ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1295267 [8/11] - in /webservices/wss4j/branches/swssf: rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/ streaming-ws-policy/src/main/java/org/swssf/policy/ streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ s...
Date Wed, 29 Feb 2012 20:54:56 GMT
Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2ComponentBuilder.java Wed Feb 29 20:54:51 2012
@@ -23,45 +23,14 @@ import org.joda.time.DateTime;
 import org.opensaml.Configuration;
 import org.opensaml.common.SAMLObjectBuilder;
 import org.opensaml.common.SAMLVersion;
-
-import org.opensaml.saml2.core.Action;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeStatement;
-import org.opensaml.saml2.core.AttributeValue;
-import org.opensaml.saml2.core.Audience;
-import org.opensaml.saml2.core.AudienceRestriction;
-import org.opensaml.saml2.core.AuthnContext;
-import org.opensaml.saml2.core.AuthnContextClassRef;
-import org.opensaml.saml2.core.AuthnStatement;
-import org.opensaml.saml2.core.AuthzDecisionStatement;
-import org.opensaml.saml2.core.Conditions;
-import org.opensaml.saml2.core.DecisionTypeEnumeration;
-import org.opensaml.saml2.core.Evidence;
-import org.opensaml.saml2.core.Issuer;
-import org.opensaml.saml2.core.KeyInfoConfirmationDataType;
-import org.opensaml.saml2.core.NameID;
-import org.opensaml.saml2.core.Subject;
-import org.opensaml.saml2.core.SubjectConfirmation;
-import org.opensaml.saml2.core.SubjectConfirmationData;
-import org.opensaml.saml2.core.SubjectLocality;
-
+import org.opensaml.saml2.core.*;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.XMLObjectBuilderFactory;
 import org.opensaml.xml.schema.XSString;
 import org.opensaml.xml.schema.impl.XSStringBuilder;
 import org.opensaml.xml.signature.KeyInfo;
-
 import org.swssf.wss.ext.WSSecurityException;
-import org.swssf.wss.impl.saml.bean.ActionBean;
-import org.swssf.wss.impl.saml.bean.AttributeBean;
-import org.swssf.wss.impl.saml.bean.AttributeStatementBean;
-import org.swssf.wss.impl.saml.bean.AuthDecisionStatementBean;
-import org.swssf.wss.impl.saml.bean.AuthenticationStatementBean;
-import org.swssf.wss.impl.saml.bean.ConditionsBean;
-import org.swssf.wss.impl.saml.bean.KeyInfoBean;
-import org.swssf.wss.impl.saml.bean.SubjectBean;
-import org.swssf.wss.impl.saml.bean.SubjectLocalityBean;
+import org.swssf.wss.impl.saml.bean.*;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -76,43 +45,43 @@ import java.util.UUID;
  */
 public class SAML2ComponentBuilder {
     private static SAMLObjectBuilder<Assertion> assertionBuilder;
-    
+
     private static SAMLObjectBuilder<Issuer> issuerBuilder;
-    
+
     private static SAMLObjectBuilder<Subject> subjectBuilder;
-    
+
     private static SAMLObjectBuilder<NameID> nameIdBuilder;
-    
+
     private static SAMLObjectBuilder<SubjectConfirmation> subjectConfirmationBuilder;
-    
+
     private static SAMLObjectBuilder<Conditions> conditionsBuilder;
-    
+
     private static SAMLObjectBuilder<SubjectConfirmationData> subjectConfirmationDataBuilder;
-    
+
     private static SAMLObjectBuilder<KeyInfoConfirmationDataType> keyInfoConfirmationDataBuilder;
-    
+
     private static SAMLObjectBuilder<AuthnStatement> authnStatementBuilder;
-    
+
     private static SAMLObjectBuilder<AuthnContext> authnContextBuilder;
-    
+
     private static SAMLObjectBuilder<AuthnContextClassRef> authnContextClassRefBuilder;
-    
+
     private static SAMLObjectBuilder<AttributeStatement> attributeStatementBuilder;
-    
+
     private static SAMLObjectBuilder<Attribute> attributeBuilder;
-    
+
     private static XSStringBuilder stringBuilder;
-    
+
     private static SAMLObjectBuilder<AudienceRestriction> audienceRestrictionBuilder;
-    
+
     private static SAMLObjectBuilder<Audience> audienceBuilder;
-    
+
     private static SAMLObjectBuilder<AuthzDecisionStatement> authorizationDecisionStatementBuilder;
-    
+
     private static SAMLObjectBuilder<Action> actionElementBuilder;
-    
+
     private static XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
-    
+
     private static SAMLObjectBuilder<SubjectLocality> subjectLocalityBuilder;
 
     /**
@@ -123,17 +92,17 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static Assertion createAssertion() {
         if (assertionBuilder == null) {
-            assertionBuilder = (SAMLObjectBuilder<Assertion>) 
-                builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
+            assertionBuilder = (SAMLObjectBuilder<Assertion>)
+                    builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
             if (assertionBuilder == null) {
                 throw new IllegalStateException(
-                    "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
-                    + "prior using it"
+                        "OpenSaml engine not initialized. Please make sure to initialize the OpenSaml engine "
+                                + "prior using it"
                 );
             }
         }
-        Assertion assertion = 
-            assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
+        Assertion assertion =
+                assertionBuilder.buildObject(Assertion.DEFAULT_ELEMENT_NAME, Assertion.TYPE_NAME);
         assertion.setID("_" + UUID.randomUUID().toString());
         assertion.setVersion(SAMLVersion.VERSION_20);
         assertion.setIssueInstant(new DateTime());
@@ -149,9 +118,9 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static Issuer createIssuer(String issuerValue) {
         if (issuerBuilder == null) {
-            issuerBuilder = (SAMLObjectBuilder<Issuer>) 
-                builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
-            
+            issuerBuilder = (SAMLObjectBuilder<Issuer>)
+                    builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
+
         }
         Issuer issuer = issuerBuilder.buildObject();
         //
@@ -170,27 +139,27 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static Conditions createConditions(ConditionsBean conditionsBean) {
         if (conditionsBuilder == null) {
-            conditionsBuilder = (SAMLObjectBuilder<Conditions>) 
-                builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
+            conditionsBuilder = (SAMLObjectBuilder<Conditions>)
+                    builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
         }
-        
+
         Conditions conditions = conditionsBuilder.buildObject();
-        
+
         if (conditionsBean == null) {
             DateTime newNotBefore = new DateTime();
             conditions.setNotBefore(newNotBefore);
             conditions.setNotOnOrAfter(newNotBefore.plusMinutes(5));
             return conditions;
         }
-        
+
         int tokenPeriodMinutes = conditionsBean.getTokenPeriodMinutes();
         DateTime notBefore = conditionsBean.getNotBefore();
         DateTime notAfter = conditionsBean.getNotAfter();
-        
+
         if (notBefore != null && notAfter != null) {
             if (notBefore.isAfter(notAfter)) {
                 throw new IllegalStateException(
-                    "The value of notBefore may not be after the value of notAfter"
+                        "The value of notBefore may not be after the value of notAfter"
                 );
             }
             conditions.setNotBefore(notBefore);
@@ -203,13 +172,13 @@ public class SAML2ComponentBuilder {
             }
             conditions.setNotOnOrAfter(newNotBefore.plusMinutes(tokenPeriodMinutes));
         }
-        
+
         if (conditionsBean.getAudienceURI() != null) {
-            AudienceRestriction audienceRestriction = 
-                createAudienceRestriction(conditionsBean.getAudienceURI());
+            AudienceRestriction audienceRestriction =
+                    createAudienceRestriction(conditionsBean.getAudienceURI());
             conditions.getAudienceRestrictions().add(audienceRestriction);
         }
-        
+
         return conditions;
     }
 
