cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1039471 - in /cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security: policy/interceptors/ tokenstore/ wss4j/ wss4j/policyhandlers/
Date Fri, 26 Nov 2010 17:19:20 GMT
Author: coheigea
Date: Fri Nov 26 17:19:19 2010
New Revision: 1039471

URL: http://svn.apache.org/viewvc?rev=1039471&view=rev
Log:
Removed ExternalSTRTransform stuff and a lot of the crypto loading stuff
 - Both are supported via some minor changes to WSS4J 1.6-SNAPSHOT
 - Lots of small refactoring changes.

Modified:
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
    cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java Fri Nov 26 17:19:19 2010
@@ -82,8 +82,8 @@ import org.apache.ws.security.handler.WS
 import org.apache.ws.security.handler.WSHandlerResult;
 import org.apache.ws.security.message.token.SecurityContextToken;
 import org.apache.ws.security.message.token.SecurityTokenReference;
-import org.apache.ws.security.util.XmlSchemaDateFormat;
 import org.apache.ws.security.util.Base64;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
 
 class SecureConversationInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
     static final Logger LOG = LogUtils.getL7dLogger(SecureConversationInInterceptor.class);

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java Fri Nov 26 17:19:19 2010
@@ -66,8 +66,8 @@ import org.apache.ws.security.conversati
 import org.apache.ws.security.conversation.dkalgo.P_SHA1;
 import org.apache.ws.security.message.token.Reference;
 import org.apache.ws.security.message.token.SecurityTokenReference;
-import org.apache.ws.security.util.WSSecurityUtil;
 import org.apache.ws.security.util.Base64;
+import org.apache.ws.security.util.WSSecurityUtil;
 
 /**
  * 

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java Fri Nov 26 17:19:19 2010
@@ -20,9 +20,9 @@
 package org.apache.cxf.ws.security.tokenstore;
 
 import java.security.cert.X509Certificate;
-import java.util.Date;
 import java.text.DateFormat;
 import java.text.ParseException;
+import java.util.Date;
 import java.util.Properties;
 
 import org.w3c.dom.Element;

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java Fri Nov 26 17:19:19 2010
@@ -22,9 +22,7 @@ import java.net.URI;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
-import java.util.Properties;
 import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
 
 import javax.xml.namespace.QName;
 
@@ -35,12 +33,7 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.components.crypto.Crypto;
-import org.apache.ws.security.components.crypto.CryptoFactory;
-import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.handler.WSHandler;
-import org.apache.ws.security.handler.WSHandlerConstants;
 
 public abstract class AbstractWSS4JInterceptor extends WSHandler implements SoapInterceptor, 
     PhaseInterceptor<SoapMessage> {
@@ -57,7 +50,6 @@ public abstract class AbstractWSS4JInter
     private Set<String> after = new HashSet<String>();
     private String phase;
     private String id;
-    private Map<String, Crypto> cryptoTable = new ConcurrentHashMap<String, Crypto>();
     
     public AbstractWSS4JInterceptor() {
         super();
@@ -150,131 +142,4 @@ public abstract class AbstractWSS4JInter
         return MessageUtils.isRequestor(message);
     }  
 
-    protected boolean decodeEnableSignatureConfirmation(RequestData reqData) throws WSSecurityException {
-
-        String value = getString(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION,
-                reqData.getMsgContext());
-
-        //we need the default to be false to not break older applications and such
-        if (value == null) {
-            return false;
-        }
-        return super.decodeEnableSignatureConfirmation(reqData);
-    }
-
-    public Crypto loadSignatureCrypto(RequestData reqData) 
-        throws WSSecurityException {
-        Crypto crypto = null;
-        /*
-         *Get crypto property file for signature. If none specified throw
-         * fault, otherwise get a crypto instance.
-         */
-        String sigPropFile = getString(WSHandlerConstants.SIG_PROP_FILE,
-                   reqData.getMsgContext());
-        String refId = null;
-        if (sigPropFile != null) {
-            crypto = cryptoTable.get(sigPropFile);
-            if (crypto == null) {
-                crypto = CryptoFactory.getInstance(sigPropFile, this
-                        .getClassLoader(reqData.getMsgContext()));
-                cryptoTable.put(sigPropFile, crypto);
-            }
-        } else if (getString(WSHandlerConstants.SIG_PROP_REF_ID, reqData
-            .getMsgContext()) != null) {
-            /*
-             * If the property file is missing then 
-             * look for the Properties object 
-             */
-            refId = getString(WSHandlerConstants.SIG_PROP_REF_ID,
-                reqData.getMsgContext());
-            if (refId != null) {
-                Object propObj = getProperty(reqData.getMsgContext(), refId);
-                if (propObj instanceof Properties) {
-                    crypto = cryptoTable.get(refId);
-                    if (crypto == null) {
-                        crypto = CryptoFactory.getInstance((Properties)propObj);
-                        cryptoTable.put(refId, crypto);
-                    }
-                }
-            }
-        } 
-        return crypto;
-    }
-
-    protected Crypto loadDecryptionCrypto(RequestData reqData) 
-        throws WSSecurityException {
-        Crypto crypto = null;
-        String decPropFile = getString(WSHandlerConstants.DEC_PROP_FILE,
-                 reqData.getMsgContext());
-        String refId = null;
-        if (decPropFile != null) {
-            crypto = cryptoTable.get(decPropFile);
-            if (crypto == null) {
-                crypto = CryptoFactory.getInstance(decPropFile, this
-                        .getClassLoader(reqData.getMsgContext()));
-                cryptoTable.put(decPropFile, crypto);
-            }
-        } else if (getString(WSHandlerConstants.DEC_PROP_REF_ID, reqData
-            .getMsgContext()) != null) {
-            /*
-             * If the property file is missing then 
-             * look for the Properties object 
-             */
-            refId = getString(WSHandlerConstants.DEC_PROP_REF_ID,
-                reqData.getMsgContext());
-            if (refId != null) {
-                Object propObj = getProperty(reqData.getMsgContext(), refId);
-                if (propObj instanceof Properties) {
-                    crypto = cryptoTable.get(refId);
-                    if (crypto == null) {
-                        crypto = CryptoFactory.getInstance((Properties)propObj);
-                        cryptoTable.put(refId, crypto);
-                    }
-                }
-            }
-        } 
-        return crypto;
-    }
-    
-    protected Crypto loadEncryptionCrypto(RequestData reqData) 
-        throws WSSecurityException {
-        Crypto crypto = null;
-        /*
-        * Get encryption crypto property file. If non specified take crypto
-        * instance from signature, if that fails: throw fault
-        */
-        String encPropFile = getString(WSHandlerConstants.ENC_PROP_FILE,
-                       reqData.getMsgContext());
-        String refId = null;
-        if (encPropFile != null) {
-            crypto = cryptoTable.get(encPropFile);
-            if (crypto == null) {
-                crypto = CryptoFactory.getInstance(encPropFile, this
-                        .getClassLoader(reqData.getMsgContext()));
-                cryptoTable.put(encPropFile, crypto);
-            }
-        } else if (getString(WSHandlerConstants.ENC_PROP_REF_ID, reqData
-                .getMsgContext()) != null) {
-            /*
-             * If the property file is missing then 
-             * look for the Properties object 
-             */
-            refId = getString(WSHandlerConstants.ENC_PROP_REF_ID,
-                    reqData.getMsgContext());
-            if (refId != null) {
-                Object propObj = getProperty(reqData.getMsgContext(), refId);
-                if (propObj instanceof Properties) {
-                    crypto = cryptoTable.get(refId);
-                    if (crypto == null) {
-                        crypto = CryptoFactory.getInstance((Properties)propObj);
-                        cryptoTable.put(refId, crypto);
-                    }
-                }
-            }
-        } else if (reqData.getSigCrypto() == null) {
-            return crypto;
-        }
-        return crypto;
-    }
-
 }

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java Fri Nov 26 17:19:19 2010
@@ -110,6 +110,7 @@ public class WSS4JInInterceptor extends 
         ignoreActions = ignore;
     }
 
