            .permitAll());
+            }
+            // Handle OAUTH2 Logins
+            if (applicationProperties.getSecurity().isOauth2Active()) {
+                http.oauth2Login(
+                    oauth2 ->
+                        oauth2.loginPage("/oauth2")
+                            /*
+                            This Custom handler is used to check if the OAUTH2 user trying to log in, already exists in the database.
+                            If user exists, login proceeds as usual. If user does not exist, then it is auto-created but only if 'OAUTH2AutoCreateUser'
+                            is set as true, else login fails with an error message advising the same.
+                             */
+                            .successHandler(
+                                new CustomOAuth2AuthenticationSuccessHandler(
+                                    loginAttemptService,
+                                    applicationProperties,
+                                    userService))
+                            .failureHandler(
+                                new CustomOAuth2AuthenticationFailureHandler())
+                            . // Add existing Authorities from the database
+                            userInfoEndpoint(
+                            userInfoEndpoint ->
+                                userInfoEndpoint
+                                    .oidcUserService(
+                                        new CustomOAuth2UserService(
+                                            applicationProperties,
+                                            userService,
+                                            loginAttemptService))
+                                    .userAuthoritiesMapper(
+                                        oAuth2userAuthoritiesMapper))
+                            .permitAll());
+            }
+            // Handle SAML
+            if (applicationProperties.getSecurity().isSaml2Active() && runningProOrHigher) {
+                // Configure the authentication provider
+                OpenSaml4AuthenticationProvider authenticationProvider =
+                    new OpenSaml4AuthenticationProvider();
+                authenticationProvider.setResponseAuthenticationConverter(
+                    new CustomSaml2ResponseAuthenticationConverter(userService));
+                http.authenticationProvider(authenticationProvider)
+                    .saml2Login(
+                        saml2 -> {
+                            try {
+                                saml2.loginPage("/saml2")
+                                    .relyingPartyRegistrationRepository(
+                                        saml2RelyingPartyRegistrations)
+                                    .authenticationManager(
+                                        new ProviderManager(authenticationProvider))
+                                    .successHandler(
+                                        new CustomSaml2AuthenticationSuccessHandler(
+                                            loginAttemptService,
+                                            applicationProperties,
+                                            userService))
+                                    .failureHandler(
+                                        new CustomSaml2AuthenticationFailureHandler())
+                                    .authenticationRequestResolver(
+                                        saml2AuthenticationRequestResolver);
+                            } catch (Exception e) {
+                                log.error("Error configuring SAML 2 login", e);
+                                throw new RuntimeException(e);
+                            }
+                        });
+            }
+        } else {
+            log.debug("SAML 2 login is not enabled. Using default.");
+            http.authorizeHttpRequests(authz -> authz.anyRequest().permitAll());
+        }
+        return http.build();
+    }
+
+    public DaoAuthenticationProvider daoAuthenticationProvider() {
+        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
+        provider.setUserDetailsService(userDetailsService);
+        provider.setPasswordEncoder(passwordEncoder());
+        return provider;
+    }
+
+    @Bean
+    public IPRateLimitingFilter rateLimitingFilter() {
+        // Example limit TODO add config level
+        int maxRequestsPerIp = 1000000;
+        return new IPRateLimitingFilter(maxRequestsPerIp, maxRequestsPerIp);
+    }
+
+    @Bean
+    public PersistentTokenRepository persistentTokenRepository() {
+        return new JPATokenRepositoryImpl(persistentLoginRepository);
+    }
+}

enterprise/src/main/java/stirling/software/enterprise/security/model/api/user/UpdateUserDetails.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.enterprise.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

enterprise/src/main/java/stirling/software/enterprise/security/model/api/user/UpdateUserUsername.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.enterprise.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

enterprise/src/main/java/stirling/software/enterprise/security/model/api/user/Username.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.enterprise.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

enterprise/src/main/java/stirling/software/enterprise/security/model/api/user/UsernameAndPass.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.enterprise.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationSuccessHandler.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationSuccessHandler.java
 package stirling.software.proprietary.security;
+========
+package stirling.software.enterprise.security;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/CustomAuthenticationSuccessHandler.java
 
 import java.io.IOException;
 
