ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1672673 [2/2] - in /webservices/wss4j/trunk: ws-security-dom/src/main/java/org/apache/wss4j/dom/ ws-security-dom/src/main/java/org/apache/wss4j/dom/action/ ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/ ws-security-dom/src/mai...
Date Fri, 10 Apr 2015 14:10:51 GMT
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java Fri Apr 10 14:10:50 2015
@@ -20,9 +20,10 @@
 package org.apache.wss4j.dom.message;
 
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.UsernameTokenUtil;
+import org.apache.wss4j.common.util.WSCurrentTimeSource;
+import org.apache.wss4j.common.util.WSTimeSource;
 import org.apache.wss4j.dom.message.token.UsernameToken;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.xml.security.exceptions.Base64DecodingException;
@@ -48,13 +49,12 @@ public class WSSecUsernameToken extends
     private byte[] saltValue;
     private int iteration = UsernameToken.DEFAULT_ITERATION;
     private boolean passwordsAreEncoded;
+    private boolean precisionInMilliSeconds = true;
+    private WSTimeSource wsTimeSource = new WSCurrentTimeSource();
 
     public WSSecUsernameToken() {
         super();
     }
-    public WSSecUsernameToken(WSSConfig config) {
-        super(config);
-    }
 
     /**
      * Defines how to construct the password element of the
@@ -169,8 +169,7 @@ public class WSSecUsernameToken extends
      * @param doc The SOAP envelope as W3C document
      */
     public void prepare(Document doc) {
-        ut = new UsernameToken(getWsConfig().isPrecisionInMilliSeconds(), doc, 
-                               getWsConfig().getCurrentTime(), passwordType);
+        ut = new UsernameToken(precisionInMilliSeconds, doc, wsTimeSource, passwordType);
         ut.setPasswordsAreEncoded(passwordsAreEncoded);
         ut.setName(user);
         if (useDerivedKey) {
@@ -183,9 +182,9 @@ public class WSSecUsernameToken extends
             ut.addNonce(doc);
         }
         if (created) {
-            ut.addCreated(getWsConfig().isPrecisionInMilliSeconds(), getWsConfig().getCurrentTime(), doc);
+            ut.addCreated(precisionInMilliSeconds, wsTimeSource, doc);
         }
-        ut.setID(getWsConfig().getIdAllocator().createId("UsernameToken-", ut));
+        ut.setID(getIdAllocator().createId("UsernameToken-", ut));
     }
 
     /**
@@ -250,4 +249,20 @@ public class WSSecUsernameToken extends
     public Element getUsernameTokenElement() {
        return ut.getElement(); 
     }
+
+    public boolean isPrecisionInMilliSeconds() {
+        return precisionInMilliSeconds;
+    }
+
+    public void setPrecisionInMilliSeconds(boolean precisionInMilliSeconds) {
+        this.precisionInMilliSeconds = precisionInMilliSeconds;
+    }
+
+    public WSTimeSource getWsTimeSource() {
+        return wsTimeSource;
+    }
+
+    public void setWsTimeSource(WSTimeSource wsTimeSource) {
+        this.wsTimeSource = wsTimeSource;
+    }
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java Fri Apr 10 14:10:50 2015
@@ -31,7 +31,6 @@ import org.apache.wss4j.common.cache.Rep
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDocInfo;
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.WSSecurityEngine;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.dom.handler.RequestData;
@@ -131,16 +130,9 @@ public class UsernameTokenProcessor impl
         Validator validator,
         RequestData data
     ) throws WSSecurityException {
-        boolean allowNamespaceQualifiedPasswordTypes = false;
-        WSSConfig wssConfig = data.getWssConfig();
-        int utTTL = 300;
-        int futureTimeToLive = 60;
-        if (wssConfig != null) {
-            allowNamespaceQualifiedPasswordTypes = 
-                wssConfig.getAllowNamespaceQualifiedPasswordTypes();
-            utTTL = wssConfig.getUtTTL();
-            futureTimeToLive = wssConfig.getUtFutureTTL();
-        }
+        boolean allowNamespaceQualifiedPasswordTypes = data.isAllowNamespaceQualifiedPasswordTypes();
+        int utTTL = data.getUtTTL();
+        int futureTimeToLive = data.getUtFutureTTL();
         
         //
         // Parse and validate the UsernameToken element

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java Fri Apr 10 14:10:50 2015
@@ -50,7 +50,6 @@ import org.apache.wss4j.common.token.X50
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDocInfo;
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.WSSecHeader;
 import org.apache.wss4j.dom.message.WSSecSignature;
@@ -80,13 +79,6 @@ public class WSSecSignatureSAML extends
         super();
         doDebug = LOG.isDebugEnabled();
     }
-    /**
-     * Constructor.
-     */
-    public WSSecSignatureSAML(WSSConfig config) {
-        super(config);
-        doDebug = LOG.isDebugEnabled();
-    }
 
     /**
      * Builds a signed soap envelope with SAML token.
@@ -257,7 +249,6 @@ public class WSSecSignatureSAML extends
                 SignatureActionToken actionToken = new SignatureActionToken();
                 data.setSignatureToken(actionToken);
                 actionToken.setCrypto(userCrypto);
-                data.setWssConfig(getWsConfig());
                 SAMLKeyInfo samlKeyInfo = 
                     SAMLUtil.getCredentialFromSubject(
                             samlAssertion, new WSSSAMLKeyInfoProcessor(data, wsDocInfo),
@@ -307,8 +298,7 @@ public class WSSecSignatureSAML extends
         
         try {
             C14NMethodParameterSpec c14nSpec = null;
-            if (getWsConfig().isAddInclusivePrefixes() 
-                && getSigCanonicalization().equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) {
+            if (isAddInclusivePrefixes() && getSigCanonicalization().equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) {
                 List<String> prefixes = 
                     getInclusivePrefixes(secHeader.getSecurityHeader(), false);
                 c14nSpec = new ExcC14NParameterSpec(prefixes);
@@ -323,14 +313,14 @@ public class WSSecSignatureSAML extends
             );
         }
 
