From 21c414ab0070ee8a5c3dafa7e6e4989461be2ccb Mon Sep 17 00:00:00 2001
From: Robert von Burg <eitch@eitchnet.ch>
Date: Tue, 18 Dec 2018 14:30:37 +0100
Subject: [PATCH] [Major] runAs*() now throws Exception

---
 .../strolch/agent/api/ComponentContainer.java |   8 +-
 .../li/strolch/agent/api/StrolchAgent.java    |   2 +-
 .../strolch/agent/api/StrolchComponent.java   |  35 ++-
 .../agent/impl/ComponentContainerImpl.java    |   6 +-
 .../handler/operationslog/OperationsLog.java  |  32 +-
 .../DefaultStrolchPrivilegeHandler.java       |  17 +-
 .../runtime/privilege/PrivilegeHandler.java   |  41 ++-
 .../runtime/privilege/PrivilegedRunnable.java |   2 +-
 .../PrivilegedRunnableWithResult.java         |   2 +-
 .../privilege/StrolchSystemAction.java        |   2 +-
 .../StrolchSystemActionWithResult.java        |   2 +-
 .../strolch/service/api/AbstractService.java  | 277 ++++++++++--------
 .../java/li/strolch/service/api/Command.java  |  54 +++-
 .../main/resources/strolch-agent.properties   |   1 +
 .../handler/DefaultPrivilegeHandler.java      |   4 +-
 .../privilege/handler/PrivilegeHandler.java   |  12 +-
 .../privilege/handler/SystemAction.java       |   2 +-
 .../handler/SystemActionWithResult.java       |   4 +-
 .../rest/DefaultStrolchSessionHandler.java    |   2 +
 .../execution/policy/ExecutionPolicy.java     |   9 +-
 20 files changed, 316 insertions(+), 198 deletions(-)

diff --git a/li.strolch.agent/src/main/java/li/strolch/agent/api/ComponentContainer.java b/li.strolch.agent/src/main/java/li/strolch/agent/api/ComponentContainer.java
index 53f34d6e7..e07d94da3 100644
--- a/li.strolch.agent/src/main/java/li/strolch/agent/api/ComponentContainer.java
+++ b/li.strolch.agent/src/main/java/li/strolch/agent/api/ComponentContainer.java
@@ -96,8 +96,10 @@ public interface ComponentContainer {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException;
+	void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception;
 
 	/**
 	 * Performs the given {@link PrivilegedRunnable} as the privileged system user {@link
@@ -110,6 +112,8 @@ public interface ComponentContainer {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	<T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException;
+	<T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException, Exception;
 }
\ No newline at end of file
diff --git a/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchAgent.java b/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchAgent.java
index 1eb76c285..84b309995 100644
--- a/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchAgent.java
+++ b/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchAgent.java
@@ -155,7 +155,7 @@ public class StrolchAgent {
 		this.executors = new HashMap<>();
 		this.scheduledExecutors = new HashMap<>();
 
-		this.container.initialize(this.strolchConfiguration);
+		this.container.initialize();
 	}
 
 	/**
diff --git a/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchComponent.java b/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchComponent.java
index 05d0be0f5..c06f834e0 100644
--- a/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchComponent.java
+++ b/li.strolch.agent/src/main/java/li/strolch/agent/api/StrolchComponent.java
@@ -283,8 +283,10 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAs(String username, SystemAction action) throws PrivilegeException {
+	protected void runAs(String username, SystemAction action) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAs(username, action);
 	}
 
@@ -300,8 +302,11 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException {
+	protected <T> T runWithResult(String username, SystemActionWithResult<T> action)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runWithResult(username, action);
 	}
 
@@ -315,8 +320,10 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAs(username, runnable);
 	}
 
@@ -332,8 +339,11 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <T> T runWithResult(String username, PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException {
+	protected <T> T runWithResult(String username, PrivilegedRunnableWithResult<T> runnable)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runWithResult(username, runnable);
 	}
 
@@ -345,8 +355,10 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(SystemAction action) throws PrivilegeException {
+	protected void runAsAgent(SystemAction action) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAsAgent(action);
 	}
 
@@ -360,8 +372,10 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <T> T runAsAgentWithResult(SystemActionWithResult<T> action) throws PrivilegeException {
+	protected <T> T runAsAgentWithResult(SystemActionWithResult<T> action) throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runAsAgentWithResult(action);
 	}
 
@@ -374,8 +388,10 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAsAgent(runnable);
 	}
 
@@ -390,8 +406,11 @@ public class StrolchComponent {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the given username is not allowed to perform the action
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException {
+	protected <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runAsAgentWithResult(runnable);
 	}
 
diff --git a/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java b/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java
index ca368081a..915544f65 100644
--- a/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java
+++ b/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java
@@ -134,12 +134,12 @@ public class ComponentContainerImpl implements ComponentContainer {
 	}
 
 	@Override
-	public void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException {
+	public void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		getPrivilegeHandler().runAsAgent(runnable);
 	}
 
 	@Override
-	public <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException {
+	public <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException, Exception {
 		return getPrivilegeHandler().runAsAgentWithResult(runnable);
 	}
 
