cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1483714 [1/2] - in /cxf/branches/wss4j2.0-port: parent/ services/sts/sts-core/ services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/ services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/ services/sts/sts-war/ services/s...
Date Fri, 17 May 2013 09:38:59 GMT
Author: coheigea
Date: Fri May 17 09:38:59 2013
New Revision: 1483714

URL: http://svn.apache.org/r1483714
Log:
[CXF-5010] Add customizable request logging capability to STS


Conflicts:
	services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
	services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
	services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
	services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
	services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java

Added:
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java
    cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/org.apache.cxf.Logger
Removed:
    cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/logging.properties
Modified:
    cxf/branches/wss4j2.0-port/parent/pom.xml
    cxf/branches/wss4j2.0-port/services/sts/sts-core/pom.xml
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
    cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
    cxf/branches/wss4j2.0-port/services/sts/sts-war/pom.xml
    cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/log4j.properties
    cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/webapp/WEB-INF/cxf-transport.xml

Modified: cxf/branches/wss4j2.0-port/parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/parent/pom.xml?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/parent/pom.xml (original)
+++ cxf/branches/wss4j2.0-port/parent/pom.xml Fri May 17 09:38:59 2013
@@ -144,6 +144,7 @@
         <cxf.servlet-api.version>1.0</cxf.servlet-api.version>
         <cxf.servlet-api-2.5.artifact>geronimo-servlet_2.5_spec</cxf.servlet-api-2.5.artifact>
         <cxf.servlet-api-2.5.version>1.1.2</cxf.servlet-api-2.5.version>
+        <cxf.slf4j.version>1.7.5</cxf.slf4j.version>
         <cxf.specs.jaxws.api.version>1.1</cxf.specs.jaxws.api.version>
         <cxf.spring.version>3.1.3.RELEASE</cxf.spring.version>
         <cxf.spring.osgi.version>1.2.1</cxf.spring.osgi.version>

Modified: cxf/branches/wss4j2.0-port/services/sts/sts-core/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/pom.xml?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/pom.xml (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/pom.xml Fri May 17 09:38:59 2013
@@ -44,6 +44,12 @@
             <version>${project.version}</version>
             <scope>compile</scope>
         </dependency>
+         <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-transports-http</artifactId>
+            <version>${project.version}</version>
+            <scope>compile</scope>
+        </dependency>
         <dependency>
             <groupId>net.sf.ehcache</groupId>
             <artifactId>ehcache-core</artifactId>
@@ -81,6 +87,12 @@
             <artifactId>slf4j-jdk14</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>${cxf.servlet-api.group}</groupId>
+            <artifactId>${cxf.servlet-api.artifact}</artifactId>
+            <scope>provided</scope>
+            <optional>true</optional>
+        </dependency>        
    </dependencies>
 