-        keyInfoUri = getWsConfig().getIdAllocator().createSecureId("KeyId-", keyInfo);
+        keyInfoUri = getIdAllocator().createSecureId("KeyId-", keyInfo);
         SecurityTokenReference secRef = new SecurityTokenReference(doc);
-        strUri = getWsConfig().getIdAllocator().createSecureId("STRId-", secRef);
+        strUri = getIdAllocator().createSecureId("STRId-", secRef);
         secRef.setID(strUri);
         setSecurityTokenReference(secRef);
         
         if (certs != null && certs.length != 0) {
-            certUri = getWsConfig().getIdAllocator().createSecureId("CertId-", certs[0]);
+            certUri = getIdAllocator().createSecureId("CertId-", certs[0]);
         }
         
         //
@@ -344,7 +334,7 @@ public class WSSecSignatureSAML extends
         try {
             if (senderVouches) {
                 secRefSaml = new SecurityTokenReference(doc);
-                secRefID = getWsConfig().getIdAllocator().createSecureId("STRSAMLId-", secRefSaml);
+                secRefID = getIdAllocator().createSecureId("STRSAMLId-", secRefSaml);
                 secRefSaml.setID(secRefID);
 
                 if (useDirectReferenceToAssertion) {
@@ -516,7 +506,7 @@ public class WSSecSignatureSAML extends
                     signedInfo, 
                     keyInfo,
                     null,
-                    getWsConfig().getIdAllocator().createId("SIG-", null),
+                    getIdAllocator().createId("SIG-", null),
                     null);
             
             Element securityHeaderElement = secHeader.getSecurityHeader();

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java Fri Apr 10 14:10:50 2015
@@ -20,7 +20,6 @@
 package org.apache.wss4j.dom.validate;
 
 
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.token.Timestamp;
@@ -45,15 +44,9 @@ public class TimestampValidator implemen
         if (data.getWssConfig() == null) {
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", "WSSConfig cannot be null");
         }
-        WSSConfig wssConfig = data.getWssConfig();
-        boolean timeStampStrict = true;
-        int timeStampTTL = 300;
-        int futureTimeToLive = 60;
-        if (wssConfig != null) {
-            timeStampStrict = wssConfig.isTimeStampStrict();
-            timeStampTTL = wssConfig.getTimeStampTTL();
-            futureTimeToLive = wssConfig.getTimeStampFutureTTL();
-        }
+        boolean timeStampStrict = data.isTimeStampStrict();
+        int timeStampTTL = data.getTimeStampTTL();
+        int futureTimeToLive = data.getTimeStampFutureTTL();
         
         Timestamp timeStamp = credential.getTimestamp();
         // Validate whether the security semantics have expired

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java Fri Apr 10 14:10:50 2015
@@ -25,7 +25,6 @@ import javax.security.auth.callback.Call
 import javax.security.auth.callback.UnsupportedCallbackException;
 
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
@@ -61,15 +60,9 @@ public class UsernameTokenValidator impl
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
         }
         
-        boolean handleCustomPasswordTypes = false;
-        boolean passwordsAreEncoded = false;
-        String requiredPasswordType = null;
-        WSSConfig wssConfig = data.getWssConfig();
-        if (wssConfig != null) {
-            handleCustomPasswordTypes = wssConfig.getHandleCustomPasswordTypes();
-            passwordsAreEncoded = wssConfig.getPasswordsAreEncoded();
-            requiredPasswordType = wssConfig.getRequiredPasswordType();
-        }
+        boolean handleCustomPasswordTypes = data.isHandleCustomPasswordTypes();
+        boolean passwordsAreEncoded = data.isEncodePasswords();
+        String requiredPasswordType = data.getRequiredPasswordType();
         
         UsernameToken usernameToken = credential.getUsernametoken();
         usernameToken.setPasswordsAreEncoded(passwordsAreEncoded);
@@ -214,12 +207,7 @@ public class UsernameTokenValidator impl
     protected void verifyUnknownPassword(UsernameToken usernameToken,
                                          RequestData data) throws WSSecurityException {
         
-        boolean allowUsernameTokenDerivedKeys = false;
-        WSSConfig wssConfig = data.getWssConfig();
-        if (wssConfig != null) {
-            allowUsernameTokenDerivedKeys = wssConfig.isAllowUsernameTokenNoPassword();
-        }
-        
+        boolean allowUsernameTokenDerivedKeys = data.isAllowUsernameTokenNoPassword();
         if (!allowUsernameTokenDerivedKeys) {
             if (LOG.isDebugEnabled()) {
                 LOG.debug("Authentication failed as the received UsernameToken does not "

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordTypeTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordTypeTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordTypeTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordTypeTest.java Fri Apr 10 14:10:50 2015
@@ -23,7 +23,6 @@ import java.util.Collections;
 
 import org.apache.wss4j.dom.WSSecurityEngine;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.common.CustomHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
@@ -70,29 +69,31 @@ public class PasswordTypeTest extends or
             LOG.debug(outputString);
         }
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
         
         //
         // It should pass with PASSWORD_DIGEST
         //
-        wssConfig.setRequiredPasswordType(WSConstants.PASSWORD_DIGEST);
-        secEngine.setWssConfig(wssConfig);
-        secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setRequiredPasswordType(WSConstants.PASSWORD_DIGEST);
+        secEngine.processSecurityHeader(doc, requestData);
         
