ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1295267 [6/11] - in /webservices/wss4j/branches/swssf: rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/ streaming-ws-policy/src/main/java/org/swssf/policy/ streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ s...
Date Wed, 29 Feb 2012 20:54:56 GMT
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/EncryptedKeyInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/EncryptedKeyInputHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/EncryptedKeyInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/EncryptedKeyInputHandler.java Wed Feb 29 20:54:51 2012
@@ -26,6 +26,7 @@ import org.swssf.binding.xmlenc.Encrypte
 import org.swssf.wss.ext.*;
 import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
 import org.swssf.wss.impl.securityToken.SecurityTokenFactoryImpl;
+import org.swssf.wss.securityEvent.EncryptedKeyTokenSecurityEvent;
 import org.swssf.wss.securityEvent.TokenSecurityEvent;
 import org.swssf.xmlsec.config.JCEAlgorithmMapper;
 import org.swssf.xmlsec.crypto.Crypto;
@@ -38,6 +39,7 @@ import javax.crypto.IllegalBlockSizeExce
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.SecretKeySpec;
 import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
 import javax.xml.stream.events.XMLEvent;
 import java.security.*;
 import java.util.*;
@@ -60,74 +62,21 @@ public class EncryptedKeyInputHandler ex
             encryptedKeyType.setId(UUID.randomUUID().toString());
         }
 
-        SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
+        final List<QName> elementPath = getElementPath(inputProcessorChain.getDocumentContext(), eventQueue);
 
-            private Map<Crypto, SecurityToken> securityTokens = new HashMap<Crypto, SecurityToken>();
+        SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            public SecurityToken getSecurityToken(Crypto crypto) throws XMLSecurityException {
+            private WSSecurityToken securityToken = null;
 
-                SecurityToken securityToken = securityTokens.get(crypto);
-                if (securityToken != null) {
-                    return securityToken;
-                }
+            public SecurityToken getSecurityToken() throws XMLSecurityException {
 
-                //decrypt the containing token and register it as a new SecurityToken:
-                String algorithmURI = null;
-                final SecurityToken wrappingSecurityToken;
-                final byte[] secretToken;
-                try {
-                    algorithmURI = encryptedKeyType.getEncryptionMethod().getAlgorithm();
-                    if (algorithmURI == null) {
-                        throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "noEncAlgo");
-                    }
-                    AlgorithmType asyncEncAlgo = JCEAlgorithmMapper.getAlgorithmMapping(algorithmURI);
-                    Cipher cipher = Cipher.getInstance(asyncEncAlgo.getJCEName(), asyncEncAlgo.getJCEProvider());
-
-                    KeyInfoType keyInfoType = encryptedKeyType.getKeyInfo();
-                    wrappingSecurityToken = SecurityTokenFactoryImpl.newInstance().getSecurityToken(
-                            keyInfoType,
-                            crypto,
-                            securityProperties.getCallbackHandler(),
-                            inputProcessorChain.getSecurityContext(),
-                            this
-                    );
-                    WSSConstants.KeyUsage keyUsage;
-                    if (wrappingSecurityToken.isAsymmetric()) {
-                        keyUsage = WSSConstants.Asym_Key_Wrap;
-                    } else {
-                        keyUsage = WSSConstants.Sym_Key_Wrap;
-                    }
-                    cipher.init(Cipher.DECRYPT_MODE,
-                            wrappingSecurityToken.getSecretKey(algorithmURI, keyUsage)
-                    );
-
-                    secretToken = cipher.doFinal(encryptedKeyType.getCipherData().getCipherValue());
-
-                } catch (NoSuchPaddingException e) {
-                    throw new WSSecurityException(
-                            WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
-                            e, "No such padding: " + algorithmURI
-                    );
-                } catch (NoSuchAlgorithmException e) {
-                    throw new WSSecurityException(
-                            WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
-                            e, "No such algorithm: " + algorithmURI
-                    );
-                } catch (BadPaddingException e) {
-                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
-                } catch (IllegalBlockSizeException e) {
-                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
-                } catch (InvalidKeyException e) {
-                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
-                } catch (NoSuchProviderException e) {
-                    throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSecProvider", e);
+                if (this.securityToken != null) {
+                    return this.securityToken;
                 }
 
-                final String algorithm = algorithmURI;
-
-                securityToken = new AbstractSecurityToken(
+                this.securityToken = new AbstractSecurityToken(
                         (WSSecurityContext) inputProcessorChain.getSecurityContext(), null, null,
-                        encryptedKeyType.getId(), null, null) {
+                        encryptedKeyType.getId(), null) {
 
                     private Map<String, Key> keyTable = new Hashtable<String, Key>();
 
@@ -140,7 +89,7 @@ public class EncryptedKeyInputHandler ex
                             return keyTable.get(algorithmURI);
                         } else {
                             String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
-                            Key key = new SecretKeySpec(secretToken, algoFamily);
+                            Key key = new SecretKeySpec(getSecret(securityProperties.getDecryptionCrypto(), this), algoFamily);
                             keyTable.put(algorithmURI, key);
                             return key;
                         }
@@ -151,35 +100,94 @@ public class EncryptedKeyInputHandler ex
                         return null;
                     }
 
-                    public SecurityToken getKeyWrappingToken() {
-                        return wrappingSecurityToken;
-                    }
-
-                    public String getKeyWrappingTokenAlgorithm() {
-                        return algorithm;
+                    public SecurityToken getKeyWrappingToken() throws XMLSecurityException {
+                        return getWrappingSecurityToken(securityProperties.getDecryptionCrypto(), this);
                     }
 
