Admin panel - Enhanced User Management & Fix: #1630 (#1658)

* Prevents SSO login due to faulty verification * add translation & fix show error message * Update settings.yml.template --------- Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2024-08-16 12:57:37 +02:00 · 2024-08-16 12:57:37 +02:00 · 29fcbf30d7
commit 29fcbf30d7
parent 2cbe34ea24
61 changed files with 1318 additions and 221 deletions
--- a/README.md
+++ b/README.md
@ -266,6 +266,7 @@ security:
    clientId: '' # Client ID from your provider
    clientSecret: '' # Client Secret from your provider
    autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users
    blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
    useAsUsername: email # Default is 'email'; custom fields can be used as the username
    scopes: openid, profile, email # Specify the scopes for which the application will request permissions
    provider: google # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak'
--- a/build.gradle
+++ b/build.gradle
@ -45,6 +45,7 @@ sourceSets {
                exclude "stirling/software/SPDF/model/AttemptCounter.java"
                exclude "stirling/software/SPDF/model/Authority.java"
                exclude "stirling/software/SPDF/model/PersistentLogin.java"
                exclude "stirling/software/SPDF/model/SessionEntity.java"
                exclude "stirling/software/SPDF/model/User.java"
                exclude "stirling/software/SPDF/repository/**"
            }
--- a/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java
@ -3,9 +3,8 @@ package stirling.software.SPDF.config.security;
 import java.io.IOException;
 import java.util.Optional;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;
 import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.AuthenticationException;
@ -15,17 +14,16 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationFa
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.User;
@Slf4j
 public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
    private LoginAttemptService loginAttemptService;
    private UserService userService;
    private static final Logger logger =
            LoggerFactory.getLogger(CustomAuthenticationFailureHandler.class);
    public CustomAuthenticationFailureHandler(
            final LoginAttemptService loginAttemptService, UserService userService) {
        this.loginAttemptService = loginAttemptService;
@ -39,14 +37,17 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
            AuthenticationException exception)
            throws IOException, ServletException {
        if (exception instanceof DisabledException) {
            log.error("User is deactivated: ", exception);
            getRedirectStrategy().sendRedirect(request, response, "/logout?userIsDisabled=true");
            return;
        }
        String ip = request.getRemoteAddr();
-        logger.error("Failed login attempt from IP: {}", ip);
+        log.error("Failed login attempt from IP: {}", ip);
-        String contextPath = request.getContextPath();
+        if (exception instanceof LockedException) {
-
+            getRedirectStrategy().sendRedirect(request, response, "/login?error=locked");
        if (exception.getClass().isAssignableFrom(InternalAuthenticationServiceException.class)
                || "Password must not be null".equalsIgnoreCase(exception.getMessage())) {
            response.sendRedirect(contextPath + "/login?error=oauth2AuthenticationError");
            return;
        }
@ -54,20 +55,25 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
        Optional<User> optUser = userService.findByUsernameIgnoreCase(username);
        if (username != null && optUser.isPresent() && !isDemoUser(optUser)) {
-            logger.info(
+            log.info(
                    "Remaining attempts for user {}: {}",
-                    optUser.get().getUsername(),
+                    username,
                    loginAttemptService.getRemainingAttempts(username));
            loginAttemptService.loginFailed(username);
-            if (loginAttemptService.isBlocked(username)
+            if (loginAttemptService.isBlocked(username) || exception instanceof LockedException) {
-                    || exception.getClass().isAssignableFrom(LockedException.class)) {
+                getRedirectStrategy().sendRedirect(request, response, "/login?error=locked");
                response.sendRedirect(contextPath + "/login?error=locked");
                return;
            }
        }
-        if (exception.getClass().isAssignableFrom(BadCredentialsException.class)
+        if (exception instanceof BadCredentialsException
-                || exception.getClass().isAssignableFrom(UsernameNotFoundException.class)) {
+                || exception instanceof UsernameNotFoundException) {
-            response.sendRedirect(contextPath + "/login?error=badcredentials");
+            getRedirectStrategy().sendRedirect(request, response, "/login?error=badcredentials");
            return;
        }
        if (exception instanceof InternalAuthenticationServiceException
                || "Password must not be null".equalsIgnoreCase(exception.getMessage())) {
            getRedirectStrategy()
                    .sendRedirect(request, response, "/login?error=oauth2AuthenticationError");
            return;
        }
--- a/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationSuccessHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationSuccessHandler.java
@ -10,15 +10,20 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.utils.RequestUriUtils;
@Slf4j
 public class CustomAuthenticationSuccessHandler
        extends SavedRequestAwareAuthenticationSuccessHandler {
    private LoginAttemptService loginAttemptService;
    private UserService userService;
-    public CustomAuthenticationSuccessHandler(LoginAttemptService loginAttemptService) {
+    public CustomAuthenticationSuccessHandler(
            LoginAttemptService loginAttemptService, UserService userService) {
        this.loginAttemptService = loginAttemptService;
        this.userService = userService;
    }
    @Override
@ -27,6 +32,10 @@ public class CustomAuthenticationSuccessHandler
            throws ServletException, IOException {
        String userName = request.getParameter("username");
        if (userService.isUserDisabled(userName)) {
            getRedirectStrategy().sendRedirect(request, response, "/logout?userIsDisabled=true");
            return;
        }
        loginAttemptService.loginSucceeded(userName);
        // Get the saved request
--- a/src/main/java/stirling/software/SPDF/config/security/CustomLogoutSuccessHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/CustomLogoutSuccessHandler.java
@ -2,32 +2,26 @@ package stirling.software.SPDF.config.security;
 import java.io.IOException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
 public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
    @Autowired SessionRegistry sessionRegistry;
    @Override
    public void onLogoutSuccess(
            HttpServletRequest request, HttpServletResponse response, Authentication authentication)
            throws IOException, ServletException {
-        HttpSession session = request.getSession(false);
+
-        if (session != null) {
+        if (request.getParameter("userIsDisabled") != null) {
-            String sessionId = session.getId();
+            getRedirectStrategy()
-            sessionRegistry.removeSessionInformation(sessionId);
+                    .sendRedirect(request, response, "/login?erroroauth=userIsDisabled");
-            session.invalidate();
+            return;
            logger.debug("Session invalidated: " + sessionId);
        }
-        response.sendRedirect(request.getContextPath() + "/login?logout=true");
+        getRedirectStrategy().sendRedirect(request, response, "/login?logout=true");
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
@ -3,8 +3,6 @@ package stirling.software.SPDF.config.security;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.TimeUnit;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@ -17,8 +15,6 @@ public class LoginAttemptService {
    @Autowired ApplicationProperties applicationProperties;
    private static final Logger logger = LoggerFactory.getLogger(LoginAttemptService.class);
    private int MAX_ATTEMPT;
    private long ATTEMPT_INCREMENT_TIME;
    private ConcurrentHashMap<String, AttemptCounter> attemptsCache;
--- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
@ -18,8 +18,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.core.session.SessionRegistryImpl;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
@ -37,6 +35,7 @@ import stirling.software.SPDF.config.security.oauth2.CustomOAuth2AuthenticationF
 import stirling.software.SPDF.config.security.oauth2.CustomOAuth2AuthenticationSuccessHandler;
 import stirling.software.SPDF.config.security.oauth2.CustomOAuth2LogoutSuccessHandler;
 import stirling.software.SPDF.config.security.oauth2.CustomOAuth2UserService;
 import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2.Client;
@ -47,7 +46,7 @@ import stirling.software.SPDF.model.provider.KeycloakProvider;
 import stirling.software.SPDF.repository.JPATokenRepositoryImpl;
@Configuration
-@EnableWebSecurity()
+@EnableWebSecurity
@EnableMethodSecurity
 public class SecurityConfiguration {
@ -73,11 +72,7 @@ public class SecurityConfiguration {
    @Autowired private LoginAttemptService loginAttemptService;
    @Autowired private FirstLoginFilter firstLoginFilter;
-
+    @Autowired private SessionPersistentRegistry sessionRegistry;
    @Bean
    public SessionRegistry sessionRegistry() {
        return new SessionRegistryImpl();
    }
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
@ -94,7 +89,7 @@ public class SecurityConfiguration {
                                    .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                                    .maximumSessions(10)
                                    .maxSessionsPreventsLogin(false)
-                                    .sessionRegistry(sessionRegistry())
+                                    .sessionRegistry(sessionRegistry)
                                    .expiredUrl("/login?logout=true"));
            http.formLogin(
@ -103,7 +98,7 @@ public class SecurityConfiguration {
                                            .loginPage("/login")
                                            .successHandler(
                                                    new CustomAuthenticationSuccessHandler(
-                                                            loginAttemptService))
+                                                            loginAttemptService, userService))
                                            .defaultSuccessUrl("/")
                                            .failureHandler(
                                                    new CustomAuthenticationFailureHandler(
@ -160,7 +155,11 @@ public class SecurityConfiguration {
            // Handle OAUTH2 Logins
            if (applicationProperties.getSecurity().getOAUTH2() != null
-                    && applicationProperties.getSecurity().getOAUTH2().getEnabled()) {
+                    && applicationProperties.getSecurity().getOAUTH2().getEnabled()
                    && !applicationProperties
                            .getSecurity()
                            .getLoginMethod()
                            .equalsIgnoreCase("normal")) {
                http.oauth2Login(
                                oauth2 ->
@ -191,10 +190,8 @@ public class SecurityConfiguration {
                        .logout(
                                logout ->
                                        logout.logoutSuccessHandler(
-                                                        new CustomOAuth2LogoutSuccessHandler(
+                                                new CustomOAuth2LogoutSuccessHandler(
-                                                                this.applicationProperties,
+                                                        applicationProperties)));
                                                                sessionRegistry()))
                                                .invalidateHttpSession(true));
            }
        } else {
            http.csrf(csrf -> csrf.disable())
--- a/src/main/java/stirling/software/SPDF/config/security/UserAuthenticationFilter.java
+++ b/src/main/java/stirling/software/SPDF/config/security/UserAuthenticationFilter.java
@ -1,6 +1,7 @@
 package stirling.software.SPDF.config.security;
 import java.io.IOException;
 import java.util.List;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
@ -9,8 +10,9 @@ import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
@ -18,15 +20,16 @@ import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
 import stirling.software.SPDF.model.ApiKeyAuthenticationToken;
@Component
 public class UserAuthenticationFilter extends OncePerRequestFilter {
    @Autowired private UserDetailsService userDetailsService;
    @Autowired @Lazy private UserService userService;
    @Autowired private SessionPersistentRegistry sessionPersistentRegistry;
    @Autowired
    @Qualifier("loginEnabled")
    public boolean loginEnabledValue;
@ -87,6 +90,43 @@ public class UserAuthenticationFilter extends OncePerRequestFilter {
            }
        }
        // Check if the authenticated user is disabled and invalidate their session if so
        if (authentication != null && authentication.isAuthenticated()) {
            Object principal = authentication.getPrincipal();
            String username = null;
            if (principal instanceof UserDetails) {
                username = ((UserDetails) principal).getUsername();
            } else if (principal instanceof OAuth2User) {
                username = ((OAuth2User) principal).getName();
            } else if (principal instanceof String) {
                username = (String) principal;
            }
            List<SessionInformation> sessionsInformations =
                    sessionPersistentRegistry.getAllSessions(principal, false);
            if (username != null) {
                boolean isUserExists = userService.usernameExistsIgnoreCase(username);
                boolean isUserDisabled = userService.isUserDisabled(username);
                if (!isUserExists || isUserDisabled) {
                    for (SessionInformation sessionsInformation : sessionsInformations) {
                        sessionsInformation.expireNow();
                        sessionPersistentRegistry.expireSession(sessionsInformation.getSessionId());
                    }
                }
                if (!isUserExists) {
                    response.sendRedirect(request.getContextPath() + "/logout?badcredentials=true");
                    return;
                }
                if (isUserDisabled) {
                    response.sendRedirect(request.getContextPath() + "/logout?userIsDisabled=true");
                    return;
                }
            }
        }
        filterChain.doFilter(request, response);
    }
--- a/src/main/java/stirling/software/SPDF/config/security/UserService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/UserService.java
@ -15,12 +15,15 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Service;
 import stirling.software.SPDF.config.DatabaseBackupInterface;
 import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
 import stirling.software.SPDF.controller.api.pipeline.UserServiceInterface;
 import stirling.software.SPDF.model.AuthenticationType;
 import stirling.software.SPDF.model.Authority;
@ -40,6 +43,8 @@ public class UserService implements UserServiceInterface {
    @Autowired private MessageSource messageSource;
    @Autowired private SessionPersistentRegistry sessionRegistry;
    @Autowired DatabaseBackupInterface databaseBackupHelper;
    // Handle OAUTH2 login and user auto creation.