         //
         // It should pass with null
         //
-        wssConfig.setRequiredPasswordType(null);
-        secEngine.setWssConfig(wssConfig);
-        secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+        requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setRequiredPasswordType(null);
+        secEngine.processSecurityHeader(doc, requestData);
         
         //
         // It should fail with PASSWORD_TEXT
         //
         try {
-            wssConfig.setRequiredPasswordType(WSConstants.PASSWORD_TEXT);
-            secEngine.setWssConfig(wssConfig);
-            secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+            requestData = new RequestData();
+            requestData.setCallbackHandler(callbackHandler);
+            requestData.setRequiredPasswordType(WSConstants.PASSWORD_TEXT);
+            secEngine.processSecurityHeader(doc, requestData);
             fail("Expected failure on the wrong password type");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
@@ -120,29 +121,31 @@ public class PasswordTypeTest extends or
             LOG.debug(outputString);
         }
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
         
         //
         // It should pass with PASSWORD_TEXT
         //
-        wssConfig.setRequiredPasswordType(WSConstants.PASSWORD_TEXT);
-        secEngine.setWssConfig(wssConfig);
-        secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setRequiredPasswordType(WSConstants.PASSWORD_TEXT);
+        secEngine.processSecurityHeader(doc, requestData);
         
         //
         // It should pass with null
         //
-        wssConfig.setRequiredPasswordType(null);
-        secEngine.setWssConfig(wssConfig);
-        secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+        requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setRequiredPasswordType(null);
+        secEngine.processSecurityHeader(doc, requestData);
         
         //
         // It should fail with PASSWORD_DIGEST
         //
         try {
-            wssConfig.setRequiredPasswordType(WSConstants.PASSWORD_DIGEST);
-            secEngine.setWssConfig(wssConfig);
-            secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+            requestData = new RequestData();
+            requestData.setCallbackHandler(callbackHandler);
+            requestData.setRequiredPasswordType(WSConstants.PASSWORD_DIGEST);
+            secEngine.processSecurityHeader(doc, requestData);
             fail("Expected failure on the wrong password type");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
@@ -188,10 +191,10 @@ public class PasswordTypeTest extends or
         reqData.setMsgContext(config);
         handler.receive(Collections.singletonList(WSConstants.UT), reqData);
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        secEngine.setWssConfig(reqData.getWssConfig());
+        reqData.setCallbackHandler(callbackHandler);
         
         try {
-            secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+            secEngine.processSecurityHeader(doc, reqData);
             fail("Expected failure on the wrong password type");
         } catch (WSSecurityException ex) {
             // expected

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java Fri Apr 10 14:10:50 2015
@@ -232,10 +232,8 @@ public class SignatureTest extends org.j
      */
     @org.junit.Test
     public void testSignatureInclusivePrefixes() throws Exception {
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
-        wssConfig.setAddInclusivePrefixes(true);
         WSSecSignature builder = new WSSecSignature();
-        builder.setWsConfig(wssConfig);
+        builder.setAddInclusivePrefixes(true);
         builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
         LOG.info("Before Signing....");
         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java Fri Apr 10 14:10:50 2015
@@ -81,7 +81,7 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSHandlerResult wsResult = verify(createdDoc, WSSConfig.getNewInstance());
+        WSHandlerResult wsResult = verify(createdDoc);
         WSSecurityEngineResult actionResult = 
             wsResult.getActionResults().get(WSConstants.TS).get(0);
         assertTrue(actionResult != null);
@@ -119,7 +119,7 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSHandlerResult wsResult = verify(createdDoc, WSSConfig.getNewInstance());
+        WSHandlerResult wsResult = verify(createdDoc);
         WSSecurityEngineResult actionResult = 
             wsResult.getActionResults().get(WSConstants.TS).get(0);
         assertTrue(actionResult != null);
@@ -194,7 +194,7 @@ public class TimestampTest extends org.j
         }
         
         try {
-            verify(createdDoc, WSSConfig.getNewInstance());
+            verify(createdDoc);
             fail("Expected failure on an expired timestamp");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -225,10 +225,11 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
-        wssConfig.setTimeStampTTL(-1);
+        RequestData requestData = new RequestData();
+        requestData.setWssConfig(WSSConfig.getNewInstance());
+        requestData.setTimeStampTTL(-1);
         try {
-            verify(createdDoc, wssConfig);
+            verify(createdDoc, requestData);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -274,11 +275,11 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSSConfig config = WSSConfig.getNewInstance();
-        verify(doc, config);
+        RequestData requestData = new RequestData();
+        requestData.setWssConfig(WSSConfig.getNewInstance());
+        requestData.setTimeStampFutureTTL(0);
         try {
-            config.setTimeStampFutureTTL(0);
-            verify(doc, config);
+            verify(doc, requestData);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -322,9 +323,8 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSSConfig config = WSSConfig.getNewInstance();
         try {
-            verify(doc, config);
+            verify(doc);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -380,7 +380,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             //
@@ -414,9 +414,8 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
         try {
-            verify(createdDoc, wssConfig);
+            verify(createdDoc);
             fail("Expected failure on multiple timestamps");
         } catch (WSSecurityException ex) {
             // expected
@@ -462,7 +461,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed on multiple Created elements");
         } catch (WSSecurityException ex) {
             // expected
@@ -509,7 +508,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed on no Created element");
         } catch (WSSecurityException ex) {
             // expected
@@ -569,7 +568,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed on multiple Expires elements");
         } catch (WSSecurityException ex) {
             // expected
@@ -623,7 +622,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             // expected
@@ -670,7 +669,7 @@ public class TimestampTest extends org.j
         WSSConfig wssConfig = WSSConfig.getNewInstance();
         wssConfig.setValidator(WSSecurityEngine.TIMESTAMP, new NoOpValidator());
         try {
-            verify(doc, wssConfig);
+            verify(doc, wssConfig, new ArrayList<BSPRule>());
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             //assertTrue(ex.getMessage().contains("Unparseable date"));
@@ -716,16 +715,16 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
-        wssConfig.setValidator(WSSecurityEngine.TIMESTAMP, new NoOpValidator());
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             //
         }
         