@@ -222,14 +191,14 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static AudienceRestriction createAudienceRestriction(String audienceURI) {
         if (audienceRestrictionBuilder == null) {
-            audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>) 
-                builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME);
+            audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>)
+                    builderFactory.getBuilder(AudienceRestriction.DEFAULT_ELEMENT_NAME);
         }
         if (audienceBuilder == null) {
-            audienceBuilder = (SAMLObjectBuilder<Audience>) 
-                builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
+            audienceBuilder = (SAMLObjectBuilder<Audience>)
+                    builderFactory.getBuilder(Audience.DEFAULT_ELEMENT_NAME);
         }
-       
+
         AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject();
         Audience audience = audienceBuilder.buildObject();
         audience.setAudienceURI(audienceURI);
@@ -245,27 +214,27 @@ public class SAML2ComponentBuilder {
      */
     @SuppressWarnings("unchecked")
     public static List<AuthnStatement> createAuthnStatement(
-        List<AuthenticationStatementBean> authBeans
+            List<AuthenticationStatementBean> authBeans
     ) {
         List<AuthnStatement> authnStatements = new ArrayList<AuthnStatement>();
-        
+
         if (authnStatementBuilder == null) {
-            authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>) 
-                builderFactory.getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME);
+            authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>)
+                    builderFactory.getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME);
         }
         if (authnContextBuilder == null) {
-            authnContextBuilder = (SAMLObjectBuilder<AuthnContext>) 
-                builderFactory.getBuilder(AuthnContext.DEFAULT_ELEMENT_NAME);
+            authnContextBuilder = (SAMLObjectBuilder<AuthnContext>)
+                    builderFactory.getBuilder(AuthnContext.DEFAULT_ELEMENT_NAME);
         }
         if (authnContextClassRefBuilder == null) {
-            authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>) 
-                builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
+            authnContextClassRefBuilder = (SAMLObjectBuilder<AuthnContextClassRef>)
+                    builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
         }
         if (subjectLocalityBuilder == null) {
-            subjectLocalityBuilder = (SAMLObjectBuilder<SubjectLocality>) 
-            builderFactory.getBuilder(SubjectLocality.DEFAULT_ELEMENT_NAME);
+            subjectLocalityBuilder = (SAMLObjectBuilder<SubjectLocality>)
+                    builderFactory.getBuilder(SubjectLocality.DEFAULT_ELEMENT_NAME);
         }
-        
+
         if (authBeans != null && authBeans.size() > 0) {
             for (AuthenticationStatementBean statementBean : authBeans) {
                 AuthnStatement authnStatement = authnStatementBuilder.buildObject();
@@ -274,14 +243,14 @@ public class SAML2ComponentBuilder {
                     authInstant = new DateTime();
                 }
                 authnStatement.setAuthnInstant(authInstant);
-                
+
                 if (statementBean.getSessionIndex() != null) {
                     authnStatement.setSessionIndex(statementBean.getSessionIndex());
                 }
-                
+
                 AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject();
                 authnContextClassRef.setAuthnContextClassRef(
-                    transformAuthenticationMethod(statementBean.getAuthenticationMethod())
+                        transformAuthenticationMethod(statementBean.getAuthenticationMethod())
                 );
                 AuthnContext authnContext = authnContextBuilder.buildObject();
                 authnContext.setAuthnContextClassRef(authnContextClassRef);
@@ -295,7 +264,7 @@ public class SAML2ComponentBuilder {
 
                     authnStatement.setSubjectLocality(subjectLocality);
                 }
-                
+
                 authnStatements.add(authnStatement);
             }
         }
@@ -304,7 +273,7 @@ public class SAML2ComponentBuilder {
     }
 
     /**
-     * Transform the user-supplied authentication method value into one of the supported 
+     * Transform the user-supplied authentication method value into one of the supported
      * specification-compliant values.
      *
      * @param sourceMethod of type String
@@ -334,7 +303,7 @@ public class SAML2ComponentBuilder {
     public static Attribute createAttribute(String friendlyName, String name, List<String> values) {
         return createAttribute(friendlyName, name, null, values);
     }
-    
+
     /**
      * Create a SAML2 Attribute
      *
@@ -345,21 +314,21 @@ public class SAML2ComponentBuilder {
      * @return a SAML2 Attribute
      */
     public static Attribute createAttribute(
-        String friendlyName, String name, String nameFormat, List<?> values
+            String friendlyName, String name, String nameFormat, List<?> values
     ) {
         if (stringBuilder == null) {
-            stringBuilder = (XSStringBuilder)builderFactory.getBuilder(XSString.TYPE_NAME);
+            stringBuilder = (XSStringBuilder) builderFactory.getBuilder(XSString.TYPE_NAME);
         }
         Attribute attribute = createAttribute(friendlyName, name, nameFormat);
-        
+
         for (Object value : values) {
             if (value instanceof String) {
-                XSString attributeValue = 
-                    stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
-                attributeValue.setValue((String)value);
+                XSString attributeValue =
+                        stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+                attributeValue.setValue((String) value);
                 attribute.getAttributeValues().add(attributeValue);
             } else if (value instanceof XMLObject) {
-                attribute.getAttributeValues().add((XMLObject)value);
+                attribute.getAttributeValues().add((XMLObject) value);
             }
         }
 
