clean up

updating paths (DOCKER_SECURITY_ENABLE > ADDITIONAL_FEATURES)

.gitattributes

@@ -1,10 +1,10 @@
 * text=auto eol=lf
 
 # Ignore all JavaScript files in a directory
-src/main/resources/static/pdfjs/* linguist-vendored
-src/main/resources/static/pdfjs/** linguist-vendored
-src/main/resources/static/pdfjs-legacy/* linguist-vendored
-src/main/resources/static/pdfjs-legacy/** linguist-vendored
-src/main/resources/static/css/bootstrap-icons.css linguist-vendored
-src/main/resources/static/css/bootstrap.min.css linguist-vendored
-src/main/resources/static/css/fonts/* linguist-vendored
+stirling-pdf/src/main/resources/static/pdfjs/* linguist-vendored
+stirling-pdf/src/main/resources/static/pdfjs/** linguist-vendored
+stirling-pdf/src/main/resources/static/pdfjs-legacy/* linguist-vendored
+stirling-pdf/src/main/resources/static/pdfjs-legacy/** linguist-vendored
+stirling-pdf/src/main/resources/static/css/bootstrap-icons.css linguist-vendored
+stirling-pdf/src/main/resources/static/css/bootstrap.min.css linguist-vendored
+stirling-pdf/src/main/resources/static/css/fonts/* linguist-vendored

.github/labeler-config.yml

@@ -1,60 +1,45 @@
 Translation:
   - changed-files:
-    - any-glob-to-any-file: 'src/main/resources/messages_*_*.properties'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/messages_*_*.properties'
     - any-glob-to-any-file: 'scripts/ignore_translation.toml'
-    - any-glob-to-any-file: 'src/main/resources/templates/fragments/languages.html'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/templates/fragments/languages.html'
 
 Front End:
   - changed-files:
-    - any-glob-to-any-file: 'src/main/resources/templates/**/*'
-    - any-glob-to-any-file: 'src/main/resources/static/**/*'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/web/**'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/UI/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/templates/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/static/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/controller/web/**'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/UI/**/*'
 
 Java:
   - changed-files:
-    - any-glob-to-any-file: 'src/main/java/**/*.java'
+    - any-glob-to-any-file: 'common/src/main/java/**/*.java'
+    - any-glob-to-any-file: 'proprietary/src/main/java/**/*.java'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/**/*.java'
 
 Back End:
   - changed-files:
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/config/**/*'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/**/*'
-    - any-glob-to-any-file: 'src/main/resources/settings.yml.template'
-    - any-glob-to-any-file: 'src/main/resources/application.properties'
-    - any-glob-to-any-file: 'src/main/resources/banner.txt'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/config/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/controller/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/settings.yml.template'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/application.properties'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/resources/banner.txt'
     - any-glob-to-any-file: 'scripts/png_to_webp.py'
     - any-glob-to-any-file: 'split_photos.py'
 
 Security:
   - changed-files:
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/config/interfaces/DatabaseInterface.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/config/security/**/*'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/api/DatabaseController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/api/EmailController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/api/H2SQLController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/web/AccountWebController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/web/DatabaseWebController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/api/UserController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/api/Email.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/exception/BackupNotFoundException.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/exception/NoProviderFoundExceptionjava'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/provider/**/*'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/AuthenticationType.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/ApiKeyAuthenticationToken.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/AttemptCounter.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/Authority.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/PersistentLogin.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/SessionEntity.java'
+    - any-glob-to-any-file: 'proprietary/src/main/java/stirling/software/proprietary/security/**/*'
     - any-glob-to-any-file: 'scripts/download-security-jar.sh'
     - any-glob-to-any-file: '.github/workflows/dependency-review.yml'
     - any-glob-to-any-file: '.github/workflows/scorecards.yml'
 
 API:
   - changed-files:
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/config/OpenApiConfig.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/web/MetricsController.java'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/controller/api/**/*'
-    - any-glob-to-any-file: 'src/main/java/stirling/software/SPDF/model/api/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/controller/api/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/main/java/stirling/software/SPDF/model/api/**/*'
     - any-glob-to-any-file: 'scripts/png_to_webp.py'
     - any-glob-to-any-file: 'split_photos.py'
     - any-glob-to-any-file: '.github/workflows/swagger.yml'
@@ -88,7 +73,9 @@ Devtools:
 Test:
   - changed-files:
     - any-glob-to-any-file: 'cucumber/**/*'
-    - any-glob-to-any-file: 'src/test/**/*'
+    - any-glob-to-any-file: 'common/src/test/**/*'
+    - any-glob-to-any-file: 'proprietary/src/test/**/*'
+    - any-glob-to-any-file: 'stirling-pdf/src/test/**/*'
     - any-glob-to-any-file: 'src/testing/**/*'
     - any-glob-to-any-file: '.pre-commit-config'
     - any-glob-to-any-file: '.github/workflows/pre_commit.yml'

.github/scripts/check_language_properties.py

@@ -317,7 +317,7 @@ def check_for_differences(reference_file, file_list, branch, actor):
         report.append("## ❌ Overall Check Status: **_Failed_**")
         report.append("")
         report.append(
-            f"@{actor} please check your translation if it conforms to the standard. Follow the format of [messages_en_GB.properties](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/src/main/resources/messages_en_GB.properties)"
+            f"@{actor} please check your translation if it conforms to the standard. Follow the format of [messages_en_GB.properties](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/stirling-pdf/src/main/resources/messages_en_GB.properties)"
         )
     else:
         report.append("## ✅ Overall Check Status: **_Success_**")

.github/workflows/PR-Demo-Comment-with-react.yml

@@ -156,9 +156,9 @@ jobs:
       - name: Run Gradle Command
         run: |
           if [ "${{ needs.check-comment.outputs.enable_security }}" == "true" ]; then
-            export DOCKER_ENABLE_SECURITY=true
+            export ADDITIONAL_FEATURES_OFF=false
           else
-            export DOCKER_ENABLE_SECURITY=false
+            export ADDITIONAL_FEATURES_OFF=true
           fi
           ./gradlew clean build
         env:
@@ -223,7 +223,7 @@ jobs:
                 - /stirling/PR-${{ needs.check-comment.outputs.pr_number }}/config:/configs:rw
                 - /stirling/PR-${{ needs.check-comment.outputs.pr_number }}/logs:/logs:rw
               environment:
-                DOCKER_ENABLE_SECURITY: "${DOCKER_SECURITY}"
+                ADDITIONAL_FEATURES_OFF: "${DOCKER_SECURITY}"
                 SECURITY_ENABLELOGIN: "${LOGIN_SECURITY}"
                 SYSTEM_DEFAULTLOCALE: en-GB
                 UI_APPNAME: "Stirling-PDF PR#${{ needs.check-comment.outputs.pr_number }}"

.github/workflows/build.yml

@@ -40,12 +40,12 @@ jobs:
       - name: Build with Gradle and no spring security
         run: ./gradlew clean build
         env:
-          DOCKER_ENABLE_SECURITY: false
+          ADDITIONAL_FEATURES_OFF: true
 
       - name: Build with Gradle and with spring security
         run: ./gradlew clean build
         env:
-          DOCKER_ENABLE_SECURITY: true
+          ADDITIONAL_FEATURES_OFF: false
 
       - name: Upload Test Reports
         if: always()

.github/workflows/check_properties.yml

@@ -4,7 +4,7 @@ on:
   pull_request_target:
     types: [opened, synchronize, reopened]
     paths:
-      - "src/main/resources/messages_*.properties"
+      - "stirling-pdf/src/main/resources/messages_*.properties"
 
 permissions:
   contents: read # Allow read access to repository content
@@ -61,7 +61,7 @@ jobs:
         run: |
           echo "Fetching PR changed files..."
           echo "Getting list of changed files from PR..."
-          gh pr view ${{ steps.get-pr-data.outputs.pr_number }} --json files -q ".files[].path" | grep -E '^src/main/resources/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}\.properties$' > changed_files.txt # Filter only matching property files
+          gh pr view ${{ steps.get-pr-data.outputs.pr_number }} --json files -q ".files[].path" | grep -E '^stirling-pdf/src/main/resources/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}\.properties$' > changed_files.txt # Filter only matching property files
 
       - name: Determine reference file test
         id: determine-file
@@ -141,12 +141,12 @@ jobs:
 
             // Determine reference file
             let referenceFilePath;
-            if (changedFiles.includes("src/main/resources/messages_en_GB.properties")) {
+            if (changedFiles.includes("stirling-pdf/src/main/resources/messages_en_GB.properties")) {
               console.log("Using PR branch reference file.");
               const { data: fileContent } = await github.rest.repos.getContent({
                 owner: prRepoOwner,
                 repo: prRepoName,
-                path: "src/main/resources/messages_en_GB.properties",
+                path: "stirling-pdf/src/main/resources/messages_en_GB.properties",
                 ref: branch,
               });
 
@@ -158,7 +158,7 @@ jobs:
               const { data: fileContent } = await github.rest.repos.getContent({
                 owner: repoOwner,
                 repo: repoName,
-                path: "src/main/resources/messages_en_GB.properties",
+                path: "stirling-pdf/src/main/resources/messages_en_GB.properties",
                 ref: "main",
               });
 

.github/workflows/licenses-update.yml

@@ -57,11 +57,11 @@ jobs:
 
       - name: Move and rename license file
         run: |
-          mv build/reports/dependency-license/index.json src/main/resources/static/3rdPartyLicenses.json
+          mv build/reports/dependency-license/index.json stirling-pdf/src/main/resources/static/3rdPartyLicenses.json
 
       - name: Commit changes
         run: |
-          git add src/main/resources/static/3rdPartyLicenses.json
+          git add stirling-pdf/src/main/resources/static/3rdPartyLicenses.json
           git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV
 
       - name: Create Pull Request

.github/workflows/multiOSReleases.yml

@@ -48,12 +48,12 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        enable_security: [true, false]
+        disable_security: [true, false]
         include:
-          - enable_security: true
-            file_suffix: "-with-login"
-          - enable_security: false
+          - disable_security: true
             file_suffix: ""
+          - disable_security: false
+            file_suffix: "-with-login"
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
@@ -72,10 +72,10 @@ jobs:
         with:
           gradle-version: 8.14
 
-      - name: Generate jar (With Security=${{ matrix.enable_security }})
+      - name: Generate jar (Without Security=${{ matrix.disable_security }})
         run: ./gradlew clean createExe
         env:
-          DOCKER_ENABLE_SECURITY: ${{ matrix.enable_security }}
+          ADDITIONAL_FEATURES_OFF: ${{ matrix.disable_security }}
           STIRLING_PDF_DESKTOP_UI: false
 
       - name: Rename binaries
@@ -98,12 +98,12 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        enable_security: [true, false]
+        disable_security: [true, false]
         include:
-          - enable_security: true
-            file_suffix: "with-login-"
-          - enable_security: false
+          - disable_security: true
             file_suffix: ""
+          - disable_security: false
+            file_suffix: "with-login-"
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
@@ -171,7 +171,7 @@ jobs:
       - name: Build Installer
         run: ./gradlew build jpackage -x test --info
         env:
-          DOCKER_ENABLE_SECURITY: false
+          ADDITIONAL_FEATURES_OFF: true
           STIRLING_PDF_DESKTOP_UI: true
           BROWSER_OPEN: true
 

.github/workflows/push-docker.yml

@@ -37,7 +37,7 @@ jobs:
       - name: Run Gradle Command
         run: ./gradlew clean build
         env:
-          DOCKER_ENABLE_SECURITY: false
+          ADDITIONAL_FEATURES_OFF: true
           STIRLING_PDF_DESKTOP_UI: false
 
       - name: Install cosign

.github/workflows/releaseArtifacts.yml

@@ -14,11 +14,16 @@ jobs:
     strategy:
       matrix:
         enable_security: [true, false]
+        disable_security: [true, false]
         include:
           - enable_security: true
             file_suffix: "-with-login"
           - enable_security: false
             file_suffix: ""
+          - disable_security: true
+            file_suffix: ""
+          - disable_security: false
+            file_suffix: "-with-login"
     outputs:
       version: ${{ steps.versionNumber.outputs.versionNumber }}
     steps:
@@ -42,7 +47,7 @@ jobs:
       - name: Generate jar (With Security=${{ matrix.enable_security }})
         run: ./gradlew clean createExe
         env:
-          DOCKER_ENABLE_SECURITY: ${{ matrix.enable_security }}
+          ADDITIONAL_FEATURES_OFF: ${{ matrix.disable_security }}
           STIRLING_PDF_DESKTOP_UI: false
 
       - name: Get version number

.github/workflows/sonarqube.yml

@@ -33,7 +33,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          DOCKER_ENABLE_SECURITY: true
+          ADDITIONAL_FEATURES_OFF: false
           STIRLING_PDF_DESKTOP_UI: true
         run: |
           ./gradlew clean build sonar \

.github/workflows/sync_files.yml

@@ -8,8 +8,8 @@ on:
     paths:
       - "build.gradle"
       - "README.md"
-      - "src/main/resources/messages_*.properties"
-      - "src/main/resources/static/3rdPartyLicenses.json"
+      - "stirling-pdf/src/main/resources/messages_*.properties"
+      - "stirling-pdf/src/main/resources/static/3rdPartyLicenses.json"
       - "scripts/ignore_translation.toml"
 
 permissions:
@@ -41,11 +41,11 @@ jobs:
 
       - name: Sync translation property files
         run: |
-          python .github/scripts/check_language_properties.py --reference-file "src/main/resources/messages_en_GB.properties" --branch main
+          python .github/scripts/check_language_properties.py --reference-file "stirling-pdf/src/main/resources/messages_en_GB.properties" --branch main
 