                     public WSSConstants.TokenType getTokenType() {
                         return WSSConstants.EncryptedKeyToken;
                     }
+
+                    private SecurityToken wrappingSecurityToken = null;
+
+                    private SecurityToken getWrappingSecurityToken(Crypto crypto, SecurityToken wrappedSecurityToken) throws XMLSecurityException {
+                        if (wrappingSecurityToken != null) {
+                            return this.wrappingSecurityToken;
+                        }
+                        KeyInfoType keyInfoType = encryptedKeyType.getKeyInfo();
+                        this.wrappingSecurityToken = SecurityTokenFactoryImpl.newInstance().getSecurityToken(
+                                keyInfoType,
+                                crypto,
+                                securityProperties.getCallbackHandler(),
+                                inputProcessorChain.getSecurityContext()
+                        );
+                        this.wrappingSecurityToken.addWrappedToken(wrappedSecurityToken);
+                        return this.wrappingSecurityToken;
+                    }
+
+                    private byte[] getSecret(Crypto crypto, SecurityToken wrappedSecurityToken) throws XMLSecurityException {
+
+                        String algorithmURI = encryptedKeyType.getEncryptionMethod().getAlgorithm();
+                        if (algorithmURI == null) {
+                            throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "noEncAlgo");
+                        }
+                        AlgorithmType asyncEncAlgo = JCEAlgorithmMapper.getAlgorithmMapping(algorithmURI);
+                        if (asyncEncAlgo == null) {
+                            throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "noEncAlgo");
+                        }
+
+                        final SecurityToken wrappingSecurityToken = getWrappingSecurityToken(crypto, wrappedSecurityToken);
+                        try {
+                            WSSConstants.KeyUsage keyUsage;
+                            if (wrappingSecurityToken.isAsymmetric()) {
+                                keyUsage = WSSConstants.Asym_Key_Wrap;
+                            } else {
+                                keyUsage = WSSConstants.Sym_Key_Wrap;
+                            }
+
+                            Cipher cipher = Cipher.getInstance(asyncEncAlgo.getJCEName(), asyncEncAlgo.getJCEProvider());
+                            cipher.init(Cipher.DECRYPT_MODE, wrappingSecurityToken.getSecretKey(algorithmURI, keyUsage));
+                            return cipher.doFinal(encryptedKeyType.getCipherData().getCipherValue());
+
+                        } catch (NoSuchPaddingException e) {
+                            throw new WSSecurityException(
+                                    WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+                                    e, "No such padding: " + algorithmURI
+                            );
+                        } catch (NoSuchAlgorithmException e) {
+                            throw new WSSecurityException(
+                                    WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM, "unsupportedKeyTransp",
+                                    e, "No such algorithm: " + algorithmURI
+                            );
+                        } catch (BadPaddingException e) {
+                            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
+                        } catch (IllegalBlockSizeException e) {
+                            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
+                        } catch (InvalidKeyException e) {
+                            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK, e);
+                        } catch (NoSuchProviderException e) {
+                            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noSecProvider", e);
+                        }
+                    }
                 };
-                securityTokens.put(crypto, securityToken);
-                return securityToken;
+                this.securityToken.setElementPath(elementPath);
+                return this.securityToken;
             }
 
+            @Override
             public String getId() {
                 return encryptedKeyType.getId();
             }
         };
 
-        final SecurityToken securityToken = securityTokenProvider.getSecurityToken(securityProperties.getDecryptionCrypto());
-        //fire a securityTokenEvent
-        TokenSecurityEvent tokenSecurityEvent = WSSUtils.createTokenSecurityEvent(securityToken);
-        ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(tokenSecurityEvent);
-
         //register the key token for decryption:
         inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(encryptedKeyType.getId(), securityTokenProvider);
 
+        //fire a tokenSecurityEvent
+        TokenSecurityEvent tokenSecurityEvent = new EncryptedKeyTokenSecurityEvent();
+        tokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(tokenSecurityEvent);
+
         //if this EncryptedKey structure contains a reference list, instantiate a new DecryptInputProcessor
         //and add it to the chain
         if (encryptedKeyType.getReferenceList() != null) {

Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/OperationInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/OperationInputProcessor.java?rev=1295267&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/OperationInputProcessor.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/OperationInputProcessor.java Wed Feb 29 20:54:51 2012
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.wss.impl.processor.input;
+
+import org.swssf.wss.ext.WSSConstants;
+import org.swssf.wss.ext.WSSDocumentContext;
+import org.swssf.wss.ext.WSSSecurityProperties;
+import org.swssf.wss.ext.WSSecurityContext;
+import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.xmlsec.ext.AbstractInputProcessor;
+import org.swssf.xmlsec.ext.InputProcessorChain;
+import org.swssf.xmlsec.ext.XMLSecurityException;
+import org.swssf.xmlsec.ext.XMLSecurityProperties;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+
+/**
+ * Processor whiich emits the Operation-Security-Event
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OperationInputProcessor extends AbstractInputProcessor {
+
+    public OperationInputProcessor(XMLSecurityProperties securityProperties) {
+        super(securityProperties);
+        this.setPhase(WSSConstants.Phase.POSTPROCESSING);
+        this.getBeforeProcessors().add(SecurityHeaderInputProcessor.class.getName());
+    }
+
+    @Override
+    public XMLEvent processNextHeaderEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
+        return inputProcessorChain.processHeaderEvent();
+    }
+
+    @Override
+    public XMLEvent processNextEvent(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
+        XMLEvent xmlEvent = inputProcessorChain.processEvent();
+        if (xmlEvent.isStartElement()) {
+            if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3 && ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPBody()) {
+                OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+                operationSecurityEvent.setWsSecurityContext((WSSecurityContext) inputProcessorChain.getSecurityContext());
+                operationSecurityEvent.setWssSecurityProperties((WSSSecurityProperties) getSecurityProperties());
+                operationSecurityEvent.setOperation(xmlEvent.asStartElement().getName());
+                ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(operationSecurityEvent);
+                inputProcessorChain.removeProcessor(this);
+            }
+        }
+        return xmlEvent;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/OperationInputProcessor.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SAMLTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SAMLTokenInputHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SAMLTokenInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SAMLTokenInputHandler.java Wed Feb 29 20:54:51 2012
@@ -18,27 +18,24 @@
  */
 package org.swssf.wss.impl.processor.input;
 
-import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.ext.WSSSecurityProperties;
-import org.swssf.wss.ext.WSSecurityContext;
-import org.swssf.wss.ext.WSSecurityException;
+import org.swssf.wss.ext.*;
 import org.swssf.wss.impl.saml.SAMLAssertionWrapper;
 import org.swssf.wss.impl.saml.SAMLKeyInfo;
 import org.swssf.wss.impl.securityToken.SAMLSecurityToken;
-import org.swssf.xmlsec.crypto.Crypto;
+import org.swssf.wss.securityEvent.SamlTokenSecurityEvent;
 import org.swssf.xmlsec.ext.*;
 import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
+import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.stream.events.*;
 import java.util.Deque;
-import java.util.HashMap;
 import java.util.Iterator;
-import java.util.Map;
+import java.util.List;
 
 /**
  * Processor for the SAML Assertion XML Structure
@@ -74,38 +71,38 @@ public class SAMLTokenInputHandler exten
             logger.debug("SAML Assertion issuer " + samlAssertionWrapper.getIssuerString());
         }
 
+        final List<QName> elementPath = getElementPath(inputProcessorChain.getDocumentContext(), eventQueue);
+
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private Map<Crypto, SecurityToken> securityTokens = new HashMap<Crypto, SecurityToken>();
+            private WSSecurityToken securityToken = null;
 
-            public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
-                SecurityToken securityToken = securityTokens.get(crypto);
-                if (securityToken != null) {
-                    return securityToken;
+            @Override
+            public SecurityToken getSecurityToken() throws XMLSecurityException {
+                if (this.securityToken != null) {
+                    return this.securityToken;
                 }
 
-                securityToken = new SAMLSecurityToken(samlAssertionWrapper.getSAMLVersion(), samlSubjectKeyInfo,
+                this.securityToken = new SAMLSecurityToken(samlAssertionWrapper.getSAMLVersion(), samlSubjectKeyInfo,
                         samlAssertionWrapper.getIssuerString(),
-                        (WSSecurityContext) inputProcessorChain.getSecurityContext(), crypto,
+                        (WSSecurityContext) inputProcessorChain.getSecurityContext(), securityProperties.getSignatureVerificationCrypto(),
                         securityProperties.getCallbackHandler(), samlAssertionWrapper.getId(), null);
 