@@ -373,75 +342,75 @@ public class SAML2ComponentBuilder {
      * @return a Subject
      */
     @SuppressWarnings("unchecked")
-    public static Subject createSaml2Subject(SubjectBean subjectBean) 
-        throws org.opensaml.xml.security.SecurityException, WSSecurityException {
+    public static Subject createSaml2Subject(SubjectBean subjectBean)
+            throws org.opensaml.xml.security.SecurityException, WSSecurityException {
         if (subjectBuilder == null) {
-            subjectBuilder = (SAMLObjectBuilder<Subject>) 
-                builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
+            subjectBuilder = (SAMLObjectBuilder<Subject>)
+                    builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);
         }
         Subject subject = subjectBuilder.buildObject();
-        
+
         NameID nameID = SAML2ComponentBuilder.createNameID(subjectBean);
         subject.setNameID(nameID);
-        
+
         SubjectConfirmationData subjectConfData = null;
         if (subjectBean.getKeyInfo() != null) {
-            subjectConfData = 
-                SAML2ComponentBuilder.createSubjectConfirmationData(
-                    null, 
-                    null, 
-                    null, 
-                    subjectBean.getKeyInfo() 
-                );
+            subjectConfData =
+                    SAML2ComponentBuilder.createSubjectConfirmationData(
+                            null,
+                            null,
+                            null,
+                            subjectBean.getKeyInfo()
+                    );
         }
-        
+
         String confirmationMethodStr = subjectBean.getSubjectConfirmationMethod();
         if (confirmationMethodStr == null) {
             confirmationMethodStr = SAML2Constants.CONF_SENDER_VOUCHES;
         }
-        SubjectConfirmation subjectConfirmation = 
-            SAML2ComponentBuilder.createSubjectConfirmation(
-                confirmationMethodStr, subjectConfData
-            );
-        
+        SubjectConfirmation subjectConfirmation =
+                SAML2ComponentBuilder.createSubjectConfirmation(
+                        confirmationMethodStr, subjectConfData
+                );
+
         subject.getSubjectConfirmations().add(subjectConfirmation);
         return subject;
     }
-    
+
     /**
      * Create a SubjectConfirmationData object
      *
      * @param inResponseTo of type String
      * @param recipient    of type String
      * @param notOnOrAfter of type DateTime
-     * @param keyInfoBean of type KeyInfoBean
+     * @param keyInfoBean  of type KeyInfoBean
      * @return a SubjectConfirmationData object
      */
     @SuppressWarnings("unchecked")
     public static SubjectConfirmationData createSubjectConfirmationData(
-        String inResponseTo, 
-        String recipient, 
-        DateTime notOnOrAfter,
-        KeyInfoBean keyInfoBean
+            String inResponseTo,
+            String recipient,
+            DateTime notOnOrAfter,
+            KeyInfoBean keyInfoBean
     ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
         SubjectConfirmationData subjectConfirmationData = null;
         KeyInfo keyInfo = null;
         if (keyInfoBean == null) {
             if (subjectConfirmationDataBuilder == null) {
-                subjectConfirmationDataBuilder = (SAMLObjectBuilder<SubjectConfirmationData>) 
-                    builderFactory.getBuilder(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
+                subjectConfirmationDataBuilder = (SAMLObjectBuilder<SubjectConfirmationData>)
+                        builderFactory.getBuilder(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
             }
             subjectConfirmationData = subjectConfirmationDataBuilder.buildObject();
         } else {
             if (keyInfoConfirmationDataBuilder == null) {
-                keyInfoConfirmationDataBuilder = (SAMLObjectBuilder<KeyInfoConfirmationDataType>) 
-                    builderFactory.getBuilder(KeyInfoConfirmationDataType.TYPE_NAME);
+                keyInfoConfirmationDataBuilder = (SAMLObjectBuilder<KeyInfoConfirmationDataType>)
+                        builderFactory.getBuilder(KeyInfoConfirmationDataType.TYPE_NAME);
             }
             subjectConfirmationData = keyInfoConfirmationDataBuilder.buildObject();
             keyInfo = SAML1ComponentBuilder.createKeyInfo(keyInfoBean);
-            ((KeyInfoConfirmationDataType)subjectConfirmationData).getKeyInfos().add(keyInfo);
+            ((KeyInfoConfirmationDataType) subjectConfirmationData).getKeyInfos().add(keyInfo);
         }
-        
+
         if (inResponseTo != null) {
             subjectConfirmationData.setInResponseTo(inResponseTo);
         }
@@ -451,31 +420,31 @@ public class SAML2ComponentBuilder {
         if (notOnOrAfter != null) {
             subjectConfirmationData.setNotOnOrAfter(notOnOrAfter);
         }
-        
+
         return subjectConfirmationData;
     }
-    
+
     /**
      * Create a SubjectConfirmation object
      * One of the following subject confirmation methods MUST be used:
-     *   urn:oasis:names:tc:SAML:2.0:cm:holder-of-key
-     *   urn:oasis:names:tc:SAML:2.0:cm:sender-vouches
-     *   urn:oasis:names:tc:SAML:2.0:cm:bearer
+     * urn:oasis:names:tc:SAML:2.0:cm:holder-of-key
+     * urn:oasis:names:tc:SAML:2.0:cm:sender-vouches
+     * urn:oasis:names:tc:SAML:2.0:cm:bearer
      *
-     * @param method of type String
+     * @param method                  of type String
      * @param subjectConfirmationData of type SubjectConfirmationData
      * @return a SubjectConfirmation object
      */
     @SuppressWarnings("unchecked")
     public static SubjectConfirmation createSubjectConfirmation(
-        String method,
-        SubjectConfirmationData subjectConfirmationData
+            String method,
+            SubjectConfirmationData subjectConfirmationData
     ) {
         if (subjectConfirmationBuilder == null) {
-            subjectConfirmationBuilder = (SAMLObjectBuilder<SubjectConfirmation>) 
-                builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
+            subjectConfirmationBuilder = (SAMLObjectBuilder<SubjectConfirmation>)
+                    builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
         }
-        
+
         SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();
         subjectConfirmation.setMethod(method);
         subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
@@ -485,14 +454,14 @@ public class SAML2ComponentBuilder {
     /**
      * Create a NameID object
      * One of the following formats MUST be used:
-     *   urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
-     *   urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-     *   urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
-     *   urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName
-     *   urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos
-     *   urn:oasis:names:tc:SAML:2.0:nameid-format:entity
-     *   urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
-     *   urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
+     * urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:entity
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+     * urn:oasis:names:tc:SAML:2.0:nameid-format:transient
      *
      * @param subject A SubjectBean instance
      * @return NameID
@@ -500,8 +469,8 @@ public class SAML2ComponentBuilder {
     @SuppressWarnings("unchecked")
     public static NameID createNameID(SubjectBean subject) {
         if (nameIdBuilder == null) {
-            nameIdBuilder = (SAMLObjectBuilder<NameID>) 
-                builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME);
+            nameIdBuilder = (SAMLObjectBuilder<NameID>)
+                    builderFactory.getBuilder(NameID.DEFAULT_ELEMENT_NAME);
         }
         NameID nameID = nameIdBuilder.buildObject();
         nameID.setNameQualifier(subject.getSubjectNameQualifier());
@@ -519,12 +488,12 @@ public class SAML2ComponentBuilder {
      */
     @SuppressWarnings("unchecked")
     public static List<AttributeStatement> createAttributeStatement(
-        List<AttributeStatementBean> attributeData
+            List<AttributeStatementBean> attributeData
     ) {
         List<AttributeStatement> attributeStatements = new ArrayList<AttributeStatement>();
         if (attributeStatementBuilder == null) {
-            attributeStatementBuilder = (SAMLObjectBuilder<AttributeStatement>) 
-            builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
+            attributeStatementBuilder = (SAMLObjectBuilder<AttributeStatement>)
+                    builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
         }
 
         if (attributeData != null && attributeData.size() > 0) {
@@ -535,13 +504,13 @@ public class SAML2ComponentBuilder {
                     if (attributeValues == null || attributeValues.isEmpty()) {
                         attributeValues = values.getCustomAttributeValues();
                     }
-                    Attribute samlAttribute = 
-                        createAttribute(
-                            values.getSimpleName(), 
-                            values.getQualifiedName(),
-                            values.getNameFormat(),
-                            attributeValues
-                        );
+                    Attribute samlAttribute =
+                            createAttribute(
+                                    values.getSimpleName(),
+                                    values.getQualifiedName(),
+                                    values.getNameFormat(),
+                                    attributeValues
+                            );
                     attributeStatement.getAttributes().add(samlAttribute);
                 }
                 // Add the completed attribute statementBean to the collection
@@ -554,34 +523,34 @@ public class SAML2ComponentBuilder {
 