         // Now it should pass...
+        WSSConfig wssConfig = WSSConfig.getNewInstance();
+        wssConfig.setValidator(WSSecurityEngine.TIMESTAMP, new NoOpValidator());
         verify(doc, wssConfig, Collections.singletonList(BSPRule.R3225));
     }
     
@@ -781,7 +780,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(doc, WSSConfig.getNewInstance());
+            verify(doc);
             fail("The timestamp validation should have failed");
         } catch (WSSecurityException ex) {
             //
@@ -804,7 +803,6 @@ public class TimestampTest extends org.j
         WSSecTimestamp timestamp = new WSSecTimestamp();
         timestamp.setTimeToLive(300);
         
-        WSSConfig config = WSSConfig.getNewInstance();
         WSTimeSource spoofedTimeSource = new WSTimeSource() {
 
             public Date now() {
@@ -814,9 +812,8 @@ public class TimestampTest extends org.j
             }
             
         };
-        config.setCurrentTime(spoofedTimeSource);
+        timestamp.setWsTimeSource(spoofedTimeSource);
         
-        timestamp.setWsConfig(config);
         Document createdDoc = timestamp.build(doc, secHeader);
 
         if (LOG.isDebugEnabled()) {
@@ -829,7 +826,7 @@ public class TimestampTest extends org.j
         // Do some processing
         //
         try {
-            verify(createdDoc, WSSConfig.getNewInstance());
+            verify(createdDoc);
             fail("Expected failure on an expired timestamp");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -843,10 +840,8 @@ public class TimestampTest extends org.j
         WSSecHeader secHeader = new WSSecHeader();
         secHeader.insertSecurityHeader(doc);
         
-        WSSConfig wssConfig = WSSConfig.getNewInstance();
-        wssConfig.setPrecisionInMilliSeconds(false);
         WSSecTimestamp timestamp = new WSSecTimestamp();
-        timestamp.setWsConfig(wssConfig);
+        timestamp.setPrecisionInMilliSeconds(false);
         timestamp.setTimeToLive(300);
         Document createdDoc = timestamp.build(doc, secHeader);
 
@@ -859,7 +854,7 @@ public class TimestampTest extends org.j
         //
         // Do some processing
         //
-        WSHandlerResult wsResult = verify(createdDoc, WSSConfig.getNewInstance());
+        WSHandlerResult wsResult = verify(createdDoc);
         WSSecurityEngineResult actionResult = 
             wsResult.getActionResults().get(WSConstants.TS).get(0);
         assertTrue(actionResult != null);
@@ -883,7 +878,7 @@ public class TimestampTest extends org.j
             //
             // Do some processing
             //
-            WSHandlerResult wsResult = verify(createdDoc, WSSConfig.getNewInstance());
+            WSHandlerResult wsResult = verify(createdDoc);
             WSSecurityEngineResult actionResult = 
                 wsResult.getActionResults().get(WSConstants.TS).get(0);
             assertTrue(actionResult != null);
@@ -896,11 +891,18 @@ public class TimestampTest extends org.j
      * Verifies the soap envelope
      */
     private WSHandlerResult verify(
-        Document doc, WSSConfig wssConfig
+        Document doc
     ) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
         RequestData requestData = new RequestData();
-        requestData.setWssConfig(wssConfig);
+        requestData.setWssConfig(WSSConfig.getNewInstance());
+        return secEngine.processSecurityHeader(doc, requestData);
+    }
+    
+    private WSHandlerResult verify(
+        Document doc, RequestData requestData
+    ) throws Exception {
+        WSSecurityEngine secEngine = new WSSecurityEngine();
         return secEngine.processSecurityHeader(doc, requestData);
     }
     

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java Fri Apr 10 14:10:50 2015
@@ -218,12 +218,13 @@ public class UTDerivedKeyTest extends or
             LOG.debug(outputString);
         }
         
+        RequestData requestData = new RequestData();
+        requestData.setEncodePasswords(true);
+        requestData.setAllowUsernameTokenNoPassword(true);
+        requestData.setCallbackHandler(new EncodedPasswordCallbackHandler());
+        
         WSSecurityEngine newEngine = new WSSecurityEngine();
-        newEngine.getWssConfig().setPasswordsAreEncoded(true);
-        newEngine.getWssConfig().setAllowUsernameTokenNoPassword(true);
-        newEngine.processSecurityHeader(
-            encryptedDoc, null, new EncodedPasswordCallbackHandler(), null
-        );
+        newEngine.processSecurityHeader(encryptedDoc, requestData);
     }
     
     /**
@@ -420,12 +421,14 @@ public class UTDerivedKeyTest extends or
             LOG.debug(outputString);
         }
         
