ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1295267 [4/11] - in /webservices/wss4j/branches/swssf: rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/ streaming-ws-policy/src/main/java/org/swssf/policy/ streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ s...
Date Wed, 29 Feb 2012 20:54:56 GMT
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java Wed Feb 29 20:54:51 2012
@@ -20,6 +20,7 @@ package org.swssf.policy.test;
 
 import org.swssf.policy.PolicyEnforcer;
 import org.swssf.policy.PolicyViolationException;
+import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityException;
 import org.swssf.wss.securityEvent.OperationSecurityEvent;
 import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
@@ -27,6 +28,8 @@ import org.testng.Assert;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -52,12 +55,18 @@ public class SignedPartsTest extends Abs
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
-        signedPartSecurityEvent.setElement(new QName("http://example.org", "a"));
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "a"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         //additional signedParts are also allowed!
-        signedPartSecurityEvent.setElement(new QName("http://example.com", "b"));
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "b"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         policyEnforcer.doFinal();
     }
@@ -80,10 +89,13 @@ public class SignedPartsTest extends Abs
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
-        signedPartSecurityEvent.setElement(new QName("http://example.org", "a"));
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "a"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         try {
             policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
             Assert.fail("Exception expected");
@@ -104,11 +116,17 @@ public class SignedPartsTest extends Abs
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
-        signedPartSecurityEvent.setElement(new QName("http://example.org", "a"));
-        policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
-        signedPartSecurityEvent.setElement(new QName("http://example.com", "b"));
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "a"));
+        signedPartSecurityEvent.setElementPath(headerPath);
+        policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "b"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         policyEnforcer.doFinal();
     }
@@ -125,14 +143,17 @@ public class SignedPartsTest extends Abs
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
-        signedPartSecurityEvent.setElement(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         try {
             policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         } catch (WSSecurityException e) {
             Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
         }
         signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
-        signedPartSecurityEvent.setElement(new QName("http://example.org", "a"));
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "a"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         try {
             policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
             Assert.fail("Exception expected");
@@ -159,12 +180,18 @@ public class SignedPartsTest extends Abs
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
-        signedPartSecurityEvent.setElement(new QName("http://example.org", "a"));
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "a"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         //additional signedParts are also allowed!
-        signedPartSecurityEvent.setElement(new QName("http://example.com", "b"));
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "b"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         policyEnforcer.doFinal();
     }
@@ -187,10 +214,13 @@ public class SignedPartsTest extends Abs
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
-        signedPartSecurityEvent.setElement(new QName("http://example.org", "a"));
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
+        headerPath.add(new QName("http://example.org", "a"));
+        signedPartSecurityEvent.setElementPath(headerPath);
         try {
             policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
             Assert.fail("Exception expected");

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java Wed Feb 29 20:54:51 2012
@@ -20,9 +20,11 @@ package org.swssf.policy.test;
 
 import org.swssf.policy.PolicyEnforcer;
 import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.impl.securityToken.X509SecurityToken;
-import org.swssf.wss.securityEvent.*;
-import org.swssf.xmlsec.ext.XMLSecurityException;
+import org.swssf.wss.securityEvent.ContentEncryptedElementSecurityEvent;
+import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.wss.securityEvent.SpnegoContextTokenSecurityEvent;
+import org.swssf.xmlsec.ext.SecurityToken;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
@@ -64,31 +66,23 @@ public class SpnegoContextTokenTest exte
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
         SpnegoContextTokenSecurityEvent initiatorTokenSecurityEvent = new SpnegoContextTokenSecurityEvent();
         initiatorTokenSecurityEvent.setIssuerName("xs:anyURI");
-        initiatorTokenSecurityEvent.setSecurityToken(new X509SecurityToken(WSSConstants.X509V3Token, null, null, null, "1", null, null) {
-            @Override
-            protected String getAlias() throws XMLSecurityException {
-                return null;
-            }
-        });
-        initiatorTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
+        SecurityToken securityToken = getX509Token(WSSConstants.X509V3Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
 