-                securityTokens.put(crypto, securityToken);
-                return securityToken;
+                this.securityToken.setElementPath(elementPath);
+                return this.securityToken;
             }
 
+            @Override
             public String getId() {
                 return samlAssertionWrapper.getId();
             }
         };
         inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(samlAssertionWrapper.getId(), securityTokenProvider);
 
-/*
+        //fire a tokenSecurityEvent
         SamlTokenSecurityEvent samlTokenSecurityEvent = new SamlTokenSecurityEvent();
-        samlTokenSecurityEvent.setIssuerName(samlAssertionWrapper.getIssuerString());
-        samlTokenSecurityEvent.setSamlVersion(samlAssertionWrapper.getSAMLVersion());
-        samlTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken(null));
+        samlTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
         ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(samlTokenSecurityEvent);
-*/
     }
 
     @SuppressWarnings("unchecked")

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityContextTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityContextTokenInputHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityContextTokenInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityContextTokenInputHandler.java Wed Feb 29 20:54:51 2012
@@ -21,8 +21,8 @@ package org.swssf.wss.impl.processor.inp
 import org.swssf.binding.wssc.AbstractSecurityContextTokenType;
 import org.swssf.wss.ext.*;
 import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
+import org.swssf.wss.securityEvent.SecurityContextTokenSecurityEvent;
 import org.swssf.xmlsec.config.JCEAlgorithmMapper;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 
 import javax.crypto.spec.SecretKeySpec;
@@ -32,8 +32,7 @@ import javax.xml.stream.events.XMLEvent;
 import java.security.Key;
 import java.security.PublicKey;
 import java.util.Deque;
-import java.util.HashMap;
-import java.util.Map;
+import java.util.List;
 import java.util.UUID;
 
 /**
@@ -59,10 +58,12 @@ public class SecurityContextTokenInputHa
         final String identifier = (String) XMLSecurityUtils.getQNameType(securityContextTokenType.getAny(),
                 new QName(securityContextTokenTypeJAXBElement.getName().getNamespaceURI(), WSSConstants.TAG_wsc0502_Identifier.getLocalPart()));
 
-        final SecurityToken securityContextToken =
+        final List<QName> elementPath = getElementPath(inputProcessorChain.getDocumentContext(), eventQueue);
+
+        final WSSecurityToken securityContextToken =
                 new AbstractSecurityToken(
                         (WSSecurityContext) inputProcessorChain.getSecurityContext(), null,
-                        null, securityContextTokenType.getId(), null, this) {
+                        null, securityContextTokenType.getId(), null) {
 
                     public boolean isAsymmetric() {
                         return false;
@@ -87,26 +88,16 @@ public class SecurityContextTokenInputHa
                         return null;
                     }
 
-                    public String getKeyWrappingTokenAlgorithm() {
-                        return null;
-                    }
-
                     public WSSConstants.TokenType getTokenType() {
                         //todo and set externalUriRef
                         return WSSConstants.SecurityContextToken;
                     }
                 };
+        securityContextToken.setElementPath(elementPath);
 
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private Map<Crypto, SecurityToken> securityTokens = new HashMap<Crypto, SecurityToken>();
-
-            public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
-                SecurityToken securityToken = securityTokens.get(crypto);
-                if (securityToken != null) {
-                    return securityToken;
-                }
-                securityTokens.put(crypto, securityContextToken);
+            public SecurityToken getSecurityToken() throws WSSecurityException {
                 return securityContextToken;
             }
 
@@ -116,17 +107,15 @@ public class SecurityContextTokenInputHa
         };
         inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(securityContextTokenType.getId(), securityTokenProvider);
 
+        //fire a tokenSecurityEvent
+        SecurityContextTokenSecurityEvent securityContextTokenSecurityEvent = new SecurityContextTokenSecurityEvent();
+        securityContextTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
+        ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(securityContextTokenSecurityEvent);
+
         //also register a SecurityProvider with the identifier. @see SecurityContexTest#testSCTKDKTSignAbsolute
         SecurityTokenProvider securityTokenProviderDirectReference = new SecurityTokenProvider() {
 
-            private Map<Crypto, SecurityToken> securityTokens = new HashMap<Crypto, SecurityToken>();
-
-            public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
-                SecurityToken securityToken = securityTokens.get(crypto);
-                if (securityToken != null) {
-                    return securityToken;
-                }
-                securityTokens.put(crypto, securityContextToken);
+            public SecurityToken getSecurityToken() throws WSSecurityException {
                 return securityContextToken;
             }
 
@@ -135,14 +124,5 @@ public class SecurityContextTokenInputHa
             }
         };
         inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(identifier, securityTokenProviderDirectReference);
-
-        /* todo remove me?
-        SecurityContextTokenSecurityEvent securityContextTokenSecurityEvent = new SecurityContextTokenSecurityEvent();
-        securityContextTokenSecurityEvent.setSecurityToken(securityContextToken);
-        //todo how to find the issuer?
-        securityContextTokenSecurityEvent.setIssuerName(identifier);
-        securityContextTokenSecurityEvent.setExternalUriRef(identifier != null);
-        ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(securityContextTokenSecurityEvent);
-        */
     }
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityTokenReferenceInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityTokenReferenceInputHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityTokenReferenceInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SecurityTokenReferenceInputHandler.java Wed Feb 29 20:54:51 2012
@@ -25,7 +25,6 @@ import org.swssf.wss.ext.WSSDocumentCont
 import org.swssf.wss.ext.WSSSecurityProperties;
 import org.swssf.wss.ext.WSSecurityException;
 import org.swssf.wss.impl.securityToken.SecurityTokenFactoryImpl;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 
 import javax.xml.bind.JAXBElement;
@@ -37,8 +36,6 @@ import javax.xml.stream.events.StartElem
 import javax.xml.stream.events.XMLEvent;
 import java.util.ArrayDeque;
 import java.util.Deque;
-import java.util.HashMap;
-import java.util.Map;
 
 /**
  * Processor for the SecurityTokenReference XML Structure
@@ -125,18 +122,16 @@ public class SecurityTokenReferenceInput
 
                     SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-                        private Map<Crypto, SecurityToken> securityTokens = new HashMap<Crypto, SecurityToken>();
+                        private SecurityToken securityToken = null;
 
-                        public SecurityToken getSecurityToken(Crypto crypto) throws XMLSecurityException {
-                            SecurityToken securityToken = securityTokens.get(crypto);
-                            if (securityToken != null) {
-                                return securityToken;
+                        public SecurityToken getSecurityToken() throws XMLSecurityException {
+                            if (this.securityToken != null) {
+                                return this.securityToken;
                             }
-                            securityToken = SecurityTokenFactoryImpl.getSecurityToken(
-                                    attributeValue, xmlEventList, crypto, getSecurityProperties().getCallbackHandler(),
-                                    inputProcessorChain.getSecurityContext(), securityTokenReferenceId, this);
-                            securityTokens.put(crypto, securityToken);
-                            return securityToken;
+                            this.securityToken = SecurityTokenFactoryImpl.getSecurityToken(
+                                    attributeValue, xmlEventList, getSecurityProperties().getCallbackHandler(),
+                                    inputProcessorChain.getSecurityContext(), securityTokenReferenceId);
+                            return this.securityToken;
                         }
 
