ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1463136 [9/11] - in /webservices/wss4j/trunk: cxf-integration/src/main/java/org/apache/wss4j/cxfIntegration/interceptor/ integration/src/test/java/org/apache/wss4j/integration/test/stax/ ws-security-common/src/main/java/org/apache/wss4j/co...
Date Mon, 01 Apr 2013 13:57:35 GMT
Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java Mon Apr  1 13:57:32 2013
@@ -24,19 +24,18 @@ import org.apache.wss4j.binding.wss10.Se
 import org.apache.wss4j.common.bsp.BSPRule;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
 import org.apache.wss4j.stax.ext.WSSUtils;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.*;
 import org.apache.xml.security.binding.xmldsig.*;
 import org.apache.xml.security.binding.xmldsig11.ECKeyValueType;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.*;
-import org.apache.xml.security.stax.impl.securityToken.DsaKeyValueSecurityToken;
-import org.apache.xml.security.stax.impl.securityToken.ECKeyValueSecurityToken;
-import org.apache.xml.security.stax.impl.securityToken.RsaKeyValueSecurityToken;
-import org.apache.xml.security.stax.impl.securityToken.SecurityTokenFactory;
-import org.opensaml.common.SAMLVersion;
+import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
+import org.apache.xml.security.stax.securityToken.SecurityTokenFactory;
+import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
 
 import javax.security.auth.callback.CallbackHandler;
 import java.security.MessageDigest;
@@ -45,7 +44,7 @@ import java.util.Arrays;
 import java.util.List;
 
 /**
- * Factory to create SecurityToken Objects from keys in XML
+ * Factory to create InboundSecurityToken Objects from keys in XML
  */
 public class SecurityTokenFactoryImpl extends SecurityTokenFactory {
 
@@ -53,14 +52,14 @@ public class SecurityTokenFactoryImpl ex
     }
 
     @Override
-    public SecurityToken getSecurityToken(KeyInfoType keyInfoType, SecurityToken.KeyInfoUsage keyInfoUsage,
-                                          XMLSecurityProperties securityProperties, SecurityContext securityContext)
+    public InboundSecurityToken getSecurityToken(KeyInfoType keyInfoType, WSSecurityTokenConstants.KeyUsage keyInfoUsage,
+                                          XMLSecurityProperties securityProperties, InboundSecurityContext inboundSecurityContext)
             throws XMLSecurityException {
 
         Crypto crypto = null;
-        if (keyInfoUsage == SecurityToken.KeyInfoUsage.SIGNATURE_VERIFICATION) {
+        if (WSSecurityTokenConstants.KeyUsage_Signature_Verification.equals(keyInfoUsage)) {
             crypto = ((WSSSecurityProperties) securityProperties).getSignatureVerificationCrypto();
-        } else if (keyInfoUsage == SecurityToken.KeyInfoUsage.DECRYPTION) {
+        } else if (WSSecurityTokenConstants.KeyUsage_Decryption.equals(keyInfoUsage)) {
             crypto = ((WSSSecurityProperties) securityProperties).getDecryptionCrypto();
         }
 
@@ -68,26 +67,26 @@ public class SecurityTokenFactoryImpl ex
             final SecurityTokenReferenceType securityTokenReferenceType
                     = XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_wsse_SecurityTokenReference);
             if (securityTokenReferenceType != null) {
-                return getSecurityToken(securityTokenReferenceType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), securityContext,
+                return getSecurityToken(securityTokenReferenceType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), inboundSecurityContext,
                                         ((WSSSecurityProperties)securityProperties));
             }
             final KeyValueType keyValueType
                     = XMLSecurityUtils.getQNameType(keyInfoType.getContent(), WSSConstants.TAG_dsig_KeyValue);
             if (keyValueType != null) {
-                return getSecurityToken(keyValueType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), securityContext);
+                return getSecurityToken(keyValueType, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), inboundSecurityContext);
             }
 
         } else if (crypto.getDefaultX509Identifier() != null) {
-            return new X509DefaultSecurityToken(
-                    (WSSecurityContext) securityContext, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), crypto.getDefaultX509Identifier(),
+            return new X509DefaultSecurityTokenImpl(
+                    (WSInboundSecurityContext) inboundSecurityContext, crypto, ((WSSSecurityProperties)securityProperties).getCallbackHandler(), crypto.getDefaultX509Identifier(),
                     crypto.getDefaultX509Identifier(), null, ((WSSSecurityProperties)securityProperties)
             );
         }
         throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
     }
 
-    public static SecurityToken getSecurityToken(SecurityTokenReferenceType securityTokenReferenceType, Crypto crypto,
-                                                 final CallbackHandler callbackHandler, SecurityContext securityContext,
+    public static InboundSecurityToken getSecurityToken(SecurityTokenReferenceType securityTokenReferenceType, Crypto crypto,
+                                                 final CallbackHandler callbackHandler, InboundSecurityContext inboundSecurityContext,
                                                  WSSSecurityProperties securityProperties)
             throws XMLSecurityException {
 
@@ -100,7 +99,7 @@ public class SecurityTokenFactoryImpl ex
             }
 
             if (securityTokenReferenceType.getAny().size() > 1) {
-                ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3061);
+                ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3061);
             }
             
             //todo BSP.R3027 KeyName? not supported ATM
@@ -108,9 +107,9 @@ public class SecurityTokenFactoryImpl ex
             final X509DataType x509DataType
                     = XMLSecurityUtils.getQNameType(securityTokenReferenceType.getAny(), WSSConstants.TAG_dsig_X509Data);
             if (x509DataType != null) {
-                return new X509DataSecurityToken((WSSecurityContext) securityContext, crypto, callbackHandler,
+                return new X509DataSecurityTokenImpl((WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler,
                         x509DataType, securityTokenReferenceType.getId(),
-                        WSSConstants.WSSKeyIdentifierType.ISSUER_SERIAL,
+                        WSSecurityTokenConstants.KeyIdentifier_IssuerSerial,
                         securityProperties);
             }
             
@@ -124,7 +123,7 @@ public class SecurityTokenFactoryImpl ex
             if (keyIdentifierType != null) {
                 String valueType = keyIdentifierType.getValueType();
                 if (valueType == null) {
-                    ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3054);
+                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3054);
                 }
                 String encodingType = keyIdentifierType.getEncodingType();
 