+    @SuppressWarnings("unchecked")
     public WSS4JInInterceptor(Map<String, Object> properties) {
         this();
         setProperties(properties);
@@ -191,7 +192,7 @@ public class WSS4JInInterceptor extends 
         try {
             reqData.setMsgContext(msg);
             computeAction(msg, reqData);
-            List actions = new Vector();
+            List<Integer> actions = new Vector<Integer>();
             String action = getAction(msg, version);
 
             int doAction = WSSecurityUtil.decodeAction(action, actions);
@@ -206,7 +207,7 @@ public class WSS4JInInterceptor extends 
              */
             doReceiverAction(doAction, reqData);
             
-            List wsResult = null;
+            List<WSSecurityEngineResult> wsResult = null;
             if (doTimeLog) {
                 t1 = System.currentTimeMillis();
             }
@@ -235,7 +236,7 @@ public class WSS4JInInterceptor extends 
             } else { // no security header found
                 // Create an empty result vector to pass into the required validation
                 // methods.
-                wsResult = new Vector<Object>();
+                wsResult = new Vector<WSSecurityEngineResult>();
                 
                 if (doc.getSOAPPart().getEnvelope().getBody().hasFault()) {
                     LOG.warning("Request does not contain Security header, " 
@@ -283,8 +284,12 @@ public class WSS4JInInterceptor extends 
         }
     }
 
-    private void checkActions(SoapMessage msg, RequestData reqData, List wsResult, List actions) 
-        throws WSSecurityException {
+    private void checkActions(
+        SoapMessage msg, 
+        RequestData reqData, 
+        List<WSSecurityEngineResult> wsResult, 
+        List<Integer> actions
+    ) throws WSSecurityException {
         /*
          * now check the security actions: do they match, in any order?
          */
@@ -293,6 +298,7 @@ public class WSS4JInInterceptor extends 
             throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
         }
     }
+    
     private void checkSignatures(SoapMessage msg, RequestData reqData, List wsResult) 
         throws WSSecurityException {
         /*

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java Fri Nov 26 17:19:19 2010
@@ -19,6 +19,7 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.Vector;
@@ -182,7 +183,7 @@ public class WSS4JOutInterceptor extends
                 /*
                  * Get the action first.
                  */
-                Vector actions = new Vector();
+                List<Integer> actions = new Vector<Integer>();
                 String action = getString(WSHandlerConstants.ACTION, mc);
                 if (action == null) {
                     throw new SoapFault(new Message("NO_ACTION", LOG), version

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Fri Nov 26 17:19:19 2010
@@ -22,13 +22,10 @@ package org.apache.cxf.ws.security.wss4j
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
-import java.security.InvalidAlgorithmParameterException;
 import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -43,10 +40,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.security.auth.callback.CallbackHandler;
-import javax.xml.crypto.XMLStructure;
-import javax.xml.crypto.dom.DOMStructure;
-import javax.xml.crypto.dsig.DigestMethod;
-import javax.xml.crypto.dsig.Transform;
+import javax.xml.crypto.dsig.Reference;
 import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPHeader;
@@ -126,7 +120,6 @@ import org.apache.ws.security.message.WS
 import org.apache.ws.security.message.WSSecTimestamp;
 import org.apache.ws.security.message.WSSecUsernameToken;
 import org.apache.ws.security.message.token.SecurityTokenReference;
-import org.apache.ws.security.transform.STRTransform;
 import org.apache.ws.security.util.WSSecurityUtil;
 
 /**
@@ -136,8 +129,8 @@ public abstract class AbstractBindingBui
     public static final String CRYPTO_CACHE = "ws-security.crypto.cache";
     protected static final Logger LOG = LogUtils.getL7dLogger(AbstractBindingBuilder.class);
     
-    
-    protected SPConstants.ProtectionOrder protectionOrder = SPConstants.ProtectionOrder.SignBeforeEncrypting;
+    protected SPConstants.ProtectionOrder protectionOrder = 
+        SPConstants.ProtectionOrder.SignBeforeEncrypting;
     
     protected SOAPMessage saaj;
     protected WSSecHeader secHeader;
@@ -154,7 +147,7 @@ public abstract class AbstractBindingBui
     protected Map<Token, WSSecBase> sgndEndEncSuppTokMap;
     protected Map<Token, WSSecBase> sgndEndSuppTokMap;
     
-    protected Vector<byte[]> signatures = new Vector<byte[]>();
+    protected List<byte[]> signatures = new Vector<byte[]>();
 
