ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [ws-wss4j] branch 1_5_3 created (now 9207561)
Date Thu, 31 Oct 2019 14:31:17 GMT
This is an automated email from the ASF dual-hosted git repository.

dkulp pushed a change to branch 1_5_3
in repository

      at 9207561  Merged Werner's changes from the trunk to the 1.5.3 branch

This branch includes the following new commits:

     new 9de2c16  New repository initialized by cvs2svn.
     new 3616b10  Initial check-in
     new 6fccaf0  New testcase to test SKI function. Not yet included in package run because of missing cert that support SKI data
     new 47ac430  Move check-for-header code, need to check for SOAP Fault here (todo)
     new f2c198a  Add code to handle SKI. Code was copied from Apache xmlsec library and modified (additonal checks for Null etc). Not yet fully tested because our certificate does not contain SKI data.
     new f5add4d  Add the missing build files. Copied from SF, tested. Works ok, all testcases and interop tests ok.
     new 9faefbe  Remove trim() to check for unwanted space or \n characters.
     new 962616b  Set new version "1.0Beta"
     new 2ec2424  New functions to support STRTransform, IssuerSerial with embedded BinarySecurityToken, some code cleanup. All tests work without failure.
     new fbcd908  New crypto property files used to run the SKI (SubjectKeyIdentifier) tests. Refer to "keys" directory for more scripts etc.
     new e606da7  Finish the SKI functions. Upgrade the identifiers, encoding types, etc to conform to current OASIS WSS specifications.
     new 67b8fe3  Finish SKI stuff (refer to test4 and  test11), modify the package to exclude the MSFT test (fails because we updated to latest OASIS WSS specifications).
     new 198646a  Adapt to current OASIS WSS specifications.
     new 9e03871  Some scripts to generate certificates that contain SKI info and put them in a keystore. Refer to new file in src directory to see how to use. Refer also to test4 and test11 to see how to use the new property file.
     new b17cf4d  Add to new tests for SKI and the STRTransform.
     new 316f680  Adapt UserNameToken to current OASIS WSS specifications.
     new 1235210  Enhanced the UserNameToken test to include a password type Text.
     new 3a19795  Update list of developers :-)
     new 1700c2e  Fix typo
     new db8ddac  Fix problem with UsernameToken (password type, setting of Nonce, timestamp)
     new dcf8288  Patch from "Rami Jaamour" <> for "setting the sig algorithm and canonicalization"
     new 0905fd1  Re-enable support for JDK1.3
     new 9b6261f  oops forgot a file.
     new 6c28922  Added a certificate into keystore to test DSA/SHA1 signature algo
     new 1d4d76a  Added test for manual selecting DSA/SHA signature and test for automatic signtaure algo detection.
     new 28b3c42  Added function to manually select the signature algo, function to autodetect signature algo according to certificate public key algo. Support for RSA-OAEP keytransport.
     new ceb7ea2  Updated to latest Axis, XML-Security and BC jar's.
     new 8018487  Username token profile has its own namespace.
     new d16604d  Fix and test interop problem for Scenario1 (with MSFT endpoint)
     new 5e0b05b  Fixing problems in header and mustUnderstand handling (setProcessed header). Also fix Mustunderstand flag according to specs ("1" in SOAP 1.1, "true" in SOAP 1.2)  to be inline with Axis.
     new dbb617a  Fix Scenario1 interop with MSFT and SUN endpoints.
     new 4353e3d  custom maven css
     new f665cfc  WSETEST.cer is the Root Certificate Client.PFX is to be used on the client Server.PFX is to be used on the server
     new 44cc1b6  Simple change to show the result data (modified String).
     new 950c4e3  Changes to avoid double check of empty security header, fix code sequence to set the processed flag correctly.
     new 122411b  Trying to get Scenario2 working against MSFT endpoint...
     new 20bf5fb  Trying to get Scenario2 working against MSFT endpoint...
     new 981b2dc  Got both Scenario1 and Scenario2 working with Betrusted and MSFT endpoints.
     new 9fd32d7  Fix the public key Algo Ids in Security Engine according to Encryption.
     new c165d05  brute force search for the cert alias....our scenario 2 test still fails
     new 13cf831  Fix for TestScenario2 failure :)
     new 88828c7  Got Scenario 4 working against MSFT, BeTrusted and ContentGuard endpoints.
     new 2efcd7e  Updated WSDL (based off of MSFT's endpoint). I had removed TicketType by mistake. sorry.
     new 42347d9  Scenario 3 works with MSFT endpoint (got offline patch from Werner for the wsdd's).
     new 1102a57  Got Scneario # working with BeTrusted endpoint (fix the valuetype for x509v3, handle whitespaces better)
     new 951f804  Remove unnecessary file
     new 62f0662  Werner spotted this :)
     new 3eedd6f  Scenario #5 works fine with local, MSFT and BeTrusted endpoints (Thanks again Werner)
     new c3c15fa  Scenario #6 working with MSFT and BeTrusted..Fails in local mode.
     new 12c6ce2  Populate TicketType for better testing.
     new 1763018  Updated deploy.wsdd and fixed ing text being echoed back
     new 22ed82d  fix to get MSFT client working with our Scenario 5 server
     new 376723b  Fix problems found during interop tests.
     new a6da551  fix namespace for str-transform
     new f3db406  Some fixes to better comply to OASIS WSS specification. Note, this STRTransform not yet passes the interop test. Commited to allow others to have a look at the current status.
     new c237eb9  Fix problem with direct reference, works now.
     new 30c622e  Add handling to give back SOAP faults to the client instead of erronously report internal security fault.
     new 2a35187  SOme code cleanup, added more key identifiers in encryption mode.
     new 02f0740  changed keyidentifier from SKI reference to Direct reference type for scenario7 (Ping7)
     new 0b75156  encapsulate a debug printout
     new c61709c  Throw/Print exceptions when we don't find the cert/alias
     new ce19bb5  Use one jks store for both certs. Interop tests works witk JDK1.5Beta ONLY. JDK1.4.2 has a bug that prevents loading the keystore.
     new e7c1898  !!! HACK ALERT !!! This code contains a hack to play/deal with interop tests. It don't break tests that don't use STRTRansform, also STRTransform between WSS4J implemetations work.
     new 9859091  SUN's choking if we don't populate TicketType
     new e015653  Latest Axis jar's
     new aa9c1aa  setup to run interop scenarios 1 - 7, WSS4J as client.
     new 02a0f09  setup to run interop scenarios 1 - 7, WSS4J as client. Sever setup for scenarios (#7) needs to be confirmed.
     new a5001c3  Fix the STRTransform to be WSS compliant, fix reference to SecurityTokenReference in Signature, some small code cleanup.
