cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1455259 [1/2] - in /cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security: policy/ policy/interceptors/ wss4j/ wss4j/policyhandlers/ wss4j/policyvalidators/
Date Mon, 11 Mar 2013 17:52:37 GMT
Author: coheigea
Date: Mon Mar 11 17:52:36 2013
New Revision: 1455259

URL: http://svn.apache.org/r1455259
Log:
Fixed more failing tests

Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecurityVerificationOutInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/WSSecurityPolicyLoader.java Mon Mar 11 17:52:36 2013
@@ -172,6 +172,8 @@ public final class WSSecurityPolicyLoade
             SP11Constants.REQUIRE_INTERNAL_REFERENCE,
             SP12Constants.REQUIRE_ISSUER_SERIAL_REFERENCE,
             SP11Constants.REQUIRE_ISSUER_SERIAL_REFERENCE,
+            SP12Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE,
+            SP11Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE,
             SP12Constants.ENCRYPT_BEFORE_SIGNING,
             SP12Constants.SIGN_BEFORE_ENCRYPTING,
             SP12Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE,

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/HttpsTokenInterceptorProvider.java Mon Mar 11 17:52:36 2013
@@ -81,6 +81,9 @@ public class HttpsTokenInterceptorProvid
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.HTTPS_TOKEN);
                 if (ais == null) {
+                    ais = aim.get(SP11Constants.HTTPS_TOKEN);
+                }
+                if (ais == null) {
                     return;
                 }
                 if (isRequestor(message)) {
@@ -160,6 +163,9 @@ public class HttpsTokenInterceptorProvid
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.HTTPS_TOKEN);
                 if (ais == null) {
+                    ais = aim.get(SP11Constants.HTTPS_TOKEN);
+                }
+                if (ais == null) {
                     return;
                 }
                 if (!isRequestor(message)) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Mon Mar 11 17:52:36 2013
@@ -138,6 +138,9 @@ public class IssuedTokenInterceptorProvi
             // extract Assertion information
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
+                if (ais == null) {
+                    ais = aim.get(SP11Constants.ISSUED_TOKEN);
+                }
                 if (ais == null || ais.isEmpty()) {
                     return;
                 }
@@ -489,6 +492,9 @@ public class IssuedTokenInterceptorProvi
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
                 if (ais == null) {
+                    ais = aim.get(SP11Constants.ISSUED_TOKEN);
+                }
+                if (ais == null) {
                     return;
                 }
                 if (!isRequestor(message)) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java Mon Mar 11 17:52:36 2013
@@ -103,6 +103,9 @@ public class KerberosTokenInterceptorPro
             // extract Assertion information
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
+                if (ais == null) {
+                    ais = aim.get(SP11Constants.KERBEROS_TOKEN);
+                }
                 if (ais == null || ais.isEmpty()) {
                     return;
                 }
@@ -158,6 +161,9 @@ public class KerberosTokenInterceptorPro
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
                 if (ais == null) {
+                    ais = aim.get(SP11Constants.KERBEROS_TOKEN);
+                }
+                if (ais == null) {
                     return;
                 }
                 if (!isRequestor(message)) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java Mon Mar 11 17:52:36 2013
@@ -147,18 +147,27 @@ final class NegotiationUtils {
     static AlgorithmSuite getAlgorithmSuite(AssertionInfoMap aim) {
         AbstractBinding transport = null;
         Collection<AssertionInfo> ais = aim.get(SP12Constants.TRANSPORT_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.TRANSPORT_BINDING);
+        }
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 transport = (AbstractBinding)ai.getAssertion();
             }                    
         } else {
             ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+            if (ais == null) {
+                ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+            }
             if (ais != null) {
                 for (AssertionInfo ai : ais) {
                     transport = (AbstractBinding)ai.getAssertion();
                 }                    
             } else {
                 ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+                if (ais == null) {
+                    ais = aim.get(SP11Constants.SYMMETRIC_BINDING);
+                }
                 if (ais != null) {
                     for (AssertionInfo ai : ais) {
                         transport = (AbstractBinding)ai.getAssertion();

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java Mon Mar 11 17:52:36 2013
@@ -26,6 +26,7 @@ import javax.xml.namespace.QName;
 
 import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
 import org.apache.cxf.ws.security.wss4j.SamlTokenInterceptor;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 
 /**
@@ -38,6 +39,7 @@ public class SamlTokenInterceptorProvide
         ASSERTION_TYPES = new ArrayList<QName>();
         
         ASSERTION_TYPES.add(SP12Constants.SAML_TOKEN);
+        ASSERTION_TYPES.add(SP11Constants.SAML_TOKEN);
     }
 
     public SamlTokenInterceptorProvider() {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java Mon Mar 11 17:52:36 2013
@@ -54,6 +54,7 @@ import org.apache.neethi.Assertion;
 import org.apache.neethi.ExactlyOne;
 import org.apache.neethi.Policy;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.SPConstants.SPVersion;
@@ -75,14 +76,23 @@ class SecureConversationInInterceptor ex
     }
     private AbstractBinding getBinding(AssertionInfoMap aim) {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SYMMETRIC_BINDING);
+        }
         if (ais != null && !ais.isEmpty()) {
             return (AbstractBinding)ais.iterator().next().getAssertion();
         }
         ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+        }
         if (ais != null && !ais.isEmpty()) {
             return (AbstractBinding)ais.iterator().next().getAssertion();
         }
         ais = aim.get(SP12Constants.TRANSPORT_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.TRANSPORT_BINDING);
+        }
         if (ais != null && !ais.isEmpty()) {
             return (AbstractBinding)ais.iterator().next().getAssertion();
         }
@@ -94,6 +104,9 @@ class SecureConversationInInterceptor ex
         // extract Assertion information
         if (aim != null) {
             Collection<AssertionInfo> ais = aim.get(SP12Constants.SECURE_CONVERSATION_TOKEN);
+            if (ais == null) {
+                ais = aim.get(SP11Constants.SECURE_CONVERSATION_TOKEN);
+            }
             if (ais == null || ais.isEmpty()) {
                 return;
             }
@@ -328,6 +341,9 @@ class SecureConversationInInterceptor ex
             // extract Assertion information
             if (aim != null) {
                 Collection<AssertionInfo> ais = aim.get(SP12Constants.SECURE_CONVERSATION_TOKEN);
+                if (ais == null) {
+                    ais = aim.get(SP11Constants.SECURE_CONVERSATION_TOKEN);
+                }
                 if (ais == null || ais.isEmpty()) {
                     return;
                 }
@@ -358,6 +374,9 @@ class SecureConversationInInterceptor ex
                 return;
             }
             Collection<AssertionInfo> ais = aim.get(SP12Constants.SECURE_CONVERSATION_TOKEN);
+            if (ais == null) {
+                ais = aim.get(SP11Constants.SECURE_CONVERSATION_TOKEN);
+            }
             if (ais == null || ais.isEmpty()) {
                 return;
             }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java Mon Mar 11 17:52:36 2013
@@ -36,6 +36,7 @@ import org.apache.cxf.ws.security.tokens
 import org.apache.cxf.ws.security.trust.STSClient;
 import org.apache.cxf.ws.security.trust.STSUtils;
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.SecureConversationToken;
 import org.apache.wss4j.policy.model.Trust10;
@@ -50,6 +51,9 @@ class SecureConversationOutInterceptor e
         // extract Assertion information
         if (aim != null) {
             Collection<AssertionInfo> ais = aim.get(SP12Constants.SECURE_CONVERSATION_TOKEN);
+            if (ais == null) {
+                ais = aim.get(SP11Constants.SECURE_CONVERSATION_TOKEN);
+            }
             if (ais == null || ais.isEmpty()) {
                 return;
             }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecurityVerificationOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecurityVerificationOutInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecurityVerificationOutInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecurityVerificationOutInterceptor.java Mon Mar 11 17:52:36 2013
@@ -33,6 +33,7 @@ import org.apache.cxf.phase.Phase;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.policy.PolicyException;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 
 /**
@@ -60,25 +61,48 @@ public class SecurityVerificationOutInte
             AssertionInfoMap aim = message.get(AssertionInfoMap.class);
             if (aim != null) {
                 Collection<AssertionInfo> aisTransport = aim.get(SP12Constants.TRANSPORT_BINDING);
+                if (aisTransport == null) {
+                    aisTransport = aim.get(SP11Constants.TRANSPORT_BINDING);
+                }
                 Collection<AssertionInfo> aisAssymetric = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+                if (aisAssymetric == null) {
+                    aisAssymetric = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+                }
                 Collection<AssertionInfo> aisSymetric = aim.get(SP12Constants.SYMMETRIC_BINDING);
+                if (aisSymetric == null) {
+                    aisSymetric = aim.get(SP11Constants.SYMMETRIC_BINDING);
+                }
+                
                 if (((aisTransport == null) || aisTransport.isEmpty()) 
                     && ((aisAssymetric == null) || aisAssymetric.isEmpty()) 
                     && ((aisSymetric == null) || aisSymetric.isEmpty())) {
                     