     Element lastSupportingTokenElement;
     Element lastEncryptedKeyElement;
@@ -182,6 +175,7 @@ public abstract class AbstractBindingBui
             secHeader.getSecurityHeader().insertBefore(child, sib.getNextSibling());
         }
     }
+    
     protected void addDerivedKeyElement(Element el) {
         if (lastDerivedKeyElement != null) {
             insertAfter(el, lastDerivedKeyElement);
@@ -190,12 +184,15 @@ public abstract class AbstractBindingBui
         } else if (topDownElement != null) {
             insertAfter(el, topDownElement);
         } else if (secHeader.getSecurityHeader().getFirstChild() != null) {
-            secHeader.getSecurityHeader().insertBefore(el, secHeader.getSecurityHeader().getFirstChild());
+            secHeader.getSecurityHeader().insertBefore(
+                el, secHeader.getSecurityHeader().getFirstChild()
+            );
         } else {
             secHeader.getSecurityHeader().appendChild(el);
         }
         lastEncryptedKeyElement = el;
-    }        
+    }
+    
     protected void addEncyptedKeyElement(Element el) {
         if (lastEncryptedKeyElement != null) {
             insertAfter(el, lastEncryptedKeyElement);
@@ -204,12 +201,15 @@ public abstract class AbstractBindingBui
         } else if (topDownElement != null) {
             insertAfter(el, topDownElement);
         } else if (secHeader.getSecurityHeader().getFirstChild() != null) {
-            secHeader.getSecurityHeader().insertBefore(el, secHeader.getSecurityHeader().getFirstChild());
+            secHeader.getSecurityHeader().insertBefore(
+                el, secHeader.getSecurityHeader().getFirstChild()
+            );
         } else {
             secHeader.getSecurityHeader().appendChild(el);
         }
         lastEncryptedKeyElement = el;
     }
+    
     protected void addSupportingElement(Element el) {
         if (lastSupportingTokenElement != null) {
             insertAfter(el, lastSupportingTokenElement);
@@ -226,6 +226,7 @@ public abstract class AbstractBindingBui
         }
         lastSupportingTokenElement = el;
     }
+    
     protected void insertBeforeBottomUp(Element el) {
         if (bottomUpElement == null) {
             secHeader.getSecurityHeader().appendChild(el);
@@ -234,14 +235,15 @@ public abstract class AbstractBindingBui
         }
         bottomUpElement = el;
     }
+    
     protected void addTopDownElement(Element el) {
         if (topDownElement == null) {
             if (secHeader.getSecurityHeader().getFirstChild() == null) {
                 secHeader.getSecurityHeader().appendChild(el);
             } else {
-                secHeader.getSecurityHeader().insertBefore(el, secHeader
-                                                               .getSecurityHeader()
-                                                               .getFirstChild());
+                secHeader.getSecurityHeader().insertBefore(
+                    el, secHeader.getSecurityHeader().getFirstChild()
+                );
             }
         } else {
             insertAfter(el, topDownElement);
@@ -269,6 +271,7 @@ public abstract class AbstractBindingBui
         }
         throw new PolicyException(reason);
     }
+    
     protected void policyNotAsserted(PolicyAssertion assertion, String reason) {
         if (assertion == null) {
             return;
@@ -287,6 +290,7 @@ public abstract class AbstractBindingBui
             throw new PolicyException(new Message(reason, LOG));
         }
     }
+    
     protected void policyAsserted(PolicyAssertion assertion) {
         if (assertion == null) {
             return;
@@ -302,6 +306,7 @@ public abstract class AbstractBindingBui
             }
         }
     }
+    
     protected void policyAsserted(QName n) {
         Collection<AssertionInfo> ais = aim.getAssertionInfo(n);
         if (ais != null && !ais.isEmpty()) {
@@ -327,7 +332,8 @@ public abstract class AbstractBindingBui
     protected final Map<Object, Crypto> getCryptoCache() {
         EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
         synchronized (info) {
-            Map<Object, Crypto> o = CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE));
+            Map<Object, Crypto> o = 
+                CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE));
             if (o == null) {
                 o = new ConcurrentHashMap<Object, Crypto>();
                 info.setProperty(CRYPTO_CACHE, o);
@@ -335,10 +341,12 @@ public abstract class AbstractBindingBui
             return o;
         }
     }
+    
     protected final TokenStore getTokenStore() {
         EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
         synchronized (info) {
-            TokenStore tokenStore = (TokenStore)message.getContextualProperty(TokenStore.class.getName());
+            TokenStore tokenStore = 
+                (TokenStore)message.getContextualProperty(TokenStore.class.getName());
             if (tokenStore == null) {
                 tokenStore = (TokenStore)info.getProperty(TokenStore.class.getName());
             }
@@ -349,6 +357,7 @@ public abstract class AbstractBindingBui
             return tokenStore;
         }
     }
+    
     protected WSSecTimestamp createTimestamp() {
         Collection<AssertionInfo> ais;
         ais = aim.get(SP12Constants.INCLUDE_TIMESTAMP);
@@ -406,6 +415,7 @@ public abstract class AbstractBindingBui
         }
         return timestamp;
     }
+    
     protected void assertSupportingTokens(Collection<PolicyAssertion> suppTokens) {
         if (suppTokens == null) {
             return;
@@ -418,6 +428,7 @@ public abstract class AbstractBindingBui
             }
         }
     }
+    
     protected Map<Token, WSSecBase> handleSupportingTokens(Collection<PolicyAssertion> tokens, 
                                                            boolean endorse) {
         Map<Token, WSSecBase> ret = new HashMap<Token, WSSecBase>();
@@ -429,10 +440,12 @@ public abstract class AbstractBindingBui
             }
         }
         return ret;
-    }    
+    }
+    
     protected Map<Token, WSSecBase> handleSupportingTokens(SupportingToken suppTokens, boolean endorse) {
         return handleSupportingTokens(suppTokens, endorse, new HashMap<Token, WSSecBase>());
     }
+    
     protected Map<Token, WSSecBase> handleSupportingTokens(SupportingToken suppTokens, 
                                                            boolean endorse,
                                                            Map<Token, WSSecBase> ret) {
@@ -474,7 +487,7 @@ public abstract class AbstractBindingBui
                     //Add the extracted token
                     ret.put(token, new WSSecurityTokenHolder(secToken));
                 } else {
-                    WSSecSignatureHelper sig = new WSSecSignatureHelper();                    
+                    WSSecSignature sig = new WSSecSignature();                    
                     sig.setX509Certificate(secToken.getX509Certificate());
                     sig.setCustomTokenId(secToken.getId());
                     sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
@@ -501,9 +514,7 @@ public abstract class AbstractBindingBui
                     }
                     sig.setUserInfo(uname, password);
                     try {
-                        sig.prepare(saaj.getSOAPPart(),
-                                    secToken.getCrypto(), 
-                                    secHeader);
+                        sig.prepare(saaj.getSOAPPart(), secToken.getCrypto(), secHeader);
                     } catch (WSSecurityException e) {
                         throw new Fault(e);
                     }
@@ -517,7 +528,7 @@ public abstract class AbstractBindingBui
             } else if (token instanceof X509Token) {
                 //We have to use a cert
                 //Prepare X509 signature
-                WSSecSignature sig = getSignatureBuider(suppTokens, token, endorse);
+                WSSecSignature sig = getSignatureBuilder(suppTokens, token, endorse);
                 Element bstElem = sig.getBinarySecurityTokenElement();
                 if (bstElem != null) {
                     sig.prependBSTElementToHeader(secHeader);
@@ -527,7 +538,7 @@ public abstract class AbstractBindingBui
                 }
                 ret.put(token, sig);
             } else if (token instanceof KeyValueToken) {
-                WSSecSignature sig = getSignatureBuider(suppTokens, token, endorse);
+                WSSecSignature sig = getSignatureBuilder(suppTokens, token, endorse);
                 if (suppTokens.isEncryptedToken()) {
                     encryptedTokensIdList.add(sig.getBSTTokenId());
                 }
@@ -559,22 +570,19 @@ public abstract class AbstractBindingBui
         
         for (Map.Entry<Token, WSSecBase> entry : tokenMap.entrySet()) {
             
-            Object tempTok =  entry.getValue();
+            Object tempTok = entry.getValue();
             WSEncryptionPart part = null;
             
-            if (tempTok instanceof WSSecSignatureHelper) {
-                WSSecSignatureHelper tempSig = (WSSecSignatureHelper) tempTok;
+            if (tempTok instanceof WSSecSignature) {
+                WSSecSignature tempSig = (WSSecSignature) tempTok;
+                SecurityTokenReference secRef = tempSig.getSecurityTokenReference();
                 if ((WSConstants.WSS_SAML_NS + WSConstants.SAML_ASSERTION_ID).
-                    equals(tempSig.getSecRef().getKeyIdentifierValueType())) {
+                    equals(secRef.getKeyIdentifierValueType())) {
                     
-                    addSupportingElement(cloneElement(tempSig.getSecRef().getElement()));
+                    addSupportingElement(cloneElement(secRef.getElement()));
                                
-                    // NOTE: This usage of WSEncryptionPart is a workaroud that is
-                    // coupled with WSSecSignatureHelper. This approach is used so that
-                    // we can force WSS4J to sign the assertion through a STR that
-                    // WSS4J did not create during message signature creation.
-                    part = new WSEncryptionPart(tempSig.getStrUri(), "ExternalSTRTransform", "Element");
-            
+                    part = new WSEncryptionPart("STRTransform", null, "Element");
+                    part.setId(tempSig.getSecurityTokenReferenceURI());
                 } else {
                     if (tempSig.getBSTTokenId() != null) {
                         part = new WSEncryptionPart(tempSig.getBSTTokenId());
@@ -592,9 +600,7 @@ public abstract class AbstractBindingBui
         }
     }
 
-    
     protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
-        
         AssertionInfo info = null;
         Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
         for (AssertionInfo ai : ais) {
@@ -608,7 +614,6 @@ public abstract class AbstractBindingBui
         }
         
         String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
-        
         if (!StringUtils.isEmpty(userName)) {
             // If NoPassword property is set we don't need to set the password
             if (token.isNoPassword()) {
@@ -644,8 +649,9 @@ public abstract class AbstractBindingBui
         }
         return null;
     }
+    
     public String getPassword(String userName, PolicyAssertion info, int type) {
-      //Then try to get the password from the given callback handler
+        //Then try to get the password from the given callback handler
         Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
     
         CallbackHandler handler = null;
@@ -664,8 +670,7 @@ public abstract class AbstractBindingBui
             return null;
         }
         
-        WSPasswordCallback[] cb = {new WSPasswordCallback(userName,
-                                                          type)};
+        WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
         try {
             handler.handle(cb);
         } catch (Exception e) {
@@ -723,7 +728,7 @@ public abstract class AbstractBindingBui
         return id;
     }
 
-    public Vector<WSEncryptionPart> getEncryptedParts() 
+    public List<WSEncryptionPart> getEncryptedParts() 
         throws SOAPException {
         
         boolean isBody = false;
@@ -778,7 +783,7 @@ public abstract class AbstractBindingBui
                                    celements == null ? null : celements.getDeclaredNamespaces());
     }    
     
-    public Vector<WSEncryptionPart> getSignedParts() 
+    public List<WSEncryptionPart> getSignedParts() 
         throws SOAPException {
         
         boolean isSignBody = false;
@@ -846,7 +851,7 @@ public abstract class AbstractBindingBui
      * @param cnamespaces
      *            namespace prefix to namespace mappings for XPath expressions
      *            in {@code contentXpaths}
-     * @return a configured vector of {@code WSEncryptionPart}s suitable for
+     * @return a configured list of {@code WSEncryptionPart}s suitable for
      *         processing by WSS4J
      * @throws SOAPException
      *             if there is an error extracting SOAP content from the SAAJ
@@ -855,7 +860,7 @@ public abstract class AbstractBindingBui
      * @deprecated Use {@link #getSignedParts()} and {@link #getEncryptedParts()}
      *             instead.
      */
-    public Vector<WSEncryptionPart> getPartsAndElements(boolean sign, 
+    public List<WSEncryptionPart> getPartsAndElements(boolean sign, 
                                                     boolean includeBody,
                                                     List<WSEncryptionPart> parts,
                                                     List<String> xpaths, 
@@ -864,7 +869,7 @@ public abstract class AbstractBindingBui
                                                     Map<String, String> cnamespaces) 
         throws SOAPException {
         