     new 2031481  Small code cleanup only.
     new 903a2fc  don't look for jdk1.5 :)
     new 9c5f321  Trying to fix Interop problems with Systinet and Hitachi
     new bb36906  Use a single properties file for interop testing.
     new 5c66d66  Some small code cleanup.
     new 45e98fa  Modified Ping7 server response setup. Should now work with Hitachi.
     new a3ecac1  A todolist - feel free to add items - and to work on items.
     new a325c95  Adding Ron/noR as valid userid/password.
     new e824085  Fixes from Werner for better interop.
     new f5247dd  Changing WSSecurityEngine to return a vector of modified result structures. This change enables the Axis handler and/or the receiving service to access the certificate used to sign the message. This enables more and better certificate checks. ATTENTION: this is a interface modification of processSecurity header.
     new e9bf56e  Modify Ping implementation to use the new WSSecurityEngineResult structure
     new df3c95a  First part to clean up the Exception handling. Many changes in Crypto, Merlin, WSSecurityEngine. All tests and interops working (same state as last Friday).
     new bf0a14c  Update WSSecurityException codes.
     new 05b00c2  Disable tests that would test disabaled WSS4J functions that would introduce some security risks.
     new 68eb482  Disable some WSS4J key identifier variants that could introduce security risks (forge of certificate).
     new 2b132b0  Disable keyword for key identifier variants.
     new ac26f5f  remove test case that are not longer used / supported.
     new 50f0773  Second part of Exception clean up, new functions to automatically reuse a client certificate to encrypt a server response.
     new 517915a  Some small code cleanup
     new e964e72  Fix a bug reported by Christof Soehngen. Initialize some fileds because of possible object caching/reuse in Axis.
     new 6c1f92c  Enhance dist target.
     new 1714855  Somer modifications proposed by Rami Jaamour.
     new 740cc58  Fix problem reported by Rami Jaamour. Re-enable check for null and zero length.
     new 0f3a675  Small fix to detect the Timestamp element.
     new ba7bb1f  Fix not null check.
     new 368eb43  maven changes.
     new 014f2a8  Adding a war target that can be used for for interop testing.
     new 29bef7a  Add srcdist target
     new 5d57edf  - Cleanup javadoc - Load jks from classpath - Stand-alone interop war (just drop into any tomcat)
     new a185f47  Patch from "Anderson Jonathan" <> that "exposes some previously private data members, and cleans up JavaDoc"
     new 0624a3f  - latest axis, xml-sec, bc - remove unnecessary jars.
     new 2e7f02e  Update implementation with "correct" namespaces. May break interop till others catch up.
     new c1e3989  Thanks for the catch David.
     new 909f89b  Update to latest axis (perf improvements)
     new 4262709  Enhancement to compare Distinguished Name (DN) of certificate holder and issuer. Split into Relative Distinguished Names (RDN) parts and compare the parts. NameTokenizer takes care of quotes, escapes, etc. Compares the parts in order.
     new a05bfb3  Modify namespace prefix handling when setting an Id. This fixes a problem reported by Rami (corrects a wrog WSU namespace and reuses an existing WSU Id)
     new d45d09f  Latest jars of axis and xml-security
     new 379cd32  private->protected from Rami
     new 8dc71c4  Fix for WSFX-1 - WsDoAllSender does not correctly handles international characters
     new 46632d1  Fix Receiver as well.
     new 9ea76ec  Fix for (WSFX-4) Order of elements in parameter "encryptionParts" leads to wrong DataReferences in ReferenceList from Christof Soehngen <>
     new 5ed88f8  SAML token spec and interop doc
     new 5f8955d  (WSFX-4) Order of elements in parameter "encryptionParts" leads to wrong DataReferences in ReferenceList
     new 2167ea9  Insert debug log statement
     new c79b428  Fix for WSFX-6 - Validation of the certificate that was used to sign the message from Christof Soehngen
     new 8e7e576  Include patches for JIRA issue: (WSFX-5) Interoperability improvements
     new 1b23da8  Include patch for JIRA issue: (WSFX-7) UsernameToken should be prepended to the security header
     new ef16209  bare minimum support for saml interop #1
     new 33a4944  Add the second step of SAML token support. Added a bar-bone SAML issuer that the Axis handler use to get a SAML token enhance Signature and WSSecurityEngine Does not yet work fully with Axis handlers
     new 5ffcec9  Add testcases for SAML support
     new 0e021b4  Enhance WSS4J Axis drivers to support SAML token. Note: this is not a full support yet.
     new b6c5d82  Better detection of SOAP 1.2 envirnment. Credits go to Richard Baker.
     new a1b5148  Enhancement to forward the detected SAML token to the application.
     new f308215  WSFX-9: Implement explicit timestamp handling, patches from Christof.
     new 86108d6  WSFX-9: Implement explicit timestamp handling, patches from Christof. Add explicit Timestamp action in deployment descriptors.
     new 9c7ec01  Switch off debugging
     new 4681218  Insert code to provide a configurable Time-to-live for SOAP security Timestamp (expires).
     new 90ee827  Bring in new interop cerctificates
     new 47116de  Correct namespace for UsernameToken Digest password type.
     new 99d24b6  Delete outdated example. Pls look at interop and test directories for working examples.
     new d137db0  Delete outdated example. Pls look at interop and test directories for working examples.
     new 490e41d  initial check-in (and 1 patch) for WS-Trust and WS-SecureConversation from the Sri Lanka team.
     new 8c7adcf  Checking in updates from Dimuthu et al.
     new 2cbd6e6  Adding commons http-client (and codec which it depends on)
     new 1025c4c  Updated to latest Axis.
     new b42513e  For Signature actions the WSSecurityEngine now returns the QNames the signed Elements in the result structure.
     new cfbd2a2  These should be in package as they are axis specific
     new e442a98  Remove java modules - moved to axis part
     new e93d597  Fix problem of last checkin (overwrite of a bug fix)
     new 07e4a3c  Update to latest axis.
     new 98954e5  switch off debug.
     new c34dd8e  A small code cleanup only, some documentation
     new 5933f05  - Updated xml-sec and axis jars - getCiperInstance to getCipherInstance
     new 2a19dfe  Fix for WSFX-21 - Enable custom ciphers in WSS4J from Sam Meder (
     new 26f28cd  Fix imports.
     new eae5c58  Fix for WSFX-3 - WSDoAllReceiver does not backup processed-header flags
     new 9e68ee7  Fix for WSFX-10 - Merlin.splitAndTrim() needs ordering to cope with different providers
     new 2e768f8  Test commit :-).
     new f9a2f37  Fix for WSFX-22 - Merlin crypto hardcodes the use of BC for certificate path validation from Christof Soehngen
     new 23df665  oops...commented out interop tests by mistake.