@@ -14,8 +18,16 @@ import jakarta.servlet.http.HttpSession;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.util.RequestUriUtils;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationSuccessHandler.java
 import stirling.software.proprietary.security.service.LoginAttemptService;
 import stirling.software.proprietary.security.service.UserService;
+========
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.security.web.savedrequest.SavedRequest;
+import stirling.software.enterprise.security.service.LoginAttemptService;
+import stirling.software.enterprise.security.service.UserService;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/CustomAuthenticationSuccessHandler.java
 
 @Slf4j
 public class CustomAuthenticationSuccessHandler

proprietary/src/main/java/stirling/software/proprietary/security/CustomLogoutSuccessHandler.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/CustomLogoutSuccessHandler.java
 package stirling.software.proprietary.security;
+========
+package stirling.software.enterprise.security;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/CustomLogoutSuccessHandler.java
 
 import java.io.IOException;
 import java.security.cert.X509Certificate;
@@ -28,8 +32,13 @@ import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
 import stirling.software.common.model.oauth2.KeycloakProvider;
 import stirling.software.common.util.UrlUtils;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/CustomLogoutSuccessHandler.java
 import stirling.software.proprietary.security.saml2.CertificateUtils;
 import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
+========
+import stirling.software.enterprise.security.saml2.CertificateUtils;
+import stirling.software.enterprise.security.saml2.CustomSaml2AuthenticatedPrincipal;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/CustomLogoutSuccessHandler.java
 
 @Slf4j
 @RequiredArgsConstructor
@@ -40,6 +49,8 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
     private final ApplicationProperties applicationProperties;
     private final AppConfig appConfig;
 
+    private final AppConfig appConfig;
+
     @Override
     public void onLogoutSuccess(
             HttpServletRequest request, HttpServletResponse response, Authentication authentication)

proprietary/src/main/java/stirling/software/proprietary/security/configuration/MailConfig.java

@@ -10,7 +10,6 @@ import org.springframework.mail.javamail.JavaMailSenderImpl;
 
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 
 /**

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java
 package stirling.software.proprietary.security.controller.web;
+========
+package stirling.software.enterprise.security.controller.web;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/controller/web/DatabaseWebController.java
 
 import java.util.List;
 
@@ -15,7 +19,11 @@ import jakarta.servlet.http.HttpServletRequest;
 import lombok.RequiredArgsConstructor;
 
 import stirling.software.common.model.FileInfo;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java
 import stirling.software.proprietary.security.service.DatabaseService;
+========
+import stirling.software.enterprise.security.service.DatabaseService;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/controller/web/DatabaseWebController.java
 
 @Controller
 @Tag(name = "Database Management", description = "Database management and security APIs")

proprietary/src/main/java/stirling/software/proprietary/security/database/H2SQLCondition.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/database/H2SQLCondition.java
 package stirling.software.proprietary.security.database;
+========
+package stirling.software.enterprise.security.database;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/database/H2SQLCondition.java
 
 import org.springframework.context.annotation.Condition;
 import org.springframework.context.annotation.ConditionContext;

proprietary/src/main/java/stirling/software/proprietary/security/database/ScheduledTasks.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/database/ScheduledTasks.java
 package stirling.software.proprietary.security.database;
+========
+package stirling.software.enterprise.security.database;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/database/ScheduledTasks.java
 
 import java.sql.SQLException;
 
@@ -9,7 +13,11 @@ import org.springframework.stereotype.Component;
 import lombok.RequiredArgsConstructor;
 
 import stirling.software.common.model.exception.UnsupportedProviderException;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/database/ScheduledTasks.java
 import stirling.software.proprietary.security.service.DatabaseServiceInterface;
+========
+import stirling.software.enterprise.security.service.DatabaseServiceInterface;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/database/ScheduledTasks.java
 