       - name: Commit translation files
         run: |
-          git add src/main/resources/messages_*.properties
+          git add stirling-pdf/src/main/resources/messages_*.properties
           git diff --staged --quiet || git commit -m ":memo: Sync translation files" || echo "No changes detected"
 
       - name: Install dependencies
@@ -101,4 +101,4 @@ jobs:
           sign-commits: true
           add-paths: |
             README.md
-            src/main/resources/messages_*.properties
+              stirling-pdf/src/main/resources/messages_*.properties

.github/workflows/testdriver.yml

@@ -28,7 +28,7 @@ jobs:
       - name: Build with Gradle
         run: ./gradlew clean build
         env:
-          DOCKER_ENABLE_SECURITY: false
+          ADDITIONAL_FEATURES_OFF: true
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
@@ -76,7 +76,7 @@ jobs:
                 - /stirling/test-${{ github.sha }}/config:/configs:rw
                 - /stirling/test-${{ github.sha }}/logs:/logs:rw
               environment:
-                DOCKER_ENABLE_SECURITY: "false"
+                ADDITIONAL_FEATURES_OFF: "true"
                 SECURITY_ENABLELOGIN: "false"
                 SYSTEM_DEFAULTLOCALE: en-GB
                 UI_APPNAME: "Stirling-PDF Test"

.gitignore

@@ -124,6 +124,9 @@ SwaggerDoc.json
 *.rar
 *.db
 /build
+/stirling-pdf/build
+/common/build
+/proprietary/build
 
 # Byte-compiled / optimized / DLL files
 __pycache__/

.pre-commit-config.yaml

@@ -20,7 +20,7 @@ repos:
           - --skip="./.*,*.csv,*.json,*.ambr"
           - --quiet-level=2
         files: \.(html|css|js|py|md)$
-        exclude: (.vscode|.devcontainer|src/main/resources|Dockerfile|.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js)
+        exclude: (.vscode|.devcontainer|stirling-pdf/src/main/resources|Dockerfile|.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js)
   - repo: https://github.com/gitleaks/gitleaks
     rev: v8.26.0
     hooks:

.vscode/settings.json

@@ -50,8 +50,10 @@
     ".vscode/",
     "bin/",
     "common/bin/",
+    "proprietary/bin/",
     "build/",
     "common/build/",
+    "proprietary/build/",
     "configs/",
     "customFiles/",
     "docs/",
@@ -66,6 +68,7 @@
     ".gitattributes",
     ".gitignore",
     "common/.gitignore",
+    "proprietary/.gitignore",
     ".pre-commit-config.yaml",
   ],
   // Enables signature help in Java.

DeveloperGuide.md

@@ -55,7 +55,7 @@ Stirling-PDF uses Lombok to reduce boilerplate code. Some IDEs, like Eclipse, do
 Visit the [Lombok website](https://projectlombok.org/setup/) for installation instructions specific to your IDE.
 
 5. Add environment variable
-For local testing, you should generally be testing the full 'Security' version of Stirling-PDF. To do this, you must add the environment flag DOCKER_ENABLE_SECURITY=true to your system and/or IDE build/run step.
+For local testing, you should generally be testing the full 'Security' version of Stirling-PDF. To do this, you must add the environment flag ADDITIONAL_FEATURES_OFF=false to your system and/or IDE build/run step.
 
 ## 4. Project Structure
 
@@ -141,7 +141,7 @@ services:
       - /stirling/latest/config:/configs:rw
       - /stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "true"
       PUID: 1002
       PGID: 1002
@@ -170,7 +170,7 @@ Stirling-PDF uses different Docker images for various configurations. The build
 1. Set the security environment variable:
 
    ```bash
-   export DOCKER_ENABLE_SECURITY=false  # or true for security-enabled builds
+   export ADDITIONAL_FEATURES_OFF=true  # or false for security-enabled builds
    ```
 
 2. Build the project with Gradle:
@@ -196,7 +196,7 @@ Stirling-PDF uses different Docker images for various configurations. The build
    For the fat version (with security enabled):
 
    ```bash
-   export DOCKER_ENABLE_SECURITY=true
+   export ADDITIONAL_FEATURES_OFF=false
    docker build --no-cache --pull --build-arg VERSION_TAG=alpha -t stirlingtools/stirling-pdf:latest-fat -f ./Dockerfile.fat .
    ```
 
@@ -332,7 +332,7 @@ Thymeleaf is a server-side Java HTML template engine. It is used in Stirling-PDF
 
 ### Thymeleaf overview
 
-In Stirling-PDF, Thymeleaf is used to create HTML templates that are rendered on the server side. These templates are located in the `src/main/resources/templates` directory. Thymeleaf templates use a combination of HTML and special Thymeleaf attributes to dynamically generate content.
+In Stirling-PDF, Thymeleaf is used to create HTML templates that are rendered on the server side. These templates are located in the `stirling-pdf/src/main/resources/templates` directory. Thymeleaf templates use a combination of HTML and special Thymeleaf attributes to dynamically generate content.
 
 Some examples of this are:
 
@@ -384,7 +384,7 @@ This would generate n entries of tr for each person in exampleData
 ### Adding a New Feature to the Backend (API)
 
 1. **Create a New Controller:**
-   - Create a new Java class in the `src/main/java/stirling/software/SPDF/controller/api` directory.
+   - Create a new Java class in the `stirling-pdf/src/main/java/stirling/software/SPDF/controller/api` directory.
    - Annotate the class with `@RestController` and `@RequestMapping` to define the API endpoint.
    - Ensure to add API documentation annotations like `@Tag(name = "General", description = "General APIs")` and `@Operation(summary = "Crops a PDF document", description = "This operation takes an input PDF file and crops it according to the given coordinates. Input:PDF Output:PDF Type:SISO")`.
 
@@ -411,7 +411,7 @@ This would generate n entries of tr for each person in exampleData
    ```
 
 2. **Define the Service Layer:** (Not required but often useful)
-   - Create a new service class in the `src/main/java/stirling/software/SPDF/service` directory.
+   - Create a new service class in the `stirling-pdf/src/main/java/stirling/software/SPDF/service` directory.
    - Implement the business logic for the new feature.
 
    ```java
@@ -463,7 +463,7 @@ This would generate n entries of tr for each person in exampleData
 ### Adding a New Feature to the Frontend (UI)
 
 1. **Create a New Thymeleaf Template:**
-   - Create a new HTML file in the `src/main/resources/templates` directory.
+   - Create a new HTML file in the `stirling-pdf/src/main/resources/templates` directory.
    - Use Thymeleaf attributes to dynamically generate content.
    - Use `extract-page.html` as a base example for the HTML template, which is useful to ensure importing of the general layout, navbar, and footer.
 
@@ -507,7 +507,7 @@ This would generate n entries of tr for each person in exampleData
    ```
 
 2. **Create a New Controller for the UI:**
-   - Create a new Java class in the `src/main/java/stirling/software/SPDF/controller/ui` directory.
+   - Create a new Java class in the `stirling-pdf/src/main/java/stirling/software/SPDF/controller/ui` directory.
    - Annotate the class with `@Controller` and `@RequestMapping` to define the UI endpoint.
 
    ```java
@@ -537,7 +537,7 @@ This would generate n entries of tr for each person in exampleData
 
 3. **Update the Navigation Bar:**
    - Add a link to the new feature page in the navigation bar.
-   - Update the `src/main/resources/templates/fragments/navbar.html` file.
+   - Update the `stirling-pdf/src/main/resources/templates/fragments/navbar.html` file.
 
    ```html
    <li class="nav-item">
@@ -551,7 +551,7 @@ When adding a new feature or modifying existing ones in Stirling-PDF, you'll nee
 
 ### 1. Locate Existing Language Files
 
-Find the existing `messages.properties` files in the `src/main/resources` directory. You'll see files like:
+Find the existing `messages.properties` files in the `stirling-pdf/src/main/resources` directory. You'll see files like:
 
 - `messages.properties` (default, usually English)
 - `messages_en_GB.properties`

Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be02
 # Copy necessary files
 COPY scripts /scripts
 COPY pipeline /pipeline
-COPY src/main/resources/static/fonts/*.ttf /usr/share/fonts/opentype/noto/
+COPY stirling-pdf/src/main/resources/static/fonts/*.ttf /usr/share/fonts/opentype/noto/
 #COPY src/main/resources/static/fonts/*.otf /usr/share/fonts/opentype/noto/
 COPY build/libs/*.jar app.jar
 
@@ -23,7 +23,7 @@ LABEL org.opencontainers.image.version="${VERSION_TAG}"
 LABEL org.opencontainers.image.keywords="PDF, manipulation, merge, split, convert, OCR, watermark"
 
 # Set Environment Variables
-ENV DOCKER_ENABLE_SECURITY=false \
+ENV ADDITIONAL_FEATURES_OFF=true \
     VERSION_TAG=$VERSION_TAG \
     JAVA_BASE_OPTS="-XX:+UnlockExperimentalVMOptions -XX:MaxRAMPercentage=75 -XX:InitiatingHeapOccupancyPercent=20 -XX:+G1PeriodicGCInvokesConcurrent -XX:G1PeriodicGCInterval=10000 -XX:+UseStringDeduplication -XX:G1PeriodicGCSystemLoadThreshold=70" \
     JAVA_CUSTOM_OPTS="" \

Dockerfile.fat

@@ -5,6 +5,8 @@ COPY build.gradle .
 COPY settings.gradle .
 COPY gradlew .
 COPY gradle gradle/
+COPY common/build.gradle common/.
+COPY proprietary/build.gradle proprietary/.
 RUN ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube || return 0
 
 # Set the working directory
@@ -13,8 +15,8 @@ WORKDIR /app
 # Copy the entire project to the working directory
 COPY . .
 
-# Build the application with DOCKER_ENABLE_SECURITY=false
-RUN DOCKER_ENABLE_SECURITY=true \
+# Build the application with ADDITIONAL_FEATURES_OFF=false
+RUN ADDITIONAL_FEATURES_OFF=false \
     STIRLING_PDF_DESKTOP_UI=false \
     ./gradlew clean build -x spotlessApply -x spotlessCheck -x test -x sonarqube
 
@@ -24,13 +26,13 @@ FROM alpine:3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be02
 # Copy necessary files
 COPY scripts /scripts
 COPY pipeline /pipeline
-COPY src/main/resources/static/fonts/*.ttf /usr/share/fonts/opentype/noto/
+COPY stirling-pdf/src/main/resources/static/fonts/*.ttf /usr/share/fonts/opentype/noto/
 COPY --from=build /app/build/libs/*.jar app.jar
 
 ARG VERSION_TAG
 
 # Set Environment Variables
-ENV DOCKER_ENABLE_SECURITY=false \
+ENV ADDITIONAL_FEATURES_OFF=true \
     VERSION_TAG=$VERSION_TAG \
     JAVA_BASE_OPTS="-XX:+UnlockExperimentalVMOptions -XX:MaxRAMPercentage=75 -XX:InitiatingHeapOccupancyPercent=20 -XX:+G1PeriodicGCInvokesConcurrent -XX:G1PeriodicGCInterval=10000 -XX:+UseStringDeduplication -XX:G1PeriodicGCSystemLoadThreshold=70" \
     JAVA_CUSTOM_OPTS="" \

Dockerfile.ultra-lite

@@ -4,7 +4,7 @@ FROM alpine:3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be02
 ARG VERSION_TAG
 
 # Set Environment Variables
-ENV DOCKER_ENABLE_SECURITY=false \
+ENV ADDITIONAL_FEATURES_OFF=true \
     HOME=/home/stirlingpdfuser \
     VERSION_TAG=$VERSION_TAG \
     JAVA_BASE_OPTS="-XX:+UnlockExperimentalVMOptions -XX:MaxRAMPercentage=75 -XX:InitiatingHeapOccupancyPercent=20 -XX:+G1PeriodicGCInvokesConcurrent -XX:G1PeriodicGCInterval=10000 -XX:+UseStringDeduplication -XX:G1PeriodicGCSystemLoadThreshold=70" \

HowToAddNewLanguage.md

@@ -10,7 +10,7 @@ Fork Stirling-PDF and create a new branch out of `main`.
 
 Then add a reference to the language in the navbar by adding a new language entry to the dropdown:
 
-- Edit the file: [languages.html](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/src/main/resources/templates/fragments/languages.html)
+- Edit the file: [languages.html](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/stirling-pdf/src/main/resources/templates/fragments/languages.html)
 
 
 For example, to add Polish, you would add:
@@ -25,7 +25,7 @@ The `data-bs-language-code` is the code used to reference the file in the next s
 
 Start by copying the existing English property file:
 
-- [messages_en_GB.properties](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/src/main/resources/messages_en_GB.properties)
+- [messages_en_GB.properties](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/stirling-pdf/src/main/resources/messages_en_GB.properties)
 
 Copy and rename it to `messages_{your data-bs-language-code here}.properties`. In the Polish example, you would set the name to `messages_pl_PL.properties`.
 