     new 5d4e96f  Print the cause of the InvocationTargetException
     new 84f2297  offline note from Jarek stating that " log.error("msg", e);" will print the internal exception as well.
     new 3ff9818  Fix for WSFX-19 - WSS4J Interoperability Features from Rami Jaamour
     new 6b720c6  patches from David Del Vecchio <>
     new 63fa3a3  Fix for WSFX-23 - change method name in WSSConfig from Rami Jaamour
     new fbb84ab  Fix for (WSFX-24) KeyIdentifier not accounting for different namespaces from Rami Jaamour
     new ea813a5  Adding handler constants, to read values from wsdd.
     new 227bdc0  Adding constants.
     new f031f4c  Testing
     new 976a734  Comitting Kaushalye's code for WS-trust
     new ab6cc1c  Comitting Kaushalye's code for WS-trust
     new b576cfc  Testing
     new 8478b0b  Committing Kaushalye's code
     new 7e55e56  Adding Kaushalye's patches and classes.
     new 9cb5182  Removing "Test.txt"
     new c3a0d42  Committing Ruchith's classes and patches - WS-Secure Ccnversation and WS-Trust impl.
     new 988d59a  Committing ConversationEngineResult - Used to hold processed information.
     new 261813e  Tokens authored by Kau and Dimuthu
     new f46e926  ConversationManager performs DerivedKey/SCT encryption, DerivedKey/SCT signature. Responsible for creating and managing WS-Secure Conversation.
     new ffe2803  Commenting because not compiling
     new d295636  Engine class to process the WS-Secure Conversation elements.
     new 035cc65  Code is commented because the compile breaks.
     new 52e1006  Patch from Dimuthu Leelarathne <> as detailed in the "[PATCH] WSEncryptBody" email thread
     new 5bc00cc  Committing JUnit tests for WS-Secure Conversation components.
     new fe3ac22  Changine the Build.xml file to compile Junit component tests for WS_Secure Conversation.
     new 31a1697  Kaushalye's code for WS-Trust
     new 8d67842  Replacing tabs with spaces.
     new fd7c7cf  reformat code and re-organize imports.
     new 5e664a2  Add copyright and remove IDE auto-generated code.
     new 09b2923  Removing the 302 line frome WSEncryptBody i.e. commenting SecretKey symmetricKey = null; Making the local vriable "symmetricKey" to be class atrribute. In the process of implementing WS-Secure Conversation.
     new 6b68e30  A testCase that sends the RequestedSecurityTokenResponse to the server. Tests two components : ConversationManager and ConversationEngine.
     new 2bb92eb  Adding Kaushalye's patch.
     new 2e6e0e9  Code for testing Derived key Encryption. Tests two components : ConversationManager and ConversationEngine
     new 1e0cc54  Enabling Derived Key Encryption. Removing commented code.
     new 465790f  Kaushalye's code for STS Util.
     new cc6d6aa  Re-enable STSUtil commented code.
     new c00d504  Remove hard-coded strings.
     new b260497  enhance WSSAddUsernameToken to allow specifying id's.
     new 2913143  Porting David Del Vecchio's code in anticipation of merging this with our code. (
     new 9c0e763  Remove Axis specific code in the SAML support.
     new ff6e7f6  Performs client side operations needed for secure conversation for Axis.
     new 54bfa7c  Performs serverside operations needed to perform secure conversation for Axis
     new 54eaa55  OOPS!!!!
     new d8be039  Updating to latest Axis jars.
     new 494303a  - Re-factor files to eliminate dependency of the jax-rpc handler on package - Add Venkat's contribution (WSS4JHandler) - Add Test for Scenario3 using the WSS4JHandler
     new 790a2d9  decode signature parts and set the token type.
     new f3d9f97  Kaushalye's code for STSAgent
     new c0ffeb0  Kaushalye's modifications to accomodate STSAgent
     new 72df5dd  Adding a functionality test case to test WS-Secure Conversation
     new c2e1020  Reading password call back from the wsdd.
     new 72ff07c  Enabling to read from wsdd.
     new 396c6f5  Enabling to read password callback.
     new 753c51f  Fix build failures.
     new e9e308f  Fix for(WSFX-33) [Patch] client handler chaining with different actors from Yves Langisch
     new 9599d58  Fixing failures.
     new 58d5832  Fix "maven dist"
     new d0e1816  Fix for WSFX-35 - Timestamp should be in UTC format, not GMT from Rami Jaamour
     new 00d33c5  Fix for WSFX-34 - UsernameToken plaintext password handling change from David Keppler
     new 1615250  Off-line patch from "Erik Hansen" <>
     new 576b606  Updating test cases for new changes.
     new 2021aa9  Performing changes to the core components of Secure Conversation in order to support Interop scenarios. Dimuthu and Ruchith
     new 43f2d35  Element classes for Trust.
     new 6dcb7c6  Updating conversation handlers
     new fbcb1b4  Updating components for interop scenario impl
     new ad21635  Kaushalye's code for Applies to
     new ecc0d83  Code for interop.
     new 8bbda5c  Handshaking classes used for Trust and SecConv workshop.
     new cc9c0cd  Adding Ruchith's changes to the SecurityTokenReference
     new 8206769  Removing system.out
     new 8f342c9  Committing addressing jar Following wrong change is done Remember in the constant class: NS_URI_ADDRESSING_04 =         "";
     new 60aa944  Don't use enum (keyword in JDK1.5)
     new 7fd2716  Make this part of the code 1.3 compliant
     new 1c8f5cb  add more flexibility in how the private key is discovered and make a couple more methods visible
     new 8236034  Fix for multi-threading problem ( from <>
     new 3530bbb  Comitting the code for the sample.l
     new cbdc28b  Enhancements to support "siging with key derived from UsernameToken", refer to E-mail conversation in ws-fx mailing list (Oct, 20, 2004).
     new e8f69ba  Re-arrange check for password call back. Check only if we really need it.
     new 7d25429  Insert code to use the sign-parts parameter for UT_SIGN.
     new d53ef5d  Change algorithm to generate thekey derived from UsernameToken
     new add26ac  Change algorithm to generate thekey derived from UsernameToken - second try
     new 4eea989  Insert a TODO: skip comment lines ate the beginning of the document
     new 136c109  Fix the interoperability problem with .NET WSE, UsernameToken derived key.
     new d6b5b4c  New constants as default values for .NET WSE UsernameToken derived key.
     new 52df9d9  Small cleanup only.
     new 18ac3b5  Small cleanup only.
     new 5d2b323  Refactor code to pack all request specific data in a private data class. This enables the drivers to run as single instance in a mutli-thread enviornment wihout doing additional synchronization thus runs at maximum speed.