                         public String getId() {

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java Wed Feb 29 20:54:51 2012
@@ -46,8 +46,8 @@ public class SignatureInputHandler exten
         SignatureVerifier signatureVerifier = new SignatureVerifier(signatureType, inputProcessorChain.getSecurityContext(), securityProperties) {
             @Override
             protected void handleSecurityToken(SecurityToken securityToken) throws XMLSecurityException {
+                securityToken.addTokenUsage(SecurityToken.TokenUsage.Signature);
                 TokenSecurityEvent tokenSecurityEvent = WSSUtils.createTokenSecurityEvent(securityToken);
-                tokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Signature);
                 securityContext.registerSecurityEvent(tokenSecurityEvent);
 
                 SignatureValueSecurityEvent signatureValueSecurityEvent = new SignatureValueSecurityEvent();

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java Wed Feb 29 20:54:51 2012
@@ -106,12 +106,12 @@ public class SignatureReferenceVerifyInp
                         && ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPHeader()) {
                     SignedPartSecurityEvent signedPartSecurityEvent =
                             new SignedPartSecurityEvent(getSecurityToken(), true);
-                    signedPartSecurityEvent.setElement(startElement.getName());
+                    signedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
                     ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(signedPartSecurityEvent);
                 } else {
                     SignedElementSecurityEvent signedElementSecurityEvent =
                             new SignedElementSecurityEvent(getSecurityToken(), true);
-                    signedElementSecurityEvent.setElement(startElement.getName());
+                    signedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
                     ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(signedElementSecurityEvent);
                 }
             }
@@ -224,7 +224,7 @@ public class SignatureReferenceVerifyInp
                 if (securityTokenProvider == null) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "noReference");
                 }
-                SecurityToken securityToken = securityTokenProvider.getSecurityToken(getSecurityProperties().getSignatureVerificationCrypto());
+                SecurityToken securityToken = securityTokenProvider.getSecurityToken();
                 if (!(securityToken instanceof SecurityTokenReference)) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN);
                 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/UsernameTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/UsernameTokenInputHandler.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/UsernameTokenInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/UsernameTokenInputHandler.java Wed Feb 29 20:54:51 2012
@@ -30,13 +30,13 @@ import org.swssf.binding.wsu10.Attribute
 import org.swssf.wss.ext.*;
 import org.swssf.wss.impl.securityToken.SecurityTokenFactoryImpl;
 import org.swssf.wss.securityEvent.UsernameTokenSecurityEvent;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 
 import javax.xml.bind.JAXBElement;
 import javax.xml.datatype.DatatypeConfigurationException;
 import javax.xml.datatype.DatatypeFactory;
 import javax.xml.datatype.XMLGregorianCalendar;
+import javax.xml.namespace.QName;
 import javax.xml.stream.events.XMLEvent;
 import java.util.*;
 
@@ -179,19 +179,21 @@ public class UsernameTokenInputHandler e
         }
 
         final String password = passwordType.getValue();
+
+        final List<QName> elementPath = getElementPath(inputProcessorChain.getDocumentContext(), eventQueue);
+
         SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
 
-            private Map<Crypto, SecurityToken> securityTokens = new HashMap<Crypto, SecurityToken>();
+            private WSSecurityToken securityToken = null;
 
-            public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
-                SecurityToken securityToken = securityTokens.get(crypto);
-                if (securityToken != null) {
-                    return securityToken;
+            public SecurityToken getSecurityToken() throws WSSecurityException {
+                if (this.securityToken != null) {
+                    return this.securityToken;
                 }
-                securityToken = SecurityTokenFactoryImpl.getSecurityToken(username.getValue(), password,
+                this.securityToken = SecurityTokenFactoryImpl.getSecurityToken(username.getValue(), password,
                         created, nonceVal, salt, iteration, (WSSecurityContext) inputProcessorChain.getSecurityContext(), usernameTokenType.getId());
-                securityTokens.put(crypto, securityToken);
-                return securityToken;
+                this.securityToken.setElementPath(elementPath);
+                return this.securityToken;
             }
 
             public String getId() {
@@ -200,11 +202,10 @@ public class UsernameTokenInputHandler e
         };
         inputProcessorChain.getSecurityContext().registerSecurityTokenProvider(usernameTokenType.getId(), securityTokenProvider);
 
-        //todo remove me?
-        //atm used for verification of the supplied username
+        //fire a tokenSecurityEvent
         UsernameTokenSecurityEvent usernameTokenSecurityEvent = new UsernameTokenSecurityEvent();
         usernameTokenSecurityEvent.setUsernameTokenPasswordType(usernameTokenPasswordType);
-        usernameTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken(null));
+        usernameTokenSecurityEvent.setSecurityToken(securityTokenProvider.getSecurityToken());
         usernameTokenSecurityEvent.setUsernameTokenProfile(WSSConstants.NS_USERNAMETOKEN_PROFILE11);
         ((WSSecurityContext) inputProcessorChain.getSecurityContext()).registerSecurityEvent(usernameTokenSecurityEvent);
     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -19,10 +19,9 @@
 package org.swssf.wss.impl.processor.output;
 
 import org.swssf.wss.ext.*;
-import org.swssf.wss.impl.securityToken.ProcessorInfoSecurityToken;
+import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
 import org.swssf.wss.securityEvent.SecurityEvent;
 import org.swssf.wss.securityEvent.TokenSecurityEvent;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.crypto.CryptoType;
 import org.swssf.xmlsec.ext.*;
 
@@ -74,7 +73,10 @@ public class BinarySecurityTokenOutputPr
             } else if (action.equals(WSSConstants.ENCRYPT) ||
                     action.equals(WSSConstants.ENCRYPT_WITH_DERIVED_KEY)) {
                 X509Certificate x509Certificate = getReqSigCert(outputProcessorChain.getSecurityContext());
-                if (x509Certificate != null && ((WSSSecurityProperties) getSecurityProperties()).isUseReqSigCertForEncryption()) {
+                if (((WSSSecurityProperties) getSecurityProperties()).isUseReqSigCertForEncryption()) {
+                    if (x509Certificate == null) {
+                        throw new WSSecurityException("noCert");
+                    }
                     x509Certificates = new X509Certificate[1];
                     x509Certificates[0] = x509Certificate;
                 } else if (getSecurityProperties().getEncryptionUseThisCertificate() != null) {
@@ -95,59 +97,48 @@ public class BinarySecurityTokenOutputPr
                 key = null;
             }
 
-            final ProcessorInfoSecurityToken binarySecurityToken = new ProcessorInfoSecurityToken() {
-
-                private OutputProcessor outputProcessor;
-
-                public String getId() {
-                    return bstId;
-                }
-
-                public void setProcessor(OutputProcessor outputProcessor) {
-                    this.outputProcessor = outputProcessor;
-                }
-
-                public Object getProcessor() {
-                    return outputProcessor;
-                }
+            //todo use the abstractSecurityToken class and make setProcessor method?
+            final AbstractSecurityToken binarySecurityToken = new AbstractSecurityToken(bstId) {
 
