ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1299273 [1/2] - in /webservices/wss4j/branches/swssf: streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ streaming-ws-policy/src/test/java/org/swssf/policy/test/ streaming-ws-policy/src/test/resources/testdata/policy/ stre...
Date Sat, 10 Mar 2012 21:05:22 GMT
Author: giger
Date: Sat Mar 10 21:05:21 2012
New Revision: 1299273

URL: http://svn.apache.org/viewvc?rev=1299273&view=rev
Log:
- use the new XMLEvent information to identify the tokens more correctly
- InboundWSSecurityContextImplTest for token identification
- WSP13SpecTest from WS-Policy 1.3 samples
- Adapt and fix tests

Added:
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java   (with props)
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml   (with props)
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml   (with props)
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml   (with props)
    webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/InboundWSSecurityContextImplTest.java
Modified:
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java
    webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java
    webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java
    webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java
    webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java
    webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
    webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/InteroperabilityTest.java

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/IssuedTokenAssertionState.java Sat Mar 10 21:05:21 2012
@@ -21,9 +21,7 @@ package org.swssf.policy.assertionStates
 import org.apache.ws.secpolicy.WSSPolicyException;
 import org.apache.ws.secpolicy.model.AbstractSecurityAssertion;
 import org.apache.ws.secpolicy.model.AbstractToken;
-import org.swssf.wss.securityEvent.IssuedTokenSecurityEvent;
-import org.swssf.wss.securityEvent.SecurityEvent;
-import org.swssf.wss.securityEvent.TokenSecurityEvent;
+import org.swssf.wss.securityEvent.*;
 
 /**
  * @author $Author$
@@ -42,13 +40,17 @@ public class IssuedTokenAssertionState e
     @Override
     public SecurityEvent.Event[] getSecurityEventType() {
         return new SecurityEvent.Event[]{
-                SecurityEvent.Event.IssuedToken
+                SecurityEvent.Event.SecurityContextToken,
+                SecurityEvent.Event.SamlToken,
+                SecurityEvent.Event.RelToken,
         };
     }
 
     @Override
     public boolean assertToken(TokenSecurityEvent tokenSecurityEvent, AbstractToken abstractToken) throws WSSPolicyException {
-        if (!(tokenSecurityEvent instanceof IssuedTokenSecurityEvent)) {
+        if (!(tokenSecurityEvent instanceof SamlTokenSecurityEvent)
+                && !(tokenSecurityEvent instanceof SecurityContextTokenSecurityEvent)
+                && !(tokenSecurityEvent instanceof RelTokenSecurityEvent)) {
             throw new WSSPolicyException("Expected a IssuedTokenSecurityEvent but got " + tokenSecurityEvent.getClass().getName());
         }
         setAsserted(true);

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AbstractPolicyTestBase.java Sat Mar 10 21:05:21 2012
@@ -38,6 +38,8 @@ import javax.xml.parsers.DocumentBuilder
 import javax.xml.parsers.ParserConfigurationException;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
 import java.security.Key;
 import java.security.KeyStore;
 import java.security.PublicKey;
@@ -51,6 +53,10 @@ import java.security.cert.X509Certificat
 public class AbstractPolicyTestBase extends AbstractTestBase {
 
     protected PolicyEnforcer buildAndStartPolicyEngine(String policyString) throws ParserConfigurationException, SAXException, IOException, WSSPolicyException {
+        return this.buildAndStartPolicyEngine(policyString, false);
+    }
+    
+    protected PolicyEnforcer buildAndStartPolicyEngine(String policyString, boolean replacePolicyElement) throws ParserConfigurationException, SAXException, IOException, WSSPolicyException {
         DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
         documentBuilderFactory.setNamespaceAware(true);
         documentBuilderFactory.setValidating(false);
@@ -61,7 +67,11 @@ public class AbstractPolicyTestBase exte
         Document policyDocument = documentBuilder.parse(new ByteArrayInputStream(policyString.getBytes("UTF-8")));
         Node policyNode = document.importNode(policyDocument.getDocumentElement(), true);
         Element element = (Element) nodeList.item(0);
-        element.appendChild(policyNode);
+        if (replacePolicyElement) {
+            element.getParentNode().replaceChild(element, policyNode);
+        } else {
+            element.appendChild(policyNode);
+        }
         PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(document);
         PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer("");
 