@@ -133,44 +132,46 @@ public class SecurityTokenFactoryImpl ex
                     binaryContent = Base64.decodeBase64(keyIdentifierType.getValue());
                 } else if (!WSSConstants.NS_SAML10_TYPE.equals(valueType) && !WSSConstants.NS_SAML20_TYPE.equals(valueType)) {
                     if (encodingType == null) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3070);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3070);
                     } else {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3071);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3071);
                     }
                 } else if (encodingType != null 
                         && (WSSConstants.NS_SAML10_TYPE.equals(valueType) || WSSConstants.NS_SAML20_TYPE.equals(valueType))) {
-                    ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R6604);
+                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6604);
                 }
 
                 if (WSSConstants.NS_X509_V3_TYPE.equals(valueType)) {
-                    return new X509_V3SecurityToken(
-                            (WSSecurityContext) securityContext, crypto, callbackHandler,
-                            binaryContent, securityTokenReferenceType.getId(), WSSConstants.WSSKeyIdentifierType.X509_KEY_IDENTIFIER,
+                    return new X509_V3SecurityTokenImpl(
+                            (WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler,
+                            binaryContent, securityTokenReferenceType.getId(), WSSecurityTokenConstants.KeyIdentifier_X509KeyIdentifier,
                             securityProperties);
                 } else if (WSSConstants.NS_X509SubjectKeyIdentifier.equals(valueType)) {
-                    return new X509SubjectKeyIdentifierSecurityToken(
-                            (WSSecurityContext) securityContext, crypto, callbackHandler, binaryContent,
-                            securityTokenReferenceType.getId(), WSSConstants.WSSKeyIdentifierType.SKI_KEY_IDENTIFIER,
+                    return new X509SubjectKeyIdentifierSecurityTokenImpl(
+                            (WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, binaryContent,
+                            securityTokenReferenceType.getId(), WSSecurityTokenConstants.KeyIdentifier_SkiKeyIdentifier,
                             securityProperties);
                 } else if (WSSConstants.NS_THUMBPRINT.equals(valueType)) {
-                    return new ThumbprintSHA1SecurityToken(
-                            (WSSecurityContext) securityContext, crypto, callbackHandler, binaryContent,
-                            securityTokenReferenceType.getId(), WSSConstants.WSSKeyIdentifierType.THUMBPRINT_IDENTIFIER,
+                    return new ThumbprintSHA1SecurityTokenImpl(
+                            (WSInboundSecurityContext) inboundSecurityContext, crypto, callbackHandler, binaryContent,
+                            securityTokenReferenceType.getId(), WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier,
                             securityProperties);
                 } else if (WSSConstants.NS_SAML10_TYPE.equals(valueType) || WSSConstants.NS_SAML20_TYPE.equals(valueType)) {
                     if (WSSConstants.NS_SAML20_TYPE.equals(valueType) && !WSSConstants.NS_SAML20_TOKEN_PROFILE_TYPE.equals(tokenType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R6617);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6617);
                     } else if (WSSConstants.NS_SAML10_TYPE.equals(valueType) && !WSSConstants.NS_SAML11_TOKEN_PROFILE_TYPE.equals(tokenType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R6611);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6611);
                     }
-                    SecurityTokenProvider securityTokenProvider = securityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
+                    SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider =
+                            inboundSecurityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
                     if (securityTokenProvider == null) {
                         throw new WSSecurityException(
                                 WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noToken", keyIdentifierType.getValue());
                     }
                     return securityTokenProvider.getSecurityToken();
                 } else if (WSSConstants.NS_Kerberos5_AP_REQ_SHA1.equals(valueType)) {
-                    SecurityTokenProvider securityTokenProvider = securityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
+                    SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider =
+                            inboundSecurityContext.getSecurityTokenProvider(keyIdentifierType.getValue());
                     if (securityTokenProvider != null) {
                         return securityTokenProvider.getSecurityToken();
                     }
@@ -183,15 +184,15 @@ public class SecurityTokenFactoryImpl ex
                     }
 
                     //ok we have to find the token via digesting...
-                    List<SecurityTokenProvider> securityTokenProviders = securityContext.getRegisteredSecurityTokenProviders();
+                    List<SecurityTokenProvider<? extends InboundSecurityToken>> securityTokenProviders = inboundSecurityContext.getRegisteredSecurityTokenProviders();
                     for (int i = 0; i < securityTokenProviders.size(); i++) {
-                        SecurityTokenProvider tokenProvider = securityTokenProviders.get(i);
-                        SecurityToken securityToken = tokenProvider.getSecurityToken();
-                        if (securityToken instanceof KerberosServiceSecurityToken) {
-                            KerberosServiceSecurityToken kerberosSecurityToken = (KerberosServiceSecurityToken)securityToken;
+                        SecurityTokenProvider<? extends InboundSecurityToken> tokenProvider = securityTokenProviders.get(i);
+                        InboundSecurityToken inboundSecurityToken = tokenProvider.getSecurityToken();
+                        if (inboundSecurityToken instanceof KerberosServiceSecurityToken) {
+                            KerberosServiceSecurityToken kerberosSecurityToken = (KerberosServiceSecurityToken)inboundSecurityToken;
                             byte[] tokenDigest = messageDigest.digest(kerberosSecurityToken.getBinaryContent());
                             if (Arrays.equals(tokenDigest, binaryContent)) {
-                                return securityToken;
+                                return inboundSecurityToken;
                             }
                         }
                     }
@@ -199,7 +200,7 @@ public class SecurityTokenFactoryImpl ex
                             WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noToken", keyIdentifierType.getValue());
                 } else {
                     //we do enforce BSP compliance here but will fail anyway since we cannot identify the referenced token
-                    ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3063);
+                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3063);
                 }
             }
 
@@ -211,11 +212,11 @@ public class SecurityTokenFactoryImpl ex
                 String uri = referenceType.getURI();
                 if (uri == null) {
                     //we do enforce BSP compliance here but will fail anyway since we cannot identify the referenced token
-                    ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3062);
+                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3062);
                     throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "badReferenceURI");
                 }
                 if (!uri.startsWith("#")) {
-                    ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R5204);
+                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R5204);
                 }
                 uri = WSSUtils.dropReferenceMarker(uri);
                 //referenced BST:*/
@@ -223,7 +224,7 @@ public class SecurityTokenFactoryImpl ex
                 //stored in the context. Otherwise we will abort now.
 