+                @Override
                 public boolean isAsymmetric() {
                     return true;
                 }
 
-                public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
+                @Override
+                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
                     return key;
                 }
 
-                public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
+                @Override
+                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
                     return x509Certificates[0].getPublicKey();
                 }
 
+                @Override
                 public X509Certificate[] getX509Certificates() throws WSSecurityException {
                     return x509Certificates;
                 }
 
-                public void verify() throws WSSecurityException {
-                }
-
+                @Override
                 public SecurityToken getKeyWrappingToken() {
                     return null;
                 }
 
-                public String getKeyWrappingTokenAlgorithm() {
-                    return null;
-                }
-
+                @Override
                 public WSSConstants.TokenType getTokenType() {
                     return null;
                 }
             };
 
             final SecurityTokenProvider binarySecurityTokenProvider = new SecurityTokenProvider() {
-                public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
+
+                @Override
+                public SecurityToken getSecurityToken() throws WSSecurityException {
                     return binarySecurityToken;
                 }
 
+                @Override
                 public String getId() {
                     return bstId;
                 }
@@ -204,7 +195,7 @@ public class BinarySecurityTokenOutputPr
                 SecurityEvent securityEvent = securityEventList.get(i);
                 if (securityEvent instanceof TokenSecurityEvent) {
                     TokenSecurityEvent tokenSecurityEvent = (TokenSecurityEvent) securityEvent;
-                    if (tokenSecurityEvent.getTokenUsage() != TokenSecurityEvent.TokenUsage.Signature) {
+                    if (!tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(SecurityToken.TokenUsage.MainSignature)) {
                         continue;
                     }
                     X509Certificate[] x509Certificates = tokenSecurityEvent.getSecurityToken().getX509Certificates();

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -23,9 +23,8 @@ import org.swssf.wss.ext.*;
 import org.swssf.wss.impl.derivedKey.AlgoFactory;
 import org.swssf.wss.impl.derivedKey.ConversationException;
 import org.swssf.wss.impl.derivedKey.DerivationAlgorithm;
-import org.swssf.wss.impl.securityToken.ProcessorInfoSecurityToken;
+import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
 import org.swssf.xmlsec.config.JCEAlgorithmMapper;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 
 import javax.crypto.spec.SecretKeySpec;
@@ -64,7 +63,7 @@ public class DerivedKeyTokenOutputProces
             if (wrappingSecurityTokenProvider == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
-            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken(null);
+            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
             if (wrappingSecurityToken == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
@@ -121,28 +120,17 @@ public class DerivedKeyTokenOutputProces
                 throw new WSSecurityException(e.getMessage(), e);
             }
 
-            final ProcessorInfoSecurityToken derivedKeySecurityToken = new ProcessorInfoSecurityToken() {
+            final AbstractSecurityToken derivedKeySecurityToken = new AbstractSecurityToken(wsuIdDKT) {
 
                 private Map<String, Key> keyTable = new Hashtable<String, Key>();
-                private OutputProcessor outputProcessor;
-
-                public String getId() {
-                    return wsuIdDKT;
-                }
-
-                public void setProcessor(OutputProcessor outputProcessor) {
-                    this.outputProcessor = outputProcessor;
-                }
-
-                public Object getProcessor() {
-                    return outputProcessor;
-                }
 
+                @Override
                 public boolean isAsymmetric() {
                     return false;
                 }
 
-                public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
+                @Override
+                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
                     if (keyTable.containsKey(algorithmURI)) {
                         return keyTable.get(algorithmURI);
                     } else {
@@ -153,35 +141,37 @@ public class DerivedKeyTokenOutputProces
                     }
                 }
 
-                public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
+                @Override
+                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
                     return null;
                 }
 
+                @Override
                 public X509Certificate[] getX509Certificates() throws WSSecurityException {
                     return null;
                 }
 
-                public void verify() throws WSSecurityException {
-                }
-
+                @Override
                 public SecurityToken getKeyWrappingToken() {
                     return wrappingSecurityToken;
                 }
 
-                public String getKeyWrappingTokenAlgorithm() {
-                    return null;
-                }
-
+                @Override
                 public WSSConstants.TokenType getTokenType() {
                     return null;
                 }
             };
 
+            wrappingSecurityToken.addWrappedToken(derivedKeySecurityToken);
+
             SecurityTokenProvider derivedKeysecurityTokenProvider = new SecurityTokenProvider() {
-                public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
+
+                @Override
+                public SecurityToken getSecurityToken() throws WSSecurityException {
                     return derivedKeySecurityToken;
                 }
 
+                @Override
                 public String getId() {
                     return wsuIdDKT;
                 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -70,7 +70,7 @@ public class EncryptOutputProcessor exte
                         encryptionPartDef.setModifier(securePart.getModifier());
                         encryptionPartDef.setEncRefId("ED-" + UUID.randomUUID().toString());
                         encryptionPartDef.setKeyId(securityTokenProvider.getId());
-                        encryptionPartDef.setSymmetricKey(securityTokenProvider.getSecurityToken(null).getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm(), null));
+                        encryptionPartDef.setSymmetricKey(securityTokenProvider.getSecurityToken().getSecretKey(getSecurityProperties().getEncryptionSymAlgorithm(), null));
                         outputProcessorChain.getSecurityContext().putAsList(EncryptionPartDef.class, encryptionPartDef);
                         internalEncryptionOutputProcessor =
                                 new InternalEncryptionOutputProcessor(

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -20,12 +20,14 @@ package org.swssf.wss.impl.processor.out
 
 import org.apache.commons.codec.binary.Base64;
 import org.swssf.wss.ext.*;
-import org.swssf.wss.impl.securityToken.ProcessorInfoSecurityToken;
+import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
 import org.swssf.xmlsec.config.JCEAlgorithmMapper;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 
-import javax.crypto.*;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
+import javax.crypto.NoSuchPaddingException;
 import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.events.StartElement;
@@ -61,7 +63,7 @@ public class EncryptedKeyOutputProcessor
             if (wrappingSecurityTokenProvider == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
-            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken(null);
+            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
             if (wrappingSecurityToken == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
@@ -81,31 +83,17 @@ public class EncryptedKeyOutputProcessor
 
             final String ekId = "EK-" + UUID.randomUUID().toString();
 
-            final ProcessorInfoSecurityToken encryptedKeySecurityToken = new ProcessorInfoSecurityToken() {
-
-                private OutputProcessor outputProcessor;
-
-                public String getId() {
-                    return ekId;
-                }
-
-                public void setProcessor(OutputProcessor outputProcessor) {
-                    this.outputProcessor = outputProcessor;
-                }
-
-                public Object getProcessor() {
-                    return outputProcessor;
-                }
+            final AbstractSecurityToken encryptedKeySecurityToken = new AbstractSecurityToken(ekId) {
 
                 public boolean isAsymmetric() {
                     return false;
                 }
 
-                public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
+                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
                     return symmetricKey;
                 }
 
