diff --git a/.settings/org.eclipse.m2e.core.prefs b/.settings/org.eclipse.m2e.core.prefs
index f897a7f1c..6ece1b56f 100644
--- a/.settings/org.eclipse.m2e.core.prefs
+++ b/.settings/org.eclipse.m2e.core.prefs
@@ -1,3 +1,4 @@
+#Wed May 30 14:51:48 EDT 2012
 activeProfiles=
 eclipse.preferences.version=1
 resolveWorkspaceProjects=true
diff --git a/account-chooser/.settings/org.eclipse.m2e.core.prefs b/account-chooser/.settings/org.eclipse.m2e.core.prefs
index 04d767089..6ece1b56f 100644
--- a/account-chooser/.settings/org.eclipse.m2e.core.prefs
+++ b/account-chooser/.settings/org.eclipse.m2e.core.prefs
@@ -1,4 +1,4 @@
-#Mon May 07 14:38:46 EDT 2012
+#Wed May 30 14:51:48 EDT 2012
 activeProfiles=
 eclipse.preferences.version=1
 resolveWorkspaceProjects=true
diff --git a/openid-connect-client/.classpath b/openid-connect-client/.classpath
index f5c551598..1b28ee5d7 100644
--- a/openid-connect-client/.classpath
+++ b/openid-connect-client/.classpath
@@ -1,11 +1,11 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
-		<attributes>
-			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/openid-connect-client/.settings/org.eclipse.m2e.core.prefs b/openid-connect-client/.settings/org.eclipse.m2e.core.prefs
index f897a7f1c..6ece1b56f 100644
--- a/openid-connect-client/.settings/org.eclipse.m2e.core.prefs
+++ b/openid-connect-client/.settings/org.eclipse.m2e.core.prefs
@@ -1,3 +1,4 @@
+#Wed May 30 14:51:48 EDT 2012
 activeProfiles=
 eclipse.preferences.version=1
 resolveWorkspaceProjects=true
diff --git a/openid-connect-common/.classpath b/openid-connect-common/.classpath
index f5c551598..1b28ee5d7 100644
--- a/openid-connect-common/.classpath
+++ b/openid-connect-common/.classpath
@@ -1,11 +1,11 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
-		<attributes>
-			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/openid-connect-common/.settings/org.eclipse.m2e.core.prefs b/openid-connect-common/.settings/org.eclipse.m2e.core.prefs
index f897a7f1c..6ece1b56f 100644
--- a/openid-connect-common/.settings/org.eclipse.m2e.core.prefs
+++ b/openid-connect-common/.settings/org.eclipse.m2e.core.prefs
@@ -1,3 +1,4 @@
+#Wed May 30 14:51:48 EDT 2012
 activeProfiles=
 eclipse.preferences.version=1
 resolveWorkspaceProjects=true
diff --git a/openid-connect-server/.classpath b/openid-connect-server/.classpath
index 5abeb50d1..8ca8f4c92 100644
--- a/openid-connect-server/.classpath
+++ b/openid-connect-server/.classpath
@@ -1,14 +1,14 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
-	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
-	<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
-	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
-		<attributes>
-			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
+	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
+	<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>
diff --git a/openid-connect-server/.settings/com.springsource.sts.maven.prefs b/openid-connect-server/.settings/com.springsource.sts.maven.prefs
index 049137b9c..94d0ffbed 100644
--- a/openid-connect-server/.settings/com.springsource.sts.maven.prefs
+++ b/openid-connect-server/.settings/com.springsource.sts.maven.prefs
@@ -1,2 +1,3 @@
+#Wed May 30 14:51:48 EDT 2012
 com.springsource.sts.maven.maven.automatically.update=true
 eclipse.preferences.version=1
diff --git a/openid-connect-server/.settings/org.eclipse.wst.common.component b/openid-connect-server/.settings/org.eclipse.wst.common.component
index 5b4c881f0..7becf4b04 100644
--- a/openid-connect-server/.settings/org.eclipse.wst.common.component
+++ b/openid-connect-server/.settings/org.eclipse.wst.common.component
@@ -5,10 +5,10 @@
         <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
         <wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/>
         <wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
-        <dependent-module archiveName="spring-security-oauth2-1.0.0.BUILD-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/spring-security-oauth2-MITRE/spring-security-oauth2-MITRE">
+        <dependent-module archiveName="spring-security-oauth2-1.0.0.BUILD-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/spring-security-oauth2/spring-security-oauth2">
             <dependency-type>uses</dependency-type>
         </dependent-module>
-        <dependent-module archiveName="openid-connect-common-0.1-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/openid-connect-common-MITRE/openid-connect-common-MITRE">
+        <dependent-module archiveName="openid-connect-common-0.1-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/openid-connect-common/openid-connect-common">
             <dependency-type>uses</dependency-type>
         </dependent-module>
         <property name="java-output-path" value="/openid/target/classes"/>
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/ExpiredTokenException.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/ExpiredTokenException.java
index 935792f6f..2aa9118a6 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/ExpiredTokenException.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/ExpiredTokenException.java
@@ -15,11 +15,20 @@
  ******************************************************************************/
 package org.mitre.openid.connect.exception;
 