@@ -235,7 +235,7 @@ public class ComponentContainerImpl implements ComponentContainer {
 				.format(msg, applicationName, environment, this.componentMap.size(), formatNanoDuration(took)));
 	}
 
-	public void initialize(StrolchConfiguration strolchConfiguration) {
+	public void initialize() {
 		this.state.validateStateChange(ComponentState.INITIALIZED, "agent");
 
 		long start = System.nanoTime();
diff --git a/li.strolch.agent/src/main/java/li/strolch/handler/operationslog/OperationsLog.java b/li.strolch.agent/src/main/java/li/strolch/handler/operationslog/OperationsLog.java
index bfd2b9fc7..564616b5c 100644
--- a/li.strolch.agent/src/main/java/li/strolch/handler/operationslog/OperationsLog.java
+++ b/li.strolch.agent/src/main/java/li/strolch/handler/operationslog/OperationsLog.java
@@ -1,9 +1,13 @@
 package li.strolch.handler.operationslog;
 
+import static li.strolch.model.Tags.AGENT;
+import static li.strolch.runtime.StrolchConstants.SYSTEM_USER_AGENT;
+
 import java.util.*;
 import java.util.concurrent.ExecutorService;
 
 import li.strolch.agent.api.ComponentContainer;
+import li.strolch.agent.api.StrolchAgent;
 import li.strolch.agent.api.StrolchComponent;
 import li.strolch.agent.api.StrolchRealm;
 import li.strolch.model.Locator;
@@ -112,15 +116,27 @@ public class OperationsLog extends StrolchComponent {
 	}
 
 	private void persist(StrolchRealm realm, LogMessage logMessage, List<LogMessage> messagesToRemove) {
-		runAsAgent(ctx -> {
-			try (StrolchTransaction tx = realm.openTx(ctx.getCertificate(), getClass())) {
-				LogMessageDao logMessageDao = tx.getPersistenceHandler().getLogMessageDao(tx);
-				if (messagesToRemove != null && !messagesToRemove.isEmpty())
-					logMessageDao.removeAll(messagesToRemove);
-				logMessageDao.save(logMessage);
-				tx.commitOnClose();
+		try {
+			runAsAgent(ctx -> {
+				try (StrolchTransaction tx = realm.openTx(ctx.getCertificate(), getClass())) {
+					LogMessageDao logMessageDao = tx.getPersistenceHandler().getLogMessageDao(tx);
+					if (messagesToRemove != null && !messagesToRemove.isEmpty())
+						logMessageDao.removeAll(messagesToRemove);
+					logMessageDao.save(logMessage);
+					tx.commitOnClose();
+				}
+			});
+		} catch (Exception e) {
+			logger.error("Failed to persist operations logs!", e);
+			synchronized (this) {
+				this.logMessagesByRealmAndId.computeIfAbsent(realm.getRealm(), r -> new ArrayList<>())
+						.add(new LogMessage(realm.getRealm(), SYSTEM_USER_AGENT,
+								Locator.valueOf(AGENT, "strolch-agent", StrolchAgent.getUniqueId()), LogSeverity.Info,
+								ResourceBundle.getBundle("strolch-agent"), "operationsLog.persist.failed") //
+								.value("reason", e.getMessage()) //
+								.withException(e));
 			}
-		});
+		}
 	}
 
 	public synchronized void clearMessages(String realm, Locator locator) {
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
index 25f69d1b4..9a13df261 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
@@ -183,42 +183,43 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 	}
 
 	@Override
-	public void runAs(String username, SystemAction action) throws PrivilegeException {
+	public void runAs(String username, SystemAction action) throws PrivilegeException, Exception {
 		this.privilegeHandler.runAs(username, action);
 	}
 
 	@Override
-	public <T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException {
+	public <T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException, Exception {
 		return this.privilegeHandler.runWithResult(username, action);
 	}
 
 	@Override
-	public void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException {
+	public void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.privilegeHandler.runAs(username, new StrolchSystemAction(runnable));
 	}
 
 	@Override
-	public <T> T runWithResult(String username, PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException {
+	public <T> T runWithResult(String username, PrivilegedRunnableWithResult<T> runnable)
+			throws PrivilegeException, Exception {
 		return this.privilegeHandler.runWithResult(username, new StrolchSystemActionWithResult<>(runnable));
 	}
 
 	@Override
-	public void runAsAgent(SystemAction action) throws PrivilegeException {
+	public void runAsAgent(SystemAction action) throws PrivilegeException, Exception {
 		this.privilegeHandler.runAs(StrolchConstants.SYSTEM_USER_AGENT, action);
 	}
 
 	@Override
-	public <T> T runAsAgentWithResult(SystemActionWithResult<T> action) throws PrivilegeException {
+	public <T> T runAsAgentWithResult(SystemActionWithResult<T> action) throws PrivilegeException, Exception {
 		return this.privilegeHandler.runWithResult(StrolchConstants.SYSTEM_USER_AGENT, action);
 	}
 
 	@Override
-	public void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException {
+	public void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.privilegeHandler.runAs(StrolchConstants.SYSTEM_USER_AGENT, new StrolchSystemAction(runnable));
 	}
 