LICENSE

@@ -1,6 +1,27 @@
 MIT License
 
-Copyright (c) 2024 Stirling Tools
+Copyright (c) 2025 Stirling PDF Inc.
+
+Portions of this software are licensed as follows:
+
+* All content that resides under the "proprietary/" directory of this repository,
+if that directory exists, is licensed under the license defined in "proprietary/LICENSE-proprietary".
+* Content outside of the above mentioned directories or restrictions above is
+available under the MIT License as defined below.
+
+Portions of this software are licensed as follows:
+
+* All content that resides under the "proprietary/" directory of this repository,
+if that directory exists, is licensed under the license defined in "proprietary/LICENSE-proprietary".
+* Content outside of the above mentioned directories or restrictions above is
+available under the MIT License as defined below.
+
+Portions of this software are licensed as follows:
+
+* All content that resides under the "proprietary/" directory of this repository,
+if that directory exists, is licensed under the license defined in "proprietary/LICENSE-proprietary".
+* Content outside of the above mentioned directories or restrictions above is
+available under the MIT License as defined below.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

build.gradle

@@ -9,7 +9,7 @@ plugins {
     id "com.diffplug.spotless" version "7.0.4"
     id "com.github.jk1.dependency-license-report" version "2.9"
     //id "nebula.lint" version "19.0.3"
-    id("org.panteleyev.jpackageplugin") version "1.6.1"
+    id "org.panteleyev.jpackageplugin" version "1.6.1"
     id "org.sonarqube" version "6.2.0.5505"
 }
 
@@ -26,21 +26,136 @@ ext {
     bouncycastleVersion = "1.80"
     springSecuritySamlVersion = "6.5.0"
     openSamlVersion = "4.3.2"
+    commonmarkVersion = "0.24.0"
     tempJrePath = null
 }
 
-group = "stirling.software"
-version = "0.46.2"
-
-java {
-    // 17 is lowest but we support and recommend 21
-    sourceCompatibility = JavaVersion.VERSION_17
+jar {
+    enabled = false
+    manifest {
+        attributes "Implementation-Title": "Stirling-PDF",
+            "Implementation-Version": project.version
+    }
 }
 
-repositories {
-    mavenCentral()
-    maven { url = "https://build.shibboleth.net/maven/releases" }
-    maven { url = "https://maven.pkg.github.com/jcefmaven/jcefmaven" }
+bootJar {
+    enabled = false
+}
+
+sourceSets {
+    main {
+        java {
+            if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false' || System.getenv('ADDITIONAL_FEATURES_OFF') == 'true'
+                || (project.hasProperty('ADDITIONAL_FEATURES_OFF')
+                && System.getProperty('ADDITIONAL_FEATURES_OFF') == 'true')) {
+                exclude 'stirling/software/proprietary/security/**'
+            }
+
+            if (System.getenv('STIRLING_PDF_DESKTOP_UI') != 'false'
+                || (project.hasProperty('STIRLING_PDF_DESKTOP_UI')
+                && project.getProperty('STIRLING_PDF_DESKTOP_UI') != 'false')) {
+                exclude 'stirling/software/SPDF/UI/impl/**'
+            }
+        }
+    }
+
+    test {
+        java {
+            if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false' || System.getenv('ADDITIONAL_FEATURES_OFF') == 'true'
+                || (project.hasProperty('ADDITIONAL_FEATURES_OFF')
+                && System.getProperty('ADDITIONAL_FEATURES_OFF') == 'true')) {
+                exclude 'stirling/software/proprietary/security/**'
+            }
+
+            if (System.getenv('STIRLING_PDF_DESKTOP_UI') != 'false'
+                || (project.hasProperty('STIRLING_PDF_DESKTOP_UI')
+                && project.getProperty('STIRLING_PDF_DESKTOP_UI') != 'false')) {
+                exclude 'stirling/software/SPDF/UI/impl/**'
+            }
+        }
+    }
+}
+
+allprojects {
+    group = 'stirling.software'
+    version = '0.46.2'
+
+    afterEvaluate {
+        if (project == rootProject) return
+        tasks.register('wrapper', Wrapper) {
+            gradleVersion = '8.14'
+            distributionType = Wrapper.DistributionType.ALL
+        }
+    }
+
+    configurations.all {
+        exclude group: 'commons-logging', module: 'commons-logging'
+        exclude group: "org.springframework.boot", module: "spring-boot-starter-tomcat"
+    }
+}
+
+subprojects {
+    apply plugin: 'java'
+    apply plugin: 'java-library'
+    apply plugin: 'com.diffplug.spotless'
+    apply plugin: 'org.springframework.boot'
+    apply plugin: 'io.spring.dependency-management'
+
+    java {
+        // 17 is lowest but we support and recommend 21
+        sourceCompatibility = JavaVersion.VERSION_17
+    }
+
+    bootJar {
+        enabled = false
+    }
+
+    repositories {
+        mavenCentral()
+    }
+
+    configurations.configureEach {
+        exclude group: 'commons-logging', module: 'commons-logging'
+        exclude group: 'org.springframework.boot', module: 'spring-boot-starter-tomcat'
+        // Exclude vulnerable BouncyCastle version used in tableau
+        exclude group: 'org.bouncycastle', module: 'bcpkix-jdk15on'
+        exclude group: 'org.bouncycastle', module: 'bcutil-jdk15on'
+        exclude group: 'org.bouncycastle', module: 'bcmail-jdk15on'
+    }
+
+    dependencyManagement {
+        imports {
+            mavenBom "org.springframework.boot:spring-boot-dependencies:$springBootVersion"
+        }
+    }
+
+    dependencies {
+        implementation 'org.springframework.boot:spring-boot-starter-web'
+        implementation 'org.springframework.boot:spring-boot-starter-actuator'
+        implementation 'io.github.pixee:java-security-toolkit:1.2.1'
+
+        //tmp for security bumps
+        implementation 'ch.qos.logback:logback-core:1.5.18'
+        implementation 'ch.qos.logback:logback-classic:1.5.18'
+        compileOnly "org.projectlombok:lombok:$lombokVersion"
+        annotationProcessor "org.projectlombok:lombok:$lombokVersion"
+
+        testImplementation 'org.springframework.boot:spring-boot-starter-test'
+        testRuntimeOnly 'org.mockito:mockito-inline:5.2.0'
+    }
+
+    tasks.withType(JavaCompile).configureEach {
+        options.encoding = "UTF-8"
+        dependsOn "spotlessApply"
+    }
+
+    compileJava {
+        options.compilerArgs << "-parameters"
+    }
+
+    test {
+        useJUnitPlatform()
+    }
 }
 
 licenseReport {
@@ -51,29 +166,14 @@ licenseReport {
 sourceSets {
     main {
         java {
-            if (System.getenv("DOCKER_ENABLE_SECURITY") == "false") {
-                exclude "stirling/software/SPDF/config/interfaces/DatabaseInterface.java"
-                exclude "stirling/software/SPDF/config/security/**"
-                exclude "stirling/software/SPDF/controller/api/DatabaseController.java"
-                exclude "stirling/software/SPDF/controller/api/EmailController.java"
-                exclude "stirling/software/SPDF/controller/api/H2SQLCondition.java"
-                exclude "stirling/software/SPDF/controller/api/UserController.java"
-                exclude "stirling/software/SPDF/controller/web/AccountWebController.java"
-                exclude "stirling/software/SPDF/controller/web/DatabaseWebController.java"
-                exclude "stirling/software/SPDF/model/api/Email.java"
-                exclude "stirling/software/SPDF/model/ApiKeyAuthenticationToken.java"
-                exclude "stirling/software/SPDF/model/AttemptCounter.java"
-                exclude "stirling/software/SPDF/model/Authority.java"
-                exclude "stirling/software/SPDF/model/exception/BackupNotFoundException.java"
-                exclude "stirling/software/SPDF/model/exception/NoProviderFoundException.java"
-                exclude "stirling/software/SPDF/model/PersistentLogin.java"
-                exclude "stirling/software/SPDF/model/SessionEntity.java"
-                exclude "stirling/software/SPDF/model/User.java"
-                exclude "stirling/software/SPDF/repository/**"
+            if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false' || System.getenv('ADDITIONAL_FEATURES_OFF') == 'true'
+                || (project.hasProperty('ADDITIONAL_FEATURES_OFF')
+                && System.getProperty('ADDITIONAL_FEATURES_OFF') == 'true')) {
+                exclude 'stirling/software/proprietary/security/**'
             }
 
-            if (System.getenv("STIRLING_PDF_DESKTOP_UI") == "false") {
-                exclude "stirling/software/SPDF/UI/impl/**"
+            if (System.getenv('STIRLING_PDF_DESKTOP_UI') == 'false') {
+                exclude 'stirling/software/SPDF/UI/impl/**'
             }
 
         }
@@ -81,15 +181,14 @@ sourceSets {
 
     test {
         java {
-            if (System.getenv("DOCKER_ENABLE_SECURITY") == "false") {
-                exclude "stirling/software/SPDF/config/security/**"
-                exclude "stirling/software/SPDF/model/ApiKeyAuthenticationTokenTest.java"
-                exclude "stirling/software/SPDF/controller/api/EmailControllerTest.java"
-                exclude "stirling/software/SPDF/repository/**"
+            if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false' || System.getenv('ADDITIONAL_FEATURES_OFF') == 'true'
+                || (project.hasProperty('ADDITIONAL_FEATURES_OFF')
+                && System.getProperty('ADDITIONAL_FEATURES_OFF') == 'true')) {
+                exclude 'stirling/software/proprietary/security/**'
             }
 
-            if (System.getenv("STIRLING_PDF_DESKTOP_UI") == "false") {
-                exclude "stirling/software/SPDF/UI/impl/**"
+            if (System.getenv('STIRLING_PDF_DESKTOP_UI') == 'false') {
+                exclude 'stirling/software/SPDF/UI/impl/**'
             }
         }
     }
@@ -115,10 +214,9 @@ jpackage {
     mainJar = "Stirling-PDF-${project.version}.jar"
     appName = "Stirling PDF"
     appVersion = project.version
-//    appVersion = "2005.45.1"
     vendor = "Stirling PDF Inc"
     appDescription = "Stirling PDF - Your Local PDF Editor"
-    icon = "src/main/resources/static/favicon.ico"
+    icon = "stirling-pdf/src/main/resources/static/favicon.ico"
     verbose = true
 //    mainClass = "org.springframework.boot.loader.launch.JarLauncher"
 
@@ -156,10 +254,10 @@ jpackage {
         installDir = "C:/Program Files/Stirling-PDF"
     }
 
-    // macOS-specific configuration
+    // MacOS-specific configuration
     mac {
         appVersion = getMacVersion(project.version.toString())
-        icon = "src/main/resources/static/favicon.icns"
+        icon = "stirling-pdf/src/main/resources/static/favicon.icns"
         type = "dmg"
         macPackageIdentifier = "Stirling PDF"
         macPackageName = "Stirling PDF"
@@ -181,7 +279,7 @@ jpackage {
     // Linux-specific configuration
     linux {
         appVersion = project.version
-        icon = "src/main/resources/static/favicon.png"
+        icon = "stirling-pdf/src/main/resources/static/favicon.png"
         type = "deb" // Can also use "rpm" for Red Hat-based systems
 
         // Debian package configuration
@@ -221,6 +319,11 @@ jpackage {
     licenseFile = "LICENSE"
 }
 
+tasks.wrapper {
+    gradleVersion = "8.14"
+    distributionType = Wrapper.DistributionType.ALL
+}
+
 tasks.register('jpackageMacX64') {
     group = 'distribution'
     description = 'Packages app for MacOS x86_64'
@@ -253,7 +356,7 @@ tasks.register('jpackageMacX64') {
                 '--main-class', 'org.springframework.boot.loader.launch.JarLauncher',
                 '--runtime-image', file(jrePath + "/zulu-17.jre/Contents/Home"),
                 '--dest', 'build/jpackage/x86_64',
-                '--icon', 'src/main/resources/static/favicon.icns',
+                '--icon', 'stirling-pdf/src/main/resources/static/favicon.icns',
                 '--app-version', getMacVersion(project.version.toString()),
                 '--mac-package-name', 'Stirling PDF (x86_64)',
                 '--mac-package-identifier', 'Stirling PDF (x86_64)',
@@ -290,8 +393,6 @@ tasks.register('jpackageMacX64') {
     }
 }
 
-//jpackage.finalizedBy(jpackageMacX64)
-
 tasks.register('downloadTempJre') {
     group = 'distribution'
     description = 'Downloads and extracts a temporary JRE'
@@ -303,18 +404,18 @@ tasks.register('downloadTempJre') {
             def jreArchive = new File(tmpDir, 'jre.tar.gz')
             def jreDir = new File(tmpDir, 'jre')
 
-            println "🔽 Downloading JRE to $jreArchive..."
+            println "Downloading JRE to $jreArchive"
             jreArchive.withOutputStream { out ->
                 new URI(jreUrl).toURL().withInputStream { from -> out << from }
             }
 
-            println "📦 Extracting JRE to $jreDir..."
+            println "Extracting JRE to $jreDir"
             jreDir.mkdirs()
             providers.exec {
                 commandLine 'tar', '-xzf', jreArchive.absolutePath, '-C', jreDir.absolutePath, '--strip-components=1'
             }.result.get()
 
-            println "✅ JRE ready at: $jreDir"
+            println "JRE ready at: $jreDir"
             ext.tempJrePath = jreDir.absolutePath
             project.ext.tempJrePath = jreDir.absolutePath
         } catch (Exception e) {
@@ -340,7 +441,7 @@ tasks.register('cleanTempJre') {
 }
 
 launch4j {
-    icon = "${projectDir}/src/main/resources/static/favicon.ico"
+    icon = "${projectDir}/stirling-pdf/src/main/resources/static/favicon.ico"
 
     outfile="Stirling-PDF.exe"
 