+/**
+ * @author aanganes, nemonik
+ *
+ */
 public class ExpiredTokenException extends RuntimeException {
 
-	/**
-	 * 
-	 */
 	private static final long serialVersionUID = 1L;
 
+	public ExpiredTokenException() {
+		super();
+	}
+
+	public ExpiredTokenException(String message) {
+		super(message);
+	}
+	
 }
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtIssuerException.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtIssuerException.java
index 43dab06e3..c760393ff 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtIssuerException.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtIssuerException.java
@@ -15,11 +15,20 @@
  ******************************************************************************/
 package org.mitre.openid.connect.exception;
 
+/**
+ * @author aanganes, nemonik
+ *
+ */
 public class InvalidJwtIssuerException extends RuntimeException {
 
-	/**
-	 * 
-	 */
 	private static final long serialVersionUID = 1L;
 
+	public InvalidJwtIssuerException() {
+		super();
+	}
+
+	public InvalidJwtIssuerException(String message) {
+		super(message);
+	}
+	
 }
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
index 72882c830..c4dbd79f7 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
@@ -15,11 +15,20 @@
  ******************************************************************************/
 package org.mitre.openid.connect.exception;
 
+/**
+ * @author aanganes, nemonik
+ *
+ */
 public class InvalidJwtSignatureException extends RuntimeException {
 
-	/**
-	 * 
-	 */
 	private static final long serialVersionUID = 1L;
+	
+	public InvalidJwtSignatureException() {
+		super();
+	}
 
+	public InvalidJwtSignatureException(String message) {
+		super(message);
+	}
+	
 }
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
index 07b4ee7ab..766357122 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
@@ -15,14 +15,20 @@
  ******************************************************************************/
 package org.mitre.openid.connect.exception;
 
+/**
+ * @author aanganes, nemonik
+ *
+ */
 public class UnknownUserInfoSchemaException extends RuntimeException {
 	
-	public UnknownUserInfoSchemaException(String string) {
-		super(string);
+	private static final long serialVersionUID = 1L;
+	
+	public UnknownUserInfoSchemaException() {
+		super();
 	}
 
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 1L;
+	public UnknownUserInfoSchemaException(String message) {
+		super(message);
+	}
+	
 }
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
new file mode 100644
index 000000000..e5da29707
--- /dev/null
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
@@ -0,0 +1,59 @@
+/*******************************************************************************
+ * Copyright 2012 The MITRE Corporation
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+package org.mitre.openid.connect.view;
+
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.gson.JsonObject;
+
+/**
+ * @author nemonik
+ *
+ */
+public class ExceptionAsJSONView extends AbstractView {
+
+	/*
+	 * (non-Javadoc)
+	 * 
+	 * @see
+	 * org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel
+	 * (java.util.Map, javax.servlet.http.HttpServletRequest,
+	 * javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model,
+			HttpServletRequest requesr, HttpServletResponse response)
+			throws Exception {
+
+		response.setContentType("application/json");
+
+		final JsonObject jsonObject = new JsonObject();
+
+		Object ex = model.get("exception");
+
+		jsonObject.addProperty("error", ex.getClass().getName());
+		jsonObject.addProperty("error_description",
+				((Exception) ex).getMessage());
+
+		response.getWriter().write(jsonObject.toString());
+	}
+
+}
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/CheckIDEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/CheckIDEndpoint.java
index a0e57814d..aa859b3cc 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/CheckIDEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/CheckIDEndpoint.java
@@ -50,7 +50,7 @@ public class CheckIDEndpoint {
 		