 @Component
 @Conditional(H2SQLCondition.class)

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/PersistentLoginRepository.java

@@ -1,9 +1,18 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/database/repository/PersistentLoginRepository.java
 package stirling.software.proprietary.security.database.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
 import stirling.software.proprietary.security.model.PersistentLogin;
+========
+package stirling.software.enterprise.security.database.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import stirling.software.enterprise.security.model.PersistentLogin;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/database/repository/PersistentLoginRepository.java
 
 @Repository
 public interface PersistentLoginRepository extends JpaRepository<PersistentLogin, String> {

proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java
 package stirling.software.proprietary.security.filter;
+========
+package stirling.software.enterprise.security.filter;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/EnterpriseEndpointFilter.java
 
 import java.io.IOException;
 

proprietary/src/main/java/stirling/software/proprietary/security/filter/FirstLoginFilter.java

@@ -1,4 +1,24 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/FirstLoginFilter.java
 package stirling.software.proprietary.security.filter;
+========
+package stirling.software.enterprise.security.filter;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import java.io.IOException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Optional;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/FirstLoginFilter.java
 
 import java.io.IOException;
 import java.text.SimpleDateFormat;
@@ -20,8 +40,13 @@ import jakarta.servlet.http.HttpSession;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.util.RequestUriUtils;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/FirstLoginFilter.java
 import stirling.software.proprietary.security.model.User;
 import stirling.software.proprietary.security.service.UserService;
+========
+import stirling.software.enterprise.security.model.User;
+import stirling.software.enterprise.security.service.UserService;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/FirstLoginFilter.java
 
 @Slf4j
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/filter/IPRateLimitingFilter.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/IPRateLimitingFilter.java
 package stirling.software.proprietary.security.filter;
+========
+package stirling.software.enterprise.security.filter;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/IPRateLimitingFilter.java
 
 import java.io.IOException;
 import java.util.concurrent.ConcurrentHashMap;

proprietary/src/main/java/stirling/software/proprietary/security/filter/UserAuthenticationFilter.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/UserAuthenticationFilter.java
 package stirling.software.proprietary.security.filter;
+========
+package stirling.software.enterprise.security.filter;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/UserAuthenticationFilter.java
 
 import java.io.IOException;
 import java.util.List;
@@ -27,11 +31,19 @@ import lombok.extern.slf4j.Slf4j;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/UserAuthenticationFilter.java
 import stirling.software.proprietary.security.model.ApiKeyAuthenticationToken;
 import stirling.software.proprietary.security.model.User;
 import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
 import stirling.software.proprietary.security.service.UserService;
 import stirling.software.proprietary.security.session.SessionPersistentRegistry;
+========
+import stirling.software.enterprise.security.model.ApiKeyAuthenticationToken;
+import stirling.software.enterprise.security.model.User;
+import stirling.software.enterprise.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.enterprise.security.service.UserService;
+import stirling.software.enterprise.security.session.SessionPersistentRegistry;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/UserAuthenticationFilter.java
 
 @Slf4j
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/filter/UserBasedRateLimitingFilter.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/filter/UserBasedRateLimitingFilter.java
 package stirling.software.proprietary.security.filter;
+========
+package stirling.software.enterprise.security.filter;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/filter/UserBasedRateLimitingFilter.java
 
 import java.io.IOException;
 import java.time.Duration;

proprietary/src/main/java/stirling/software/proprietary/security/model/ApiKeyAuthenticationToken.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/ApiKeyAuthenticationToken.java
 package stirling.software.proprietary.security.model;
+========
+package stirling.software.enterprise.security.model;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/model/ApiKeyAuthenticationToken.java
 
 import java.util.Collection;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/AttemptCounter.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/AttemptCounter.java
 package stirling.software.proprietary.security.model;
+========
+package stirling.software.enterprise.security.model;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/model/AttemptCounter.java
 