    <build>

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.springframework.context.ApplicationEvent;
+
+public abstract class AbstractSTSEvent extends ApplicationEvent {
+
+    private static final long serialVersionUID = 1L;
+    
+    private long duration;
+    
+    public AbstractSTSEvent(Object source, long duration) {
+        super(source);
+        this.duration = duration;
+    }
+    
+    public abstract String getOperation();
+    
+    public long getDuration() {
+        return duration;
+    }
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+public abstract class AbstractSTSFailureEvent extends AbstractSTSEvent {
+
+    private static final long serialVersionUID = 1L;
+    
+    //private static final String OPERATION = "Issue";
+    private Exception exception;
+    
+    public AbstractSTSFailureEvent(Object source, long duration, Exception ex) {
+        super(source, duration);
+        exception = ex;
+    }
+    
+    public Exception getException() {
+        return exception;
+    }
+    
+    /*@Override
+    public String getOperation() {
+        return OPERATION;
+    }*/
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+public abstract class AbstractSTSSuccessEvent extends AbstractSTSEvent {
+
+    private static final long serialVersionUID = 1L;
+    
+    public AbstractSTSSuccessEvent(Object source, long duration) {
+        super(source, duration);
+    }
+    
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java Fri May 17 09:38:59 2013
@@ -0,0 +1,374 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.io.Writer;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.sts.claims.RequestClaim;
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+import org.apache.cxf.transport.http.AbstractHTTPDestination;
+
+import org.springframework.context.ApplicationListener;
+
+
+public class LoggerListener implements ApplicationListener<AbstractSTSEvent> {
+    
+    public enum KEYS {
+        TIME,
+        OPERATION,
+        WS_SEC_PRINCIPAL,
+        STATUS,
+        TOKENTYPE,
+        EXCEPTION,
+        REALM,
+        APPLIESTO,
+        CLAIMS_PRIMARY,
+        CLAIMS_SECONDARY,
+        DURATION,
+        ACTAS_PRINCIPAL,
+        ONBEHALFOF_PRINCIPAL,
+        VALIDATE_PRINCIPAL,
+        CANCEL_PRINCIPAL,
+        RENEW_PRINCIPAL,
+        REMOTE_HOST,
+        REMOTE_PORT,
+        URL
+    };
+    
+    private static final Logger LOG = LogUtils.getL7dLogger(LoggerListener.class);
+    
+    private List<String> fieldOrder = new ArrayList<String>();
+    private boolean logStacktrace;
+    private boolean logFieldname;
+    private Level logLevel = Level.FINE;
+    private DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.SHORT, DateFormat.MEDIUM);
+    
+    public LoggerListener() {
+        fieldOrder.add(KEYS.TIME.name());
+        fieldOrder.add(KEYS.STATUS.name());
+        fieldOrder.add(KEYS.DURATION.name());
+        fieldOrder.add(KEYS.REMOTE_HOST.name());
+        fieldOrder.add(KEYS.REMOTE_PORT.name());
+        fieldOrder.add(KEYS.OPERATION.name());
+        fieldOrder.add(KEYS.URL.name());
+        fieldOrder.add(KEYS.REALM.name());
+        fieldOrder.add(KEYS.WS_SEC_PRINCIPAL.name());
+        fieldOrder.add(KEYS.ONBEHALFOF_PRINCIPAL.name());
+        fieldOrder.add(KEYS.ACTAS_PRINCIPAL.name());
+        fieldOrder.add(KEYS.VALIDATE_PRINCIPAL.name());
+        fieldOrder.add(KEYS.CANCEL_PRINCIPAL.name());
+        fieldOrder.add(KEYS.RENEW_PRINCIPAL.name());
+        fieldOrder.add(KEYS.TOKENTYPE.name());
+        fieldOrder.add(KEYS.APPLIESTO.name());
+        fieldOrder.add(KEYS.CLAIMS_PRIMARY.name());
+        fieldOrder.add(KEYS.CLAIMS_SECONDARY.name());
+        fieldOrder.add(KEYS.EXCEPTION.name());
+    }
+    
+    @Override
+    public void onApplicationEvent(AbstractSTSEvent event) {
+        
+        if (event instanceof TokenProviderParametersSupport) {
+            handleEvent((TokenProviderParametersSupport)event);
+        } else if (event instanceof TokenValidatorParametersSupport) {
+            handleEvent((TokenValidatorParametersSupport)event);
+        } else if (event instanceof TokenCancellerParametersSupport) {
+            handleEvent((TokenCancellerParametersSupport)event);
+        } else if (event instanceof TokenRenewerParametersSupport) {
+            handleEvent((TokenRenewerParametersSupport)event);            
+        } else {
+            LOG.warning("Unknown STS event: " + event.getClass());
+        }
+    }
+    
+   
+    public void handleEvent(TokenProviderParametersSupport event) {
+        try {
+            Map<String, String> map = new HashMap<String, String>();
+            AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+            map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+            map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+            map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+            
+            TokenProviderParameters params = event.getTokenParameters();
+            HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+                getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+            map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+            map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+            map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+                    getMessageContext().get("org.apache.cxf.request.url"));
+            
+            map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+            try {
+                if (params.getTokenRequirements().getOnBehalfOf() != null) {
+                    map.put(KEYS.ONBEHALFOF_PRINCIPAL.name(),
+                            params.getTokenRequirements().getOnBehalfOf().getPrincipal().getName());
+                }
+                if (params.getTokenRequirements().getActAs() != null) {
+                    map.put(KEYS.ACTAS_PRINCIPAL.name(),
+                            params.getTokenRequirements().getActAs().getPrincipal().getName());
+                }
+                if (params.getPrincipal() != null) {
+                    map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+                }
+            } catch (NullPointerException ex) {
+                //Principal could be null
+            }
+            map.put(KEYS.REALM.name(), params.getRealm());
+            map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+            
+            if (params.getRequestedPrimaryClaims() != null
+                    && fieldOrder.indexOf(KEYS.CLAIMS_PRIMARY.name()) != -1) {
+                List<String> claims = new ArrayList<String>();
+                for (RequestClaim claim : params.getRequestedPrimaryClaims()) {
+                    claims.add(claim.getClaimType().toString());
+                }
+                map.put(KEYS.CLAIMS_PRIMARY.name(), claims.toString());
+            }
+            if (params.getRequestedSecondaryClaims() != null
+                    && fieldOrder.indexOf(KEYS.CLAIMS_SECONDARY.name()) != -1) {
+                List<String> claims = new ArrayList<String>();
+                for (RequestClaim claim : params.getRequestedSecondaryClaims()) {
+                    claims.add(claim.getClaimType().toString());
+                }
+                map.put(KEYS.CLAIMS_SECONDARY.name(), claims.toString());
+            }