                 //prevent recursive key reference DOS:
-                Integer invokeCount = securityContext.<Integer>get("" + Thread.currentThread().hashCode());
+                Integer invokeCount = inboundSecurityContext.<Integer>get("" + Thread.currentThread().hashCode());
                 if (invokeCount == null) {
                     invokeCount = 0;
                 }
@@ -231,66 +232,67 @@ public class SecurityTokenFactoryImpl ex
                 if (invokeCount == 10) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
                 }
-                securityContext.put("" + Thread.currentThread().hashCode(), invokeCount);
+                inboundSecurityContext.put("" + Thread.currentThread().hashCode(), invokeCount);
 
-                SecurityTokenProvider securityTokenProvider = securityContext.getSecurityTokenProvider(uri);
+                SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider = inboundSecurityContext.getSecurityTokenProvider(uri);
                 if (securityTokenProvider == null) {
                     throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "noToken", uri);
                 }
                 if (securityTokenProvider.getSecurityToken() instanceof SecurityTokenReference) {
-                    ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3057);
-                } else if (securityTokenProvider.getSecurityToken() instanceof X509PKIPathv1SecurityToken) {
+                    ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3057);
+                } else if (securityTokenProvider.getSecurityToken() instanceof X509PKIPathv1SecurityTokenImpl) {
                     String valueType = referenceType.getValueType();
                     if (!WSSConstants.NS_X509PKIPathv1.equals(valueType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3058);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3058);
                     }
                     if (!WSSConstants.NS_X509PKIPathv1.equals(tokenType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R5215);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R5215);
                     }
                 } else if (securityTokenProvider.getSecurityToken() instanceof X509SecurityToken) {
                     String valueType = referenceType.getValueType();
                     if (!WSSConstants.NS_X509_V3_TYPE.equals(valueType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R3058);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R3058);
                     }
                 } else if (securityTokenProvider.getSecurityToken() instanceof UsernameSecurityToken) {
                     String valueType = referenceType.getValueType();
                     if (!WSSConstants.NS_USERNAMETOKEN_PROFILE_UsernameToken.equals(valueType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R4214);
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R4214);
                     }
-                } else if (securityTokenProvider.getSecurityToken() instanceof SAMLSecurityToken) {
-                    SAMLVersion samlVersion = 
-                            ((SAMLSecurityToken)securityTokenProvider.getSecurityToken()).getSamlVersion();
-                    if (samlVersion == SAMLVersion.VERSION_20) {
+                } else if (securityTokenProvider.getSecurityToken() instanceof SamlSecurityToken) {
+                    WSSecurityTokenConstants.TokenType samlTokenType = securityTokenProvider.getSecurityToken().getTokenType();
+                    if (WSSecurityTokenConstants.Saml20Token.equals(samlTokenType)) {
                         String valueType = referenceType.getValueType();
                         if (valueType != null && !"".equals(valueType)) {
-                            ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R6614);
+                            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6614);
                         }
                         if (!WSSConstants.NS_SAML20_TOKEN_PROFILE_TYPE.equals(tokenType)) {
-                            ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R6617);
+                            ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6617);
                         }
-                    } else if (samlVersion == SAMLVersion.VERSION_10 && !WSSConstants.NS_SAML11_TOKEN_PROFILE_TYPE.equals(tokenType)) {
-                        ((WSSecurityContext) securityContext).handleBSPRule(BSPRule.R6611);
+                    } else if (WSSecurityTokenConstants.Saml10Token.equals(samlTokenType) &&
+                            !WSSConstants.NS_SAML11_TOKEN_PROFILE_TYPE.equals(tokenType)) {
+                        ((WSInboundSecurityContext) inboundSecurityContext).handleBSPRule(BSPRule.R6611);
                     }
-                } 
-                
+                }
                 
                 return securityTokenProvider.getSecurityToken();
             }
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noKeyinfo");
         } finally {
-            securityContext.remove("" + Thread.currentThread().hashCode());
+            inboundSecurityContext.remove("" + Thread.currentThread().hashCode());
         }
     }
 
-    public static SecurityToken getSecurityToken(KeyValueType keyValueType, final Crypto crypto,
+    public static InboundSecurityToken getSecurityToken(KeyValueType keyValueType, final Crypto crypto,
                                                  final CallbackHandler callbackHandler, SecurityContext securityContext)
             throws XMLSecurityException {
 
+        //todo *KeyValueSecurityToken verify() inline in classes
+        //todo either handover crypto to verify() or to constructor
         final RSAKeyValueType rsaKeyValueType
                 = XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_RSAKeyValue);
         if (rsaKeyValueType != null) {
-            return new RsaKeyValueSecurityToken(rsaKeyValueType, (WSSecurityContext) securityContext,
-                    WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+            return new RsaKeyValueSecurityTokenImpl(rsaKeyValueType, (WSInboundSecurityContext) securityContext,
+                    WSSecurityTokenConstants.KeyIdentifier_KeyValue) {
                 @Override
                 public void verify() throws XMLSecurityException {
                     crypto.verifyTrust(getPubKey("", null, null));
@@ -300,8 +302,8 @@ public class SecurityTokenFactoryImpl ex
         final DSAKeyValueType dsaKeyValueType
                 = XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig_DSAKeyValue);
         if (dsaKeyValueType != null) {
-            return new DsaKeyValueSecurityToken(dsaKeyValueType, (WSSecurityContext) securityContext,
-                    WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+            return new DsaKeyValueSecurityTokenImpl(dsaKeyValueType, (WSInboundSecurityContext) securityContext,
+                    WSSecurityTokenConstants.KeyIdentifier_KeyValue) {
                 @Override
                 public void verify() throws XMLSecurityException {
                     crypto.verifyTrust(getPubKey("", null, null));
@@ -311,8 +313,8 @@ public class SecurityTokenFactoryImpl ex
         final ECKeyValueType ecKeyValueType
                 = XMLSecurityUtils.getQNameType(keyValueType.getContent(), WSSConstants.TAG_dsig11_ECKeyValue);
         if (ecKeyValueType != null) {
-            return new ECKeyValueSecurityToken(ecKeyValueType, (WSSecurityContext) securityContext,
-                    WSSConstants.WSSKeyIdentifierType.KEY_VALUE) {
+            return new ECKeyValueSecurityTokenImpl(ecKeyValueType, (WSInboundSecurityContext) securityContext,
+                    WSSecurityTokenConstants.KeyIdentifier_KeyValue) {
                 @Override
                 public void verify() throws XMLSecurityException {
                     crypto.verifyTrust(getPubKey("", null, null));

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReferenceImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReference.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReferenceImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReferenceImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReference.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReference.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReferenceImpl.java Mon Apr  1 13:57:32 2013
@@ -18,12 +18,14 @@
  */
 package org.apache.wss4j.stax.impl.securityToken;
 