                     Collection<AssertionInfo> aisSignedParts = aim.get(SP12Constants.SIGNED_PARTS);
                     checkAssertion(aisSignedParts, SP12Constants.SIGNED_PARTS);
+                    aisSignedParts = aim.get(SP11Constants.SIGNED_PARTS);
+                    checkAssertion(aisSignedParts, SP11Constants.SIGNED_PARTS);
+                    
                     Collection<AssertionInfo> aisSignedElements = aim.get(SP12Constants.SIGNED_ELEMENTS);
                     checkAssertion(aisSignedElements, SP12Constants.SIGNED_ELEMENTS);
+                    aisSignedElements = aim.get(SP11Constants.SIGNED_ELEMENTS);
+                    checkAssertion(aisSignedElements, SP11Constants.SIGNED_ELEMENTS);
                     
                     Collection<AssertionInfo> aisEncryptedParts = aim.get(SP12Constants.ENCRYPTED_PARTS);
                     checkAssertion(aisEncryptedParts, SP12Constants.ENCRYPTED_PARTS);
+                    aisEncryptedParts = aim.get(SP11Constants.ENCRYPTED_PARTS);
+                    checkAssertion(aisEncryptedParts, SP11Constants.ENCRYPTED_PARTS);
+                    
                     Collection<AssertionInfo> aisEncryptedElements = 
                         aim.get(SP12Constants.ENCRYPTED_ELEMENTS);
                     checkAssertion(aisEncryptedElements, SP12Constants.ENCRYPTED_ELEMENTS);
+                    aisEncryptedElements = aim.get(SP11Constants.ENCRYPTED_ELEMENTS);
+                    checkAssertion(aisEncryptedElements, SP11Constants.ENCRYPTED_ELEMENTS);
+                    
                     Collection<AssertionInfo> aisContentEncryptedElements = 
                         aim.get(SP12Constants.CONTENT_ENCRYPTED_ELEMENTS);
                     checkAssertion(aisContentEncryptedElements, SP12Constants.CONTENT_ENCRYPTED_ELEMENTS);
+                    aisContentEncryptedElements = aim.get(SP11Constants.CONTENT_ENCRYPTED_ELEMENTS);
+                    checkAssertion(aisContentEncryptedElements, SP11Constants.CONTENT_ENCRYPTED_ELEMENTS);
                 }
             }
         }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java Mon Mar 11 17:52:36 2013
@@ -56,6 +56,7 @@ import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.message.token.BinarySecurity;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.xml.security.utils.Base64;
 
@@ -71,6 +72,9 @@ class SpnegoContextTokenInInterceptor ex
         // extract Assertion information
         if (aim != null) {
             Collection<AssertionInfo> ais = aim.get(SP12Constants.SPNEGO_CONTEXT_TOKEN);
+            if (ais == null) {
+                ais = aim.get(SP11Constants.SPNEGO_CONTEXT_TOKEN);
+            }
             if (ais == null || ais.isEmpty()) {
                 return;
             }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java Mon Mar 11 17:52:36 2013
@@ -38,6 +38,7 @@ import org.apache.cxf.ws.security.trust.
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.spnego.SpnegoClientAction;
 import org.apache.wss4j.common.spnego.SpnegoTokenContext;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.Trust10;
 import org.apache.wss4j.policy.model.Trust13;
@@ -52,6 +53,9 @@ class SpnegoContextTokenOutInterceptor e
         // extract Assertion information
         if (aim != null) {
             Collection<AssertionInfo> ais = aim.get(SP12Constants.SPNEGO_CONTEXT_TOKEN);
+            if (ais == null) {
+                ais = aim.get(SP11Constants.SPNEGO_CONTEXT_TOKEN);
+            }
             if (ais == null || ais.isEmpty()) {
                 return;
             }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java Mon Mar 11 17:52:36 2013
@@ -27,6 +27,7 @@ import javax.xml.namespace.QName;
 import org.apache.cxf.Bus;
 import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
 import org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 
 /**
@@ -39,6 +40,7 @@ public class UsernameTokenInterceptorPro
         ASSERTION_TYPES = new ArrayList<QName>();
         
         ASSERTION_TYPES.add(SP12Constants.USERNAME_TOKEN);
+        ASSERTION_TYPES.add(SP11Constants.USERNAME_TOKEN);
     }
 
     public UsernameTokenInterceptorProvider() {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java Mon Mar 11 17:52:36 2013
@@ -51,6 +51,7 @@ import org.apache.cxf.ws.security.Securi
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractToken;
 
@@ -130,6 +131,28 @@ public abstract class AbstractTokenInter
         return tok;
     }
     