         SpnegoContextTokenSecurityEvent recipientTokenSecurityEvent = new SpnegoContextTokenSecurityEvent();
-        recipientTokenSecurityEvent.setSecurityToken(new X509SecurityToken(WSSConstants.X509V3Token, null, null, null, "1", null, null) {
-            @Override
-            protected String getAlias() throws XMLSecurityException {
-                return null;
-            }
-        });
-        recipientTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        securityToken = getX509Token(WSSConstants.X509V3Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
-        contentEncryptedElementSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java Wed Feb 29 20:54:51 2012
@@ -24,10 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityException;
 import org.swssf.wss.impl.securityToken.SecureConversationSecurityToken;
 import org.swssf.wss.securityEvent.*;
+import org.swssf.xmlsec.ext.SecurityToken;
 import org.testng.Assert;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -52,20 +55,37 @@ public class SymmetricBindingTest extend
         TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
 
-        SecureConversationTokenSecurityEvent secureConversationTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
-        secureConversationTokenSecurityEvent.setSecurityToken(new SecureConversationSecurityToken(null, null, null, "1", null, null));
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
-
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
+        RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent();
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsu_Timestamp);
+        requiredElementSecurityEvent.setElementPath(headerPath);
+        policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
+
+        SecureConversationTokenSecurityEvent initiatorTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        SecurityToken securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
+
+        SecureConversationTokenSecurityEvent recipientTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_dsig_Signature);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_dsig_Signature);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -73,7 +93,7 @@ public class SymmetricBindingTest extend
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap12_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
         policyEnforcer.doFinal();
     }
@@ -91,13 +111,17 @@ public class SymmetricBindingTest extend
                         "</sp:SymmetricBinding>";
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
 
-        SecureConversationTokenSecurityEvent secureConversationTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
-        secureConversationTokenSecurityEvent.setSecurityToken(new SecureConversationSecurityToken(null, null, null, "1", null, null));
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
-
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
+        SecureConversationTokenSecurityEvent initiatorTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        SecurityToken securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
+
+        SecureConversationTokenSecurityEvent recipientTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
@@ -142,6 +166,7 @@ public class SymmetricBindingTest extend
     }
     */
 
+
     @Test
     public void testPolicySignatureNotEncrypted() throws Exception {
         String policyString =
@@ -158,16 +183,23 @@ public class SymmetricBindingTest extend
         TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
 
-        SecureConversationTokenSecurityEvent secureConversationTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
-        secureConversationTokenSecurityEvent.setSecurityToken(new SecureConversationSecurityToken(null, null, null, "1", null, null));
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
-
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
+        SecureConversationTokenSecurityEvent initiatorTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        SecurityToken securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
+
+        SecureConversationTokenSecurityEvent recipientTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_dsig_Signature);
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_dsig_Signature);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -196,20 +228,30 @@ public class SymmetricBindingTest extend
         TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
 
-        SecureConversationTokenSecurityEvent secureConversationTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
-        secureConversationTokenSecurityEvent.setSecurityToken(new SecureConversationSecurityToken(null, null, null, "1", null, null));
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
-
-        secureConversationTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
-        policyEnforcer.registerSecurityEvent(secureConversationTokenSecurityEvent);
+        SecureConversationTokenSecurityEvent initiatorTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        SecurityToken securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
+
+        SecureConversationTokenSecurityEvent recipientTokenSecurityEvent = new SecureConversationTokenSecurityEvent();
+        securityToken = new SecureConversationSecurityToken(null, null, null, "1", null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
+        policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_dsig_Signature);
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_dsig_Signature);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -217,7 +259,7 @@ public class SymmetricBindingTest extend
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap12_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         try {
             policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
             Assert.fail("Exception expected");