     new 256ceff  Get rid of
     new 1db810b  Started trying to fix Gump Failure ( and ended up updating to latest BouncyCastle and XML-Security...
     new 82f3678  Updating to latest Axis
     new 2f0c345  why leave addressing...update that too.
     new 156d7c5  Make code slightly more friendly to shared keys and some minor formatting fixes
     new 4757c01  (Partial) Fix for WSFX-38. Invalid Data was an invalid key for
     new d83b820  Fix for WSFX-39.
     new f8a5ba6  Fix on snippet in Reporting Security results to services/applications. WSDoAllReceiverResult is gone and insteand WSHandlerResult and nested WSSecurityEngineResult are used.
     new 6d1f80d  Fix tab.
     new 837385a  Fix ClassCastException - getHeaders() returns Enumeration with SOAPHeaderElement.
     new 7508a2b  Fix - call.setProperty(WSHandlerConstants.USER, username) didn't work.
     new 647ce02  Update to latest Axis and WSS4J
     new 18eb453  .cvsignore containing target,, etc..
     new 34f6b2f  fixed cvs connection string
     new c67664e  Fix mistypos.
     new ca1878d  Update URI of WSSE.
     new c77b1c1  Add ias.
     new 79307d6  Minor refactoring (probably more to come) and WS-I BSP compliance fixes
     new d1697d4  Add method to get at symmetric key used for encryption and use it in RequestedProofToken
     new 6010c03  Fix javadoc
     new ff9c770  Initial documentation set.
     new efa23a0  Minor WS-I BSP compliance fix and regen of expired certs
     new cc714d3  Sanitizing the jars...using named versions from their download locations.
     new 37c9d8e  Make inclusiveNS behavior conditional for now (via a WS-I BSP compliance switch in WSSConfig)
     new 6964589  Updates from Ruchith Fernando <>
     new 22ebe78  Corrected a wrong import statement
     new e85ee61  OASIS wss kerberos token profile and interop document.
     new 33135b3  fix the bug in using the P_SHA-1 key
     new 514c288  patches from Ruchith for secure conversation sample
     new 12acd69  Committing some changes from Ruchith for SecureConversation.
     new 83f9b14  Fix some problems that lead to NPE. Thanks to members of the mailing list for the problem reports.
     new 3be1678  New class to process XML Schema compliant timestamps. Thanks to Ian. P. Springer for the code.
     new 65919ee  Add a method to get the password type string.
     new 65435b9  Modify handling of usernametoken in case of password type text or an unknown password type. Delegate password check to callback handler. See Javadoc for further explanations.
     new 8bd8e63  Add some code to show how the callback class may check password type text or an unknown type. Be aware that this check is for the interop tests only and is _very_ simple.
     new 83ca620  Introduce a special parameter to enable a Null namespace for encrypted/signed parts of the SOAP message. Use the string "Null" to signal the absent of a namespace.
     new 959e12b  Update documentation about the new "Null" namespace feature to encrypt/sign elements that do not have a namespace.
     new db8b770  Insert the special "Null" namespace string.
     new 6b7b10c  Use the special "Null" namespace string from WSConstants now.
     new 40b9c5d  applied patch for JIRA WSFX-49, flexible handling of SAML property file. Also modified the document conversion to apply c14n when serializing to avoid to many namespace declarations.
     new 53fccb8  applied patch for JIRA WSFX-49, flexible handling of SAML property file to be in synch with JAX-RPC handler.
     new 654204e  Deleted some stuff that is required. See inline comments in the source.
     new c73fb94  Small code cleanup to slove problems reported in JIRA
     new 6c0c913  cleanup unnecessary files
     new e5f4876  Fix for I refactored the* classes of the WS-Trust impl from Ruchith.
     new 7d05af1  fixes to test cases from ruchith
     new 1116419  - Updating jars... - Had to remove CommonsHTTPSender as it was using chunked which SimpleAxisServer does not support - Certificates have exipred today :( so there are some failures.
     new 03fc8a6  Trying to build new jks for the Gartner interop PKCS12 keys.
     new c793d29  Get new certs working in the test harness.
     new 71d633b  fix changelog target
     new 8b6262f  Accept the full XMLSchema date format including milliseconds.
     new 2717567  Use the full XMLSchema date format including milliseconds. Attention: this may cause interop problems if the other side does not support this. To switch to format without millisecondes pls change the accroding parameter in WSConstants.
     new 955b81c  fixed some javadoc parameters
     new 3226f9e  Update the distribution targets (both bindist and srcdist)
     new 81e5a0f  Enable debug dynamically, insert/re-arrange some debug statements to catch the problem of testcase failure. Seems to be an Axis problem.
     new 9b2aabe  Accept the full XMLSchema date format including milliseconds.
     new dd80f6b  Logger entry for WSS4JHandler (JAX-RPC).
     new 0c80046  Disable JAX-RPC testcase until problem is fixed.
     new 4b4e868  Remove stuff that is generated anyway.
     new 1bde58d  Remove extra build.xml and clean up build process for the generated code.
     new 9715667  Update to latest CVS of Axis (needed for fixing JAXRPCHandler problems)
     new 1a3f636  Cleaning up old unnecessary interop/test stuff
     new 5089311  Cleaning up old unnecessary interop/test stuff
     new 7db999b  Cleaning up old unnecessary interop/test stuff
     new af0bfcb  Removing old tests
     new 70b81a2  Removing old tests
     new 59a4f5e  PR: Obtained from: Submitted by: Reviewed by:
     new 282d71a  Changed the maven build file to exclude the removed sec conv tests
     new 8a535ce  Updating the WS-Trust ...message.token.* stuff
     new 58bdb6b  Added the license header
     new a4021f6  Updated specs
     new d3d832d  - Set form optimization explicitly - Allow different set of actions for send/receive - Fix messageToDocument to work in presence of attachments.
     new 7193972  oops!
     new 71ed3e8  fix for WSFX-47 - Maven build misses out properties files for resource bundles
     new ba3e0b7  fix for WSFX-48 - Web page points to bugzilla, not jira
     new 8b55285  Fix for WSS-3 - .NET WSE signature validation of SAML Assertion throws exception
     new 033fb2a  First edit of the README file. Not yet complete.
     new 0730c2b  fix line endings
     new 6ff3e7d  Fix for WSS-4 - To be able to configure WSS completely in configuration of handlers (wsdd-files)
     new 16b9da9  WSS-1 : - added more test cases to interop.TestJAXRPCHandler. - updated WSS4JHandler to take care of request-flow-only handling etc.