@@ -115,4 +125,15 @@ public class AbstractPolicyTestBase exte
             }
         };
     }
+    
+    protected String loadResourceAsString(String resource, String encoding) throws IOException {
+        InputStreamReader inputStreamReader = new InputStreamReader(this.getClass().getClassLoader().getResourceAsStream(resource), encoding);
+        StringBuilder stringBuilder = new StringBuilder();
+        int read = 0;
+        char[] buffer = new char[1024];
+        while ((read = inputStreamReader.read(buffer)) != -1) {
+            stringBuilder.append(buffer, 0, read);
+        }
+        return stringBuilder.toString();
+    }
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java Sat Mar 10 21:05:21 2012
@@ -19,12 +19,11 @@
 
 package org.swssf.policy.test;
 
+import org.opensaml.common.SAMLVersion;
 import org.swssf.policy.PolicyEnforcer;
 import org.swssf.wss.ext.WSSConstants;
-import org.swssf.wss.securityEvent.ContentEncryptedElementSecurityEvent;
-import org.swssf.wss.securityEvent.IssuedTokenSecurityEvent;
-import org.swssf.wss.securityEvent.OperationSecurityEvent;
-import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
+import org.swssf.wss.impl.securityToken.SAMLSecurityToken;
+import org.swssf.wss.securityEvent.*;
 import org.swssf.xmlsec.ext.SecurityToken;
 import org.swssf.xmlsec.ext.XMLSecurityConstants;
 import org.testng.annotations.Test;
@@ -69,14 +68,14 @@ public class IssuedTokenTest extends Abs
 
         PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
 
-        IssuedTokenSecurityEvent initiatorTokenSecurityEvent = new IssuedTokenSecurityEvent();
-        SecurityToken securityToken = getX509Token(WSSConstants.X509V3Token);
+        SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
+        SecurityToken securityToken = new SAMLSecurityToken(SAMLVersion.VERSION_20, null, "xs:anyURI", null, null, null, "1", null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
 
-        IssuedTokenSecurityEvent recipientTokenSecurityEvent = new IssuedTokenSecurityEvent();
-        securityToken = getX509Token(WSSConstants.X509V3Token);
+        SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
+        securityToken = new SAMLSecurityToken(SAMLVersion.VERSION_20, null, "xs:anyURI", null, null, null, "1", null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);

Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RequiredPartsTest.java Sat Mar 10 21:05:21 2012
@@ -50,20 +50,20 @@ public class RequiredPartsTest extends A
         operationSecurityEvent.setOperation(new QName("definitions"));
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
-        RequiredPartSecurityEvent RequiredPartSecurityEvent = new RequiredPartSecurityEvent();
-        RequiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
-        policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+        RequiredPartSecurityEvent requiredPartSecurityEvent = new RequiredPartSecurityEvent();
+        requiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+        policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
         List<QName> headerPath = new ArrayList<QName>();
         headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
         headerPath.add(new QName("http://example.org", "a"));
-        RequiredPartSecurityEvent.setElementPath(headerPath);
-        policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+        requiredPartSecurityEvent.setElementPath(headerPath);
+        policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
         //additional encryptedParts are also allowed!
         headerPath = new ArrayList<QName>();
         headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
         headerPath.add(new QName("http://example.org", "b"));
-        RequiredPartSecurityEvent.setElementPath(headerPath);
-        policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+        requiredPartSecurityEvent.setElementPath(headerPath);
+        policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
         policyEnforcer.doFinal();
     }
 
@@ -79,9 +79,9 @@ public class RequiredPartsTest extends A
         operationSecurityEvent.setOperation(new QName("definitions"));
         policyEnforcer.registerSecurityEvent(operationSecurityEvent);
 
-        RequiredPartSecurityEvent RequiredPartSecurityEvent = new RequiredPartSecurityEvent();
-        RequiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
-        policyEnforcer.registerSecurityEvent(RequiredPartSecurityEvent);
+        RequiredPartSecurityEvent requiredPartSecurityEvent = new RequiredPartSecurityEvent();
+        requiredPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+        policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
         try {
             policyEnforcer.doFinal();
             Assert.fail("Exception expected");