+    protected AbstractToken assertTokens11(SoapMessage message, QName assertion, boolean signed) {
+        AssertionInfoMap aim = message.get(AssertionInfoMap.class);
+        Collection<AssertionInfo> ais = aim.getAssertionInfo(assertion);
+        AbstractToken tok = null;
+        for (AssertionInfo ai : ais) {
+            tok = (AbstractToken)ai.getAssertion();
+            ai.setAsserted(true);                
+        }
+        ais = aim.getAssertionInfo(SP11Constants.SUPPORTING_TOKENS);
+        for (AssertionInfo ai : ais) {
+            ai.setAsserted(true);
+        }
+        
+        if (signed || isTLSInUse(message)) {
+            ais = aim.getAssertionInfo(SP11Constants.SIGNED_SUPPORTING_TOKENS);
+            for (AssertionInfo ai : ais) {
+                ai.setAsserted(true);
+            }
+        }
+        return tok;
+    }
+    
     protected boolean isTLSInUse(SoapMessage message) {
         // See whether TLS is in use or not
         TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java Mon Mar 11 17:52:36 2013
@@ -25,6 +25,7 @@ import java.util.List;
 
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
+import org.apache.cxf.ws.security.policy.SP11Constants;
 import org.apache.wss4j.common.crypto.AlgorithmSuite;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
@@ -58,6 +59,9 @@ public final class AlgorithmSuiteTransla
 
         // Now look for an AlgorithmSuite for a SAML Assertion
         Collection<AssertionInfo> ais = aim.get(SP12Constants.SAML_TOKEN);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SAML_TOKEN);
+        }
         if (ais != null && !ais.isEmpty()) {
             List<org.apache.wss4j.policy.model.AlgorithmSuite> samlAlgorithmSuites
                 = new ArrayList<org.apache.wss4j.policy.model.AlgorithmSuite>();
@@ -152,18 +156,36 @@ public final class AlgorithmSuiteTransla
                     bindings.add((AbstractBinding)ai.getAssertion());
                 }
             }
+            ais = aim.get(SP11Constants.TRANSPORT_BINDING);
+            if (ais != null && !ais.isEmpty()) {
+                for (AssertionInfo ai : ais) {
+                    bindings.add((AbstractBinding)ai.getAssertion());
+                }
+            }
             ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
             if (ais != null && !ais.isEmpty()) {     
                 for (AssertionInfo ai : ais) {
                     bindings.add((AbstractBinding)ai.getAssertion());
                 }
             }
+            ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+            if (ais != null && !ais.isEmpty()) {     
+                for (AssertionInfo ai : ais) {
+                    bindings.add((AbstractBinding)ai.getAssertion());
+                }
+            }
             ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
             if (ais != null && !ais.isEmpty()) {     
                 for (AssertionInfo ai : ais) {
                     bindings.add((AbstractBinding)ai.getAssertion());
                 }
             }
+            ais = aim.get(SP11Constants.SYMMETRIC_BINDING);
+            if (ais != null && !ais.isEmpty()) {     
+                for (AssertionInfo ai : ais) {
+                    bindings.add((AbstractBinding)ai.getAssertion());
+                }
+            }
         }
         return bindings;
     }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java Mon Mar 11 17:52:36 2013
@@ -125,9 +125,9 @@ public final class CryptoCoverageUtil {
         CoverageScope scope
     ) throws WSSecurityException {
         if (!CryptoCoverageUtil.matchElement(refs, type, scope, soapBody)) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, null,
-                    "The " + getCoverageTypeString(type)
+            Exception ex = new Exception("The " + getCoverageTypeString(type)
                     + " does not cover the required elements (soap:Body).");
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
         }
     }
 

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java Mon Mar 11 17:52:36 2013
@@ -49,6 +49,7 @@ import org.apache.wss4j.dom.handler.WSHa
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.processor.BinarySecurityTokenProcessor;
 import org.apache.wss4j.dom.validate.Validator;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractToken;
 
@@ -87,6 +88,7 @@ public class KerberosTokenInterceptor ex
                         results.add(0, rResult);
 
                         assertTokens(message, SP12Constants.KERBEROS_TOKEN, false);
+                        assertTokens(message, SP11Constants.KERBEROS_TOKEN, false);
                         
                         Principal principal = 
                             (Principal)bstResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
@@ -143,7 +145,11 @@ public class KerberosTokenInterceptor ex
     }
     
     protected AbstractToken assertTokens(SoapMessage message) {
-        return assertTokens(message, SP12Constants.KERBEROS_TOKEN, true);
+        AbstractToken token = assertTokens(message, SP12Constants.KERBEROS_TOKEN, true);
+        if (token == null) {
+            token = assertTokens11(message, SP11Constants.KERBEROS_TOKEN, true);
+        }
+        return token;
     }
 
     protected void addToken(SoapMessage message) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java Mon Mar 11 17:52:36 2013
@@ -165,6 +165,17 @@ public class PolicyBasedWSS4JInIntercept
                     }
                 }
             }
+            
+            ais = aim.get(SP11Constants.WSS11);
+            if (ais != null) {
+                for (AssertionInfo ai : ais) {
+                    Wss11 wss11 = (Wss11)ai.getAssertion();
+                    if (wss11.isRequireSignatureConfirmation()) {
+                        message.put(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION, "true");
+                        break;
+                    }
+                }
+            }
         }
     }
 
@@ -193,6 +204,9 @@ public class PolicyBasedWSS4JInIntercept
         AssertionInfoMap aim, String action, SoapMessage message
     ) throws WSSecurityException {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+        }
         if (ais == null || ais.isEmpty()) {
             return action;
         }
@@ -236,6 +250,9 @@ public class PolicyBasedWSS4JInIntercept
         AssertionInfoMap aim, String action, SoapMessage message
     ) throws WSSecurityException {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.TRANSPORT_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.TRANSPORT_BINDING);
+        }
         if (ais == null || ais.isEmpty()) {
             return action;
         }
@@ -288,12 +305,26 @@ public class PolicyBasedWSS4JInIntercept
                 }
             }
         }
+        
+        ais = aim.get(SP11Constants.USERNAME_TOKEN);
+        
+        if (ais != null && !ais.isEmpty()) {
+            for (AssertionInfo ai : ais) {
+                UsernameToken policy = (UsernameToken)ai.getAssertion();
+                if (policy.getPasswordType() == PasswordType.NoPassword) {
+                    message.put(WSHandlerConstants.ALLOW_USERNAMETOKEN_NOPASSWORD, "true");
+                }
+            }
+        }
     }
     
     private String checkSymmetricBinding(
         AssertionInfoMap aim, String action, SoapMessage message
     ) throws WSSecurityException {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+        }
         if (ais == null || ais.isEmpty()) {
             return action;
         }
@@ -515,11 +546,16 @@ public class PolicyBasedWSS4JInIntercept
             