+            if (event instanceof AbstractSTSFailureEvent) {
+                map.put(KEYS.STATUS.name(), "FAILURE");
+                Exception ex = ((AbstractSTSFailureEvent)event).getException();
+                if (this.isLogStacktrace()) {
+                    final Writer result = new StringWriter();
+                    final PrintWriter printWriter = new PrintWriter(result);
+                    ex.printStackTrace(printWriter);
+                    map.put(KEYS.EXCEPTION.name(), result.toString());
+                } else {
+                    map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+                }
+            } else {
+                map.put(KEYS.STATUS.name(), "SUCCESS");
+            }
+            writeLog(map);
+        } catch (Exception ex) {
+            LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+        }
+    }
+    
+    public void handleEvent(TokenValidatorParametersSupport event) {
+        try {
+            Map<String, String> map = new HashMap<String, String>();
+            AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+            map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+            map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+            map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+            
+            TokenValidatorParameters params = event.getTokenParameters();
+            HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+                getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+            map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+            map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+            map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+                    getMessageContext().get("org.apache.cxf.request.url"));
+            map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+            if (params.getTokenRequirements().getActAs() != null) {
+                map.put(KEYS.VALIDATE_PRINCIPAL.name(), 
+                        params.getTokenRequirements().getValidateTarget().getPrincipal().getName());
+            }
+            if (params.getPrincipal() != null) {
+                map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+            }
+            map.put(KEYS.REALM.name(), params.getRealm());
+            //map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+            if (event instanceof AbstractSTSFailureEvent) {
+                map.put(KEYS.STATUS.name(), "FAILURE");
+                Exception ex = ((AbstractSTSFailureEvent)event).getException();
+                if (this.isLogStacktrace()) {
+                    final Writer result = new StringWriter();
+                    final PrintWriter printWriter = new PrintWriter(result);
+                    ex.printStackTrace(printWriter);
+                    map.put(KEYS.EXCEPTION.name(), result.toString());
+                } else {
+                    map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+                }
+            } else {
+                map.put(KEYS.STATUS.name(), "SUCCESS");
+            }
+            writeLog(map);
+        } catch (Exception ex) {
+            LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+        }        
+    }
+    
+    public void handleEvent(TokenCancellerParametersSupport event) {
+        try {
+            Map<String, String> map = new HashMap<String, String>();
+            AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+            map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+            map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+            map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+            
+            TokenCancellerParameters params = event.getTokenParameters();
+            HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+                getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+            map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+            map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+            map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+                    getMessageContext().get("org.apache.cxf.request.url"));
+            map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+            if (params.getTokenRequirements().getActAs() != null) {
+                map.put(KEYS.CANCEL_PRINCIPAL.name(), 
+                        params.getTokenRequirements().getCancelTarget().getPrincipal().getName());
+            }
+            if (params.getPrincipal() != null) {
+                map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+            }
+            //map.put(KEYS.REALM.name(), params.getRealm());
+            //map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+            if (event instanceof AbstractSTSFailureEvent) {
+                map.put(KEYS.STATUS.name(), "FAILURE");
+                Exception ex = ((AbstractSTSFailureEvent)event).getException();
+                if (this.isLogStacktrace()) {
+                    final Writer result = new StringWriter();
+                    final PrintWriter printWriter = new PrintWriter(result);
+                    ex.printStackTrace(printWriter);
+                    map.put(KEYS.EXCEPTION.name(), result.toString());
+                } else {
+                    map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+                }
+            } else {
+                map.put(KEYS.STATUS.name(), "SUCCESS");
+            }
+            writeLog(map);
+        } catch (Exception ex) {
+            LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+        }        
+    }
+    
+    public void handleEvent(TokenRenewerParametersSupport event) {
+        try {
+            Map<String, String> map = new HashMap<String, String>();
+            AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+            map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+            map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+            map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+            
+            TokenRenewerParameters params = event.getTokenParameters();
+            HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+                getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+            map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+            map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+            map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+                    getMessageContext().get("org.apache.cxf.request.url"));
+            map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+            if (params.getTokenRequirements().getRenewTarget() != null) {
+                map.put(KEYS.RENEW_PRINCIPAL.name(), 
+                        params.getTokenRequirements().getRenewTarget().getPrincipal().getName());
+            }
+            if (params.getPrincipal() != null) {
+                map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+            }
+            map.put(KEYS.REALM.name(), params.getRealm());
+            map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+            if (event instanceof AbstractSTSFailureEvent) {
+                map.put(KEYS.STATUS.name(), "FAILURE");
+                Exception ex = ((AbstractSTSFailureEvent)event).getException();
