diff --git a/src/main/java/com/nubisware/oidc/lr62/IntraVMOIDCTokenProxy.java b/src/main/java/com/nubisware/oidc/lr62/IntraVMOIDCTokenProxy.java
new file mode 100644
index 0000000..2c50d06
--- /dev/null
+++ b/src/main/java/com/nubisware/oidc/lr62/IntraVMOIDCTokenProxy.java
@@ -0,0 +1,52 @@
+package com.nubisware.oidc.lr62;
+
+import java.util.Collections;
+import java.util.Map;
+import java.util.TreeMap;
+
+import javax.servlet.http.HttpSession;
+
+import com.liferay.portal.model.User;
+import com.nubisware.oidc.rest.JWTToken;
+
+public class IntraVMOIDCTokenProxy extends OIDCTokenProxy {
+
+    private Map<String, String> oidcTokens;
+    private Map<String, String> rptTokens;
+
+    protected IntraVMOIDCTokenProxy() {
+        oidcTokens = Collections.synchronizedMap(new TreeMap<>());
+        rptTokens = Collections.synchronizedMap(new TreeMap<>());
+    }
+
+    @Override
+    public void setOIDCToken(User user, HttpSession session, JWTToken token) {
+        oidcTokens.put(generateKey(user, session), JWTTokenUtil.getRawContent(token));
+    }
+
+    @Override
+    public void setRPTToken(User user, HttpSession session, JWTToken token) {
+        rptTokens.put(generateKey(user, session), JWTTokenUtil.getRawContent(token));
+    }
+
+    @Override
+    public JWTToken getOIDCToken(User user, HttpSession session) {
+        return JWTTokenUtil.fromString(oidcTokens.get(generateKey(user, session)));
+    }
+
+    @Override
+    public JWTToken getUMAToken(User user, HttpSession session) {
+        return JWTTokenUtil.fromString(rptTokens.get(generateKey(user, session)));
+    }
+
+    @Override
+    public void removeOIDCToken(User user, HttpSession session) {
+        oidcTokens.remove(generateKey(user, session));
+    }
+
+    @Override
+    public void removeUMAToken(User user, HttpSession session) {
+        rptTokens.remove(generateKey(user, session));
+    }
+
+}
diff --git a/src/main/java/com/nubisware/oidc/lr62/JWTTokenUtil.java b/src/main/java/com/nubisware/oidc/lr62/JWTTokenUtil.java
new file mode 100644
index 0000000..cacb65f
--- /dev/null
+++ b/src/main/java/com/nubisware/oidc/lr62/JWTTokenUtil.java
@@ -0,0 +1,54 @@
+package com.nubisware.oidc.lr62;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import com.nubisware.oidc.rest.JWTToken;
+
+public class JWTTokenUtil {
+
+    public static String OIDC_TOKEN_ATTRIBUTE = "OIDC_JWT";
+    public static String RPT_TOKEN_ATTRIBUTE = "UMA_RPT_JWT";
+
+    public static JWTToken fromString(String tokenString) {
+        return JWTToken.fromString(tokenString);
+    }
+
+    public static String getRawContent(JWTToken token) {
+        return token.getRaw();
+    }
+
+    public static JWTToken getOIDCFromRequest(HttpServletRequest request) {
+        return JWTToken.fromString((String) request.getAttribute(OIDC_TOKEN_ATTRIBUTE));
+    }
+
+    public static JWTToken getUMAFromRequest(HttpServletRequest request) {
+        return JWTToken.fromString((String) request.getAttribute(RPT_TOKEN_ATTRIBUTE));
+    }
+
+    public static void putOIDCInRequest(JWTToken token, HttpServletRequest request) {
+        request.setAttribute(OIDC_TOKEN_ATTRIBUTE, getRawContent(token));
+    }
+
+    public static void putUMAInRequest(JWTToken token, HttpServletRequest request) {
+        request.setAttribute(RPT_TOKEN_ATTRIBUTE, getRawContent(token));
+    }
+
+    public static JWTToken getOIDCFromSession(HttpSession session) {
+        return JWTToken.fromString((String) session.getAttribute(OIDC_TOKEN_ATTRIBUTE));
+    }
+
+    public static JWTToken getUMAFromSession(HttpSession session) {