             // stuff we can default to asserted and un-assert if a condition isn't met
             assertPolicy(aim, SP12Constants.KEY_VALUE_TOKEN);
+            assertPolicy(aim, SP11Constants.KEY_VALUE_TOKEN);
             assertPolicy(aim, SP12Constants.RSA_KEY_VALUE);
             assertPolicy(aim, SP12Constants.REQUIRE_ISSUER_SERIAL_REFERENCE);
+            assertPolicy(aim, SP11Constants.REQUIRE_ISSUER_SERIAL_REFERENCE);
             assertPolicy(aim, SP12Constants.REQUIRE_THUMBPRINT_REFERENCE);
+            assertPolicy(aim, SP11Constants.REQUIRE_THUMBPRINT_REFERENCE);
             assertPolicy(aim, SP12Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE);
-            
+            assertPolicy(aim, SP11Constants.REQUIRE_KEY_IDENTIFIER_REFERENCE);
+            assertPolicy(aim, SP12Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE);
+            assertPolicy(aim, SP11Constants.REQUIRE_EMBEDDED_TOKEN_REFERENCE);
 
             message.put(WSHandlerConstants.ACTION, action.trim());
         }
@@ -587,7 +623,6 @@ public class PolicyBasedWSS4JInIntercept
         }
         
         // relatively irrelevant stuff from a verification standpoint
-        assertPolicy(aim, SP12Constants.LAYOUT);
         assertPolicy(aim, SP12Constants.WSS10);
         assertPolicy(aim, SP12Constants.TRUST_13);
         assertPolicy(aim, SP11Constants.TRUST_10);
@@ -616,9 +651,16 @@ public class PolicyBasedWSS4JInIntercept
                 aim, SP12Constants.SIGNED_PARTS, signed, msg, soapHeader, soapBody, CoverageType.SIGNED
             );
             check &= assertTokens(
+                aim, SP11Constants.SIGNED_PARTS, signed, msg, soapHeader, soapBody, CoverageType.SIGNED
+            );
+            check &= assertTokens(
                 aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, soapHeader, soapBody, 
                 CoverageType.ENCRYPTED
             );
+            check &= assertTokens(
+                aim, SP11Constants.ENCRYPTED_PARTS, encrypted, msg, soapHeader, soapBody, 
+                CoverageType.ENCRYPTED
+            );
         }
         Element soapEnvelope = soapHeader.getOwnerDocument().getDocumentElement();
         if (containsXPathPolicy(aim)) {
@@ -629,10 +671,16 @@ public class PolicyBasedWSS4JInIntercept
             
             check &= assertXPathTokens(aim, SP12Constants.SIGNED_ELEMENTS, signed, soapEnvelope,
                     CoverageType.SIGNED, CoverageScope.ELEMENT, xpath);
+            check &= assertXPathTokens(aim, SP11Constants.SIGNED_ELEMENTS, signed, soapEnvelope,
+                    CoverageType.SIGNED, CoverageScope.ELEMENT, xpath);
             check &= assertXPathTokens(aim, SP12Constants.ENCRYPTED_ELEMENTS, encrypted, soapEnvelope,
                     CoverageType.ENCRYPTED, CoverageScope.ELEMENT, xpath);
+            check &= assertXPathTokens(aim, SP11Constants.ENCRYPTED_ELEMENTS, encrypted, soapEnvelope,
+                    CoverageType.ENCRYPTED, CoverageScope.ELEMENT, xpath);
             check &= assertXPathTokens(aim, SP12Constants.CONTENT_ENCRYPTED_ELEMENTS, encrypted, 
                     soapEnvelope, CoverageType.ENCRYPTED, CoverageScope.CONTENT, xpath);
+            check &= assertXPathTokens(aim, SP11Constants.CONTENT_ENCRYPTED_ELEMENTS, encrypted, 
+                    soapEnvelope, CoverageType.ENCRYPTED, CoverageScope.CONTENT, xpath);
         }
         
         check &= assertHeadersExists(aim, msg, soapHeader);
@@ -799,6 +847,21 @@ public class PolicyBasedWSS4JInIntercept
                 }
             }
         }
+        ais = aim.get(SP11Constants.REQUIRED_PARTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                RequiredParts rp = (RequiredParts)ai.getAssertion();
+                ai.setAsserted(true);
+                for (Header h : rp.getHeaders()) {
+                    QName qName = new QName(h.getNamespace(), h.getName());
+                    if (header == null 
+                        || DOMUtils.getFirstChildWithName((Element)header, qName) == null) {
+                        ai.setNotAsserted("No header element of name " + qName + " found.");
+                    }
+                }
+            }
+        }
+        
         ais = aim.get(SP12Constants.REQUIRED_ELEMENTS);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
@@ -830,21 +893,63 @@ public class PolicyBasedWSS4JInIntercept
                 }
             }
         }
+        ais = aim.get(SP11Constants.REQUIRED_ELEMENTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                RequiredElements rp = (RequiredElements)ai.getAssertion();
+                ai.setAsserted(true);
+                
+                if (rp != null && rp.getXPaths() != null && !rp.getXPaths().isEmpty()) {
+                    XPathFactory factory = XPathFactory.newInstance();
+                    for (org.apache.wss4j.policy.model.XPath xPath : rp.getXPaths()) {
+                        Map<String, String> namespaces = xPath.getPrefixNamespaceMap();
+                        String expression = xPath.getXPath();
+    
+                        XPath xpath = factory.newXPath();
+                        if (namespaces != null) {
+                            xpath.setNamespaceContext(new MapNamespaceContext(namespaces));
+                        }
+                        NodeList list;
+                        try {
+                            list = (NodeList)xpath.evaluate(expression, 
+                                                                     header,
+                                                                     XPathConstants.NODESET);
+                            if (list.getLength() == 0) {
+                                ai.setNotAsserted("No header element matching XPath " + expression + " found.");
+                            }
+                        } catch (XPathExpressionException e) {
+                            ai.setNotAsserted("Invalid XPath expression " + expression + " " + e.getMessage());
+                        }
+                    }
+                }
+            }
+        }
         
         return true;
     }
 
     private boolean isTransportBinding(AssertionInfoMap aim) {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.TRANSPORT_BINDING);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.TRANSPORT_BINDING);
+        }
         if (ais != null && ais.size() > 0) {
             ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
             if (ais != null && ais.size() > 0) {
                 return false;
             }
+            ais = aim.get(SP11Constants.SYMMETRIC_BINDING);
+            if (ais != null && ais.size() > 0) {
+                return false;
+            }
             ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
             if (ais != null && ais.size() > 0) {
                 return false;
             }
+            ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+            if (ais != null && ais.size() > 0) {
+                return false;
+            }
             return true;
         }
         return false;
@@ -852,14 +957,23 @@ public class PolicyBasedWSS4JInIntercept
     