+                if (this.isLogStacktrace()) {
+                    final Writer result = new StringWriter();
+                    final PrintWriter printWriter = new PrintWriter(result);
+                    ex.printStackTrace(printWriter);
+                    map.put(KEYS.EXCEPTION.name(), result.toString());
+                } else {
+                    map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+                }
+            } else {
+                map.put(KEYS.STATUS.name(), "SUCCESS");
+            }
+            writeLog(map);
+        } catch (Exception ex) {
+            LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+        }        
+    }
+    
+    protected void writeLog(Map<String, String> map) {
+        final StringBuilder builder = new StringBuilder();
+        for (String key : fieldOrder) {
+            if (this.logFieldname) {
+                builder.append(key).append("=").append(map.get(key)).append(";");
+            } else {
+                builder.append(map.get(key)).append(";");
+            }
+            
+        }
+        LOG.log(this.logLevel, builder.toString());
+    }
+
+    public List<String> getFieldOrder() {
+        return fieldOrder;
+    }
+
+    public void setFieldOrder(List<String> fieldOrder) {
+        this.fieldOrder = fieldOrder;
+    }
+
+    public boolean isLogStacktrace() {
+        return logStacktrace;
+    }
+
+    public void setLogStacktrace(boolean logStacktrace) {
+        this.logStacktrace = logStacktrace;
+    }
+
+    public boolean isLogFieldname() {
+        return logFieldname;
+    }
+
+    public void setLogFieldname(boolean logFieldname) {
+        this.logFieldname = logFieldname;
+    }
+    
+    public void setDateFormat(String format) {
+        this.dateFormat = new SimpleDateFormat(format);
+    }
+
+    public Level getLogLevel() {
+        return logLevel;
+    }
+
+    public void setLogLevel(String logLevel) {
+        this.logLevel = Level.parse(logLevel);
+    }
+    
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+
+public class STSCancelFailureEvent extends AbstractSTSFailureEvent implements TokenCancellerParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Cancel";
+       
+    
+    public STSCancelFailureEvent(TokenCancellerParameters parameters, long duration, Exception exception) {
+        super(parameters, duration, exception);
+    }
+    
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenCancellerParameters getTokenParameters() {
+        return (TokenCancellerParameters)this.getSource();
+    }
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+
+public class STSCancelSuccessEvent extends AbstractSTSSuccessEvent implements TokenCancellerParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Cancel";
+    
+    
+    public STSCancelSuccessEvent(TokenCancellerParameters parameters, long duration) {
+        super(parameters, duration);
+    }
+
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenCancellerParameters getTokenParameters() {
+        return (TokenCancellerParameters)this.getSource();
+    }    
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+@Deprecated
+public interface STSFailureEvent {
+    
+    Exception getException();
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+public class STSIssueFailureEvent extends AbstractSTSFailureEvent implements TokenProviderParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Issue";
+    
+    
+    public STSIssueFailureEvent(TokenProviderParameters parameters, long duration, Exception exception) {
+        super(parameters, duration, exception);
+    }
+    
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenProviderParameters getTokenParameters() {
+        return (TokenProviderParameters)this.getSource();
+    }
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+public class STSIssueSuccessEvent extends AbstractSTSSuccessEvent implements TokenProviderParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Issue";
+    
+    
+    public STSIssueSuccessEvent(TokenProviderParameters parameters, long duration) {
+        super(parameters, duration);
+    }
+
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenProviderParameters getTokenParameters() {
+        return (TokenProviderParameters)this.getSource();
+    }
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+
+public class STSRenewFailureEvent extends AbstractSTSFailureEvent implements TokenRenewerParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Renew";
+    
+    
+    public STSRenewFailureEvent(TokenRenewerParameters parameters, long duration, Exception exception) {
+        super(parameters, duration, exception);
+    }
+    
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenRenewerParameters getTokenParameters() {
+        return (TokenRenewerParameters)this.getSource();
+    } 
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+
+public class STSRenewSuccessEvent extends AbstractSTSSuccessEvent implements TokenRenewerParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Renew";
+    
+    
+    public STSRenewSuccessEvent(TokenRenewerParameters parameters, long duration) {
+        super(parameters, duration);
+    }
+
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenRenewerParameters getTokenParameters() {
+        return (TokenRenewerParameters)this.getSource();
+    }    
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+
+public class STSValidateFailureEvent extends AbstractSTSFailureEvent implements TokenValidatorParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Validate";
+    
+    
+    public STSValidateFailureEvent(TokenValidatorParameters parameters, long duration, Exception exception) {
+        super(parameters, duration, exception);
+    }
+    
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenValidatorParameters getTokenParameters() {
+        return (TokenValidatorParameters)this.getSource();
+    }
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java Fri May 17 09:38:59 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+
+public class STSValidateSuccessEvent extends AbstractSTSSuccessEvent implements TokenValidatorParametersSupport {
+
+    private static final long serialVersionUID = 1L;
+    
+    private static final String OPERATION = "Validate";
+    
+    
+    public STSValidateSuccessEvent(TokenValidatorParameters parameters, long duration) {
+        super(parameters, duration);
+    }
+    
+    @Override
+    public String getOperation() {
+        return OPERATION;
+    }
+
+    @Override
+    public TokenValidatorParameters getTokenParameters() {
+        return (TokenValidatorParameters)this.getSource();
+    }
+
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java Fri May 17 09:38:59 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+
+public interface TokenCancellerParametersSupport {
+    
+    TokenCancellerParameters getTokenParameters();
+    
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java Fri May 17 09:38:59 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+public interface TokenProviderParametersSupport {
+    
+    TokenProviderParameters getTokenParameters();
+    
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java Fri May 17 09:38:59 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+
+public interface TokenRenewerParametersSupport {
+    
+    TokenRenewerParameters getTokenParameters();
+    
+}