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java Sat Mar 10 21:05:21 2012
@@ -0,0 +1,165 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy.test;
+
+import org.apache.ws.secpolicy.WSSPolicyException;
+import org.swssf.policy.PolicyEnforcer;
+import org.swssf.wss.securityEvent.SecurityEvent;
+import org.swssf.wss.test.InboundWSSecurityContextImplTest;
+import org.testng.Assert;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+import java.util.List;
+
+/**
+ * @author $Author: $
+ * @version $Revision: $ $Date: $
+ */
+public class WSP13SpecTest extends AbstractPolicyTestBase {
+
+    private InboundWSSecurityContextImplTest inboundWSSecurityContextImplTest = new InboundWSSecurityContextImplTest();
+
+    @DataProvider(name = "ignoreEventsTransportBinding")
+    public Object[][] ignoreEventsTransportBinding() {
+        return new Object[][]{
+                {null, null, null},
+                {SecurityEvent.Event.HttpsToken, 1, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken not satisfied"},
+                {SecurityEvent.Event.RequiredElement, 3, "\nElement /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp must be present"},
+                {SecurityEvent.Event.UsernameToken, 4, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken not satisfied"},
+                {SecurityEvent.Event.X509Token, 5, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token not satisfied"},
+        };
+    }
+
+    @Test(dataProvider = "ignoreEventsTransportBinding")
+    public void testTransportBindingC11(SecurityEvent.Event ignoreEvent, Integer eventIndex, String expectedErrorMessage) throws Exception {
+        String policyString = loadResourceAsString("testdata/policy/transportBindingPolicyC11.xml", "UTF-8");
+
+        PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+        List<SecurityEvent> securityEventList = inboundWSSecurityContextImplTest.generateTransportBindingSecurityEvents();
+        for (int i = 0; i < securityEventList.size(); i++) {
+            SecurityEvent securityEvent = securityEventList.get(i);
+            if (eventIndex != null && i == eventIndex && securityEvent.getSecurityEventType() != ignoreEvent) {
+                for (int j = 0; j < securityEventList.size(); j++) {
+                    System.out.println(j + " " + securityEventList.get(j));
+                }
+                Assert.fail("Event at index " + eventIndex + " is not of type " + ignoreEvent);
+            }
+            if (ignoreEvent == null || i != eventIndex) {
+                policyEnforcer.registerSecurityEvent(securityEvent);
+            }
+        }
+        try {
+            policyEnforcer.doFinal();
+            if (ignoreEvent != null) {
+                Assert.fail("Expected WSSPolicyException");
+            }
+        } catch (WSSPolicyException e) {
+            if (ignoreEvent == null) {
+                Assert.fail("Unexpected WSSPolicyException");
+            }
+            Assert.assertEquals(e.getMessage(), expectedErrorMessage);
+        }
+    }
+
+    @DataProvider(name = "ignoreEventsAsymmetricBinding")
+    public Object[][] ignoreEventsAsymmetricBinding() {
+        return new Object[][]{
+                {null, null, null},
+                {SecurityEvent.Event.RequiredElement, 2, "\nElement /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp must be present"},
+                {SecurityEvent.Event.X509Token, 3, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token not satisfied"},
+                {SecurityEvent.Event.UsernameToken, 8, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken not satisfied"},
+        };
+    }
+
+    @Test(dataProvider = "ignoreEventsAsymmetricBinding")
+    public void testAsymmetricBindingC31(SecurityEvent.Event ignoreEvent, Integer eventIndex, String expectedErrorMessage) throws Exception {
+        String policyString = loadResourceAsString("testdata/policy/asymmetricBindingPolicyC31.xml", "UTF-8");
+
+        PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+        List<SecurityEvent> securityEventList = inboundWSSecurityContextImplTest.generateAsymmetricBindingSecurityEvents();
+        for (int i = 0; i < securityEventList.size(); i++) {
+            SecurityEvent securityEvent = securityEventList.get(i);
+            if (eventIndex != null && i == eventIndex && securityEvent.getSecurityEventType() != ignoreEvent) {
+                for (int j = 0; j < securityEventList.size(); j++) {
+                    System.out.println(j + " " + securityEventList.get(j));
+                }
+                Assert.fail("Event at index " + eventIndex + " is not of type " + ignoreEvent);
+            }
+            if (ignoreEvent == null || i != eventIndex) {
+                policyEnforcer.registerSecurityEvent(securityEvent);
+            }
+        }
+        try {
+            policyEnforcer.doFinal();
+            if (ignoreEvent != null) {
+                Assert.fail("Expected WSSPolicyException");
+            }
+        } catch (WSSPolicyException e) {
+            if (ignoreEvent == null) {
+                Assert.fail("Unexpected WSSPolicyException");
+            }
+            Assert.assertEquals(e.getMessage(), expectedErrorMessage);
+        }
+    }
+
+    @DataProvider(name = "ignoreEventsSymmetricBinding")
+    public Object[][] ignoreEventsSymmetricBinding() {
+        return new Object[][]{
+                {null, null, null},
+                {SecurityEvent.Event.RequiredElement, 2, "\nElement /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp must be present"},
+                {SecurityEvent.Event.UsernameToken, 5, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken not satisfied"},
+                {SecurityEvent.Event.X509Token, 16, "Assertion {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token not satisfied"},
+        };
+    }
+
+    @Test(dataProvider = "ignoreEventsSymmetricBinding")
+    public void testSymmetricBindingC31(SecurityEvent.Event ignoreEvent, Integer eventIndex, String expectedErrorMessage) throws Exception {
+        String policyString = loadResourceAsString("testdata/policy/symmetricBindingPolicyC21.xml", "UTF-8");
+
+        PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+        List<SecurityEvent> securityEventList = inboundWSSecurityContextImplTest.generateSymmetricBindingSecurityEvents();
+        for (int i = 0; i < securityEventList.size(); i++) {
+            SecurityEvent securityEvent = securityEventList.get(i);
+            if (eventIndex != null && i == eventIndex && securityEvent.getSecurityEventType() != ignoreEvent) {
+                for (int j = 0; j < securityEventList.size(); j++) {
+                    System.out.println(j + " " + securityEventList.get(j));
+                }
+                Assert.fail("Event at index " + eventIndex + " is not of type " + ignoreEvent);
+            }
+            if (ignoreEvent == null || i != eventIndex) {
+                policyEnforcer.registerSecurityEvent(securityEvent);
+            }
+        }
+        try {
+            policyEnforcer.doFinal();
+            if (ignoreEvent != null) {
+                Assert.fail("Expected WSSPolicyException");
+            }
+        } catch (WSSPolicyException e) {
+            if (ignoreEvent == null) {
+                Assert.fail("Unexpected WSSPolicyException");
+            }
+            Assert.assertEquals(e.getMessage(), expectedErrorMessage);
+        }
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/WSP13SpecTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml Sat Mar 10 21:05:21 2012
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+            xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+    <sp:AsymmetricBinding>
+        <wsp:Policy>
+            <sp:RecipientToken>
+                <wsp:Policy>
+                    <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" />
+                </wsp:Policy>
+            </sp:RecipientToken>
+            <sp:InitiatorToken>
+                <wsp:Policy>
+                    <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" />
+                </wsp:Policy>
+            </sp:InitiatorToken>
+            <sp:AlgorithmSuite>
+                <wsp:Policy>
+                    <sp:Basic256 />
+                </wsp:Policy>
+            </sp:AlgorithmSuite>
+            <sp:Layout>
+                <wsp:Policy>
+                    <sp:Strict />
+                </wsp:Policy>
+            </sp:Layout>
+            <sp:IncludeTimestamp />
+            <sp:EncryptBeforeSigning />
+            <sp:EncryptSignature />
+            <sp:ProtectTokens />
+        </wsp:Policy>
+    </sp:AsymmetricBinding>
+    <sp:SignedEncryptedSupportingTokens>
+        <wsp:Policy>
+            <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+        </wsp:Policy>
+    </sp:SignedEncryptedSupportingTokens>
+    <sp:SignedEndorsingSupportingTokens>
+        <wsp:Policy>
+            <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once">
+                <wsp:Policy>
+                    <sp:WssX509v3Token10 />
+                </wsp:Policy>
+            </sp:X509Token>
+        </wsp:Policy>
+    </sp:SignedEndorsingSupportingTokens>
+    <sp:Wss11>
+        <wsp:Policy>
+            <sp:RequireSignatureConfirmation />
+        </wsp:Policy>
+    </sp:Wss11>
+</wsp:Policy>
\ No newline at end of file