     private boolean containsXPathPolicy(AssertionInfoMap aim) {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.SIGNED_ELEMENTS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SIGNED_ELEMENTS);
+        }
         if (ais != null && ais.size() > 0) {
             return true;
         }
         ais = aim.get(SP12Constants.ENCRYPTED_ELEMENTS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.ENCRYPTED_ELEMENTS);
+        }
         if (ais != null && ais.size() > 0) {
             return true;
         }
         ais = aim.get(SP12Constants.CONTENT_ENCRYPTED_ELEMENTS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.CONTENT_ENCRYPTED_ELEMENTS);
+        }
         if (ais != null && ais.size() > 0) {
             return true;
         }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JOutInterceptor.java Mon Mar 11 17:52:36 2013
@@ -49,6 +49,7 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.message.WSSecHeader;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractBinding;
 import org.apache.wss4j.policy.model.AsymmetricBinding;
@@ -112,6 +113,13 @@ public class PolicyBasedWSS4JOutIntercep
                         ai.setAsserted(true);
                     }                    
                 }
+                ais = aim.get(SP11Constants.TRANSPORT_BINDING);
+                if (ais != null) {
+                    for (AssertionInfo ai : ais) {
+                        transport = (AbstractBinding)ai.getAssertion();
+                        ai.setAsserted(true);
+                    }                    
+                }
                 ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
                 if (ais != null) {
                     for (AssertionInfo ai : ais) {
@@ -119,6 +127,13 @@ public class PolicyBasedWSS4JOutIntercep
                         ai.setAsserted(true);
                     }                    
                 }
+                ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+                if (ais != null) {
+                    for (AssertionInfo ai : ais) {
+                        transport = (AbstractBinding)ai.getAssertion();
+                        ai.setAsserted(true);
+                    }                    
+                }
                 ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
                 if (ais != null) {
                     for (AssertionInfo ai : ais) {
@@ -126,6 +141,13 @@ public class PolicyBasedWSS4JOutIntercep
                         ai.setAsserted(true);
                     }                    
                 }
+                ais = aim.get(SP11Constants.SYMMETRIC_BINDING);
+                if (ais != null) {
+                    for (AssertionInfo ai : ais) {
+                        transport = (AbstractBinding)ai.getAssertion();
+                        ai.setAsserted(true);
+                    }                    
+                }
                 if (transport == null && isRequestor(message)) {
                     Policy policy = new Policy();
                     transport = new TransportBinding(org.apache.wss4j.policy.SPConstants.SPVersion.SP11,
@@ -178,6 +200,12 @@ public class PolicyBasedWSS4JOutIntercep
                         ai.setAsserted(true);
                     }                    
                 }
+                ais = aim.get(SP11Constants.WSS10);
+                if (ais != null) {
+                    for (AssertionInfo ai : ais) {
+                        ai.setAsserted(true);
+                    }                    
+                }
                 ais = aim.get(SP12Constants.WSS11);
                 if (ais != null) {
                     for (AssertionInfo ai : ais) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java Mon Mar 11 17:52:36 2013
@@ -65,6 +65,7 @@ import org.apache.wss4j.dom.handler.WSHa
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.processor.SAMLTokenProcessor;
 import org.apache.wss4j.dom.validate.Validator;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractToken;
 import org.apache.wss4j.policy.model.SamlToken;
@@ -114,6 +115,7 @@ public class SamlTokenInterceptor extend
                             }
                         }
                         assertTokens(message, SP12Constants.SAML_TOKEN, signed);
+                        assertTokens(message, SP11Constants.SAML_TOKEN, signed);
                         
                         Principal principal = 
                             (Principal)samlResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
@@ -177,7 +179,11 @@ public class SamlTokenInterceptor extend
     }
 
     protected AbstractToken assertTokens(SoapMessage message) {
-        return assertTokens(message, SP12Constants.SAML_TOKEN, true);
+        AbstractToken token = assertTokens(message, SP12Constants.SAML_TOKEN, true);
+        if (token == null) {
+            token = assertTokens11(message, SP11Constants.SAML_TOKEN, true);
+        }
+        return token;
     }
 
     protected void addToken(SoapMessage message) {
@@ -195,6 +201,12 @@ public class SamlTokenInterceptor extend
                         ai.setAsserted(false);
                     }
                 }
+                ais = aim.getAssertionInfo(SP11Constants.SAML_TOKEN);
+                for (AssertionInfo ai : ais) {
+                    if (ai.isAsserted()) {
+                        ai.setAsserted(false);
+                    }
+                }
                 return;
             }
             Element el = (Element)h.getObject();

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java Mon Mar 11 17:52:36 2013
@@ -57,6 +57,7 @@ import org.apache.wss4j.dom.handler.WSHa
 import org.apache.wss4j.dom.message.WSSecUsernameToken;
 import org.apache.wss4j.dom.processor.UsernameTokenProcessor;
 import org.apache.wss4j.dom.validate.Validator;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractSecurityAssertion;
@@ -200,6 +201,17 @@ public class UsernameTokenInterceptor ex
             }
         }
         
+        ais = aim.get(SP11Constants.USERNAME_TOKEN);
+
+        if (ais != null && !ais.isEmpty()) {
+            for (AssertionInfo ai : ais) {
+                UsernameToken policy = (UsernameToken)ai.getAssertion();
+                if (policy.getPasswordType() == UsernameToken.PasswordType.NoPassword) {
+                    return true;
+                }
+            }
+        }
+        
         return false;
     }
     
@@ -228,7 +240,12 @@ public class UsernameTokenInterceptor ex
     }
     
     protected UsernameToken assertTokens(SoapMessage message) {
-        return (UsernameToken)assertTokens(message, SP12Constants.USERNAME_TOKEN, true);
+        UsernameToken usernameToken = 
+            (UsernameToken)assertTokens(message, SP12Constants.USERNAME_TOKEN, true);
+        if (usernameToken == null) {
+            usernameToken = (UsernameToken)assertTokens11(message, SP11Constants.USERNAME_TOKEN, true);
+        }
+        return usernameToken;
     }
     
     private UsernameToken assertTokens(
@@ -238,6 +255,9 @@ public class UsernameTokenInterceptor ex
     ) {
         AssertionInfoMap aim = message.get(AssertionInfoMap.class);
         Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.USERNAME_TOKEN);
+        if (ais == null) {
+            ais = aim.getAssertionInfo(SP11Constants.USERNAME_TOKEN);
+        }
         UsernameToken tok = null;
         for (AssertionInfo ai : ais) {
             tok = (UsernameToken)ai.getAssertion();
@@ -257,11 +277,19 @@ public class UsernameTokenInterceptor ex
         for (AssertionInfo ai : ais) {
             ai.setAsserted(true);
         }
+        ais = aim.getAssertionInfo(SP11Constants.SUPPORTING_TOKENS);
+        for (AssertionInfo ai : ais) {
+            ai.setAsserted(true);
+        }
         if (signed || isTLSInUse(message)) {
             ais = aim.getAssertionInfo(SP12Constants.SIGNED_SUPPORTING_TOKENS);
             for (AssertionInfo ai : ais) {
                 ai.setAsserted(true);
             }
+            ais = aim.getAssertionInfo(SP11Constants.SIGNED_SUPPORTING_TOKENS);
+            for (AssertionInfo ai : ais) {
+                ai.setAsserted(true);
+            }
         }
         return tok;
     }
@@ -295,6 +323,12 @@ public class UsernameTokenInterceptor ex
                     ai.setAsserted(false);
                 }
             }
+            ais = aim.getAssertionInfo(SP11Constants.USERNAME_TOKEN);
+            for (AssertionInfo ai : ais) {
+                if (ai.isAsserted()) {
+                    ai.setAsserted(false);
+                }
+            }
             return;
         }
         Element el = (Element)h.getObject();