@@ -351,7 +452,7 @@ launch4j {
     }
     jarTask = tasks.bootJar
 
-    errTitle="Encountered error, Do you have Java 21?"
+    errTitle="Encountered error, do you have Java 21?"
     downloadUrl="https://download.oracle.com/java/21/latest/jdk-21_windows-x64_bin.exe"
 
     if(System.getenv("STIRLING_PDF_DESKTOP_UI") == 'true') {
@@ -376,6 +477,7 @@ spotless {
     java {
         target sourceSets.main.allJava
         target project(':common').sourceSets.main.allJava
+        target project(':proprietary').sourceSets.main.allJava
 
         googleJavaFormat("1.27.0").aosp().reorderImports(false)
 
@@ -392,188 +494,12 @@ sonar {
         property "sonar.projectKey", "Stirling-Tools_Stirling-PDF"
         property "sonar.organization", "stirling-tools"
 
-        property "sonar.exclusions", "**/build-wrapper-dump.json, src/main/java/org/apache/**, src/main/resources/static/pdfjs/**, src/main/resources/static/pdfjs-legacy/**, src/main/resources/static/js/thirdParty/**"
-        property "sonar.coverage.exclusions", "src/main/java/org/apache/**, src/main/resources/static/pdfjs/**, src/main/resources/static/pdfjs-legacy/**, src/main/resources/static/js/thirdParty/**"
-        property "sonar.cpd.exclusions", "src/main/java/org/apache/**, src/main/resources/static/pdfjs/**, src/main/resources/static/pdfjs-legacy/**, src/main/resources/static/js/thirdParty/**"
+        property "sonar.exclusions", "**/build-wrapper-dump.json, **/src/main/java/org/apache/**, **/src/main/resources/static/pdfjs/**, **/src/main/resources/static/pdfjs-legacy/**, **/src/main/resources/static/js/thirdParty/**"
+        property "sonar.coverage.exclusions", "**/src/main/java/org/apache/**, **/src/main/resources/static/pdfjs/**, **/src/main/resources/static/pdfjs-legacy/**, **/src/main/resources/static/js/thirdParty/**"
+        property "sonar.cpd.exclusions", "**/src/main/java/org/apache/**, **/src/main/resources/static/pdfjs/**, **/src/main/resources/static/pdfjs-legacy/**, **/src/main/resources/static/js/thirdParty/**"
     }
 }
 
-//gradleLint {
-//        rules=['unused-dependency']
-//    }
-tasks.wrapper {
-    gradleVersion = "8.14"
-    distributionType = Wrapper.DistributionType.ALL
-}
-//tasks.withType(JavaCompile) {
-//    options.compilerArgs << "-Xlint:deprecation"
-//}
-configurations.all {
-    // Remove all commons-logging dependencies so that only spring-jcl is used
-    exclude group: 'commons-logging', module: 'commons-logging'
-    // Exclude Tomcat
-    exclude group: "org.springframework.boot", module: "spring-boot-starter-tomcat"
-}
-
-dependencies {
-    implementation project(':common')
-
-    //tmp for security bumps
-    implementation 'ch.qos.logback:logback-core:1.5.18'
-    implementation 'ch.qos.logback:logback-classic:1.5.18'
-
-    // Exclude vulnerable BouncyCastle version used in tableau
-    configurations.all {
-        exclude group: 'org.bouncycastle', module: 'bcpkix-jdk15on'
-        exclude group: 'org.bouncycastle', module: 'bcutil-jdk15on'
-        exclude group: 'org.bouncycastle', module: 'bcmail-jdk15on'
-    }
-
-    if (System.getenv("STIRLING_PDF_DESKTOP_UI") != "false") {
-        implementation "me.friwi:jcefmaven:135.0.20"
-        implementation "org.openjfx:javafx-controls:21"
-        implementation "org.openjfx:javafx-swing:21"
-    }
-
-    //security updates
-    implementation "org.springframework:spring-webmvc:6.2.7"
-
-    implementation("io.github.pixee:java-security-toolkit:1.2.1")
-
-    // Exclude Tomcat and include Jetty
-    implementation("org.springframework.boot:spring-boot-starter-web:$springBootVersion")
-    implementation "org.springframework.boot:spring-boot-starter-jetty:$springBootVersion"
-
-    implementation "org.springframework.boot:spring-boot-starter-thymeleaf:$springBootVersion"
-    implementation 'com.posthog.java:posthog:1.2.0'
-    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
-
-
-    if (System.getenv("DOCKER_ENABLE_SECURITY") != "false") {
-	    implementation 'io.micrometer:micrometer-registry-prometheus'
-
-        implementation "org.springframework.boot:spring-boot-starter-security:$springBootVersion"
-        implementation "org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE"
-        implementation "org.springframework.boot:spring-boot-starter-data-jpa:$springBootVersion"
-        implementation "org.springframework.boot:spring-boot-starter-oauth2-client:$springBootVersion"
-        implementation "org.springframework.boot:spring-boot-starter-mail:$springBootVersion"
-
-        implementation "org.springframework.session:spring-session-core:3.5.0"
-        implementation "org.springframework:spring-jdbc:6.2.7"
-
-        implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
-        // Don't upgrade h2database
-        runtimeOnly "com.h2database:h2:2.3.232"
-        runtimeOnly "org.postgresql:postgresql:42.7.6"
-        constraints {
-            implementation "org.opensaml:opensaml-core:$openSamlVersion"
-            implementation "org.opensaml:opensaml-saml-api:$openSamlVersion"
-            implementation "org.opensaml:opensaml-saml-impl:$openSamlVersion"
-        }
-        implementation "org.springframework.security:spring-security-saml2-service-provider:$springSecuritySamlVersion"
-        // implementation 'org.springframework.security:spring-security-core:$springSecuritySamlVersion'
-        implementation 'com.coveo:saml-client:5.0.0'
-
-    }
-    implementation 'org.snakeyaml:snakeyaml-engine:2.9'
-
-    testImplementation "org.springframework.boot:spring-boot-starter-test:$springBootVersion"
-
-    // Batik
-    implementation "org.apache.xmlgraphics:batik-all:1.19"
-
-    // TwelveMonkeys
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-batik:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-bmp:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-hdr:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-icns:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-iff:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-jpeg:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-pcx:$imageioVersion@
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-pict:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-pnm:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-psd:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-sgi:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-tga:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-thumbsdb:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-tiff:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-webp:$imageioVersion"
-    // runtimeOnly "com.twelvemonkeys.imageio:imageio-xwd:$imageioVersion"
-
-    // Image metadata extractor
-    implementation "com.drewnoakes:metadata-extractor:2.19.0"
-
-    implementation "commons-io:commons-io:2.19.0"
-    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"
-    //general PDF
-
-    // https://mvnrepository.com/artifact/com.opencsv/opencsv
-    implementation ("com.opencsv:opencsv:5.11")
-
-    implementation ("org.apache.pdfbox:pdfbox:$pdfboxVersion")
-    implementation "org.apache.pdfbox:preflight:$pdfboxVersion"
-
-
-    implementation ("org.apache.pdfbox:xmpbox:$pdfboxVersion")
-
-    // https://mvnrepository.com/artifact/technology.tabula/tabula
-    implementation ('technology.tabula:tabula:1.0.5')  {
-        exclude group: "org.slf4j", module: "slf4j-simple"
-        exclude group: "org.bouncycastle", module: "bcprov-jdk15on"
-        exclude group: "com.google.code.gson", module: "gson"
-        exclude group: "commons-io", module: "commons-io"
-    }
-
-    implementation 'org.apache.pdfbox:jbig2-imageio:3.0.4'
-
-    implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion"
-    implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion"
-    implementation "org.springframework.boot:spring-boot-starter-actuator:$springBootVersion"
-    implementation "io.micrometer:micrometer-core:1.15.0"
-    implementation group: "com.google.zxing", name: "core", version: "3.5.3"
-    // https://mvnrepository.com/artifact/org.commonmark/commonmark
-    implementation "org.commonmark:commonmark:0.24.0"
-    implementation "org.commonmark:commonmark-ext-gfm-tables:0.24.0"
-    // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17
-    implementation "com.bucket4j:bucket4j_jdk17-core:8.14.0"
-    implementation "com.fathzer:javaluator:3.0.6"
-
-    implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'
-
-    developmentOnly("org.springframework.boot:spring-boot-devtools:$springBootVersion")
-    compileOnly "org.projectlombok:lombok:$lombokVersion"
-    annotationProcessor "org.projectlombok:lombok:$lombokVersion"
-
-    // Mockito (core)
-    testImplementation 'org.mockito:mockito-core:5.18.0'
-    testRuntimeOnly 'org.mockito:mockito-inline:5.2.0'
-}
-
-tasks.withType(JavaCompile).configureEach {
-    options.encoding = "UTF-8"
-    dependsOn "spotlessApply"
-}
-compileJava {
-    options.compilerArgs << "-parameters"
-}
-
-task writeVersion {
-    def propsFile = file("$projectDir/src/main/resources/version.properties")
-    def propsDir = propsFile.parentFile
-
-    doLast {
-        if (!propsDir.exists()) {
-            propsDir.mkdirs()
-        }
-
-        def props = new Properties()
-        props.setProperty("version", version)
-        props.store(propsFile.newWriter(), null)
-    }
-}
-
-processResources.dependsOn(writeVersion)
-
 swaggerhubUpload {
     // dependsOn = generateOpenApiDocs  // Depends on your task generating Swagger docs
     api = "Stirling-PDF"  // The name of your API on SwaggerHub
@@ -584,25 +510,43 @@ swaggerhubUpload {
     oas = "3.0.0"  // The version of the OpenAPI Specification you"re using
 }
 
-jar {
-    enabled = false
-    manifest {
-        attributes "Implementation-Title": "Stirling-PDF",
-                   "Implementation-Version": project.version
-    }
-}
-
 tasks.named("test") {
     useJUnitPlatform()
 }
 
-task printVersion {
+tasks.register('writeVersion') {
+    def propsFile = file("$projectDir/stirling-pdf/src/main/resources/version.properties")
+    def propsDir = propsFile.parentFile
+
+    doLast {
+        if (propsDir.exists()) {
+            if (propsFile.exists()) {
+                println "File exists: $propsFile"
+            } else {
+                println "$propsFile does not exist. Creating file."
+                propsFile.createNewFile()
+            }
+        } else {
+            println "Creating directory: $propsDir"
+            propsDir.mkdirs()
+            propsFile.createNewFile()
+        }
+
+        def props = new Properties()
+        props.setProperty("version", version)
+        props.store(propsFile.newWriter(), null)
+    }
+}
+
+processResources.dependsOn(writeVersion)
+
+tasks.register('printVersion') {
     doLast {
         println project.version
     }
 }
 
-task printMacVersion {
+tasks.register('printMacVersion') {
     doLast {
         println getMacVersion(project.version.toString())
     }

common/build.gradle

@@ -1,48 +1,17 @@
-plugins {
-    id 'java-library'
-    id 'io.spring.dependency-management' version '1.1.7'
-}
-
-group = 'stirling.software'
-version = '0.46.2'
-
-ext {
-    lombokVersion = "1.18.38"
-}
-
-java {
-    sourceCompatibility = JavaVersion.VERSION_17
-}
-
-repositories {
-    mavenCentral()
-}
-
-configurations.all {
-    exclude group: 'commons-logging', module: 'commons-logging'
-    exclude group: "org.springframework.boot", module: "spring-boot-starter-tomcat"
-}
-
-dependencyManagement {
-    imports {
-        mavenBom 'org.springframework.boot:spring-boot-dependencies:3.5.0'
-    }
-}
-
 dependencies {
-    implementation 'org.springframework.boot:spring-boot-starter-web'
-    implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
-    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
-    implementation 'com.fathzer:javaluator:3.0.6'
-    implementation 'com.posthog.java:posthog:1.2.0'
-    implementation 'io.github.pixee:java-security-toolkit:1.2.1'
-    implementation 'org.apache.commons:commons-lang3:3.17.0'
-    implementation 'com.drewnoakes:metadata-extractor:2.19.0' // Image metadata extractor
-    implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'
-    implementation "org.apache.pdfbox:pdfbox:$pdfboxVersion"
-    implementation 'jakarta.servlet:jakarta.servlet-api:6.1.0'
-    implementation 'org.snakeyaml:snakeyaml-engine:2.9'
-    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"
+    api 'org.springframework.boot:spring-boot-starter-web'
+    api 'org.springframework.boot:spring-boot-starter-thymeleaf'
+    api 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
+    api 'com.fathzer:javaluator:3.0.6'
+    api 'com.posthog.java:posthog:1.2.0'
+    api 'io.github.pixee:java-security-toolkit:1.2.1'
+    api 'org.apache.commons:commons-lang3:3.17.0'
+    api 'com.drewnoakes:metadata-extractor:2.19.0' // Image metadata extractor
+    api 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'
+    api "org.apache.pdfbox:pdfbox:$pdfboxVersion"
+    api 'jakarta.servlet:jakarta.servlet-api:6.1.0'
+    api 'org.snakeyaml:snakeyaml-engine:2.9'
+    api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"
 
     compileOnly "org.projectlombok:lombok:$lombokVersion"
     annotationProcessor "org.projectlombok:lombok:$lombokVersion"

common/gradle/wrapper/gradle-wrapper.properties

@@ -0,0 +1,6 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.14-all.zip
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists

common/gradlew

@@ -0,0 +1,251 @@
+#!/bin/sh
+
+#
+# Copyright © 2015-2021 the original authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+##############################################################################
+#
+#   Gradle start up script for POSIX generated by Gradle.
+#
+#   Important for running:
+#
+#   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
+#       noncompliant, but you have some other compliant shell such as ksh or
+#       bash, then to run this script, type that shell name before the whole
+#       command line, like:
+#
+#           ksh Gradle
+#
+#       Busybox and similar reduced shells will NOT work, because this script
+#       requires all of these POSIX shell features:
+#         * functions;
+#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
+#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
+#         * compound commands having a testable exit status, especially «case»;
+#         * various built-in commands including «command», «set», and «ulimit».
+#
+#   Important for patching:
+#
+#   (2) This script targets any POSIX shell, so it avoids extensions provided
+#       by Bash, Ksh, etc; in particular arrays are avoided.
+#
+#       The "traditional" practice of packing multiple parameters into a
+#       space-separated string is a well documented source of bugs and security
+#       problems, so this is (mostly) avoided, by progressively accumulating
+#       options in "$@", and eventually passing that to Java.
+#
+#       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
+#       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
+#       see the in-line comments for details.
+#
+#       There are tweaks for specific operating systems such as AIX, CygWin,
+#       Darwin, MinGW, and NonStop.
+#
+#   (3) This script is generated from the Groovy template
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       within the Gradle project.
+#
+#       You can find Gradle at https://github.com/gradle/gradle/.
+#
+##############################################################################
+
+# Attempt to set APP_HOME
+
+# Resolve links: $0 may be a link
+app_path=$0
+
+# Need this for daisy-chained symlinks.
+while
+    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
+    [ -h "$app_path" ]
+do
+    ls=$( ls -ld "$app_path" )
+    link=${ls#*' -> '}
+    case $link in             #(
+      /*)   app_path=$link ;; #(
+      *)    app_path=$APP_HOME$link ;;
+    esac
+done
+
+# This is normally unused
+# shellcheck disable=SC2034
+APP_BASE_NAME=${0##*/}
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD=maximum
+
+warn () {
+    echo "$*"
+} >&2
+
+die () {
+    echo
+    echo "$*"
+    echo
+    exit 1
+} >&2
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "$( uname )" in                #(
+  CYGWIN* )         cygwin=true  ;; #(
+  Darwin* )         darwin=true  ;; #(
+  MSYS* | MINGW* )  msys=true    ;; #(
+  NONSTOP* )        nonstop=true ;;
+esac
+
+CLASSPATH="\\\"\\\""
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD=$JAVA_HOME/jre/sh/java
+    else
+        JAVACMD=$JAVA_HOME/bin/java
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD=java
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+fi
+
+# Increase the maximum file descriptors if we can.
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
+    case $MAX_FD in #(
+      max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        MAX_FD=$( ulimit -H -n ) ||
+            warn "Could not query maximum file descriptor limit"
+    esac
+    case $MAX_FD in  #(
+      '' | soft) :;; #(
+      *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        ulimit -n "$MAX_FD" ||
+            warn "Could not set maximum file descriptor limit to $MAX_FD"
+    esac
+fi
+
+# Collect all arguments for the java command, stacking in reverse order:
+#   * args from the command line
+#   * the main class name
+#   * -classpath
+#   * -D...appname settings
+#   * --module-path (only if needed)
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if "$cygwin" || "$msys" ; then
+    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
+    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
+
+    JAVACMD=$( cygpath --unix "$JAVACMD" )
+
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    for arg do
+        if
+            case $arg in                                #(
+              -*)   false ;;                            # don't mess with options #(
+              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
+                    [ -e "$t" ] ;;                      #(
+              *)    false ;;
+            esac
+        then
+            arg=$( cygpath --path --ignore --mixed "$arg" )
+        fi
+        # Roll the args list around exactly as many times as the number of
+        # args, so each arg winds up back in the position where it started, but
+        # possibly modified.
+        #
+        # NB: a `for` loop captures its iteration list before it begins, so
+        # changing the positional parameters here affects neither the number of
+        # iterations, nor the values presented in `arg`.
+        shift                   # remove old arg
+        set -- "$@" "$arg"      # push replacement arg
+    done
+fi
+
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
+
+set -- \
+        "-Dorg.gradle.appname=$APP_BASE_NAME" \
+        -classpath "$CLASSPATH" \
+        -jar "$APP_HOME/gradle/wrapper/gradle-wrapper.jar" \
+        "$@"
+
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
+# Use "xargs" to parse quoted args.
+#
+# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
+#
+# In Bash we could simply go:
+#
+#   readarray ARGS < <( xargs -n1 <<<"$var" ) &&
+#   set -- "${ARGS[@]}" "$@"
+#
+# but POSIX shell has neither arrays nor command substitution, so instead we
+# post-process each arg (as a line of input to sed) to backslash-escape any
+# character that might be a shell metacharacter, then use eval to reverse
+# that process (while maintaining the separation between arguments), and wrap
+# the whole thing up as a single "set" statement.
+#
+# This will of course break if any of these variables contains a newline or
+# an unmatched quote.
+#
+
+eval "set -- $(
+        printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
+        xargs -n1 |
+        sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
+        tr '\n' ' '
+    )" '"$@"'
+
+exec "$JAVACMD" "$@"

common/gradlew.bat

@@ -0,0 +1,94 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
+
+@if "%DEBUG%"=="" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if %ERRORLEVEL% equ 0 goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" -jar "%APP_HOME%\gradle\wrapper\gradle-wrapper.jar" %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if %ERRORLEVEL% equ 0 goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega

common/src/main/java/stirling/software/common/configuration/AppConfig.java

@@ -1,5 +1,7 @@
 package stirling.software.common.configuration;
 
+import io.github.pixee.security.SystemCommand;
+import jakarta.annotation.PostConstruct;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -10,6 +12,7 @@ import java.util.Properties;
 import java.util.function.Predicate;
 
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
@@ -146,10 +149,24 @@ public class AppConfig {
         }
     }
 
-    @ConditionalOnMissingClass("stirling.software.SPDF.config.security.SecurityConfiguration")
     @Bean(name = "activeSecurity")
+    public boolean activeSecurity() {
+        String additionalFeaturesOff = env.getProperty("ADDITIONAL_FEATURES_OFF");
+
+        if (additionalFeaturesOff != null) {
+            // ADDITIONAL_FEATURES_OFF=true means security OFF, so return false
+            // ADDITIONAL_FEATURES_OFF=false means security ON, so return true
+            return !Boolean.parseBoolean(additionalFeaturesOff);
+        }
+
+        return env.getProperty("DOCKER_ENABLE_SECURITY", Boolean.class, true);
+    }
+
+    @Bean(name = "missingActiveSecurity")
+    @ConditionalOnMissingClass(
+            "stirling.software.proprietary.security.configuration.SecurityConfiguration")
     public boolean missingActiveSecurity() {
-        return false;
+        return true;
     }
 
     @Bean(name = "directoryFilter")

common/src/main/java/stirling/software/common/model/ApplicationProperties.java

@@ -344,10 +344,10 @@ public class ApplicationProperties {
         @Override
         public String toString() {
             return """
-                    Driver {
-                      driverName='%s'
-                    }
-                    """
+                Driver {
+                  driverName='%s'
+                }
+                """
                     .formatted(driverName);
         }
     }

common/src/main/java/stirling/software/common/service/PostHogService.java

@@ -208,7 +208,7 @@ public class PostHogService {
 
         // New environment variables
         dockerMetrics.put("version_tag", System.getenv("VERSION_TAG"));
-        dockerMetrics.put("without_enhanced_features", System.getenv("WITHOUT_ENHANCED_FEATURES"));
+        dockerMetrics.put("additional_features_off", System.getenv("ADDITIONAL_FEATURES_OFF"));
         dockerMetrics.put("fat_docker", System.getenv("FAT_DOCKER"));
 
         return dockerMetrics;

common/src/main/java/stirling/software/common/util/ValidationUtil.java

@@ -0,0 +1,14 @@
+package stirling.software.common.util;
+
+import java.util.Collection;
+
+public class ValidationUtil {
+
+    public static boolean isStringEmpty(String input) {
+        return input == null || input.isBlank();
+    }
+
+    public static boolean isCollectionEmpty(Collection<String> input) {
+        return input == null || input.isEmpty();
+    }
+}

common/src/test/java/stirling/software/common/util/CheckProgramInstallTest.java

@@ -1,5 +1,14 @@
 package stirling.software.common.util;
 
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.util.Arrays;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.MockedStatic;
+import org.mockito.Mockito;
+import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNull;
@@ -10,18 +19,6 @@ import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
-import java.io.IOException;
-import java.lang.reflect.Field;
-import java.util.Arrays;
-
-import org.junit.jupiter.api.AfterEach;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.mockito.MockedStatic;
-import org.mockito.Mockito;
-
-import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
-
 class CheckProgramInstallTest {
 
     private MockedStatic<ProcessExecutor> mockProcessExecutor;

common/src/test/java/stirling/software/common/util/FileMonitorTest.java

@@ -19,7 +19,6 @@ import org.junit.jupiter.api.io.TempDir;
 import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.mockito.junit.jupiter.MockitoExtension;
-
 import stirling.software.common.configuration.RuntimePathConfig;
 
 @ExtendWith(MockitoExtension.class)

common/src/test/java/stirling/software/common/util/ProviderUtilsTest.java

@@ -1,10 +1,7 @@
 package stirling.software.common.util;
 
-import static org.mockito.Mockito.*;
-
 import java.util.List;
 import java.util.stream.Stream;
-
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
@@ -12,11 +9,13 @@ import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
 import org.junit.jupiter.params.provider.MethodSource;
 import org.mockito.junit.jupiter.MockitoExtension;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 import stirling.software.common.model.oauth2.GitHubProvider;
 import stirling.software.common.model.oauth2.GoogleProvider;
 import stirling.software.common.model.oauth2.Provider;
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
 
 @ExtendWith(MockitoExtension.class)
 class ProviderUtilsTest {
@@ -29,19 +28,19 @@ class ProviderUtilsTest {
         when(provider.getClientSecret()).thenReturn("clientSecret");
         when(provider.getScopes()).thenReturn(List.of("read:user"));
 
-        Assertions.assertTrue(ProviderUtils.validateProvider(provider));
+        assertTrue(ProviderUtils.validateProvider(provider));
     }
 
     @ParameterizedTest
     @MethodSource("providerParams")
     void testUnsuccessfulValidation(Provider provider) {
-        Assertions.assertFalse(ProviderUtils.validateProvider(provider));
+        assertFalse(ProviderUtils.validateProvider(provider));
     }
 
     public static Stream<Arguments> providerParams() {
         Provider generic = null;
         var google =
-                new GoogleProvider(null, "clientSecret", List.of("scope"), UsernameAttribute.EMAIL);
+            new GoogleProvider(null, "clientSecret", List.of("scope"), UsernameAttribute.EMAIL);
         var github = new GitHubProvider("clientId", "", List.of("scope"), UsernameAttribute.LOGIN);
 
         return Stream.of(Arguments.of(generic), Arguments.of(google), Arguments.of(github));

common/src/test/java/stirling/software/common/util/misc/HighContrastColorReplaceDeciderTest.java

@@ -1,12 +1,10 @@
 package stirling.software.common.util.misc;
 
-import static org.junit.jupiter.api.Assertions.assertArrayEquals;
-import static org.junit.jupiter.api.Assertions.assertNull;
-
 import org.junit.jupiter.api.Test;
-
 import stirling.software.common.model.api.misc.HighContrastColorCombination;
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
 class HighContrastColorReplaceDeciderTest {
 

common/src/test/java/stirling/software/common/util/misc/InvertFullColorStrategyTest.java

@@ -26,7 +26,6 @@ import org.junit.jupiter.api.Test;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.mock.web.MockMultipartFile;
 import org.springframework.web.multipart.MultipartFile;
-
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 
 class InvertFullColorStrategyTest {

common/src/test/java/stirling/software/common/util/misc/ReplaceAndInvertColorStrategyTest.java

@@ -9,7 +9,6 @@ import org.junit.jupiter.api.Test;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.mock.web.MockMultipartFile;
 import org.springframework.web.multipart.MultipartFile;
-
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 
 class ReplaceAndInvertColorStrategyTest {

common/src/test/java/stirling/software/common/util/propertyeditor/StringToArrayListPropertyEditorTest.java

@@ -1,17 +1,14 @@
 package stirling.software.common.util.propertyeditor;
 