     /**
      * Create an Attribute object. The name format is of type:
-     *   urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
-     *   urn:oasis:names:tc:SAML:2.0:attrname-format:uri
-     *   urn:oasis:names:tc:SAML:2.0:attrname-format:basic
+     * urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
+     * urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+     * urn:oasis:names:tc:SAML:2.0:attrname-format:basic
      *
      * @param friendlyName of type String
-     * @param name of type String
+     * @param name         of type String
      * @return an Attribute object
      * @deprecated
      */
     public static Attribute createAttribute(String friendlyName, String name) {
-        return createAttribute(friendlyName, name, (String)null);
+        return createAttribute(friendlyName, name, (String) null);
     }
-    
+
     /**
      * Create an Attribute object.
      *
      * @param friendlyName of type String
-     * @param name of type String
-     * @param nameFormat of type String
+     * @param name         of type String
+     * @param nameFormat   of type String
      * @return an Attribute object
      */
     @SuppressWarnings("unchecked")
     public static Attribute createAttribute(String friendlyName, String name, String nameFormat) {
         if (attributeBuilder == null) {
             attributeBuilder = (SAMLObjectBuilder<Attribute>)
-                builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
+                    builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);
         }
-        
+
         Attribute attribute = attributeBuilder.buildObject();
         attribute.setFriendlyName(friendlyName);
         if (nameFormat == null) {
@@ -601,23 +570,23 @@ public class SAML2ComponentBuilder {
      */
     @SuppressWarnings("unchecked")
     public static List<AuthzDecisionStatement> createAuthorizationDecisionStatement(
-        List<AuthDecisionStatementBean> decisionData
+            List<AuthDecisionStatementBean> decisionData
     ) {
-        List<AuthzDecisionStatement> authDecisionStatements = 
+        List<AuthzDecisionStatement> authDecisionStatements =
                 new ArrayList<AuthzDecisionStatement>();
         if (authorizationDecisionStatementBuilder == null) {
-            authorizationDecisionStatementBuilder = 
-                (SAMLObjectBuilder<AuthzDecisionStatement>)
-                    builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
+            authorizationDecisionStatementBuilder =
+                    (SAMLObjectBuilder<AuthzDecisionStatement>)
+                            builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
         }
 
         if (decisionData != null && decisionData.size() > 0) {
             for (AuthDecisionStatementBean decisionStatementBean : decisionData) {
-                AuthzDecisionStatement authDecision = 
-                    authorizationDecisionStatementBuilder.buildObject();
+                AuthzDecisionStatement authDecision =
+                        authorizationDecisionStatementBuilder.buildObject();
                 authDecision.setResource(decisionStatementBean.getResource());
                 authDecision.setDecision(
-                    transformDecisionType(decisionStatementBean.getDecision())
+                        transformDecisionType(decisionStatementBean.getDecision())
                 );
 
                 for (ActionBean actionBean : decisionStatementBean.getActions()) {
@@ -625,10 +594,10 @@ public class SAML2ComponentBuilder {
                     authDecision.getActions().add(actionElement);
                 }
 
-                if (decisionStatementBean.getEvidence() instanceof Evidence) {                                    
-                    authDecision.setEvidence((Evidence)decisionStatementBean.getEvidence());
+                if (decisionStatementBean.getEvidence() instanceof Evidence) {
+                    authDecision.setEvidence((Evidence) decisionStatementBean.getEvidence());
                 }
-                
+
                 authDecisionStatements.add(authDecision);
             }
         }
@@ -647,7 +616,7 @@ public class SAML2ComponentBuilder {
     public static Action createSamlAction(ActionBean actionBean) {
         if (actionElementBuilder == null) {
             actionElementBuilder = (SAMLObjectBuilder<Action>)
-                builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
+                    builderFactory.getBuilder(Action.DEFAULT_ELEMENT_NAME);
         }
         Action actionElement = actionElementBuilder.buildObject();
         actionElement.setNamespace(actionBean.getActionNamespace());
@@ -663,10 +632,10 @@ public class SAML2ComponentBuilder {
      * Create a DecisionTypeEnumeration object
      *
      * @param decision of type Decision
-     * @return a DecisionTypeEnumeration object 
+     * @return a DecisionTypeEnumeration object
      */
     private static DecisionTypeEnumeration transformDecisionType(
-        AuthDecisionStatementBean.Decision decision
+            AuthDecisionStatementBean.Decision decision
     ) {
         DecisionTypeEnumeration decisionTypeEnum = DecisionTypeEnumeration.DENY;
         if (decision.equals(AuthDecisionStatementBean.Decision.PERMIT)) {

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/saml/builder/SAML2Constants.java Wed Feb 29 20:54:51 2012
@@ -30,133 +30,133 @@ public class SAML2Constants {
     //
     // NAME ID FORMAT
     //
-    
-    public static final String NAMEID_FORMAT_UNSPECIFIED = 
-        "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
-    
-    public static final String NAMEID_FORMAT_EMAIL_ADDRESS = 
-        "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
-    
-    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME = 
-        "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
-    
-    public static final String NAMEID_FORMAT_WINDOWS_DQN = 
-        "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
-    
-    public static final String NAMEID_FORMAT_KERBEROS = 
-        "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos";
-    
-    public static final String NAMEID_FORMAT_ENTITY = 
-        "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
-    
-    public static final String NAMEID_FORMAT_PERSISTENT = 
-        "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
-    
-    public static final String NAMEID_FORMAT_TRANSIENT = 
-        "urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
+
+    public static final String NAMEID_FORMAT_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
+
+    public static final String NAMEID_FORMAT_EMAIL_ADDRESS =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
+
+    public static final String NAMEID_FORMAT_X509_SUBJECT_NAME =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName";
+
+    public static final String NAMEID_FORMAT_WINDOWS_DQN =
+            "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName";
+
+    public static final String NAMEID_FORMAT_KERBEROS =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos";
+
+    public static final String NAMEID_FORMAT_ENTITY =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
+
+    public static final String NAMEID_FORMAT_PERSISTENT =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
+
+    public static final String NAMEID_FORMAT_TRANSIENT =
+            "urn:oasis:names:tc:SAML:2.0:nameid-format:transient";
 
     //
     // SUBJECT CONFIRMATION
     //
-    
-    public static final String CONF_BEARER = 
-        "urn:oasis:names:tc:SAML:2.0:cm:bearer";
-    
-    public static final String CONF_HOLDER_KEY = 
-        "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
-    
-    public static final String CONF_SENDER_VOUCHES = 
-        "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
-    
+
+    public static final String CONF_BEARER =
+            "urn:oasis:names:tc:SAML:2.0:cm:bearer";
+
+    public static final String CONF_HOLDER_KEY =
+            "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
+
+    public static final String CONF_SENDER_VOUCHES =
+            "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
+
     //
     // AUTH CONTEXT CLASS REF
     //
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL_PASSWORD = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_KERBEROS = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_UNREGISTERED = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_UNREGISTERED = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_CONTRACT = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_CONTRACT = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:Password";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_PREVIOUS_SESSION = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_X509 = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:X509";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_PGP = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:PGP";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_SPKI = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_XMLDSIG = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD_PKI = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_SOFTWARE_PKI = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_TELEPHONY = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_NOMAD_TELEPHONY = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_PERSONAL_TELEPHONY = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_AUTHENTICATED_TELEPHONY = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_SECURED_REMOTE_PASSWORD = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_TLS_CLIENT = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_TIME_SYNC_TOKEN = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken";
-    
-    public static final String AUTH_CONTEXT_CLASS_REF_UNSPECIFIED = 
-        "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_INTERNET_PROTOCOL_PASSWORD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_KERBEROS =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_UNREGISTERED =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_UNREGISTERED =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_ONE_FACTOR_CONTRACT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_MOBILE_TWO_FACTOR_CONTRACT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Password";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PREVIOUS_SESSION =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_X509 =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:X509";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PGP =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PGP";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SPKI =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_XMLDSIG =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SMARTCARD_PKI =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SOFTWARE_PKI =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_NOMAD_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_PERSONAL_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_AUTHENTICATED_TELEPHONY =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_SECURED_REMOTE_PASSWORD =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_TLS_CLIENT =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_TIME_SYNC_TOKEN =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken";
+
+    public static final String AUTH_CONTEXT_CLASS_REF_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified";
 