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Mon Mar 11 17:52:36 2013
@@ -109,6 +109,7 @@ import org.apache.wss4j.dom.message.toke
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
 import org.apache.wss4j.dom.message.token.X509Security;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.SPConstants.IncludeTokenType;
@@ -395,8 +396,10 @@ public abstract class AbstractBindingBui
     }
     
     protected WSSecTimestamp createTimestamp() {
-        Collection<AssertionInfo> ais;
-        ais = aim.get(SP12Constants.INCLUDE_TIMESTAMP);
+        Collection<AssertionInfo> ais = aim.get(SP12Constants.INCLUDE_TIMESTAMP);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.INCLUDE_TIMESTAMP);
+        }
         if (ais != null) {
             Object o = message.getContextualProperty(SecurityConstants.TIMESTAMP_TTL);
             int ttl = 300;  //default is 300 seconds
@@ -419,8 +422,10 @@ public abstract class AbstractBindingBui
     }
     
     protected WSSecTimestamp handleLayout(WSSecTimestamp timestamp) {
-        Collection<AssertionInfo> ais;
-        ais = aim.get(SP12Constants.LAYOUT);
+        Collection<AssertionInfo> ais = aim.get(SP12Constants.LAYOUT);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.LAYOUT);
+        }
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 Layout layout = (Layout)ai.getAssertion();
@@ -1122,6 +1127,14 @@ public abstract class AbstractBindingBui
                 ai.setAsserted(true);
             }            
         }
+        ais = aim.getAssertionInfo(SP11Constants.ENCRYPTED_PARTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                parts = (EncryptedParts)ai.getAssertion();
+                ai.setAsserted(true);
+            }            
+        }
+        
         ais = aim.getAssertionInfo(SP12Constants.ENCRYPTED_ELEMENTS);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
@@ -1129,6 +1142,14 @@ public abstract class AbstractBindingBui
                 ai.setAsserted(true);
             }            
         }
+        ais = aim.getAssertionInfo(SP11Constants.ENCRYPTED_ELEMENTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                elements = (EncryptedElements)ai.getAssertion();
+                ai.setAsserted(true);
+            }            
+        }
+        
         ais = aim.getAssertionInfo(SP12Constants.CONTENT_ENCRYPTED_ELEMENTS);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
@@ -1136,6 +1157,13 @@ public abstract class AbstractBindingBui
                 ai.setAsserted(true);
             }            
         }
+        ais = aim.getAssertionInfo(SP11Constants.CONTENT_ENCRYPTED_ELEMENTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                celements = (ContentEncryptedElements)ai.getAssertion();
+                ai.setAsserted(true);
+            }            
+        }
         
         List<WSEncryptionPart> signedParts = new ArrayList<WSEncryptionPart>();
         if (parts != null) {
@@ -1174,6 +1202,14 @@ public abstract class AbstractBindingBui
                 ai.setAsserted(true);
             }            
         }
+        ais = aim.getAssertionInfo(SP11Constants.SIGNED_PARTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                parts = (SignedParts)ai.getAssertion();
+                ai.setAsserted(true);
+            }            
+        }
+        
         ais = aim.getAssertionInfo(SP12Constants.SIGNED_ELEMENTS);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
@@ -1181,6 +1217,13 @@ public abstract class AbstractBindingBui
                 ai.setAsserted(true);
             }            
         }
+        ais = aim.getAssertionInfo(SP11Constants.SIGNED_ELEMENTS);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                elements = (SignedElements)ai.getAssertion();
+                ai.setAsserted(true);
+            }            
+        }
         
         List<WSEncryptionPart> signedParts = new ArrayList<WSEncryptionPart>();
         if (parts != null) {
@@ -1691,13 +1734,27 @@ public abstract class AbstractBindingBui
             for (AssertionInfo ai : ais) {
                 return (Wss10)ai.getAssertion();
             }            
-        }        
+        }
         ais = aim.getAssertionInfo(SP12Constants.WSS11);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 return (Wss10)ai.getAssertion();
             }            
-        }   
+        }
+        
+        ais = aim.getAssertionInfo(SP11Constants.WSS10);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                return (Wss10)ai.getAssertion();
+            }            
+        }  
+        ais = aim.getAssertionInfo(SP11Constants.WSS11);
+        if (ais != null) {
+            for (AssertionInfo ai : ais) {
+                return (Wss10)ai.getAssertion();
+            }            
+        }
+        
         return null;
     }
 
@@ -2093,13 +2150,17 @@ public abstract class AbstractBindingBui
     
     protected void assertSupportingTokens(List<WSEncryptionPart> sigs) {
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SIGNED_SUPPORTING_TOKENS));
+        assertSupportingTokens(findAndAssertPolicy(SP11Constants.SIGNED_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.ENDORSING_SUPPORTING_TOKENS));
+        assertSupportingTokens(findAndAssertPolicy(SP11Constants.ENDORSING_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS));
+        assertSupportingTokens(findAndAssertPolicy(SP11Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.ENDORSING_ENCRYPTED_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants
                                                        .SIGNED_ENDORSING_ENCRYPTED_SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.SUPPORTING_TOKENS));
+        assertSupportingTokens(findAndAssertPolicy(SP11Constants.SUPPORTING_TOKENS));
         assertSupportingTokens(findAndAssertPolicy(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS));
     }
     
@@ -2107,17 +2168,21 @@ public abstract class AbstractBindingBui
         
         Collection<Assertion> sgndSuppTokens = 
             findAndAssertPolicy(SP12Constants.SIGNED_SUPPORTING_TOKENS);
-        
-        Map<AbstractToken, Object> sigSuppTokMap = this.handleSupportingTokens(sgndSuppTokens, false);           
+        Map<AbstractToken, Object> sigSuppTokMap = this.handleSupportingTokens(sgndSuppTokens, false);
+        sgndSuppTokens = findAndAssertPolicy(SP11Constants.SIGNED_SUPPORTING_TOKENS);
+        sigSuppTokMap.putAll(this.handleSupportingTokens(sgndSuppTokens, false));
         
         Collection<Assertion> endSuppTokens = 
             findAndAssertPolicy(SP12Constants.ENDORSING_SUPPORTING_TOKENS);
-
         endSuppTokMap = this.handleSupportingTokens(endSuppTokens, true);
+        endSuppTokens = findAndAssertPolicy(SP11Constants.ENDORSING_SUPPORTING_TOKENS);
+        endSuppTokMap.putAll(this.handleSupportingTokens(endSuppTokens, true));
 
         Collection<Assertion> sgndEndSuppTokens 
             = findAndAssertPolicy(SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
         sgndEndSuppTokMap = this.handleSupportingTokens(sgndEndSuppTokens, true);
+        sgndEndSuppTokens = findAndAssertPolicy(SP11Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
+        sgndEndSuppTokMap.putAll(this.handleSupportingTokens(sgndEndSuppTokens, true));
         