+        RequestData requestData = new RequestData();
+        requestData.setEncodePasswords(true);
+        requestData.setAllowUsernameTokenNoPassword(true);
+        requestData.setCallbackHandler(new EncodedPasswordCallbackHandler());
+        
         WSSecurityEngine newEngine = new WSSecurityEngine();
-        newEngine.getWssConfig().setPasswordsAreEncoded(true);
-        newEngine.getWssConfig().setAllowUsernameTokenNoPassword(true);
-        WSHandlerResult results = newEngine.processSecurityHeader(
-            signedDoc, null, new EncodedPasswordCallbackHandler(), null
-        );
+        WSHandlerResult results = newEngine.processSecurityHeader(signedDoc, requestData);
+        
         WSSecurityEngineResult actionResult =
             results.getActionResults().get(WSConstants.SIGN).get(0);
         java.security.Principal principal = 
@@ -685,8 +688,9 @@ public class UTDerivedKeyTest extends or
         data.setCallbackHandler(callbackHandler);
         data.setDecCrypto(crypto);
         data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4218));
+        data.setAllowUsernameTokenNoPassword(true);
+        
         WSSecurityEngine engine = new WSSecurityEngine();
-        config.setAllowUsernameTokenNoPassword(true);
         engine.setWssConfig(config);
         engine.processSecurityHeader(doc, data);
     }
@@ -743,12 +747,13 @@ public class UTDerivedKeyTest extends or
         }
         
         // Turn off BSP compliance and it should work
-        WSSecurityEngine newEngine = new WSSecurityEngine();
         RequestData data = new RequestData();
         data.setCallbackHandler(callbackHandler);
         data.setDecCrypto(crypto);
+        data.setAllowUsernameTokenNoPassword(true);
+        
         WSSConfig config = WSSConfig.getNewInstance();
-        config.setAllowUsernameTokenNoPassword(true);
+        WSSecurityEngine newEngine = new WSSecurityEngine();
         newEngine.setWssConfig(config);
         data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4214));
         newEngine.processSecurityHeader(encryptedDoc, data);
@@ -814,8 +819,9 @@ public class UTDerivedKeyTest extends or
         data.setCallbackHandler(callbackHandler);
         data.setDecCrypto(crypto);
         data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4215));
+        data.setAllowUsernameTokenNoPassword(true);
+        
         WSSConfig config = WSSConfig.getNewInstance();
-        config.setAllowUsernameTokenNoPassword(true);
         newEngine.setWssConfig(config);
         newEngine.processSecurityHeader(encryptedDoc, data);
     }
@@ -836,10 +842,14 @@ public class UTDerivedKeyTest extends or
         boolean allowUsernameTokenDerivedKeys
     ) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
-        secEngine.setWssConfig(config);
-        return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
+        
+        RequestData requestData = new RequestData();
+        requestData.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        
+        return secEngine.processSecurityHeader(doc, requestData);
     }
 
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTSignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTSignatureTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTSignatureTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTSignatureTest.java Fri Apr 10 14:10:50 2015
@@ -255,10 +255,14 @@ public class UTSignatureTest extends org
         boolean allowUsernameTokenDerivedKeys
     ) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
-        secEngine.setWssConfig(config);
-        return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
+        
+        RequestData requestData = new RequestData();
+        requestData.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setSigVerCrypto(crypto);
+        requestData.setDecCrypto(crypto);
+        
+        return secEngine.processSecurityHeader(doc, requestData);
     }
 
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java Fri Apr 10 14:10:50 2015
@@ -36,7 +36,6 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.common.util.WSTimeSource;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.WSSecurityEngine;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.dom.common.CustomHandler;
@@ -191,8 +190,10 @@ public class UsernameTokenTest extends o
         LOG.info("After adding UsernameToken PW Digest....");
 
         WSSecurityEngine newEngine = new WSSecurityEngine();
-        newEngine.getWssConfig().setPasswordsAreEncoded(true);
-        newEngine.processSecurityHeader(signedDoc, null, new EncodedPasswordCallbackHandler(), null);
+        RequestData requestData = new RequestData();
+        requestData.setEncodePasswords(true);
+        requestData.setCallbackHandler(new EncodedPasswordCallbackHandler());
+        newEngine.processSecurityHeader(signedDoc, requestData);
     }
     
     /**
@@ -275,13 +276,13 @@ public class UsernameTokenTest extends o
             LOG.debug(outputString);
         }
         
-        WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setUtTTL(-1);
-        secEngine.setWssConfig(config);
+        RequestData requestData = new RequestData();
+        requestData.setUtTTL(-1);
+        requestData.setCallbackHandler(callbackHandler);
         
         try {
-            secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+            WSSecurityEngine secEngine = new WSSecurityEngine();
+            secEngine.processSecurityHeader(doc, requestData);
             fail("The UsernameToken validation should have failed");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -343,10 +344,11 @@ public class UsernameTokenTest extends o
         
         // This should not
         try {
-            WSSConfig config = WSSConfig.getNewInstance();
-            config.setUtFutureTTL(0);
-            secEngine.setWssConfig(config);
-            secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+            RequestData requestData = new RequestData();
+            requestData.setUtFutureTTL(0);
+            requestData.setCallbackHandler(callbackHandler);
+            
+            secEngine.processSecurityHeader(doc, requestData);
             fail("The UsernameToken validation should have failed");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED); 
@@ -675,11 +677,13 @@ public class UsernameTokenTest extends o
         //
         // Configure so that custom token types are accepted
         //
-        WSSConfig cfg = WSSConfig.getNewInstance();
-        cfg.setHandleCustomPasswordTypes(true);
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        secEngine.setWssConfig(cfg);
-        secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+        
+        RequestData requestData = new RequestData();
+        requestData.setHandleCustomPasswordTypes(true);
+        requestData.setCallbackHandler(callbackHandler);
+        
+        secEngine.processSecurityHeader(doc, requestData);
     }
     
     
@@ -1092,7 +1096,6 @@ public class UsernameTokenTest extends o
         WSSecHeader secHeader = new WSSecHeader();
         secHeader.insertSecurityHeader(doc);
         