@ -48,7 +53,7 @@ public class UserService implements UserServiceInterface {
        if (!isUsernameValid(username)) {
            return false;
        }
-        Optional<User> existingUser = userRepository.findByUsernameIgnoreCase(username);
+        Optional<User> existingUser = findByUsernameIgnoreCase(username);
        if (existingUser.isPresent()) {
            return true;
        }
@ -90,8 +95,7 @@ public class UserService implements UserServiceInterface {
    public User addApiKeyToUser(String username) {
        User user =
-                userRepository
+                findByUsernameIgnoreCase(username)
                        .findByUsernameIgnoreCase(username)
                        .orElseThrow(() -> new UsernameNotFoundException("User not found"));
        user.setApiKey(generateApiKey());
@ -104,8 +108,7 @@ public class UserService implements UserServiceInterface {
    public String getApiKeyForUser(String username) {
        User user =
-                userRepository
+                findByUsernameIgnoreCase(username)
                        .findByUsernameIgnoreCase(username)
                        .orElseThrow(() -> new UsernameNotFoundException("User not found"));
        return user.getApiKey();
    }
@ -131,12 +134,17 @@ public class UserService implements UserServiceInterface {
    }
    public boolean validateApiKeyForUser(String username, String apiKey) {
-        Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);
+        Optional<User> userOpt = findByUsernameIgnoreCase(username);
        return userOpt.isPresent() && apiKey.equals(userOpt.get().getApiKey());
    }
    public void saveUser(String username, AuthenticationType authenticationType)
            throws IllegalArgumentException, IOException {
        saveUser(username, authenticationType, Role.USER.getRoleId());
    }
    public void saveUser(String username, AuthenticationType authenticationType, String role)
            throws IllegalArgumentException, IOException {
        if (!isUsernameValid(username)) {
            throw new IllegalArgumentException(getInvalidUsernameMessage());
        }
@ -144,7 +152,7 @@ public class UserService implements UserServiceInterface {
        user.setUsername(username);
        user.setEnabled(true);
        user.setFirstLogin(false);
-        user.addAuthority(new Authority(Role.USER.getRoleId(), user));
+        user.addAuthority(new Authority(role, user));
        user.setAuthenticationType(authenticationType);
        userRepository.save(user);
        databaseBackupHelper.exportDatabase();
@ -186,7 +194,7 @@ public class UserService implements UserServiceInterface {
    }
    public void deleteUser(String username) {
-        Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);
+        Optional<User> userOpt = findByUsernameIgnoreCase(username);
        if (userOpt.isPresent()) {
            for (Authority authority : userOpt.get().getAuthorities()) {
                if (authority.getAuthority().equals(Role.INTERNAL_API_USER.getRoleId())) {
@ -195,21 +203,20 @@ public class UserService implements UserServiceInterface {
            }
            userRepository.delete(userOpt.get());
        }
        invalidateUserSessions(username);
    }
    public boolean usernameExists(String username) {
-        return userRepository.findByUsername(username).isPresent();
+        return findByUsername(username).isPresent();
    }
    public boolean usernameExistsIgnoreCase(String username) {
-        return userRepository.findByUsernameIgnoreCase(username).isPresent();
+        return findByUsernameIgnoreCase(username).isPresent();
    }
    public boolean hasUsers() {
        long userCount = userRepository.count();
-        if (userRepository
+        if (findByUsernameIgnoreCase(Role.INTERNAL_API_USER.getRoleId()).isPresent()) {
                .findByUsernameIgnoreCase(Role.INTERNAL_API_USER.getRoleId())
                .isPresent()) {
            userCount -= 1;
        }
        return userCount > 0;
@ -217,7 +224,7 @@ public class UserService implements UserServiceInterface {
    public void updateUserSettings(String username, Map<String, String> updates)
            throws IOException {
-        Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);
+        Optional<User> userOpt = findByUsernameIgnoreCase(username);
        if (userOpt.isPresent()) {
            User user = userOpt.get();
            Map<String, String> settingsMap = user.getSettings();
@ -268,10 +275,17 @@ public class UserService implements UserServiceInterface {
        databaseBackupHelper.exportDatabase();
    }
-    public void changeRole(User user, String newRole) {
+    public void changeRole(User user, String newRole) throws IOException {
        Authority userAuthority = this.findRole(user);
        userAuthority.setAuthority(newRole);
        authorityRepository.save(userAuthority);
        databaseBackupHelper.exportDatabase();
    }
    public void changeUserEnabled(User user, Boolean enbeled) throws IOException {
        user.setEnabled(enbeled);
        userRepository.save(user);
        databaseBackupHelper.exportDatabase();
    }
    public boolean isPasswordCorrect(User user, String currentPassword) {
@ -295,14 +309,40 @@ public class UserService implements UserServiceInterface {
    }
    public boolean hasPassword(String username) {
-        Optional<User> user = userRepository.findByUsernameIgnoreCase(username);
+        Optional<User> user = findByUsernameIgnoreCase(username);
        return user.isPresent() && user.get().hasPassword();
    }
    public boolean isAuthenticationTypeByUsername(
            String username, AuthenticationType authenticationType) {
-        Optional<User> user = userRepository.findByUsernameIgnoreCase(username);
+        Optional<User> user = findByUsernameIgnoreCase(username);
        return user.isPresent()
                && authenticationType.name().equalsIgnoreCase(user.get().getAuthenticationType());
    }
    public boolean isUserDisabled(String username) {
        Optional<User> userOpt = findByUsernameIgnoreCase(username);
        return userOpt.map(user -> !user.isEnabled()).orElse(false);
    }
    public void invalidateUserSessions(String username) {
        String usernameP = "";
        for (Object principal : sessionRegistry.getAllPrincipals()) {
            for (SessionInformation sessionsInformation :
                    sessionRegistry.getAllSessions(principal, false)) {
                if (principal instanceof UserDetails) {
                    UserDetails userDetails = (UserDetails) principal;
                    usernameP = userDetails.getUsername();
                } else if (principal instanceof OAuth2User) {
                    OAuth2User oAuth2User = (OAuth2User) principal;
                    usernameP = oAuth2User.getName();
                } else if (principal instanceof String) {
                    usernameP = (String) principal;
                }
                if (usernameP.equalsIgnoreCase(username)) {
                    sessionRegistry.expireSession(sessionsInformation.getSessionId());
                }
            }
        }
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2AuthenticationFailureHandler.java
@ -2,8 +2,8 @@ package stirling.software.SPDF.config.security.oauth2;
 import java.io.IOException;
-import org.slf4j.Logger;
+import org.springframework.security.authentication.BadCredentialsException;
-import org.slf4j.LoggerFactory;
+import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@ -13,19 +13,34 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationFa
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@Slf4j
 public class CustomOAuth2AuthenticationFailureHandler
        extends SimpleUrlAuthenticationFailureHandler {
    private static final Logger logger =
            LoggerFactory.getLogger(CustomOAuth2AuthenticationFailureHandler.class);
    @Override
    public void onAuthenticationFailure(
            HttpServletRequest request,
            HttpServletResponse response,
            AuthenticationException exception)
            throws IOException, ServletException {
        if (exception instanceof BadCredentialsException) {
            log.error("BadCredentialsException", exception);
            getRedirectStrategy().sendRedirect(request, response, "/login?error=badcredentials");
            return;
        }
        if (exception instanceof DisabledException) {
            log.error("User is deactivated: ", exception);
            getRedirectStrategy().sendRedirect(request, response, "/logout?userIsDisabled=true");
            return;
        }
        if (exception instanceof LockedException) {
            log.error("Account locked: ", exception);
            getRedirectStrategy().sendRedirect(request, response, "/logout?error=locked");
            return;
        }
        if (exception instanceof OAuth2AuthenticationException) {
            OAuth2Error error = ((OAuth2AuthenticationException) exception).getError();
@ -34,17 +49,13 @@ public class CustomOAuth2AuthenticationFailureHandler
            if (error.getErrorCode().equals("Password must not be null")) {
                errorCode = "userAlreadyExistsWeb";
            }
-            logger.error("OAuth2 Authentication error: " + errorCode);
+            log.error("OAuth2 Authentication error: " + errorCode);
            log.error("OAuth2AuthenticationException", exception);
            getRedirectStrategy()
                    .sendRedirect(request, response, "/logout?erroroauth=" + errorCode);
            return;
        } else if (exception instanceof LockedException) {
            logger.error("Account locked: ", exception);
            getRedirectStrategy().sendRedirect(request, response, "/logout?error=locked");
            return;
        } else {
            logger.error("Unhandled authentication exception", exception);
            super.onAuthenticationFailure(request, response, exception);
        }
        log.error("Unhandled authentication exception", exception);
        super.onAuthenticationFailure(request, response, exception);
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2AuthenticationSuccessHandler.java
@ -2,10 +2,9 @@ package stirling.software.SPDF.config.security.oauth2;
 import java.io.IOException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.security.web.savedrequest.SavedRequest;
@ -26,9 +25,6 @@ public class CustomOAuth2AuthenticationSuccessHandler
    private LoginAttemptService loginAttemptService;
    private static final Logger logger =
            LoggerFactory.getLogger(CustomOAuth2AuthenticationSuccessHandler.class);
    private ApplicationProperties applicationProperties;
    private UserService userService;
@ -46,6 +42,17 @@ public class CustomOAuth2AuthenticationSuccessHandler
            HttpServletRequest request, HttpServletResponse response, Authentication authentication)
            throws ServletException, IOException {
        Object principal = authentication.getPrincipal();
        String username = "";
        if (principal instanceof OAuth2User) {
            OAuth2User oauthUser = (OAuth2User) principal;
            username = oauthUser.getName();
        } else if (principal instanceof UserDetails) {
            UserDetails oauthUser = (UserDetails) principal;
            username = oauthUser.getUsername();
        }
        // Get the saved request
        HttpSession session = request.getSession(false);
        String contextPath = request.getContextPath();
@ -59,11 +66,8 @@ public class CustomOAuth2AuthenticationSuccessHandler
            // Redirect to the original destination
            super.onAuthenticationSuccess(request, response, authentication);
        } else {
            OAuth2User oauthUser = (OAuth2User) authentication.getPrincipal();
            OAUTH2 oAuth = applicationProperties.getSecurity().getOAUTH2();
            String username = oauthUser.getName();
            if (loginAttemptService.isBlocked(username)) {
                if (session != null) {
                    session.removeAttribute("SPRING_SECURITY_SAVED_REQUEST");
@ -78,15 +82,21 @@ public class CustomOAuth2AuthenticationSuccessHandler
                    && oAuth.getAutoCreateUser()) {
                response.sendRedirect(contextPath + "/logout?oauth2AuthenticationErrorWeb=true");
                return;
-            } else {
+            }
-                try {
+            try {
-                    userService.processOAuth2PostLogin(username, oAuth.getAutoCreateUser());
+                if (oAuth.getBlockRegistration()
-                    response.sendRedirect(contextPath + "/");
+                        && !userService.usernameExistsIgnoreCase(username)) {
-                    return;
+                    response.sendRedirect(contextPath + "/logout?oauth2_admin_blocked_user=true");
                } catch (IllegalArgumentException e) {
                    response.sendRedirect(contextPath + "/logout?invalidUsername=true");
                    return;
                }
                if (principal instanceof OAuth2User) {
                    userService.processOAuth2PostLogin(username, oAuth.getAutoCreateUser());
                }
                response.sendRedirect(contextPath + "/");
                return;
            } catch (IllegalArgumentException e) {
                response.sendRedirect(contextPath + "/logout?invalidUsername=true");
                return;
            }
        }
    }
--- a/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2LogoutSuccessHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2LogoutSuccessHandler.java
@ -2,34 +2,26 @@ package stirling.software.SPDF.config.security.oauth2;
 import java.io.IOException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import jakarta.servlet.http.HttpSession;
+import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.SPDF.model.Provider;
 import stirling.software.SPDF.model.provider.UnsupportedProviderException;
 import stirling.software.SPDF.utils.UrlUtils;
@Slf4j
 public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
    private static final Logger logger =
            LoggerFactory.getLogger(CustomOAuth2LogoutSuccessHandler.class);
    private final SessionRegistry sessionRegistry;
    private final ApplicationProperties applicationProperties;
-    public CustomOAuth2LogoutSuccessHandler(
+    public CustomOAuth2LogoutSuccessHandler(ApplicationProperties applicationProperties) {
            ApplicationProperties applicationProperties, SessionRegistry sessionRegistry) {
        this.sessionRegistry = sessionRegistry;
        this.applicationProperties = applicationProperties;
    }
@ -42,6 +34,15 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
        String issuer = null;
        String clientId = null;
        if (authentication == null) {
            if (request.getParameter("userIsDisabled") != null) {
                response.sendRedirect(
                        request.getContextPath() + "/login?erroroauth=userIsDisabled");
            } else {
                super.onLogoutSuccess(request, response, authentication);
            }
            return;
        }
        OAUTH2 oauth = applicationProperties.getSecurity().getOAUTH2();
        if (authentication instanceof OAuth2AuthenticationToken) {
@ -53,9 +54,8 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
                issuer = provider.getIssuer();
                clientId = provider.getClientId();
            } catch (UnsupportedProviderException e) {
-                logger.error(e.getMessage());
+                log.error(e.getMessage());
            }
        } else {
            registrationId = oauth.getProvider() != null ? oauth.getProvider() : "";
            issuer = oauth.getIssuer();
@ -70,18 +70,16 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
            param = "erroroauth=" + sanitizeInput(errorMessage);
        } else if (request.getParameter("oauth2AutoCreateDisabled") != null) {
            param = "error=oauth2AutoCreateDisabled";
        } else if (request.getParameter("oauth2_admin_blocked_user") != null) {
            param = "erroroauth=oauth2_admin_blocked_user";
        } else if (request.getParameter("userIsDisabled") != null) {
            param = "erroroauth=userIsDisabled";
        } else if (request.getParameter("badcredentials") != null) {
            param = "error=badcredentials";
        }
        String redirect_url = UrlUtils.getOrigin(request) + "/login?" + param;
        HttpSession session = request.getSession(false);
        if (session != null) {
            String sessionId = session.getId();
            sessionRegistry.removeSessionInformation(sessionId);
            session.invalidate();
            logger.info("Session invalidated: " + sessionId);
        }
        switch (registrationId.toLowerCase()) {
            case "keycloak":
                // Add Keycloak specific logout URL if needed
@ -92,13 +90,13 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
                                + clientId
                                + "&post_logout_redirect_uri="
                                + response.encodeRedirectURL(redirect_url);
-                logger.info("Redirecting to Keycloak logout URL: " + logoutUrl);
+                log.info("Redirecting to Keycloak logout URL: " + logoutUrl);
                response.sendRedirect(logoutUrl);
                break;
            case "github":
                // Add GitHub specific logout URL if needed
                String githubLogoutUrl = "https://github.com/logout";
-                logger.info("Redirecting to GitHub logout URL: " + githubLogoutUrl);
+                log.info("Redirecting to GitHub logout URL: " + githubLogoutUrl);
                response.sendRedirect(githubLogoutUrl);
                break;
            case "google":
@ -106,13 +104,14 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
                // String googleLogoutUrl =
                // "https://accounts.google.com/Logout?continue=https://appengine.google.com/_ah/logout?continue="
                //                 + response.encodeRedirectURL(redirect_url);
-                // logger.info("Redirecting to Google logout URL: " + googleLogoutUrl);
+                log.info("Google does not have a specific logout URL");
                // log.info("Redirecting to Google logout URL: " + googleLogoutUrl);
                // response.sendRedirect(googleLogoutUrl);
                // break;
            default:
-                String redirectUrl = request.getContextPath() + "/login?" + param;
+                String defaultRedirectUrl = request.getContextPath() + "/login?" + param;
-                logger.info("Redirecting to default logout URL: " + redirectUrl);
+                log.info("Redirecting to default logout URL: " + defaultRedirectUrl);
-                response.sendRedirect(redirectUrl);
+                response.sendRedirect(defaultRedirectUrl);
                break;
        }
    }
--- a/src/main/java/stirling/software/SPDF/config/security/session/CustomHttpSessionListener.java
+++ b/src/main/java/stirling/software/SPDF/config/security/session/CustomHttpSessionListener.java
@ -0,0 +1,26 @@
 package stirling.software.SPDF.config.security.session;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import jakarta.servlet.http.HttpSessionEvent;
 import jakarta.servlet.http.HttpSessionListener;
 import lombok.extern.slf4j.Slf4j;
@Component
@Slf4j
 public class CustomHttpSessionListener implements HttpSessionListener {
    @Autowired private SessionPersistentRegistry sessionPersistentRegistry;
    @Override
    public void sessionCreated(HttpSessionEvent se) {
        log.info("Session created: " + se.getSession().getId());
    }
    @Override
    public void sessionDestroyed(HttpSessionEvent se) {
        log.info("Session destroyed: " + se.getSession().getId());
        sessionPersistentRegistry.expireSession(se.getSession().getId());
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/session/SessionPersistentRegistry.java
+++ b/src/main/java/stirling/software/SPDF/config/security/session/SessionPersistentRegistry.java
@ -0,0 +1,183 @@
 package stirling.software.SPDF.config.security.session;
 import java.time.Duration;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.Date;
 import java.util.List;
 import java.util.Optional;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Component;
 import jakarta.transaction.Transactional;
 import stirling.software.SPDF.model.SessionEntity;
@Component
 public class SessionPersistentRegistry implements SessionRegistry {
    private final SessionRepository sessionRepository;
    @Value("${server.servlet.session.timeout:30m}")
    private Duration defaultMaxInactiveInterval;
    public SessionPersistentRegistry(SessionRepository sessionRepository) {
        this.sessionRepository = sessionRepository;
    }
    @Override
    public List<Object> getAllPrincipals() {
        List<SessionEntity> sessions = sessionRepository.findAll();
        List<Object> principals = new ArrayList<>();
        for (SessionEntity session : sessions) {
            principals.add(session.getPrincipalName());
        }
        return principals;
    }
    @Override
    public List<SessionInformation> getAllSessions(
            Object principal, boolean includeExpiredSessions) {
        List<SessionInformation> sessionInformations = new ArrayList<>();
        String principalName = null;
        if (principal instanceof UserDetails) {
            principalName = ((UserDetails) principal).getUsername();
        } else if (principal instanceof OAuth2User) {
            principalName = ((OAuth2User) principal).getName();
        } else if (principal instanceof String) {
            principalName = (String) principal;
        }
        if (principalName != null) {
            List<SessionEntity> sessionEntities =
                    sessionRepository.findByPrincipalName(principalName);
            for (SessionEntity sessionEntity : sessionEntities) {
                if (includeExpiredSessions || !sessionEntity.isExpired()) {
                    sessionInformations.add(
                            new SessionInformation(
                                    sessionEntity.getPrincipalName(),
                                    sessionEntity.getSessionId(),
                                    sessionEntity.getLastRequest()));
                }
            }
        }
        return sessionInformations;
    }
    @Override
    @Transactional
    public void registerNewSession(String sessionId, Object principal) {
        String principalName = null;
        if (principal instanceof UserDetails) {
            principalName = ((UserDetails) principal).getUsername();
        } else if (principal instanceof OAuth2User) {
            principalName = ((OAuth2User) principal).getName();
        } else if (principal instanceof String) {
            principalName = (String) principal;
        }
        if (principalName != null) {
            SessionEntity sessionEntity = new SessionEntity();
            sessionEntity.setSessionId(sessionId);
            sessionEntity.setPrincipalName(principalName);
            sessionEntity.setLastRequest(new Date()); // Set lastRequest to the current date
            sessionEntity.setExpired(false);
            sessionRepository.save(sessionEntity);
        }
    }
    @Override
    @Transactional
    public void removeSessionInformation(String sessionId) {
        sessionRepository.deleteById(sessionId);
    }
    @Override
    @Transactional
    public void refreshLastRequest(String sessionId) {
        Optional<SessionEntity> sessionEntityOpt = sessionRepository.findById(sessionId);
        if (sessionEntityOpt.isPresent()) {
            SessionEntity sessionEntity = sessionEntityOpt.get();
            sessionEntity.setLastRequest(new Date()); // Update lastRequest to the current date
            sessionRepository.save(sessionEntity);
        }
    }
    @Override
    public SessionInformation getSessionInformation(String sessionId) {
        Optional<SessionEntity> sessionEntityOpt = sessionRepository.findById(sessionId);
        if (sessionEntityOpt.isPresent()) {
            SessionEntity sessionEntity = sessionEntityOpt.get();
            return new SessionInformation(
                    sessionEntity.getPrincipalName(),
                    sessionEntity.getSessionId(),
                    sessionEntity.getLastRequest());
        }
        return null;
    }
    // Retrieve all non-expired sessions
    public List<SessionEntity> getAllSessionsNotExpired() {
        return sessionRepository.findByExpired(false);
    }
    // Retrieve all sessions
    public List<SessionEntity> getAllSessions() {
        return sessionRepository.findAll();
    }
    // Mark a session as expired
    public void expireSession(String sessionId) {
        Optional<SessionEntity> sessionEntityOpt = sessionRepository.findById(sessionId);
        if (sessionEntityOpt.isPresent()) {
            SessionEntity sessionEntity = sessionEntityOpt.get();
            sessionEntity.setExpired(true); // Set expired to true
            sessionRepository.save(sessionEntity);
        }
    }
    // Get the maximum inactive interval for sessions
    public int getMaxInactiveInterval() {
        return (int) defaultMaxInactiveInterval.getSeconds();
    }
    // Retrieve a session entity by session ID
    public SessionEntity getSessionEntity(String sessionId) {
        return sessionRepository.findBySessionId(sessionId);
    }
    // Update session details by principal name
    public void updateSessionByPrincipalName(
            String principalName, boolean expired, Date lastRequest) {
        sessionRepository.saveByPrincipalName(expired, lastRequest, principalName);
    }
    // Find the latest session for a given principal name
    public Optional<SessionEntity> findLatestSession(String principalName) {
        List<SessionEntity> allSessions = sessionRepository.findByPrincipalName(principalName);
        if (allSessions.isEmpty()) {
            return Optional.empty();
        }
        // Sort sessions by lastRequest in descending order
        Collections.sort(
                allSessions,
                new Comparator<SessionEntity>() {
                    @Override
                    public int compare(SessionEntity s1, SessionEntity s2) {
                        // Sort by lastRequest in descending order
                        return s2.getLastRequest().compareTo(s1.getLastRequest());
                    }
                });
        // The first session in the list is the latest session for the given principal name
        return Optional.of(allSessions.get(0));
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/session/SessionRegistryConfig.java
+++ b/src/main/java/stirling/software/SPDF/config/security/session/SessionRegistryConfig.java
@ -0,0 +1,20 @@
 package stirling.software.SPDF.config.security.session;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.core.session.SessionRegistryImpl;
@Configuration
 public class SessionRegistryConfig {
    @Bean
    public SessionRegistryImpl sessionRegistry() {
        return new SessionRegistryImpl();
    }
    @Bean
    public SessionPersistentRegistry sessionPersistentRegistry(
            SessionRepository sessionRepository) {
        return new SessionPersistentRegistry(sessionRepository);
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/session/SessionRepository.java
+++ b/src/main/java/stirling/software/SPDF/config/security/session/SessionRepository.java
@ -0,0 +1,31 @@
 package stirling.software.SPDF.config.security.session;
 import java.util.Date;
 import java.util.List;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 import jakarta.transaction.Transactional;
 import stirling.software.SPDF.model.SessionEntity;
@Repository
 public interface SessionRepository extends JpaRepository<SessionEntity, String> {
    List<SessionEntity> findByPrincipalName(String principalName);
    List<SessionEntity> findByExpired(boolean expired);
    SessionEntity findBySessionId(String sessionId);
    @Modifying
    @Transactional
    @Query(
            "UPDATE SessionEntity s SET s.expired = :expired, s.lastRequest = :lastRequest WHERE s.principalName = :principalName")
    void saveByPrincipalName(
            @Param("expired") boolean expired,
            @Param("lastRequest") Date lastRequest,
            @Param("principalName") String principalName);
 }
--- a/src/main/java/stirling/software/SPDF/config/security/session/SessionScheduled.java
+++ b/src/main/java/stirling/software/SPDF/config/security/session/SessionScheduled.java
@ -0,0 +1,35 @@
 package stirling.software.SPDF.config.security.session;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Date;
 import java.util.List;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.stereotype.Component;
@Component
 public class SessionScheduled {
    @Autowired private SessionPersistentRegistry sessionPersistentRegistry;
    @Scheduled(cron = "0 0/5 * * * ?")