 	@Override
-	public <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException {
+	public <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException, Exception {
 		return this.privilegeHandler
 				.runWithResult(StrolchConstants.SYSTEM_USER_AGENT, new StrolchSystemActionWithResult<>(runnable));
 	}
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
index 6c4a8dc18..f81bdc9d8 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
@@ -1,12 +1,12 @@
 /*
  * Copyright 2013 Robert von Burg <eitch@eitchnet.ch>
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *     http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -42,7 +42,7 @@ public interface PrivilegeHandler {
 	 * @see li.strolch.privilege.handler.PrivilegeHandler#authenticate(String, char[])
 	 */
 	Certificate authenticate(String username, char[] password);
-	
+
 	/**
 	 * Authenticates a user on a remote Single Sign On service. This is implemented by the
 	 *
@@ -104,8 +104,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	void runAs(String username, SystemAction action) throws PrivilegeException;
+	void runAs(String username, SystemAction action) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link SystemActionWithResult} as the given system user
@@ -119,8 +121,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	<T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException;
+	<T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link PrivilegedRunnable} as the given system user
@@ -132,8 +136,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException;
+	void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link PrivilegedRunnable} as the given system user
@@ -147,8 +153,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	<T> T runWithResult(String username, PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException;
+	<T> T runWithResult(String username, PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link SystemAction} as the system user {@link StrolchConstants#SYSTEM_USER_AGENT}
@@ -158,8 +166,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	void runAsAgent(SystemAction action) throws PrivilegeException;
+	void runAsAgent(SystemAction action) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link SystemActionWithResult} as the system user {@link StrolchConstants#SYSTEM_USER_AGENT}
@@ -169,8 +179,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	<T> T runAsAgentWithResult(SystemActionWithResult<T> action) throws PrivilegeException;
+	<T> T runAsAgentWithResult(SystemActionWithResult<T> action) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link PrivilegedRunnable} as the system user {@link StrolchConstants#SYSTEM_USER_AGENT}
@@ -180,8 +192,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException;
+	void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception;
 
 	/**
 	 * Run the given {@link PrivilegedRunnableWithResult} as the system user {@link StrolchConstants#SYSTEM_USER_AGENT}
@@ -193,8 +207,10 @@ public interface PrivilegeHandler {
 	 *
 	 * @throws PrivilegeException
 	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	<T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException;
+	<T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException, Exception;
 
 	/**
 	 * Returns the {@link li.strolch.privilege.handler.PrivilegeHandler}
@@ -202,5 +218,4 @@ public interface PrivilegeHandler {
 	 * @return the {@link li.strolch.privilege.handler.PrivilegeHandler}
 	 */
 	li.strolch.privilege.handler.PrivilegeHandler getPrivilegeHandler();
-
 }
\ No newline at end of file
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnable.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnable.java
index bc02347ac..902271de9 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnable.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnable.java
@@ -4,5 +4,5 @@ import li.strolch.privilege.model.PrivilegeContext;
 
 public interface PrivilegedRunnable {
 
-	public void run(PrivilegeContext ctx);
+	public void run(PrivilegeContext ctx) throws Exception;
 }
\ No newline at end of file
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnableWithResult.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnableWithResult.java
index 9f048a7b8..74a2e43a7 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnableWithResult.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegedRunnableWithResult.java
@@ -4,5 +4,5 @@ import li.strolch.privilege.model.PrivilegeContext;
 
 public interface PrivilegedRunnableWithResult<T> {
 
-	public T run(PrivilegeContext ctx);
+	public T run(PrivilegeContext ctx) throws Exception;
 }
\ No newline at end of file
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemAction.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemAction.java
index b425abdec..a8c0a7a5c 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemAction.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemAction.java
@@ -21,7 +21,7 @@ public class StrolchSystemAction extends SystemAction {
 	}
 
 	@Override
-	public void execute(PrivilegeContext privilegeContext) {
+	public void execute(PrivilegeContext privilegeContext) throws Exception {
 		try {
 			this.runnable.run(privilegeContext);
 		} catch (Exception e) {
diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemActionWithResult.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemActionWithResult.java
index 574645ee2..0c6497a36 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemActionWithResult.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/StrolchSystemActionWithResult.java
@@ -24,7 +24,7 @@ public class StrolchSystemActionWithResult<T> extends SystemActionWithResult<T>
 	}
 