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingIntegrationTest.java Wed Feb 29 20:54:51 2012
@@ -25,8 +25,10 @@ import org.swssf.wss.ext.WSSSecurityProp
 import org.swssf.wss.ext.WSSecurityException;
 import org.swssf.wss.impl.securityToken.HttpsSecurityToken;
 import org.swssf.wss.securityEvent.HttpsTokenSecurityEvent;
+import org.swssf.wss.securityEvent.SecurityEvent;
 import org.swssf.wss.test.CallbackHandlerImpl;
 import org.swssf.xmlsec.ext.SecurePart;
+import org.swssf.xmlsec.ext.SecurityToken;
 import org.testng.Assert;
 import org.testng.annotations.Test;
 import org.w3c.dom.Document;
@@ -37,6 +39,8 @@ import javax.xml.transform.TransformerFa
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 import java.io.*;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -44,6 +48,8 @@ import java.io.*;
  */
 public class TransportBindingIntegrationTest extends AbstractPolicyTestBase {
 
+    //todo revisit _ALL_ policy tests an check for violated policy message in exception
+
     @Test
     public void testIncludeTimestampPolicy() throws Exception {
 
@@ -122,10 +128,14 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
-        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
         //read the whole stream:
         Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -218,11 +228,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -332,10 +346,14 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
-        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
         //read the whole stream:
         Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -439,11 +457,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -546,10 +568,14 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
-        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
         //read the whole stream:
         Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -602,7 +628,11 @@ public class TransportBindingIntegration
                         "                    <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n" +
                         "                </sp:SignedParts>\n" +
                         "                <sp:SignedElements>\n" +
-                        "                    <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n" +
+                        "                    <sp:XPath xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" " +
+                        "                       xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" " +
+                        "                       xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">" +
+                        "                       /soap:Envelope/soap:Header/wsse:Security/wsu:Timestamp/wsu:Created" +
+                        "                    </sp:XPath>\n" +
                         "                </sp:SignedElements>\n" +
                         "                <sp:EncryptedParts>\n" +
                         "                    <sp:Body/>\n" +
@@ -610,10 +640,18 @@ public class TransportBindingIntegration
                         "                    <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n" +
                         "                </sp:EncryptedParts>\n" +
                         "                <sp:EncryptedElements>\n" +
-                        "                    <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n" +
+                        "                    <sp:XPath xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" " +
+                        "                       xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" " +
+                        "                       xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">" +
+                        "                       /soap:Envelope/soap:Header/wsse:Security/wsu:Timestamp/wsu:Created" +
+                        "                    </sp:XPath>\n" +
                         "                </sp:EncryptedElements>\n" +
                         "                <sp:ContentEncryptedElements>\n" +
-                        "                    <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Expires</sp:XPath>\n" +
+                        "                    <sp:XPath xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" " +
+                        "                       xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" " +
+                        "                       xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">" +
+                        "                       /soap:Envelope/soap:Header/wsse:Security/wsu:Timestamp/wsu:Expires" +
+                        "                    </sp:XPath>\n" +
                         "                </sp:ContentEncryptedElements>\n" +
                         "                <sp:SignedSupportingTokens>\n" +
                         "                    <wsp:Policy>\n" +
@@ -658,10 +696,14 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("CN=transmitter,OU=swssf,C=CH");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpsClientCertificateAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "CN=transmitter,OU=swssf,C=CH", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "CN=transmitter,OU=swssf,C=CH", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
-        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
         //read the whole stream:
         Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -770,11 +812,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("CN=example,OU=swssf,C=CH");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpsClientCertificateAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "CN=example,OU=swssf,C=CH", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "CN=example,OU=swssf,C=CH", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -879,11 +925,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -904,7 +954,7 @@ public class TransportBindingIntegration
     }
 
     @Test
-    public void testC14NAlgorithmSuiteNegative() throws Exception {
+    public void atestC14NAlgorithmSuiteNegative() throws Exception {
 
         String policyString =
                 "<wsp:ExactlyOne xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" " +
@@ -988,11 +1038,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -1097,11 +1151,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -1206,11 +1264,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
@@ -1314,11 +1376,15 @@ public class TransportBindingIntegration
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
         httpsTokenSecurityEvent.setIssuerName("transmitter");
         httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter", null));
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "transmitter", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
+
+        List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+        securityEventList.add(httpsTokenSecurityEvent);
 
         try {
-            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), securityEventList, policyEnforcer);
 