-        Vector<WSEncryptionPart> result = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> result = new Vector<WSEncryptionPart>();
         
         List<Element> found = new ArrayList<Element>();
         
@@ -906,30 +911,25 @@ public abstract class AbstractBindingBui
      *            signing/encryption. Populated with additional matches found by
      *            this method and used to prevent including the same element
      *            twice under the same operation.
-     * @return a configured vector of {@code WSEncryptionPart}s suitable for
+     * @return a configured list of {@code WSEncryptionPart}s suitable for
      *         processing by WSS4J
      * @throws SOAPException
      *             if there is an error extracting SOAP content from the SAAJ
      *             model
      */
-    private Vector<WSEncryptionPart> getParts(boolean sign,
+    private List<WSEncryptionPart> getParts(boolean sign,
             boolean includeBody, List<WSEncryptionPart> parts,
             List<Element> found) throws SOAPException {
         
-        Vector<WSEncryptionPart> result = new Vector<WSEncryptionPart>();
-        
+        List<WSEncryptionPart> result = new Vector<WSEncryptionPart>();
         
         if (includeBody && !found.contains(this.saaj.getSOAPBody())) {
             found.add(saaj.getSOAPBody());
             final String id = this.addWsuIdToElement(this.saaj.getSOAPBody());
             if (sign) {
-                result.add(new WSEncryptionPart(
-                        id,
-                        "Element"));
+                result.add(new WSEncryptionPart(id, "Element"));
             } else {
-                result.add(new WSEncryptionPart(
-                        id,
-                        "Content"));
+                result.add(new WSEncryptionPart(id, "Content"));
             }
         }
         
@@ -957,9 +957,7 @@ public abstract class AbstractBindingBui
                     // elemenet with the same name and namespace as that in the
                     // WSEncryptionPart
                     final String id = this.addWsuIdToElement(el);
-                    result.add(new WSEncryptionPart(
-                            id,
-                            part.getEncModifier()));
+                    result.add(new WSEncryptionPart(id, part.getEncModifier()));
                 }
             }
         }
@@ -983,7 +981,7 @@ public abstract class AbstractBindingBui
      *            signing/encryption. Populated with additional matches found by
      *            this method and used to prevent including the same element
      *            twice under the same operation.
-     * @return a configured vector of {@code WSEncryptionPart}s suitable for
+     * @return a configured list of {@code WSEncryptionPart}s suitable for
      *         processing by WSS4J
      * @throws XPathExpressionException
      *             if a provided XPath is invalid
@@ -991,11 +989,11 @@ public abstract class AbstractBindingBui
      *             if there is an error extracting SOAP content from the SAAJ
      *             model
      */
-    private Vector<WSEncryptionPart> getElements(String encryptionModifier,
+    private List<WSEncryptionPart> getElements(String encryptionModifier,
             List<String> xpaths, Map<String, String> namespaces,
             List<Element> found) throws XPathExpressionException, SOAPException {
         
-        Vector<WSEncryptionPart> result = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> result = new Vector<WSEncryptionPart>();
         
         if (xpaths != null && !xpaths.isEmpty()) {
             XPathFactory factory = XPathFactory.newInstance();
@@ -1017,7 +1015,6 @@ public abstract class AbstractBindingBui
                         // WSEncryptionPart
                         final String id = this.addWsuIdToElement(el);
                         
-                        
                         WSEncryptionPart part = new WSEncryptionPart(
                                 id, 
                                 encryptionModifier);
@@ -1066,13 +1063,13 @@ public abstract class AbstractBindingBui
                          SecurityConstants.ENCRYPT_CRYPTO,
                          SecurityConstants.ENCRYPT_PROPERTIES);
     }
+    
     public Crypto getCrypto(TokenWrapper wrapper, String cryptoKey, String propKey) {
         Crypto crypto = (Crypto)message.getContextualProperty(cryptoKey);
         if (crypto != null) {
             return crypto;
         }
         
-        
         Object o = message.getContextualProperty(propKey);
         if (o == null) {
             return null;
@@ -1158,13 +1155,14 @@ public abstract class AbstractBindingBui
                     secBase.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
                 }
             }
-            
         } else {
             policyAsserted(token);
             policyAsserted(wrapper);
             secBase.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
         }
     }
+    
+    @SuppressWarnings("unchecked")
     public void setEncryptionUser(WSSecEncryptedKey encrKeyBuilder, TokenWrapper token,
                                   boolean sign, Crypto crypto) {
         String encrUser = (String)message.getContextualProperty(sign 
@@ -1198,11 +1196,11 @@ public abstract class AbstractBindingBui
         if (WSHandlerConstants.USE_REQ_SIG_CERT.equals(encrUser)) {
             Object resultsObj = message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
             if (resultsObj != null) {
-                encrKeyBuilder.setUseThisCert(getReqSigCert((Vector)resultsObj));
+                encrKeyBuilder.setUseThisCert(getReqSigCert((List<WSHandlerResult>)resultsObj));
                  
                 //TODO This is a hack, this should not come under USE_REQ_SIG_CERT
                 if (encrKeyBuilder.isCertSet()) {
-                    encrKeyBuilder.setUserInfo(getUsername((Vector)resultsObj));
+                    encrKeyBuilder.setUserInfo(getUsername((List<WSHandlerResult>)resultsObj));
                 }
             } else {
                 policyNotAsserted(token, "No security results in incoming message");
@@ -1211,24 +1209,20 @@ public abstract class AbstractBindingBui
             encrKeyBuilder.setUserInfo(encrUser);
         }
     }
-    private static X509Certificate getReqSigCert(Vector results) {
+    
+    private static X509Certificate getReqSigCert(List<WSHandlerResult> results) {
         /*
         * Scan the results for a matching actor. Use results only if the
         * receiving Actor and the sending Actor match.
         */
-        for (int i = 0; i < results.size(); i++) {
-            WSHandlerResult rResult =
-                    (WSHandlerResult) results.get(i);
-
-            List wsSecEngineResults = rResult.getResults();
+        for (WSHandlerResult rResult : results) {
+            List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
             /*
             * Scan the results for the first Signature action. Use the
             * certificate of this Signature to set the certificate for the
             * encryption action :-).
             */
-            for (int j = 0; j < wsSecEngineResults.size(); j++) {
-                WSSecurityEngineResult wser =
-                        (WSSecurityEngineResult) wsSecEngineResults.get(j);
+            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                 if (actInt.intValue() == WSConstants.SIGN) {
                     return (X509Certificate)wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
@@ -1245,24 +1239,18 @@ public abstract class AbstractBindingBui
      * @param results
      * @return
      */
-    
-    public static String getUsername(Vector results) {
+    public static String getUsername(List<WSHandlerResult> results) {
         /*
          * Scan the results for a matching actor. Use results only if the
          * receiving Actor and the sending Actor match.
          */
-        for (int i = 0; i < results.size(); i++) {
-            WSHandlerResult rResult =
-                     (WSHandlerResult) results.get(i);
-
-            List wsSecEngineResults = rResult.getResults();
+        for (WSHandlerResult rResult : results) {
+            List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
             /*
              * Scan the results for a username token. Use the username
              * of this token to set the alias for the encryption user
              */
-            for (int j = 0; j < wsSecEngineResults.size(); j++) {
-                WSSecurityEngineResult wser =
-                         (WSSecurityEngineResult) wsSecEngineResults.get(j);
+            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                 if (actInt.intValue() == WSConstants.UT) {
                     WSUsernameTokenPrincipal principal 
@@ -1274,6 +1262,7 @@ public abstract class AbstractBindingBui
          
         return null;
     }
+    
     protected Wss10 getWss10() {
         Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.WSS10);
         if (ais != null) {
@@ -1299,8 +1288,9 @@ public abstract class AbstractBindingBui
             }
         }
     }
-    protected WSSecSignatureHelper getSignatureBuider(TokenWrapper wrapper, Token token, boolean endorse) {
-        WSSecSignatureHelper sig = new WSSecSignatureHelper();
+    
+    protected WSSecSignature getSignatureBuilder(TokenWrapper wrapper, Token token, boolean endorse) {
+        WSSecSignature sig = new WSSecSignature();
         checkForX509PkiPath(sig, token);        
         setKeyIdentifierType(sig, wrapper, token);
         