 	@Override
-	public T execute(PrivilegeContext privilegeContext) {
+	public T execute(PrivilegeContext privilegeContext) throws Exception {
 		try {
 			return this.runnable.run(privilegeContext);
 		} catch (Exception e) {
diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
index 140e43a30..3fbc65643 100644
--- a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
+++ b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
@@ -1,12 +1,12 @@
 /*
  * Copyright 2013 Robert von Burg <eitch@eitchnet.ch>
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *     http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,9 +17,6 @@ package li.strolch.service.api;
 
 import java.text.MessageFormat;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import li.strolch.agent.api.ComponentContainer;
 import li.strolch.agent.api.StrolchComponent;
 import li.strolch.agent.api.StrolchRealm;
@@ -37,6 +34,8 @@ import li.strolch.runtime.privilege.PrivilegedRunnable;
 import li.strolch.runtime.privilege.PrivilegedRunnableWithResult;
 import li.strolch.utils.dbc.DBC;
 import li.strolch.utils.helper.StringHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * @author Robert von Burg <eitch@eitchnet.ch>
@@ -50,9 +49,9 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Called by the {@link ServiceHandler} to set the {@link PrivilegeContext} before this service is performed
-	 * 
+	 *
 	 * @param privilegeContext
-	 *            the privilegeContext to set
+	 * 		the privilegeContext to set
 	 */
 	public final void setPrivilegeContext(PrivilegeContext privilegeContext) {
 		DBC.PRE.assertNull("PrivilegeContext is already set!", this.privilegeContext); //$NON-NLS-1$
@@ -61,7 +60,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Return the {@link PrivilegeContext} to perform further privilege authorization validation
-	 * 
+	 *
 	 * @return the privilegeContext
 	 */
 	public final PrivilegeContext getPrivilegeContext() {
@@ -70,7 +69,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Returns the {@link Certificate} of the user who is performing this service
-	 * 
+	 *
 	 * @return the certificate
 	 */
 	protected final Certificate getCertificate() {
@@ -80,9 +79,9 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	/**
 	 * Called by the {@link ServiceHandler} to set a reference to the {@link ComponentContainer} to be used during
 	 * service execution
-	 * 
+	 *
 	 * @param container
-	 *            the container to set
+	 * 		the container to set
 	 */
 	public final void setContainer(ComponentContainer container) {
 		this.container = container;
@@ -90,7 +89,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Returns the reference to the {@link ComponentContainer}
-	 * 
+	 *
 	 * @return the container
 	 */
 	protected final ComponentContainer getContainer() {
@@ -99,7 +98,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Returns the reference to the {@link PrivilegeHandler}
-	 * 
+	 *
 	 * @return the privilege handler
 	 */
 	public PrivilegeHandler getPrivilegeHandler() throws IllegalArgumentException {
@@ -109,13 +108,14 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	/**
 	 * Returns the reference to the {@link StrolchComponent} with the given name, if it exists. If it does not exist, an
 	 * {@link IllegalArgumentException} is thrown
-	 * 
-	 * @param clazz the type of component to return
-	 * 
+	 *
+	 * @param clazz
+	 * 		the type of component to return
+	 *
 	 * @return the component with the given name
-	 * 
+	 *
 	 * @throws IllegalArgumentException
-	 *             if the component does not exist
+	 * 		if the component does not exist
 	 */
 	protected final <V> V getComponent(Class<V> clazz) {
 		return this.container.getComponent(clazz);
@@ -123,7 +123,7 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Returns the Strolch {@link RuntimeConfiguration}
-	 * 
+	 *
 	 * @return the Strolch {@link RuntimeConfiguration}
 	 */
 	protected final RuntimeConfiguration getRuntimeConfiguration() {
@@ -131,15 +131,16 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	}
 
 	/**
-	 * Returns the {@link StrolchRealm} with the given name. If the realm does not exist, then a
-	 * {@link StrolchException} is thrown
-	 * 
+	 * Returns the {@link StrolchRealm} with the given name. If the realm does not exist, then a {@link
+	 * StrolchException} is thrown
+	 *
 	 * @param realm
-	 *            the name of the {@link StrolchRealm} to return
+	 * 		the name of the {@link StrolchRealm} to return
+	 *
 	 * @return the {@link StrolchRealm} with the given name
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected final StrolchRealm getRealm(String realm) throws StrolchException {
 		return this.container.getRealm(realm);
@@ -148,14 +149,14 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	/**
 	 * Opens a {@link StrolchTransaction} for the given realm, the action for the TX is this implementation's class
 	 * name. This transaction should be used in a try-with-resource clause so it is properly closed
-	 * 
+	 *
 	 * @param realm
-	 *            the name of the realm to return
-	 * 
+	 * 		the name of the realm to return
+	 *
 	 * @return the open {@link StrolchTransaction}
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected StrolchTransaction openTx(String realm) throws StrolchException {
 		return this.container.getRealm(realm).openTx(getCertificate(), getClass());
@@ -165,14 +166,14 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	 * Opens a {@link StrolchTransaction} by evaluating if the given argument has a realm defined, if not, then the
 	 * realm from the user certificate is used. The action for the TX is this implementation's class name. This
 	 * transaction should be used in a try-with-resource clause so it is properly closed
-	 * 
+	 *
 	 * @param arg
-	 *            the {@link ServiceArgument}
-	 * 
+	 * 		the {@link ServiceArgument}
+	 *
 	 * @return the open {@link StrolchTransaction}
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected StrolchTransaction openArgOrUserTx(ServiceArgument arg) throws StrolchException {
 		if (StringHelper.isEmpty(arg.realm))
@@ -184,16 +185,16 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	 * Opens a {@link StrolchTransaction} by evaluating if the given argument has a realm defined, if not, then the
 	 * realm from the user certificate is used. The action for the TX is this implementation's class name. This
 	 * transaction should be used in a try-with-resource clause so it is properly closed
-	 * 
+	 *
 	 * @param arg
-	 *            the {@link ServiceArgument}
+	 * 		the {@link ServiceArgument}
 	 * @param action
-	 *            the action to use for the opened TX
-	 * 
+	 * 		the action to use for the opened TX
+	 *
 	 * @return the open {@link StrolchTransaction}
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected StrolchTransaction openArgOrUserTx(ServiceArgument arg, String action) throws StrolchException {
 		if (StringHelper.isEmpty(arg.realm))
@@ -204,47 +205,46 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	/**
 	 * Opens a {@link StrolchTransaction} for the given realm. This transaction should be used in a try-with-resource
 	 * clause so it is properly closed
-	 * 
+	 *
 	 * @param realm
-	 *            the name of the realm
+	 * 		the name of the realm
 	 * @param action
-	 *            the action to use for the opened TX
-	 * 
+	 * 		the action to use for the opened TX
+	 *
 	 * @return the open {@link StrolchTransaction}
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected StrolchTransaction openTx(String realm, String action) throws StrolchException {
 		return this.container.getRealm(realm).openTx(getCertificate(), action);
 	}
 