-import org.apache.wss4j.stax.ext.WSSConstants;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
+import org.apache.wss4j.stax.securityToken.SecurityTokenReference;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
+import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
 
 import java.security.Key;
 import java.security.PublicKey;
@@ -31,15 +33,16 @@ import java.security.cert.X509Certificat
 import java.util.Deque;
 import java.util.Map;
 
-public class SecurityTokenReference extends InboundSecurityTokenImpl {
+public class SecurityTokenReferenceImpl extends AbstractInboundSecurityToken implements SecurityTokenReference {
 
-    private final SecurityToken securityToken;
+    private final InboundSecurityToken inboundSecurityToken;
     private final Deque<XMLSecEvent> xmlSecEvents;
 
-    public SecurityTokenReference(SecurityToken securityToken, Deque<XMLSecEvent> xmlSecEvents, WSSecurityContext wsSecurityContext,
-                                  String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
-        super(wsSecurityContext, id, keyIdentifierType);
-        this.securityToken = securityToken;
+    public SecurityTokenReferenceImpl(InboundSecurityToken inboundSecurityToken, Deque<XMLSecEvent> xmlSecEvents,
+                                      WSInboundSecurityContext wsInboundSecurityContext, String id,
+                                      WSSecurityTokenConstants.KeyIdentifier keyIdentifier) {
+        super(wsInboundSecurityContext, id, keyIdentifier);
+        this.inboundSecurityToken = inboundSecurityToken;
         this.xmlSecEvents = xmlSecEvents;
     }
 
@@ -49,48 +52,48 @@ public class SecurityTokenReference exte
 
     @Override
     public boolean isAsymmetric() throws XMLSecurityException {
-        return securityToken.isAsymmetric();
+        return inboundSecurityToken.isAsymmetric();
     }
 
     @Override
     public Map<String, Key> getSecretKey() throws XMLSecurityException {
-        return securityToken.getSecretKey();
+        return inboundSecurityToken.getSecretKey();
     }
 
     @Override
-    protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
+    protected Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
                          String correlationID) throws XMLSecurityException {
-        return securityToken.getSecretKey(algorithmURI, keyUsage, correlationID);
+        return inboundSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID);
     }
 
     @Override
     public PublicKey getPublicKey() throws XMLSecurityException {
-        return securityToken.getPublicKey();
+        return inboundSecurityToken.getPublicKey();
     }
 
     @Override
-    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
+    protected PublicKey getPubKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
                                   String correlationID) throws XMLSecurityException {
-        return securityToken.getPublicKey(algorithmURI, keyUsage, correlationID);
+        return inboundSecurityToken.getPublicKey(algorithmURI, algorithmUsage, correlationID);
     }
 
     @Override
     public X509Certificate[] getX509Certificates() throws XMLSecurityException {
-        return securityToken.getX509Certificates();
+        return inboundSecurityToken.getX509Certificates();
     }
 
     @Override
     public void verify() throws XMLSecurityException {
-        securityToken.verify();
+        inboundSecurityToken.verify();
     }
 
     @Override
-    public SecurityToken getKeyWrappingToken() throws XMLSecurityException {
-        return securityToken.getKeyWrappingToken();
+    public InboundSecurityToken getKeyWrappingToken() throws XMLSecurityException {
+        return inboundSecurityToken.getKeyWrappingToken();
     }
 
     @Override
-    public XMLSecurityConstants.TokenType getTokenType() {
-        return securityToken.getTokenType();
+    public WSSecurityTokenConstants.TokenType getTokenType() {
+        return inboundSecurityToken.getTokenType();
     }
 }

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -20,23 +20,23 @@ package org.apache.wss4j.stax.impl.secur
 
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
-import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 
 import javax.security.auth.callback.CallbackHandler;
 import java.security.cert.X509Certificate;
 
-public class ThumbprintSHA1SecurityToken extends X509SecurityToken {
+public class ThumbprintSHA1SecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
     private final byte[] binaryContent;
 
-    ThumbprintSHA1SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                                byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType,
-                                WSSSecurityProperties securityProperties) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, securityProperties);
+    ThumbprintSHA1SecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                                    byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
+                                    WSSSecurityProperties securityProperties) {
+        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
         this.binaryContent = binaryContent;
     }
 

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -18,50 +18,81 @@
  */
 package org.apache.wss4j.stax.impl.securityToken;
 
+import org.apache.wss4j.common.bsp.BSPRule;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSConstants;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.UsernameSecurityToken;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.config.JCEAlgorithmMapper;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.impl.securityToken.AbstractInboundSecurityToken;
 
 import javax.crypto.spec.SecretKeySpec;
+import javax.security.auth.Subject;
+import java.io.UnsupportedEncodingException;
 import java.security.Key;
-
-public class UsernameSecurityToken extends InboundSecurityTokenImpl {
-
-    private final UsernameToken usernameToken;
-    private final WSSecurityContext wsSecurityContext;
-
-    public UsernameSecurityToken(String username, String password, String created, byte[] nonce, byte[] salt, Long iteration,
-                                 WSSecurityContext wsSecurityContext, String id, WSSConstants.KeyIdentifierType keyIdentifierType) {
-        super(wsSecurityContext, id, keyIdentifierType);
-        this.usernameToken = new UsernameToken(username, password, created, nonce, salt, iteration);
-        this.wsSecurityContext = wsSecurityContext;
-    }
-
-    public String getUsername() {
-        return usernameToken.getUsername();
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+
+public class UsernameSecurityTokenImpl extends AbstractInboundSecurityToken implements UsernameSecurityToken {
+
+    private static final long DEFAULT_ITERATION = 1000;
+
+    private WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType;
+    private String username;
+    private String password;
+    private String createdTime;
+    private String nonce;
+    private byte[] salt;
+    private Long iteration;
+    private final WSInboundSecurityContext wsInboundSecurityContext;
+    private Subject subject;
+    private Principal principal;
+
+    public UsernameSecurityTokenImpl(WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType,
+                                     String username, String password, String createdTime, String nonce,
+                                     byte[] salt, Long iteration,
+                                     WSInboundSecurityContext wsInboundSecurityContext, String id,
+                                     WSSecurityTokenConstants.KeyIdentifier keyIdentifier) {
+        super(wsInboundSecurityContext, id, keyIdentifier);
+        this.usernameTokenPasswordType = usernameTokenPasswordType;
+        this.username = username;
+        this.password = password;
+        this.createdTime = createdTime;
+        this.nonce = nonce;
+        this.salt = salt;
+        this.iteration = iteration;
+        this.wsInboundSecurityContext = wsInboundSecurityContext;
     }
 