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/asymmetricBindingPolicyC31.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml Sat Mar 10 21:05:21 2012
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+            xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+    <sp:SymmetricBinding>
+        <wsp:Policy>
+            <sp:ProtectionToken>
+                <wsp:Policy>
+                    <sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" >
+                        <sp:Issuer>...</sp:Issuer>
+                        <sp:RequestSecurityTokenTemplate>
+                            ...
+                        </sp:RequestSecurityTokenTemplate>
+                    </sp:IssuedToken>
+                </wsp:Policy>
+            </sp:ProtectionToken>
+            <sp:AlgorithmSuite>
+                <wsp:Policy>
+                    <sp:Basic256 />
+                </wsp:Policy>
+            </sp:AlgorithmSuite>
+            <sp:Layout>
+                <wsp:Policy>
+                    <sp:Strict />
+                </wsp:Policy>
+            </sp:Layout>
+            <sp:IncludeTimestamp />
+            <sp:EncryptBeforeSigning />
+            <sp:EncryptSignature />
+            <sp:ProtectTokens />
+        </wsp:Policy>
+    </sp:SymmetricBinding>
+    <sp:SignedEncryptedSupportingTokens>
+        <wsp:Policy>
+            <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+        </wsp:Policy>
+    </sp:SignedEncryptedSupportingTokens>
+    <sp:SignedEndorsingSupportingTokens>
+        <wsp:Policy>
+            <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once">
+                <wsp:Policy>
+                    <sp:WssX509v3Token10 />
+                </wsp:Policy>
+            </sp:X509Token>
+        </wsp:Policy>
+    </sp:SignedEndorsingSupportingTokens>
+    <sp:Wss11>
+        <wsp:Policy>
+            <sp:RequireSignatureConfirmation />
+        </wsp:Policy>
+    </sp:Wss11>
+</wsp:Policy>
\ No newline at end of file