-        WSSConfig config = WSSConfig.getNewInstance();
         WSTimeSource spoofedTimeSource = new WSTimeSource() {
 
             public Date now() {
@@ -1102,9 +1105,8 @@ public class UsernameTokenTest extends o
             }
             
         };
-        config.setCurrentTime(spoofedTimeSource);
         
-        builder.setWsConfig(config);
+        builder.setWsTimeSource(spoofedTimeSource);
         Document signedDoc = builder.build(doc, secHeader);
 
         if (LOG.isDebugEnabled()) {
@@ -1135,10 +1137,12 @@ public class UsernameTokenTest extends o
      */
     private WSHandlerResult verify(Document doc, boolean allowUsernameTokenDerivedKeys) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
-        secEngine.setWssConfig(config);
-        return secEngine.processSecurityHeader(doc, null, callbackHandler, null);
+        
+        RequestData requestData = new RequestData();
+        requestData.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
+        requestData.setCallbackHandler(callbackHandler);
+        
+        return secEngine.processSecurityHeader(doc, requestData);
     }
     
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/WCFUsernameTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/WCFUsernameTokenTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/WCFUsernameTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/WCFUsernameTokenTest.java Fri Apr 10 14:10:50 2015
@@ -110,9 +110,11 @@ public class WCFUsernameTokenTest extend
             LOG.debug(outputString);
         }
         
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setAllowNamespaceQualifiedPasswordTypes(true);
-        verify(doc, config, Collections.singletonList(BSPRule.R4201));
+        RequestData requestData = new RequestData();
+        requestData.setAllowNamespaceQualifiedPasswordTypes(true);
+        requestData.setWssConfig(WSSConfig.getNewInstance());
+        requestData.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4201));
+        verify(doc, requestData);
     }
     
     
@@ -140,12 +142,9 @@ public class WCFUsernameTokenTest extend
      * Verifies the soap envelope
      */
     private WSHandlerResult verify(
-        Document doc, WSSConfig wssConfig, List<BSPRule> ignoredRules
+        Document doc, RequestData requestData
     ) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        RequestData requestData = new RequestData();
-        requestData.setWssConfig(wssConfig);
-        requestData.setIgnoredBSPRules(ignoredRules);
         requestData.setCallbackHandler(callbackHandler);
         return secEngine.processSecurityHeader(doc, requestData);
     }

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java Fri Apr 10 14:10:50 2015
@@ -69,7 +69,7 @@ public class FaultCodeTest extends org.j
      */
     @org.junit.Test
     public void testFailedCheck() throws Exception {
-        WSSecEncrypt builder = new WSSecEncrypt(secEngine.getWssConfig());
+        WSSecEncrypt builder = new WSSecEncrypt();
         builder.setUserInfo("wss40", "security");
         builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
@@ -112,7 +112,7 @@ public class FaultCodeTest extends org.j
      */
     @org.junit.Test
     public void testMessageExpired() throws Exception {
-        WSSecTimestamp builder = new WSSecTimestamp(secEngine.getWssConfig());
+        WSSecTimestamp builder = new WSSecTimestamp();
         builder.setTimeToLive(-1);
         
         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
@@ -137,7 +137,7 @@ public class FaultCodeTest extends org.j
      */
     @org.junit.Test
     public void testFailedAuthentication() throws Exception {
-        WSSecUsernameToken builder = new WSSecUsernameToken(secEngine.getWssConfig());
+        WSSecUsernameToken builder = new WSSecUsernameToken();
         builder.addCreated();
         builder.addNonce();
         builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
@@ -164,7 +164,7 @@ public class FaultCodeTest extends org.j
      */
     @org.junit.Test
     public void testInvalidSecurityToken() throws Exception {
-        WSSecUsernameToken builder = new WSSecUsernameToken(secEngine.getWssConfig());
+        WSSecUsernameToken builder = new WSSecUsernameToken();
         builder.addCreated();
         builder.addNonce();
         builder.setUserInfo(null, "security");

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java Fri Apr 10 14:10:50 2015
@@ -323,16 +323,20 @@ public class PrincipalTest extends org.j
         QName validatorName,
         Crypto crypto
     ) throws Exception {
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
         
         WSSecurityEngine secEngine = new WSSecurityEngine();
+        WSSConfig config = WSSConfig.getNewInstance();
         secEngine.setWssConfig(config);
         
         if (validator != null && validatorName != null) {
             config.setValidator(validatorName, validator);
         }
-        return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
+        return secEngine.processSecurityHeader(doc, requestData);
     }
     
     /**

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java Fri Apr 10 14:10:50 2015
@@ -204,13 +204,10 @@ public class SamlAlgorithmSuiteTest exte
         boolean saml2
     ) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
-        secEngine.setWssConfig(config);
-        
         RequestData data = new RequestData();
         data.setSigVerCrypto(sigVerCrypto);
         data.setSamlAlgorithmSuite(algorithmSuite);
+        data.setValidateSamlSubjectConfirmation(false);
         
         return secEngine.processSecurityHeader(securityHeader, data);
     }

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAuthnTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAuthnTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAuthnTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAuthnTest.java Fri Apr 10 14:10:50 2015
@@ -33,6 +33,7 @@ import org.apache.wss4j.dom.common.SAML1
 import org.apache.wss4j.dom.common.SAML2CallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
+import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.message.WSSecHeader;
 import org.apache.wss4j.dom.message.WSSecSAMLToken;
@@ -56,7 +57,6 @@ public class SamlAuthnTest extends org.j
         WSSConfig config = WSSConfig.getNewInstance();
         config.setValidator(WSSecurityEngine.SAML_TOKEN, new CustomSamlAssertionValidator());
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, new CustomSamlAssertionValidator());
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
     }
     