+import java.util.List;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import stirling.software.common.model.api.security.RedactionArea;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
-import java.util.List;
-
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-
-import stirling.software.common.model.api.security.RedactionArea;
-
 class StringToArrayListPropertyEditorTest {
 
     private StringToArrayListPropertyEditor editor;

exampleYmlFiles/docker-compose-latest-fat-endpoints-disabled.yml

@@ -20,7 +20,7 @@ services:
       - ./stirling/latest/logs:/logs:rw
       - ../testing/allEndpointsRemovedSettings.yml:/configs/settings.yml:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "false"
       PUID: 1002
       PGID: 1002

exampleYmlFiles/docker-compose-latest-fat-security-postgres.yml

@@ -20,7 +20,7 @@ services:
       - ./stirling/latest/config:/configs:rw
       - ./stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "false"
       PUID: 1002
       PGID: 1002

exampleYmlFiles/docker-compose-latest-fat-security.yml

@@ -18,7 +18,7 @@ services:
       - ./stirling/latest/config:/configs:rw
       - ./stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "false"
       PUID: 1002
       PGID: 1002

exampleYmlFiles/docker-compose-latest-security-with-sso.yml

@@ -18,7 +18,7 @@ services:
       - /stirling/latest/config:/configs:rw
       - /stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "true"
       SECURITY_OAUTH2_ENABLED: "true"
       SECURITY_OAUTH2_AUTOCREATEUSER: "true" # This is set to true to allow auto-creation of non-existing users in Stirling-PDF

exampleYmlFiles/docker-compose-latest-security.yml

@@ -18,7 +18,7 @@ services:
       - ./stirling/latest/config:/configs:rw
       - ./stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "true"
       PUID: 1002
       PGID: 1002

exampleYmlFiles/docker-compose-latest-ultra-lite-security.yml

@@ -18,7 +18,7 @@ services:
       - /stirling/latest/config:/configs:rw
       - /stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "true"
       SYSTEM_DEFAULTLOCALE: en-US
       UI_APPNAME: Stirling-PDF-Lite

exampleYmlFiles/docker-compose-latest-ultra-lite.yml

@@ -17,7 +17,7 @@ services:
       - /stirling/latest/config:/configs:rw
       - /stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "false"
+      ADDITIONAL_FEATURES_OFF: "true"
       SECURITY_ENABLELOGIN: "false"
       SYSTEM_DEFAULTLOCALE: en-US
       UI_APPNAME: Stirling-PDF-Ultra-lite

exampleYmlFiles/docker-compose-latest.yml

@@ -18,7 +18,7 @@ services:
       - /stirling/latest/config:/configs:rw
       - /stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "false"
+      ADDITIONAL_FEATURES_OFF: "true"
       SECURITY_ENABLELOGIN: "false"
       LANGS: "en_GB,en_US,ar_AR,de_DE,fr_FR,es_ES,zh_CN,zh_TW,ca_CA,it_IT,sv_SE,pl_PL,ro_RO,ko_KR,pt_BR,ru_RU,el_GR,hi_IN,hu_HU,tr_TR,id_ID"
       SYSTEM_DEFAULTLOCALE: en-US

exampleYmlFiles/test_cicd.yml

@@ -18,7 +18,7 @@ services:
       - /stirling/latest/config:/configs:rw
       - /stirling/latest/logs:/logs:rw
     environment:
-      DOCKER_ENABLE_SECURITY: "true"
+      ADDITIONAL_FEATURES_OFF: "false"
       SECURITY_ENABLELOGIN: "true"
       PUID: 1002
       PGID: 1002

proprietary/.gitignore

@@ -0,0 +1,196 @@
+### Eclipse ###
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.exe
+*.swp
+*~.nib
+local.properties
+.settings/
+.loadpath
+.recommenders
+.classpath
+.project
+version.properties
+
+#### Stirling-PDF Files ###
+pipeline/watchedFolders/
+pipeline/finishedFolders/
+customFiles/
+configs/
+watchedFolders/
+clientWebUI/
+!cucumber/
+!cucumber/exampleFiles/
+!cucumber/exampleFiles/example_html.zip
+exampleYmlFiles/stirling/
+/testing/file_snapshots
+SwaggerDoc.json
+
+# Gradle
+.gradle
+.lock
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# PyDev specific (Python IDE for Eclipse)
+*.pydevproject
+
+# CDT-specific (C/C++ Development Tooling)
+.cproject
+
+# CDT- autotools
+.autotools
+
+# Java annotation processor (APT)
+.factorypath
+
+# PDT-specific (PHP Development Tools)
+.buildpath
+
+# sbteclipse plugin
+.target
+
+# Tern plugin
+.tern-project
+
+# TeXlipse plugin
+.texlipse
+
+# STS (Spring Tool Suite)
+.springBeans
+
+# Code Recommenders
+.recommenders/
+
+# Annotation Processing
+.apt_generated/
+.apt_generated_test/
+
+# Scala IDE specific (Scala & Java development for Eclipse)
+.cache-main
+.scala_dependencies
+.worksheet
+
+# Uncomment this line if you wish to ignore the project description file.
+# Typically, this file would be tracked if it contains build/dependency configurations:
+#.project
+
+### Eclipse Patch ###
+# Spring Boot Tooling
+.sts4-cache/
+
+### Git ###
+# Created by git for backups. To disable backups in Git:
+# $ git config --global mergetool.keepBackup false
+*.orig
+
+# Created by git when using merge tools for conflicts
+*.BACKUP.*
+*.BASE.*
+*.LOCAL.*
+*.REMOTE.*
+*_BACKUP_*.txt
+*_BASE_*.txt
+*_LOCAL_*.txt
+*_REMOTE_*.txt
+
+### Java ###
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+*.db
+/build
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*.pyo
+
+# Virtual environments
+.env*
+.venv*
+env*/
+venv*/
+ENV/
+env.bak/
+venv.bak/
+
+# VS Code
+/.vscode/**/*
+!/.vscode/settings.json
+!/.vscode/extensions.json
+
+# IntelliJ IDEA
+.idea/
+*.iml
+out/
+
+# Ignore Mac DS_Store files
+.DS_Store
+**/.DS_Store
+
+# cucumber
+/cucumber/reports/**
+
+# Certs and Security Files
+*.p12
+*.pk8
+*.pem
+*.crt
+*.cer
+*.cert
+*.der
+*.key
+*.csr
+*.kdbx
+*.jks
+*.asc
+
+# SSH Keys
+*.pub
+*.priv
+id_rsa
+id_rsa.pub
+id_ecdsa
+id_ecdsa.pub
+id_ed25519
+id_ed25519.pub
+.ssh/
+*ssh
+
+# cache
+.cache
+.ruff_cache
+.mypy_cache
+.pytest_cache
+.ipynb_checkpoints
+
+**/jcef-bundle/
+
+# node_modules
+node_modules/
+*.mjs

proprietary/LICENSE-proprietary

@@ -0,0 +1,51 @@
+Stirling PDF User License
+
+Copyright (c) 2025 Stirling PDF Inc.
+
+License Scope & Usage Rights
+
+Production use of the Stirling PDF Software is only permitted with a valid Stirling PDF User License.
+
+For purposes of this license, “the Software” refers to the Stirling PDF application and any associated documentation files
+provided by Stirling PDF Inc. You or your organization may not use the Software in production, at scale, or for business-critical
+processes unless you have agreed to, and remain in compliance with, the Stirling PDF Subscription Terms of Service
+(https://www.stirlingpdf.com/terms) or another valid agreement with Stirling PDF, and hold an active User License subscription
+covering the appropriate number of licensed users.
+
+Trial and Minimal Use
+
+You may use the Software without a paid subscription for the sole purposes of internal trial, evaluation, or minimal use, provided that:
+* Use is limited to the capabilities and restrictions defined by the Software itself;
+* You do not copy, distribute, sublicense, reverse-engineer, or use the Software in client-facing or commercial contexts.
+
+Continued use beyond this scope requires a valid Stirling PDF User License.
+
+Modifications and Derivative Works
+
+You may modify the Software only for development or internal testing purposes. Any such modifications or derivative works:
+
+* May not be deployed in production environments without a valid User License;
+* May not be distributed or sublicensed;
+* Remain the intellectual property of Stirling PDF and/or its licensors;
+* May only be used, copied, or exploited in accordance with the terms of a valid Stirling PDF User License subscription.
+
+Prohibited Actions
+
+Unless explicitly permitted by a paid license or separate agreement, you may not:
+
+* Use the Software in production environments;
+* Copy, merge, distribute, sublicense, or sell the Software;
+* Remove or alter any licensing or copyright notices;
+* Circumvent access restrictions or licensing requirements.
+
+Third-Party Components
+
+The Stirling PDF Software may include components subject to separate open source licenses. Such components remain governed by
+their original license terms as provided by their respective owners.
+
+Disclaimer
+
+THE SOFTWARE IS PROVIDED “AS IS,” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT, OR OTHERWISE, ARISING FROM, OUT OF, OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

proprietary/build.gradle

@@ -0,0 +1,46 @@
+repositories {
+    maven { url = "https://build.shibboleth.net/maven/releases" }
+}
+
+dependencies {
+    implementation project(':common')
+
+    api 'org.springframework:spring-jdbc'
+    api 'org.springframework:spring-webmvc'
+    api 'org.springframework.session:spring-session-core'
+    api "org.springframework.security:spring-security-core:$springSecuritySamlVersion"
+    api "org.springframework.security:spring-security-saml2-service-provider:$springSecuritySamlVersion"
+    api 'org.springframework.boot:spring-boot-starter-jetty'
+    api 'org.springframework.boot:spring-boot-starter-security'
+    api 'org.springframework.boot:spring-boot-starter-data-jpa'
+    api 'org.springframework.boot:spring-boot-starter-oauth2-client'
+    api 'org.springframework.boot:spring-boot-starter-mail'
+    api 'io.swagger.core.v3:swagger-core-jakarta:2.2.30'
+    implementation 'com.bucket4j:bucket4j_jdk17-core:8.14.0'
+
+    // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17
+    implementation 'org.bouncycastle:bcprov-jdk18on:1.80'
+
+    implementation 'io.github.pixee:java-security-toolkit:1.2.1'
+    implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE'
+    api 'io.micrometer:micrometer-registry-prometheus'
+    implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
+    runtimeOnly 'com.h2database:h2:2.3.232' // Don't upgrade h2database
+    runtimeOnly 'org.postgresql:postgresql:42.7.5'
+    constraints {
+        implementation "org.opensaml:opensaml-core:$openSamlVersion"
+        implementation "org.opensaml:opensaml-saml-api:$openSamlVersion"
+        implementation "org.opensaml:opensaml-saml-impl:$openSamlVersion"
+    }
+    implementation 'com.coveo:saml-client:5.0.0'
+
+    compileOnly "org.projectlombok:lombok:$lombokVersion"
+    annotationProcessor "org.projectlombok:lombok:$lombokVersion"
+
+    testImplementation platform('org.junit:junit-bom:5.10.0')
+    testImplementation 'org.junit.jupiter:junit-jupiter'
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    testRuntimeOnly 'org.mockito:mockito-inline:5.2.0'
+}
+
+tasks.register('prepareKotlinBuildScriptModel') {}

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationFailureHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security;
 
 import java.io.IOException;
 import java.util.Optional;
@@ -17,7 +17,9 @@ import jakarta.servlet.http.HttpServletResponse;
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.model.User;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.service.LoginAttemptService;
+import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
 public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationSuccessHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security;
 
 import java.io.IOException;
 
@@ -14,6 +14,8 @@ import jakarta.servlet.http.HttpSession;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.util.RequestUriUtils;
+import stirling.software.proprietary.security.service.LoginAttemptService;
+import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
 public class CustomAuthenticationSuccessHandler

proprietary/src/main/java/stirling/software/proprietary/security/CustomLogoutSuccessHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security;
 
 import java.io.IOException;
 import java.security.cert.X509Certificate;
@@ -22,14 +22,14 @@ import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.SPDFApplication;
-import stirling.software.SPDF.config.security.saml2.CertificateUtils;
-import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
 import stirling.software.common.model.oauth2.KeycloakProvider;
 import stirling.software.common.util.UrlUtils;
+import stirling.software.proprietary.security.saml2.CertificateUtils;
+import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
 
 @Slf4j
 @RequiredArgsConstructor
@@ -39,6 +39,8 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
 
     private final ApplicationProperties applicationProperties;
 
+    private final AppConfig appConfig;
+
     @Override
     public void onLogoutSuccess(
             HttpServletRequest request, HttpServletResponse response, Authentication authentication)
@@ -102,7 +104,7 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
             // Set service provider keys for the SamlClient
             samlClient.setSPKeys(certificate, privateKey);
 
-            // Redirect to identity provider for logout
+            // Redirect to identity provider for logout. todo: add relay state
             samlClient.redirectToIdentityProvider(response, null, nameIdValue);
         } catch (Exception e) {
             log.error(
@@ -172,11 +174,10 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
         }
     }
 
-    private static SamlClient getSamlClient(
+    private SamlClient getSamlClient(
             String registrationId, SAML2 samlConf, List<X509Certificate> certificates)
             throws SamlException {
-        String serverUrl =
-                SPDFApplication.getStaticBaseUrl() + ":" + SPDFApplication.getStaticPort();
+        String serverUrl = appConfig.getBaseUrl() + ":" + appConfig.getServerPort();
 
         String relyingPartyIdentifier =
                 serverUrl + "/saml2/service-provider-metadata/" + registrationId;

proprietary/src/main/java/stirling/software/proprietary/security/InitialSecuritySetup.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security;
 
 import java.sql.SQLException;
 import java.util.UUID;
@@ -10,10 +10,11 @@ import jakarta.annotation.PostConstruct;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.interfaces.DatabaseInterface;
-import stirling.software.SPDF.model.Role;
 import stirling.software.common.model.ApplicationProperties;
+import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.exception.UnsupportedProviderException;
+import stirling.software.proprietary.security.service.DatabaseServiceInterface;
+import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
 @Component
@@ -24,7 +25,7 @@ public class InitialSecuritySetup {
 
     private final ApplicationProperties applicationProperties;
 
-    private final DatabaseInterface databaseService;
+    private final DatabaseServiceInterface databaseService;
 
     @PostConstruct
     public void init() {

proprietary/src/main/java/stirling/software/proprietary/security/RateLimitResetScheduler.java

@@ -1,10 +1,12 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security;
 
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
 
 import lombok.RequiredArgsConstructor;
 
+import stirling.software.proprietary.security.filter.IPRateLimitingFilter;
+
 @Component
 @RequiredArgsConstructor
 public class RateLimitResetScheduler {

proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java

@@ -1,11 +1,15 @@
-package stirling.software.SPDF.config.security.database;
+package stirling.software.proprietary.security.configuration;
 
 import javax.sql.DataSource;
 