+        return JWTToken.fromString((String) session.getAttribute(RPT_TOKEN_ATTRIBUTE));
+    }
+
+    public static void putOIDCInSession(JWTToken token, HttpSession session) {
+        session.setAttribute(OIDC_TOKEN_ATTRIBUTE, getRawContent(token));
+    }
+
+
+    public static void putUMAInSession(JWTToken token, HttpSession session) {
+        session.setAttribute(RPT_TOKEN_ATTRIBUTE, getRawContent(token));
+    }
+
+}
diff --git a/src/main/java/com/nubisware/oidc/lr62/OIDCTokenProxy.java b/src/main/java/com/nubisware/oidc/lr62/OIDCTokenProxy.java
new file mode 100644
index 0000000..f0bebea
--- /dev/null
+++ b/src/main/java/com/nubisware/oidc/lr62/OIDCTokenProxy.java
@@ -0,0 +1,35 @@
+package com.nubisware.oidc.lr62;
+
+import javax.servlet.http.HttpSession;
+
+import com.liferay.portal.model.User;
+import com.nubisware.oidc.rest.JWTToken;
+
+public abstract class OIDCTokenProxy {
+
+    protected static OIDCTokenProxy instance;
+
+    public OIDCTokenProxy() {
+        instance = this;
+    }
+    public static synchronized OIDCTokenProxy getInstance() {
+        return instance != null ? instance : new IntraVMOIDCTokenProxy();
+    }
+
+    public abstract void setOIDCToken(User user, HttpSession session, JWTToken token);
+
+    public abstract void setRPTToken(User user, HttpSession session, JWTToken token);
+
+    public abstract JWTToken getOIDCToken(User user, HttpSession session);
+
+    public abstract JWTToken getUMAToken(User user, HttpSession session);
+
+    public abstract void removeOIDCToken(User user, HttpSession session);
+
+    public abstract void removeUMAToken(User user, HttpSession session);
+
+    protected String generateKey(User user, HttpSession session) {
+        return user.getScreenName() + "@" + session.getId();
+    }
+
+}
\ No newline at end of file
diff --git a/src/main/java/com/nubisware/oidc/lr62/SessionAttributeListener.java b/src/main/java/com/nubisware/oidc/lr62/SessionAttributeListener.java
new file mode 100644
index 0000000..c1bf339
--- /dev/null
+++ b/src/main/java/com/nubisware/oidc/lr62/SessionAttributeListener.java
@@ -0,0 +1,44 @@
+package com.nubisware.oidc.lr62;
+
+import javax.servlet.http.HttpSessionAttributeListener;
+import javax.servlet.http.HttpSessionBindingEvent;
+
+import com.liferay.portal.kernel.log.Log;
+import com.liferay.portal.kernel.log.LogFactoryUtil;
+
+public class SessionAttributeListener implements HttpSessionAttributeListener {
+
+    protected static final Log log = LogFactoryUtil.getLog(SessionAttributeListener.class);
+
+    public SessionAttributeListener() {
+        if (log.isTraceEnabled()) {
+            log.trace("Listener created");
+        }
+    }
+
+    @Override
+    public void attributeAdded(HttpSessionBindingEvent event) {
+        if (log.isTraceEnabled()) {
+            log.trace(
+                    "[" + event.getSession().getId() + "] Added '" + event.getName() + "' in " + event.getSource()
+                            + " with value: " + event.getValue());
+        }
+    }
+
+    @Override
+    public void attributeRemoved(HttpSessionBindingEvent event) {
+        if (log.isTraceEnabled()) {
+            log.trace("[" + event.getSession().getId() + "] Removed '" + event.getName() + "' in " + event.getSource()
+                    + " with value: " + event.getValue());
+        }
+    }
+
+    @Override
+    public void attributeReplaced(HttpSessionBindingEvent event) {
+        if (log.isTraceEnabled()) {
+            log.trace("[" + event.getSession().getId() + "] Replaced '" + event.getName() + "' in " + event.getSource()
+                    + " with value: " + event.getValue());
+        }
+    }
+
+}