             //read the whole stream:
             Transformer transformer = TransformerFactory.newInstance().newTransformer();

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java Wed Feb 29 20:54:51 2012
@@ -24,10 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityException;
 import org.swssf.wss.impl.securityToken.HttpsSecurityToken;
 import org.swssf.wss.securityEvent.*;
+import org.swssf.xmlsec.ext.SecurityToken;
 import org.testng.Assert;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -48,15 +51,16 @@ public class TransportBindingTest extend
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
 
         RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent();
-        requiredElementSecurityEvent.setElement(WSSConstants.TAG_wsu_Timestamp);
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsu_Timestamp);
+        requiredElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
 
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "username", null));
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
-
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "username", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
         policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -64,15 +68,21 @@ public class TransportBindingTest extend
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_dsig_Signature);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_dsig_Signature);
+        requiredElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        requiredElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap12_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         policyEnforcer.doFinal();
@@ -88,11 +98,9 @@ public class TransportBindingTest extend
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
 
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "username", null));
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
-
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "username", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
         policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
 
         TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
@@ -123,19 +131,23 @@ public class TransportBindingTest extend
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
 
         RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent();
-        requiredElementSecurityEvent.setElement(WSSConstants.TAG_wsu_Timestamp);
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsu_Timestamp);
+        requiredElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
 
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "username", null));
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
-
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "username", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
         policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
 
         EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_dsig_Signature);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_dsig_Signature);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -158,23 +170,30 @@ public class TransportBindingTest extend
         policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
 
         RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent();
-        requiredElementSecurityEvent.setElement(WSSConstants.TAG_wsu_Timestamp);
+        List<QName> headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsu_Timestamp);
+        requiredElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
 
         HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
-        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "username", null));
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
-        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
-
-        httpsTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        HttpsSecurityToken httpsSecurityToken = new HttpsSecurityToken(true, "username", null);
+        httpsSecurityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
         policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
 
         EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_dsig_Signature);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_dsig_Signature);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
-        encryptedElementSecurityEvent.setElement(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        headerPath = new ArrayList<QName>();
+        headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
+        headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
+        encryptedElementSecurityEvent.setElementPath(headerPath);
         policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -182,7 +201,7 @@ public class TransportBindingTest extend
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap12_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         policyEnforcer.doFinal();

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java Wed Feb 29 20:54:51 2012
@@ -24,7 +24,11 @@ import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityContext;
 import org.swssf.wss.ext.WSSecurityException;
 import org.swssf.wss.impl.securityToken.UsernameSecurityToken;
-import org.swssf.wss.securityEvent.*;
+import org.swssf.wss.securityEvent.ContentEncryptedElementSecurityEvent;
+import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.wss.securityEvent.UsernameTokenSecurityEvent;
+import org.swssf.xmlsec.ext.SecurityToken;
 import org.testng.Assert;
 import org.testng.annotations.Test;
 
@@ -71,27 +75,29 @@ public class UsernameTokenTest extends A
         UsernameTokenSecurityEvent initiatorTokenSecurityEvent = new UsernameTokenSecurityEvent();
         initiatorTokenSecurityEvent.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
         initiatorTokenSecurityEvent.setUsernameTokenProfile(WSSConstants.NS_USERNAMETOKEN_PROFILE11);
-        initiatorTokenSecurityEvent.setSecurityToken(new UsernameSecurityToken(
+        SecurityToken securityToken = new UsernameSecurityToken(
                 "username", "password", new Date().toString(), new byte[10], new byte[10], Long.valueOf(10),
-                (WSSecurityContext) null, null, null));
-        initiatorTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
+                (WSSecurityContext) null, null, null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
 