    public void expireSessions() {
        Instant now = Instant.now();
        for (Object principal : sessionPersistentRegistry.getAllPrincipals()) {
            List<SessionInformation> sessionInformations =
                    sessionPersistentRegistry.getAllSessions(principal, false);
            for (SessionInformation sessionInformation : sessionInformations) {
                Date lastRequest = sessionInformation.getLastRequest();
                int maxInactiveInterval = sessionPersistentRegistry.getMaxInactiveInterval();
                Instant expirationTime =
                        lastRequest.toInstant().plus(maxInactiveInterval, ChronoUnit.SECONDS);
                if (now.isAfter(expirationTime)) {
                    sessionPersistentRegistry.expireSession(sessionInformation.getSessionId());
                }
            }
        }
    }
 }
--- a/src/main/java/stirling/software/SPDF/controller/api/UserController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/UserController.java
@ -3,6 +3,7 @@ package stirling.software.SPDF.controller.api;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
@ -12,8 +13,8 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.session.SessionInformation;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@ -30,6 +31,8 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import stirling.software.SPDF.config.security.UserService;
 import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
 import stirling.software.SPDF.model.AuthenticationType;
 import stirling.software.SPDF.model.Role;
 import stirling.software.SPDF.model.User;
 import stirling.software.SPDF.model.api.user.UsernameAndPass;
@ -41,6 +44,8 @@ public class UserController {
    @Autowired private UserService userService;
    @Autowired SessionPersistentRegistry sessionRegistry;
    @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
    @PostMapping("/register")
    public String register(@ModelAttribute UsernameAndPass requestModel, Model model)
@ -203,9 +208,10 @@ public class UserController {
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @PostMapping("/admin/saveUser")
    public RedirectView saveUser(
-            @RequestParam(name = "username") String username,
+            @RequestParam String username,
-            @RequestParam(name = "password") String password,
+            @RequestParam(name = "password", required = false) String password,
            @RequestParam(name = "role") String role,
            @RequestParam(name = "authType") String authType,
            @RequestParam(name = "forceChange", required = false, defaultValue = "false")
                    boolean forceChange)
            throws IllegalArgumentException, IOException {
@ -237,7 +243,15 @@ public class UserController {
            return new RedirectView("/addUsers?messageType=invalidRole", true);
        }
-        userService.saveUser(username, password, role, forceChange);
+        if (authType.equalsIgnoreCase(AuthenticationType.OAUTH2.toString())) {
            userService.saveUser(username, AuthenticationType.OAUTH2, role);
        } else {
            if (password.isBlank()) {
                return new RedirectView("/addUsers?messageType=invalidPassword", true);
            }
            userService.saveUser(username, password, role, forceChange);
        }
        return new RedirectView(
                "/addUsers", true); // Redirect to account page after adding the user
    }
@ -247,7 +261,8 @@ public class UserController {
    public RedirectView changeRole(
            @RequestParam(name = "username") String username,
            @RequestParam(name = "role") String role,
-            Authentication authentication) {
+            Authentication authentication)
            throws IOException {
        Optional<User> userOpt = userService.findByUsernameIgnoreCase(username);
@ -278,6 +293,60 @@ public class UserController {
        User user = userOpt.get();
        userService.changeRole(user, role);
        return new RedirectView(
                "/addUsers", true); // Redirect to account page after adding the user
    }
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @PostMapping("/admin/changeUserEnabled/{username}")
    public RedirectView changeUserEnabled(
            @PathVariable("username") String username,
            @RequestParam("enabled") boolean enabled,
            Authentication authentication)
            throws IOException {
        Optional<User> userOpt = userService.findByUsernameIgnoreCase(username);
        if (!userOpt.isPresent()) {
            return new RedirectView("/addUsers?messageType=userNotFound", true);
        }
        if (!userService.usernameExistsIgnoreCase(username)) {
            return new RedirectView("/addUsers?messageType=userNotFound", true);
        }
        // Get the currently authenticated username
        String currentUsername = authentication.getName();
        // Check if the provided username matches the current session's username
        if (currentUsername.equalsIgnoreCase(username)) {
            return new RedirectView("/addUsers?messageType=disabledCurrentUser", true);
        }
        User user = userOpt.get();
        userService.changeUserEnabled(user, enabled);
        if (!enabled) {
            // Invalidate all sessions if the user is being disabled
            List<Object> principals = sessionRegistry.getAllPrincipals();
            String userNameP = "";
            for (Object principal : principals) {
                List<SessionInformation> sessionsInformations =
                        sessionRegistry.getAllSessions(principal, false);
                if (principal instanceof UserDetails) {
                    userNameP = ((UserDetails) principal).getUsername();
                } else if (principal instanceof OAuth2User) {
                    userNameP = ((OAuth2User) principal).getName();
                } else if (principal instanceof String) {
                    userNameP = (String) principal;
                }
                if (userNameP.equalsIgnoreCase(username)) {
                    for (SessionInformation sessionsInformation : sessionsInformations) {
                        sessionRegistry.expireSession(sessionsInformation.getSessionId());
                    }
                }
            }
        }
        return new RedirectView(
                "/addUsers", true); // Redirect to account page after adding the user
    }
@ -285,7 +354,7 @@ public class UserController {
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @PostMapping("/admin/deleteUser/{username}")
    public RedirectView deleteUser(
-            @PathVariable(name = "username") String username, Authentication authentication) {
+            @PathVariable("username") String username, Authentication authentication) {
        if (!userService.usernameExistsIgnoreCase(username)) {
            return new RedirectView("/addUsers?messageType=deleteUsernameExists", true);
@ -298,27 +367,18 @@ public class UserController {
        if (currentUsername.equalsIgnoreCase(username)) {
            return new RedirectView("/addUsers?messageType=deleteCurrentUser", true);
        }
-        invalidateUserSessions(username);
+
        // Invalidate all sessions before deleting the user
        List<SessionInformation> sessionsInformations =
                sessionRegistry.getAllSessions(authentication.getPrincipal(), false);
        for (SessionInformation sessionsInformation : sessionsInformations) {
            sessionRegistry.expireSession(sessionsInformation.getSessionId());
            sessionRegistry.removeSessionInformation(sessionsInformation.getSessionId());
        }
        userService.deleteUser(username);
        return new RedirectView("/addUsers", true);
    }
    @Autowired private SessionRegistry sessionRegistry;
    private void invalidateUserSessions(String username) {
        for (Object principal : sessionRegistry.getAllPrincipals()) {
            if (principal instanceof UserDetails) {
                UserDetails userDetails = (UserDetails) principal;
                if (userDetails.getUsername().equals(username)) {
                    for (SessionInformation session :
                            sessionRegistry.getAllSessions(principal, false)) {
                        session.expireNow();
                    }
                }
            }
        }
    }
    @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
    @PostMapping("/get-api-key")
    public ResponseEntity<String> getApiKey(Principal principal) {
--- a/src/main/java/stirling/software/SPDF/controller/web/AccountWebController.java
+++ b/src/main/java/stirling/software/SPDF/controller/web/AccountWebController.java
@ -1,13 +1,15 @@
 package stirling.software.SPDF.controller.web;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
 import java.util.stream.Collectors;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
@ -23,11 +25,14 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2.Client;
 import stirling.software.SPDF.model.Authority;
 import stirling.software.SPDF.model.Role;
 import stirling.software.SPDF.model.SessionEntity;
 import stirling.software.SPDF.model.User;
 import stirling.software.SPDF.model.provider.GithubProvider;
 import stirling.software.SPDF.model.provider.GoogleProvider;
@ -35,15 +40,20 @@ import stirling.software.SPDF.model.provider.KeycloakProvider;
 import stirling.software.SPDF.repository.UserRepository;
@Controller
@Slf4j
@Tag(name = "Account Security", description = "Account Security APIs")
 public class AccountWebController {
    @Autowired ApplicationProperties applicationProperties;
-    private static final Logger logger = LoggerFactory.getLogger(AccountWebController.class);
+    @Autowired SessionPersistentRegistry sessionPersistentRegistry;
    @Autowired
    private UserRepository userRepository; // Assuming you have a repository for user operations
    @GetMapping("/login")
    public String login(HttpServletRequest request, Model model, Authentication authentication) {
        // If the user is already authenticated, redirect them to the home page.
        if (authentication != null && authentication.isAuthenticated()) {
            return "redirect:/";
        }
@ -137,6 +147,13 @@ public class AccountWebController {
                    break;
                case "invalid_id_token":
                    erroroauth = "login.oauth2InvalidIdToken";
                    break;
                case "oauth2_admin_blocked_user":
                    erroroauth = "login.oauth2AdminBlockedUser";
                    break;
                case "userIsDisabled":
                    erroroauth = "login.userIsDisabled";
                    break;
                default:
                    break;
            }
@ -155,9 +172,6 @@ public class AccountWebController {
        return "login";
    }
    @Autowired
    private UserRepository userRepository; // Assuming you have a repository for user operations
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping("/addUsers")
    public String showAddUserForm(
@ -166,6 +180,13 @@ public class AccountWebController {
        Iterator<User> iterator = allUsers.iterator();
        Map<String, String> roleDetails = Role.getAllRoleDetails();
        // Map to store session information and user activity status
        Map<String, Boolean> userSessions = new HashMap<>();
        Map<String, Date> userLastRequest = new HashMap<>();
        int activeUsers = 0;
        int disabledUsers = 0;
        while (iterator.hasNext()) {
            User user = iterator.next();
            if (user != null) {
@ -176,9 +197,73 @@ public class AccountWebController {
                        break; // Break out of the inner loop once the user is removed
                    }
                }
                // Determine the user's session status and last request time
                int maxInactiveInterval = sessionPersistentRegistry.getMaxInactiveInterval();
                boolean hasActiveSession = false;
                Date lastRequest = null;
                Optional<SessionEntity> latestSession =
                        sessionPersistentRegistry.findLatestSession(user.getUsername());
                if (latestSession.isPresent()) {
                    SessionEntity sessionEntity = latestSession.get();
                    Date lastAccessedTime = sessionEntity.getLastRequest();
                    Instant now = Instant.now();
                    // Calculate session expiration and update session status accordingly
                    Instant expirationTime =
                            lastAccessedTime
                                    .toInstant()
                                    .plus(maxInactiveInterval, ChronoUnit.SECONDS);
                    if (now.isAfter(expirationTime)) {
                        sessionPersistentRegistry.expireSession(sessionEntity.getSessionId());
                        hasActiveSession = false;
                    } else {
                        hasActiveSession = !sessionEntity.isExpired();
                    }
                    lastRequest = sessionEntity.getLastRequest();
                } else {
                    hasActiveSession = false;
                    lastRequest = new Date(0); // No session, set default last request time
                }
                userSessions.put(user.getUsername(), hasActiveSession);
                userLastRequest.put(user.getUsername(), lastRequest);
                if (hasActiveSession) {
                    activeUsers++;
                }
                if (!user.isEnabled()) {
                    disabledUsers++;
                }
            }
        }
        // Sort users by active status and last request date
        List<User> sortedUsers =
                allUsers.stream()
                        .sorted(
                                (u1, u2) -> {
                                    boolean u1Active = userSessions.get(u1.getUsername());
                                    boolean u2Active = userSessions.get(u2.getUsername());
                                    if (u1Active && !u2Active) {
                                        return -1;
                                    } else if (!u1Active && u2Active) {
                                        return 1;
                                    } else {
                                        Date u1LastRequest =
                                                userLastRequest.getOrDefault(
                                                        u1.getUsername(), new Date(0));
                                        Date u2LastRequest =
                                                userLastRequest.getOrDefault(
                                                        u2.getUsername(), new Date(0));
                                        return u2LastRequest.compareTo(u1LastRequest);
                                    }
                                })
                        .collect(Collectors.toList());
        String messageType = request.getParameter("messageType");
        String deleteMessage = null;
@ -203,6 +288,9 @@ public class AccountWebController {
                case "invalidUsername":
                    addMessage = "invalidUsernameMessage";
                    break;
                case "invalidPassword":
                    addMessage = "invalidPasswordMessage";
                    break;
                default:
                    break;
            }
@ -218,16 +306,24 @@ public class AccountWebController {
                case "downgradeCurrentUser":
                    changeMessage = "downgradeCurrentUserMessage";
                    break;
-
+                case "disabledCurrentUser":
                    changeMessage = "disabledCurrentUserMessage";
                    break;
                default:
                    changeMessage = messageType;
                    break;
            }
            model.addAttribute("changeMessage", changeMessage);
        }
-        model.addAttribute("users", allUsers);
+        model.addAttribute("users", sortedUsers);
        model.addAttribute("currentUsername", authentication.getName());
        model.addAttribute("roleDetails", roleDetails);
        model.addAttribute("userSessions", userSessions);
        model.addAttribute("userLastRequest", userLastRequest);
        model.addAttribute("totalUsers", allUsers.size());
        model.addAttribute("activeUsers", activeUsers);
        model.addAttribute("disabledUsers", disabledUsers);
        return "addUsers";
    }
@ -278,7 +374,7 @@ public class AccountWebController {
                    settingsJson = objectMapper.writeValueAsString(user.get().getSettings());
                } catch (JsonProcessingException e) {
                    // Handle JSON conversion error
-                    logger.error("exception", e);
+                    log.error("exception", e);
                    return "redirect:/error";
                }
--- a/src/main/java/stirling/software/SPDF/model/ApplicationProperties.java
+++ b/src/main/java/stirling/software/SPDF/model/ApplicationProperties.java
@ -241,6 +241,7 @@ public class ApplicationProperties {
            private String clientId;
            private String clientSecret;
            private Boolean autoCreateUser = false;
            private Boolean blockRegistration = false;
            private String useAsUsername;
            private Collection<String> scopes = new ArrayList<>();
            private String provider;
@ -286,6 +287,14 @@ public class ApplicationProperties {
                this.autoCreateUser = autoCreateUser;
            }
            public Boolean getBlockRegistration() {
                return blockRegistration;
            }
            public void setBlockRegistration(Boolean blockRegistration) {
                this.blockRegistration = blockRegistration;
            }
            public String getUseAsUsername() {
                return useAsUsername;
            }
@ -356,6 +365,8 @@ public class ApplicationProperties {
                        + (clientSecret != null && !clientSecret.isEmpty() ? "MASKED" : "NULL")
                        + ", autoCreateUser="
                        + autoCreateUser
                        + ", blockRegistration="
                        + blockRegistration
                        + ", useAsUsername="
                        + useAsUsername
                        + ", provider="
--- a/src/main/java/stirling/software/SPDF/model/SessionEntity.java
+++ b/src/main/java/stirling/software/SPDF/model/SessionEntity.java
@ -0,0 +1,23 @@
 package stirling.software.SPDF.model;
 import java.io.Serializable;
 import java.util.Date;
 import jakarta.persistence.Entity;
 import jakarta.persistence.Id;
 import jakarta.persistence.Lob;
 import jakarta.persistence.Table;
 import lombok.Data;
@Entity
@Data
@Table(name = "sessions")
 public class SessionEntity implements Serializable {
    @Id private String sessionId;
    @Lob private String principalName;
    private Date lastRequest;
    private boolean expired;
 }
--- a/src/main/java/stirling/software/SPDF/model/provider/GoogleProvider.java
+++ b/src/main/java/stirling/software/SPDF/model/provider/GoogleProvider.java
@ -31,6 +31,14 @@ public class GoogleProvider extends Provider {
    private Collection<String> scopes = new ArrayList<>();
    private String useAsUsername = "email";
    @Override
    public String getIssuer() {
        return new String();
    }
    @Override
    public void setIssuer(String issuer) {}
    @Override
    public String getClientId() {
        return this.clientId;
--- a/src/main/resources/messages_ar_AR.properties
+++ b/src/main/resources/messages_ar_AR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=لا يمكن خفض دور المستخدم الحالي
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=لا يمكن تخفيض دور المستخدم الحالي. وبالتالي، لن يظهر المستخدم الحالي.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=تغيير دور المستخدم
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=تسجيل الدخول عبر تسجيل الدخول الأحادي
 login.oauth2AutoCreateDisabled=تم تعطيل مستخدم الإنشاء التلقائي لـ OAuth2
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_bg_BG.properties
+++ b/src/main/resources/messages_bg_BG.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Потребителят не е намерен
 incorrectPasswordMessage=Текущата парола е неправилна.