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/symmetricBindingPolicyC21.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml?rev=1299273&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml Sat Mar 10 21:05:21 2012
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+            xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+    <sp:TransportBinding>
+        <wsp:Policy>
+            <sp:TransportToken>
+                <wsp:Policy>
+                    <sp:HttpsToken />
+                </wsp:Policy>
+            </sp:TransportToken>
+            <sp:AlgorithmSuite>
+                <wsp:Policy>
+                    <sp:Basic256 />
+                </wsp:Policy>
+            </sp:AlgorithmSuite>
+            <sp:Layout>
+                <wsp:Policy>
+                    <sp:Strict />
+                </wsp:Policy>
+            </sp:Layout>
+            <sp:IncludeTimestamp />
+        </wsp:Policy>
+    </sp:TransportBinding>
+    <sp:SignedSupportingTokens>
+        <wsp:Policy>
+            <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once" />
+        </wsp:Policy>
+    </sp:SignedSupportingTokens>
+    <sp:SignedEndorsingSupportingTokens>
+        <wsp:Policy>
+            <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once">
+                <wsp:Policy>
+                    <sp:WssX509v3Token10 />
+                </wsp:Policy>
+            </sp:X509Token>
+        </wsp:Policy>
+    </sp:SignedEndorsingSupportingTokens>
+    <sp:Wss11>
+        <sp:RequireSignatureConfirmation xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802"/>
+    </sp:Wss11>
+</wsp:Policy>
\ No newline at end of file

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/resources/testdata/policy/transportBindingPolicyC11.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/InboundWSSecurityContextImpl.java Sat Mar 10 21:05:21 2012
@@ -106,6 +106,7 @@ public class InboundWSSecurityContextImp
         List<TokenSecurityEvent> endorsingSupportingTokens = new LinkedList<TokenSecurityEvent>();
         List<TokenSecurityEvent> signedEndorsingSupportingTokens = new LinkedList<TokenSecurityEvent>();
         List<TokenSecurityEvent> signedEncryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
+        List<TokenSecurityEvent> encryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
         List<TokenSecurityEvent> endorsingEncryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
         List<TokenSecurityEvent> signedEndorsingEncryptedSupportingTokens = new LinkedList<TokenSecurityEvent>();
 
@@ -134,13 +135,21 @@ public class InboundWSSecurityContextImp
             }
         }
 