 public class AttemptCounter {
     private int attemptCount;

proprietary/src/main/java/stirling/software/proprietary/security/model/Authority.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/Authority.java
 package stirling.software.proprietary.security.model;
+========
+package stirling.software.enterprise.security.model;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/model/Authority.java
 
 import java.io.Serializable;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/PersistentLogin.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/PersistentLogin.java
 package stirling.software.proprietary.security.model;
+========
+package stirling.software.enterprise.security.model;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/model/PersistentLogin.java
 
 import java.util.Date;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/SessionEntity.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/SessionEntity.java
 package stirling.software.proprietary.security.model;
+========
+package stirling.software.enterprise.security.model;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/model/SessionEntity.java
 
 import java.io.Serializable;
 import java.util.Date;

proprietary/src/main/java/stirling/software/proprietary/security/model/User.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/User.java
 package stirling.software.proprietary.security.model;
+========
+package stirling.software.enterprise.security.model;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/model/User.java
 
 import java.io.Serializable;
 import java.util.HashMap;
@@ -14,6 +18,7 @@ import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.Setter;
 import lombok.ToString;
+import stirling.software.common.model.enumeration.Role;
 
 import stirling.software.common.model.enumeration.Role;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/exception/BackupNotFoundException.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/exception/BackupNotFoundException.java
 package stirling.software.proprietary.security.model.exception;
+========
+package stirling.software.common.model.exception;
+>>>>>>>> f833293d (renaming module):common/src/main/java/stirling/software/common/model/exception/BackupNotFoundException.java
 
 public class BackupNotFoundException extends RuntimeException {
     public BackupNotFoundException(String message) {

proprietary/src/main/java/stirling/software/proprietary/security/model/exception/NoProviderFoundException.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/model/exception/NoProviderFoundException.java
 package stirling.software.proprietary.security.model.exception;
+========
+package stirling.software.common.model.exception;
+>>>>>>>> f833293d (renaming module):common/src/main/java/stirling/software/common/model/exception/NoProviderFoundException.java
 
 public class NoProviderFoundException extends Exception {
     public NoProviderFoundException(String message) {

proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java

@@ -1,7 +1,14 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java
 package stirling.software.proprietary.security.oauth2;
+========
+package stirling.software.enterprise.security.oauth2;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java
 
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.LockedException;
@@ -10,12 +17,6 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.extern.slf4j.Slf4j;
-
 @Slf4j
 public class CustomOAuth2AuthenticationFailureHandler
         extends SimpleUrlAuthenticationFailureHandler {

proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java
 package stirling.software.proprietary.security.oauth2;
+========
+package stirling.software.enterprise.security.oauth2;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java
 
 import java.io.IOException;
 import java.sql.SQLException;

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CertificateUtils.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/saml2/CertificateUtils.java
 package stirling.software.proprietary.security.saml2;
+========
+package stirling.software.enterprise.security.saml2;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/saml2/CertificateUtils.java
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStreamReader;
@@ -6,7 +10,6 @@ import java.nio.charset.StandardCharsets;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPrivateKey;
-
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.openssl.PEMKeyPair;
 import org.bouncycastle.openssl.PEMParser;

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticatedPrincipal.java

@@ -1,9 +1,12 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticatedPrincipal.java
 package stirling.software.proprietary.security.saml2;
+========
+package stirling.software.enterprise.security.saml2;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/saml2/CustomSaml2AuthenticatedPrincipal.java
 
 import java.io.Serializable;
 import java.util.List;
 import java.util.Map;
-
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal;
 

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationFailureHandler.java

@@ -1,7 +1,13 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationFailureHandler.java
 package stirling.software.proprietary.security.saml2;
+========
+package stirling.software.enterprise.security.saml2;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/saml2/CustomSaml2AuthenticationFailureHandler.java
 