     //
     // ATTRIBUTE NAME FORMAT
     //
-    
-    public static final String ATTRNAME_FORMAT_UNSPECIFIED = 
-        "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
-    
-    public static final String ATTRNAME_FORMAT_URI = 
-        "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
-    
-    public static final String ATTRNAME_FORMAT_BASIC = 
-        "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
+
+    public static final String ATTRNAME_FORMAT_UNSPECIFIED =
+            "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
+
+    public static final String ATTRNAME_FORMAT_URI =
+            "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
+
+    public static final String ATTRNAME_FORMAT_BASIC =
+            "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/AbstractSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/AbstractSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/AbstractSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/AbstractSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -20,6 +20,8 @@ package org.swssf.wss.impl.securityToken
 
 import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityContext;
+import org.swssf.wss.ext.WSSecurityException;
+import org.swssf.wss.ext.WSSecurityToken;
 import org.swssf.wss.securityEvent.AlgorithmSuiteSecurityEvent;
 import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.SecurityToken;
@@ -28,32 +30,61 @@ import org.swssf.xmlsec.ext.XMLSecurityE
 
 import javax.crypto.SecretKey;
 import javax.security.auth.callback.CallbackHandler;
+import javax.xml.namespace.QName;
 import java.security.Key;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAKey;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
 
 /**
  * @author $Author$
  * @version $Revision$ $Date$
  */
-public abstract class AbstractSecurityToken implements SecurityToken {
+public abstract class AbstractSecurityToken implements WSSecurityToken {
+
+    //todo Probably we should introduce a dynamic proxy
+    //for this class which then could test for invocation count and could also be
+    //used for SecurityEvents and such.
+    //prevent recursice key references:
+    private int invocationCount = 0;
 
     private WSSecurityContext wsSecurityContext;
     private Crypto crypto;
     private CallbackHandler callbackHandler;
     private String id;
     private Object processor;
+    private List<QName> elementPath;
     private WSSConstants.KeyIdentifierType keyIdentifierType;
+    private List<SecurityToken> wrappedTokens;
+    private List<TokenUsage> tokenUsages = new ArrayList<TokenUsage>();
+
+    public AbstractSecurityToken(String id) {
+        this.id = id;
+        wrappedTokens = new ArrayList<SecurityToken>();
+    }
 
     public AbstractSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                                 String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
+                                 String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
         this.wsSecurityContext = wsSecurityContext;
         this.crypto = crypto;
         this.callbackHandler = callbackHandler;
         this.id = id;
         this.keyIdentifierType = keyIdentifierType;
-        this.processor = processor;
+        wrappedTokens = new ArrayList<SecurityToken>();
+    }
+
+    private void incrementAndTestInvocationCount() throws WSSecurityException {
+        invocationCount++;
+        if (invocationCount >= 10) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
+        }
+    }
+
+    private void decrementInvocationCount() {
+        invocationCount--;
     }
 
     public WSSConstants.KeyIdentifierType getKeyIdentifierType() {
@@ -68,6 +99,19 @@ public abstract class AbstractSecurityTo
         return processor;
     }
 
+    public void setProcessor(Object processor) {
+        this.processor = processor;
+    }
+
+    @Override
+    public List<QName> getElementPath() {
+        return elementPath;
+    }
+
+    public void setElementPath(List<QName> elementPath) {
+        this.elementPath = Collections.unmodifiableList(elementPath);
+    }
+
     public Crypto getCrypto() {
         return crypto;
     }
@@ -80,6 +124,7 @@ public abstract class AbstractSecurityTo
 
     @Override
     public Key getSecretKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
+        incrementAndTestInvocationCount();
         Key key = getKey(algorithmURI, keyUsage);
         if (key != null && this.wsSecurityContext != null) {
             AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent();
@@ -94,6 +139,7 @@ public abstract class AbstractSecurityTo
             }
             this.wsSecurityContext.registerSecurityEvent(algorithmSuiteSecurityEvent);
         }
+        decrementInvocationCount();
         return key;
     }
 
@@ -101,6 +147,7 @@ public abstract class AbstractSecurityTo
 
     @Override
     public PublicKey getPublicKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage) throws XMLSecurityException {
+        incrementAndTestInvocationCount();
         PublicKey publicKey = getPubKey(algorithmURI, keyUsage);
         if (publicKey != null) {
             AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent();
@@ -113,6 +160,7 @@ public abstract class AbstractSecurityTo
             }
             wsSecurityContext.registerSecurityEvent(algorithmSuiteSecurityEvent);
         }
+        decrementInvocationCount();
         return publicKey;
     }
 
@@ -122,4 +170,31 @@ public abstract class AbstractSecurityTo
 
     public void verify() throws XMLSecurityException {
     }
+
+    @Override
+    public List<SecurityToken> getWrappedTokens() {
+        return Collections.unmodifiableList(wrappedTokens);
+    }
+
+    @Override
+    public void addWrappedToken(SecurityToken securityToken) {
+        wrappedTokens.add(securityToken);
+    }
+
+    @Override
+    public void addTokenUsage(TokenUsage tokenUsage) throws XMLSecurityException {
+        incrementAndTestInvocationCount();
+        if (!this.tokenUsages.contains(tokenUsage)) {
+            this.tokenUsages.add(tokenUsage);
+        }
+        if (getKeyWrappingToken() != null) {
+            getKeyWrappingToken().addTokenUsage(tokenUsage);
+        }
+        decrementInvocationCount();
+    }
+
+    @Override
+    public List<TokenUsage> getTokenUsages() {
+        return tokenUsages;
+    }
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/HttpsSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/HttpsSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/HttpsSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/HttpsSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -46,13 +46,13 @@ public class HttpsSecurityToken extends 
     }
 
     public HttpsSecurityToken(X509Certificate x509Certificate, WSSecurityContext wsSecurityContext) throws WSSecurityException {
-        super(wsSecurityContext, null, null, UUID.randomUUID().toString(), null, null);
+        super(wsSecurityContext, null, null, UUID.randomUUID().toString(), null);
         this.x509Certificate = x509Certificate;
         this.authenticationType = AuthenticationType.httpsClientAuthentication;
     }
 
     public HttpsSecurityToken(boolean basicAuthentication, String username, WSSecurityContext wsSecurityContext) throws WSSecurityException {
-        super(wsSecurityContext, null, null, UUID.randomUUID().toString(), null, null);
+        super(wsSecurityContext, null, null, UUID.randomUUID().toString(), null);
         if (basicAuthentication) {
             this.authenticationType = AuthenticationType.httpBasicAuthentication;
         } else {
@@ -84,10 +84,6 @@ public class HttpsSecurityToken extends 
         return null;
     }
 