-    public String getPassword() {
-        return usernameToken.getPassword();
+    @Override
+    public boolean isAsymmetric() throws XMLSecurityException {
+        return false;
     }
 
-    public String getCreated() {
-        return usernameToken.getCreated();
-    }
+    @Override
+    protected Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
+                         String correlationID) throws XMLSecurityException {
 
-    public byte[] getNonce() {
-        return usernameToken.getNonce();
-    }
+        Key key = getSecretKey().get(algorithmURI);
+        if (key != null) {
+            return key;
+        }
 
-    public byte[] getSalt() {
-        return usernameToken.getSalt();
+        byte[] secretToken = generateDerivedKey(wsInboundSecurityContext);
+        String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
+        key = new SecretKeySpec(secretToken, algoFamily);
+        setSecretKey(algorithmURI, key);
+        return key;
     }
 
-    public Long getIteration() {
-        return usernameToken.getIteration();
+    @Override
+    public WSSecurityTokenConstants.TokenType getTokenType() {
+        return WSSecurityTokenConstants.UsernameToken;
     }
 
     /**
@@ -72,32 +103,135 @@ public class UsernameSecurityToken exten
      * @throws WSSecurityException
      */
     public byte[] generateDerivedKey() throws WSSecurityException {
-        return usernameToken.generateDerivedKey(wsSecurityContext);
+        return generateDerivedKey(wsInboundSecurityContext);
     }
 
-    @Override
-    public boolean isAsymmetric() throws XMLSecurityException {
-        return false;
+    /**
+     * This method generates a derived key as defined in WSS Username
+     * Token Profile.
+     *
+     * @return Returns the derived key a byte array
+     * @throws org.apache.wss4j.common.ext.WSSecurityException
+     *
+     */
+    protected byte[] generateDerivedKey(WSInboundSecurityContext wsInboundSecurityContext) throws WSSecurityException {
+
+        if (wsInboundSecurityContext != null) {
+            if (salt == null || salt.length == 0) {
+                wsInboundSecurityContext.handleBSPRule(BSPRule.R4217);
+            }
+            if (iteration == null || iteration < DEFAULT_ITERATION) {
+                wsInboundSecurityContext.handleBSPRule(BSPRule.R4218);
+            }
+        }
+
+        Long iters = iteration;
+        if (iters == null || iters == 0) {
+            iters = DEFAULT_ITERATION;
+        }
+        byte[] pwBytes;
+        try {
+            pwBytes = password.getBytes("UTF-8");
+        } catch (final UnsupportedEncodingException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e);
+        }
+
+        byte[] pwSalt = new byte[salt.length + pwBytes.length];
+        System.arraycopy(pwBytes, 0, pwSalt, 0, pwBytes.length);
+        System.arraycopy(salt, 0, pwSalt, pwBytes.length, salt.length);
+
+        MessageDigest sha;
+        try {
+            sha = MessageDigest.getInstance("SHA-1");
+        } catch (NoSuchAlgorithmException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noSHA1availabe", e);
+        }
+        sha.reset();
+
+        // Make the first hash round with start value
+        byte[] k = sha.digest(pwSalt);
+
+        // Perform the 1st up to iteration-1 hash rounds
+        for (int i = 1; i < iters; i++) {
+            k = sha.digest(k);
+        }
+        return k;
     }
 
     @Override
-    protected Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
-                         String correlationID) throws XMLSecurityException {
-
-        Key key = getSecretKey().get(algorithmURI);
-        if (key != null) {
-            return key;
+    public Principal getPrincipal() throws WSSecurityException {
+        if (this.principal == null) {
+            this.principal = new UsernameTokenPrincipal() {
+                //todo passwordType and passwordDigest return Enum-Type ?
+                @Override
+                public boolean isPasswordDigest() {
+                    return usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST;
+                }
+
+
+                @Override
+                public String getPasswordType() {
+                    return usernameTokenPasswordType.getNamespace();
+                }
+
+                @Override
+                public String getName() {
+                    return username;
+                }
+
+                @Override
+                public String getPassword() {
+                    return password;
+                }
+
+                @Override
+                public String getCreatedTime() {
+                    return createdTime;
+                }
+
+                @Override
+                public String getNonce() {
+                    return nonce;
+                }
+            };
         }
+        return this.principal;
+    }
 
-        byte[] secretToken = usernameToken.generateDerivedKey(wsSecurityContext);
-        String algoFamily = JCEAlgorithmMapper.getJCERequiredKeyFromURI(algorithmURI);
-        key = new SecretKeySpec(secretToken, algoFamily);
-        setSecretKey(algorithmURI, key);
-        return key;
+    public WSSConstants.UsernameTokenPasswordType getUsernameTokenPasswordType() {
+        return usernameTokenPasswordType;
+    }
+
+    public String getCreatedTime() {
+        return createdTime;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public String getNonce() {
+        return nonce;
+    }
+
+    public byte[] getSalt() {
+        return salt;
+    }
+
+    public Long getIteration() {
+        return iteration;
+    }
+
+    public void setSubject(Subject subject) {
+        this.subject = subject;
     }
 
     @Override
-    public WSSConstants.TokenType getTokenType() {
-        return WSSConstants.UsernameToken;
+    public Subject getSubject() throws WSSecurityException {
+        return subject;
     }
 }

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -21,9 +21,10 @@ package org.apache.wss4j.stax.impl.secur
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.binding.xmldsig.X509DataType;
 import org.apache.xml.security.binding.xmldsig.X509IssuerSerialType;
 import org.apache.xml.security.exceptions.XMLSecurityException;
@@ -33,15 +34,15 @@ import org.apache.xml.security.stax.impl
 import javax.security.auth.callback.CallbackHandler;
 import java.security.cert.X509Certificate;
 
-public class X509DataSecurityToken extends X509SecurityToken {
+public class X509DataSecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
     private final X509DataType x509DataType;
 
-    X509DataSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                          X509DataType x509DataType, String id, WSSConstants.KeyIdentifierType keyIdentifierType,
-                          WSSSecurityProperties securityProperties) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, securityProperties);
+    X509DataSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                              X509DataType x509DataType, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
+                              WSSSecurityProperties securityProperties) {
+        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
         this.x509DataType = x509DataType;
     }
 

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -19,21 +19,21 @@
 package org.apache.wss4j.stax.impl.securityToken;
 
 import org.apache.wss4j.common.crypto.Crypto;
-import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 
 import javax.security.auth.callback.CallbackHandler;
 
-public class X509DefaultSecurityToken extends X509SecurityToken {
+public class X509DefaultSecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
 