@@ -1359,9 +1349,7 @@ public abstract class AbstractBindingBui
         sig.setSigCanonicalization(binding.getAlgorithmSuite().getInclusiveC14n());
         
         try {
-            sig.prepare(saaj.getSOAPPart(),
-                        crypto, 
-                        secHeader);
+            sig.prepare(saaj.getSOAPPart(), crypto, secHeader);
         } catch (WSSecurityException e) {
             policyNotAsserted(token, e);
         }
@@ -1376,7 +1364,7 @@ public abstract class AbstractBindingBui
         for (Map.Entry<Token, WSSecBase> ent : tokenMap.entrySet()) {
             WSSecBase tempTok = ent.getValue();
             
-            Vector<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
+            List<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
             sigParts.add(new WSEncryptionPart(mainSigId));
             
             if (tempTok instanceof WSSecSignature) {
@@ -1385,7 +1373,7 @@ public abstract class AbstractBindingBui
                     sigParts.add(new WSEncryptionPart(sig.getBSTTokenId()));
                 }
                 try {
-                    List referenceList = sig.addReferencesToSign(sigParts, secHeader);
+                    List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
                     sig.computeSignature(referenceList, false, null);
                     
                     signatures.add(sig.getSignatureValue());
@@ -1415,8 +1403,9 @@ public abstract class AbstractBindingBui
             }
         } 
     }
+    
     private void doSymmSignatureDerived(Token policyToken, SecurityToken tok,
-                                 Vector<WSEncryptionPart> sigParts, boolean isTokenProtection)
+                                 List<WSEncryptionPart> sigParts, boolean isTokenProtection)
         throws WSSecurityException, ConversationException {
         
         Document doc = saaj.getSOAPPart();
@@ -1486,7 +1475,7 @@ public abstract class AbstractBindingBui
         
         dkSign.setParts(sigParts);
         
-        List referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
+        List<Reference> referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
         
         //Add elements to header
         addSupportingElement(dkSign.getdktElement());
@@ -1496,8 +1485,9 @@ public abstract class AbstractBindingBui
         
         signatures.add(dkSign.getSignatureValue());
     }
+    
     private void doSymmSignature(Token policyToken, SecurityToken tok,
-                                         Vector<WSEncryptionPart> sigParts, boolean isTokenProtection)
+                                         List<WSEncryptionPart> sigParts, boolean isTokenProtection)
         throws WSSecurityException, ConversationException {
         
         Document doc = saaj.getSOAPPart();
@@ -1543,13 +1533,14 @@ public abstract class AbstractBindingBui
         sig.prepare(doc, getSignatureCrypto(null), secHeader);
 
         sig.setParts(sigParts);
-        List referenceList = sig.addReferencesToSign(sigParts, secHeader);
+        List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
 
         //Do signature
         sig.computeSignature(referenceList, false, null);
         signatures.add(sig.getSignatureValue());
     }
-    protected void assertSupportingTokens(Vector<WSEncryptionPart> sigs) {
+    
+    protected void assertSupportingTokens(List<WSEncryptionPart> sigs) {
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SIGNED_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.ENDORSING_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS));
@@ -1559,8 +1550,9 @@ public abstract class AbstractBindingBui
                                                        .SIGNED_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS));
-    }    
-    protected void addSupportingTokens(Vector<WSEncryptionPart> sigs) {
+    }
+    
+    protected void addSupportingTokens(List<WSEncryptionPart> sigs) {
         
         Collection<PolicyAssertion> sgndSuppTokens = 
             findAndAssertPolicy(SP12Constants.SIGNED_SUPPORTING_TOKENS);
@@ -1604,10 +1596,8 @@ public abstract class AbstractBindingBui
         addSignatureParts(sgndEncSuppTokMap, sigs);
         addSignatureParts(sgndEndSuppTokMap, sigs);
         addSignatureParts(sgndEndEncSuppTokMap, sigs);
-
     }
     
-
     protected void doEndorse() {
         boolean tokenProtect = false;
         boolean sigProtect = false;
@@ -1629,7 +1619,8 @@ public abstract class AbstractBindingBui
         doEndorsedSignatures(sgndEndSuppTokMap, tokenProtect, sigProtect);
     } 
 
-    protected void addSignatureConfirmation(Vector<WSEncryptionPart> sigParts) {
+    @SuppressWarnings("unchecked")
+    protected void addSignatureConfirmation(List<WSEncryptionPart> sigParts) {
         Wss10 wss10 = getWss10();
         
         if (!(wss10 instanceof Wss11) 
@@ -1638,16 +1629,15 @@ public abstract class AbstractBindingBui
             return;
         }
         
-        Vector results = (Vector)message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
+        List<WSHandlerResult> results = 
+            (List<WSHandlerResult>)message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
         /*
          * loop over all results gathered by all handlers in the chain. For each
          * handler result get the various actions. After that loop we have all
          * signature results in the signatureActions vector
          */
-        Vector signatureActions = new Vector();
-        for (int i = 0; i < results.size(); i++) {
-            WSHandlerResult wshResult = (WSHandlerResult) results.get(i);
-
+        List<WSSecurityEngineResult> signatureActions = new Vector<WSSecurityEngineResult>();
+        for (WSHandlerResult wshResult : results) {
             WSSecurityUtil.fetchAllActionResults(wshResult.getResults(),
                     WSConstants.SIGN, signatureActions);
             WSSecurityUtil.fetchAllActionResults(wshResult.getResults(),
@@ -1659,9 +1649,7 @@ public abstract class AbstractBindingBui
         // prepare a SignatureConfirmation token
         WSSecSignatureConfirmation wsc = new WSSecSignatureConfirmation();
         if (signatureActions.size() > 0) {
-            for (int i = 0; i < signatureActions.size(); i++) {
-                WSSecurityEngineResult wsr = (WSSecurityEngineResult) signatureActions
-                        .get(i);
+            for (WSSecurityEngineResult wsr : signatureActions) {
                 byte[] sigVal = (byte[]) wsr.get(WSSecurityEngineResult.TAG_SIGNATURE_VALUE);
                 wsc.setSignatureValue(sigVal);
                 wsc.prepare(saaj.getSOAPPart());
@@ -1695,10 +1683,10 @@ public abstract class AbstractBindingBui
      *             and the {@code WSEncryptionPart} {@code name} value is not
      *             "Token"
      */
-    public void handleEncryptedSignedHeaders(Vector<WSEncryptionPart> encryptedParts, 
-                                             Vector<WSEncryptionPart> signedParts) {
+    public void handleEncryptedSignedHeaders(List<WSEncryptionPart> encryptedParts, 
+            List<WSEncryptionPart> signedParts) {
 
-        final Vector<WSEncryptionPart> signedEncryptedParts = new Vector<WSEncryptionPart>();
+        final List<WSEncryptionPart> signedEncryptedParts = new Vector<WSEncryptionPart>();
         
         for (WSEncryptionPart encryptedPart : encryptedParts) {
             final Iterator<WSEncryptionPart> signedPartsIt = signedParts.iterator();
@@ -1731,73 +1719,4 @@ public abstract class AbstractBindingBui
         signedParts.addAll(signedEncryptedParts);
     }
     