 	/**
-	 * Opens a {@link StrolchTransaction} where the realm retrieved using
-	 * {@link ComponentContainer#getRealm(Certificate)}, the action for the TX is this implementation's class name. This
-	 * transaction should be used in a try-with-resource clause so it is properly closed
-	 * 
+	 * Opens a {@link StrolchTransaction} where the realm retrieved using {@link ComponentContainer#getRealm(Certificate)},
+	 * the action for the TX is this implementation's class name. This transaction should be used in a try-with-resource
+	 * clause so it is properly closed
+	 *
 	 * @return the open {@link StrolchTransaction}
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected StrolchTransaction openUserTx() throws StrolchException {
 		return this.container.getRealm(getCertificate()).openTx(getCertificate(), getClass());
 	}
 
 	/**
-	 * Opens a {@link StrolchTransaction} where the realm retrieved using
-	 * {@link ComponentContainer#getRealm(Certificate)}. This transaction should be used in a try-with-resource clause
-	 * so it is properly closed
-	 * 
+	 * Opens a {@link StrolchTransaction} where the realm retrieved using {@link ComponentContainer#getRealm(Certificate)}.
+	 * This transaction should be used in a try-with-resource clause so it is properly closed
+	 *
 	 * @param action
-	 *            the action to use for the opened TX
-	 * 
+	 * 		the action to use for the opened TX
+	 *
 	 * @return the open {@link StrolchTransaction}
-	 * 
+	 *
 	 * @throws StrolchException
-	 *             if the {@link StrolchRealm} does not exist with the given name
+	 * 		if the {@link StrolchRealm} does not exist with the given name
 	 */
 	protected StrolchTransaction openUserTx(String action) throws StrolchException {
 		return this.container.getRealm(getCertificate()).openTx(getCertificate(), action);
@@ -252,122 +252,149 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Performs the given {@link SystemAction} as a system user with the given username
-	 * 
+	 *
 	 * @param username
-	 *            the name of the system user to perform the action as
+	 * 		the name of the system user to perform the action as
 	 * @param action
-	 *            the action to perform
-	 * 
-	 * @throws PrivilegeException if the user does not exist, or is not a system user
+	 * 		the action to perform
+	 *
+	 * @throws PrivilegeException
+	 * 		if the user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAs(String username, SystemAction action) throws PrivilegeException {
+	protected void runAs(String username, SystemAction action) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAs(username, action);
 	}
 
 	/**
 	 * Performs the given {@link SystemAction} as a system user with the given username
-	 * 
+	 *
 	 * @param username
-	 *            the name of the system user to perform the action as
+	 * 		the name of the system user to perform the action as
 	 * @param action
-	 *            the action to perform
-	 * 
+	 * 		the action to perform
+	 *
 	 * @return the result
-	 * 
-	 * @throws PrivilegeException if the user does not exist, or is not a system user
+	 *
+	 * @throws PrivilegeException
+	 * 		if the user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runWithResult(String username, SystemActionWithResult<V> action) throws PrivilegeException {
+	protected <V> V runWithResult(String username, SystemActionWithResult<V> action)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runWithResult(username, action);
 	}
 
 	/**
 	 * Performs the given {@link PrivilegedRunnable} as a system user with the given username
-	 * 
+	 *
 	 * @param username
-	 *            the name of the system user to perform the action as
+	 * 		the name of the system user to perform the action as
 	 * @param runnable
-	 *            the runnable to perform
-	 * 
-	 * @throws PrivilegeException if the user does not exist, or is not a system user
+	 * 		the runnable to perform
+	 *
+	 * @throws PrivilegeException
+	 * 		if the user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAs(username, runnable);
 	}
 