-    X509DefaultSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                             String alias, String id, WSSConstants.KeyIdentifierType keyIdentifierType,
-                             WSSSecurityProperties securityProperties) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, securityProperties);
+    X509DefaultSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                                 String alias, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
+                                 WSSSecurityProperties securityProperties) {
+        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
         this.alias = alias;
     }
 

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -20,9 +20,9 @@ package org.apache.wss4j.stax.impl.secur
 
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.impl.util.UnsynchronizedByteArrayInputStream;
 
@@ -35,15 +35,15 @@ import java.security.cert.X509Certificat
 import java.util.Iterator;
 import java.util.List;
 
-public class X509PKIPathv1SecurityToken extends X509SecurityToken {
+public class X509PKIPathv1SecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
 
-    public X509PKIPathv1SecurityToken(
-            WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-            byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType,
+    public X509PKIPathv1SecurityTokenImpl(
+            WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+            byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
             WSSSecurityProperties securityProperties) throws XMLSecurityException {
-        super(WSSConstants.X509PkiPathV1Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, securityProperties);
+        super(WSSecurityTokenConstants.X509PkiPathV1Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
 
         InputStream in = new UnsynchronizedByteArrayInputStream(binaryContent);
         try {

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -22,7 +22,10 @@ import org.apache.wss4j.common.crypto.Cr
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.principal.PublicKeyPrincipalImpl;
 import org.apache.wss4j.stax.ext.*;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
+import org.apache.wss4j.stax.securityToken.X509SecurityToken;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 
@@ -30,23 +33,23 @@ import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
 import java.security.Key;
 import java.security.Principal;
-import java.security.PublicKey;
 import java.security.cert.CertificateExpiredException;
 import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.X509Certificate;
 
-public abstract class X509SecurityToken
-        extends org.apache.xml.security.stax.impl.securityToken.X509SecurityToken implements InboundSecurityToken {
+public abstract class X509SecurityTokenImpl
+        extends org.apache.xml.security.stax.impl.securityToken.X509SecurityToken implements X509SecurityToken {
 
     private CallbackHandler callbackHandler;
     private Crypto crypto;
     private WSSSecurityProperties securityProperties;
+    private Principal principal;
 
-    protected X509SecurityToken(XMLSecurityConstants.TokenType tokenType, WSSecurityContext wsSecurityContext,
-                                Crypto crypto, CallbackHandler callbackHandler, String id,
-                                WSSConstants.KeyIdentifierType keyIdentifierType,
-                                WSSSecurityProperties securityProperties) {
-        super(tokenType, wsSecurityContext, id, keyIdentifierType);
+    protected X509SecurityTokenImpl(WSSecurityTokenConstants.TokenType tokenType, WSInboundSecurityContext wsInboundSecurityContext,
+                                    Crypto crypto, CallbackHandler callbackHandler, String id,
+                                    WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
+                                    WSSSecurityProperties securityProperties) {
+        super(tokenType, wsInboundSecurityContext, id, keyIdentifier);
         this.crypto = crypto;
         this.callbackHandler = callbackHandler;
         this.securityProperties = securityProperties;
@@ -61,7 +64,7 @@ public abstract class X509SecurityToken
     }
 
     @Override
-    public Key getKey(String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage,
+    public Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
                       String correlationID) throws XMLSecurityException {
         WSPasswordCallback pwCb = new WSPasswordCallback(getAlias(), WSPasswordCallback.Usage.DECRYPT);
         WSSUtils.doPasswordCallback(getCallbackHandler(), pwCb);
@@ -107,26 +110,23 @@ public abstract class X509SecurityToken
     protected abstract String getAlias() throws XMLSecurityException;
 
     @Override
-    public Subject getSubject() throws XMLSecurityException {
+    public Subject getSubject() throws WSSecurityException {
         return null;
     }
 
     @Override
-    public Principal getPrincipal() throws XMLSecurityException {
-        X509Certificate[] certs = super.getX509Certificates();
-        if (certs != null && certs.length > 0) {
-            return certs[0].getSubjectX500Principal();
-        }
-        
-        final PublicKey publicKey = getPublicKey();
-        if (publicKey != null) {
-            return new Principal() {
-                @Override
-                public String getName() {
-                    return publicKey.toString();
+    public Principal getPrincipal() throws WSSecurityException {
+        if (this.principal == null) {
+            try {
+                X509Certificate[] certs = getX509Certificates();
+                if (certs != null && certs.length > 0) {
+                    return this.principal = certs[0].getSubjectX500Principal();
                 }
-            };
+                return this.principal = new PublicKeyPrincipalImpl(getPublicKey());
+            } catch (XMLSecurityException e) {
+                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, e);
+            }
         }
-        return null;
+        return this.principal;
     }
 }

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -20,23 +20,23 @@ package org.apache.wss4j.stax.impl.secur
 
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
-import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 
 import javax.security.auth.callback.CallbackHandler;
 import java.security.cert.X509Certificate;
 
-public class X509SubjectKeyIdentifierSecurityToken extends X509SecurityToken {
+public class X509SubjectKeyIdentifierSecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
     private final byte[] binaryContent;
 
-    X509SubjectKeyIdentifierSecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                                          byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType,
-                                          WSSSecurityProperties securityProperties) {
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, securityProperties);
+    X509SubjectKeyIdentifierSecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                                              byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
+                                              WSSSecurityProperties securityProperties) {
+        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
         this.binaryContent = binaryContent;
     }
 

Copied: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java (from r1460765, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityToken.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java?p2=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java&p1=webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityToken.java&r1=1460765&r2=1463136&rev=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityToken.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java Mon Apr  1 13:57:32 2013
@@ -19,25 +19,25 @@
 package org.apache.wss4j.stax.impl.securityToken;
 
 import org.apache.wss4j.common.crypto.Crypto;
-import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSInboundSecurityContext;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
-import org.apache.wss4j.stax.ext.WSSecurityContext;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.impl.util.UnsynchronizedByteArrayInputStream;
 
 import javax.security.auth.callback.CallbackHandler;
 import java.security.cert.X509Certificate;
 
-public class X509_V3SecurityToken extends X509SecurityToken {
+public class X509_V3SecurityTokenImpl extends X509SecurityTokenImpl {
 
     private String alias = null;
 