         UsernameTokenSecurityEvent recipientTokenSecurityEvent = new UsernameTokenSecurityEvent();
         recipientTokenSecurityEvent.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
         recipientTokenSecurityEvent.setUsernameTokenProfile(WSSConstants.NS_USERNAMETOKEN_PROFILE11);
-        recipientTokenSecurityEvent.setSecurityToken(new UsernameSecurityToken(
+        securityToken = new UsernameSecurityToken(
                 "username", "password", new Date().toString(), new byte[10], new byte[10], Long.valueOf(10),
-                (WSSecurityContext) null, null, null));
-        recipientTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+                (WSSecurityContext) null, null, null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
-        contentEncryptedElementSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -135,27 +141,29 @@ public class UsernameTokenTest extends A
         UsernameTokenSecurityEvent usernameTokenSecurityEvent = new UsernameTokenSecurityEvent();
         usernameTokenSecurityEvent.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
         usernameTokenSecurityEvent.setUsernameTokenProfile(WSSConstants.NS_USERNAMETOKEN_PROFILE11);
-        usernameTokenSecurityEvent.setSecurityToken(new UsernameSecurityToken(
+        SecurityToken securityToken = new UsernameSecurityToken(
                 "username", "password", new Date().toString(), new byte[10], new byte[10], Long.valueOf(10),
-                (WSSecurityContext) null, null, null));
-        usernameTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
+                (WSSecurityContext) null, null, null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        usernameTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(usernameTokenSecurityEvent);
 
         UsernameTokenSecurityEvent recipientTokenSecurityEvent = new UsernameTokenSecurityEvent();
         recipientTokenSecurityEvent.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
         recipientTokenSecurityEvent.setUsernameTokenProfile(WSSConstants.NS_USERNAMETOKEN_PROFILE11);
-        recipientTokenSecurityEvent.setSecurityToken(new UsernameSecurityToken(
+        securityToken = new UsernameSecurityToken(
                 "username", "password", new Date().toString(), new byte[10], new byte[10], Long.valueOf(10),
-                (WSSecurityContext) null, null, null));
-        recipientTokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+                (WSSecurityContext) null, null, null);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
-        contentEncryptedElementSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java Wed Feb 29 20:54:51 2012
@@ -21,19 +21,15 @@ package org.swssf.policy.test;
 import org.swssf.policy.PolicyEnforcer;
 import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityException;
-import org.swssf.wss.impl.securityToken.X509SecurityToken;
-import org.swssf.wss.securityEvent.*;
-import org.swssf.xmlsec.ext.XMLSecurityConstants;
-import org.swssf.xmlsec.ext.XMLSecurityException;
+import org.swssf.wss.securityEvent.ContentEncryptedElementSecurityEvent;
+import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.wss.securityEvent.X509TokenSecurityEvent;
+import org.swssf.xmlsec.ext.SecurityToken;
 import org.testng.Assert;
 import org.testng.annotations.Test;
 
 import javax.xml.namespace.QName;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.PublicKey;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
 
 /**
  * @author $Author$
@@ -41,54 +37,6 @@ import java.security.cert.X509Certificat
  */
 public class X509TokenTest extends AbstractPolicyTestBase {
 
-    public X509SecurityToken getX509Token(WSSConstants.TokenType tokenType) throws Exception {
-
-        final KeyStore keyStore = KeyStore.getInstance("jks");
-        keyStore.load(this.getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
-
-        return new X509SecurityToken(tokenType, null, null, null, "", WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER, null) {
-            @Override
-            protected String getAlias() throws XMLSecurityException {
-                return "transmitter";
-            }
-
-            @Override
-            public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
-                try {
-                    return keyStore.getKey("transmitter", "default".toCharArray());
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-            }
-
-            @Override
-            public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
-                try {
-                    return keyStore.getCertificate("transmitter").getPublicKey();
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-            }
-
-            @Override
-            public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-                Certificate[] certificates;
-                try {
-                    certificates = keyStore.getCertificateChain("transmitter");
-                } catch (Exception e) {
-                    throw new XMLSecurityException(e.getMessage(), e);
-                }
-
-                X509Certificate[] x509Certificates = new X509Certificate[certificates.length];
-                for (int i = 0; i < certificates.length; i++) {
-                    Certificate certificate = certificates[i];
-                    x509Certificates[i] = (X509Certificate) certificate;
-                }
-                return x509Certificates;
-            }
-        };
-    }
-
     @Test
     public void testPolicy() throws Exception {
         String policyString =
@@ -121,21 +69,23 @@ public class X509TokenTest extends Abstr
 