+        //search for the root tokens...
         Iterator<TokenSecurityEvent> tokenSecurityEventIterator = tokenSecurityEvents.iterator();
         while (tokenSecurityEventIterator.hasNext()) {
             TokenSecurityEvent tokenSecurityEvent = tokenSecurityEventIterator.next();
             SecurityToken securityToken = tokenSecurityEvent.getSecurityToken();
-            if (securityToken.getKeyWrappingToken() == null) {
+            if (securityToken.getKeyWrappingToken() == null && !containsSecurityToken(supportingTokens, securityToken)) {
                 supportingTokens.add(tokenSecurityEvent);
-            } else {
+            }
+        }
+        //...and then for the intermediare tokens and create new TokenSecurityEvents if not already there
+        tokenSecurityEventIterator = tokenSecurityEvents.iterator();
+        while (tokenSecurityEventIterator.hasNext()) {
+            TokenSecurityEvent tokenSecurityEvent = tokenSecurityEventIterator.next();
+            SecurityToken securityToken = tokenSecurityEvent.getSecurityToken();
+            if (securityToken.getKeyWrappingToken() != null) {
                 while (securityToken.getKeyWrappingToken() != null) {
                     securityToken = securityToken.getKeyWrappingToken();
                 }
@@ -149,6 +158,8 @@ public class InboundWSSecurityContextImp
                     supportingTokens.add(newTokenSecurityEvent);
                     securityEventDeque.offer(newTokenSecurityEvent);
                 }
+                //remove old TokenSecurityEvent so that only root tokens are in the queue
+                securityEventDeque.remove(tokenSecurityEvent);
             }
         }
 
@@ -181,27 +192,57 @@ public class InboundWSSecurityContextImp
 
             boolean transportSecurityActive = Boolean.TRUE == get(WSSConstants.TRANSPORT_SECURITY_ACTIVE);
 
-            if (!transportSecurityActive && signsSignatureConfirmation && signsTimestamp) {
+            List<SecurityToken> encryptingSecurityTokens = isEncryptedToken(tokenSecurityEvent, securityEventDeque);
+
+            boolean signatureUsage = tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(SecurityToken.TokenUsage.Signature);
+            boolean encryptionUsage = tokenSecurityEvent.getSecurityToken().getTokenUsages().contains(SecurityToken.TokenUsage.Encryption);
+
+            if (!transportSecurityActive && signsSignatureConfirmation && signsTimestamp && !signsSignature) {
                 supportingTokensIterator.remove();
                 messageSignatureTokens.add(tokenSecurityEvent);
-            } else if (!transportSecurityActive && signsSignatureConfirmation) {
+                if (encryptionUsage) {
+                    messageEncryptionTokens.add(tokenSecurityEvent);
+                }
+            } else if (!transportSecurityActive && signsSignatureConfirmation && !signsSignature) {
                 supportingTokensIterator.remove();
                 messageSignatureTokens.add(tokenSecurityEvent);
-            } else if (!transportSecurityActive && signsTimestamp) {
+                if (encryptionUsage) {
+                    messageEncryptionTokens.add(tokenSecurityEvent);
+                }
+            } else if (!transportSecurityActive && signsTimestamp && !signsSignature) {
                 supportingTokensIterator.remove();
                 messageSignatureTokens.add(tokenSecurityEvent);
+                if (encryptionUsage) {
+                    messageEncryptionTokens.add(tokenSecurityEvent);
+                }
+            } else if (!transportSecurityActive &&
+                    (encryptsSignature || encryptsSignatureConfirmation || encryptsUsernameToken)) {
+                supportingTokensIterator.remove();
+                messageEncryptionTokens.add(tokenSecurityEvent);
+            } else if (signsSignature && signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
+                supportingTokensIterator.remove();
+                signedEndorsingEncryptedSupportingTokens.add(tokenSecurityEvent);
+            } else if (signsSignature && signingSecurityTokens.size() == 0 && encryptingSecurityTokens.size() > 0) {
+                supportingTokensIterator.remove();
+                endorsingEncryptedSupportingTokens.add(tokenSecurityEvent);
             } else if (signsSignature && signingSecurityTokens.size() > 0) {
                 supportingTokensIterator.remove();
                 signedEndorsingSupportingTokens.add(tokenSecurityEvent);
+            } else if (signatureUsage && signingSecurityTokens.size() > 0) {
+                supportingTokensIterator.remove();
+                signedEndorsingSupportingTokens.add(tokenSecurityEvent);
             } else if (signsSignature) {
                 supportingTokensIterator.remove();
                 endorsingSupportingTokens.add(tokenSecurityEvent);
+            } else if (signingSecurityTokens.size() > 0 && encryptingSecurityTokens.size() > 0) {
+                supportingTokensIterator.remove();
+                signedEncryptedSupportingTokens.add(tokenSecurityEvent);
             } else if (signingSecurityTokens.size() > 0) {
                 supportingTokensIterator.remove();
                 signedSupportingTokens.add(tokenSecurityEvent);
-            } else if (!transportSecurityActive &&
-                    (encryptsSignature || encryptsSignatureConfirmation || encryptsUsernameToken)) {
-                messageEncryptionTokens.add(tokenSecurityEvent);
+            } else if (encryptingSecurityTokens.size() > 0) {
+                supportingTokensIterator.remove();
+                encryptedSupportingTokens.add(tokenSecurityEvent);
             }
         }
 