     new 94b98e9  Add some more info to readme.txt, add files to bindist target of build.xml. Prepare for binary distribution WSS4J 1.0.0
     new 6d8bfa9  Fix problem if certificate does not contain SKI extension. Try to compute the SKI according to RFC3280 using the SHA-1 hash value of the public key. The second method described in RFC3280 is not support. Also only RSA public keys are supported. If we cannot compute the SKI throw an exception.
     new 5e819b3  Add README and legal stuff to srcdist target
     new 84748dd  Update CVS location.
     new e29db73  Remove fx stuff.
     new 8da7b44  update viewcvs link.
     new a159a3f  fix link
     new 01d92ba  adding download url
     new 1f9e88e  Fix for WSS-12 - WSDoAllReceiver crashes due to missing method in SOAPHeaderElement \n from Guy Rixon
     new 31a582b  Remove duplicate catch block (JIRA WSS-14)
     new 611a525  Add additional check for NULL pointer (JIRA WSS-16)
     new a39132d  Add a new target "reqjardist" that builds a ZIP file containing the ./lib/*.jar and ./endorsed/*.jar files.
     new 41e7754  Change default crypto provider class to "Merlin".
     new 2640514 (Contains absolutely zero Axis related code)
     new f0249aa  remove org.apache.axis from files under (to ensure that they can work without Axis 1.X)
     new 26a5250  Move trust and secure-conversation to sandbox (since we have no clue what works and what doesn't as there are no tests/samples to back up the code)
     new 89e66e1  Move useful code to WSSecurityUtil and remove AxisUtil
     new 9e57bd7  Yikes...replace AxisFault with WSSecurityException (thanks Ruchith)
     new e8bb0bf  cleanup code.
     new 984314c  fix bad checkin (removing axisutil broke tests)
     new e39dcd0  fix error messages
     new b07ec86  remove duplicate code (in WSHandler)
     new c95682d  Fix for WSS-17 - Use Context ClassLoader when loading CallbackHandler
     new 7e1800c  Fix for WSS-6 - Removed hard-coded BouncyCastle provider from wss4j
     new 4bbc0a8  Fix for WSS-15 - Documentation for direct-reference mode of message signing
     new fd91b20  Bug reported by Thilo Frotscher <> in email with message id (>)
     new 148f2bc  Just some minor fixes in comments
     new 273f4b8  Put common code of WSDoAllSender and WSS4JHandler into the abstract WSHandler class.
     new 66f5713  Yet another clean up of the common handler code. TimeToLive decoding and some other decoding was combined.
     new c6c8520  Do the right thing for sending/receiving HTTP 202's.
     new 7333138  Add a better readme - wow, it's HTML now :-). Update the readme to reflect new release.
     new fb4db7e  Update version numbers, modify target name.
     new 91e88eb  Adding support for optional wsu:Id for the wsse:Timestamp and setting the wsu:Id each time when a Timestamp or a UsernameToken is added to the wsse:Security header
     new 359105f  Fix bad NPE under debug
     new 7bc7595  Disable handling of old (draft) namespaces, clean up code and WSSConfig usage, prepare to add WSS 1.1 features. See also E-mail, Subject "Re: Extending WSS4J to the new OASIS specs" from Sep, 5th.
     new ef85ff9  Disable handling of old (draft) namespaces, clean up code and WSSConfig usage, prepare to add WSS 1.1 features. See also E-mail, Subject "Re: Extending WSS4J to the new OASIS specs" from Sep, 5th.
     new 0d5550d  Disable handling of old (draft) namespaces, clean up code and WSSConfig usage, prepare to add WSS 1.1 features. See also E-mail, Subject "Re: Extending WSS4J to the new OASIS specs" from Sep, 5th.
     new fa6aede  First iplementation of the SignatureCOnfirmation feature of WSS 1.1.
     new c40bf70  First iplementation of the SignatureCOnfirmation feature of WSS 1.1.
     new c0bf107  First iplementation of the SignatureCOnfirmation feature of WSS 1.1.
     new 4d47b0d  First iplementation of the SignatureCOnfirmation feature of WSS 1.1. Enhance to sign the SignatureConfirmation if at least on Signature action is defined for the handler in the response path. The first handler in the response path takes care of this.
     new 1977fd6  
     new f341965  First iplementation of the SignatureCOnfirmation feature of WSS 1.1. Enhance to sign the SignatureConfirmation if at least on Signature action is defined for the handler in the response path. The first handler in the response path takes care of this.
     new 6cad7a4  Exclude the "sandbox" from the compile.library target. Will be re-enabled if sandbox code is ok.
     new 2b46044  Make sandbox code compile clean after changes to remove old namespaces.
     new ac6ea4e  Make sandbox code compile clean after changes to remove old namespaces.
     new c6d5888  Make sandbox code compile clean after changes to remove old namespaces.
     new 063b100  Add some targets for easier monitoring and debugging.
     new 57c37e3  Insert fix to handle default Encoding to be base64. Same as for 1.1.0 Final by Dims
     new 68eb28f  Fix a problem with IssuerSerial. Should be wrapped by a X509Data element according to WSS spec. Work with at receiver side with old version (without X509Data) too. The sender now wraps it into a X509Data element.
     new 02de734  can't depend on xml-security Base64 stuff... making a copy (added a param for wrapping line during encoding), fixed another problem in encode Detect X509Data in STR.
     new b721d3b  can't depend on xml-security Base64 stuff... making a copy (added a param for wrapping line during encoding), fixed another problem in encode
     new 48e116b  can't depend on xml-security Base64 stuff... making a copy (added a param for wrapping line during encoding), fixed another problem in encode
     new 2102442  Implment the WSS 1.1 Thumprint key identifier.
     new 98dfdfb  Implment the WSS 1.1 Thumprint key identifier. The unit test.
     new e841878  List the new test case (unit test) in
     new 9f28128  removed javadocs mistakes
     new 19449f9  Implement the WSS 1.1 feature for UsernameToken derived key. Done for the message tokens and the WSSecurityEngine.
     new a7e6e05  Fix "ant test" breakage
     new eb28dc0  Lot's of Refactoring fir pluggability
     new f3ebf34  Add headers
     new 12f5654  
     new b629de7  Test case for Thumbprint key identifier
     new c359aab  enable TestWSSecurity14
     new a60cbd4  make sandbox code happy
     new a06a2fb  Updating to newer libraries
     new 7d2d3c4  get code to compile under JDK1.3
     new 4d40216  Add an implementation of Crypto for JDK1.3 based on bouncy castle.
     new 1fe657b  
     new 728ca48  Added some logj4 statements to support performance timing.
     new d660d13  Added some println to support performance timing.
     new 65fe873  Added some logj4 statements to support performance timing - switch of by default
     new 9c29e4c  Checkin new Xerces version. In accordance for Xalan 2.7.0.