-    public String getKeyWrappingTokenAlgorithm() {
-        return null;
-    }
-
     public WSSConstants.TokenType getTokenType() {
         return WSSConstants.HttpsToken;
     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SAMLSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SAMLSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SAMLSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SAMLSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -46,17 +46,17 @@ public class SAMLSecurityToken extends A
     private X509Certificate[] x509Certificate;
 
     public SAMLSecurityToken(SAMLVersion samlVersion, SAMLKeyInfo samlKeyInfo, String issuer,
-                             WSSecurityContext wsSecurityContext,
-                             Crypto crypto, CallbackHandler callbackHandler, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
-        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, null);
+                             WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                             String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.samlVersion = samlVersion;
         this.samlKeyInfo = samlKeyInfo;
         this.issuer = issuer;
     }
 
     public SAMLSecurityToken(SAMLVersion samlVersion, SAMLKeyInfo samlKeyInfo, WSSecurityContext wsSecurityContext,
-                             Crypto crypto, CallbackHandler callbackHandler, String id, Object processor) {
-        super(wsSecurityContext, crypto, callbackHandler, id, null, processor);
+                             Crypto crypto, CallbackHandler callbackHandler, String id) {
+        super(wsSecurityContext, crypto, callbackHandler, id, null);
         this.samlVersion = samlVersion;
         this.samlKeyInfo = samlKeyInfo;
     }
@@ -102,10 +102,6 @@ public class SAMLSecurityToken extends A
         return null;
     }
 
-    public String getKeyWrappingTokenAlgorithm() {
-        return null;
-    }
-
     public XMLSecurityConstants.TokenType getTokenType() {
         if (samlVersion == SAMLVersion.VERSION_10) {
             return WSSConstants.Saml10Token;

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecureConversationSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecureConversationSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecureConversationSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecureConversationSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -40,8 +40,8 @@ public class SecureConversationSecurityT
 
     public SecureConversationSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto,
                                            CallbackHandler callbackHandler, String id,
-                                           WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                                           WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
     }
 
     public boolean isAsymmetric() {
@@ -67,10 +67,6 @@ public class SecureConversationSecurityT
         return null;
     }
 
-    public String getKeyWrappingTokenAlgorithm() {
-        return null;
-    }
-
     public XMLSecurityConstants.TokenType getTokenType() {
         return WSSConstants.SecureConversationToken;
     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java Wed Feb 29 20:54:51 2012
@@ -25,10 +25,7 @@ import org.swssf.binding.wss10.Reference
 import org.swssf.binding.wss10.SecurityTokenReferenceType;
 import org.swssf.binding.xmldsig.KeyInfoType;
 import org.swssf.binding.xmldsig.X509DataType;
-import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.ext.WSSUtils;
-import org.swssf.wss.ext.WSSecurityContext;
-import org.swssf.wss.ext.WSSecurityException;
+import org.swssf.wss.ext.*;
 import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.*;
 import org.swssf.xmlsec.impl.securityToken.SecurityTokenFactory;
@@ -49,25 +46,24 @@ public class SecurityTokenFactoryImpl ex
     }
 
     @Override
-    public SecurityToken getSecurityToken(KeyInfoType keyInfoType, Crypto crypto,
-                                          final CallbackHandler callbackHandler, SecurityContext securityContext,
-                                          Object processor) throws XMLSecurityException {
+    public SecurityToken getSecurityToken(KeyInfoType keyInfoType, Crypto crypto, final CallbackHandler callbackHandler,
+                                          SecurityContext securityContext) throws XMLSecurityException {
         if (keyInfoType != null) {
             final SecurityTokenReferenceType securityTokenReferenceType
                     = XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_wsse_SecurityTokenReference);
-            return getSecurityToken(securityTokenReferenceType, crypto, callbackHandler, securityContext, processor);
+            return getSecurityToken(securityTokenReferenceType, crypto, callbackHandler, securityContext);
         } else if (crypto.getDefaultX509Identifier() != null) {
             return new X509DefaultSecurityToken(
                     (WSSecurityContext) securityContext, crypto, callbackHandler, crypto.getDefaultX509Identifier(),
-                    crypto.getDefaultX509Identifier(), null, processor
+                    crypto.getDefaultX509Identifier(), null
             );
         }
         throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
     }
 
     public static SecurityToken getSecurityToken(SecurityTokenReferenceType securityTokenReferenceType, Crypto crypto,
-                                                 final CallbackHandler callbackHandler, SecurityContext securityContext,
-                                                 Object processor) throws XMLSecurityException {
+                                                 final CallbackHandler callbackHandler, SecurityContext securityContext)
+            throws XMLSecurityException {
         try {
             if (securityTokenReferenceType == null) {
                 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noSecTokRef");
@@ -82,7 +78,7 @@ public class SecurityTokenFactoryImpl ex
             if (x509DataType != null) {
                 return new X509DataSecurityToken((WSSecurityContext) securityContext, crypto, callbackHandler,
                         x509DataType, securityTokenReferenceType.getId(),
-                        WSSConstants.KeyIdentifierType.ISSUER_SERIAL, processor);
+                        WSSConstants.KeyIdentifierType.ISSUER_SERIAL);
             }
             //todo this is not supported by outputProcessor but can be implemented.
             // We'll have a look at the spec if this is allowed
@@ -98,22 +94,22 @@ public class SecurityTokenFactoryImpl ex
                 if (WSSConstants.NS_X509_V3_TYPE.equals(valueType)) {
                     return new X509_V3SecurityToken(
                             (WSSecurityContext) securityContext, crypto, callbackHandler,
-                            binaryContent, securityTokenReferenceType.getId(), WSSConstants.KeyIdentifierType.X509_KEY_IDENTIFIER, processor);
+                            binaryContent, securityTokenReferenceType.getId(), WSSConstants.KeyIdentifierType.X509_KEY_IDENTIFIER);
                 } else if (WSSConstants.NS_X509SubjectKeyIdentifier.equals(valueType)) {
                     return new X509SubjectKeyIdentifierSecurityToken(
                             (WSSecurityContext) securityContext, crypto, callbackHandler, binaryContent,
-                            securityTokenReferenceType.getId(), WSSConstants.KeyIdentifierType.SKI_KEY_IDENTIFIER, processor);
+                            securityTokenReferenceType.getId(), WSSConstants.KeyIdentifierType.SKI_KEY_IDENTIFIER);
                 } else if (WSSConstants.NS_THUMBPRINT.equals(valueType)) {
                     return new ThumbprintSHA1SecurityToken(
                             (WSSecurityContext) securityContext, crypto, callbackHandler, binaryContent,
-                            securityTokenReferenceType.getId(), WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER, processor);
+                            securityTokenReferenceType.getId(), WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER);
                 } else if (WSSConstants.NS_SAML10_TYPE.equals(valueType) || WSSConstants.NS_SAML20_TYPE.equals(valueType)) {
                     SecurityTokenProvider securityTokenProvider = securityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
                     if (securityTokenProvider == null) {
                         throw new WSSecurityException(
                                 WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noToken", keyIdentifierType.getValue());
                     }
-                    return securityTokenProvider.getSecurityToken(crypto);
+                    return securityTokenProvider.getSecurityToken();
                 }
             } else if (referenceType != null) {
 
@@ -141,7 +137,7 @@ public class SecurityTokenFactoryImpl ex
                 if (securityTokenProvider == null) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noToken", uri);
                 }
-                return securityTokenProvider.getSecurityToken(crypto);
+                return securityTokenProvider.getSecurityToken();
             }
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
         } finally {
@@ -149,9 +145,9 @@ public class SecurityTokenFactoryImpl ex
         }
     }
 