 		if (!jwtSignerService.validateSignature(tokenString)) {
 			// can't validate 
-			throw new InvalidJwtSignatureException(); // TODO: attach a view to this exception
+			throw new InvalidJwtSignatureException("The Signature could not be validated.");
 		}
 		
 		// it's a valid signature, parse the token
@@ -59,12 +59,12 @@ public class CheckIDEndpoint {
 		// check the expiration
 		if (jwtSignerService.isJwtExpired(token)) {
 			// token has expired
-			throw new ExpiredTokenException(); // TODO create a view for this exception
+			throw new ExpiredTokenException("The token has expired.");
 		}
 		
 		// check the issuer (sanity check)
 		if (!jwtSignerService.validateIssuedJwt(token, configBean.getIssuer())) {
-			throw new InvalidJwtIssuerException(); // TODO: create a view for this exception
+			throw new InvalidJwtIssuerException("The JWT issuer is invalid.");
 		}
 		
 		// pass the claims directly (the view doesn't care about other fields)
diff --git a/openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml b/openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
index 80cb9f2ff..8fbd22685 100644
--- a/openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
@@ -1,12 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:mvc="http://www.springframework.org/schema/mvc"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns:tx="http://www.springframework.org/schema/tx"
-	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
 	xmlns:security="http://www.springframework.org/schema/security"
-	xmlns:task="http://www.springframework.org/schema/task"
-	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xmlns:task="http://www.springframework.org/schema/task" xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
 	xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
 		http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
 		http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-3.1.xsd
@@ -16,8 +13,9 @@
 		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
 
 	<!-- Scan for components -->
-	<context:component-scan annotation-config="true" base-package="org.mitre"/>
-	
+	<context:component-scan annotation-config="true"
+		base-package="org.mitre" />
+
 	<!-- Enables the Spring MVC @Controller programming model -->
 	<tx:annotation-driven transaction-manager="transactionManager" />
 	<mvc:annotation-driven />
@@ -27,64 +25,85 @@
 	<import resource="server-config.xml" />
 
 	<!-- Import the data context -->
-	<import resource="data-context.xml" />	
+	<import resource="data-context.xml" />
 
-    <!-- Spring Security configuration -->
-    
-    <oauth:resource-server id="resourceServerFilter" token-services-ref="defaultOAuth2ProviderTokenService" />
-    
-	<security:http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager" 
+	<!-- Spring Security configuration -->
+
+	<oauth:resource-server id="resourceServerFilter"
+		token-services-ref="defaultOAuth2ProviderTokenService" />
+
+	<security:http pattern="/oauth/token" create-session="stateless"
+		authentication-manager-ref="clientAuthenticationManager"
 		entry-point-ref="oauthAuthenticationEntryPoint">
-		<security:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
+		<security:intercept-url pattern="/oauth/token"
+			access="IS_AUTHENTICATED_FULLY" />
 		<security:anonymous enabled="false" />
 		<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
-		<!-- include this only if you need to authenticate clients via request parameters -->
-		<security:custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
+		<!-- include this only if you need to authenticate clients via request 
+			parameters -->
+		<security:custom-filter ref="clientCredentialsTokenEndpointFilter"
+			before="BASIC_AUTH_FILTER" />
 		<security:access-denied-handler ref="oauthAccessDeniedHandler" />
 	</security:http>
 
-	<bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
+	<bean id="oauthAuthenticationEntryPoint"
+		class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
 		<property name="realmName" value="openidconnect" />
 	</bean>
 