 usernameExistsMessage=Новият потребител вече съществува.
 invalidUsernameMessage=Невалидно потребителско име, потребителското име може да съдържа само букви, цифри и следните специални знаци @._+- или трябва да е валиден имейл адрес.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Не може да се изтрие вписания в момента потребител.
 deleteUsernameExistsMessage=Потребителското име не съществува и не може да бъде изтрито.
 downgradeCurrentUserMessage=Не може да се понижи ролята на текущия потребител
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Не може да се понижи ролята на текущия потребител. Следователно текущият потребител няма да бъде показан.
 userAlreadyExistsOAuthMessage=Потребителят вече съществува като OAuth2 потребител.
 userAlreadyExistsWebMessage=Потребителят вече съществува като уеб-потребител.
@ -177,6 +179,7 @@ adminUserSettings.user=Потребител
 adminUserSettings.addUser=Добавяне на нов потребител
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Потребителското име може да съдържа само букви, цифри и следните специални символи @._+- или трябва да е валиден имейл адрес.
 adminUserSettings.roles=Роли
 adminUserSettings.role=Роля
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Принудете потребителя да п
 adminUserSettings.submit=Съхранете потребителя
 adminUserSettings.changeUserRole=Промяна на ролята на потребителя
 adminUserSettings.authenticated=Удостоверен
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Вашият акаунт е заключен.
 login.signinTitle=Моля впишете се
 login.ssoSignIn=Влизане чрез еднократно влизане
 login.oauth2AutoCreateDisabled=OAUTH2 Автоматично създаване на потребител е деактивирано
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Заявката за оторизация не е намерена
 login.oauth2InvalidUserInfoResponse=Невалидна информация за потребителя
 login.oauth2invalidRequest=Невалидна заявка
 login.oauth2AccessDenied=Отказан достъп
 login.oauth2InvalidTokenResponse=Невалиден отговор на токена
 login.oauth2InvalidIdToken=Невалиден токен за идентификатор
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_ca_CA.properties
+++ b/src/main/resources/messages_ca_CA.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=No es pot reduir la funció de l'usuari actual
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=No es pot baixar la funció de l'usuari actual. Per tant, no es mostrarà l'usuari actual.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Usuari
 adminUserSettings.addUser=Afegir Usuari
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Rols
 adminUserSettings.role=Rol
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Desar Usuari
 adminUserSettings.changeUserRole=Canvia el rol de l'usuari
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Compte bloquejat
 login.signinTitle=Autenticat
 login.ssoSignIn=Inicia sessió mitjançant l'inici de sessió ún
 login.oauth2AutoCreateDisabled=L'usuari de creació automàtica OAUTH2 està desactivat
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_cs_CZ.properties
+++ b/src/main/resources/messages_cs_CZ.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Uživatel nenalezen.
 incorrectPasswordMessage=Současné heslo není správné.
 usernameExistsMessage=Nové uživatelské jméno již existuje.
 invalidUsernameMessage=Nesprávné uživatelské jméno, smí obsahovat pouze písmena, číslice a následující speciální znaky @._+- nebo musí být validní emailová adresa.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Nelze smazat aktuální přihlášeného uživatele.
 deleteUsernameExistsMessage=Uživatelské jméno neexistuje a nelze ho smazat.
 downgradeCurrentUserMessage=Nelze snížit roli aktuálního uživatele.
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Nelze snížit roli aktuálního uživatele. Proto nebude aktuální uživatel zobrazen.
 userAlreadyExistsOAuthMessage=Uživatel již existuje jako OAuth2 uživatel.
 userAlreadyExistsWebMessage=Uživatel již existuje jako webový uživatel.
@ -177,6 +179,7 @@ adminUserSettings.user=Uživatel
 adminUserSettings.addUser=Přidat Nového Uživatele
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Uživatelské Jméno může obsahovat pouze písmena, čísla a následující speciální znaky @._+- nebo musí být správná emailová adresa.
 adminUserSettings.roles=Role
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Vynutit uživateli změnu hesla při přihlášen
 adminUserSettings.submit=Uložit Uživatele
 adminUserSettings.changeUserRole=Zmenit Roli Uživatele
 adminUserSettings.authenticated=Ověřeno
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=Login via Single Sign-on
 login.oauth2AutoCreateDisabled=OAUTH2 Auto-Create User Disabled
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_da_DK.properties
+++ b/src/main/resources/messages_da_DK.properties
@ -1,7 +1,7 @@
 ###########
 # Generic #
 ###########
-# the direction that the language is written (ltr=left to right, rtl = right to left)
+# the direction that the language is written (ltr = left to right, rtl = right to left)
 language.direction=ltr
 pdfPrompt=Vælg PDF-fil(er)
@ -55,10 +55,12 @@ userNotFoundMessage=Bruger ikke fundet.
 incorrectPasswordMessage=Nuværende adgangskode er forkert.
 usernameExistsMessage=Nyt brugernavn findes allerede.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Cannot downgrade current user's role
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Cannot downgrade current user's role. Hence, current user will not be shown.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=Change User's Role
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=Login via Single Sign-on
 login.oauth2AutoCreateDisabled=OAUTH2 Auto-Create User Disabled
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_de_DE.properties
+++ b/src/main/resources/messages_de_DE.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Benutzer nicht gefunden.
 incorrectPasswordMessage=Das Passwort ist falsch.
 usernameExistsMessage=Neuer Benutzername existiert bereits.
 invalidUsernameMessage=Ungültiger Benutzername. Der Benutzername darf nur Buchstaben, Zahlen und die folgenden Sonderzeichen @._+- enthalten oder muss eine gültige E-Mail-Adresse sein.
 invalidPasswordMessage=Das Passwort darf nicht leer sein und kein Leerzeichen am Anfang und Ende haben.
 confirmPasswordErrorMessage=„Neues Passwort“ und „Neues Passwort bestätigen“ müssen übereinstimmen.
 deleteCurrentUserMessage=Der aktuell angemeldete Benutzer kann nicht gelöscht werden.
 deleteUsernameExistsMessage=Der Benutzername existiert nicht und kann nicht gelöscht werden.
 downgradeCurrentUserMessage=Die Rolle des aktuellen Benutzers kann nicht herabgestuft werden
 disabledCurrentUserMessage=Der aktuelle Benutzer kann nicht deaktiviert werden
 downgradeCurrentUserLongMessage=Die Rolle des aktuellen Benutzers kann nicht herabgestuft werden. Daher wird der aktuelle Benutzer nicht angezeigt.
 userAlreadyExistsOAuthMessage=Der Benutzer ist bereits als OAuth2-Benutzer vorhanden.
 userAlreadyExistsWebMessage=Der Benutzer ist bereits als Webbenutzer vorhanden.
@ -177,10 +179,11 @@ adminUserSettings.user=Benutzer
 adminUserSettings.addUser=Neuen Benutzer hinzufügen
 adminUserSettings.deleteUser=Benutzer löschen
 adminUserSettings.confirmDeleteUser=Soll der Benutzer gelöscht werden?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Der Benutzername darf nur Buchstaben, Zahlen und die folgenden Sonderzeichen @._+- enthalten oder muss eine gültige E-Mail-Adresse sein.
 adminUserSettings.roles=Rollen
 adminUserSettings.role=Rolle
-adminUserSettings.actions=Aktion
+adminUserSettings.actions=Aktions
 adminUserSettings.apiUser=Eingeschränkter API-Benutzer
 adminUserSettings.extraApiUser=Zusätzlicher eingeschränkter API-Benutzer
 adminUserSettings.webOnlyUser=Nur Web-Benutzer
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Benutzer dazu zwingen, Benutzernamen/Passwort bei
 adminUserSettings.submit=Benutzer speichern
 adminUserSettings.changeUserRole=Benutzerrolle ändern
 adminUserSettings.authenticated=Authentifiziert
 adminUserSettings.editOwnProfil=Eigenes Profil bearbeiten
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Datenbank Import/Export
@ -481,12 +491,14 @@ login.locked=Ihr Konto wurde gesperrt.
 login.signinTitle=Bitte melden Sie sich an.
 login.ssoSignIn=Anmeldung per Single Sign-On
 login.oauth2AutoCreateDisabled=OAUTH2 Benutzer automatisch erstellen deaktiviert
 login.oauth2AdminBlockedUser=Die Registrierung bzw. das anmelden von nicht registrierten Benutzern ist derzeit gesperrt. Bitte wenden Sie sich an den Administrator.
 login.oauth2RequestNotFound=Autorisierungsanfrage nicht gefunden
 login.oauth2InvalidUserInfoResponse=Ungültige Benutzerinformationsantwort
 login.oauth2invalidRequest=ungültige Anfrage
 login.oauth2AccessDenied=Zugriff abgelehnt
 login.oauth2InvalidTokenResponse=Ungültige Token-Antwort
 login.oauth2InvalidIdToken=Ungültiges ID-Token
 login.userIsDisabled=Benutzer ist deaktiviert, die Anmeldung ist mit diesem Benutzernamen derzeit gesperrt. Bitte wenden Sie sich an den Administrator.
 #auto-redact
--- a/src/main/resources/messages_el_GR.properties
+++ b/src/main/resources/messages_el_GR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Ο χρήστης δεν βρέθηκε.
 incorrectPasswordMessage=Ο τρέχων κωδικός πρόσβασης είναι λανθασμένος.
 usernameExistsMessage=Το νέο όνομα χρήστη υπάρχει ήδη.
 invalidUsernameMessage=Μη έγκυρο όνομα χρήστη, όνομα χρήστη μπορεί να περιέχει μόνο γράμματα, αριθμούς και τους ακόλουθους ειδικούς χαρακτήρες @._+- ή πρέπει να είναι έγκυρη διεύθυνση email.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Δεν είναι δυνατή η διαγραφή του τρέχοντος συνδεδεμένου χρήστη.
 deleteUsernameExistsMessage=Το όνομα χρήστη δεν υπάρχει και δεν μπορεί να διαγραφεί.
 downgradeCurrentUserMessage=Δεν είναι δυνατή η υποβάθμιση του ρόλου του τρέχοντος χρήστη
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Δεν είναι δυνατή η υποβάθμιση του ρόλου του τρέχοντος χρήστη. Ως εκ τούτου, ο τρέχων χρήστης δεν θα εμφανίζεται.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Χρήστης
 adminUserSettings.addUser=Προσθήκη νέου Χρήστη
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Ρόλοι
 adminUserSettings.role=Ρόλος
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Αναγκάστε τον χρήστη να αλλ
 adminUserSettings.submit=Αποθήκευση Χρήστη
 adminUserSettings.changeUserRole=Αλλαγή ρόλου χρήστη
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Ο λογαριασμός σας έχει κλειδωθεί.
 login.signinTitle=Παρακαλώ, συνδεθείτε
 login.ssoSignIn=Σύνδεση μέσω μοναδικής σύνδεσης
 login.oauth2AutoCreateDisabled=Απενεργοποιήθηκε ο χρήστης αυτόματης δημιουργίας OAUTH2
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_en_GB.properties
+++ b/src/main/resources/messages_en_GB.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Cannot downgrade current user's role
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Cannot downgrade current user's role. Hence, current user will not be shown.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=Change User's Role
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=Login via Single Sign-on
 login.oauth2AutoCreateDisabled=OAUTH2 Auto-Create User Disabled
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_en_US.properties
+++ b/src/main/resources/messages_en_US.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Cannot downgrade current user's role
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Cannot downgrade current user's role. Hence, current user will not be shown.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=Change User's Role
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=Login via Single Sign-on
 login.oauth2AutoCreateDisabled=OAUTH2 Auto-Create User Disabled
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_es_ES.properties
+++ b/src/main/resources/messages_es_ES.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Usuario no encontrado.
 incorrectPasswordMessage=La contraseña actual no es correcta.
 usernameExistsMessage=El nuevo nombre de usuario está en uso.
 invalidUsernameMessage=Nombre de usuario no válido, el nombre de usuario solo puede contener letras, números y los siguientes caracteres especiales @._+- o debe ser una dirección de correo electrónico válida.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=No puede eliminar el usuario que tiene la sesión actualmente en uso.
 deleteUsernameExistsMessage=El usuario no existe y no puede eliminarse.
 downgradeCurrentUserMessage=No se puede degradar el rol del usuario actual
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=No se puede degradar el rol del usuario actual. Por lo tanto, el usuario actual no se mostrará.
 userAlreadyExistsOAuthMessage=La usuario ya existe como usuario de OAuth2.
 userAlreadyExistsWebMessage=El usuario ya existe como usuario web.
@ -177,6 +179,7 @@ adminUserSettings.user=Usuario
 adminUserSettings.addUser=Añadir Nuevo Usuario
 adminUserSettings.deleteUser=Eliminar Usuario
 adminUserSettings.confirmDeleteUser=¿Se debe eliminar al usuario?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=El nombre de usuario solo puede contener letras, números y los siguientes caracteres especiales @._+- o debe ser una dirección de correo electrónico válida.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Rol
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Forzar usuario a cambiar usuario/contraseña en el
 adminUserSettings.submit=Guardar Usuario
 adminUserSettings.changeUserRole=Cambiar rol de usuario
 adminUserSettings.authenticated=Autenticado
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Base de Datos Importar/Exportar
@ -481,12 +491,14 @@ login.locked=Su cuenta se ha bloqueado.
 login.signinTitle=Por favor, inicie sesión
 login.ssoSignIn=Iniciar sesión a través del inicio de sesión único
 login.oauth2AutoCreateDisabled=Usuario de creación automática de OAUTH2 DESACTIVADO
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Solicitud de autorización no encontrada
 login.oauth2InvalidUserInfoResponse=Respuesta de información de usuario no válida
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Respuesta de token no válida
 login.oauth2InvalidIdToken=Token de identificación no válido
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_eu_ES.properties
+++ b/src/main/resources/messages_eu_ES.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Ezin da uneko erabiltzailearen rola jaitsi
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Ezin da uneko erabiltzailearen rola jaitsi. Beraz, oraingo erabiltzailea ez da erakutsiko.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Erabiltzaile
 adminUserSettings.addUser=Erabiltzaile berria
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Rolak
 adminUserSettings.role=Rol
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Gorde Erabiltzailea
 adminUserSettings.changeUserRole=Erabiltzailearen rola aldatu
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Zure kontua blokeatu egin da.
 login.signinTitle=Mesedez, hasi saioa
 login.ssoSignIn=Hasi saioa Saioa hasteko modu bakarraren bidez
 login.oauth2AutoCreateDisabled=OAUTH2 Sortu automatikoki erabiltzailea desgaituta dago
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_fr_FR.properties
+++ b/src/main/resources/messages_fr_FR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Utilisateur non trouvé.
 incorrectPasswordMessage=Le mot de passe actuel est incorrect.
 usernameExistsMessage=Le nouveau nom d’utilisateur existe déjà.
 invalidUsernameMessage=Nom d’utilisateur invalide, le nom d’utilisateur ne peut contenir que des lettres, des chiffres et les caractères spéciaux suivants @._+- ou doit être une adresse e-mail valide.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Impossible de supprimer l’utilisateur actuellement connecté.
 deleteUsernameExistsMessage=Le nom d’utilisateur n’existe pas et ne peut pas être supprimé.
 downgradeCurrentUserMessage=Impossible de rétrograder le rôle de l'utilisateur actuel.