-    public static SecurityToken getSecurityToken(
+    public static WSSecurityToken getSecurityToken(
             BinarySecurityTokenType binarySecurityTokenType, SecurityContext securityContext,
-            Crypto crypto, CallbackHandler callbackHandler, Object processor) throws XMLSecurityException {
+            Crypto crypto, CallbackHandler callbackHandler) throws XMLSecurityException {
 
         //only Base64Encoding is supported
         if (!WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING.equals(binarySecurityTokenType.getEncodingType())) {
@@ -163,30 +159,30 @@ public class SecurityTokenFactoryImpl ex
 
         if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) {
             return new X509_V3SecurityToken((WSSecurityContext) securityContext, crypto, callbackHandler,
-                    securityTokenData, binarySecurityTokenType.getId(), WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE, processor);
+                    securityTokenData, binarySecurityTokenType.getId(), WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
         } else if (WSSConstants.NS_X509PKIPathv1.equals(binarySecurityTokenType.getValueType())) {
             return new X509PKIPathv1SecurityToken((WSSecurityContext) securityContext, crypto, callbackHandler,
-                    securityTokenData, binarySecurityTokenType.getId(), WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE, processor);
+                    securityTokenData, binarySecurityTokenType.getId(), WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
         } else {
             throw new WSSecurityException(
                     WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "invalidValueType", binarySecurityTokenType.getValueType());
         }
     }
 
-    public static SecurityToken getSecurityToken(String username, String password, String created, byte[] nonce,
-                                                 byte[] salt, Long iteration, WSSecurityContext wsSecurityContext,
-                                                 String id) throws WSSecurityException {
+    public static WSSecurityToken getSecurityToken(String username, String password, String created, byte[] nonce,
+                                                   byte[] salt, Long iteration, WSSecurityContext wsSecurityContext,
+                                                   String id) throws WSSecurityException {
         return new UsernameSecurityToken(username, password, created, nonce, salt, iteration, wsSecurityContext, id, WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
     }
 
-    public static SecurityToken getSecurityToken(String referencedTokenId, Deque<XMLEvent> xmlEvents,
-                                                 Crypto crypto, CallbackHandler callbackHandler,
-                                                 SecurityContext securityContext, String id, Object processor)
+    public static WSSecurityToken getSecurityToken(String referencedTokenId, Deque<XMLEvent> xmlEvents,
+                                                   CallbackHandler callbackHandler,
+                                                   SecurityContext securityContext, String id)
             throws XMLSecurityException {
 
         return new SecurityTokenReference(
-                securityContext.getSecurityTokenProvider(
-                        referencedTokenId).getSecurityToken(crypto), xmlEvents,
-                (WSSecurityContext) securityContext, crypto, callbackHandler, id, null, processor);
+                securityContext.getSecurityTokenProvider(referencedTokenId).
+                        getSecurityToken(), xmlEvents,
+                (WSSecurityContext) securityContext, callbackHandler, id, null);
     }
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenReference.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenReference.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenReference.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenReference.java Wed Feb 29 20:54:51 2012
@@ -20,7 +20,6 @@ package org.swssf.wss.impl.securityToken
 
 import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityContext;
-import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.SecurityToken;
 import org.swssf.xmlsec.ext.XMLSecurityConstants;
 import org.swssf.xmlsec.ext.XMLSecurityException;
@@ -42,8 +41,8 @@ public class SecurityTokenReference exte
     private Deque<XMLEvent> xmlEvents;
 
     public SecurityTokenReference(SecurityToken securityToken, Deque<XMLEvent> xmlEvents, WSSecurityContext wsSecurityContext,
-                                  Crypto crypto, CallbackHandler callbackHandler, String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                                  CallbackHandler callbackHandler, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(wsSecurityContext, null, callbackHandler, id, keyIdentifierType);
         this.securityToken = securityToken;
         this.xmlEvents = xmlEvents;
     }
@@ -72,14 +71,10 @@ public class SecurityTokenReference exte
         securityToken.verify();
     }
 
-    public SecurityToken getKeyWrappingToken() {
+    public SecurityToken getKeyWrappingToken() throws XMLSecurityException {
         return securityToken.getKeyWrappingToken();
     }
 
-    public String getKeyWrappingTokenAlgorithm() {
-        return securityToken.getKeyWrappingTokenAlgorithm();
-    }
-
     public XMLSecurityConstants.TokenType getTokenType() {
         return securityToken.getTokenType();
     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/ThumbprintSHA1SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/ThumbprintSHA1SecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/ThumbprintSHA1SecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/ThumbprintSHA1SecurityToken.java Wed Feb 29 20:54:51 2012
@@ -18,8 +18,6 @@
  */
 package org.swssf.wss.impl.securityToken;
 
-import java.security.cert.X509Certificate;
-
 import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityContext;
 import org.swssf.xmlsec.crypto.Crypto;
@@ -27,6 +25,7 @@ import org.swssf.xmlsec.crypto.CryptoTyp
 import org.swssf.xmlsec.ext.XMLSecurityException;
 
 import javax.security.auth.callback.CallbackHandler;
+import java.security.cert.X509Certificate;
 
 /**
  * @author $Author$
@@ -37,8 +36,8 @@ public class ThumbprintSHA1SecurityToken
     private byte[] binaryContent;
 
     ThumbprintSHA1SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler, byte[] binaryContent,
-                                String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                                String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.binaryContent = binaryContent;
     }
 
@@ -47,7 +46,7 @@ public class ThumbprintSHA1SecurityToken
             CryptoType cryptoType = new CryptoType(CryptoType.TYPE.THUMBPRINT_SHA1);
             cryptoType.setBytes(binaryContent);
             X509Certificate[] certs = getCrypto().getX509Certificates(cryptoType);
-            
+
             this.alias = getCrypto().getX509Identifier(certs[0]);
         }
         return this.alias;

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/UsernameSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/UsernameSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/UsernameSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/UsernameSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -50,7 +50,7 @@ public class UsernameSecurityToken exten
 
     public UsernameSecurityToken(String username, String password, String created, byte[] nonce, byte[] salt, Long iteration,
                                  WSSecurityContext wsSecurityContext, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
-        super(wsSecurityContext, null, null, id, keyIdentifierType, null);
+        super(wsSecurityContext, null, null, id, keyIdentifierType);
         this.username = username;
         this.password = password;
         this.created = created;
@@ -60,8 +60,8 @@ public class UsernameSecurityToken exten
     }
 
     public UsernameSecurityToken(String username, String password, String created, byte[] nonce, byte[] salt, Long iteration,
-                                 String id, Object processor) {
-        super(null, null, null, id, null, processor);
+                                 String id) {
+        super(null, null, null, id, null);
         this.username = username;
         this.password = password;
         this.created = created;
@@ -247,10 +247,6 @@ public class UsernameSecurityToken exten
         return null;
     }
 
-    public String getKeyWrappingTokenAlgorithm() {
-        return null;
-    }
-
     public WSSConstants.TokenType getTokenType() {
         return WSSConstants.UsernameToken;
     }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DataSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DataSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DataSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DataSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -18,8 +18,6 @@
  */
 package org.swssf.wss.impl.securityToken;
 