@@ -220,6 +261,7 @@ public class InboundWSSecurityContextImp
                 endorsingSupportingTokens.remove(tokenSecurityEvent);
                 signedEndorsingSupportingTokens.remove(tokenSecurityEvent);
                 signedEncryptedSupportingTokens.remove(tokenSecurityEvent);
+                encryptedSupportingTokens.remove(tokenSecurityEvent);
                 endorsingEncryptedSupportingTokens.remove(tokenSecurityEvent);
                 signedEndorsingEncryptedSupportingTokens.remove(tokenSecurityEvent);
                 messageSignatureTokens.add(tokenSecurityEvent);
@@ -259,6 +301,7 @@ public class InboundWSSecurityContextImp
         setTokenUsage(endorsingSupportingTokens, SecurityToken.TokenUsage.EndorsingSupportingTokens);
         setTokenUsage(signedEndorsingSupportingTokens, SecurityToken.TokenUsage.SignedEndorsingSupportingTokens);
         setTokenUsage(signedEncryptedSupportingTokens, SecurityToken.TokenUsage.SignedEncryptedSupportingTokens);
+        setTokenUsage(encryptedSupportingTokens, SecurityToken.TokenUsage.EncryptedSupportingTokens);
         setTokenUsage(endorsingEncryptedSupportingTokens, SecurityToken.TokenUsage.EndorsingEncryptedSupportingTokens);
         setTokenUsage(signedEndorsingEncryptedSupportingTokens, SecurityToken.TokenUsage.SignedEndorsingEncryptedSupportingTokens);
     }
@@ -348,13 +391,13 @@ public class InboundWSSecurityContextImp
     }
 
     private void setTokenUsage(TokenSecurityEvent tokenSecurityEvent, SecurityToken.TokenUsage tokenUsage) throws XMLSecurityException {
-        if (tokenUsage == SecurityToken.TokenUsage.MainSignature) {
-            tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
-            tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Signature);
-        } else if (tokenUsage == SecurityToken.TokenUsage.MainEncryption) {
-            tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
-            tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Encryption);
-        }
+        //if (tokenUsage == SecurityToken.TokenUsage.MainSignature) {
+        tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
+        //} else if (tokenUsage == SecurityToken.TokenUsage.MainEncryption) {
+        tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.SupportingTokens);
+        //}
+        tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Signature);
+        tokenSecurityEvent.getSecurityToken().getTokenUsages().remove(SecurityToken.TokenUsage.Encryption);
         tokenSecurityEvent.getSecurityToken().addTokenUsage(tokenUsage);
     }
 
@@ -372,9 +415,11 @@ public class InboundWSSecurityContextImp
                 SignedElementSecurityEvent signedElementSecurityEvent = (SignedElementSecurityEvent) securityEvent;
                 if (signedElementSecurityEvent.isSigned()
                         && tokenSecurityEvent.getSecurityToken() != null
-                        && WSSUtils.pathMatches(
+                        && signedElementSecurityEvent.getXmlEvent() != null
+                        && signedElementSecurityEvent.getXmlEvent() == tokenSecurityEvent.getSecurityToken().getXMLEvent()
+                        /*&& WSSUtils.pathMatches(
                         tokenSecurityEvent.getSecurityToken().getElementPath(),
-                        signedElementSecurityEvent.getElementPath(), true, false)) {
+                        signedElementSecurityEvent.getElementPath(), false, false)*/) {
 
                     if (!securityTokenList.contains(signedElementSecurityEvent.getSecurityToken())) {
                         securityTokenList.add(signedElementSecurityEvent.getSecurityToken());
@@ -385,6 +430,31 @@ public class InboundWSSecurityContextImp
         return securityTokenList;
     }
 