         Collection<Assertion> sgndEncryptedSuppTokens 
             = findAndAssertPolicy(SP12Constants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS);
@@ -2137,6 +2202,8 @@ public abstract class AbstractBindingBui
         Collection<Assertion> supportingToks 
             = findAndAssertPolicy(SP12Constants.SUPPORTING_TOKENS);
         this.handleSupportingTokens(supportingToks, false);
+        supportingToks = findAndAssertPolicy(SP11Constants.SUPPORTING_TOKENS);
+        this.handleSupportingTokens(supportingToks, false);
 
         Collection<Assertion> encryptedSupportingToks 
             = findAndAssertPolicy(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS);

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Mon Mar 11 17:52:36 2013
@@ -954,10 +954,20 @@ public class SymmetricBindingHandler ext
         if (ais != null && ais.size() > 0) {
             return true;
         }
+        ais = aim.getAssertionInfo(SP11Constants.SIGNED_PARTS);
+        if (ais != null && ais.size() > 0) {
+            return true;
+        }
+        
         ais = aim.getAssertionInfo(SP12Constants.SIGNED_ELEMENTS);
         if (ais != null && ais.size() > 0) {
             return true;
         }
+        ais = aim.getAssertionInfo(SP11Constants.SIGNED_ELEMENTS);
+        if (ais != null && ais.size() > 0) {
+            return true;
+        }
+        
         return false;
     }
 

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java Mon Mar 11 17:52:36 2013
@@ -55,6 +55,7 @@ import org.apache.wss4j.dom.message.WSSe
 import org.apache.wss4j.dom.message.WSSecTimestamp;
 import org.apache.wss4j.dom.message.WSSecUsernameToken;
 import org.apache.wss4j.dom.message.token.SecurityTokenReference;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractToken;
@@ -169,6 +170,9 @@ public class TransportBindingHandler ext
         Collection<AssertionInfo> ais;
         
         ais = aim.get(SP12Constants.SIGNED_SUPPORTING_TOKENS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SIGNED_SUPPORTING_TOKENS);
+        }
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 SupportingTokens sgndSuppTokens = (SupportingTokens)ai.getAssertion();
@@ -180,6 +184,9 @@ public class TransportBindingHandler ext
         }
         
         ais = aim.get(SP12Constants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SIGNED_ENCRYPTED_SUPPORTING_TOKENS);
+        }
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 SupportingTokens sgndSuppTokens = (SupportingTokens)ai.getAssertion();
@@ -191,6 +198,9 @@ public class TransportBindingHandler ext
         }
         
         ais = aim.get(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.ENCRYPTED_SUPPORTING_TOKENS);
+        }
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 SupportingTokens encrSuppTokens = (SupportingTokens)ai.getAssertion();
@@ -202,6 +212,9 @@ public class TransportBindingHandler ext
         }
         
         ais = aim.get(SP12Constants.SUPPORTING_TOKENS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SUPPORTING_TOKENS);
+        }
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 SupportingTokens suppTokens = (SupportingTokens)ai.getAssertion();
@@ -221,6 +234,9 @@ public class TransportBindingHandler ext
         Collection<AssertionInfo> ais;
         
         ais = aim.get(SP12Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.SIGNED_ENDORSING_SUPPORTING_TOKENS);
+        }
         if (ais != null) {
             SupportingTokens sgndSuppTokens = null;
             for (AssertionInfo ai : ais) {
@@ -235,6 +251,9 @@ public class TransportBindingHandler ext
         }
         
         ais = aim.get(SP12Constants.ENDORSING_SUPPORTING_TOKENS);
+        if (ais == null) {
+            ais = aim.get(SP11Constants.ENDORSING_SUPPORTING_TOKENS);
+        }
         if (ais != null) {
             SupportingTokens endSuppTokens = null;
             for (AssertionInfo ai : ais) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java Mon Mar 11 17:52:36 2013
@@ -38,6 +38,7 @@ import org.apache.wss4j.dom.WSDataRef;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.dom.message.token.Timestamp;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding;
 import org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding.ProtectionOrder;
@@ -135,37 +136,27 @@ public abstract class AbstractBindingPol
      * Validate the layout assertion. It just checks the LaxTsFirst and LaxTsLast properties
      */
     protected boolean validateLayout(
-        AssertionInfoMap aim,
         boolean laxTimestampFirst,
         boolean laxTimestampLast,
         List<WSSecurityEngineResult> results
     ) {
         if (laxTimestampFirst) {
             if (results.isEmpty()) {
-                notAssertPolicy(aim, SP12Constants.LAXTSFIRST, "Layout does not match the requirements");
                 return false;
             }
             Integer firstAction = (Integer)results.get(0).get(WSSecurityEngineResult.TAG_ACTION);
             if (firstAction.intValue() != WSConstants.TS) {
-                notAssertPolicy(aim, SP12Constants.LAXTSFIRST, "Layout does not match the requirements");
                 return false;
             }
-            assertPolicy(aim, SP12Constants.LAXTSFIRST);
         } else if (laxTimestampLast) {
             if (results.isEmpty()) {
-                notAssertPolicy(aim, SP12Constants.LAXTSLAST, "Layout does not match the requirements");
                 return false;
             }
             Integer lastAction = 
                 (Integer)results.get(results.size() - 1).get(WSSecurityEngineResult.TAG_ACTION);
             if (lastAction.intValue() != WSConstants.TS) {
-                notAssertPolicy(aim, SP12Constants.LAXTSLAST, "Layout does not match the requirements");
                 return false;
             }
-            assertPolicy(aim, SP12Constants.LAXTSLAST);
-        } else {
-            assertPolicy(aim, SP12Constants.LAX);
-            assertPolicy(aim, SP12Constants.STRICT);
         }
         return true;
         
@@ -187,7 +178,7 @@ public abstract class AbstractBindingPol
         if (!algorithmValidator.validatePolicy(ai, binding.getAlgorithmSuite())) {
             return false;
         }
-        assertPolicy(aim, SP12Constants.ALGORITHM_SUITE);
+        assertPolicy(aim, binding.getAlgorithmSuite());
         String namespace = binding.getAlgorithmSuite().getVersion().getNamespace();
         String name = binding.getAlgorithmSuite().getAlgorithmSuiteType().getName();
         Collection<AssertionInfo> algSuiteAis = aim.get(new QName(namespace, name));
@@ -198,24 +189,28 @@ public abstract class AbstractBindingPol
         // Check the IncludeTimestamp
         if (!validateTimestamp(binding.isIncludeTimestamp(), false, results, signedResults, message)) {
             String error = "Received Timestamp does not match the requirements";
-            notAssertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP, error);
             ai.setNotAsserted(error);
             return false;
         }
         assertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP);
+        assertPolicy(aim, SP11Constants.INCLUDE_TIMESTAMP);
         