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty;
+import org.springframework.boot.autoconfigure.domain.EntityScan;
 import org.springframework.boot.jdbc.DataSourceBuilder;
+import org.springframework.boot.jdbc.DatabaseDriver;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
 
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
@@ -17,14 +21,14 @@ import stirling.software.common.model.exception.UnsupportedProviderException;
 @Slf4j
 @Getter
 @Configuration
+@EnableJpaRepositories(basePackages = "stirling.software.proprietary.security.database.repository")
+@EntityScan({"stirling.software.proprietary.security.model"})
 public class DatabaseConfig {
 
     public final String DATASOURCE_DEFAULT_URL;
 
     public static final String DATASOURCE_URL_TEMPLATE = "jdbc:%s://%s:%4d/%s";
-    public static final String DEFAULT_DRIVER = "org.h2.Driver";
     public static final String DEFAULT_USERNAME = "sa";
-    public static final String POSTGRES_DRIVER = "org.postgresql.Driver";
 
     private final ApplicationProperties.Datasource datasource;
     private final boolean runningProOrHigher;
@@ -54,19 +58,32 @@ public class DatabaseConfig {
     public DataSource dataSource() throws UnsupportedProviderException {
         DataSourceBuilder<?> dataSourceBuilder = DataSourceBuilder.create();
 
-        if (!runningProOrHigher) {
+        if (!runningProOrHigher || !datasource.isEnableCustomDatabase()) {
             return useDefaultDataSource(dataSourceBuilder);
         }
 
-        if (!datasource.isEnableCustomDatabase()) {
-            return useDefaultDataSource(dataSourceBuilder);
-        }
+        return useCustomDataSource(dataSourceBuilder);
+    }
 
+    private DataSource useDefaultDataSource(DataSourceBuilder<?> dataSourceBuilder) {
+        log.info("Using default H2 database");
+
+        dataSourceBuilder
+                .url(DATASOURCE_DEFAULT_URL)
+                .driverClassName(DatabaseDriver.H2.getDriverClassName())
+                .username(DEFAULT_USERNAME);
+
+        return dataSourceBuilder.build();
+    }
+
+    @ConditionalOnBooleanProperty(name = "premium.enabled")
+    private DataSource useCustomDataSource(DataSourceBuilder<?> dataSourceBuilder)
+            throws UnsupportedProviderException {
         log.info("Using custom database configuration");
 
         if (!datasource.getCustomDatabaseUrl().isBlank()) {
             if (datasource.getCustomDatabaseUrl().contains("postgresql")) {
-                dataSourceBuilder.driverClassName(POSTGRES_DRIVER);
+                dataSourceBuilder.driverClassName(DatabaseDriver.POSTGRESQL.getDriverClassName());
             }
 
             dataSourceBuilder.url(datasource.getCustomDatabaseUrl());
@@ -85,15 +102,6 @@ public class DatabaseConfig {
         return dataSourceBuilder.build();
     }
 
-    private DataSource useDefaultDataSource(DataSourceBuilder<?> dataSourceBuilder) {
-        log.info("Using default H2 database");
-
-        dataSourceBuilder.url(DATASOURCE_DEFAULT_URL);
-        dataSourceBuilder.username(DEFAULT_USERNAME);
-
-        return dataSourceBuilder.build();
-    }
-
     /**
      * Generate the URL the <code>DataSource</code> will use to connect to the database
      *
@@ -123,11 +131,11 @@ public class DatabaseConfig {
             switch (driver) {
                 case H2 -> {
                     log.debug("H2 driver selected");
-                    return DEFAULT_DRIVER;
+                    return DatabaseDriver.H2.getDriverClassName();
                 }
                 case POSTGRESQL -> {
                     log.debug("Postgres driver selected");
-                    return POSTGRES_DRIVER;
+                    return DatabaseDriver.POSTGRESQL.getDriverClassName();
                 }
                 default -> {
                     log.warn("{} driver selected", driverName);

proprietary/src/main/java/stirling/software/proprietary/security/configuration/MailConfig.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.mail;
+package stirling.software.proprietary.security.configuration;
 
 import java.util.Properties;
 

proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security.configuration;
 
 import java.util.Optional;
 
@@ -30,22 +30,32 @@ import org.springframework.security.web.servlet.util.matcher.PathPatternRequestM
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.oauth2.CustomOAuth2AuthenticationFailureHandler;
-import stirling.software.SPDF.config.security.oauth2.CustomOAuth2AuthenticationSuccessHandler;
-import stirling.software.SPDF.config.security.oauth2.CustomOAuth2UserService;
-import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticationFailureHandler;
-import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticationSuccessHandler;
-import stirling.software.SPDF.config.security.saml2.CustomSaml2ResponseAuthenticationConverter;
-import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
-import stirling.software.SPDF.model.User;
-import stirling.software.SPDF.repository.JPATokenRepositoryImpl;
-import stirling.software.SPDF.repository.PersistentLoginRepository;
+import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
+import stirling.software.proprietary.security.CustomAuthenticationFailureHandler;
+import stirling.software.proprietary.security.CustomAuthenticationSuccessHandler;
+import stirling.software.proprietary.security.CustomLogoutSuccessHandler;
+import stirling.software.proprietary.security.database.repository.JPATokenRepositoryImpl;
+import stirling.software.proprietary.security.database.repository.PersistentLoginRepository;
+import stirling.software.proprietary.security.filter.FirstLoginFilter;
+import stirling.software.proprietary.security.filter.IPRateLimitingFilter;
+import stirling.software.proprietary.security.filter.UserAuthenticationFilter;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.oauth2.CustomOAuth2AuthenticationFailureHandler;
+import stirling.software.proprietary.security.oauth2.CustomOAuth2AuthenticationSuccessHandler;
+import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticationFailureHandler;
+import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticationSuccessHandler;
+import stirling.software.proprietary.security.saml2.CustomSaml2ResponseAuthenticationConverter;
+import stirling.software.proprietary.security.service.CustomOAuth2UserService;
+import stirling.software.proprietary.security.service.CustomUserDetailsService;
+import stirling.software.proprietary.security.service.LoginAttemptService;
+import stirling.software.proprietary.security.service.UserService;
+import stirling.software.proprietary.security.session.SessionPersistentRegistry;
 
+@Slf4j
 @Configuration
 @EnableWebSecurity
 @EnableMethodSecurity
-@Slf4j
 @DependsOn("runningProOrHigher")
 public class SecurityConfiguration {
 
@@ -55,6 +65,7 @@ public class SecurityConfiguration {
     private final boolean runningProOrHigher;
 
     private final ApplicationProperties applicationProperties;
+    private final AppConfig appConfig;
     private final UserAuthenticationFilter userAuthenticationFilter;
     private final LoginAttemptService loginAttemptService;
     private final FirstLoginFilter firstLoginFilter;
@@ -70,6 +81,7 @@ public class SecurityConfiguration {
             @Lazy UserService userService,
             @Qualifier("loginEnabled") boolean loginEnabledValue,
             @Qualifier("runningProOrHigher") boolean runningProOrHigher,
+            AppConfig appConfig,
             ApplicationProperties applicationProperties,
             UserAuthenticationFilter userAuthenticationFilter,
             LoginAttemptService loginAttemptService,
@@ -84,6 +96,7 @@ public class SecurityConfiguration {
         this.userService = userService;
         this.loginEnabledValue = loginEnabledValue;
         this.runningProOrHigher = runningProOrHigher;
+        this.appConfig = appConfig;
         this.applicationProperties = applicationProperties;
         this.userAuthenticationFilter = userAuthenticationFilter;
         this.loginAttemptService = loginAttemptService;
@@ -161,7 +174,8 @@ public class SecurityConfiguration {
                                             PathPatternRequestMatcher.withDefaults()
                                                     .matcher("/logout"))
                                     .logoutSuccessHandler(
-                                            new CustomLogoutSuccessHandler(applicationProperties))
+                                            new CustomLogoutSuccessHandler(
+                                                    applicationProperties, appConfig))
                                     .clearAuthentication(true)
                                     .invalidateHttpSession(true)
                                     .deleteCookies("JSESSIONID", "remember-me"));
@@ -229,13 +243,12 @@ public class SecurityConfiguration {
                 http.oauth2Login(
                         oauth2 ->
                                 oauth2.loginPage("/oauth2")
-                                        .
                                         /*
                                         This Custom handler is used to check if the OAUTH2 user trying to log in, already exists in the database.
                                         If user exists, login proceeds as usual. If user does not exist, then it is auto-created but only if 'OAUTH2AutoCreateUser'
                                         is set as true, else login fails with an error message advising the same.
                                          */
-                                        successHandler(
+                                        .successHandler(
                                                 new CustomOAuth2AuthenticationSuccessHandler(
                                                         loginAttemptService,
                                                         applicationProperties,
@@ -287,15 +300,14 @@ public class SecurityConfiguration {
                                 });
             }
         } else {
-            log.debug("SAML 2 login is not enabled. Using default.");
+            log.debug("Login is not enabled.");
             http.authorizeHttpRequests(authz -> authz.anyRequest().permitAll());
         }
         return http.build();
     }
 
     public DaoAuthenticationProvider daoAuthenticationProvider() {
-        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
-        provider.setUserDetailsService(userDetailsService);
+        DaoAuthenticationProvider provider = new DaoAuthenticationProvider(userDetailsService);
         provider.setPasswordEncoder(passwordEncoder());
         return provider;
     }
@@ -311,9 +323,4 @@ public class SecurityConfiguration {
     public PersistentTokenRepository persistentTokenRepository() {
         return new JPATokenRepositoryImpl(persistentLoginRepository);
     }
-
-    @Bean
-    public boolean activeSecurity() {
-        return true;
-    }
 }

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/DatabaseController.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.controller.api;
+package stirling.software.proprietary.security.controller.api;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -27,7 +27,8 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.database.DatabaseService;
+import stirling.software.proprietary.security.database.H2SQLCondition;
+import stirling.software.proprietary.security.service.DatabaseService;
 
 @Slf4j
 @Controller

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/EmailController.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.controller.api;
+package stirling.software.proprietary.security.controller.api;
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.http.HttpStatus;
@@ -18,8 +18,8 @@ import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.mail.EmailService;
-import stirling.software.SPDF.model.api.Email;
+import stirling.software.proprietary.security.model.api.Email;
+import stirling.software.proprietary.security.service.EmailService;
 
 /**
  * Controller for handling email-related API requests. This controller exposes an endpoint for

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.controller.api;
+package stirling.software.proprietary.security.controller.api;
 
 import java.io.IOException;
 import java.security.Principal;
@@ -29,15 +29,15 @@ import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.UserService;
-import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticatedPrincipal;
-import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
-import stirling.software.SPDF.model.AuthenticationType;
-import stirling.software.SPDF.model.Role;
-import stirling.software.SPDF.model.User;
-import stirling.software.SPDF.model.api.user.UsernameAndPass;
 import stirling.software.common.model.ApplicationProperties;
+import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.exception.UnsupportedProviderException;
+import stirling.software.proprietary.security.model.AuthenticationType;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.model.api.user.UsernameAndPass;
+import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.proprietary.security.service.UserService;
+import stirling.software.proprietary.security.session.SessionPersistentRegistry;
 
 @Controller
 @Tag(name = "User", description = "User APIs")

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/AccountWebController.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.controller.web;
+package stirling.software.proprietary.security.controller.web;
 
 import static stirling.software.common.util.ProviderUtils.validateProvider;
 
@@ -29,21 +29,21 @@ import jakarta.servlet.http.HttpServletRequest;
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticatedPrincipal;
-import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
-import stirling.software.SPDF.model.Authority;
-import stirling.software.SPDF.model.Role;
-import stirling.software.SPDF.model.SessionEntity;
-import stirling.software.SPDF.model.User;
-import stirling.software.SPDF.repository.UserRepository;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2.Client;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
+import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.oauth2.GitHubProvider;
 import stirling.software.common.model.oauth2.GoogleProvider;
 import stirling.software.common.model.oauth2.KeycloakProvider;
+import stirling.software.proprietary.security.database.repository.UserRepository;
+import stirling.software.proprietary.security.model.Authority;
+import stirling.software.proprietary.security.model.SessionEntity;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.proprietary.security.session.SessionPersistentRegistry;
 
 @Controller
 @Slf4j

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.controller.web;
+package stirling.software.proprietary.security.controller.web;
 
 import java.util.List;
 
@@ -14,8 +14,8 @@ import jakarta.servlet.http.HttpServletRequest;
 
 import lombok.RequiredArgsConstructor;
 
-import stirling.software.SPDF.config.security.database.DatabaseService;
 import stirling.software.common.model.FileInfo;
+import stirling.software.proprietary.security.service.DatabaseService;
 
 @Controller
 @Tag(name = "Database Management", description = "Database management and security APIs")

proprietary/src/main/java/stirling/software/proprietary/security/database/H2SQLCondition.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.controller.api;
+package stirling.software.proprietary.security.database;
 
 import org.springframework.context.annotation.Condition;
 import org.springframework.context.annotation.ConditionContext;
@@ -12,8 +12,12 @@ public class H2SQLCondition implements Condition {
                 Boolean.parseBoolean(
                         context.getEnvironment()
                                 .getProperty("system.datasource.enableCustomDatabase"));
+
+        if (!enableCustomDatabase) {
+            return false;
+        }
+
         String dataSourceType = context.getEnvironment().getProperty("system.datasource.type");
-        return !enableCustomDatabase
-                || (enableCustomDatabase && "h2".equalsIgnoreCase(dataSourceType));
+        return "h2".equalsIgnoreCase(dataSourceType);
     }
 }

proprietary/src/main/java/stirling/software/proprietary/security/database/ScheduledTasks.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.database;
+package stirling.software.proprietary.security.database;
 
 import java.sql.SQLException;
 