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
         X509TokenSecurityEvent initiatorX509TokenSecurityEvent = new X509TokenSecurityEvent();
-        initiatorX509TokenSecurityEvent.setSecurityToken(getX509Token(WSSConstants.X509V3Token));
-        initiatorX509TokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
+        SecurityToken securityToken = getX509Token(WSSConstants.X509V3Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorX509TokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorX509TokenSecurityEvent);
 
         X509TokenSecurityEvent recipientX509TokenSecurityEvent = new X509TokenSecurityEvent();
-        recipientX509TokenSecurityEvent.setSecurityToken(getX509Token(WSSConstants.X509V3Token));
-        recipientX509TokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        securityToken = getX509Token(WSSConstants.X509V3Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientX509TokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientX509TokenSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, true);
-        contentEncryptedElementSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -177,21 +127,23 @@ public class X509TokenTest extends Abstr
 
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
         X509TokenSecurityEvent initiatorX509TokenSecurityEvent = new X509TokenSecurityEvent();
-        initiatorX509TokenSecurityEvent.setSecurityToken(getX509Token(WSSConstants.X509V1Token));
-        initiatorX509TokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
+        SecurityToken securityToken = getX509Token(WSSConstants.X509V1Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
+        initiatorX509TokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorX509TokenSecurityEvent);
 
         X509TokenSecurityEvent recipientX509TokenSecurityEvent = new X509TokenSecurityEvent();
-        recipientX509TokenSecurityEvent.setSecurityToken(getX509Token(WSSConstants.X509V3Token));
-        recipientX509TokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+        securityToken = getX509Token(WSSConstants.X509V3Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+        recipientX509TokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientX509TokenSecurityEvent);
 
         SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true);
-        signedPartSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
 
         ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientX509TokenSecurityEvent.getSecurityToken(), true, true);
-        contentEncryptedElementSecurityEvent.setElement(WSSConstants.TAG_soap11_Body);
+        contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
         policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -223,7 +175,9 @@ public class X509TokenTest extends Abstr
 
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
         X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
-        x509TokenSecurityEvent.setSecurityToken(getX509Token(WSSConstants.X509V3Token));
+        SecurityToken securityToken = getX509Token(WSSConstants.X509V3Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingToken);
+        x509TokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
@@ -250,7 +204,9 @@ public class X509TokenTest extends Abstr
 
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
         X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
-        x509TokenSecurityEvent.setSecurityToken(getX509Token(WSSConstants.X509V1Token));
+        SecurityToken securityToken = getX509Token(WSSConstants.X509V1Token);
+        securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingToken);
+        x509TokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
 
         OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/InboundWSSec.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/InboundWSSec.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/InboundWSSec.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/InboundWSSec.java Wed Feb 29 20:54:51 2012
@@ -20,10 +20,12 @@ package org.swssf.wss.ext;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.swssf.wss.impl.InboundWSSecurityContextImpl;
 import org.swssf.wss.impl.WSSDocumentContextImpl;
-import org.swssf.wss.impl.WSSecurityContextImpl;
+import org.swssf.wss.impl.processor.input.OperationInputProcessor;
 import org.swssf.wss.impl.processor.input.SecurityHeaderInputProcessor;
 import org.swssf.wss.impl.processor.input.SignatureConfirmationInputProcessor;
+import org.swssf.wss.securityEvent.HttpsTokenSecurityEvent;
 import org.swssf.wss.securityEvent.SecurityEvent;
 import org.swssf.wss.securityEvent.SecurityEventListener;
 import org.swssf.xmlsec.ext.InputProcessor;
@@ -98,9 +100,22 @@ public class InboundWSSec {
      */
     public XMLStreamReader processInMessage(XMLStreamReader xmlStreamReader, List<SecurityEvent> requestSecurityEvents, SecurityEventListener securityEventListener) throws XMLStreamException, WSSecurityException {
 