-	<!-- SECOAUTH Authorization Server, with our custom token granter plugged in -->
-	<oauth:authorization-server client-details-service-ref="defaultOAuth2ClientDetailsEntityService" 
-		token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter"
-		user-approval-handler-ref="userApprovalHandler" authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token">
-		<oauth:authorization-code authorization-code-services-ref="authCodeServices" />
+	<!-- SECOAUTH Authorization Server, with our custom token granter plugged 
+		in -->
+	<oauth:authorization-server
+		client-details-service-ref="defaultOAuth2ClientDetailsEntityService"
+		token-services-ref="defaultOAuth2ProviderTokenService"
+		token-granter-ref="connectAuthCodeTokenGranter"
+		user-approval-handler-ref="userApprovalHandler"
+		authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token">
+		<oauth:authorization-code
+			authorization-code-services-ref="authCodeServices" />
 	</oauth:authorization-server>
 
-	<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
+	<bean id="oauthAccessDeniedHandler"
+		class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
 
-	<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
+	<bean id="clientCredentialsTokenEndpointFilter"
+		class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
 		<property name="authenticationManager" ref="clientAuthenticationManager" />
 	</bean>
 
-	<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
+	<authentication-manager id="clientAuthenticationManager"
+		xmlns="http://www.springframework.org/schema/security">
 		<authentication-provider user-service-ref="clientUserDetailsService" />
 	</authentication-manager>
 
-	<bean id="clientCredentialsChecker" class="org.springframework.security.oauth2.provider.ClientCredentialsChecker">
+	<bean id="clientCredentialsChecker"
+		class="org.springframework.security.oauth2.provider.ClientCredentialsChecker">
 		<constructor-arg>
-			<bean class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService"/>
+			<bean
+				class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService" />
 		</constructor-arg>
-	</bean>	
-
-	<bean class="org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler" id="userApprovalHandler">
-		<property name="tokenServices" ref="defaultOAuth2ProviderTokenService"/>
 	</bean>
 
-	<bean id="authCodeServices" class="org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices"/>
+	<bean
+		class="org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler"
+		id="userApprovalHandler">
+		<property name="tokenServices" ref="defaultOAuth2ProviderTokenService" />
+	</bean>
+
+	<bean id="authCodeServices"
+		class="org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices" />
 
 	<!-- user services -->
 	<import resource="user-context.xml" />
-	
-<!-- End Spring Security configuration -->	
-		
-<!-- JPA  -->
-	
-	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
-		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.MySQLPlatform" />
+
+	<!-- End Spring Security configuration -->
+
+	<!-- JPA -->
+
+	<bean id="jpaAdapter"
+		class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
+		<property name="databasePlatform"
+			value="org.eclipse.persistence.platform.database.MySQLPlatform" />
 		<property name="showSql" value="true" />
 	</bean>
 
@@ -96,7 +115,7 @@
 		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
 		<property name="persistenceUnitName" value="openidPersistenceUnit" />
 		<property name="dataSource" ref="dataSource" />
-        <property name="jpaVendorAdapter" ref="jpaAdapter" />
+		<property name="jpaVendorAdapter" ref="jpaAdapter" />
 		<property name="jpaPropertyMap">
 			<map>
 				<entry key="eclipselink.weaving" value="false" />
@@ -106,16 +125,17 @@
 		</property>
 	</bean>
 
-<!-- End JPA -->
+	<!-- End JPA -->
+
+	<!-- Crypto -->
 
-<!-- Crypto -->
-	
 	<bean id="defaultKeystore" class="org.mitre.jwt.signer.service.impl.KeyStore">
 		<constructor-arg name="location" value="classpath:keystore.jks" />
 		<constructor-arg name="password" value="changeit" />
 	</bean>
 
-	<bean id="defaultsignerService" class="org.mitre.jwt.signer.service.impl.JwtSigningAndValidationServiceDefault">
+	<bean id="defaultsignerService"
+		class="org.mitre.jwt.signer.service.impl.JwtSigningAndValidationServiceDefault">
 		<property name="signers">
 			<map>
 				<entry key="rsa1">
@@ -133,50 +153,74 @@
 					</bean>
 				</entry>
 			</map>
-		</property>	
-	</bean>	
+		</property>
+	</bean>
 