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.authentication.ProviderNotFoundException;
 import org.springframework.security.core.AuthenticationException;
@@ -9,11 +15,6 @@ import org.springframework.security.saml2.core.Saml2Error;
 import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.extern.slf4j.Slf4j;
-
 @Slf4j
 @ConditionalOnProperty(name = "security.saml2.enabled", havingValue = "true")
 public class CustomSaml2AuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

proprietary/src/main/java/stirling/software/proprietary/security/saml2/SAML2Configuration.java

@@ -1,9 +1,15 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/saml2/SAML2Configuration.java
 package stirling.software.proprietary.security.saml2;
+========
+package stirling.software.enterprise.security.saml2;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/saml2/SAML2Configuration.java
 
+import jakarta.servlet.http.HttpServletRequest;
 import java.security.cert.X509Certificate;
 import java.util.Collections;
 import java.util.UUID;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.opensaml.saml.saml2.core.AuthnRequest;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -19,12 +25,6 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP
 import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
 import org.springframework.security.saml2.provider.service.web.HttpSessionSaml2AuthenticationRequestRepository;
 import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
-
-import jakarta.servlet.http.HttpServletRequest;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
 

proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java
 package stirling.software.proprietary.security.service;
+========
+package stirling.software.enterprise.security.service;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/AppUpdateAuthService.java
 
 import java.util.Optional;
 
@@ -10,8 +14,13 @@ import lombok.RequiredArgsConstructor;
 
 import stirling.software.common.configuration.interfaces.ShowAdminInterface;
 import stirling.software.common.model.ApplicationProperties;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java
 import stirling.software.proprietary.security.database.repository.UserRepository;
 import stirling.software.proprietary.security.model.User;
+========
+import stirling.software.enterprise.security.database.repository.UserRepository;
+import stirling.software.enterprise.security.model.User;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/AppUpdateAuthService.java
 
 @Service
 @RequiredArgsConstructor

proprietary/src/main/java/stirling/software/proprietary/security/service/CustomOAuth2UserService.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/CustomOAuth2UserService.java
 package stirling.software.proprietary.security.service;
+========
+package stirling.software.enterprise.security.service;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/CustomOAuth2UserService.java
 
 import java.util.Optional;
 
@@ -16,7 +20,11 @@ import lombok.extern.slf4j.Slf4j;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.enumeration.UsernameAttribute;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/CustomOAuth2UserService.java
 import stirling.software.proprietary.security.model.User;
+========
+import stirling.software.enterprise.security.model.User;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/CustomOAuth2UserService.java
 
 @Slf4j
 public class CustomOAuth2UserService implements OAuth2UserService<OidcUserRequest, OidcUser> {

proprietary/src/main/java/stirling/software/proprietary/security/service/DatabaseServiceInterface.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/DatabaseServiceInterface.java
 package stirling.software.proprietary.security.service;
+========
+package stirling.software.enterprise.security.service;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/DatabaseServiceInterface.java
 
 import java.sql.SQLException;
 import java.util.List;

proprietary/src/main/java/stirling/software/proprietary/security/service/LoginAttemptService.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/LoginAttemptService.java
 package stirling.software.proprietary.security.service;
+========
+package stirling.software.enterprise.security.service;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/LoginAttemptService.java
 
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.TimeUnit;
@@ -11,7 +15,11 @@ import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.model.ApplicationProperties;
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/service/LoginAttemptService.java
 import stirling.software.proprietary.security.model.AttemptCounter;
+========
+import stirling.software.enterprise.security.model.AttemptCounter;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/service/LoginAttemptService.java
 
 @Service
 @Slf4j

proprietary/src/main/java/stirling/software/proprietary/security/session/CustomHttpSessionListener.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/session/CustomHttpSessionListener.java
 package stirling.software.proprietary.security.session;
+========
+package stirling.software.enterprise.security.session;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/session/CustomHttpSessionListener.java
 
 import org.springframework.stereotype.Component;
 

proprietary/src/main/java/stirling/software/proprietary/security/session/SessionRegistryConfig.java