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Impossible de rétrograder le rôle de l'utilisateur actuel. Par conséquent, l'utilisateur actuel ne sera pas affiché.
 userAlreadyExistsOAuthMessage=L'utilisateur existe déjà en tant qu'utilisateur OAuth2.
 userAlreadyExistsWebMessage=L'utilisateur existe déjà en tant qu'utilisateur Web.
@ -177,6 +179,7 @@ adminUserSettings.user=Utilisateur
 adminUserSettings.addUser=Ajouter un utilisateur
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Le nom d'utilisateur ne peut contenir que des lettres, des chiffres et les caractères spéciaux suivants @._+- ou doit être une adresse e-mail valide.
 adminUserSettings.roles=Rôles
 adminUserSettings.role=Rôle
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Forcer l’utilisateur à changer son nom d’util
 adminUserSettings.submit=Ajouter
 adminUserSettings.changeUserRole=Changer le rôle de l'utilisateur
 adminUserSettings.authenticated=Authentifié
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Votre compte a été verrouillé.
 login.signinTitle=Veuillez vous connecter
 login.ssoSignIn=Se connecter via l'authentification unique
 login.oauth2AutoCreateDisabled=OAUTH2 Création automatique d'utilisateur désactivée
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Demande d'autorisation introuvable
 login.oauth2InvalidUserInfoResponse=Réponse contenant les informations de l'utilisateur est invalide
 login.oauth2invalidRequest=Requête invalide
 login.oauth2AccessDenied=Accès refusé
 login.oauth2InvalidTokenResponse=Réponse contenant le jeton est invalide
 login.oauth2InvalidIdToken=Jeton d'identification invalide
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_ga_IE.properties
+++ b/src/main/resources/messages_ga_IE.properties
@ -1,7 +1,7 @@
 ###########
 # Generic #
 ###########
-# the direction that the language is written (ltr=left to right, rtl = right to left)
+# the direction that the language is written (ltr = left to right, rtl = right to left)
 language.direction=ltr
 pdfPrompt=Roghnaigh PDF(s)
@ -55,10 +55,12 @@ userNotFoundMessage=Úsáideoir gan aimsiú.
 incorrectPasswordMessage=Tá an pasfhocal reatha mícheart.
 usernameExistsMessage=Tá Ainm Úsáideora Nua ann cheana féin.
 invalidUsernameMessage=Ainm úsáideora neamhbhailí, ní féidir ach litreacha, uimhreacha agus na carachtair speisialta seo a leanas @._+- a bheith san ainm úsáideora nó ní mór gur seoladh ríomhphoist bailí é.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Ní mór Pasfhocal Nua agus Deimhnigh Pasfhocal Nua a bheith ag teacht leis.
 deleteCurrentUserMessage=Ní féidir an t-úsáideoir atá logáilte isteach faoi láthair a scriosadh.
 deleteUsernameExistsMessage=Níl an t-ainm úsáideora ann agus ní féidir é a scriosadh.
 downgradeCurrentUserMessage=Ní féidir ról an úsáideora reatha a íosghrádú
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Ní féidir ról an úsáideora reatha a íosghrádú. Mar sin, ní thaispeánfar an t-úsáideoir reatha.
 userAlreadyExistsOAuthMessage=Tá an t-úsáideoir ann cheana mar úsáideoir OAuth2.
 userAlreadyExistsWebMessage=Tá an t-úsáideoir ann cheana féin mar úsáideoir gréasáin.
@ -177,6 +179,7 @@ adminUserSettings.user=Úsáideoir
 adminUserSettings.addUser=Cuir Úsáideoir Nua leis
 adminUserSettings.deleteUser=Scrios Úsáideoir
 adminUserSettings.confirmDeleteUser=Ar cheart an t-úsáideoir a scriosadh?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Ní féidir ach litreacha, uimhreacha agus na carachtair speisialta seo a leanas @._+- a bheith san ainm úsáideora nó ní mór gur seoladh ríomhphoist bailí é.
 adminUserSettings.roles=Róil
 adminUserSettings.role=Ról
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Cuir iallach ar an úsáideoir pasfhocal a athrú
 adminUserSettings.submit=Sábháil Úsáideoir
 adminUserSettings.changeUserRole=Athraigh Ról an Úsáideora
 adminUserSettings.authenticated=Fíordheimhnithe
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Iompórtáil / Easpórtáil Bunachar Sonraí
@ -481,12 +491,14 @@ login.locked=Tá do chuntas glasáilte.
 login.signinTitle=Sínigh isteach le do thoil
 login.ssoSignIn=Logáil isteach trí Chlárú Aonair
 login.oauth2AutoCreateDisabled=OAUTH2 Uath-Chruthaigh Úsáideoir faoi Mhíchumas
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Níor aimsíodh iarratas údaraithe
 login.oauth2InvalidUserInfoResponse=Freagra Neamhbhailí Faisnéise Úsáideora
 login.oauth2invalidRequest=Iarratas Neamhbhailí
 login.oauth2AccessDenied=Rochtain Diúltaithe
 login.oauth2InvalidTokenResponse=Freagra Comhartha Neamhbhailí
 login.oauth2InvalidIdToken=Comhartha Aitheantais Neamhbhailí
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_hi_IN.properties
+++ b/src/main/resources/messages_hi_IN.properties
@ -55,10 +55,12 @@ userNotFoundMessage=उपयोगकर्ता नहीं मिला।
 incorrectPasswordMessage=वर्तमान पासवर्ड गलत है।
 usernameExistsMessage=नया उपयोगकर्ता नाम पहले से मौजूद है।
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=मौजूदा यूज़र की भूमिका को डाउनग्रेड नहीं किया जा सकता
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=मौजूदा यूज़र की भूमिका को डाउनग्रेड नहीं किया जा सकता। इसलिए, वर्तमान उपयोगकर्ता को नहीं दिखाया जाएगा।
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=उपयोगकर्ता
 adminUserSettings.addUser=नया उपयोगकर्ता जोड़ें
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=रोल्स
 adminUserSettings.role=रोल
@ -190,6 +193,13 @@ adminUserSettings.forceChange=उपयोगकर्ता को लॉगि
 adminUserSettings.submit=उपयोगकर्ता को सहेजें
 adminUserSettings.changeUserRole=यूज़र की भूमिका बदलें
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=आपका खाता लॉक कर दिया गया
 login.signinTitle=कृपया साइन इन करें
 login.ssoSignIn=सिंगल साइन - ऑन के ज़रिए लॉग इन करें
 login.oauth2AutoCreateDisabled=OAUTH2 ऑटो - क्रिएट यूज़र अक्षम किया गया
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_hr_HR.properties
+++ b/src/main/resources/messages_hr_HR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Korisnik nije pronađen.
 incorrectPasswordMessage=Kriva zaporka.
 usernameExistsMessage=Korisničko ime već postoji
 invalidUsernameMessage=Nevažeće korisničko ime, korisničko ime može sadržavati samo slova, brojke i sljedeće posebne znakove @._+- ili mora biti važeća adresa e-pošte.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Nije moguće izbrisati trenutno prijavljenog korisnika.
 deleteUsernameExistsMessage=Korisničko ime ne postoji i ne može se izbrisati.
 downgradeCurrentUserMessage=Nije moguće vratiti unazad ulogu trenutnog korisnika
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Nije moguće vratiti unazad ulogu trenutnog korisnika. Dakle, trenutni korisnik neće biti prikazan.
 userAlreadyExistsOAuthMessage=Korisnik već postoji kao OAuth2 korisnik.
 userAlreadyExistsWebMessage=Korisnik već postoji kao web korisnik.
@ -177,6 +179,7 @@ adminUserSettings.user=Korisnik
 adminUserSettings.addUser=Dodaj novog korisnika
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Korisničko ime može sadržavati samo slova, brojke i sljedeće posebne znakove @._+- ili mora biti važeća adresa e-pošte.
 adminUserSettings.roles=Uloge
 adminUserSettings.role=Uloga
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Prisiliti korisnika da promijeni lozinku prilikom
 adminUserSettings.submit=Spremi korisnika
 adminUserSettings.changeUserRole=Promijenite korisničku ulogu
 adminUserSettings.authenticated=Autentificirano
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Vaš račun je zaključan.
 login.signinTitle=Molimo vas da se prijavite
 login.ssoSignIn=Prijavite se putem jedinstvene prijave
 login.oauth2AutoCreateDisabled=OAUTH2 automatsko kreiranje korisnika je onemogućeno
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Zahtjev za autorizaciju nije pronađen
 login.oauth2InvalidUserInfoResponse=Nevažeće informacije o korisniku
 login.oauth2invalidRequest=Neispravan zahtjev
 login.oauth2AccessDenied=Pristup odbijen
 login.oauth2InvalidTokenResponse=Nevažeći odgovor tokena
 login.oauth2InvalidIdToken=Nevažeći ID token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_hu_HU.properties
+++ b/src/main/resources/messages_hu_HU.properties
@ -55,10 +55,12 @@ userNotFoundMessage=A felhasználó nem található.
 incorrectPasswordMessage=A jelenlegi jelszó helytelen.
 usernameExistsMessage=Az új felhasználónév már létezik.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=A jelenlegi felhasználó szerepkörét nem lehet visszaminősíteni
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Az aktuális felhasználó szerepkörét nem lehet visszaminősíteni. Ezért az aktuális felhasználó nem jelenik meg.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Felhasználó
 adminUserSettings.addUser=Új felhasználó hozzáadása
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Szerepek
 adminUserSettings.role=Szerep
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Kényszerítse a felhasználót a felhasználóné
 adminUserSettings.submit=Felhasználó mentése
 adminUserSettings.changeUserRole=Felhasználó szerepkörének módosítása
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=A fiókja zárolva lett!
 login.signinTitle=Kérjük, jelentkezzen be!
 login.ssoSignIn=Bejelentkezés egyszeri bejelentkezéssel
 login.oauth2AutoCreateDisabled=OAUTH2 Felhasználó automatikus létrehozása letiltva
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_id_ID.properties
+++ b/src/main/resources/messages_id_ID.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Pengguna tidak ditemukan.
 incorrectPasswordMessage=Kata sandi saat ini salah.
 usernameExistsMessage=Nama pengguna baru sudah ada.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Tidak dapat menurunkan peran pengguna saat ini
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Tidak dapat menurunkan peran pengguna saat ini. Oleh karena itu, pengguna saat ini tidak akan ditampilkan.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Pengguna
 adminUserSettings.addUser=Tambahkan Pengguna Baru
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Peran
 adminUserSettings.role=Peran
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Memaksa pengguna untuk mengubah nama pengguna/kata
 adminUserSettings.submit=Simpan Pengguna
 adminUserSettings.changeUserRole=Ubah Peran Pengguna
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Akun Anda telah dikunci.
 login.signinTitle=Silakan masuk
 login.ssoSignIn=Masuk melalui Single Sign - on
 login.oauth2AutoCreateDisabled=OAUTH2 Buat Otomatis Pengguna Dinonaktifkan
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_it_IT.properties
+++ b/src/main/resources/messages_it_IT.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Utente non trovato.
 incorrectPasswordMessage=La password attuale non è corretta.
 usernameExistsMessage=Il nuovo nome utente esiste già.
 invalidUsernameMessage=Nome utente non valido, il nome utente può contenere solo lettere, numeri e i seguenti caratteri speciali @._+- o deve essere un indirizzo email valido.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=La nuova password e la conferma della nuova password devono corrispondere.
 deleteCurrentUserMessage=Impossibile eliminare l'utente attualmente connesso.
 deleteUsernameExistsMessage=Il nome utente non esiste e non può essere eliminato.
 downgradeCurrentUserMessage=Impossibile declassare il ruolo dell'utente corrente
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Impossibile declassare il ruolo dell'utente corrente. Pertanto, l'utente corrente non verrà visualizzato.
 userAlreadyExistsOAuthMessage=L'utente esiste già come utente OAuth2.
 userAlreadyExistsWebMessage=L'utente esiste già come utente web.
@ -177,6 +179,7 @@ adminUserSettings.user=Utente
 adminUserSettings.addUser=Aggiungi un nuovo Utente
 adminUserSettings.deleteUser=Elimina utente
 adminUserSettings.confirmDeleteUser=L'utente deve essere eliminato?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Il nome utente può contenere solo lettere, numeri e i seguenti caratteri speciali @._+- oppure deve essere un indirizzo email valido.
 adminUserSettings.roles=Ruoli
 adminUserSettings.role=Ruolo
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Forza l'utente a cambiare nome username/password a
 adminUserSettings.submit=Salva utente
 adminUserSettings.changeUserRole=Cambia il ruolo dell'utente
 adminUserSettings.authenticated=Autenticato
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Importazione/Esportazione database
@ -481,12 +491,14 @@ login.locked=Il tuo account è stato bloccato.
 login.signinTitle=Per favore accedi
 login.ssoSignIn=Accedi tramite Single Sign-on
 login.oauth2AutoCreateDisabled=Creazione automatica utente OAUTH2 DISABILITATA
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Richiesta di autorizzazione non trovata
 login.oauth2InvalidUserInfoResponse=Risposta relativa alle informazioni utente non valida
 login.oauth2invalidRequest=Richiesta non valida
 login.oauth2AccessDenied=Accesso negato
 login.oauth2InvalidTokenResponse=Risposta token non valida
 login.oauth2InvalidIdToken=Id Token non valido
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_ja_JP.properties
+++ b/src/main/resources/messages_ja_JP.properties
@ -55,10 +55,12 @@ userNotFoundMessage=ユーザーが見つかりません。
 incorrectPasswordMessage=現在のパスワードが正しくありません。
 usernameExistsMessage=新しいユーザー名はすでに存在します。
 invalidUsernameMessage=ユーザー名が無効です。ユーザー名には文字、数字、およびそれに続く特殊文字 @._+- のみを含めることができます。または、有効な電子メール アドレスである必要があります。
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=新しいパスワードと新しいパスワードの確認は一致する必要があります。
 deleteCurrentUserMessage=現在ログインしているユーザーは削除できません。
 deleteUsernameExistsMessage=そのユーザー名は存在しないため削除できません。
 downgradeCurrentUserMessage=現在のユーザーの役割をダウングレードできません
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=現在のユーザーの役割をダウングレードできません。したがって、現在のユーザーは表示されません。
 userAlreadyExistsOAuthMessage=ユーザーは既にOAuth2ユーザーとして存在します。
 userAlreadyExistsWebMessage=ユーザーは既にWebユーザーとして存在します。
@ -177,6 +179,7 @@ adminUserSettings.user=ユーザー
 adminUserSettings.addUser=新しいユーザを追加
 adminUserSettings.deleteUser=ユーザの削除
 adminUserSettings.confirmDeleteUser=ユーザを本当に削除しますか？
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=ユーザー名には、文字、数字、および次の特殊文字 @._+- のみを含めることができます。または、有効な電子メール アドレスである必要があります。
 adminUserSettings.roles=役割
 adminUserSettings.role=役割
@ -190,6 +193,13 @@ adminUserSettings.forceChange=ログイン時にユーザー名/パスワード
 adminUserSettings.submit=ユーザーの保存
 adminUserSettings.changeUserRole=ユーザーの役割を変更する
 adminUserSettings.authenticated=認証済
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=データベースのインポート/エクスポート
@ -481,12 +491,14 @@ login.locked=あなたのアカウントはロックされています。
 login.signinTitle=サインインしてください
 login.ssoSignIn=シングルサインオンでログイン
 login.oauth2AutoCreateDisabled=OAuth 2自動作成ユーザーが無効
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=認証リクエストが見つかりません
 login.oauth2InvalidUserInfoResponse=無効なユーザー情報の応答
 login.oauth2invalidRequest=無効なリクエスト
 login.oauth2AccessDenied=アクセス拒否
 login.oauth2InvalidTokenResponse=無効なトークン応答
 login.oauth2InvalidIdToken=無効なIDトークン
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_ko_KR.properties
+++ b/src/main/resources/messages_ko_KR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=사용자를 찾을 수 없습니다.