-<!-- End Crypto -->
+	<!-- End Crypto -->
 
-<!-- View configuration -->
+	<!-- View configuration -->
 
-	<!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources directory -->
+	<!-- Handles HTTP GET requests for /resources/** by efficiently serving 
+		up static resources in the ${webappRoot}/resources directory -->
 	<mvc:resources mapping="/resources/**" location="/resources/" />
 
-	<!-- Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory -->
-	<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
-        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
+	<!-- Resolves views selected for rendering by @Controllers to .jsp resources 
+		in the /WEB-INF/views directory -->
+	<bean
+		class="org.springframework.web.servlet.view.InternalResourceViewResolver">
+		<property name="viewClass"
+			value="org.springframework.web.servlet.view.JstlView" />
 		<property name="prefix" value="/WEB-INF/views/" />
 		<property name="suffix" value=".jsp" />
-		<property name="order" value="2"/>
+		<property name="order" value="2" />
 	</bean>
-	
+
 	<!-- Resolve views based on string names -->
-	<bean class="org.springframework.web.servlet.view.BeanNameViewResolver" >
-		<property name="order" value="1"/>
+	<bean class="org.springframework.web.servlet.view.BeanNameViewResolver">
+		<property name="order" value="1" />
 	</bean>
 
 	<!-- Map our custom exception classes to named views -->
-<!-- 	<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> -->
-<!-- 	   <property name="exceptionMappings"> -->
-<!-- 	   </property> -->
-<!-- 	</bean> -->
+	<!-- <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> -->
+	<!-- <property name="exceptionMappings"> -->
+	<!-- </property> -->
+	<!-- </bean> -->
 
 	<!-- JSON views for each type of model object -->
 	<bean id="jsonOpenIdConfigurationView" class="org.mitre.swd.view.JsonOpenIdConfigurationView" />
 	<bean id="jsonSwdResponseView" class="org.mitre.swd.view.SwdResponse" />
 	<bean id="jwkKeyList" class="org.mitre.openid.connect.view.JwkKeyListView" />
-	
- 	<bean id="jsonUserInfoView" class="org.mitre.openid.connect.view.JSONUserInfoView"/>
- 	<bean id="pocoUserInfoView" class="org.mitre.openid.connect.view.POCOUserInfoView"/>
- 	<bean id="jsonIdTokenView" class="org.mitre.openid.connect.view.JSONIdTokenView"/>
-    <bean id="jsonClientView" class="org.mitre.openid.connect.view.JSONClientView" />
 
-<!-- End view configuration -->
+	<bean id="jsonUserInfoView" class="org.mitre.openid.connect.view.JSONUserInfoView" />
+	<bean id="pocoUserInfoView" class="org.mitre.openid.connect.view.POCOUserInfoView" />
+	<bean id="jsonIdTokenView" class="org.mitre.openid.connect.view.JSONIdTokenView" />
+	<bean id="jsonClientView" class="org.mitre.openid.connect.view.JSONClientView" />
+
+	<bean name="exceptionAsJSONView" class="org.mitre.openid.connect.view.ExceptionAsJSONView" />
+
+	<bean
+		class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
+		<property name="exceptionMappings">
+			<props>
+				<prop key="org.mitre.openid.connect.web.InvalidJwtSignatureException">
+					exceptionAsJSONView
+				</prop>
+				<prop key="org.mitre.openid.connect.web.ExpiredTokenException">
+					exceptionAsJSONView
+				</prop>
+				<prop key="org.mitre.openid.connect.web.InvalidJwtIssuerException">
+					exceptionAsJSONView
+				</prop>
+			</props>
+		</property>
+	</bean>
+
+	<!-- End view configuration -->
 
 	<!-- scheduled tasks -->
-<!-- 	<task:scheduler id="taskScheduler" pool-size="10" /> -->
-<!-- 	<task:executor id="taskExecutor" pool-size="5" /> -->
-<!-- 	<task:annotation-driven scheduler="taskScheduler" executor="taskExecutor" /> -->
+	<!-- <task:scheduler id="taskScheduler" pool-size="10" /> -->
+	<!-- <task:executor id="taskExecutor" pool-size="5" /> -->
+	<!-- <task:annotation-driven scheduler="taskScheduler" executor="taskExecutor" 
+		/> -->
 
 </beans>