 	/**
 	 * Performs the given {@link PrivilegedRunnableWithResult} as a system user with the given username
-	 * 
+	 *
 	 * @param username
-	 *            the name of the system user to perform the action as
+	 * 		the name of the system user to perform the action as
 	 * @param runnable
-	 *            the runnable to perform
-	 * 
+	 * 		the runnable to perform
+	 *
 	 * @return the result
-	 * 
-	 * @throws PrivilegeException if the user does not exist, or is not a system user
+	 *
+	 * @throws PrivilegeException
+	 * 		if the user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runWithResult(String username, PrivilegedRunnableWithResult<V> runnable) throws PrivilegeException {
+	protected <V> V runWithResult(String username, PrivilegedRunnableWithResult<V> runnable)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runWithResult(username, runnable);
 	}
 
 	/**
 	 * Performs the given {@link SystemAction} as the privileged system user {@link StrolchConstants#SYSTEM_USER_AGENT}
-	 * 
+	 *
 	 * @param action
-	 *            the action to perform
-	 * 
-	 * @throws PrivilegeException if the agent user does not exist, or is not a system user
+	 * 		the action to perform
+	 *
+	 * @throws PrivilegeException
+	 * 		if the agent user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(SystemAction action) throws PrivilegeException {
+	protected void runAsAgent(SystemAction action) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAsAgent(action);
 	}
 
 	/**
 	 * Performs the given {@link SystemAction} as the privileged system user {@link StrolchConstants#SYSTEM_USER_AGENT}
-	 * 
+	 *
 	 * @param action
-	 *            the action to perform
-	 * 
+	 * 		the action to perform
+	 *
 	 * @return the result
-	 * 
-	 * @throws PrivilegeException if the agent user does not exist, or is not a system user
+	 *
+	 * @throws PrivilegeException
+	 * 		if the agent user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runAsAgentWithResult(SystemActionWithResult<V> action) throws PrivilegeException {
+	protected <V> V runAsAgentWithResult(SystemActionWithResult<V> action) throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runAsAgentWithResult(action);
 	}
 
 	/**
-	 * Performs the given {@link PrivilegedRunnable} as the privileged system user
-	 * {@link StrolchConstants#SYSTEM_USER_AGENT}
-	 * 
+	 * Performs the given {@link PrivilegedRunnable} as the privileged system user {@link
+	 * StrolchConstants#SYSTEM_USER_AGENT}
+	 *
 	 * @param runnable
-	 *            the action to perform
-	 * 
-	 * @throws PrivilegeException if the agent user does not exist, or is not a system user
+	 * 		the action to perform
+	 *
+	 * @throws PrivilegeException
+	 * 		if the agent user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAsAgent(runnable);
 	}
 
 	/**
-	 * Performs the given {@link PrivilegedRunnableWithResult} as the privileged system user
-	 * {@link StrolchConstants#SYSTEM_USER_AGENT}
-	 * 
+	 * Performs the given {@link PrivilegedRunnableWithResult} as the privileged system user {@link
+	 * StrolchConstants#SYSTEM_USER_AGENT}
+	 *
 	 * @param runnable
-	 *            the action to perform
-	 * 
+	 * 		the action to perform
+	 *
 	 * @return the result
-	 * 
-	 * @throws PrivilegeException if the agent user does not exist, or is not a system user
+	 *
+	 * @throws PrivilegeException
+	 * 		if the agent user does not exist, or is not a system user
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runAsAgentWithResult(PrivilegedRunnableWithResult<V> runnable) throws PrivilegeException {
+	protected <V> V runAsAgentWithResult(PrivilegedRunnableWithResult<V> runnable)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runAsAgentWithResult(runnable);
 	}
 
 	/**
 	 * This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a
-	 * service result is returned. A concrete implementation will implement the business logic in
-	 * {@link #internalDoService(ServiceArgument)}
+	 * service result is returned. A concrete implementation will implement the business logic in {@link
+	 * #internalDoService(ServiceArgument)}
 	 */
 	@Override
 	public final U doService(T argument) {
@@ -406,9 +433,9 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 
 	/**
 	 * Returns true if this Service requires an argument
-	 * 
+	 *
 	 * @return if true, then an argument must be set to execute the service. If the argument is missing, then the
-	 *         service execution fails immediately
+	 * service execution fails immediately
 	 */
 	protected boolean isArgumentRequired() {
 		return true;
@@ -417,14 +444,14 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	/**
 	 * This method is called if the service execution fails and an instance of the expected {@link ServiceResult} is
 	 * required to return to the caller
-	 * 
+	 *
 	 * @return an instance of the {@link ServiceResult} returned by this implementation
 	 */
 	protected abstract U getResultInstance();
 
 	/**
 	 * Method to easily instantiate an instance of the {@link ServiceArgument} for this concrete service implementation
-	 * 
+	 *
 	 * @return an instance of the {@link ServiceArgument} returned by this implementation
 	 */
 	public abstract T getArgumentInstance();
@@ -432,14 +459,14 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 	/**
 	 * Internal method to perform the {@link Service}. The implementor does not need to handle exceptions as this is
 	 * done in the {@link #doService(ServiceArgument)} which calls this method
-	 * 
+	 *
 	 * @param arg
-	 *            the {@link ServiceArgument} containing the arguments to perform the concrete service
-	 * 
+	 * 		the {@link ServiceArgument} containing the arguments to perform the concrete service
+	 *
 	 * @return a {@link ServiceResult} which denotes the execution state of this {@link Service}
-	 * 
+	 *
 	 * @throws Exception
-	 *             if something went wrong. The caller will catch and handle the {@link ServiceResult}
+	 * 		if something went wrong. The caller will catch and handle the {@link ServiceResult}
 	 */
 	protected abstract U internalDoService(T arg) throws Exception;
 
diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/Command.java b/li.strolch.agent/src/main/java/li/strolch/service/api/Command.java
index 44c0165e6..b6ff122ee 100644
--- a/li.strolch.agent/src/main/java/li/strolch/service/api/Command.java
+++ b/li.strolch.agent/src/main/java/li/strolch/service/api/Command.java
@@ -103,7 +103,8 @@ public abstract class Command implements Restrictable {
 	 *
 	 * @param policyClass
 	 * 		the policy type to return. The simple name of the class determines the type of Policy to return.
-	 * @param policyContainer the container
+	 * @param policyContainer
+	 * 		the container
 	 *
 	 * @return the policy
 	 */
@@ -125,8 +126,11 @@ public abstract class Command implements Restrictable {
 	 * 		the action to perform
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAs(String username, SystemAction action) throws PrivilegeException {
+	protected void runAs(String username, SystemAction action) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAs(username, action);
 	}
 
@@ -141,8 +145,12 @@ public abstract class Command implements Restrictable {
 	 * @return the result
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException {
+	protected <T> T runWithResult(String username, SystemActionWithResult<T> action)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runWithResult(username, action);
 	}
 
@@ -155,8 +163,11 @@ public abstract class Command implements Restrictable {
 	 * 		the runnable to perform
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAs(String username, PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAs(username, runnable);
 	}
 
@@ -171,38 +182,44 @@ public abstract class Command implements Restrictable {
 	 * @return the result
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runWithResult(String username, PrivilegedRunnableWithResult<V> runnable) throws PrivilegeException {
+	protected <V> V runWithResult(String username, PrivilegedRunnableWithResult<V> runnable)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runWithResult(username, runnable);
 	}
 
 	/**
 	 * Performs the given {@link SystemAction} as the privileged system user {@link StrolchConstants#SYSTEM_USER_AGENT}
 	 *
-	 * @param username
-	 * 		the name of the system user to perform the action as
 	 * @param action
 	 * 		the action to perform
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(SystemAction action) throws PrivilegeException {
+	protected void runAsAgent(SystemAction action) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAsAgent(action);
 	}
 
 	/**
 	 * Performs the given {@link SystemAction} as the privileged system user {@link StrolchConstants#SYSTEM_USER_AGENT}
 	 *
-	 * @param username
-	 * 		the name of the system user to perform the action as
 	 * @param action
 	 * 		the action to perform
 	 *
 	 * @return the result
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runAsAgentWithResult(SystemActionWithResult<V> action) throws PrivilegeException {
+	protected <V> V runAsAgentWithResult(SystemActionWithResult<V> action) throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runAsAgentWithResult(action);
 	}
 
@@ -210,12 +227,15 @@ public abstract class Command implements Restrictable {
 	 * Performs the given {@link PrivilegedRunnable} as the privileged system user {@link
 	 * StrolchConstants#SYSTEM_USER_AGENT}
 	 *
-	 * @param action
+	 * @param runnable
 	 * 		the action to perform
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		this.container.getPrivilegeHandler().runAsAgent(runnable);
 	}
 
@@ -223,14 +243,18 @@ public abstract class Command implements Restrictable {
 	 * Performs the given {@link PrivilegedRunnableWithResult} as the privileged system user {@link
 	 * StrolchConstants#SYSTEM_USER_AGENT}
 	 *
-	 * @param action
+	 * @param runnable
 	 * 		the action to perform
 	 *
 	 * @return the result
 	 *
 	 * @throws PrivilegeException
+	 * 		if there is something wrong
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <V> V runAsAgentWithResult(PrivilegedRunnableWithResult<V> runnable) throws PrivilegeException {
+	protected <V> V runAsAgentWithResult(PrivilegedRunnableWithResult<V> runnable)
+			throws PrivilegeException, Exception {
 		return this.container.getPrivilegeHandler().runAsAgentWithResult(runnable);
 	}
 
diff --git a/li.strolch.agent/src/main/resources/strolch-agent.properties b/li.strolch.agent/src/main/resources/strolch-agent.properties
index 12d3d5e3e..a7a9dce5f 100644
--- a/li.strolch.agent/src/main/resources/strolch-agent.properties
+++ b/li.strolch.agent/src/main/resources/strolch-agent.properties
@@ -2,3 +2,4 @@ agent.started={applicationName}:{environment} All {components} Strolch Component
 agent.stopping={applicationName}:{environment} Stopping Strolch Agent with {components} components.
 agent.tx.failed=Transaction has failed due to {reason}
 strolchjob.failed=Execution of Job {jobName} has failed due to {reason}
+operationsLog.persist.failed=Failed to persist OperationsLog due to: {reason}
\ No newline at end of file
diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java
index 328459800..07ed92607 100644
--- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java
+++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java
@@ -1839,7 +1839,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
 	}
 