 incorrectPasswordMessage=현재 비밀번호가 틀립니다.
 usernameExistsMessage=새 사용자명이 이미 존재합니다.
 invalidUsernameMessage=잘못된 사용자 이름입니다. 사용자 이름에는 문자, 숫자 및 다음 특수 문자(@._+-)만 포함할 수 있거나 유효한 이메일 주소여야 합니다.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=현재 로그인한 사용자를 삭제할 수 없습니다.
 deleteUsernameExistsMessage=사용자 이름이 존재하지 않으며 삭제할 수 없습니다.
 downgradeCurrentUserMessage=현재 사용자의 역할을 다운그레이드할 수 없습니다
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=현재 사용자의 역할을 다운그레이드할 수 없습니다. 따라서 현재 사용자는 표시되지 않습니다.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=사용자
 adminUserSettings.addUser=새 사용자 추가
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=사용자 이름은 문자, 숫자, 특수 문자 @._+-만 포함할 수 있으며 유효한 이메일 주소여야 합니다.
 adminUserSettings.roles=역할
 adminUserSettings.role=역할
@ -190,6 +193,13 @@ adminUserSettings.forceChange=다음 로그인 때 사용자명과 비밀번호
 adminUserSettings.submit=사용자 저장
 adminUserSettings.changeUserRole=사용자의 역할 변경
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=계정이 잠겼습니다.
 login.signinTitle=로그인해 주세요.
 login.ssoSignIn=싱글사인온을 통한 로그인
 login.oauth2AutoCreateDisabled=OAUTH2 사용자 자동 생성 비활성화됨
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_nl_NL.properties
+++ b/src/main/resources/messages_nl_NL.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Gebruiker niet gevonden.
 incorrectPasswordMessage=Huidige wachtwoord is onjuist.
 usernameExistsMessage=Nieuwe gebruikersnaam bestaat al.
 invalidUsernameMessage=Ongeldige gebruikersnaam, gebruikersnaam kan alleen letters, nummers en de volgende speciale tekens @._+- bevatten of moet een geldig emailadres zijn.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Nieuw wachtwoord en bevestig wachtwoord moeten overeenkomen.
 deleteCurrentUserMessage=Kan niet een momenteel ingelogde gebruiker verwijderen.
 deleteUsernameExistsMessage=De gebruikersnaam bestaat niet en kan niet verwijderd worden.
 downgradeCurrentUserMessage=Kan de rol van de huidige gebruiker niet downgraden
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Kan de rol van de huidige gebruiker niet downgraden. Huidige gebruiker wordt dus niet weergegeven.
 userAlreadyExistsOAuthMessage=De gebruiker bestaat al als een OAuth2 gebruiker.
 userAlreadyExistsWebMessage=De gebruiker bestaat al als een web gebruiker.
@ -177,6 +179,7 @@ adminUserSettings.user=Gebruiker
 adminUserSettings.addUser=Voeg nieuwe gebruiker toe
 adminUserSettings.deleteUser=Verwijder gebruiker
 adminUserSettings.confirmDeleteUser=Moet deze gebruiker verwijderd worden?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Gebruikersnaam kan alleen letters, nummers en de volgende speciale tekens @._+- bevatten of moet een geldig emailadres zijn.
 adminUserSettings.roles=Rollen
 adminUserSettings.role=Rol
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Forceer gebruiker om gebruikersnaam/wachtwoord te
 adminUserSettings.submit=Gebruiker opslaan
 adminUserSettings.changeUserRole=De rol van de gebruiker wijzigen
 adminUserSettings.authenticated=Geauthenticeerd
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Je account is geblokkeerd.
 login.signinTitle=Gelieve in te loggen
 login.ssoSignIn=Inloggen via Single Sign-on
 login.oauth2AutoCreateDisabled=OAUTH2 Automatisch aanmaken gebruiker uitgeschakeld
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Autorisatieverzoek niet gevonden
 login.oauth2InvalidUserInfoResponse=Ongeldige reactie op gebruikersinfo
 login.oauth2invalidRequest=Ongeldig verzoek
 login.oauth2AccessDenied=Toegang geweigerd
 login.oauth2InvalidTokenResponse=Ongeldige tokenreactie
 login.oauth2InvalidIdToken=Ongeldige ID token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_no_NB.properties
+++ b/src/main/resources/messages_no_NB.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Bruker ikke funnet.
 incorrectPasswordMessage=Nåværende passord er feil.
 usernameExistsMessage=Det nye brukernavnet eksisterer allerede.
 invalidUsernameMessage=Ugyldig brukernavn, brukernavnet kan bare inneholde bokstaver, tall og følgende spesialtegn @._+- eller må være en gyldig e-postadresse.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Nytt passord og Bekreft nytt passord må være like.
 deleteCurrentUserMessage=Kan ikke slette den innloggede brukeren.
 deleteUsernameExistsMessage=Brukernavnet eksisterer ikke og kan ikke slettes.
 downgradeCurrentUserMessage=Kan ikke nedgradere den innloggede brukerens rolle.
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Kan ikke nedgradere den innloggede brukerens rolle. Derfor vil ikke den innloggede brukeren bli vist.
 userAlreadyExistsOAuthMessage=Brukeren eksisterer allerede som en OAuth2-bruker.
 userAlreadyExistsWebMessage=Brukeren eksisterer allerede som en web-bruker.
@ -177,6 +179,7 @@ adminUserSettings.user=Bruker
 adminUserSettings.addUser=Legg til Ny Bruker
 adminUserSettings.deleteUser=Slett Bruker
 adminUserSettings.confirmDeleteUser=Skal brukeren slettes?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Brukernavn kan bare inneholde bokstaver, tall og følgende spesialtegn @._+- eller må være en gyldig e-postadresse.
 adminUserSettings.roles=Roller
 adminUserSettings.role=Rolle
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Tving bruker til å endre passord ved innlogging
 adminUserSettings.submit=Lagre Bruker
 adminUserSettings.changeUserRole=Endre Brukerens Rolle
 adminUserSettings.authenticated=Autentisert
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Eksport
@ -481,12 +491,14 @@ login.locked=Kontoen din har blitt låst.
 login.signinTitle=Vennligst logg inn
 login.ssoSignIn=Logg inn via Enkel Pålogging
 login.oauth2AutoCreateDisabled=OAUTH2 Auto-Opretting av bruker deaktivert
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Autentiseringsforespørsel ikke funnet
 login.oauth2InvalidUserInfoResponse=Ugyldig brukerinforespons
 login.oauth2invalidRequest=Ugyldig forespørsel
 login.oauth2AccessDenied=Tilgang nektet
 login.oauth2InvalidTokenResponse=Ugyldig tokenrespons
 login.oauth2InvalidIdToken=Ugyldig Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_pl_PL.properties
+++ b/src/main/resources/messages_pl_PL.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Brak użytkownika.
 incorrectPasswordMessage=Nieprawidłowe hasło.
 usernameExistsMessage=Taki uzytkownik już istnieje.
 invalidUsernameMessage=Niewłaściwa nazwa użytkownika - musi zawierać litery, cyfry i @._+- LUB być adresem email.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Wpisz poprawnie hasło w OBA pola.
 deleteCurrentUserMessage=Nie można usunąć zalogowanego użytkownika
 deleteUsernameExistsMessage=Nie można usunąć zalogowanego użytkownika
 downgradeCurrentUserMessage=Nie można obniżyć roli bieżącego użytkownika
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Nie można obniżyć roli bieżącego użytkownika. W związku z tym bieżący użytkownik nie zostanie wyświetlony.
 userAlreadyExistsOAuthMessage=Takie konto użytkownika istnieje - stworzone za pomocą OAuth2.
 userAlreadyExistsWebMessage=Takie konto użytkownika istnieje - stworzone za pomocą przeglądarki.
@ -177,6 +179,7 @@ adminUserSettings.user=Użytkownik
 adminUserSettings.addUser=Dodaj nowego użytkownika
 adminUserSettings.deleteUser=Usuń użytkownika
 adminUserSettings.confirmDeleteUser=Czy na pewno usunąć użytkownika?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Niewłaściwa nazwa użytkownika - musi zawierać litery, cyfry i @._+- LUB być adresem email.
 adminUserSettings.roles=Role
 adminUserSettings.role=Rola
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Wymuś zmianę hasło po zalogowaniu
 adminUserSettings.submit=Zapisz użytkownika
 adminUserSettings.changeUserRole=Zmień rolę użytkownika
 adminUserSettings.authenticated=Zalogowany
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Import/Eksport bazy danych
@ -481,12 +491,14 @@ login.locked=Konto jest zablokowane
 login.signinTitle=Zaloguj się
 login.ssoSignIn=Zaloguj się za pomocą logowania jednokrotnego
 login.oauth2AutoCreateDisabled=Wyłączono automatyczne tworzenie użytkownika OAUTH2
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Błąd logowania OAuth2
 login.oauth2InvalidUserInfoResponse=Niewłaściwe dane logowania
 login.oauth2invalidRequest=Nieprawidłowe żądanie
 login.oauth2AccessDenied=Brak dostępu
 login.oauth2InvalidTokenResponse=Nieprawidłowa odpowiedź na token
 login.oauth2InvalidIdToken=Nieprawidłowa wartość tokenu
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_pt_BR.properties
+++ b/src/main/resources/messages_pt_BR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Usuário não encontrado.
 incorrectPasswordMessage=A senha atual está incorreta.
 usernameExistsMessage=Novo Usuário já existe.
 invalidUsernameMessage=Usuário inválido, nome de usuário só pode incluir letras, números e os seguintes caracteres especiais @._+- ou deve ser um email válido.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Nova Senha e Confirmar Nova Senha devem ser iguais.
 deleteCurrentUserMessage=Não é possível apagar o usuário da sessão atual.
 deleteUsernameExistsMessage=O usuário não existe e não pode ser apagado.
 downgradeCurrentUserMessage=Não é possível fazer downgrade da função do usuário atual
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Não é possível fazer downgrade da função do usuário atual. Portanto, o usuário atual não será mostrado.
 userAlreadyExistsOAuthMessage=O usuário já existe como um usuário OAuth2.
 userAlreadyExistsWebMessage=O usuário já existe como um usuário web.
@ -190,6 +192,13 @@ adminUserSettings.forceChange=Forçar usuário a trocar a senha ao iniciar sess
 adminUserSettings.submit=Salvar usuário
 adminUserSettings.changeUserRole=Alterar Função de Usuário
 adminUserSettings.authenticated=Autenticado
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Importar/Exportar banco de dados
@ -208,6 +217,7 @@ database.fileNotFound=Arquivo não encontrado
 database.fileNullOrEmpty=O arquivo não estar nulo ou vazio
 database.failedImportFile=Falha ao importar arquivo
 #############
 # HOME-PAGE #
 #############
@ -481,12 +491,15 @@ login.locked=Sua conta foi bloqueada.
 login.signinTitle=Por favor, inicie a sessão
 login.ssoSignIn=Iniciar sessão através de início de sessão único
 login.oauth2AutoCreateDisabled=Auto-Criar Usuário OAUTH2 Desativado
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Solicitação de autorização não encontrada
 login.oauth2InvalidUserInfoResponse=Resposta de informação de usuário inválida
 login.oauth2invalidRequest=Requisição inválida
 login.oauth2AccessDenied=Acesso negado
 login.oauth2InvalidTokenResponse=Resposta de token inválida
 login.oauth2InvalidIdToken=Id de token inválido
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_pt_PT.properties
+++ b/src/main/resources/messages_pt_PT.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Utilizador inexistente.
 incorrectPasswordMessage=Senha incorreta.
 usernameExistsMessage=Esse utilizador já existe.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Não é possível fazer downgrade da função do utilizador atual
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Não é possível fazer downgrade da função do utilizador atual. Portanto, o utilizador atual não será mostrado.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=Alterar usuário
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=A sua conta foi bloqueada.
 login.signinTitle=Introduza os seus dados de acesso
 login.ssoSignIn=Iniciar sessão através de início de sessão único
 login.oauth2AutoCreateDisabled=OAUTH2 Criação Automática de Utilizador Desativada
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_ro_RO.properties
+++ b/src/main/resources/messages_ro_RO.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Rolul utilizatorului curent nu poate fi retrogradat
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Rolul utilizatorului curent nu poate fi retrogradat. Prin urmare, utilizatorul curent nu va fi afișat.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=Schimbați rolul utilizatorului
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=Conectare prin conectare unică
 login.oauth2AutoCreateDisabled=OAUTH2 Creare automată utilizator dezactivată
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_ru_RU.properties
+++ b/src/main/resources/messages_ru_RU.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Пользователь не найден.
 incorrectPasswordMessage=Текущий пароль неверен.
 usernameExistsMessage=Новое имя пользователя уже существует.
 invalidUsernameMessage=Неверное имя пользователя. Имя пользователя может содержать только буквы, цифры и следующие специальные символы @._+- или должно быть действительным адресом электронной почты.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Невозможно удалить пользователя, вошедшего в систему.
 deleteUsernameExistsMessage=Имя пользователя не существует и не может быть удалено.
 downgradeCurrentUserMessage=Невозможно понизить роль текущего пользователя
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Невозможно понизить роль текущего пользователя. Следовательно, текущий пользователь не будет отображаться.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Пользователь
 adminUserSettings.addUser=Добавить нового пользователя
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Имя пользователя может содержать только буквы, цифры и следующие специальные символы @._+- или должно быть действительным адресом электронной почты.
 adminUserSettings.roles=Роли
 adminUserSettings.role=Роль
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Просить пользователя измен
 adminUserSettings.submit=Сохранить пользователя
 adminUserSettings.changeUserRole=Изменить роль пользователя
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Ваша учетная запись заблокирована.
 login.signinTitle=Пожалуйста, войдите
 login.ssoSignIn=Вход через единый вход
 login.oauth2AutoCreateDisabled=OAUTH2 Автоматическое создание пользователя отключено
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_sk_SK.properties
+++ b/src/main/resources/messages_sk_SK.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Používateľ nebol nájdený.
 incorrectPasswordMessage=Aktuálne heslo je nesprávne.
 usernameExistsMessage=Nové používateľské meno už existuje.
 invalidUsernameMessage=Neplatné používateľské meno, používateľské meno musí obsahovať len abecedné znaky a čísla.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Nie je možné zmazať aktuálne prihláseného používateľa.
 deleteUsernameExistsMessage=Používateľské meno neexistuje a nemôže byť zmazané.
 downgradeCurrentUserMessage=Nie je možné znížiť rolu aktuálneho používateľa
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Nie je možné znížiť rolu aktuálneho používateľa. Preto, aktuálny používateľ nebude zobrazený.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Používateľ
 adminUserSettings.addUser=Pridať nového používateľa
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Používateľské meno musí obsahovať iba písmená a čísla, žiadne medzery alebo špeciálne znaky.
 adminUserSettings.roles=Role
 adminUserSettings.role=Rola
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Donútiť používateľa zmeniť heslo pri prihlá
 adminUserSettings.submit=Uložiť používateľa
 adminUserSettings.changeUserRole=Zmeniť rolu používateľa
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Váš účet bol uzamknutý.
 login.signinTitle=Prosím, prihláste sa
 login.ssoSignIn=Prihlásiť sa cez Single Sign-on
 login.oauth2AutoCreateDisabled=Vytváranie používateľa cez OAUTH2 je zakázané
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_sr_LATN_RS.properties
+++ b/src/main/resources/messages_sr_LATN_RS.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Korisnik nije pronađen.
 incorrectPasswordMessage=Trenutna šifra je netačna.
 usernameExistsMessage=Novi korisnik već postoji
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Nije moguće degradirati ulogu trenutnog korisnika
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Nije moguće unazaditi ulogu trenutnog korisnika. Dakle, trenutni korisnik neće biti prikazan.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Korisnik
 adminUserSettings.addUser=Dodaj novog korisnika
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Uloge
 adminUserSettings.role=Uloga
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Prisili korisnika da promeni korisničko ime/lozin
 adminUserSettings.submit=Sačuvaj korisnika
 adminUserSettings.changeUserRole=Promenite ulogu korisnika
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Vaš nalog je zaključan.
 login.signinTitle=Molimo vas da se prijavite
 login.ssoSignIn=Prijavite se putem jedinstvene prijave
 login.oauth2AutoCreateDisabled=OAUTH2 automatsko kreiranje korisnika je onemogućeno
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_sv_SE.properties
+++ b/src/main/resources/messages_sv_SE.properties
@ -55,10 +55,12 @@ userNotFoundMessage=User not found.
 incorrectPasswordMessage=Current password is incorrect.
 usernameExistsMessage=New Username already exists.
 invalidUsernameMessage=Invalid username, username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Cannot delete currently logged in user.
 deleteUsernameExistsMessage=The username does not exist and cannot be deleted.
 downgradeCurrentUserMessage=Kan inte nedgradera nuvarande användares roll
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Kan inte nedgradera nuvarande användares roll. Därför kommer den aktuella användaren inte att visas.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=User
 adminUserSettings.addUser=Add New User
 adminUserSettings.deleteUser=Delete User
 adminUserSettings.confirmDeleteUser=Should the user be deleted?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Username can only contain letters, numbers and the following special characters @._+- or must be a valid email address.