Added: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java Fri May 17 09:38:59 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+
+public interface TokenValidatorParametersSupport {
+    
+    TokenValidatorParameters getTokenParameters();
+    
+}

Modified: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java Fri May 17 09:38:59 2013
@@ -34,6 +34,7 @@ import javax.xml.namespace.QName;
 import javax.xml.ws.WebServiceContext;
 import javax.xml.ws.handler.MessageContext;
 
+
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
@@ -81,11 +82,14 @@ import org.apache.wss4j.dom.message.WSSe
 import org.apache.wss4j.dom.message.WSSecEncryptedKey;
 import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
 
+import org.springframework.context.ApplicationEvent;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.context.ApplicationEventPublisherAware;
 
 /**
  * This abstract class contains some common functionality for different operations.
  */
-public abstract class AbstractOperation {
+public abstract class AbstractOperation implements ApplicationEventPublisherAware {
 
     public static final QName TOKEN_TYPE = 
         new QName(WSConstants.WSSE11_NS, WSConstants.TOKEN_TYPE, WSConstants.WSSE11_PREFIX);
@@ -100,6 +104,7 @@ public abstract class AbstractOperation 
     protected boolean returnReferences = true;
     protected TokenStore tokenStore;
     protected ClaimsManager claimsManager = new ClaimsManager();
+    protected ApplicationEventPublisher eventPublisher;
     
     public boolean isReturnReferences() {
         return returnReferences;
@@ -639,4 +644,15 @@ public abstract class AbstractOperation 
         }
     }
     
+    @Override
+    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
+        this.eventPublisher = applicationEventPublisher;
+    }
+    
+    
+    protected void publishEvent(ApplicationEvent event) {
+        if (eventPublisher != null) {
+            eventPublisher.publishEvent(event);
+        }
+    }
 }

Modified: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java Fri May 17 09:38:59 2013
@@ -30,6 +30,8 @@ import javax.xml.ws.WebServiceContext;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.QNameConstants;
 import org.apache.cxf.sts.STSConstants;
+import org.apache.cxf.sts.event.STSCancelFailureEvent;
+import org.apache.cxf.sts.event.STSCancelSuccessEvent;
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.sts.request.ReceivedToken;
 import org.apache.cxf.sts.request.ReceivedToken.STATE;
@@ -44,6 +46,7 @@ import org.apache.cxf.ws.security.sts.pr
 import org.apache.cxf.ws.security.sts.provider.model.RequestedTokenCancelledType;
 import org.apache.cxf.ws.security.sts.provider.operation.CancelOperation;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
 