@@ -195,8 +195,10 @@ public class SamlAuthnTest extends org.j
      * @throws Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, null, null);
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java Fri Apr 10 14:10:50 2015
@@ -64,7 +64,6 @@ public class SamlConditionsTest extends
         WSSConfig config = WSSConfig.getNewInstance();
         config.setValidator(WSSecurityEngine.SAML_TOKEN, new CustomSamlAssertionValidator());
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, new CustomSamlAssertionValidator());
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
     }
     
@@ -492,10 +491,7 @@ public class SamlConditionsTest extends
         WSSecurityEngine newEngine = new WSSecurityEngine();
         RequestData data = new RequestData();
         data.setAudienceRestrictions(audiences);
-        
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
-        newEngine.setWssConfig(config);
+        data.setValidateSamlSubjectConfirmation(false);
         
         try {
             newEngine.processSecurityHeader(doc, data);
@@ -555,10 +551,7 @@ public class SamlConditionsTest extends
         WSSecurityEngine newEngine = new WSSecurityEngine();
         RequestData data = new RequestData();
         data.setAudienceRestrictions(audiences);
-        
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
-        newEngine.setWssConfig(config);
+        data.setValidateSamlSubjectConfirmation(false);
         
         try {
             newEngine.processSecurityHeader(doc, data);
@@ -671,10 +664,7 @@ public class SamlConditionsTest extends
         WSSecurityEngine newEngine = new WSSecurityEngine();
         RequestData data = new RequestData();
         data.setAudienceRestrictions(audiences);
-        
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
-        newEngine.setWssConfig(config);
+        data.setValidateSamlSubjectConfirmation(false);
         
         try {
             newEngine.processSecurityHeader(doc, data);
@@ -730,8 +720,10 @@ public class SamlConditionsTest extends
      * @throws Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, null, null);
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlNegativeTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlNegativeTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlNegativeTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlNegativeTest.java Fri Apr 10 14:10:50 2015
@@ -29,6 +29,7 @@ import org.apache.wss4j.dom.common.SAML1
 import org.apache.wss4j.dom.common.SAML2CallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
+import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -78,7 +79,6 @@ public class SamlNegativeTest extends or
     
     public SamlNegativeTest() throws Exception {
         WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
         
         // Load the issuer keystore
@@ -386,10 +386,14 @@ public class SamlNegativeTest extends or
      * @throws Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc, Crypto sigCrypto) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(
-                doc, null, callbackHandler, sigCrypto, userCrypto
-            );
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setDecCrypto(userCrypto);
+        requestData.setSigVerCrypto(sigCrypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
+        
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlReferenceTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlReferenceTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlReferenceTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlReferenceTest.java Fri Apr 10 14:10:50 2015
@@ -31,6 +31,7 @@ import org.apache.wss4j.dom.common.SAML1
 import org.apache.wss4j.dom.common.SAML2CallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
+import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -73,7 +74,6 @@ public class SamlReferenceTest extends o
     
     public SamlReferenceTest() throws Exception {
         WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
         
         // Load the issuer keystore
@@ -969,8 +969,14 @@ public class SamlReferenceTest extends o
     private WSHandlerResult verify(
         Document doc, Crypto verifyCrypto, Crypto decCrypto
     ) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, callbackHandler, verifyCrypto, decCrypto);
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setDecCrypto(decCrypto);
+        requestData.setSigVerCrypto(verifyCrypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
+        
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java Fri Apr 10 14:10:50 2015
@@ -63,7 +63,6 @@ public class SamlTokenActionTest extends
         crypto = CryptoFactory.getInstance("wss40.properties");
         config.setValidator(WSSecurityEngine.SAML_TOKEN, new CustomSamlAssertionValidator());
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, new CustomSamlAssertionValidator());
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
     }
     
@@ -182,8 +181,13 @@ public class SamlTokenActionTest extends
     private WSHandlerResult verify(
         Document doc, CallbackHandler callbackHandler
     ) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenCustomSignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenCustomSignatureTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenCustomSignatureTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenCustomSignatureTest.java Fri Apr 10 14:10:50 2015
@@ -278,14 +278,12 @@ public class SamlTokenCustomSignatureTes
      */
     private WSHandlerResult verify(Document doc) throws Exception {
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
-        secEngine.setWssConfig(config);
+        RequestData requestData = new RequestData();
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
         
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(
-                doc, null, null, crypto
-            );
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         String outputString = XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);
         return results;

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java Fri Apr 10 14:10:50 2015
@@ -44,6 +44,7 @@ import org.apache.wss4j.dom.common.Keyst
 import org.apache.wss4j.dom.common.SAML1CallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
+import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.message.WSSecDKSign;
 import org.apache.wss4j.dom.message.WSSecHeader;
@@ -68,7 +69,6 @@ public class SamlTokenDerivedTest extend
     
     public SamlTokenDerivedTest() throws Exception {
         WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
         crypto = CryptoFactory.getInstance("crypto.properties");
     }
@@ -204,8 +204,14 @@ public class SamlTokenDerivedTest extend
      * @throws Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
+        RequestData requestData = new RequestData();
+        requestData.setCallbackHandler(callbackHandler);
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
+        
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenHOKTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenHOKTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenHOKTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenHOKTest.java Fri Apr 10 14:10:50 2015
@@ -29,6 +29,7 @@ import org.apache.wss4j.dom.common.SAML1
 import org.apache.wss4j.dom.common.SAML2CallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;
 import org.apache.wss4j.dom.common.SecurityTestUtil;
+import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -59,7 +60,6 @@ public class SamlTokenHOKTest extends or
     
     public SamlTokenHOKTest() throws Exception {
         WSSConfig config = WSSConfig.getNewInstance();
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
         
         crypto = CryptoFactory.getInstance("crypto.properties");
@@ -137,9 +137,14 @@ public class SamlTokenHOKTest extends or
             LOG.debug(outputString);
         }
         