-    private static final class WSSecSignatureHelper extends WSSecSignature {
-        public SecurityTokenReference getSecRef() {
-            return this.secRef;
-        }
-
-        public String getStrUri() {
-            return this.strUri;
-        }
-
-        @Override
-        public List addReferencesToSign(List references,
-                WSSecHeader secHeader) throws WSSecurityException {
-            final List<WSEncryptionPart> unalteredReferences = new Vector<WSEncryptionPart>();
-
-            List uberReferences = new Vector();
-            try {
-                DigestMethod digestMethod;
-                try {
-                    digestMethod = signatureFactory.newDigestMethod(this.getDigestAlgo(), null);
-                } catch (Exception ex) {
-                    throw new WSSecurityException(
-                        WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex
-                    );
-                }
-                
-                for (int part = 0; part < references.size(); part++) {
-                    final WSEncryptionPart encPart = (WSEncryptionPart) references.get(part);
-
-                    final String elemName = encPart.getName();
-
-                    if (elemName != null && "ExternalSTRTransform".equals(encPart.getNamespace())) {
-                        final Element ctx = this.createSTRParameter(document);
-                        
-                        XMLStructure structure = new DOMStructure(ctx);
-                        Transform transform =
-                            signatureFactory.newTransform(
-                                STRTransform.TRANSFORM_URI,
-                                structure
-                            );
-                        
-                        javax.xml.crypto.dsig.Reference reference = 
-                            signatureFactory.newReference(
-                                "#" + elemName, 
-                                digestMethod,
-                                Collections.singletonList(transform),
-                                null,
-                                null
-                            );
-                        uberReferences.add(reference);
-                    } else {
-                        unalteredReferences.add(encPart);
-                    }
-                }
-            } catch (NoSuchAlgorithmException e1) {
-                throw new WSSecurityException(
-                    WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1
-                );
-            } catch (InvalidAlgorithmParameterException e1) {
-                throw new WSSecurityException(
-                    WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, e1
-                );
-            }
-
-            List newReferences = super.addReferencesToSign(unalteredReferences, secHeader);
-            uberReferences.addAll(newReferences);
-            return uberReferences;
-        }
-    }
-    
 }

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java Fri Nov 26 17:19:19 2010
@@ -26,6 +26,7 @@ import java.util.Vector;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.xml.crypto.dsig.Reference;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPMessage;
 
@@ -92,11 +93,9 @@ public class AsymmetricBindingHandler ex
         }
     }
 
-
-
     private void doSignBeforeEncrypt() {
         try {
-            Vector<WSEncryptionPart> sigs = new Vector<WSEncryptionPart>();
+            List<WSEncryptionPart> sigs = new Vector<WSEncryptionPart>();
             if (isRequestor()) {
                 //Add timestamp
                 if (timestampEl != null) {
@@ -111,7 +110,6 @@ public class AsymmetricBindingHandler ex
                 //confirm sig
                 assertSupportingTokens(sigs);
                 
-                
                 //Add timestamp
                 if (timestampEl != null) {
                     Element el = timestampEl.getElement();
@@ -122,7 +120,7 @@ public class AsymmetricBindingHandler ex
                 doSignature(sigs);
             }
 
-            Vector<WSEncryptionPart> enc = getEncryptedParts();
+            List<WSEncryptionPart> enc = getEncryptedParts();
             
             //Check for signature protection
             if (abinding.isSignatureProtection() && mainSigId != null) {
@@ -137,7 +135,6 @@ public class AsymmetricBindingHandler ex
 
             //Do encryption
             RecipientToken recToken = abinding.getRecipientToken();
-
             
             doEncryption(recToken, enc, false);
         } catch (Exception e) {
@@ -156,8 +153,8 @@ public class AsymmetricBindingHandler ex
             wrapper = abinding.getInitiatorToken();
         }
         encryptionToken = wrapper.getToken();
-        Vector<WSEncryptionPart> encrParts = null;
-        Vector<WSEncryptionPart> sigParts = null;
+        List<WSEncryptionPart> encrParts = null;
+        List<WSEncryptionPart> sigParts = null;
         try {
             encrParts = getEncryptedParts();
             //Signed parts are determined before encryption because encrypted signed  headers
@@ -168,17 +165,14 @@ public class AsymmetricBindingHandler ex
             e1.printStackTrace();
         }
         
-        
         if (encryptionToken == null && encrParts.size() > 0) {
             //REVISIT - no token to encrypt with  
         }
         
-        
         if (encryptionToken != null && encrParts.size() > 0) {
             WSSecBase encrBase = doEncryption(wrapper, encrParts, true);
             handleEncryptedSignedHeaders(encrParts, sigParts);
             
-            
             if (timestampEl != null) {
                 sigParts.add(new WSEncryptionPart(addWsuIdToElement(timestampEl.getElement())));
             }
@@ -210,7 +204,7 @@ public class AsymmetricBindingHandler ex
             
             // Check for signature protection
             if (abinding.isSignatureProtection() && mainSigId != null) {
-                Vector<WSEncryptionPart> secondEncrParts = new Vector<WSEncryptionPart>();
+                List<WSEncryptionPart> secondEncrParts = new Vector<WSEncryptionPart>();
 
                 // Now encrypt the signature using the above token
                 secondEncrParts.add(new WSEncryptionPart(mainSigId, "Element"));
@@ -238,7 +232,7 @@ public class AsymmetricBindingHandler ex
                             .createElementNS(WSConstants.ENC_NS,
                                              WSConstants.ENC_PREFIX + ":ReferenceList");
                         this.insertBeforeBottomUp(secondRefList);
-                        ((WSSecEncrypt)encrBase).encryptForExternalRef(secondRefList, secondEncrParts);
+                        ((WSSecEncrypt)encrBase).encryptForRef(secondRefList, secondEncrParts);
                         
                     } catch (WSSecurityException e) {
                         //REVISIT - exception
@@ -249,9 +243,8 @@ public class AsymmetricBindingHandler ex
         }
     }
     
-    
     private WSSecBase doEncryption(TokenWrapper recToken,
-                                    Vector<WSEncryptionPart> encrParts,
+                                    List<WSEncryptionPart> encrParts,
                                     boolean externalRef) {
         //Do encryption
         if (recToken != null && recToken.getToken() != null && encrParts.size() > 0) {
@@ -301,15 +294,14 @@ public class AsymmetricBindingHandler ex
                         encr.prependBSTElementToHeader(secHeader);
                     }
                     
-                    
                     Element encryptedKeyElement = encr.getEncryptedKeyElement();
                                        
                     //Encrypt, get hold of the ref list and add it
                     if (externalRef) {
-                        Element refList = encr.encryptForExternalRef(null, encrParts);
+                        Element refList = encr.encryptForRef(null, encrParts);
                         insertBeforeBottomUp(refList);
                     } else {
-                        Element refList = encr.encryptForInternalRef(null, encrParts);
+                        Element refList = encr.encryptForRef(null, encrParts);
                     
                         // Add internal refs
                         encryptedKeyElement.appendChild(refList);
@@ -339,7 +331,7 @@ public class AsymmetricBindingHandler ex
         }
     }
     
-    private void doSignature(Vector<WSEncryptionPart> sigParts) throws WSSecurityException, SOAPException {
+    private void doSignature(List<WSEncryptionPart> sigParts) throws WSSecurityException, SOAPException {
         Token sigToken = null;
         TokenWrapper wrapper = null;
         if (isRequestor()) {
@@ -374,7 +366,7 @@ public class AsymmetricBindingHandler ex
 
                 dkSign.setParts(sigParts);
 
-                List referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
+                List<Reference> referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
 
                 // Add elements to header
                 addDerivedKeyElement(dkSign.getdktElement());
@@ -394,7 +386,7 @@ public class AsymmetricBindingHandler ex
                 e.printStackTrace();
             }
         } else {
-            WSSecSignature sig = getSignatureBuider(wrapper, sigToken, false);
+            WSSecSignature sig = getSignatureBuilder(wrapper, sigToken, false);
                       
             // This action must occur before sig.prependBSTElementToHeader
             if (abinding.isTokenProtection()
@@ -405,7 +397,7 @@ public class AsymmetricBindingHandler ex
             sig.prependBSTElementToHeader(secHeader);
             sigParts.addAll(this.getSignedParts());
             
-            List referenceList = sig.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
             //Do signature
             if (bottomUpElement == null) {
                 sig.computeSignature(referenceList, false, null);
@@ -420,6 +412,7 @@ public class AsymmetricBindingHandler ex
         }
     }
 