     new 5205067  
     new a577fce  Modify a INFO message to DEBUG
     new 9ce5e2e  Remove methods that are not used anymore.
     new 7812d40  Clean up a little bit, rearrange some common used code, add new targets to make life easier for testing, debugging, timing.
     new b69d857  Prepare some code for new xml-sec optimized feature. This code is not enabled - don't use this features now because they break STRTransform.
     new fbe45d8  Changed the to pickup resource from the TCL
     new 829486f  Do quite some reworking in STRTransform. Due to this we better use the XML-SEC library, no more "circumventBug2650" calls, etc.
     new 264bca8  fix some typos, etc.
     new f4977c9  Just complete the task - clean up exceptions, imports.
     new 041daed  Get code working in JDK1.3
     new 1022434  get "ant test" working out-of-the-box in jdk1.3
     new 61a535d  * Avoid wsdl2java'ing when not needed (see target 'chkwsdl'   in interop/build.xml)
     new cfa01f8  Some code cleanup
     new 0627c01  Introduce functions and modifications to be able to configure the JCE security provider.
     new 3564798  Some fixes and modifications for configurable JCE security provider, setting of AES-128 as default symmetric encryption algorithm.
     new 3a1e14b  Some fixes and modifications for configurable JCE security provider, setting of AES-128 as default symmetric encryption algorithm.
     new 6c3707f  Some fixes and modifications for configurable JCE security provider, setting of AES-128 as default symmetric encryption algorithm.
     new 02ea864  Don't include/use the standard class path, not necessary.
     new d7a7db8  Honor JCE provider info in WSConfig during encryption.
     new b06f0b1  Make a new JCE provider the number one in the list of available JCE providers.
     new c04de4f  BC can't be the first..."ant clean test" fails in jdk14 and jdk15. See url's below for more info.
     new 85b8a4f  Get wss4j tests to work with Axis1.3
     new 49635c2  - Add endorsed library contents to webapp - Populate client-config.wsdd - Replace wss4j.html with interop.jsp - Populate the edit fields for the services automatically
     new 1c720b7  check for null classloader.
     new 1ec6823  minor typo
     new b9e77a0  Enhance Loader and WSHandler to be able to override the classloader used to load the classes for PWCallback
     new e449d54  Patch from Ruchith for using custom class loaders for loading Crypto/Merlin
     new 26ef154  Fix for the problem reported by Alex
     new dfbe426  Completed serialization/deserialization of the WS-Trust 'request' message elements including Request, Renew, Validate and Cancel
     new 0d52389  Enable turning off signatureConfirmation
     new 72aa846  Update to latest xml-security jar
     new 54467d1  add deployment descriptor for trust2 and enable test case as well.
     new ab6079a  Adding WssIP cert for WS-Trust and WS-SecConv Interop:
     new e6fcfc5  remove empty dir
     new f4d25bc  Use the provider defined/set in WSConfig to decrypt XML data.
     new 2cd704e  Use the provider defined/set in WSConfig to decrypt XML data.
     new b515cd4  Some fixes to make timestamp handling more compliant to WSS specification (optional fields, exeption only if timestampStrict=true)
     new f74f7a1  Minor edit
     new 4ddb882  Provide mechanism to sign elements with plain Id attributes in addition to wsu:Id.
     new 27dccae  Propagate exception during Crypto instantiation.
     new 4426e93  Some fixes to make timestamp handling more compliant to WSS specification (optional fields, exeption only if timestampStrict=true)
     new a28179d  revert previous change to be JDK 1.3 compliant.
     new f0bd6aa  Enable the conditional timestamp exception.
     new f7b6f49  Perform the second timestamp check (verifyTimestamp) only if timestampStrict == true.
     new f1f96f6  Fix WSS-27 - for Merlin.validateCertPath doesn't work with alternate providers from Allen Cronce
     new b272ff4  Prepare for some more WSS 1.1 functions and upcoming SecurityPolicy
     new 48746f5  Apply patch from Christian to have a consistent behaviour when access created, expires fields.
     new 02a98ce  Fix reference to elements of superclass because of changes in superclass.
     new f1264ab  A new WSS Signature class. This class is a refactored WSSignEnvelope and provides a more flexibe and fine granular control of the Signature creation process. This flexibility is required if we start to support WSSecurityPolicy mechanisms.
     new fc45401  The unit test that uses the new refactored WSSecSignature class and performs some basic tests.
     new 31faf15  Some more info about the build() method, fix some typos.
     new a1768aa  Refactor the WSS4J message classes to allow for more flexible control
     new 5dda5e2  Refactor the WSS4J message classes to allow for more flexible control. Testcases.
     new b879698  Mainly fixes in the comments to reflect the new functionality.
     new e4c701b  Modify on test case to cover a BST direct reference case
     new 9a29c6b  Refactor the WSS4J message classes to allow for more flexible control. Added some documentation.
     new 3ee5f0b  Refactor the WSS4J message classes to allow for more flexible control. Testcase.
     new 40989c1  Add Id handling to Encrypt and Signature, add documentation.
     new 52613b6  Fix for problem report JIRA WSS-32.
     new 3dc084e  Store processed security elements during parsing. This enables back references to these elements and the data contained in these elements. Another step to Policy language handling.
     new 06cdb57  Fix problems when creating external reference list and encryted data.
     new f52e4c2  Adjust log message
     new 8862a7e  Test case for external reference list and encrypted data element.
     new 3921313  Added new class entries.
     new 70339d4  Add the jar file for the WS-Commons policy implementation
     new f818b80  First checking of Policy sources. Copied from Ruchith's sources and WS-Commons parser.
     new 0e842b7  Use a DOM parser - OM not available in WSS4J / Axis1
     new 38176b1  Add a test case, copied from Ruchith's test case.
     new 3764101  Insert a first action - Timestamp.
     new 11325b2  Fix Javadoc comments.
     new f56b983  Enhance Policy parser implementation. Not yet fully implemented.
     new 77ac2f8  Test case for the Asymmetric binding.
     new 4a9d05f  Add some more parts for policy processing. Using these parts we can do some basic policy file processing.
     new 73e9587  A first, basic testcase for a policy processing function. Shows some principles how to do it.
     new 019c717  Add the new policy test case.
     new cfd5387  Just remove a debug printout.
     new 43234f9  Add SuportingToken parsing and preprocessing, SupportingTokens at top level, not part of binding.
     new fe31e9c  - Implemented encrypting a message using a DerivedKey (Signature coming up :-) ) 	- Added WSSecDKSignEncrypt to do the Encryption and Signing (Sometimes the same session key will have to be used to derive the encryption and signature key therefore thought of using a single builder to do both if and when required) 	- Added a new processor to process derived keys : DerivedKeyTokenProcessor
     new 72dd762  Oops - removing some commented constants
     new a661259  Fix getKeyIdentifier() call to WSS4JPolicyToken
     new c7e8f6d  Remove temporarily inserted methods.