 adminUserSettings.roles=Roles
 adminUserSettings.role=Role
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Force user to change password on login
 adminUserSettings.submit=Save User
 adminUserSettings.changeUserRole=Ändra användarens roll
 adminUserSettings.authenticated=Authenticated
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Your account has been locked.
 login.signinTitle=Please sign in
 login.ssoSignIn=Logga in via enkel inloggning
 login.oauth2AutoCreateDisabled=OAUTH2 Auto-Create User inaktiverad
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Authorization request not found
 login.oauth2InvalidUserInfoResponse=Invalid User Info Response
 login.oauth2invalidRequest=Invalid Request
 login.oauth2AccessDenied=Access Denied
 login.oauth2InvalidTokenResponse=Invalid Token Response
 login.oauth2InvalidIdToken=Invalid Id Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_th_TH.properties
+++ b/src/main/resources/messages_th_TH.properties
@ -55,10 +55,12 @@ userNotFoundMessage=ไม่พบผู้ใช้
 incorrectPasswordMessage=รหัสผ่านปัจจุบันไม่ถูกต้อง
 usernameExistsMessage=ชื่อผู้ใช้ใหม่มีอยู่แล้ว
 invalidUsernameMessage=ชื่อผู้ใช้ไม่ถูกต้อง ชื่อผู้ใช้สามารถประกอบด้วยตัวอักษร ตัวเลข และอักขระพิเศษต่อไปนี้ @._+- หรือจะต้องเป็นที่อยู่อีเมลที่ถูกต้อง
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=รหัสผ่านใหม่และยืนยันรหัสผ่านใหม่ต้องตรงกัน
 deleteCurrentUserMessage=ไม่สามารถลบผู้ใช้ที่เข้าสู่ระบบในปัจจุบันได้
 deleteUsernameExistsMessage=ชื่อผู้ใช้ไม่ปรากฏและไม่สามารถลบได้
 downgradeCurrentUserMessage=ไม่สามารถลดระดับบทบาทของผู้ใช้ปัจจุบันได้
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=ไม่สามารถลดระดับบทบาทของผู้ใช้ปัจจุบันได้ ดังนั้นผู้ใช้ปัจจุบันจะไม่ปรากฏ
 userAlreadyExistsOAuthMessage=ผู้ใช้มีอยู่แล้วในฐานะผู้ใช้ OAuth2
 userAlreadyExistsWebMessage=ผู้ใช้มีอยู่แล้วในฐานะผู้ใช้เว็บ
@ -177,6 +179,7 @@ adminUserSettings.user=ผู้ใช้
 adminUserSettings.addUser=เพิ่มผู้ใช้ใหม่
 adminUserSettings.deleteUser=ลบผู้ใช้
 adminUserSettings.confirmDeleteUser=ควรลบผู้ใช้นี้หรือไม่?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=ชื่อผู้ใช้สามารถประกอบด้วยตัวอักษร ตัวเลข และอักขระพิเศษต่อไปนี้ @._+- หรือจะต้องเป็นที่อยู่อีเมลที่ถูกต้อง
 adminUserSettings.roles=บทบาท
 adminUserSettings.role=บทบาท
@ -190,6 +193,13 @@ adminUserSettings.forceChange=บังคับให้ผู้ใช้เ
 adminUserSettings.submit=บันทึกผู้ใช้
 adminUserSettings.changeUserRole=เปลี่ยนบทบาทของผู้ใช้
 adminUserSettings.authenticated=ได้รับการยืนยันแล้ว
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=การนำเข้า/ส่งออกฐานข้อมูล
@ -481,12 +491,14 @@ login.locked=บัญชีของคุณถูกล็อค
 login.signinTitle=กรุณาลงชื่อเข้าใช้
 login.ssoSignIn=เข้าสู่ระบบด้วย Single Sign-on
 login.oauth2AutoCreateDisabled=การสร้างผู้ใช้ OAuth2 อัตโนมัติถูกปิดใช้งาน
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=ไม่พบคำขอการอนุญาต
 login.oauth2InvalidUserInfoResponse=การตอบกลับข้อมูลผู้ใช้ไม่ถูกต้อง
 login.oauth2invalidRequest=คำขอไม่ถูกต้อง
 login.oauth2AccessDenied=การเข้าถึงถูกปฏิเสธ
 login.oauth2InvalidTokenResponse=การตอบกลับโทเค็นไม่ถูกต้อง
 login.oauth2InvalidIdToken=โทเค็น Id ไม่ถูกต้อง
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_tr_TR.properties
+++ b/src/main/resources/messages_tr_TR.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Kullanıcı bulunamadı.
 incorrectPasswordMessage=Mevcut şifre yanlış.
 usernameExistsMessage=Yeni Kullanıcı Adı zaten var.
 invalidUsernameMessage=Geçersiz kullanıcı adı, kullanıcı adı yalnızca harf, rakam ve aşağıdaki özel karakterleri @._+- içerebilir veya geçerli bir e-posta adresi olmalıdır.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Yeni Şifre ve Yeni Şifreyi Onayla eşleşmelidir.
 deleteCurrentUserMessage=Şu anda oturum açmış olan kullanıcı silinemiyor.
 deleteUsernameExistsMessage=Kullanıcı adı mevcut değil ve silinemez.
 downgradeCurrentUserMessage=Mevcut kullanıcının rolü düşürülemiyor
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Mevcut kullanıcının rolü düşürülemiyor. Bu nedenle, mevcut kullanıcı gösterilmeyecektir.
 userAlreadyExistsOAuthMessage=Kullanıcı zaten bir OAuth2 kullanıcısı olarak mevcut.
 userAlreadyExistsWebMessage=Kullanıcı zaten bir web kullanıcısı olarak mevcut.
@ -177,6 +179,7 @@ adminUserSettings.user=Kullanıcı
 adminUserSettings.addUser=Yeni Kullanıcı Ekle
 adminUserSettings.deleteUser=Kullanıcı Sil
 adminUserSettings.confirmDeleteUser=Kullanıcı silinsin mi?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Kullanıcı adı yalnızca harf, rakam ve aşağıdaki özel karakterleri @._+- içerebilir veya geçerli bir e-posta adresi olmalıdır.
 adminUserSettings.roles=Roller
 adminUserSettings.role=Rol
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Kullanıcının girişte kullanıcı adı/şifre d
 adminUserSettings.submit=Kullanıcıyı Kaydet
 adminUserSettings.changeUserRole=Kullanıcı rolünü değiştir
 adminUserSettings.authenticated=Onaylandı
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Veri Tabanını İçe/Dışa Aktar
@ -481,12 +491,14 @@ login.locked=Hesabınız kilitlendi.
 login.signinTitle=Lütfen giriş yapınız.
 login.ssoSignIn=Tek Oturum Açma ile Giriş Yap
 login.oauth2AutoCreateDisabled=OAUTH2 Otomatik Oluşturma Kullanıcı Devre Dışı Bırakıldı
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Yetkilendirme isteği bulunamadı
 login.oauth2InvalidUserInfoResponse=Geçersiz Kullanıcı Bilgisi Yanıtı
 login.oauth2invalidRequest=Geçersiz İstek
 login.oauth2AccessDenied=Erişim Reddedildi
 login.oauth2InvalidTokenResponse=Geçersiz Belirteç Yanıtı
 login.oauth2InvalidIdToken=Geçersiz Kimlik Belirteci
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_uk_UA.properties
+++ b/src/main/resources/messages_uk_UA.properties
@ -55,10 +55,12 @@ userNotFoundMessage=Користувача не знайдено.
 incorrectPasswordMessage=Поточний пароль невірний.
 usernameExistsMessage=Нове ім'я користувача вже існує.
 invalidUsernameMessage=Недійсне ім’я користувача, ім’я користувача може містити лише літери, цифри та наступні спеціальні символи @._+- або має бути дійсною електронною адресою.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=New Password and Confirm New Password must match.
 deleteCurrentUserMessage=Неможливо видалити користувача, який увійшов в систему.
 deleteUsernameExistsMessage=Ім'я користувача не існує і не може бути видалено.
 downgradeCurrentUserMessage=Неможливо понизити роль поточного користувача
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Неможливо понизити роль поточного користувача. Отже, поточний користувач не відображатиметься.
 userAlreadyExistsOAuthMessage=The user already exists as an OAuth2 user.
 userAlreadyExistsWebMessage=The user already exists as an web user.
@ -177,6 +179,7 @@ adminUserSettings.user=Користувач
 adminUserSettings.addUser=Додати нового користувача
 adminUserSettings.deleteUser=Видалити користувача
 adminUserSettings.confirmDeleteUser=Видалити цього користувача?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Ім’я користувача може містити лише літери, цифри та наступні спеціальні символи @._+- або має бути дійсною електронною адресою.
 adminUserSettings.roles=Ролі
 adminUserSettings.role=Роль
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Примусити користувача змін
 adminUserSettings.submit=Зберегти користувача
 adminUserSettings.changeUserRole=Змінити роль користувача
 adminUserSettings.authenticated=Автентифіковано
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Database Import/Export
@ -481,12 +491,14 @@ login.locked=Ваш обліковий запис заблоковано.
 login.signinTitle=Будь ласка, увійдіть
 login.ssoSignIn=Увійти через єдиний вхід
 login.oauth2AutoCreateDisabled=Автоматичне створення користувача OAUTH2 ВИМКНЕНО
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Запит на авторизація не знайдено
 login.oauth2InvalidUserInfoResponse=Недійсна відповідь з інформацією користувача
 login.oauth2invalidRequest=Недійсний запит
 login.oauth2AccessDenied=Доступ заблоковано
 login.oauth2InvalidTokenResponse=Недійсна відповідь з токеном
 login.oauth2InvalidIdToken=Недійсний Id токен
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_vi_VN.properties
+++ b/src/main/resources/messages_vi_VN.properties
@ -1,7 +1,7 @@
 ###########
 # Generic #
 ###########
-# the direction that the language is written (ltr=left to right, rtl = right to left)
+# the direction that the language is written (ltr = left to right, rtl = right to left)
 language.direction=ltr
 pdfPrompt=Chọn (các) tệp PDF
@ -55,10 +55,12 @@ userNotFoundMessage=Không tìm thấy người dùng.
 incorrectPasswordMessage=Mật khẩu hiện tại không chính xác.
 usernameExistsMessage=Tên người dùng mới đã tồn tại.
 invalidUsernameMessage=Tên người dùng không hợp lệ, tên người dùng chỉ có thể chứa chữ cái, số và các ký tự đặc biệt sau @._+- hoặc phải là một địa chỉ email hợp lệ.
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=Mật khẩu mới và Xác nhận mật khẩu mới phải khớp nhau.
 deleteCurrentUserMessage=Không thể xóa người dùng đang đăng nhập.
 deleteUsernameExistsMessage=Tên người dùng không tồn tại và không thể bị xóa.
 downgradeCurrentUserMessage=Không thể hạ cấp vai trò của người dùng hiện tại
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=Không thể hạ cấp vai trò của người dùng hiện tại. Do đó, người dùng hiện tại sẽ không được hiển thị.
 userAlreadyExistsOAuthMessage=Người dùng đã tồn tại dưới dạng người dùng OAuth2.
 userAlreadyExistsWebMessage=Người dùng đã tồn tại dưới dạng người dùng web.
@ -177,6 +179,7 @@ adminUserSettings.user=Người dùng
 adminUserSettings.addUser=Thêm người dùng mới
 adminUserSettings.deleteUser=Xóa người dùng
 adminUserSettings.confirmDeleteUser=Bạn có muốn xóa người dùng không?
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=Tên người dùng chỉ có thể chứa chữ cái, số và các ký tự đặc biệt sau @._+- hoặc phải là một địa chỉ email hợp lệ.
 adminUserSettings.roles=Vai trò
 adminUserSettings.role=Vai trò
@ -190,6 +193,13 @@ adminUserSettings.forceChange=Buộc người dùng thay đổi mật khẩu khi
 adminUserSettings.submit=Lưu người dùng
 adminUserSettings.changeUserRole=Thay đổi vai trò của người dùng
 adminUserSettings.authenticated=Đã xác thực
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=Nhập/Xuất cơ sở dữ liệu
@ -481,12 +491,14 @@ login.locked=Tài khoản của bạn đã bị khóa.
 login.signinTitle=Vui lòng đăng nhập
 login.ssoSignIn=Đăng nhập qua Single Sign-on
 login.oauth2AutoCreateDisabled=Tự động tạo người dùng OAUTH2 bị vô hiệu hóa
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=Không tìm thấy yêu cầu ủy quyền
 login.oauth2InvalidUserInfoResponse=Phản hồi thông tin người dùng không hợp lệ
 login.oauth2invalidRequest=Yêu cầu không hợp lệ
 login.oauth2AccessDenied=Truy cập bị từ chối
 login.oauth2InvalidTokenResponse=Phản hồi token không hợp lệ
 login.oauth2InvalidIdToken=Id Token không hợp lệ
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_zh_CN.properties
+++ b/src/main/resources/messages_zh_CN.properties
@ -55,10 +55,12 @@ userNotFoundMessage=未找到用户。
 incorrectPasswordMessage=当前密码不正确。
 usernameExistsMessage=新用户名已存在。
 invalidUsernameMessage=用户名无效，用户名只能包含字母、数字和以下特殊字符@._+- 或必须是有效的电子邮件地址。
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=两次密码不一致。
 deleteCurrentUserMessage=无法删除当前登录的用户。
 deleteUsernameExistsMessage=用户名不存在，无法删除。
 downgradeCurrentUserMessage=无法降级当前用户的角色
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=无法降级当前用户的角色。因此，当前用户将不会显示。
 userAlreadyExistsOAuthMessage=该用户已作为OAuth2用户存在。
 userAlreadyExistsWebMessage=该用户已作为Web用户存在。
@ -177,6 +179,7 @@ adminUserSettings.user=用户
 adminUserSettings.addUser=添加新用户
 adminUserSettings.deleteUser=删除用户
 adminUserSettings.confirmDeleteUser=确认删除该用户？
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=用户名只能包含字母、数字和以下特殊字符@._+-，或者必须是有效的电子邮件地址。
 adminUserSettings.roles=角色
 adminUserSettings.role=角色
@ -190,6 +193,13 @@ adminUserSettings.forceChange=强制用户在登录时更改用户名/密码
 adminUserSettings.submit=保存用户
 adminUserSettings.changeUserRole=更改用户角色
 adminUserSettings.authenticated=已验证
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=数据库 导入/导出
@ -481,12 +491,14 @@ login.locked=您的账户已被锁定。
 login.signinTitle=请登录
 login.ssoSignIn=通过单点登录登录
 login.oauth2AutoCreateDisabled=OAuth2自动创建用户已禁用
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=找不到验证请求
 login.oauth2InvalidUserInfoResponse=无效的用户信息响应
 login.oauth2invalidRequest=无效请求
 login.oauth2AccessDenied=拒绝访问
 login.oauth2InvalidTokenResponse=无效的Token响应
 login.oauth2InvalidIdToken=无效的Token
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/messages_zh_TW.properties
+++ b/src/main/resources/messages_zh_TW.properties
@ -55,10 +55,12 @@ userNotFoundMessage=找不到使用者。
 incorrectPasswordMessage=目前密碼不正確。
 usernameExistsMessage=新使用者名稱已存在。
 invalidUsernameMessage=使用者名稱無效，使用者名稱只能包含字母、數字和以下特殊字元 @._+- 或必須是有效的電子郵件地址。
 invalidPasswordMessage=The password must not be empty and must not have spaces at the beginning or end.
 confirmPasswordErrorMessage=輸入的密碼必需和確認密碼相同。
 deleteCurrentUserMessage=無法刪除目前登錄的使用者。
 deleteUsernameExistsMessage=使用者名不存在，無法刪除。
 downgradeCurrentUserMessage=無法降級目前使用者的角色
 disabledCurrentUserMessage=The current user cannot be disabled
 downgradeCurrentUserLongMessage=無法降級目前使用者的角色。因此，不會顯示目前的使用者。
 userAlreadyExistsOAuthMessage=該使用者已於 OAuth2 註冊。
 userAlreadyExistsWebMessage=該使用者已於網頁註冊。
@ -177,6 +179,7 @@ adminUserSettings.user=使用者
 adminUserSettings.addUser=新增使用者
 adminUserSettings.deleteUser=刪除使用者
 adminUserSettings.confirmDeleteUser=確認刪除該使用者？
 adminUserSettings.confirmChangeUserStatus=Should the user be disabled/enabled?
 adminUserSettings.usernameInfo=使用者名稱只能包含字母、數字和以下特殊字元 @._+-，或必須是有效的電子郵件地址。
 adminUserSettings.roles=角色
 adminUserSettings.role=角色
@ -190,6 +193,13 @@ adminUserSettings.forceChange=強制使用者在登入時修改使用者名稱/
 adminUserSettings.submit=儲存
 adminUserSettings.changeUserRole=更改使用者身份
 adminUserSettings.authenticated=已驗證
 adminUserSettings.editOwnProfil=Edit own profile
 adminUserSettings.enabledUser=enabled user
 adminUserSettings.disabledUser=disabled user
 adminUserSettings.activeUsers=Active Users:
 adminUserSettings.disabledUsers=Disabled Users:
 adminUserSettings.totalUsers=Total Users:
 adminUserSettings.lastRequest=Last Request
 database.title=資料庫匯入/匯出
@ -481,12 +491,14 @@ login.locked=你的帳戶已被鎖定。
 login.signinTitle=請登入
 login.ssoSignIn=透過織網單一簽入
 login.oauth2AutoCreateDisabled=OAuth 2.0 自動建立使用者已停用
 login.oauth2AdminBlockedUser=Registration or logging in of non-registered users is currently blocked. Please contact the administrator.
 login.oauth2RequestNotFound=找不到驗證請求
 login.oauth2InvalidUserInfoResponse=無效的使用者資訊回應
 login.oauth2invalidRequest=無效的回應
 login.oauth2AccessDenied=存取被拒
 login.oauth2InvalidTokenResponse=無效的 Token 回應
 login.oauth2InvalidIdToken=無效的 Tokne
 login.userIsDisabled=User is deactivated, login is currently blocked with this username. Please contact the administrator.