+    private List<SecurityToken> isEncryptedToken(TokenSecurityEvent tokenSecurityEvent,
+                                                 Deque<SecurityEvent> securityEventDeque) throws XMLSecurityException {
+
+        List<SecurityToken> securityTokenList = new LinkedList<SecurityToken>();
+        for (Iterator<SecurityEvent> iterator = securityEventDeque.iterator(); iterator.hasNext(); ) {
+            SecurityEvent securityEvent = iterator.next();
+            if (securityEvent.getSecurityEventType() == SecurityEvent.Event.EncryptedElement) {
+                EncryptedElementSecurityEvent encryptedElementSecurityEvent = (EncryptedElementSecurityEvent) securityEvent;
+                if (encryptedElementSecurityEvent.isEncrypted()
+                        && tokenSecurityEvent.getSecurityToken() != null
+                        && encryptedElementSecurityEvent.getXmlEvent() != null
+                        && encryptedElementSecurityEvent.getXmlEvent() == tokenSecurityEvent.getSecurityToken().getXMLEvent()
+                        /*&& WSSUtils.pathMatches(
+                        tokenSecurityEvent.getSecurityToken().getElementPath(),
+                        encryptedElementSecurityEvent.getElementPath(), false, false)*/) {
+
+                    if (!securityTokenList.contains(encryptedElementSecurityEvent.getSecurityToken())) {
+                        securityTokenList.add(encryptedElementSecurityEvent.getSecurityToken());
+                    }
+                }
+            }
+        }
+        return securityTokenList;
+    }
+
     private boolean signsElement(TokenSecurityEvent tokenSecurityEvent, List<QName> elementPath,
                                  Deque<SecurityEvent> securityEventDeque) throws XMLSecurityException {
         for (Iterator<SecurityEvent> iterator = securityEventDeque.iterator(); iterator.hasNext(); ) {
@@ -416,6 +486,7 @@ public class InboundWSSecurityContextImp
                 ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = (ContentEncryptedElementSecurityEvent) securityEvent;
                 if (contentEncryptedElementSecurityEvent.isEncrypted()
                         && contentEncryptedElementSecurityEvent.getSecurityToken() == tokenSecurityEvent.getSecurityToken()
+                        && contentEncryptedElementSecurityEvent.getXmlEvent() == tokenSecurityEvent.getSecurityToken().getXMLEvent()
                         && WSSUtils.pathMatches(elementPath, contentEncryptedElementSecurityEvent.getElementPath(), true, false)) {
                     return true;
                 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureInputHandler.java Sat Mar 10 21:05:21 2012
@@ -46,6 +46,7 @@ public class SignatureInputHandler exten
         SignatureVerifier signatureVerifier = new SignatureVerifier(signatureType, inputProcessorChain.getSecurityContext(), securityProperties) {
             @Override
             protected void handleSecurityToken(SecurityToken securityToken) throws XMLSecurityException {
+                //we have to emit a TokenSecurityEvent here too since it could be an embedded token
                 securityToken.addTokenUsage(SecurityToken.TokenUsage.Signature);
                 TokenSecurityEvent tokenSecurityEvent = WSSUtils.createTokenSecurityEvent(securityToken);
                 securityContext.registerSecurityEvent(tokenSecurityEvent);

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SecurityEventListener.java Sat Mar 10 21:05:21 2012
@@ -27,5 +27,11 @@ import org.swssf.wss.ext.WSSecurityExcep
  */
 public interface SecurityEventListener {
 
+    /**
+     * Registers a SecurityEvent which will be forwarded to the registered SecurityEventListener
+     *
+     * @param securityEvent The security event for the SecurityEventListener
+     * @throws WSSecurityException when the event will not be accepted (e.g. policy-violation)
+     */
     public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException;
 }

Modified: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java?rev=1299273&r1=1299272&r2=1299273&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java Sat Mar 10 21:05:21 2012
@@ -154,9 +154,6 @@ public class DerivedKeyTokenTest extends
             SecurityEvent.Event[] expectedSecurityEvents = new SecurityEvent.Event[]{
                     SecurityEvent.Event.Operation,
                     SecurityEvent.Event.X509Token,
-                    SecurityEvent.Event.EncryptedKeyToken,
-                    SecurityEvent.Event.DerivedKeyToken,
-                    SecurityEvent.Event.DerivedKeyToken,
                     SecurityEvent.Event.EncryptedPart,
                     SecurityEvent.Event.AlgorithmSuite,
                     SecurityEvent.Event.AlgorithmSuite,



Mime
View raw message