+    @SuppressWarnings("unchecked")
     private void setupEncryptedKey(TokenWrapper wrapper, Token token) throws WSSecurityException {
         if (!isRequestor() && token.isDerivedKeys()) {
             //If we already have them, simply return
@@ -430,8 +423,8 @@ public class AsymmetricBindingHandler ex
             //Use the secret from the incoming EncryptedKey element
             Object resultsObj = message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
             if (resultsObj != null) {
-                encryptedKeyId = getRequestEncryptedKeyId((Vector)resultsObj);
-                encryptedKeyValue = getRequestEncryptedKeyValue((Vector)resultsObj);
+                encryptedKeyId = getRequestEncryptedKeyId((List<WSHandlerResult>)resultsObj);
+                encryptedKeyValue = getRequestEncryptedKeyValue((List<WSHandlerResult>)resultsObj);
                 
                 //In the case where we don't have the EncryptedKey in the 
                 //request, for the control to have reached this state,
@@ -448,25 +441,20 @@ public class AsymmetricBindingHandler ex
             createEncryptedKey(wrapper, token);
         }
     }
-    public static String getRequestEncryptedKeyId(Vector results) {
+    
+    public static String getRequestEncryptedKeyId(List<WSHandlerResult> results) {
         
-        for (int i = 0; i < results.size(); i++) {
-            WSHandlerResult rResult =
-                    (WSHandlerResult) results.get(i);
-
-            List wsSecEngineResults = rResult.getResults();
+        for (WSHandlerResult rResult : results) {
+            List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
             /*
-            * Scan the results for the first Signature action. Use the
-            * certificate of this Signature to set the certificate for the
-            * encryption action :-).
-            */
-            for (int j = 0; j < wsSecEngineResults.size(); j++) {
-                WSSecurityEngineResult wser =
-                        (WSSecurityEngineResult) wsSecEngineResults.get(j);
+             * Scan the results for the first Signature action. Use the
+             * certificate of this Signature to set the certificate for the
+             * encryption action :-).
+             */
+            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                 String encrKeyId = (String)wser.get(WSSecurityEngineResult.TAG_ENCRYPTED_KEY_ID);
-                if (actInt.intValue() == WSConstants.ENCR
-                    && encrKeyId != null) {
+                if (actInt.intValue() == WSConstants.ENCR && encrKeyId != null) {
                     return encrKeyId;
                 }
             }
@@ -475,25 +463,20 @@ public class AsymmetricBindingHandler ex
         return null;
     }
     
-    public static byte[] getRequestEncryptedKeyValue(Vector results) {
+    public static byte[] getRequestEncryptedKeyValue(List<WSHandlerResult> results) {
         
-        for (int i = 0; i < results.size(); i++) {
-            WSHandlerResult rResult =
-                    (WSHandlerResult) results.get(i);
+        for (WSHandlerResult rResult : results) {
+            List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
 
-            List wsSecEngineResults = rResult.getResults();
             /*
             * Scan the results for the first Signature action. Use the
             * certificate of this Signature to set the certificate for the
             * encryption action :-).
             */
-            for (int j = 0; j < wsSecEngineResults.size(); j++) {
-                WSSecurityEngineResult wser =
-                        (WSSecurityEngineResult) wsSecEngineResults.get(j);
+            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                 byte[] decryptedKey = (byte[])wser.get(WSSecurityEngineResult.TAG_DECRYPTED_KEY);
-                if (actInt.intValue() == WSConstants.ENCR 
-                    && decryptedKey != null) {
+                if (actInt.intValue() == WSConstants.ENCR && decryptedKey != null) {
                     return decryptedKey;
                 }
             }

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Fri Nov 26 17:19:19 2010
@@ -19,14 +19,13 @@
 
 package org.apache.cxf.ws.security.wss4j.policyhandlers;
 
-
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Date;
 import java.util.List;
 import java.util.Vector;
-import java.util.logging.Level;
 
+import javax.xml.crypto.dsig.Reference;
 import javax.xml.soap.SOAPMessage;
 
 import org.w3c.dom.Document;
@@ -93,6 +92,7 @@ public class SymmetricBindingHandler ext
         }
         return sbinding.getSignatureToken();
     }
+    
     private TokenWrapper getEncryptionToken() {
         if (sbinding.getProtectionToken() != null) {
             return sbinding.getProtectionToken();
@@ -117,10 +117,8 @@ public class SymmetricBindingHandler ext
         //REVIST - what to do with these policies?
         policyAsserted(SP11Constants.TRUST_10);
         policyAsserted(SP12Constants.TRUST_13);
-
     }
     
-    
     private void initializeTokens()  {
         //Setting up encryption token and signature token
         Token sigTok = getSignatureToken().getToken();
@@ -135,13 +133,12 @@ public class SymmetricBindingHandler ext
         }
     }
     
-    
     private void doEncryptBeforeSign() {
         try {
             TokenWrapper encryptionWrapper = getEncryptionToken();
             Token encryptionToken = encryptionWrapper.getToken();
-            Vector<WSEncryptionPart> encrParts = getEncryptedParts();
-            Vector<WSEncryptionPart> sigParts = getSignedParts();
+            List<WSEncryptionPart> encrParts = getEncryptedParts();
+            List<WSEncryptionPart> sigParts = getSignedParts();
             
             if (encryptionToken == null && encrParts.size() > 0) {
                 //REVISIT - nothing to encrypt?
@@ -149,7 +146,7 @@ public class SymmetricBindingHandler ext
             
             if (encryptionToken != null && encrParts.size() > 0) {
                 //The encryption token can be an IssuedToken or a 
-                 //SecureConversationToken
+                //SecureConversationToken
                 String tokenId = null;
                 SecurityToken tok = null;
                 if (encryptionToken instanceof IssuedToken) {
@@ -198,7 +195,6 @@ public class SymmetricBindingHandler ext
                 
                 handleEncryptedSignedHeaders(encrParts, sigParts);
                 
-                
                 if (timestampEl != null) {
                     sigParts.add(new WSEncryptionPart(addWsuIdToElement(timestampEl.getElement())));
                 }
@@ -208,7 +204,6 @@ public class SymmetricBindingHandler ext
                 } else {
                     addSignatureConfirmation(sigParts);
                 }
-                    
                 
                 //Sign the message
                 //We should use the same key in the case of EncryptBeforeSig
@@ -221,11 +216,10 @@ public class SymmetricBindingHandler ext
                     this.doEndorse();
                 }
                 
-                
                 //Check for signature protection and encryption of UsernameToken
                 if (sbinding.isSignatureProtection() && this.mainSigId != null 
                     || encryptedTokensIdList.size() > 0 && isRequestor()) {
-                    Vector<WSEncryptionPart> secondEncrParts = new Vector<WSEncryptionPart>();
+                    List<WSEncryptionPart> secondEncrParts = new Vector<WSEncryptionPart>();
                     
                     //Now encrypt the signature using the above token
                     if (sbinding.isSignatureProtection()) {
@@ -246,8 +240,7 @@ public class SymmetricBindingHandler ext
                         this.addDerivedKeyElement(secondRefList);
                     } else {
                         //Encrypt, get hold of the ref list and add it
-                        secondRefList = ((WSSecEncrypt)encr).encryptForExternalRef(null,
-                                encrParts);
+                        secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, encrParts);
                         this.addDerivedKeyElement(secondRefList);
                     }
                 }
@@ -258,6 +251,7 @@ public class SymmetricBindingHandler ext
             throw new Fault(ex);
         }
     }
+    
     private void doSignBeforeEncrypt() {
         TokenWrapper sigTokenWrapper = getSignatureToken();
         Token sigToken = sigTokenWrapper.getToken();
@@ -316,8 +310,7 @@ public class SymmetricBindingHandler ext
                 tokIncluded = false;
             }
         
-        
-            Vector<WSEncryptionPart> sigs = getSignedParts();
+            List<WSEncryptionPart> sigs = getSignedParts();
             //Add timestamp
             if (timestampEl != null) {
                 Element el = timestampEl.getElement();
@@ -339,8 +332,6 @@ public class SymmetricBindingHandler ext
                 }
             }
 
-            
-            
             //Encryption
             TokenWrapper encrTokenWrapper = getEncryptionToken();
             Token encrToken = encrTokenWrapper.getToken();
@@ -365,7 +356,7 @@ public class SymmetricBindingHandler ext
                 }
             }
             