 #auto-redact
--- a/src/main/resources/settings.yml.template
+++ b/src/main/resources/settings.yml.template
@ -43,6 +43,7 @@ security:
    clientId: '' # Client ID from your provider
    clientSecret: '' # Client Secret from your provider
    autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users
    blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
    useAsUsername: email # Default is 'email'; custom fields can be used as the username
    scopes: openid, profile, email # Specify the scopes for which the application will request permissions
    provider: google # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak'
--- a/src/main/resources/templates/addUsers.html
+++ b/src/main/resources/templates/addUsers.html
@ -2,6 +2,19 @@
 <html th:lang="${#locale.language}" th:dir="#{language.direction}" th:data-language="${#locale.toString()}" xmlns:th="https://www.thymeleaf.org">
  <head>
  <th:block th:insert="~{fragments/common :: head(title=#{adminUserSettings.title}, header=#{adminUserSettings.header})}"></th:block>
    <style>
      .active-user {
        color: green;
        text-shadow: 0 0 5px green;
      }
      .text-overflow {
        max-width: 100px;
        white-space: nowrap;
        overflow: hidden;
        text-overflow:ellipsis;
      }
    </style>
  </head>
  <body>
@ -20,49 +33,82 @@
              <!-- User Settings Title -->
              <div style="background: var(--md-sys-color-outline-variant);padding: .8rem; margin: 10px 0; border-radius: 2rem; text-align: center;">
-                <a href="#" data-bs-toggle="modal" data-bs-target="#addUserModal" class="btn btn-outline-info" th:title="#{adminUserSettings.addUser}">
+                <a href="#" data-bs-toggle="modal" data-bs-target="#addUserModal" class="btn btn-outline-success" th:title="#{adminUserSettings.addUser}">
                  <span class="material-symbols-rounded">person_add</span>
                  <span th:text="#{adminUserSettings.addUser}">Add New User</span>
                </a>
-                <a href="#" data-bs-toggle="modal" data-bs-target="#changeUserRoleModal" class="btn btn-outline-info" th:title="#{adminUserSettings.changeUserRole}">
+                <a href="#" data-bs-toggle="modal" data-bs-target="#changeUserRoleModal" class="btn btn-outline-success" th:title="#{adminUserSettings.changeUserRole}">
                  <span class="material-symbols-rounded">edit</span>
                  <span th:text="#{adminUserSettings.changeUserRole}">Change User's Role</span>
                </a>
                <div class="my-4">
                  <strong th:text="#{adminUserSettings.totalUsers}">Total Users:</strong> <span th:text="${totalUsers}"></span>
                  <strong style="margin-left: 20px;" th:text="#{adminUserSettings.activeUsers}">Active Users:</strong> <span th:text="${activeUsers}"></span>
                  <strong style="margin-left: 20px;" th:text="#{adminUserSettings.disabledUsers}">Disabled Users:</strong> <span th:text="${disabledUsers}"></span>
                </div>
              </div>
              <div th:if="${addMessage}" class="p-3" style="background: var(--md-sys-color-outline-variant);border-radius: 2rem; text-align: center;">
                <div class="alert alert-danger mb-auto">
                  <span th:text="#{${addMessage}}">Default message if not found</span>
                </div>
              </div>
              <div th:if="${changeMessage}" class="p-3" style="background: var(--md-sys-color-outline-variant);border-radius: 2rem; text-align: center;">
                <div class="alert alert-danger mb-auto">
                  <span th:text="#{${changeMessage}}">Default message if not found</span>
                </div>
              </div>
              <div th:if="${deleteMessage}" class="alert alert-danger">
-                <span th:text="#{${deleteMessage}}">Message</span>
+                <span th:text="#{${deleteMessage}}">Default message if not found</span>
              </div>
              <div class="bg-card mt-3 mb-3">
                <table class="table table-striped table-hover">
                  <thead>
                    <tr>
-                      <th scope="col">UID</th>
+                      <th scope="col">#</th>
-                      <th scope="col" th:text="#{username}">Username</th>
+                      <th scope="col" th:title="#{username}" th:text="#{username}">Username</th>
-                      <th scope="col" th:text="#{adminUserSettings.roles}">Roles</th>
+                      <th scope="col" th:title="#{adminUserSettings.roles}" th:text="#{adminUserSettings.roles}">Roles</th>
-                      <th scope="col" th:text="#{adminUserSettings.actions}">Actions</th>
+                      <th scope="col" th:title="#{adminUserSettings.authenticated}" class="text-overflow" th:text="#{adminUserSettings.authenticated}">Authenticated</th>
-                      <th scope="col" th:text="#{adminUserSettings.authenticated}">Authenticated</th>
+                      <th scope="col" th:title="#{adminUserSettings.lastRequest}" class="text-overflow" th:text="#{adminUserSettings.lastRequest}">Last Request</th>
                      <th scope="col" th:title="#{adminUserSettings.actions}" th:text="#{adminUserSettings.actions}" colspan="2">Actions</th>
                      <!-- <th scope="col"></th> -->
                    </tr>
                  </thead>
                  <tbody>
                    <tr th:each="user : ${users}">
                      <th scope="row" style="align-content: center;" th:text="${user.id}"></th>
-                      <td style="align-content: center;" th:text="${user.username}"></td>
+                      <td style="align-content: center;" th:text="${user.username}" th:classappend="${userSessions[user.username] ? 'active-user' : ''}"></td>
                      <td style="align-content: center;" th:text="#{${user.roleName}}"></td>
                      <td style="align-content: center;">
                        <form th:if="${user.username != currentUsername}" th:action="@{'/api/v1/user/admin/deleteUser/' + ${user.username}}" method="post" onsubmit="return confirmDelete()">
                          <button type="submit" th:title="#{adminUserSettings.deleteUser}" class="btn btn-info"><span class="material-symbols-rounded">person_remove</span></button>
                        </form>
                        <a th:if="${user.username == currentUsername}" th:href="@{'/account'}" class="btn btn-outline-info"><span class="material-symbols-rounded">edit</span></a>
                      </td>
                      <td style="align-content: center;" th:text="${user.authenticationType}"></td>
                      <td style="align-content: center;" th:text="${userLastRequest[user.username] != null ? #dates.format(userLastRequest[user.username], 'yyyy-MM-dd HH:mm:ss') : 'N/A'}"></td>
                      <td style="align-content: center;">
                        <form th:if="${user.username != currentUsername}" th:action="@{'/api/v1/user/admin/deleteUser/' + ${user.username}}" method="post" onsubmit="return confirmDeleteUser()">
                          <button type="submit" th:title="#{adminUserSettings.deleteUser}" class="btn btn-info btn-sm"><span class="material-symbols-rounded">person_remove</span></button>
                        </form>
                        <a th:if="${user.username == currentUsername}" th:title="#{adminUserSettings.editOwnProfil}" th:href="@{'/account'}" class="btn btn-outline-success btn-sm"><span class="material-symbols-rounded">edit</span></a>
                      </td>
                      <td style="align-content: center;">
                        <form th:action="@{'/api/v1/user/admin/changeUserEnabled/' + ${user.username}}" method="post" onsubmit="return confirmChangeUserStatus()">
                          <input type="hidden" name="enabled" th:value="!${user.enabled}" />
                          <button th:if="${user.enabled}" th:title="#{adminUserSettings.enabledUser}" type="submit" class="btn btn-success btn-sm">
                            <span class="material-symbols-rounded">person</span>
                          </button>
                          <button th:unless="${user.enabled}" th:title="#{adminUserSettings.disabledUser}" type="submit" class="btn btn-danger btn-sm">
                            <span class="material-symbols-rounded">person_off</span>
                          </button>
                        </form>
                      </td>
                    </tr>
                  </tbody>
                </table>
              </div>
              <script th:inline="javascript">
-                const confirm_text = /*[[#{adminUserSettings.confirmDeleteUser}]]*/ 'Should the user be deleted?';
+                const delete_confirm_text = /*[[#{adminUserSettings.confirmDeleteUser}]]*/ 'Should the user be deleted?';
-                function confirmDelete() {
+                const change_confirm_text = /*[[#{adminUserSettings.confirmChangeUserStatus}]]*/ 'Should the user be disabled/enabled?';
-                  return confirm(confirm_text);
+                function confirmDeleteUser() {
                  return confirm(delete_confirm_text);
                }
                function confirmChangeUserStatus() {
                  return confirm(change_confirm_text);
                }
              </script>
            </div>
@ -77,16 +123,11 @@
            <div class="modal-header">
              <h2 th:text="#{adminUserSettings.changeUserRole}">Change User's Role</h2>
              <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close">
-                <span class="material-symbols-rounded">
+                <span class="material-symbols-rounded">close</span>
                  close
                </span>
              </button>
            </div>
            <div class="modal-body">
              <button class="btn btn-outline-info" data-toggle="tooltip" data-placement="auto" th:title="#{downgradeCurrentUserLongMessage}" th:text="#{help}">Help</button>
              <div th:if="${changeMessage}" class="alert alert-danger">
                <span th:text="#{${changeMessage}}">Default message if not found</span>
              </div>
              <form th:action="@{'/api/v1/user/admin/changeRole'}" method="post">
                <div class="mb-3">
                  <label for="username" th:text="#{username}">Username</label>
@ -120,15 +161,10 @@
            <div class="modal-header">
              <h5 class="modal-title" id="addUserModalLabel" th:text="#{adminUserSettings.addUser}">Add New User</h5>
              <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close">
-                <span class="material-symbols-rounded">
+                <span class="material-symbols-rounded">close</span>
                  close
                </span>
              </button>
            </div>
            <div class="modal-body">
              <div th:if="${addMessage}" class="alert alert-danger">
                <span th:text="#{${addMessage}}">Default message if not found</span>
              </div>
              <button class="btn btn-outline-info" data-toggle="tooltip" data-placement="auto" th:title="#{adminUserSettings.usernameInfo}" th:text="#{help}">Help</button>
              <form id="formsaveuser" th:action="@{'/api/v1/user/admin/saveUser'}" method="post">
                <div class="mb-3">
@ -136,18 +172,25 @@
                  <input type="text" class="form-control" name="username" id="username" th:title="#{adminUserSettings.usernameInfo}" required>
                  <span id="usernameError" style="display: none;" th:text="#{invalidUsernameMessage}">Invalid username!</span>
                </div>
-                <div class="mb-3">
+                <div class="mb-3" id="passwordContainer">
                  <label for="password" th:text="#{password}">Password</label>
-                  <input type="password" class="form-control" name="password" required>
+                  <input type="password" class="form-control" name="password" id="password" required>
                </div>
                <div class="mb-3">
                  <label for="role" th:text="#{adminUserSettings.role}">Role</label>
-                  <select name="role" class="form-control" required>
+                  <select name="role" class="form-control" id="role" required>
                    <option value="" disabled selected th:text="#{selectFillter}">-- Select --</option>
                    <option th:each="roleDetail : ${roleDetails}" th:value="${roleDetail.key}" th:text="#{${roleDetail.value}}">Role</option>
                  </select>
                </div>
-                <div class="form-check mb-3">
+                <div class="mb-3">
                  <label for="authType">Authentication Type</label>
                  <select id="authType" name="authType" class="form-control" required>
                    <option value="web" selected>WEB</option>
                    <option value="oauth2">OAUTH2</option>
                  </select>
                </div>
                <div class="form-check mb-3" id="checkboxContainer">
                  <input type="checkbox" class="form-check-input" id="forceChange" name="forceChange">
                  <label class="form-check-label" for="forceChange" th:text="#{adminUserSettings.forceChange}">Force user to change username/password on login</label>
                </div>
@ -175,25 +218,31 @@
              },
              password: {
                required: true
              },
              role: {
                required: true
              },
              authType: {
                required: true
              }
-              },
+            },
-              messages: {
+            messages: {
-                  username: {
+                username: {
-                      usernamePattern: /*[[#{invalidUsernameMessage}]]*/ "Invalid username format"
+                    usernamePattern: /*[[#{invalidUsernameMessage}]]*/ "Invalid username format"
-                  },
+                },
-              },
+            },
-              errorPlacement: function(error, element) {
+            errorPlacement: function(error, element) {
-                  if (element.attr("name") === "username") {
+              if (element.attr("name") === "username") {
-                      $("#usernameError").text(error.text()).show();
+                $("#usernameError").text(error.text()).show();
-                  } else {
+              } else if (element.attr("name") !== "role" && element.attr("name") !== "authType") {
-                      error.insertAfter(element);
+                error.insertAfter(element);
                  }
              },
              success: function(label, element) {
                  if ($(element).attr("name") === "username") {
                      $("#usernameError").hide();
                  }
              }
            },
            success: function(label, element) {
              if ($(element).attr("name") === "username") {
                $("#usernameError").hide();
              }
            }
          });
          $('#username').on('input', function() {
@ -209,6 +258,25 @@
                  errorSpan.show();
              }
          });
          $('#authType').on('change', function() {
              var authType = $(this).val();
              var passwordField = $('#password');
              var passwordFieldContainer = $('#passwordContainer');
              var checkboxContainer = $('#checkboxContainer');
              if (authType === 'oauth2') {
                  passwordField.removeAttr('required');
                  passwordField.prop('disabled', true).val('');
                  passwordFieldContainer.slideUp('fast');
                  checkboxContainer.slideUp('fast');
              } else {
                  passwordField.prop('disabled', false);
                  passwordField.attr('required', 'required');
                  passwordFieldContainer.slideDown('fast');
                  checkboxContainer.slideDown('fast');
              }
          });
        });
      </script>
      <th:block th:insert="~{fragments/footer.html :: footer}"></th:block>
@ -219,9 +287,7 @@
          <div class="modal-header">
            <h5 class="modal-title" id="editUserModalLabel" th:text="#{login.ssoSignIn}"></h5>
            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close">
-              <span class="material-symbols-rounded">
+              <span class="material-symbols-rounded">close</span>
                close
              </span>
            </button>
          </div>
          <div class="modal-body">
--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
@ -111,18 +111,18 @@
          }
        </script>
        <div class="text-center">
-          <img class="mb-4" th:src="@{'/favicon.svg'}" alt="favicon" width="144" height="144">
+          <img class="my-4" th:src="@{'/favicon.svg'}" alt="favicon" width="144" height="144">
          <h1 class="h1 mb-3 fw-normal" th:text="${@appName}">Stirling-PDF</h1>
          <div th:if="${oAuth2Enabled} and (${loginMethod} == 'all' or ${loginMethod} == 'oauth2')">
            <a href="#" class="w-100 btn btn-lg btn-primary" data-bs-toggle="modal" data-bs-target="#loginsModal" th:text="#{login.ssoSignIn}">Login Via SSO</a>
            <br>
            <br>
            <div th:if="${erroroauth}" class="alert alert-danger text-center">
              <div th:if="${erroroauth}" th:text="#{${erroroauth}}">OAuth2: Error Message</div>
            </div>
            <hr />
          </div>
          <div th:if="${erroroauth}" class="alert alert-danger text-center">
            <div th:if="${erroroauth}" th:text="#{${erroroauth}}">OAuth2: Error Message</div>
          </div>
          <div th:if="${error}" class="alert alert-danger text-center">
            <div th:if="${error}" th:text="#{${error}}">OAuth2: Error Message</div>
@ -147,7 +147,7 @@
          <div class="form-check m-2 mb-3">
            <input type="checkbox" id="remember" value="remember-me">
-            <label for="remember" th:text="#{login.rememberme}"></label> 
+            <label for="remember" th:text="#{login.rememberme}"></label>
          </div>
          <button class="w-100 btn btn-lg btn-primary" type="submit" th:text="#{login.signin}">Sign in</button>
        </form>