     new 6380ae3  Refactor similar to other new Sec modules.
     new c3c74c3  saml interop docs
     new c9409e3  fix enum problem
     new 0a4c5f3  - Added a builder for derived key signature - Added a test method to test signature building(sig verification - in progress ...) - Refactored the derived key builders to move the common methods to a base class: WSSecDerivedKeyBase
     new 0e894b5  - Renamed to - Added a missing licence header
     new 8b3b767  SupportingTokens at top level, not part of binding.
     new c244761  DerivedKeyToken signature verification is functional and integrated
     new 711453c  JIRA WSS-33 Patch applied. This patch helps to close a security vulnerability. See additional comments and example code for WSS-33. Patch submitted from "University of Southampton IT Innovation Centre"
     new 56789c3  New NOTICE about the submitter of patch for WSS-33.
     new e8e7763  First draft version to refarctor SAML signature.
     new eda5b61  Two test cases for the refactored SAML Signature class.
     new c6813b1  Modify access qualifier to class members - WSSecSignatureSAML inherits.
     new f282343  Refactor Add SAML token class.
     new 1cef2cf  Test case for the refactored add SAML token class.
     new 5e1c7f1  Remove unused code.
     new 400f2df  log entries for new test cases.
     new c26026c  Cleanup and remove some unused code.
     new dbef467  Set these classes and their methods as depreceated.
     new a2a3c0b  Some code cleanup, no new functions.
     new 4ce418a  Fix a wrong inheritance.
     new 0922feb  Modify WSHandler and the Action classes to use the new refactored message classes.
     new 4022bff  These are the test cases for the refactored message classes. The old test cases were removed - the old message classes are depreceated, no more bug fixes for them.
     new 1694fb3  Quite some code cleanup, re-adjust JCE provider handling, use JuiCE if avilable (if not available it's quietly ignored). Using JuiCE gives about 30-40% performance improvement.
     new 4fa5a2f  - removed some unwanted files - s/prepareSig()/prepare()
     new d08a23c  Oops... one more unwanted file
     new a14987a  - Updated the DerivedKey related builders to be able to carryout signature and encryption based on a given ephmeral key and the identifier of the token to refer, to get the key information - Added WSSecEncryptedKey builder - Main intention was to allow more flexible security header element ordering when using the _same_ ephmeral key (enclosed in an EncryptedKey) to carryout signature and encryption in any order. - Updated the test case with two more scenarios showing sig [...]
     new 8e6766f  Create new certificates.
     new aedcae6  Create new certificates.
     new e12972e  Code cleanup only.
     new 276bfff  Create new certificates.
     new a6f1d48  
     new 65215a3  Some code cleanup and refactoring. WSSecEncrypt is now a subclass of WSSecEncryptKey, reuse of code.
     new 91b24d0  Just remove unused import statements.
     new 288f45d  Clean up code to reflect modifications in *.message.* code.
     new 1c2703d  Cleanup the explicit provider settings. We insert our preferred JCEprovider at poisition 2, that is on the highest possible position. Position 1 is reserved for internal JCE jar validation and does not provide any other algorithms.
     new df0848b  Use the latest version of BC jar if using Java 5.0.
     new 7c7f226  Provide the latest version of BC. Has to be used together with Java 5.0
     new 9444851  flag to skip the tests
     new 06f1994  exclude junk from wss4j-SNAPSHOT.jar
     new f1803d4  Allow the WSSecEncryptedKey to be able to work on an external cert. Moved the code from WSSecEncrypt
     new 2d91168  - A builder and a processer added to handle SecurityContextToken (from WS-SecureConversation) - Testcase added - Imported the UUIDGenerator from Axis2 codebase - Modified the WSPasswordCallback to include the SECURITY_CONTEXT_TOKEN usage
     new ceacd81  - Added some more tests to TestWSSecurityNewSCT (Sign, Sing and Encrypt, Encrypt and Sign) - s/commit/prependSCTElementToHeader - Removed  unused build() and commit() methods from WSSecEncryptedKey and updated the test cases to use the prepare() and prepend*() methods
     new 1f2d5ec  We need access to EncryptedKey Element and BinarySecurityToken Element
     new 99b82d5  Only some code cleanup.
     new 8ebe897  Only some code cleanup.
     new 7a2c311  Update to better JCE loading and handling.
     new 6f82b6b  Only some code cleanup.
     new 91fa36f  Only some code cleanup.
     new 768a67e  - Use the Base64 class from xml-sec rather than axis-1.x - Removed a commented sysout
     new 80118e3  The derived key can use an external STR element to refer to the token used to derive the key (This is required to support the usage of RequestedAttachedReference and RequestedUnattachedReference in the WS-Trust spec)
     new 438842b  Create the wsu:Id value when a SecurityContextToken is created... one can externally set it as well
     new aa7abd6  Updating Axis jars to latest 1.4, all tests work fine
     new 4e542f3  Getting to compile in JDK 1.5 with bcprov-jdk15-131.jar
     new e8df6d4  Updated the bouncycastle jars to the latest 1.32 release. All test works fine on both JDK 1.4 and JDK 1.5
     new 4815386  Updated the project.xml - Changing the repository information and had to turnoff the following reports: changelog, file-activity and developer-activity Maven site doesn't seem to generate the source repository page properly
     new e65839b  Update the version number
     new a10255d  Updating docs
     new 0550055  Update version number
     new 1c432d9  Updated the build file:  - Version properties had to be adjusted to remove whitespace from the .zip file names  - Set the default version to SNAPSHOT  - Clean the dist dir when cleaning  - Make sure the wss4j.jar carries the version number  - When using "ant clean bindist srcdist otherdist" all the release artifacts will be created and the same wss4j-x.y.z.jar thats in the bin distro is also available in the dist dir for convenience
     new c641f0f  *readme* updated
     new fbafdf0  Updating wss4j to the latest policy (now NEETHI) snapshot
     new 30137a0  fix for WSS-44: Handle sigConf of the response when there's no signature in the request
     new ec466f1  Added setter methods to WSSecEncryptedKey to set the size of the ephemeral key and the encryption algorithm
     new cc6287e  Cleaning up a few method signatures - removing unwanted parameters
     new a515943  Added the MessageContext parameter to getClassLoader() method
     new c96347e  Modifying the handlers to specify the crypto implementation dynamically
     new 8ec5fc1  Use TCCL's getResource if Discovery jar is missing
     new 99d234c  Loader.getResource is enough and does the job. Discovery is too heavy weight for such a small thing
     new c5a19f0  oops! need it for testing as axis 1.x depends on it"
     new b4722dd  if you can't find it in the class loader, then try the file system
     new dedc27f  Applying patch from Fred Dushin to fix WSS-48
     new 9fb8eff  STR must be the first element of the DerivedKeyToken
     new a5210be  1.) Fixed the key derivation to use two label values properly 2.) Updated the saml namespace
     new f0c0454  Fix for WSS-53 - WSS4J does not correctly retrieve the Header element when the first node of the document is not the root element (a comment for ex)
     new cca0081  Enable setting the ephemeral key externally: Added a setter method
     new 8c64aeb  Updated SecConv impl classes to handle the WS-SX versions and improved ConversationException.