-                public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
+                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
                     return null;
                 }
 
@@ -113,27 +101,24 @@ public class EncryptedKeyOutputProcessor
                     return null;
                 }
 
-                public void verify() throws XMLSecurityException {
-                }
-
                 public SecurityToken getKeyWrappingToken() {
                     return wrappingSecurityToken;
                 }
 
-                public String getKeyWrappingTokenAlgorithm() {
-                    return null;
-                }
-
                 public WSSConstants.TokenType getTokenType() {
                     return null;
                 }
             };
+            wrappingSecurityToken.addWrappedToken(encryptedKeySecurityToken);
 
             final SecurityTokenProvider encryptedKeySecurityTokenProvider = new SecurityTokenProvider() {
-                public SecurityToken getSecurityToken(Crypto crypto) throws XMLSecurityException {
+
+                @Override
+                public SecurityToken getSecurityToken() throws XMLSecurityException {
                     return encryptedKeySecurityToken;
                 }
 
+                @Override
                 public String getId() {
                     return ekId;
                 }
@@ -238,9 +223,9 @@ public class EncryptedKeyOutputProcessor
                         int blockSize = cipher.getBlockSize();
                         if (blockSize > 0 && blockSize < secretKey.getEncoded().length) {
                             throw new WSSecurityException(
-                                WSSecurityException.ErrorCode.FAILURE, 
-                                "unsupportedKeyTransp", 
-                                "public key algorithm too weak to encrypt symmetric key"
+                                    WSSecurityException.ErrorCode.FAILURE,
+                                    "unsupportedKeyTransp",
+                                    "public key algorithm too weak to encrypt symmetric key"
                             );
                         }
                         byte[] encryptedEphemeralKey = cipher.wrap(secretKey);

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -26,9 +26,8 @@ import org.swssf.wss.impl.saml.SAMLCallb
 import org.swssf.wss.impl.saml.SAMLKeyInfo;
 import org.swssf.wss.impl.saml.bean.KeyInfoBean;
 import org.swssf.wss.impl.saml.bean.SubjectBean;
-import org.swssf.wss.impl.securityToken.ProcessorInfoSecurityToken;
+import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
 import org.swssf.wss.impl.securityToken.SAMLSecurityToken;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.crypto.CryptoType;
 import org.swssf.xmlsec.ext.*;
 import org.w3c.dom.*;
@@ -63,14 +62,14 @@ public class SAMLTokenOutputProcessor ex
             final SAMLCallback samlCallback = new SAMLCallback();
             WSSUtils.doPasswordCallback(getSecurityProperties().getCallbackHandler(), samlCallback);
             SAMLAssertionWrapper samlAssertionWrapper = new SAMLAssertionWrapper(samlCallback);
-            
+
             // todo support setting signature and c14n algorithms
             if (samlCallback.isSignAssertion()) {
                 samlAssertionWrapper.signAssertion(
-                    samlCallback.getIssuerKeyName(), 
-                    samlCallback.getIssuerKeyPassword(), 
-                    samlCallback.getIssuerCrypto(), 
-                    samlCallback.isSendKeyValue()
+                        samlCallback.getIssuerKeyName(),
+                        samlCallback.getIssuerKeyPassword(),
+                        samlCallback.getIssuerCrypto(),
+                        samlCallback.isSendKeyValue()
                 );
             }
 
@@ -141,34 +140,20 @@ public class SAMLTokenOutputProcessor ex
 
             final PrivateKey secretKey = privateKey;
 
-            final SecurityToken securityToken;
+            final AbstractSecurityToken securityToken;
             SecurityTokenProvider securityTokenProvider;
             if (senderVouches) {
-                securityToken = new ProcessorInfoSecurityToken() {
-
-                    private OutputProcessor outputProcessor;
-
-                    public void setProcessor(OutputProcessor outputProcessor) {
-                        this.outputProcessor = outputProcessor;
-                    }
-
-                    public String getId() {
-                        return binarySecurityTokenId;
-                    }
-
-                    public Object getProcessor() {
-                        return outputProcessor;
-                    }
+                securityToken = new AbstractSecurityToken(binarySecurityTokenId) {
 
                     public boolean isAsymmetric() {
                         return true;
                     }
 
-                    public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
+                    public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
                         return secretKey;
                     }
 
-                    public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
+                    public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws WSSecurityException {
                         return x509Certificates[0].getPublicKey();
                     }
 
@@ -176,17 +161,10 @@ public class SAMLTokenOutputProcessor ex
                         return x509Certificates;
                     }
 
-                    public void verify() throws WSSecurityException {
-                    }
-
                     public SecurityToken getKeyWrappingToken() {
                         return null;
                     }
 
-                    public String getKeyWrappingTokenAlgorithm() {
-                        return null;
-                    }
-
                     public WSSConstants.TokenType getTokenType() {
                         //todo pkiPathToken etc?
                         return WSSConstants.X509V3Token;
@@ -201,10 +179,13 @@ public class SAMLTokenOutputProcessor ex
             if (senderVouches) {
 
                 securityTokenProvider = new SecurityTokenProvider() {
-                    public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
+
+                    @Override
+                    public SecurityToken getSecurityToken() throws WSSecurityException {
                         return securityToken;
                     }
 
+                    @Override
                     public String getId() {
                         return binarySecurityTokenId;
                     }
@@ -215,12 +196,22 @@ public class SAMLTokenOutputProcessor ex
                 outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID, securityTokenReferenceId);
             } else {
                 securityTokenProvider = new SecurityTokenProvider() {
-                    public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
-                        return new SAMLSecurityToken(
+
+                    private SAMLSecurityToken samlSecurityToken;
+
+                    @Override
+                    public SecurityToken getSecurityToken() throws XMLSecurityException {
+                        if (this.samlSecurityToken != null) {
+                            return this.samlSecurityToken;
+                        }
+                        this.samlSecurityToken = new SAMLSecurityToken(
                                 samlCallback.getSamlVersion(), samlKeyInfo, (WSSecurityContext) outputProcessorChain.getSecurityContext(),
-                                crypto, getSecurityProperties().getCallbackHandler(), tokenId, finalSAMLTokenOutputProcessor);
+                                getSecurityProperties().getSignatureCrypto(), getSecurityProperties().getCallbackHandler(), tokenId);
+                        this.samlSecurityToken.setProcessor(finalSAMLTokenOutputProcessor);
+                        return this.samlSecurityToken;
                     }
 
+                    @Override
                     public String getId() {
                         return tokenId;
                     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SecurityContextTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SecurityContextTokenOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SecurityContextTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SecurityContextTokenOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -22,8 +22,7 @@ import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSDocumentContext;
 import org.swssf.wss.ext.WSSSecurityProperties;
 import org.swssf.wss.ext.WSSecurityException;
-import org.swssf.wss.impl.securityToken.ProcessorInfoSecurityToken;
-import org.swssf.xmlsec.crypto.Crypto;
+import org.swssf.wss.impl.securityToken.AbstractSecurityToken;
 import org.swssf.xmlsec.ext.*;
 
 import javax.xml.namespace.QName;
@@ -58,7 +57,7 @@ public class SecurityContextTokenOutputP
             if (wrappingSecurityTokenProvider == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
-            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken(null);
+            final SecurityToken wrappingSecurityToken = wrappingSecurityTokenProvider.getSecurityToken();
             if (wrappingSecurityToken == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_ENCRYPTION);
             }
@@ -66,60 +65,53 @@ public class SecurityContextTokenOutputP
             final String wsuId = "SCT-" + UUID.randomUUID().toString();
             final String identifier = UUID.randomUUID().toString();
 