         // Check the Layout
         Layout layout = binding.getLayout();
         LayoutType layoutType = layout.getLayoutType();
         boolean timestampFirst = layoutType == LayoutType.LaxTsFirst;
         boolean timestampLast = layoutType == LayoutType.LaxTsLast;
-        if (!validateLayout(aim, timestampFirst, timestampLast, results)) {
+        if (!validateLayout(timestampFirst, timestampLast, results)) {
             String error = "Layout does not match the requirements";
-            notAssertPolicy(aim, SP12Constants.LAYOUT, error);
+            notAssertPolicy(aim, layout, error);
             ai.setNotAsserted(error);
             return false;
         }
-        assertPolicy(aim, SP12Constants.LAYOUT);
+        assertPolicy(aim, layout);
+        assertPolicy(aim, SP12Constants.LAX);
+        assertPolicy(aim, SP12Constants.STRICT);
+        assertPolicy(aim, SP11Constants.LAX);
+        assertPolicy(aim, SP11Constants.STRICT);
         
         // Check the EntireHeaderAndBodySignatures property
         if (binding.isOnlySignEntireHeadersAndBody()
@@ -225,6 +220,7 @@ public abstract class AbstractBindingPol
             return false;
         }
         assertPolicy(aim, SP12Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY);
+        assertPolicy(aim, SP11Constants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY);
         
         // Check whether the signatures were encrypted or not
         if (binding.isProtectTokens() && !isSignatureEncrypted(results)) {
@@ -232,6 +228,7 @@ public abstract class AbstractBindingPol
             return false;
         }
         assertPolicy(aim, SP12Constants.PROTECT_TOKENS);
+        assertPolicy(aim, SP11Constants.PROTECT_TOKENS);
         
         return true;
     }
@@ -403,6 +400,17 @@ public abstract class AbstractBindingPol
         }
     }
     
+    protected void notAssertPolicy(AssertionInfoMap aim, Assertion token, String msg) {
+        Collection<AssertionInfo> ais = aim.get(token.getName());
+        if (ais != null && !ais.isEmpty()) {
+            for (AssertionInfo ai : ais) {
+                if (ai.getAssertion() == token) {
+                    ai.setNotAsserted(msg);
+                }
+            }    
+        }
+    }
+    
     protected boolean assertPolicy(AssertionInfoMap aim, QName q) {
         Collection<AssertionInfo> ais = aim.get(q);
         if (ais != null && !ais.isEmpty()) {

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java Mon Mar 11 17:52:36 2013
@@ -30,6 +30,7 @@ import org.apache.cxf.ws.policy.Assertio
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractToken;
 import org.apache.wss4j.policy.model.AbstractTokenWrapper;
@@ -50,10 +51,27 @@ public class AsymmetricBindingPolicyVali
         List<WSSecurityEngineResult> encryptedResults
     ) {
         Collection<AssertionInfo> ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
-        if (ais == null || ais.isEmpty()) {                       
-            return true;
+        if (ais != null && !ais.isEmpty()) {
+            parsePolicies(aim, ais, message, soapBody, results, signedResults, encryptedResults);
         }
         
+        ais = aim.get(SP11Constants.ASYMMETRIC_BINDING);
+        if (ais != null && !ais.isEmpty()) {
+            parsePolicies(aim, ais, message, soapBody, results, signedResults, encryptedResults);
+        }
+        
+        return true;
+    }
+    
+    private void parsePolicies(
+        AssertionInfoMap aim,
+        Collection<AssertionInfo> ais,
+        Message message,
+        Element soapBody,
+        List<WSSecurityEngineResult> results,
+        List<WSSecurityEngineResult> signedResults,
+        List<WSSecurityEngineResult> encryptedResults
+    ) {
         boolean hasDerivedKeys = false;
         for (WSSecurityEngineResult result : results) {
             Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
@@ -82,11 +100,8 @@ public class AsymmetricBindingPolicyVali
                 continue;
             }
         }
-        
-        return true;
     }
     
-    
     /**
      * Check various tokens of the binding
      */

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java Mon Mar 11 17:52:36 2013
@@ -26,6 +26,7 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractToken;
 import org.apache.wss4j.policy.model.IssuedToken;
@@ -53,16 +54,25 @@ public class ConcreteSupportingTokenPoli
         List<WSSecurityEngineResult> signedResults,
         List<WSSecurityEngineResult> encryptedResults
     ) {
-        Collection<AssertionInfo> ais = aim.get(SP12Constants.SUPPORTING_TOKENS);
-        if (ais == null || ais.isEmpty()) {                       
-            return true;
-        }
-        
         setMessage(message);
         setResults(results);
         setSignedResults(signedResults);
         setEncryptedResults(encryptedResults);
         
+        Collection<AssertionInfo> ais = aim.get(SP12Constants.SUPPORTING_TOKENS);
+        if (ais != null && !ais.isEmpty()) {
+            parsePolicies(ais, message);
+        }
+        
+        ais = aim.get(SP11Constants.SUPPORTING_TOKENS);
+        if (ais != null && !ais.isEmpty()) {
+            parsePolicies(ais, message);
+        }
+        
+        return true;
+    }
+    
+    private void parsePolicies(Collection<AssertionInfo> ais, Message message) {
         for (AssertionInfo ai : ais) {
             SupportingTokens binding = (SupportingTokens)ai.getAssertion();
             ai.setAsserted(true);
@@ -114,10 +124,7 @@ public class ConcreteSupportingTokenPoli
                     continue;
                 }
             }
-
         }
-        
-        return true;
     }
     
 }

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java?rev=1455259&r1=1455258&r2=1455259&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java Mon Mar 11 17:52:36 2013
@@ -26,6 +26,7 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.model.AbstractToken;
 import org.apache.wss4j.policy.model.IssuedToken;
@@ -53,16 +54,25 @@ public class EncryptedTokenPolicyValidat
         List<WSSecurityEngineResult> signedResults,
         List<WSSecurityEngineResult> encryptedResults
     ) {
-        Collection<AssertionInfo> ais = aim.get(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS);
-        if (ais == null || ais.isEmpty()) {                       
-            return true;
-        }
-        
         setMessage(message);
         setResults(results);
         setSignedResults(signedResults);
         setEncryptedResults(encryptedResults);
-
+        
+        Collection<AssertionInfo> ais = aim.get(SP12Constants.ENCRYPTED_SUPPORTING_TOKENS);
+        if (ais != null && !ais.isEmpty()) {
+            parsePolicies(ais, message);
+        }
+        
+        ais = aim.get(SP11Constants.ENCRYPTED_SUPPORTING_TOKENS);
+        if (ais != null && !ais.isEmpty()) {
+            parsePolicies(ais, message);
+        }
+        
+        return true;
+    }
+    
+    private void parsePolicies(Collection<AssertionInfo> ais, Message message) {
         for (AssertionInfo ai : ais) {
             SupportingTokens binding = (SupportingTokens)ai.getAssertion();
             ai.setAsserted(true);
@@ -115,8 +125,6 @@ public class EncryptedTokenPolicyValidat
                 }
             }
         }
-        
-        return true;
     }
     
 }



Mime
View raw message