     new 1289125  - Updated WSSecDKSig to be able to set the C14N algo - Updated WSSecEncryptedKey and WSSecSignature to be able to append the elements to the sec header and to be able to get the BST id
     new ee183f1  Enabled appending the UsernameToken
     new 18c635c  create the child with the same default namespace when the parent element has a default namespace
     new 2db0b01  Enabled WSSecEncrypt to work with an enxternally provided ephemeral key
     new f0c68d0  Options to set the key identifier externally to support cases where we have to encrypt using an external key. In this we don't have to call the prepare method to setup anything. Therefore we have to  be able to set the Document  externally as well.
     new 7afe235  Added methods to extract created elements from the message builders
     new 060d201  getter method to be able to get the sig elem
     new 1ecfd9e  Allow extracting the Timestamp element
     new a312249  Adding another constructor to create a crypto impl with a given classloader
     new 76f9cfb  Derived key token processor may not be able to get the processor of the base token from the doc info. In such a case use the callback and ask for the secret.
     new 3aac009  Added  a key in ConverstionConstants to hold the map of services and context ids Fixed getProcessor method to return null when the processor is not found - this used to return the last processor of which the id was compared
     new c050c7d  The WSDerivedKeyTokenPrincipal should hold the id of the base token
     new ffb6549  Add a WSSecurityEngineResult for the after processing a SecurityContextToken
     new ef62d38  Use a unique KeyInfo when encrypting mutiple parts
     new c94a587  - Allow extracting the SignatureConfirmation element from WSSecSignatureConfirmation after prepare. - Handler derived key sizes properly - allow setting the sizes externally
     new da40cd8  Oops :-)
     new 404a871  s/private/public
     new 1c27f48  updated for xml-sec-1.4 and added the xml-sec-1.4-SNAPSHOT.jar
     new 6d9e314  fixed WSS-58, Thanks Cedric BODIN
     new 1d645df  Enabled extracting the key in EncryptedKey for reuse
     new d6942f6  Store the processed DataRef id values in the security results
     new 590daa9  Moving back to xml-sec-1.3.0, this will works with xml-sec-1.4 as well
     new 8a1f489  Oops we need the xml-sec-1.3.0.jar
     new 65edb54  Fix for WSS-50 - SAMLTokenSignedAction doesn't support the "signatureParts" parameter
     new b9db622  Fix for WSS-61 - Only the provider can be used
     new 07d3d21  Preparing for the release - setting versions
     new fa211e7  Makesure version is set to 1.5.1
     new 8013310  Release artifacts are ready, reset version to SNAPSHOT
     new 21761ce  Updating to WSS-1.1 namespaces and added the WSS-1.1 spec
     new 9980e5c  Fixed WSS-55
     new e2182b6  - Remove sandbox code. - Remove the security policy stuff (since it does not work anymore and there's better support in rampart for securitypolicy) - Add a maven2 pom
     new ff21f68  forgot the pom and assembly files
     new b73e29a  cleanup pom
     new 7e4e24d  bit more cleanup
     new 7556607  Added some missing deps. Trying to get the tests to run - Seems like it is not possible to call custom ant tasks(wsdl2java) using the maven2 ant-run plugin :-(
     new a25b227  Fix for WSS-72 - WSSecEncryptedKey rejects a conformant cipher when its getBlockSize() returns 0
     new 0093e28  compile 1.3 or 1.4 level java code irrespective of the JDK used
     new c041a42  - Applied WSS-57 Patch - Updated UsernameTokenProcessor to add the exception that caused the WSSecurityException
     new b816d73  Applied the patch from Fred :
     new b921b5b  Fixed
     new 2a719c9  Oops missed this one ... Thanks Asankha :-)
     new 6e7b0ad  Fixed WSS-71
     new a6b4b6f  Upgrading to xmlsec-1.4.0
     new 1fbe3f3  Updated the xml-sec group id
     new 7eaea73  Introduce new "toAxisMessage()" to create a Axis message from a DOM document. Use this new function instead of "toSOAPMessage()". This resolves a problem in Java 6 which has a built-in xml.SOAPMessage implementation. This implementation is in conflict with the previous used Axis implementation. Previously the MessageFactory returned an Axis message that implements a SOAPMessage interface. The test cases (TestWS*) used this internal know-how and cast the SOAPMessage into  [...]
     new ab9caca  Use new "toAxisMessage()" function to solve class cast exception.
     new 3a230a2  Change test cases to use the toAxisMessage() function instead of toSOAPMessage(). Required for Java 6
     new b0206bd  Replace some more toSOAPMessage with toAxisMessage. Now all testcase run with Java 6.
     new edb9d58  Remove unused licens and readme file.
     new ac1a1de  some minor cleanup
     new 088ac71  s/1.5.1/1.5.2
     new 851362d  set the version
     new abf38e4  Fix the xmlsec version
     new 0addabb  Add some comment to ENC_KEY_ID.
     new 1b550da  Fixed the WSS_SAML namespace and updated the ant build to set the version of wss4j to SNAPSHOT
     new 87ef8de  - Added BinarySecurityTokenProcessor We need to be able to process an unreferenced BinarySecurityToken in the wsse:Security header. For example if the policy contains a X509Token SupportingToken we need the processing results to validate the supporting token.
     new 0d892a2  add missing resources for the resource bundles
     new 4f5f15d  Added support to process and use custom tokens Added support to process EncryptedData in the wsse:Security header itself - not referenced by any ref parts
     new 9413abc  Fixing typos
     new 490af76  Fixed more typos ... Eclipse spell checker rocks !!! :-)
     new 3f715b2  Fixed some more typos
     new d8e4f23  First check the cd whether a key is available on the samltoken's id
     new ecc0e8e  Fixed WSS-77
     new 783fda8  Created the 1_5_3 branch
     new 5cf03f5  Fixed versions
     new 9207561  Merged Werner's changes from the trunk to the 1.5.3 branch

The 610 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

View raw message