-            final ProcessorInfoSecurityToken securityContextSecurityToken = new ProcessorInfoSecurityToken() {
-
-                private OutputProcessor outputProcessor;
-
-                public String getId() {
-                    return wsuId;
-                }
-
-                public void setProcessor(OutputProcessor outputProcessor) {
-                    this.outputProcessor = outputProcessor;
-                }
-
-                public Object getProcessor() {
-                    return outputProcessor;
-                }
+            final AbstractSecurityToken securityContextSecurityToken = new AbstractSecurityToken(wsuId) {
 
+                @Override
                 public boolean isAsymmetric() {
                     return wrappingSecurityToken.isAsymmetric();
                 }
 
-                public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
+                @Override
+                public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
                     return wrappingSecurityToken.getSecretKey(algorithmURI, null);
                 }
 
-                public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
+                @Override
+                public PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
                     return wrappingSecurityToken.getPublicKey(null, null);
                 }
 
+                @Override
                 public X509Certificate[] getX509Certificates() throws XMLSecurityException {
                     return wrappingSecurityToken.getX509Certificates();
                 }
 
+                @Override
                 public void verify() throws XMLSecurityException {
                     wrappingSecurityToken.verify();
                 }
 
+                @Override
                 public SecurityToken getKeyWrappingToken() {
                     return wrappingSecurityToken;
                 }
 
-                public String getKeyWrappingTokenAlgorithm() {
-                    return null;
-                }
-
+                @Override
                 public WSSConstants.TokenType getTokenType() {
                     return WSSConstants.SecurityContextToken;
                 }
             };
+            wrappingSecurityToken.addWrappedToken(securityContextSecurityToken);
 
             SecurityTokenProvider securityContextSecurityTokenProvider = new SecurityTokenProvider() {
-                public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
+
+                @Override
+                public SecurityToken getSecurityToken() throws WSSecurityException {
                     return securityContextSecurityToken;
                 }
 
+                @Override
                 public String getId() {
                     return wsuId;
                 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureConfirmationOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureConfirmationOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureConfirmationOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureConfirmationOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -65,11 +65,11 @@ public class SignatureConfirmationOutput
                     SecurityEvent securityEvent = requestSecurityEvents.get(i);
                     if (securityEvent.getSecurityEventType() == SecurityEvent.Event.SignatureValue) {
                         aSignatureFound = true;
-                        SignatureValueSecurityEvent signatureTokenSecurityEvent = (SignatureValueSecurityEvent) securityEvent;
+                        SignatureValueSecurityEvent signatureValueSecurityEvent = (SignatureValueSecurityEvent) securityEvent;
 
                         Map<QName, String> attributes = new HashMap<QName, String>();
                         attributes.put(WSSConstants.ATT_wsu_Id, "SigConf-" + UUID.randomUUID().toString());
-                        attributes.put(WSSConstants.ATT_NULL_Value, new Base64(76, new byte[]{'\n'}).encodeToString(signatureTokenSecurityEvent.getSignatureValue()));
+                        attributes.put(WSSConstants.ATT_NULL_Value, new Base64(76, new byte[]{'\n'}).encodeToString(signatureValueSecurityEvent.getSignatureValue()));
                         createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse11_SignatureConfirmation, attributes);
                         createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse11_SignatureConfirmation);
                     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/UsernameTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/UsernameTokenOutputProcessor.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/UsernameTokenOutputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/UsernameTokenOutputProcessor.java Wed Feb 29 20:54:51 2012
@@ -21,7 +21,6 @@ package org.swssf.wss.impl.processor.out
 import org.apache.commons.codec.binary.Base64;
 import org.swssf.wss.ext.*;
 import org.swssf.wss.impl.securityToken.UsernameSecurityToken;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 
 import javax.xml.datatype.DatatypeConfigurationException;
@@ -74,15 +73,18 @@ public class UsernameTokenOutputProcesso
                             nonceValue,
                             null,
                             null,
-                            wsuId,
-                            outputProcessor
+                            wsuId
                     );
+            usernameSecurityToken.setProcessor(outputProcessor);
 
             SecurityTokenProvider securityTokenProvider = new SecurityTokenProvider() {
-                public SecurityToken getSecurityToken(Crypto crypto) throws WSSecurityException {
+
+                @Override
+                public SecurityToken getSecurityToken() throws WSSecurityException {
                     return usernameSecurityToken;
                 }
 
+                @Override
                 public String getId() {
                     return wsuId;
                 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLBootstrap.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLBootstrap.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLBootstrap.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLBootstrap.java Wed Feb 29 20:54:51 2012
@@ -27,44 +27,46 @@ import org.opensaml.xml.ConfigurationExc
  * to avoid instantiating Velocity, which we do not need in WSS4J.
  */
 public class OpenSAMLBootstrap extends DefaultBootstrap {
-    
-    /** List of default XMLTooling configuration files. */
-    private static String[] xmlToolingConfigs = { 
-        "/default-config.xml", 
-        "/schema-config.xml", 
-        "/signature-config.xml",
-        "/signature-validation-config.xml", 
-        "/encryption-config.xml", 
-        "/encryption-validation-config.xml",
-        "/soap11-config.xml", 
-        "/wsfed11-protocol-config.xml",
-        "/saml1-assertion-config.xml", 
-        "/saml1-protocol-config.xml",
-        "/saml1-core-validation-config.xml", 
-        "/saml2-assertion-config.xml", 
-        "/saml2-protocol-config.xml",
-        "/saml2-core-validation-config.xml", 
-        "/saml1-metadata-config.xml", 
-        "/saml2-metadata-config.xml",
-        "/saml2-metadata-validation-config.xml", 
-        "/saml2-metadata-idp-discovery-config.xml",
-        "/saml2-protocol-thirdparty-config.xml",
-        "/saml2-metadata-query-config.xml", 
-        "/saml2-assertion-delegation-restriction-config.xml",    
-        "/saml2-ecp-config.xml",
-        "/xacml10-saml2-profile-config.xml",
-        "/xacml11-saml2-profile-config.xml",
-        "/xacml20-context-config.xml",
-        "/xacml20-policy-config.xml",
-        "/xacml2-saml2-profile-config.xml",
-        "/xacml3-saml2-profile-config.xml",    
-        "/wsaddressing-config.xml",
-        "/wssecurity-config.xml",
+
+    /**
+     * List of default XMLTooling configuration files.
+     */
+    private static String[] xmlToolingConfigs = {
+            "/default-config.xml",
+            "/schema-config.xml",
+            "/signature-config.xml",
+            "/signature-validation-config.xml",
+            "/encryption-config.xml",
+            "/encryption-validation-config.xml",
+            "/soap11-config.xml",
+            "/wsfed11-protocol-config.xml",
+            "/saml1-assertion-config.xml",
+            "/saml1-protocol-config.xml",
+            "/saml1-core-validation-config.xml",
+            "/saml2-assertion-config.xml",
+            "/saml2-protocol-config.xml",
+            "/saml2-core-validation-config.xml",
+            "/saml1-metadata-config.xml",
+            "/saml2-metadata-config.xml",
+            "/saml2-metadata-validation-config.xml",
+            "/saml2-metadata-idp-discovery-config.xml",
+            "/saml2-protocol-thirdparty-config.xml",
+            "/saml2-metadata-query-config.xml",
+            "/saml2-assertion-delegation-restriction-config.xml",
+            "/saml2-ecp-config.xml",
+            "/xacml10-saml2-profile-config.xml",
+            "/xacml11-saml2-profile-config.xml",
+            "/xacml20-context-config.xml",
+            "/xacml20-policy-config.xml",
+            "/xacml2-saml2-profile-config.xml",
+            "/xacml3-saml2-profile-config.xml",
+            "/wsaddressing-config.xml",
+            "/wssecurity-config.xml",
     };
-    
+
     /**
      * Initializes the OpenSAML library, loading default configurations.
-     * 
+     *
      * @throws ConfigurationException thrown if there is a problem initializing the OpenSAML library
      */
     public static synchronized void bootstrap() throws ConfigurationException {
@@ -76,7 +78,7 @@ public class OpenSAMLBootstrap extends D
         initializeArtifactBuilderFactories();
 