 	@Override
-	public void runAs(String username, SystemAction action) throws PrivilegeException {
+	public void runAs(String username, SystemAction action) throws PrivilegeException, Exception {
 
 		PrivilegeContext systemUserPrivilegeContext = initiateSystemPrivilege(username, action);
 
@@ -1853,7 +1853,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
 	}
 
 	@Override
-	public <T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException {
+	public <T> T runWithResult(String username, SystemActionWithResult<T> action) throws PrivilegeException, Exception {
 
 		PrivilegeContext systemUserPrivilegeContext = initiateSystemPrivilege(username, action);
 
diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java
index fbab7c564..2740a7a16 100644
--- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java
+++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java
@@ -697,9 +697,11 @@ public interface PrivilegeHandler {
 	 * 		the action to be performed as the system user
 	 *
 	 * @throws PrivilegeException
-	 * 		if the user does not exist, or the system action is not alloed
+	 * 		if the user does not exist, or the system action is not allowed
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	void runAs(String systemUsername, SystemAction action) throws PrivilegeException;
+	void runAs(String systemUsername, SystemAction action) throws PrivilegeException, Exception;
 
 	/**
 	 * Special method to perform work as a System user, meaning the given systemUsername corresponds to an account which
@@ -714,9 +716,11 @@ public interface PrivilegeHandler {
 	 * @return the action
 	 *
 	 * @throws PrivilegeException
-	 * 		if the user does not exist, or the system action is not alloed
+	 * 		if the user does not exist, or the system action is not allowed
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	<T> T runWithResult(String systemUsername, SystemActionWithResult<T> action) throws PrivilegeException;
+	<T> T runWithResult(String systemUsername, SystemActionWithResult<T> action) throws PrivilegeException, Exception;
 
 	/**
 	 * Returns the {@link EncryptionHandler} instance
diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemAction.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemAction.java
index 4d86afda9..9cffd4bcd 100644
--- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemAction.java
+++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemAction.java
@@ -45,5 +45,5 @@ public abstract class SystemAction implements Restrictable {
 	 * @param privilegeContext
 	 * 		the {@link PrivilegeContext} which was generated for a valid system user
 	 */
-	public abstract void execute(PrivilegeContext privilegeContext);
+	public abstract void execute(PrivilegeContext privilegeContext) throws Exception;
 }
diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemActionWithResult.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemActionWithResult.java
index 31fdf3033..6cc482577 100644
--- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemActionWithResult.java
+++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SystemActionWithResult.java
@@ -21,7 +21,7 @@ import li.strolch.privilege.model.Restrictable;
 
 /**
  * With this interface system actions, which are to be performed in an automated fashion, i.e. by cron jobs, can be
- * implemented and then the authorized execution can be delegated to {@link PrivilegeHandler#runAsSystem(String,
+ * implemented and then the authorized execution can be delegated to {@link PrivilegeHandler#runWithResult(String,
  * SystemActionWithResult)}
  *
  * @author Robert von Burg <eitch@eitchnet.ch>
@@ -48,5 +48,5 @@ public abstract class SystemActionWithResult<T> implements Restrictable {
 	 *
 	 * @return the result
 	 */
-	public abstract T execute(PrivilegeContext privilegeContext);
+	public abstract T execute(PrivilegeContext privilegeContext) throws Exception;
 }
diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java
index 5d03421a9..118b40c75 100644
--- a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java
+++ b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java
@@ -185,6 +185,8 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
 	private void persistSessions() {
 		try {
 			runAsAgent(ctx -> this.privilegeHandler.getPrivilegeHandler().persistSessions(ctx.getCertificate()));
+		} catch (Exception e) {
+			logger.error("Failed to persist sessions", e);
 		} finally {
 			this.persistSessionsTask = null;
 		}
diff --git a/li.strolch.service/src/main/java/li/strolch/execution/policy/ExecutionPolicy.java b/li.strolch.service/src/main/java/li/strolch/execution/policy/ExecutionPolicy.java
index ab86dcc89..976c81278 100644
--- a/li.strolch.service/src/main/java/li/strolch/execution/policy/ExecutionPolicy.java
+++ b/li.strolch.service/src/main/java/li/strolch/execution/policy/ExecutionPolicy.java
@@ -176,8 +176,10 @@ public abstract class ExecutionPolicy extends StrolchPolicy {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the agent is missing the privilege
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException {
+	protected void runAsAgent(PrivilegedRunnable runnable) throws PrivilegeException, Exception {
 		getContainer().getPrivilegeHandler().runAs(StrolchConstants.SYSTEM_USER_AGENT, runnable);
 	}
 
@@ -192,8 +194,11 @@ public abstract class ExecutionPolicy extends StrolchPolicy {
 	 *
 	 * @throws PrivilegeException
 	 * 		if the agent is missing the privilege
+	 * @throws Exception
+	 * 		if anything else goes wrong during execution
 	 */
-	protected <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable) throws PrivilegeException {
+	protected <T> T runAsAgentWithResult(PrivilegedRunnableWithResult<T> runnable)
+			throws PrivilegeException, Exception {
 		return getContainer().getPrivilegeHandler().runWithResult(StrolchConstants.SYSTEM_USER_AGENT, runnable);
 	}
 }