-    public X509_V3SecurityToken(WSSecurityContext wsSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
-                                byte[] binaryContent, String id, WSSConstants.KeyIdentifierType keyIdentifierType,
-                                WSSSecurityProperties securityProperties)
+    public X509_V3SecurityTokenImpl(WSInboundSecurityContext wsInboundSecurityContext, Crypto crypto, CallbackHandler callbackHandler,
+                                    byte[] binaryContent, String id, WSSecurityTokenConstants.KeyIdentifier keyIdentifier,
+                                    WSSSecurityProperties securityProperties)
             throws XMLSecurityException {
 
-        super(WSSConstants.X509V3Token, wsSecurityContext, crypto, callbackHandler, id, keyIdentifierType, securityProperties);
+        super(WSSecurityTokenConstants.X509V3Token, wsInboundSecurityContext, crypto, callbackHandler, id, keyIdentifier, securityProperties);
         setX509Certificates(new X509Certificate[]{getCrypto().loadCertificate(new UnsynchronizedByteArrayInputStream(binaryContent))});
     }
 

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/DerivedKeyTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/DerivedKeyTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/DerivedKeyTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/DerivedKeyTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -19,10 +19,9 @@
 package org.apache.wss4j.stax.securityEvent;
 
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
+import org.apache.xml.security.stax.securityToken.SecurityToken;
 
-public class DerivedKeyTokenSecurityEvent extends TokenSecurityEvent {
-
-    //todo implement
+public class DerivedKeyTokenSecurityEvent extends TokenSecurityEvent<SecurityToken> {
 
     public DerivedKeyTokenSecurityEvent() {
         super(WSSecurityEventConstants.DerivedKeyToken);

Added: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedKeyTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedKeyTokenSecurityEvent.java?rev=1463136&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedKeyTokenSecurityEvent.java (added)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedKeyTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.stax.securityEvent;
+
+import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
+import org.apache.xml.security.stax.securityToken.SecurityToken;
+
+public class EncryptedKeyTokenSecurityEvent extends TokenSecurityEvent<SecurityToken> {
+
+    public EncryptedKeyTokenSecurityEvent() {
+        super(WSSecurityEventConstants.EncryptedKeyToken);
+    }
+}

Propchange: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedKeyTokenSecurityEvent.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedPartSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedPartSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedPartSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/EncryptedPartSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,15 +18,17 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
+import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
 
 import java.util.List;
 
 public class EncryptedPartSecurityEvent extends AbstractSecuredElementSecurityEvent {
 
-    public EncryptedPartSecurityEvent(SecurityToken securityToken, boolean encrypted, List<XMLSecurityConstants.ContentType> protectionOrder) {
-        super(WSSecurityEventConstants.EncryptedPart, securityToken, protectionOrder, false, encrypted);
+    public EncryptedPartSecurityEvent(
+            InboundSecurityToken inboundSecurityToken, boolean encrypted,
+            List<XMLSecurityConstants.ContentType> protectionOrder) {
+        super(WSSecurityEventConstants.EncryptedPart, inboundSecurityToken, protectionOrder, false, encrypted);
     }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/HttpsTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/HttpsTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/HttpsTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/HttpsTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,12 +18,10 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
-import org.apache.wss4j.stax.ext.WSSConstants;
-import org.apache.wss4j.stax.impl.securityToken.InboundSecurityTokenImpl;
-import org.apache.xml.security.stax.ext.SecurityToken;
+import org.apache.wss4j.stax.securityToken.HttpsSecurityToken;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
 
-public class HttpsTokenSecurityEvent extends TokenSecurityEvent {
+public class HttpsTokenSecurityEvent extends TokenSecurityEvent<HttpsSecurityToken> {
 
     public enum AuthenticationType {
         HttpBasicAuthentication,
@@ -55,19 +53,4 @@ public class HttpsTokenSecurityEvent ext
     public void setIssuerName(String issuerName) {
         this.issuerName = issuerName;
     }
-
-    @Override
-    public SecurityToken getSecurityToken() {
-        SecurityToken securityToken = super.getSecurityToken();
-        if (securityToken == null) {
-            securityToken = new InboundSecurityTokenImpl(null, null, null) {
-                @Override
-                public WSSConstants.TokenType getTokenType() {
-                    return WSSConstants.HttpsToken;
-                }
-            };
-        }
-        setSecurityToken(securityToken);
-        return securityToken;
-    }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/IssuedTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/IssuedTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/IssuedTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/IssuedTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,12 +18,15 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
+import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
+import org.apache.xml.security.stax.securityToken.SecurityToken;
+
+public abstract class IssuedTokenSecurityEvent<T extends SecurityToken> extends TokenSecurityEvent<T> {
 
-public abstract class IssuedTokenSecurityEvent extends TokenSecurityEvent {
     public IssuedTokenSecurityEvent(WSSecurityEventConstants.Event securityEventType) {
         super(securityEventType);
     }
 
-    public abstract String getIssuerName();
+    public abstract String getIssuerName() throws WSSecurityException;
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KerberosTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KerberosTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KerberosTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KerberosTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -19,9 +19,9 @@
 package org.apache.wss4j.stax.securityEvent;
 
 import org.apache.wss4j.stax.ext.WSSConstants;
-import org.apache.wss4j.stax.impl.securityToken.KerberosServiceSecurityToken;
+import org.apache.wss4j.stax.securityToken.KerberosServiceSecurityToken;
 
-public class KerberosTokenSecurityEvent extends IssuedTokenSecurityEvent {
+public class KerberosTokenSecurityEvent extends IssuedTokenSecurityEvent<KerberosServiceSecurityToken> {
 
     private String issuerName;
 
@@ -38,7 +38,7 @@ public class KerberosTokenSecurityEvent 
     }
 
     public boolean isKerberosV5ApReqToken11() {
-        String type = ((KerberosServiceSecurityToken)getSecurityToken()).getKerberosTokenValueType();
+        String type = getSecurityToken().getKerberosTokenValueType();
         if (WSSConstants.NS_Kerberos5_AP_REQ.equals(type)
                 || WSSConstants.NS_Kerberos5_AP_REQ1510.equals(type)
                 || WSSConstants.NS_Kerberos5_AP_REQ4120.equals(type)) {
@@ -48,7 +48,7 @@ public class KerberosTokenSecurityEvent 
     }
 
     public boolean isGssKerberosV5ApReqToken11() {
-        String type = ((KerberosServiceSecurityToken)getSecurityToken()).getKerberosTokenValueType();
+        String type = getSecurityToken().getKerberosTokenValueType();
         if (WSSConstants.NS_GSS_Kerberos5_AP_REQ.equals(type)
                 || WSSConstants.NS_GSS_Kerberos5_AP_REQ1510.equals(type)
                 || WSSConstants.NS_GSS_Kerberos5_AP_REQ4120.equals(type)) {
@@ -58,6 +58,6 @@ public class KerberosTokenSecurityEvent 
     }
 
     public String getKerberosTokenValueType() {
-        return ((KerberosServiceSecurityToken)getSecurityToken()).getKerberosTokenValueType();
+        return getSecurityToken().getKerberosTokenValueType();
     }
 }