         initializeGlobalSecurityConfiguration();
-        
+
         initializeParserPool();
     }
 

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLUtil.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLUtil.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/OpenSAMLUtil.java Wed Feb 29 20:54:51 2012
@@ -19,8 +19,6 @@
 
 package org.swssf.wss.impl.saml;
 
-import javax.xml.namespace.QName;
-
 import org.opensaml.xml.*;
 import org.opensaml.xml.io.*;
 import org.opensaml.xml.signature.Signature;
@@ -31,14 +29,16 @@ import org.w3c.dom.Document;
 import org.w3c.dom.DocumentFragment;
 import org.w3c.dom.Element;
 
+import javax.xml.namespace.QName;
+
 /**
  * Class OpenSAMLUtil provides static helper methods for the OpenSaml library
  * <p/>
  * Created on May 18, 2009
  */
 public class OpenSAMLUtil {
-    private static final org.apache.commons.logging.Log log = 
-        org.apache.commons.logging.LogFactory.getLog(OpenSAMLUtil.class);
+    private static final org.apache.commons.logging.Log log =
+            org.apache.commons.logging.LogFactory.getLog(OpenSAMLUtil.class);
 
     private static XMLObjectBuilderFactory builderFactory;
     private static MarshallerFactory marshallerFactory;
@@ -64,8 +64,8 @@ public class OpenSAMLUtil {
                 }
             } catch (ConfigurationException e) {
                 log.error(
-                    "Unable to bootstrap the opensaml2 library - all SAML operations will fail", 
-                    e
+                        "Unable to bootstrap the opensaml2 library - all SAML operations will fail",
+                        e
                 );
             }
         }
@@ -91,14 +91,14 @@ public class OpenSAMLUtil {
      * Convert a SAML Assertion from a XMLObject to a DOM Element
      *
      * @param xmlObject of type XMLObject
-     * @param doc  of type Document
+     * @param doc       of type Document
      * @return Element
      * @throws MarshallingException
      * @throws SignatureException
      */
     public static Element toDom(
-        XMLObject xmlObject, 
-        Document doc
+            XMLObject xmlObject,
+            Document doc
     ) throws WSSecurityException {
         Marshaller marshaller = marshallerFactory.getMarshaller(xmlObject);
         Element element = null;
@@ -114,15 +114,15 @@ public class OpenSAMLUtil {
                     element = marshaller.marshall(xmlObject);
                 } else {
                     element = marshaller.marshall(xmlObject, doc);
-                } 
+                }
             } catch (MarshallingException ex) {
                 throw new WSSecurityException("Error marshalling a SAML assertion", ex);
             }
-    
+
             // Sign the assertion if the signature element is present.
             if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
-                org.opensaml.saml2.core.Assertion saml2 = 
-                    (org.opensaml.saml2.core.Assertion) xmlObject;
+                org.opensaml.saml2.core.Assertion saml2 =
+                        (org.opensaml.saml2.core.Assertion) xmlObject;
                 // if there is a signature, but it hasn't already been signed
                 if (saml2.getSignature() != null) {
                     if (log.isDebugEnabled()) {
@@ -135,8 +135,8 @@ public class OpenSAMLUtil {
                     }
                 }
             } else if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
-                org.opensaml.saml1.core.Assertion saml1 = 
-                    (org.opensaml.saml1.core.Assertion) xmlObject;
+                org.opensaml.saml1.core.Assertion saml1 =
+                        (org.opensaml.saml1.core.Assertion) xmlObject;
                 // if there is a signature, but it hasn't already been signed
                 if (saml1.getSignature() != null) {
                     if (log.isDebugEnabled()) {
@@ -159,7 +159,7 @@ public class OpenSAMLUtil {
         }
         return element;
     }
-    
+
     /**
      * Method buildSignature ...
      *
@@ -171,17 +171,17 @@ public class OpenSAMLUtil {
         XMLObjectBuilder<Signature> builder = builderFactory.getBuilder(qName);
         if (builder == null) {
             log.error(
-                "Unable to retrieve builder for object QName " 
-                + qName
+                    "Unable to retrieve builder for object QName "
+                            + qName
             );
             return null;
         }
-        return 
-            (Signature)builder.buildObject(
-                 qName.getNamespaceURI(), qName.getLocalPart(), qName.getPrefix()
-             );
+        return
+                (Signature) builder.buildObject(
+                        qName.getNamespaceURI(), qName.getLocalPart(), qName.getPrefix()
+                );
     }
-    
+
     /**
      * Method isMethodSenderVouches ...
      *
@@ -189,11 +189,11 @@ public class OpenSAMLUtil {
      * @return boolean
      */
     public static boolean isMethodSenderVouches(String confirmMethod) {
-        return 
-            confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:") 
-                && confirmMethod.endsWith(":cm:sender-vouches");
+        return
+                confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:")
+                        && confirmMethod.endsWith(":cm:sender-vouches");
     }
-    
+
     /**
      * Method isMethodHolderOfKey ...
      *
@@ -201,9 +201,9 @@ public class OpenSAMLUtil {
      * @return boolean
      */
     public static boolean isMethodHolderOfKey(String confirmMethod) {
-        return 
-            confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:") 
-                && confirmMethod.endsWith(":cm:holder-of-key");
+        return
+                confirmMethod != null && confirmMethod.startsWith("urn:oasis:names:tc:SAML:")
+                        && confirmMethod.endsWith(":cm:holder-of-key");
     }
 
 }



Mime
View raw message