 /**
  *  An implementation for Cancel operation interface.
@@ -65,69 +68,84 @@ public class TokenCancelOperation extend
     public RequestSecurityTokenResponseType cancel(
         RequestSecurityTokenType request, WebServiceContext context
     ) {
-        RequestParser requestParser = parseRequest(request, context);
-        
-        KeyRequirements keyRequirements = requestParser.getKeyRequirements();
-        TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
-        
-        ReceivedToken cancelTarget = tokenRequirements.getCancelTarget();
-        if (cancelTarget == null || cancelTarget.getToken() == null) {
-            throw new STSException("No element presented for cancellation", STSException.INVALID_REQUEST);
-        }
-        if (tokenRequirements.getTokenType() == null) {
-            tokenRequirements.setTokenType(STSConstants.STATUS);
-            LOG.fine(
-                "Received TokenType is null, falling back to default token type: " + STSConstants.STATUS
-            );
-        }
-        
+        long start = System.currentTimeMillis();
         TokenCancellerParameters cancellerParameters = new TokenCancellerParameters();
-        cancellerParameters.setStsProperties(stsProperties);
-        cancellerParameters.setPrincipal(context.getUserPrincipal());
-        cancellerParameters.setWebServiceContext(context);
-        cancellerParameters.setTokenStore(getTokenStore());
         
-        cancellerParameters.setKeyRequirements(keyRequirements);
-        cancellerParameters.setTokenRequirements(tokenRequirements);   
-        cancellerParameters.setToken(cancelTarget);
-        
-        //
-        // Cancel token
-        //
-        TokenCancellerResponse tokenResponse = null;
-        for (TokenCanceller tokenCanceller : tokencancellers) {
-            if (tokenCanceller.canHandleToken(cancelTarget)) {
-                try {
-                    tokenResponse = tokenCanceller.cancelToken(cancellerParameters);
-                } catch (RuntimeException ex) {
-                    LOG.log(Level.WARNING, "", ex);
-                    throw new STSException(
-                        "Error while cancelling a token", ex, STSException.REQUEST_FAILED
-                    );
+        try {
+            RequestParser requestParser = parseRequest(request, context);
+            
+            KeyRequirements keyRequirements = requestParser.getKeyRequirements();
+            TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+            
+            cancellerParameters.setStsProperties(stsProperties);
+            cancellerParameters.setPrincipal(context.getUserPrincipal());
+            cancellerParameters.setWebServiceContext(context);
+            cancellerParameters.setTokenStore(getTokenStore());
+            
+            cancellerParameters.setKeyRequirements(keyRequirements);
+            cancellerParameters.setTokenRequirements(tokenRequirements);  
+            
+            ReceivedToken cancelTarget = tokenRequirements.getCancelTarget();
+            if (cancelTarget == null || cancelTarget.getToken() == null) {
+                throw new STSException("No element presented for cancellation", STSException.INVALID_REQUEST);
+            }
+            cancellerParameters.setToken(cancelTarget);
+            
+            if (tokenRequirements.getTokenType() == null) {
+                tokenRequirements.setTokenType(STSConstants.STATUS);
+                LOG.fine(
+                    "Received TokenType is null, falling back to default token type: " + STSConstants.STATUS
+                );
+            }
+            
+            //
+            // Cancel token
+            //
+            TokenCancellerResponse tokenResponse = null;
+            for (TokenCanceller tokenCanceller : tokencancellers) {
+                if (tokenCanceller.canHandleToken(cancelTarget)) {
+                    try {
+                        tokenResponse = tokenCanceller.cancelToken(cancellerParameters);
+                    } catch (RuntimeException ex) {
+                        LOG.log(Level.WARNING, "", ex);
+                        throw new STSException(
+                            "Error while cancelling a token", ex, STSException.REQUEST_FAILED
+                        );
+                    }
+                    break;
                 }
-                break;
             }
-        }
-        if (tokenResponse == null || tokenResponse.getToken() == null) {
-            LOG.fine("No Token Canceller has been found that can handle this token");
-            throw new STSException(
-                "No token canceller found for requested token type: " 
-                + tokenRequirements.getTokenType(), 
-                STSException.REQUEST_FAILED
-            );
-        }
-        
-        if (tokenResponse.getToken().getState() != STATE.CANCELLED) {
-            LOG.log(Level.WARNING, "Token cancellation failed.");
-            throw new STSException("Token cancellation failed.");
-        }
+            if (tokenResponse == null || tokenResponse.getToken() == null) {
+                LOG.fine("No Token Canceller has been found that can handle this token");
+                throw new STSException(
+                    "No token canceller found for requested token type: " 
+                    + tokenRequirements.getTokenType(), 
+                    STSException.REQUEST_FAILED
+                );
+            }
+            
+            if (tokenResponse.getToken().getState() != STATE.CANCELLED) {
+                LOG.log(Level.WARNING, "Token cancellation failed.");
+                throw new STSException("Token cancellation failed.");
+            }
+            
+            // prepare response
+            try {
+                RequestSecurityTokenResponseType response = createResponse(tokenRequirements);
+                ApplicationEvent event = new STSCancelSuccessEvent(cancellerParameters,
+                        System.currentTimeMillis() - start);
+                publishEvent(event);
+                return response;
+            } catch (Throwable ex) {
+                LOG.log(Level.WARNING, "", ex);
+                throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+            }
         