-            Vector<WSEncryptionPart> enc = getEncryptedParts();
+            List<WSEncryptionPart> enc = getEncryptedParts();
             
             //Check for signature protection
             if (sbinding.isSignatureProtection() && mainSigId != null) {
@@ -386,11 +377,12 @@ public class SymmetricBindingHandler ext
             throw new Fault(e);
         }
     }
+    
     private WSSecBase doEncryptionDerived(TokenWrapper recToken,
                                           SecurityToken encrTok,
                                           Token encrToken,
                                           boolean attached,
-                                          Vector<WSEncryptionPart> encrParts,
+                                          List<WSEncryptionPart> encrParts,
                                           boolean atEnd) {
         try {
             WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
@@ -465,7 +457,7 @@ public class SymmetricBindingHandler ext
     private WSSecBase doEncryption(TokenWrapper recToken,
                                    SecurityToken encrTok,
                                    boolean attached,
-                                   Vector<WSEncryptionPart> encrParts,
+                                   List<WSEncryptionPart> encrParts,
                                    boolean atEnd) {
         //Do encryption
         if (recToken != null && recToken.getToken() != null && encrParts.size() > 0) {
@@ -531,7 +523,7 @@ public class SymmetricBindingHandler ext
                     }
                    
                    
-                    Element refList = encr.encryptForExternalRef(null, encrParts);
+                    Element refList = encr.encryptForRef(null, encrParts);
                     if (atEnd) {
                         this.insertBeforeBottomUp(refList);
                     } else {
@@ -546,7 +538,7 @@ public class SymmetricBindingHandler ext
         return null;
     }    
     
-    private byte[] doSignatureDK(Vector<WSEncryptionPart> sigs,
+    private byte[] doSignatureDK(List<WSEncryptionPart> sigs,
                                TokenWrapper policyTokenWrapper, 
                                Token policyToken, 
                                SecurityToken tok,
@@ -626,7 +618,7 @@ public class SymmetricBindingHandler ext
         }
         
         dkSign.setParts(sigs);
-        List referenceList = dkSign.addReferencesToSign(sigs, secHeader);
+        List<Reference> referenceList = dkSign.addReferencesToSign(sigs, secHeader);
         
         //Add elements to header
         Element el = dkSign.getdktElement();
@@ -644,7 +636,8 @@ public class SymmetricBindingHandler ext
 
         return dkSign.getSignatureValue();        
     }
-    private byte[] doSignature(Vector<WSEncryptionPart> sigs,
+    
+    private byte[] doSignature(List<WSEncryptionPart> sigs,
                              TokenWrapper policyTokenWrapper, 
                              Token policyToken, 
                              SecurityToken tok,
@@ -704,10 +697,8 @@ public class SymmetricBindingHandler ext
             }
             this.message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO, crypto);
             sig.prepare(saaj.getSOAPPart(), crypto, secHeader);
-            String soap = org.apache.ws.security.util.DOM2Writer.nodeToString(saaj.getSOAPPart());
-            LOG.log(Level.FINE, "SOAP: " + soap);
             sig.setParts(sigs);
-            List referenceList = sig.addReferencesToSign(sigs, secHeader);
+            List<Reference> referenceList = sig.addReferencesToSign(sigs, secHeader);
 
             //Do signature
             if (bottomUpElement == null) {
@@ -754,20 +745,16 @@ public class SymmetricBindingHandler ext
         return id;
     }
     
+    @SuppressWarnings("unchecked")
     private String getEncryptedKey() {
         
-        List results = (List)message.getExchange().getInMessage()
+        List<WSHandlerResult> results = (List<WSHandlerResult>)message.getExchange().getInMessage()
             .get(WSHandlerConstants.RECV_RESULTS);
         
-        for (int i = 0; i < results.size(); i++) {
-            WSHandlerResult rResult =
-                    (WSHandlerResult) results.get(i);
-
-            List wsSecEngineResults = rResult.getResults();
-            
-            for (int j = 0; j < wsSecEngineResults.size(); j++) {
-                WSSecurityEngineResult wser =
-                        (WSSecurityEngineResult) wsSecEngineResults.get(j);
+        for (WSHandlerResult rResult : results) {
+            List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
+            
+            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                 if (actInt.intValue() == WSConstants.ENCR
                     && wser.get(WSSecurityEngineResult.TAG_ENCRYPTED_KEY_ID) != null

Modified: cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1039471&r1=1039470&r2=1039471&view=diff
==============================================================================
--- cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java (original)
+++ cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java Fri Nov 26 17:19:19 2010
@@ -23,6 +23,7 @@ import java.util.Collection;
 import java.util.List;
 import java.util.Vector;
 
+import javax.xml.crypto.dsig.Reference;
 import javax.xml.soap.SOAPMessage;
 
 import org.w3c.dom.Document;
@@ -103,11 +104,13 @@ public class TransportBindingHandler ext
         }
         
     }
-    private static void addSig(Vector<byte[]> signatureValues, byte[] val) {
+    
+    private static void addSig(List<byte[]> signatureValues, byte[] val) {
         if (val != null) {
             signatureValues.add(val);
         }
     }
+    
     public void handleBinding() {
         Collection<AssertionInfo> ais;
         WSSecTimestamp timestamp = createTimestamp();
@@ -115,7 +118,7 @@ public class TransportBindingHandler ext
         
         try {
             if (this.isRequestor()) {
-                Vector<byte[]> signatureValues = new Vector<byte[]>();
+                List<byte[]> signatureValues = new Vector<byte[]>();
 
                 ais = aim.get(SP12Constants.SIGNED_SUPPORTING_TOKENS);
                 if (ais != null) {
@@ -220,7 +223,7 @@ public class TransportBindingHandler ext
         
         Document doc = saaj.getSOAPPart();
         
-        Vector<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
         
         if (timestampEl != null) {
             sigParts.add(new WSEncryptionPart(timestampEl.getId()));                          
@@ -263,7 +266,7 @@ public class TransportBindingHandler ext
             */
             
             dkSig.setParts(sigParts);
-            List referenceList = dkSig.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = dkSig.addReferencesToSign(sigParts, secHeader);
             
             //Do signature
             dkSig.appendDKElementToHeader(secHeader);
@@ -271,11 +274,11 @@ public class TransportBindingHandler ext
             
             return dkSig.getSignatureValue();
         } else {
-            WSSecSignature sig = getSignatureBuider(wrapper, token, false);
+            WSSecSignature sig = getSignatureBuilder(wrapper, token, false);
             if (sig != null) {
                 sig.prependBSTElementToHeader(secHeader);
             
-                List referenceList = sig.addReferencesToSign(sigParts, secHeader);
+                List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
                 
                 if (bottomUpElement == null) {
                     sig.computeSignature(referenceList, false, null);
@@ -306,7 +309,7 @@ public class TransportBindingHandler ext
         SPConstants.IncludeTokenType inclusion = token.getInclusion();
         boolean tokenIncluded = false;
         
-        Vector<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
         if (inclusion == SPConstants.IncludeTokenType.INCLUDE_TOKEN_ALWAYS
             || ((inclusion == SPConstants.IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT 
                 || inclusion == SPConstants.IncludeTokenType.INCLUDE_TOKEN_ONCE) 
@@ -367,7 +370,7 @@ public class TransportBindingHandler ext
                 dkSign.setExternalKey(secTok.getSecret(), secTok.getId());
             }
           
-            //    Set the algo info
+            // Set the algo info
             dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
             dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength() / 8);
             if (token.getSPConstants() == SP12Constants.INSTANCE) {
@@ -378,7 +381,7 @@ public class TransportBindingHandler ext
             addDerivedKeyElement(dkSign.getdktElement());
           
             dkSign.setParts(sigParts);
-            List referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = dkSign.addReferencesToSign(sigParts, secHeader);
           
             //Do signature
             dkSign.computeSignature(referenceList, false, null);
@@ -426,7 +429,7 @@ public class TransportBindingHandler ext
             sig.prepare(doc, crypto, secHeader);
 
             sig.setParts(sigParts);
-            List referenceList = sig.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = sig.addReferencesToSign(sigParts, secHeader);
 
             //Do signature
             if (bottomUpElement == null) {



Mime
View raw message