-        final WSSecurityContextImpl securityContextImpl = new WSSecurityContextImpl();
+        if (requestSecurityEvents == null) {
+            requestSecurityEvents = new ArrayList<SecurityEvent>();
+        }
+
+        final InboundWSSecurityContextImpl securityContextImpl = new InboundWSSecurityContextImpl();
         securityContextImpl.putList(SecurityEvent.class, requestSecurityEvents);
-        securityContextImpl.setSecurityEventListener(securityEventListener);
+        securityContextImpl.addSecurityEventListener(securityEventListener);
+
+        for (int i = 0; i < requestSecurityEvents.size(); i++) {
+            SecurityEvent securityEvent = requestSecurityEvents.get(i);
+            if (securityEvent instanceof HttpsTokenSecurityEvent) {
+                securityContextImpl.registerSecurityEvent(securityEvent);
+                securityContextImpl.put(WSSConstants.TRANSPORT_SECURITY_ACTIVE, Boolean.TRUE);
+                break;
+            }
+        }
 
         final XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
         xmlInputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false);
@@ -113,6 +128,7 @@ public class InboundWSSec {
         InputProcessorChainImpl inputProcessorChain = new InputProcessorChainImpl(securityContextImpl, documentContext);
         inputProcessorChain.addProcessor(new XMLEventReaderInputProcessor(securityProperties, xmlEventReader));
         inputProcessorChain.addProcessor(new SecurityHeaderInputProcessor(securityProperties));
+        inputProcessorChain.addProcessor(new OperationInputProcessor(securityProperties));
 
         if (securityProperties.isEnableSignatureConfirmationVerification()) {
             inputProcessorChain.addProcessor(new SignatureConfirmationInputProcessor(securityProperties));

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/OutboundWSSec.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/OutboundWSSec.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/OutboundWSSec.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/OutboundWSSec.java Wed Feb 29 20:54:51 2012
@@ -64,7 +64,7 @@ public class OutboundWSSec {
      * This method is the entry point for the incoming security-engine.
      * Hand over the original XMLStreamWriter and use the returned one for further processing
      *
-     * @param outputStream The original outputStream
+     * @param xmlStreamWriter The original xmlStreamWriter
      * @return A new XMLStreamWriter which does transparently the security processing.
      * @throws WSSecurityException thrown when a Security failure occurs
      */
@@ -88,7 +88,7 @@ public class OutboundWSSec {
      * This method is the entry point for the incoming security-engine.
      * Hand over the original XMLStreamWriter and use the returned one for further processing
      *
-     * @param outputStream The original outputStream
+     * @param xmlStreamWriter The original outputStream
      * @return A new XMLStreamWriter which does transparently the security processing.
      * @throws WSSecurityException thrown when a Security failure occurs
      */
@@ -99,7 +99,7 @@ public class OutboundWSSec {
     private XMLStreamWriter processOutMessage(Object output, String encoding, List<SecurityEvent> requestSecurityEvents, SecurityEventListener securityEventListener) throws WSSecurityException {
         final WSSecurityContextImpl securityContextImpl = new WSSecurityContextImpl();
         securityContextImpl.putList(SecurityEvent.class, requestSecurityEvents);
-        securityContextImpl.setSecurityEventListener(securityEventListener);
+        securityContextImpl.addSecurityEventListener(securityEventListener);
         final WSSDocumentContextImpl documentContext = new WSSDocumentContextImpl();
         documentContext.setEncoding(encoding);
 



Mime
View raw message