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        requestData.setCallbackHandler(new KeystoreCallbackHandler());
         Crypto decCrypto = CryptoFactory.getInstance("wss40.properties");
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), crypto, decCrypto);
+        requestData.setDecCrypto(decCrypto);
+        requestData.setSigVerCrypto(crypto);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);
@@ -224,9 +229,14 @@ public class SamlTokenHOKTest extends or
             LOG.debug(outputString);
         }
         
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        requestData.setCallbackHandler(new KeystoreCallbackHandler());
         Crypto decCrypto = CryptoFactory.getInstance("wss40.properties");
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), crypto, decCrypto);
+        requestData.setDecCrypto(decCrypto);
+        requestData.setSigVerCrypto(crypto);
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
+        
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);
@@ -246,8 +256,13 @@ public class SamlTokenHOKTest extends or
      * @throws Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc) throws Exception {
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, null, crypto);
+        RequestData requestData = new RequestData();
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
+
         String outputString = 
             XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java Fri Apr 10 14:10:50 2015
@@ -99,7 +99,6 @@ public class SamlTokenTest extends org.j
         WSSConfig config = WSSConfig.getNewInstance();
         config.setValidator(WSSecurityEngine.SAML_TOKEN, new CustomSamlAssertionValidator());
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, new CustomSamlAssertionValidator());
-        config.setValidateSamlSubjectConfirmation(false);
         secEngine.setWssConfig(config);
     }
     
@@ -753,8 +752,12 @@ public class SamlTokenTest extends org.j
             LOG.debug(outputString);
         }
         
-        WSHandlerResult results = 
-            secEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), crypto);
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        requestData.setCallbackHandler(new KeystoreCallbackHandler());
+        requestData.setDecCrypto(crypto);
+        requestData.setSigVerCrypto(crypto);
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         
         WSSecurityEngineResult actionResult =
             results.getActionResults().get(WSConstants.ST_UNSIGNED).get(0);
@@ -819,12 +822,13 @@ public class SamlTokenTest extends org.j
         ignoredRules.add(BSPRule.R5426);
         data.setIgnoredBSPRules(ignoredRules);
         data.setCallbackHandler(new KeystoreCallbackHandler());
+        data.setValidateSamlSubjectConfirmation(false);
+        
         WSSecurityEngine newEngine = new WSSecurityEngine();
         
         WSSConfig config = WSSConfig.getNewInstance();
         config.setValidator(WSSecurityEngine.SAML_TOKEN, new CustomSamlAssertionValidator());
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, new CustomSamlAssertionValidator());
-        config.setValidateSamlSubjectConfirmation(false);
         newEngine.setWssConfig(config);
         
         WSHandlerResult results = newEngine.processSecurityHeader(doc, data);
@@ -890,11 +894,13 @@ public class SamlTokenTest extends org.j
         assertionValidator.setRequiredSubjectConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
         config.setValidator(WSSecurityEngine.SAML_TOKEN, assertionValidator);
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, assertionValidator);
-        config.setValidateSamlSubjectConfirmation(false);
         
         WSSecurityEngine newEngine = new WSSecurityEngine();
         newEngine.setWssConfig(config);
-        newEngine.processSecurityHeader(unsignedDoc, null, null, null);
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        newEngine.processSecurityHeader(doc, requestData);
         
         // Now create a Bearer assertion
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
@@ -951,10 +957,13 @@ public class SamlTokenTest extends org.j
         assertionValidator.setRequireStandardSubjectConfirmationMethod(false);
         config.setValidator(WSSecurityEngine.SAML_TOKEN, assertionValidator);
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, assertionValidator);
-        config.setValidateSamlSubjectConfirmation(false);
         
         newEngine.setWssConfig(config);
-        newEngine.processSecurityHeader(unsignedDoc, null, null, null);
+        
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        newEngine.processSecurityHeader(doc, requestData);
     }
     
     @org.junit.Test
@@ -990,10 +999,13 @@ public class SamlTokenTest extends org.j
         assertionValidator.setRequireBearerSignature(false);
         config.setValidator(WSSecurityEngine.SAML_TOKEN, assertionValidator);
         config.setValidator(WSSecurityEngine.SAML2_TOKEN, assertionValidator);
-        config.setValidateSamlSubjectConfirmation(false);
         
         newEngine.setWssConfig(config);
-        newEngine.processSecurityHeader(unsignedDoc, null, null, null);
+        
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        newEngine.processSecurityHeader(doc, requestData);
     }
     
     @org.junit.Test
@@ -1144,8 +1156,10 @@ public class SamlTokenTest extends org.j
      * @throws Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc) throws Exception {
-        WSHandlerResult results = 
-                secEngine.processSecurityHeader(doc, null, null, null);
+        RequestData requestData = new RequestData();
+        requestData.setValidateSamlSubjectConfirmation(false);
+        
+        WSHandlerResult results = secEngine.processSecurityHeader(doc, requestData);
         String outputString = 
                 XMLUtils.PrettyDocumentToString(doc);
         assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java?rev=1672673&r1=1672672&r2=1672673&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java Fri Apr 10 14:10:50 2015
@@ -514,7 +514,7 @@ public abstract class AbstractTestBase e
                     );
                 }
             }
-            if (reqData.getWssConfig().isEnableSignatureConfirmation() && !isRequest) {
+            if (reqData.isEnableSignatureConfirmation() && !isRequest) {
                 checkSignatureConfirmation(reqData, wsResult);
             }
 



Mime
View raw message