-import java.security.cert.X509Certificate;
-
 import org.swssf.binding.xmldsig.X509DataType;
 import org.swssf.binding.xmldsig.X509IssuerSerialType;
 import org.swssf.wss.ext.WSSConstants;
@@ -30,6 +28,7 @@ import org.swssf.xmlsec.ext.XMLSecurityE
 import org.swssf.xmlsec.ext.XMLSecurityUtils;
 
 import javax.security.auth.callback.CallbackHandler;
+import java.security.cert.X509Certificate;
 
 /**
  * @author $Author$
@@ -41,8 +40,8 @@ public class X509DataSecurityToken exten
     protected X509DataType x509DataType;
 
     X509DataSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                          X509DataType x509DataType, String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                          X509DataType x509DataType, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.x509DataType = x509DataType;
     }
 

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DefaultSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DefaultSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DefaultSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509DefaultSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -33,8 +33,8 @@ public class X509DefaultSecurityToken ex
     private String alias = null;
 
     X509DefaultSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                             String alias, String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                             String alias, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.alias = alias;
     }
 

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509PKIPathv1SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509PKIPathv1SecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509PKIPathv1SecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509PKIPathv1SecurityToken.java Wed Feb 29 20:54:51 2012
@@ -24,7 +24,6 @@ import org.swssf.xmlsec.crypto.Crypto;
 import org.swssf.xmlsec.ext.XMLSecurityException;
 
 import javax.security.auth.callback.CallbackHandler;
-
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.security.cert.CertPath;
@@ -44,9 +43,9 @@ public class X509PKIPathv1SecurityToken 
     private X509Certificate[] x509Certificates;
 
     X509PKIPathv1SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                               byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) throws XMLSecurityException {
-        super(WSSConstants.X509PkiPathV1Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
-        
+                               byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType) throws XMLSecurityException {
+        super(WSSConstants.X509PkiPathV1Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
+
         InputStream in = new ByteArrayInputStream(binaryContent);
         try {
             CertPath certPath = getCrypto().getCertificateFactory().generateCertPath(in);

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SecurityToken.java Wed Feb 29 20:54:51 2012
@@ -45,8 +45,8 @@ public abstract class X509SecurityToken 
 
     protected X509SecurityToken(XMLSecurityConstants.TokenType tokenType, WSSecurityContext wsSecurityContext,
                                 Crypto crypto, CallbackHandler callbackHandler, String id,
-                                WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                                WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.tokenType = tokenType;
     }
 
@@ -101,11 +101,6 @@ public abstract class X509SecurityToken 
         return null;
     }
 
-    @Override
-    public String getKeyWrappingTokenAlgorithm() {
-        return null;
-    }
-
     protected abstract String getAlias() throws XMLSecurityException;
 
     @Override

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java Wed Feb 29 20:54:51 2012
@@ -18,8 +18,6 @@
  */
 package org.swssf.wss.impl.securityToken;
 
-import java.security.cert.X509Certificate;
-
 import org.swssf.wss.ext.WSSConstants;
 import org.swssf.wss.ext.WSSecurityContext;
 import org.swssf.xmlsec.crypto.Crypto;
@@ -27,6 +25,7 @@ import org.swssf.xmlsec.crypto.CryptoTyp
 import org.swssf.xmlsec.ext.XMLSecurityException;
 
 import javax.security.auth.callback.CallbackHandler;
+import java.security.cert.X509Certificate;
 
 /**
  * @author $Author$
@@ -37,8 +36,8 @@ public class X509SubjectKeyIdentifierSec
     private byte[] binaryContent;
 
     X509SubjectKeyIdentifierSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                                          byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                                          byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
+        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.binaryContent = binaryContent;
     }
 

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509_V3SecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509_V3SecurityToken.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509_V3SecurityToken.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/X509_V3SecurityToken.java Wed Feb 29 20:54:51 2012
@@ -36,8 +36,8 @@ public class X509_V3SecurityToken extend
     private X509Certificate[] x509Certificates;
 
     X509_V3SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler, byte[] binaryContent,
-                         String id, WSSConstants.KeyIdentifierType keyIdentifierType, Object processor) throws XMLSecurityException {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, processor);
+                         String id, WSSConstants.KeyIdentifierType keyIdentifierType) throws XMLSecurityException {
+        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType);
         this.x509Certificates = new X509Certificate[]{getCrypto().loadCertificate(new ByteArrayInputStream(binaryContent))};
     }
 

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java Wed Feb 29 20:54:51 2012
@@ -21,6 +21,8 @@ package org.swssf.wss.securityEvent;
 import org.swssf.xmlsec.ext.SecurityToken;
 
 import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -28,8 +30,7 @@ import javax.xml.namespace.QName;
  */
 public class ContentEncryptedElementSecurityEvent extends SecurityEvent {
 
-    //todo xpath or something unique
-    private QName element; //parent element
+    private List<QName> pathElements; //parent element
     private boolean encrypted;
     private SecurityToken securityToken;
     private boolean signedContent;
@@ -41,12 +42,12 @@ public class ContentEncryptedElementSecu
         this.signedContent = signedContent;
     }
 
-    public QName getElement() {
-        return element;
+    public List<QName> getElementPath() {
+        return pathElements;
     }
 
-    public void setElement(QName element) {
-        this.element = element;
+    public void setElementPath(List<QName> elementPath) {
+        this.pathElements = new LinkedList<QName>(elementPath);
     }
 
     public boolean isEncrypted() {

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java Wed Feb 29 20:54:51 2012
@@ -21,6 +21,8 @@ package org.swssf.wss.securityEvent;
 import org.swssf.xmlsec.ext.SecurityToken;
 
 import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -28,8 +30,7 @@ import javax.xml.namespace.QName;
  */
 public class EncryptedElementSecurityEvent extends SecurityEvent {
 
-    //todo xpath or something unique
-    private QName element;
+    private List<QName> elementPath;
     private boolean encrypted;
     private SecurityToken securityToken;
     private boolean signedContent;
@@ -41,12 +42,12 @@ public class EncryptedElementSecurityEve
         this.signedContent = signedContent;
     }
 
-    public QName getElement() {
-        return element;
+    public List<QName> getElementPath() {
+        return elementPath;
     }
 
-    public void setElement(QName element) {
-        this.element = element;
+    public void setElementPath(List<QName> elementPath) {
+        this.elementPath = new LinkedList<QName>(elementPath);
     }
 
     public boolean isEncrypted() {

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java?rev=1295267&r1=1295266&r2=1295267&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java Wed Feb 29 20:54:51 2012
@@ -21,6 +21,8 @@ package org.swssf.wss.securityEvent;
 import org.swssf.xmlsec.ext.SecurityToken;
 
 import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
 
 /**
  * @author $Author$
@@ -28,8 +30,7 @@ import javax.xml.namespace.QName;
  */
 public class EncryptedPartSecurityEvent extends SecurityEvent {
 
-    //todo xpath or something unique
-    private QName element;
+    private List<QName> elementPath;
     private boolean encrypted;
     private SecurityToken securityToken;
     private boolean signedContent;
@@ -41,12 +42,12 @@ public class EncryptedPartSecurityEvent 
         this.signedContent = signedContent;
     }
 
-    public QName getElement() {
-        return element;
+    public List<QName> getElementPath() {
+        return elementPath;
     }
 
-    public void setElement(QName element) {
-        this.element = element;
+    public void setElementPath(List<QName> elementPath) {
+        this.elementPath = new LinkedList<QName>(elementPath);
     }
 
     public boolean isEncrypted() {



Mime
View raw message