-        // prepare response
-        try {
-            return createResponse(tokenRequirements);
-        } catch (Throwable ex) {
-            LOG.log(Level.WARNING, "", ex);
-            throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+        } catch (RuntimeException ex) {
+            ApplicationEvent event = new STSCancelFailureEvent(cancellerParameters,
+                                                              System.currentTimeMillis() - start, ex);
+            publishEvent(event);
+            throw ex;
         }
     }
 

Modified: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java Fri May 17 09:38:59 2013
@@ -29,6 +29,8 @@ import javax.xml.ws.WebServiceContext;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.QNameConstants;
 import org.apache.cxf.sts.claims.RequestClaimCollection;
+import org.apache.cxf.sts.event.STSIssueFailureEvent;
+import org.apache.cxf.sts.event.STSIssueSuccessEvent;
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.sts.request.ReceivedToken;
 import org.apache.cxf.sts.request.ReceivedToken.STATE;
@@ -54,6 +56,7 @@ import org.apache.cxf.ws.security.sts.pr
 import org.apache.cxf.ws.security.sts.provider.operation.IssueOperation;
 import org.apache.cxf.ws.security.sts.provider.operation.IssueSingleOperation;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
 
 /**
  * An implementation of the IssueOperation interface.
@@ -91,90 +94,103 @@ public class TokenIssueOperation extends
             RequestSecurityTokenType request,
             WebServiceContext context
     ) {
-        RequestParser requestParser = parseRequest(request, context);
-
-        TokenProviderParameters providerParameters = createTokenProviderParameters(requestParser, context);
-
-        // Check if the requested claims can be handled by the configured claim handlers
-        RequestClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
-        checkClaimsSupport(requestedClaims);
-        requestedClaims = providerParameters.getRequestedSecondaryClaims();
-        checkClaimsSupport(requestedClaims);
-        providerParameters.setClaimsManager(claimsManager);
-        
-        String realm = providerParameters.getRealm();
-
-        TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
-        String tokenType = tokenRequirements.getTokenType();
-
-
-        // Validate OnBehalfOf token if present
-        if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
-            ReceivedToken validateTarget = providerParameters.getTokenRequirements().getOnBehalfOf();
-            TokenValidatorResponse tokenResponse = validateReceivedToken(
-                    context, realm, tokenRequirements, validateTarget);
-
-            if (tokenResponse == null) {
-                LOG.fine("No Token Validator has been found that can handle this token");
-            } else if (validateTarget.getState().equals(STATE.INVALID)) {
-                throw new STSException("Incoming token is invalid", STSException.REQUEST_FAILED);
-            } else if (validateTarget.getState().equals(STATE.VALID)) {
-                processValidToken(providerParameters, validateTarget, tokenResponse); 
-            } else {
-                //[TODO] Add plugin for validation out-of-band
-                // Example:
-                // If the requestor is in the possession of a certificate (mutual ssl handshake)
-                // the STS trusts the token sent in OnBehalfOf element
-            }
-            if (tokenResponse != null) {
-                Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
-                if (additionalProperties != null) {
-                    providerParameters.setAdditionalProperties(additionalProperties);
+        long start = System.currentTimeMillis();
+        TokenProviderParameters providerParameters = new TokenProviderParameters();
+        try {
+            RequestParser requestParser = parseRequest(request, context);
+    
+            providerParameters = createTokenProviderParameters(requestParser, context);
+    
+            // Check if the requested claims can be handled by the configured claim handlers
+            RequestClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
+            checkClaimsSupport(requestedClaims);
+            requestedClaims = providerParameters.getRequestedSecondaryClaims();
+            checkClaimsSupport(requestedClaims);
+            providerParameters.setClaimsManager(claimsManager);
+            
+            String realm = providerParameters.getRealm();
+    
+            TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+            String tokenType = tokenRequirements.getTokenType();
+    
+    
+            // Validate OnBehalfOf token if present
+            if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
+                ReceivedToken validateTarget = providerParameters.getTokenRequirements().getOnBehalfOf();
+                TokenValidatorResponse tokenResponse = validateReceivedToken(
+                        context, realm, tokenRequirements, validateTarget);
+    
+                if (tokenResponse == null) {
+                    LOG.fine("No Token Validator has been found that can handle this token");
+                } else if (validateTarget.getState().equals(STATE.INVALID)) {
+                    throw new STSException("Incoming token is invalid", STSException.REQUEST_FAILED);