@@ -3,6 +3,7 @@ package stirling.software.proprietary.security.session;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.core.session.SessionRegistryImpl;
+import stirling.software.proprietary.security.database.repository.SessionRepository;
 
 import stirling.software.proprietary.security.database.repository.SessionRepository;
 
@@ -17,8 +18,7 @@ public class SessionRegistryConfig {
     }
 
     @Bean
-    public SessionPersistentRegistry sessionPersistentRegistry(
+    public SessionPersistentRegistry sessionPersistentRegistry(SessionRepository sessionRepository) {
-            SessionRepository sessionRepository) {
         return new SessionPersistentRegistry(sessionRepository);
     }
 }

proprietary/src/main/java/stirling/software/proprietary/security/session/SessionScheduled.java

@@ -1,16 +1,18 @@
+<<<<<<<< HEAD:proprietary/src/main/java/stirling/software/proprietary/security/session/SessionScheduled.java
 package stirling.software.proprietary.security.session;
+========
+package stirling.software.enterprise.security.session;
+>>>>>>>> f833293d (renaming module):enterprise/src/main/java/stirling/software/enterprise/security/session/SessionScheduled.java
 
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Date;
 import java.util.List;
-
+import lombok.RequiredArgsConstructor;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.stereotype.Component;
 
-import lombok.RequiredArgsConstructor;
-
 @Component
 @RequiredArgsConstructor
 public class SessionScheduled {

proprietary/src/test/java/stirling/software/proprietary/security/CustomLogoutSuccessHandlerTest.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/test/java/stirling/software/proprietary/security/CustomLogoutSuccessHandlerTest.java
 package stirling.software.proprietary.security;
+========
+package stirling.software.enterprise.security;
+>>>>>>>> f833293d (renaming module):enterprise/src/test/java/stirling/software/enterprise/security/CustomLogoutSuccessHandlerTest.java
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;

proprietary/src/test/java/stirling/software/proprietary/security/configuration/DatabaseConfigTest.java

@@ -1,4 +1,8 @@
+<<<<<<<< HEAD:proprietary/src/test/java/stirling/software/proprietary/security/configuration/DatabaseConfigTest.java
 package stirling.software.proprietary.security.configuration;
+========
+package stirling.software.enterprise.security.configuration;
+>>>>>>>> f833293d (renaming module):enterprise/src/test/java/stirling/software/enterprise/security/configuration/DatabaseConfigTest.java
 
 import javax.sql.DataSource;
 import org.junit.jupiter.api.BeforeEach;

src/main/java/stirling/software/SPDF/EE/configuration/EEAppConfig.java

@@ -1,13 +1,13 @@
-package stirling.software.SPDF.EE;
+package stirling.software.SPDF.EE.configuration;
 
+import static stirling.software.SPDF.EE.configuration.KeygenLicenseVerifier.License;
+
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 
-import lombok.extern.slf4j.Slf4j;
-
-import stirling.software.SPDF.EE.KeygenLicenseVerifier.License;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.EnterpriseEdition;
 import stirling.software.common.model.ApplicationProperties.Premium;
@@ -15,7 +15,6 @@ import stirling.software.common.model.ApplicationProperties.Premium.ProFeatures.
 
 @Configuration
 @Order(Ordered.HIGHEST_PRECEDENCE)
-@Slf4j
 public class EEAppConfig {
 
     private final ApplicationProperties applicationProperties;
@@ -30,6 +29,7 @@ public class EEAppConfig {
     }
 
     @Bean(name = "runningProOrHigher")
+    @Qualifier("runningProOrHigher")
     public boolean runningProOrHigher() {
         return licenseKeyChecker.getPremiumLicenseEnabledResult() != License.NORMAL;
     }

src/main/java/stirling/software/SPDF/EE/configuration/KeygenLicenseVerifier.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.EE;
+package stirling.software.SPDF.EE.configuration;
 
 import java.net.URI;
 import java.net.http.HttpClient;
@@ -27,7 +27,7 @@ import stirling.software.common.util.GeneralUtils;
 @RequiredArgsConstructor
 public class KeygenLicenseVerifier {
 