@@ -8,16 +8,15 @@ import org.springframework.stereotype.Component;
 
 import lombok.RequiredArgsConstructor;
 
-import stirling.software.SPDF.config.interfaces.DatabaseInterface;
-import stirling.software.SPDF.controller.api.H2SQLCondition;
 import stirling.software.common.model.exception.UnsupportedProviderException;
+import stirling.software.proprietary.security.service.DatabaseServiceInterface;
 
 @Component
 @Conditional(H2SQLCondition.class)
 @RequiredArgsConstructor
 public class ScheduledTasks {
 
-    private final DatabaseInterface databaseService;
+    private final DatabaseServiceInterface databaseService;
 
     @Scheduled(cron = "0 0 0 * * ?")
     public void performBackup() throws SQLException, UnsupportedProviderException {

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/AuthorityRepository.java

@@ -1,11 +1,11 @@
-package stirling.software.SPDF.repository;
+package stirling.software.proprietary.security.database.repository;
 
 import java.util.Set;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
-import stirling.software.SPDF.model.Authority;
+import stirling.software.proprietary.security.model.Authority;
 
 @Repository
 public interface AuthorityRepository extends JpaRepository<Authority, Long> {

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/JPATokenRepositoryImpl.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.repository;
+package stirling.software.proprietary.security.database.repository;
 
 import java.util.Date;
 
@@ -6,7 +6,7 @@ import org.springframework.security.web.authentication.rememberme.PersistentReme
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 import org.springframework.transaction.annotation.Transactional;
 
-import stirling.software.SPDF.model.PersistentLogin;
+import stirling.software.proprietary.security.model.PersistentLogin;
 
 public class JPATokenRepositoryImpl implements PersistentTokenRepository {
 

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/PersistentLoginRepository.java

@@ -1,9 +1,9 @@
-package stirling.software.SPDF.repository;
+package stirling.software.proprietary.security.database.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
-import stirling.software.SPDF.model.PersistentLogin;
+import stirling.software.proprietary.security.model.PersistentLogin;
 
 @Repository
 public interface PersistentLoginRepository extends JpaRepository<PersistentLogin, String> {

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/SessionRepository.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.session;
+package stirling.software.proprietary.security.database.repository;
 
 import java.util.Date;
 import java.util.List;
@@ -11,7 +11,7 @@ import org.springframework.stereotype.Repository;
 
 import jakarta.transaction.Transactional;
 
-import stirling.software.SPDF.model.SessionEntity;
+import stirling.software.proprietary.security.model.SessionEntity;
 
 @Repository
 public interface SessionRepository extends JpaRepository<SessionEntity, String> {

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/UserRepository.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.repository;
+package stirling.software.proprietary.security.database.repository;
 
 import java.util.List;
 import java.util.Optional;
@@ -8,7 +8,7 @@ import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 
-import stirling.software.SPDF.model.User;
+import stirling.software.proprietary.security.model.User;
 
 @Repository
 public interface UserRepository extends JpaRepository<User, Long> {

proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config;
+package stirling.software.proprietary.security.filter;
 
 import java.io.IOException;
 

proprietary/src/main/java/stirling/software/proprietary/security/filter/FirstLoginFilter.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security.filter;
 
 import java.io.IOException;
 import java.text.SimpleDateFormat;
@@ -19,8 +19,9 @@ import jakarta.servlet.http.HttpSession;
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.model.User;
 import stirling.software.common.util.RequestUriUtils;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/filter/IPRateLimitingFilter.java

@@ -1,10 +1,14 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security.filter;
 
 import java.io.IOException;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.atomic.AtomicInteger;
 
-import jakarta.servlet.*;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
 import jakarta.servlet.http.HttpServletRequest;
 
 import lombok.RequiredArgsConstructor;

proprietary/src/main/java/stirling/software/proprietary/security/filter/UserAuthenticationFilter.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security.filter;
 
 import java.io.IOException;
 import java.util.List;
@@ -24,13 +24,14 @@ import jakarta.servlet.http.HttpServletResponse;
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticatedPrincipal;
-import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
-import stirling.software.SPDF.model.ApiKeyAuthenticationToken;
-import stirling.software.SPDF.model.User;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
+import stirling.software.proprietary.security.model.ApiKeyAuthenticationToken;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.saml2.CustomSaml2AuthenticatedPrincipal;
+import stirling.software.proprietary.security.service.UserService;
+import stirling.software.proprietary.security.session.SessionPersistentRegistry;
 
 @Slf4j
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/filter/UserBasedRateLimitingFilter.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security.filter;
 
 import java.io.IOException;
 import java.time.Duration;
@@ -24,7 +24,7 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
-import stirling.software.SPDF.model.Role;
+import stirling.software.common.model.enumeration.Role;
 
 @Component
 public class UserBasedRateLimitingFilter extends OncePerRequestFilter {

proprietary/src/main/java/stirling/software/proprietary/security/model/ApiKeyAuthenticationToken.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model;
+package stirling.software.proprietary.security.model;
 
 import java.util.Collection;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/AttemptCounter.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model;
+package stirling.software.proprietary.security.model;
 
 public class AttemptCounter {
     private int attemptCount;

proprietary/src/main/java/stirling/software/proprietary/security/model/AuthenticationType.java

@@ -0,0 +1,6 @@
+package stirling.software.proprietary.security.model;
+
+public enum AuthenticationType {
+    WEB,
+    SSO
+}

proprietary/src/main/java/stirling/software/proprietary/security/model/Authority.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model;
+package stirling.software.proprietary.security.model;
 
 import java.io.Serializable;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/PersistentLogin.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model;
+package stirling.software.proprietary.security.model;
 
 import java.util.Date;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/SessionEntity.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model;
+package stirling.software.proprietary.security.model;
 
 import java.io.Serializable;
 import java.util.Date;

proprietary/src/main/java/stirling/software/proprietary/security/model/User.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model;
+package stirling.software.proprietary.security.model;
 
 import java.io.Serializable;
 import java.util.HashMap;
@@ -15,6 +15,8 @@ import lombok.NoArgsConstructor;
 import lombok.Setter;
 import lombok.ToString;
 
+import stirling.software.common.model.enumeration.Role;
+
 @Entity
 @Table(name = "users")
 @NoArgsConstructor

proprietary/src/main/java/stirling/software/proprietary/security/model/api/Email.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api;
+package stirling.software.proprietary.security.model.api;
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 
@@ -8,6 +8,8 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
 
+import stirling.software.common.model.api.GeneralFile;
+
 @Data
 @NoArgsConstructor
 @EqualsAndHashCode(callSuper = true)

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/UpdateUserDetails.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/UpdateUserUsername.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/Username.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/api/user/UsernameAndPass.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.api.user;
+package stirling.software.proprietary.security.model.api.user;
 
 import io.swagger.v3.oas.annotations.media.Schema;
 

proprietary/src/main/java/stirling/software/proprietary/security/model/exception/BackupNotFoundException.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.exception;
+package stirling.software.proprietary.security.model.exception;
 
 public class BackupNotFoundException extends RuntimeException {
     public BackupNotFoundException(String message) {

proprietary/src/main/java/stirling/software/proprietary/security/model/exception/NoProviderFoundException.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.model.exception;
+package stirling.software.proprietary.security.model.exception;
 
 public class NoProviderFoundException extends Exception {
     public NoProviderFoundException(String message) {

proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.oauth2;
+package stirling.software.proprietary.security.oauth2;
 
 import java.io.IOException;
 

proprietary/src/main/java/stirling/software/proprietary/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.oauth2;
+package stirling.software.proprietary.security.oauth2;
 
 import java.io.IOException;
 import java.sql.SQLException;
@@ -17,13 +17,13 @@ import jakarta.servlet.http.HttpSession;
 
 import lombok.RequiredArgsConstructor;
 
-import stirling.software.SPDF.config.security.LoginAttemptService;
-import stirling.software.SPDF.config.security.UserService;
-import stirling.software.SPDF.model.AuthenticationType;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.exception.UnsupportedProviderException;
 import stirling.software.common.util.RequestUriUtils;
+import stirling.software.proprietary.security.model.AuthenticationType;
+import stirling.software.proprietary.security.service.LoginAttemptService;
+import stirling.software.proprietary.security.service.UserService;
 
 @RequiredArgsConstructor
 public class CustomOAuth2AuthenticationSuccessHandler

proprietary/src/main/java/stirling/software/proprietary/security/oauth2/OAuth2Configuration.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.oauth2;
+package stirling.software.proprietary.security.oauth2;
 
 import static org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE;
 import static stirling.software.common.util.ProviderUtils.validateProvider;
@@ -10,6 +10,7 @@ import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 
+import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -25,9 +26,6 @@ import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.UserService;
-import stirling.software.SPDF.model.User;
-import stirling.software.SPDF.model.exception.NoProviderFoundException;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2.Client;
@@ -36,10 +34,13 @@ import stirling.software.common.model.oauth2.GitHubProvider;
 import stirling.software.common.model.oauth2.GoogleProvider;
 import stirling.software.common.model.oauth2.KeycloakProvider;
 import stirling.software.common.model.oauth2.Provider;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.model.exception.NoProviderFoundException;
+import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
 @Configuration
-@ConditionalOnProperty(value = "security.oauth2.enabled", havingValue = "true")
+@ConditionalOnBooleanProperty("security.oauth2.enabled")
 public class OAuth2Configuration {
 
     public static final String REDIRECT_URI_PATH = "{baseUrl}/login/oauth2/code/";
@@ -54,7 +55,6 @@ public class OAuth2Configuration {
     }
 
     @Bean
-    @ConditionalOnProperty(value = "security.oauth2.enabled", havingValue = "true")
     public ClientRegistrationRepository clientRegistrationRepository()
             throws NoProviderFoundException {
         List<ClientRegistration> registrations = new ArrayList<>();

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CertificateUtils.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.saml2;
+package stirling.software.proprietary.security.saml2;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStreamReader;

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticatedPrincipal.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.saml2;
+package stirling.software.proprietary.security.saml2;
 
 import java.io.Serializable;
 import java.util.List;

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationFailureHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.saml2;
+package stirling.software.proprietary.security.saml2;
 
 import java.io.IOException;
 

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2AuthenticationSuccessHandler.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.saml2;
+package stirling.software.proprietary.security.saml2;
 
 import java.io.IOException;
 import java.sql.SQLException;
@@ -16,13 +16,13 @@ import jakarta.servlet.http.HttpSession;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.LoginAttemptService;
-import stirling.software.SPDF.config.security.UserService;
-import stirling.software.SPDF.model.AuthenticationType;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.SAML2;
 import stirling.software.common.model.exception.UnsupportedProviderException;
 import stirling.software.common.util.RequestUriUtils;
+import stirling.software.proprietary.security.model.AuthenticationType;
+import stirling.software.proprietary.security.service.LoginAttemptService;
+import stirling.software.proprietary.security.service.UserService;
 
 @AllArgsConstructor
 @Slf4j

proprietary/src/main/java/stirling/software/proprietary/security/saml2/CustomSaml2ResponseAuthenticationConverter.java

@@ -1,6 +1,10 @@
-package stirling.software.SPDF.config.security.saml2;
+package stirling.software.proprietary.security.saml2;
 
-import java.util.*;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
 
 import org.opensaml.core.xml.XMLObject;
 import org.opensaml.saml.saml2.core.Assertion;
@@ -16,8 +20,8 @@ import org.springframework.security.saml2.provider.service.authentication.Saml2A
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.UserService;
-import stirling.software.SPDF.model.User;
+import stirling.software.proprietary.security.model.User;
+import stirling.software.proprietary.security.service.UserService;
 
 @Slf4j
 @ConditionalOnProperty(name = "security.saml2.enabled", havingValue = "true")

proprietary/src/main/java/stirling/software/proprietary/security/saml2/SAML2Configuration.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.saml2;
+package stirling.software.proprietary.security.saml2;
 
 import java.security.cert.X509Certificate;
 import java.util.Collections;

proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security;
+package stirling.software.proprietary.security.service;
 
 import java.util.Optional;
 
@@ -8,10 +8,10 @@ import org.springframework.stereotype.Service;
 
 import lombok.RequiredArgsConstructor;
 
-import stirling.software.SPDF.config.interfaces.ShowAdminInterface;
-import stirling.software.SPDF.model.User;
-import stirling.software.SPDF.repository.UserRepository;
+import stirling.software.common.configuration.interfaces.ShowAdminInterface;
 import stirling.software.common.model.ApplicationProperties;
+import stirling.software.proprietary.security.database.repository.UserRepository;
+import stirling.software.proprietary.security.model.User;
 
 @Service
 @RequiredArgsConstructor

proprietary/src/main/java/stirling/software/proprietary/security/service/CustomOAuth2UserService.java

@@ -1,4 +1,4 @@
-package stirling.software.SPDF.config.security.oauth2;
+package stirling.software.proprietary.security.service;
 
 import java.util.Optional;
 
@@ -13,12 +13,10 @@ import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
 import lombok.extern.slf4j.Slf4j;
 
-import stirling.software.SPDF.config.security.LoginAttemptService;
-import stirling.software.SPDF.config.security.UserService;
-import stirling.software.SPDF.model.User;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.common.model.enumeration.UsernameAttribute;
+import stirling.software.proprietary.security.model.User;
 
 @Slf4j
 public class CustomOAuth2UserService implements OAuth2UserService<OidcUserRequest, OidcUser> {