+                } else if (validateTarget.getState().equals(STATE.VALID)) {
+                    processValidToken(providerParameters, validateTarget, tokenResponse); 
+                } else {
+                    //[TODO] Add plugin for validation out-of-band
+                    // Example:
+                    // If the requestor is in the possession of a certificate (mutual ssl handshake)
+                    // the STS trusts the token sent in OnBehalfOf element
+                }
+                if (tokenResponse != null) {
+                    Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
+                    if (additionalProperties != null) {
+                        providerParameters.setAdditionalProperties(additionalProperties);
+                    }
                 }
             }
-        }
-
-        // create token
-        TokenProviderResponse tokenResponse = null;
-        for (TokenProvider tokenProvider : tokenProviders) {
-            boolean canHandle = false;
-            if (realm == null) {
-                canHandle = tokenProvider.canHandleToken(tokenType);
-            } else {
-                canHandle = tokenProvider.canHandleToken(tokenType, realm);
-            }
-            if (canHandle) {
-                try {
-                    tokenResponse = tokenProvider.createToken(providerParameters);
-                } catch (STSException ex) {
-                    LOG.log(Level.WARNING, "", ex);
-                    throw ex;
-                } catch (RuntimeException ex) {
-                    LOG.log(Level.WARNING, "", ex);
-                    throw new STSException("Error in providing a token", ex, STSException.REQUEST_FAILED);
+    
+            // create token
+            TokenProviderResponse tokenResponse = null;
+            for (TokenProvider tokenProvider : tokenProviders) {
+                boolean canHandle = false;
+                if (realm == null) {
+                    canHandle = tokenProvider.canHandleToken(tokenType);
+                } else {
+                    canHandle = tokenProvider.canHandleToken(tokenType, realm);
+                }
+                if (canHandle) {
+                    try {
+                        tokenResponse = tokenProvider.createToken(providerParameters);
+                    } catch (STSException ex) {
+                        LOG.log(Level.WARNING, "", ex);
+                        throw ex;
+                    } catch (RuntimeException ex) {
+                        LOG.log(Level.WARNING, "", ex);
+                        throw new STSException("Error in providing a token", ex, STSException.REQUEST_FAILED);
+                    }
+                    break;
                 }
-                break;
             }
-        }
-        if (tokenResponse == null || tokenResponse.getToken() == null) {
-            LOG.log(Level.WARNING, "No token provider found for requested token type: " + tokenType);
-            throw new STSException(
-                    "No token provider found for requested token type: " + tokenType, 
-                    STSException.REQUEST_FAILED
-            );
-        }
-        // prepare response
-        try {
-            KeyRequirements keyRequirements = requestParser.getKeyRequirements();
-            EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
-            RequestSecurityTokenResponseType response = 
-                createResponse(
-                        encryptionProperties, tokenResponse, tokenRequirements, keyRequirements, context
+            if (tokenResponse == null || tokenResponse.getToken() == null) {
+                LOG.log(Level.WARNING, "No token provider found for requested token type: " + tokenType);
+                throw new STSException(
+                        "No token provider found for requested token type: " + tokenType, 
+                        STSException.REQUEST_FAILED
                 );
-            return response;
-        } catch (Throwable ex) {
-            LOG.log(Level.WARNING, "", ex);
-            throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+            }
+            // prepare response
+            try {
+                KeyRequirements keyRequirements = requestParser.getKeyRequirements();
+                EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
+                RequestSecurityTokenResponseType response = 
+                    createResponse(
+                            encryptionProperties, tokenResponse, tokenRequirements, keyRequirements, context
+                    );
+                ApplicationEvent event = new STSIssueSuccessEvent(providerParameters,
+                        System.currentTimeMillis() - start);
+                publishEvent(event);
+                return response;
+            } catch (Throwable ex) {
+                LOG.log(Level.WARNING, "", ex);
+                throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+            }
+        
+        } catch (RuntimeException ex) {
+            ApplicationEvent event = new STSIssueFailureEvent(providerParameters,
+                                                              System.currentTimeMillis() - start, ex);
+            publishEvent(event);
+            throw ex;
         }
     }
 



Mime
View raw message