-    enum License {
+    public enum License {
         NORMAL,
         PRO,
         ENTERPRISE

src/main/java/stirling/software/SPDF/EE/configuration/LicenseKeyChecker.java

@@ -14,8 +14,8 @@ import stirling.software.SPDF.EE.KeygenLicenseVerifier.License;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.util.GeneralUtils;
 
-@Component
 @Slf4j
+@Component
 public class LicenseKeyChecker {
 
     private static final String FILE_PREFIX = "file:";

src/main/java/stirling/software/SPDF/config/fingerprint/FingerprintBasedSessionFilter.java

@@ -12,7 +12,7 @@
 // import jakarta.servlet.http.HttpServletResponse;
 // import jakarta.servlet.http.HttpSession;
 // import lombok.extern.slf4j.Slf4j;
-// import stirling.software.SPDF.utils.RequestUriUtils;
+// import stirling.software.common.util.RequestUriUtils;
 //
 //// @Component
 // @Slf4j

src/main/java/stirling/software/SPDF/controller/api/pipeline/PipelineDirectoryProcessor.java

@@ -35,8 +35,8 @@ import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.PipelineConfig;
 import stirling.software.SPDF.model.PipelineOperation;
 import stirling.software.SPDF.model.PipelineResult;
+import stirling.software.SPDF.service.PostHogService;
 import stirling.software.common.configuration.RuntimePathConfig;
-import stirling.software.common.service.PostHogService;
 import stirling.software.common.util.FileMonitor;
 
 @Service

src/main/java/stirling/software/SPDF/controller/api/security/RedactController.java

@@ -33,8 +33,8 @@ import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.PDFText;
 import stirling.software.SPDF.model.api.security.ManualRedactPdfRequest;
 import stirling.software.SPDF.model.api.security.RedactPdfRequest;
-import stirling.software.SPDF.model.api.security.RedactionArea;
 import stirling.software.SPDF.pdf.TextFinder;
+import stirling.software.common.model.api.security.RedactionArea;
 import stirling.software.common.service.CustomPDFDocumentFactory;
 import stirling.software.common.util.GeneralUtils;
 import stirling.software.common.util.PdfUtils;

src/main/java/stirling/software/SPDF/model/api/converters/ConvertToImageRequest.java

@@ -5,7 +5,7 @@ import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 
-import stirling.software.SPDF.model.api.PDFWithPageNums;
+import stirling.software.common.model.api.PDFWithPageNums;
 
 @Data
 @EqualsAndHashCode(callSuper = true)

src/main/java/stirling/software/SPDF/model/api/security/ManualRedactPdfRequest.java

@@ -8,6 +8,7 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 
 import stirling.software.SPDF.model.api.PDFWithPageNums;
+import stirling.software.common.model.api.security.RedactionArea;
 
 @Data
 @EqualsAndHashCode(callSuper = true)

src/main/java/stirling/software/SPDF/model/api/security/RedactionArea.java

@@ -1,28 +0,0 @@
-package stirling.software.SPDF.model.api.security;
-
-import io.swagger.v3.oas.annotations.media.Schema;
-
-import lombok.Data;
-import lombok.EqualsAndHashCode;
-
-@Data
-@EqualsAndHashCode
-public class RedactionArea {
-    @Schema(description = "The left edge point of the area to be redacted.")
-    private Double x;
-
-    @Schema(description = "The top edge point of the area to be redacted.")
-    private Double y;
-
-    @Schema(description = "The height of the area to be redacted.")
-    private Double height;
-
-    @Schema(description = "The width of the area to be redacted.")
-    private Double width;
-
-    @Schema(description = "The page on which the area should be redacted.")
-    private Integer page;
-
-    @Schema(description = "The color used to redact the specified area.")
-    private String color;
-}