Added: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KeyValueTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KeyValueTokenSecurityEvent.java?rev=1463136&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KeyValueTokenSecurityEvent.java (added)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KeyValueTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.stax.securityEvent;
+
+import org.apache.wss4j.stax.securityToken.KeyValueSecurityToken;
+import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
+
+public class KeyValueTokenSecurityEvent extends TokenSecurityEvent<KeyValueSecurityToken> {
+
+    public KeyValueTokenSecurityEvent() {
+        super(WSSecurityEventConstants.KeyValueToken);
+    }
+}

Propchange: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/KeyValueTokenSecurityEvent.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/RelTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/RelTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/RelTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/RelTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,9 +18,11 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
-public class RelTokenSecurityEvent extends IssuedTokenSecurityEvent {
 
-    //todo implement
+import org.apache.xml.security.stax.securityToken.SecurityToken;
+
+public class RelTokenSecurityEvent extends IssuedTokenSecurityEvent<SecurityToken> {
+
     private String issuerName;
 
     public RelTokenSecurityEvent() {

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SamlTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SamlTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SamlTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SamlTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,26 +18,23 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.principal.SAMLTokenPrincipal;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-import org.opensaml.common.SAMLVersion;
-import org.apache.wss4j.stax.impl.securityToken.SAMLSecurityToken;
+import org.apache.wss4j.stax.securityToken.SamlSecurityToken;
 
-public class SamlTokenSecurityEvent extends IssuedTokenSecurityEvent {
+public class SamlTokenSecurityEvent extends IssuedTokenSecurityEvent<SamlSecurityToken> {
 
     public SamlTokenSecurityEvent() {
         super(WSSecurityEventConstants.SamlToken);
     }
 
     @Override
-    public String getIssuerName() {
-        return ((SAMLSecurityToken) getSecurityToken()).getIssuer();
+    public String getIssuerName() throws WSSecurityException {
+        return getSamlAssertionWrapper().getIssuerString();
     }
 
-    public SAMLVersion getSamlVersion() {
-        return ((SAMLSecurityToken) getSecurityToken()).getSamlVersion();
-    }
-
-    public SamlAssertionWrapper getSamlAssertionWrapper() {
-        return ((SAMLSecurityToken) getSecurityToken()).getSamlAssertionWrapper();
+    public SamlAssertionWrapper getSamlAssertionWrapper() throws WSSecurityException {
+        return ((SAMLTokenPrincipal)getSecurityToken().getPrincipal()).getToken();
     }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecureConversationTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecureConversationTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecureConversationTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecureConversationTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -19,8 +19,9 @@
 package org.apache.wss4j.stax.securityEvent;
 
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
+import org.apache.xml.security.stax.securityToken.SecurityToken;
 
-public class SecureConversationTokenSecurityEvent extends TokenSecurityEvent {
+public class SecureConversationTokenSecurityEvent extends TokenSecurityEvent<SecurityToken> {
 
     private boolean externalUriRef;
     private String issuerName;

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecurityContextTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecurityContextTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecurityContextTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SecurityContextTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,7 +18,10 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
-public class SecurityContextTokenSecurityEvent extends IssuedTokenSecurityEvent {
+
+import org.apache.xml.security.stax.securityToken.SecurityToken;
+
+public class SecurityContextTokenSecurityEvent extends IssuedTokenSecurityEvent<SecurityToken> {
 
     private boolean externalUriRef;
     private String issuerName;

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SignedPartSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SignedPartSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SignedPartSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SignedPartSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,15 +18,17 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
-import org.apache.xml.security.stax.ext.SecurityToken;
 import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
+import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
 
 import java.util.List;
 
 public class SignedPartSecurityEvent extends AbstractSecuredElementSecurityEvent {
 
-    public SignedPartSecurityEvent(SecurityToken securityToken, boolean signed, List<XMLSecurityConstants.ContentType> protectionOrder) {
-        super(WSSecurityEventConstants.SignedPart, securityToken, protectionOrder, signed, false);
+    public SignedPartSecurityEvent(
+            InboundSecurityToken inboundSecurityToken, boolean signed,
+            List<XMLSecurityConstants.ContentType> protectionOrder) {
+        super(WSSecurityEventConstants.SignedPart, inboundSecurityToken, protectionOrder, signed, false);
     }
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SpnegoContextTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SpnegoContextTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SpnegoContextTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/SpnegoContextTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -19,8 +19,9 @@
 package org.apache.wss4j.stax.securityEvent;
 
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
+import org.apache.xml.security.stax.securityToken.SecurityToken;
 
-public class SpnegoContextTokenSecurityEvent extends TokenSecurityEvent {
+public class SpnegoContextTokenSecurityEvent extends TokenSecurityEvent<SecurityToken> {
 
     private String issuerName;
 

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/UsernameTokenSecurityEvent.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/UsernameTokenSecurityEvent.java?rev=1463136&r1=1463135&r2=1463136&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/UsernameTokenSecurityEvent.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityEvent/UsernameTokenSecurityEvent.java Mon Apr  1 13:57:32 2013
@@ -18,12 +18,12 @@
  */
 package org.apache.wss4j.stax.securityEvent;
 
+import org.apache.wss4j.stax.securityToken.UsernameSecurityToken;
 import org.apache.xml.security.stax.securityEvent.TokenSecurityEvent;
 import org.apache.wss4j.stax.ext.WSSConstants;
 
-public class UsernameTokenSecurityEvent extends TokenSecurityEvent {
+public class UsernameTokenSecurityEvent extends TokenSecurityEvent<UsernameSecurityToken> {
 
-    private WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType;
     private String usernameTokenProfile;
 
     public UsernameTokenSecurityEvent() {
@@ -31,11 +31,7 @@ public class UsernameTokenSecurityEvent 
     }
 
     public WSSConstants.UsernameTokenPasswordType getUsernameTokenPasswordType() {
-        return usernameTokenPasswordType;
-    }
-
-    public void setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType) {
-        this.usernameTokenPasswordType = usernameTokenPasswordType;
+        return getSecurityToken().getUsernameTokenPasswordType();
     }
 
     public String getUsernameTokenProfile() {



Mime
View raw message