cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/4] [FEDIZ-7] - Largish refactor of Fediz code to accomadate other protocols
Date Thu, 19 Jun 2014 16:30:59 GMT
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
new file mode 100644
index 0000000..6ebe954
--- /dev/null
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
@@ -0,0 +1,648 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.core.processor;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.servlet.http.HttpServletRequest;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import org.apache.cxf.fediz.core.FederationConstants;
+import org.apache.cxf.fediz.core.TokenValidator;
+import org.apache.cxf.fediz.core.TokenValidatorRequest;
+import org.apache.cxf.fediz.core.TokenValidatorResponse;
+import org.apache.cxf.fediz.core.config.FederationProtocol;
+import org.apache.cxf.fediz.core.config.FedizContext;
+import org.apache.cxf.fediz.core.config.KeyManager;
+import org.apache.cxf.fediz.core.config.SAMLProtocol;
+import org.apache.cxf.fediz.core.exception.ProcessingException;
+import org.apache.cxf.fediz.core.exception.ProcessingException.TYPE;
+import org.apache.cxf.fediz.core.metadata.MetadataWriter;
+import org.apache.cxf.fediz.core.samlsso.AuthnRequestBuilder;
+import org.apache.cxf.fediz.core.samlsso.CompressionUtils;
+import org.apache.cxf.fediz.core.samlsso.DefaultAuthnRequestBuilder;
+import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.util.DOMUtils;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.saml.OpenSAMLUtil;
+import org.apache.wss4j.common.util.DOM2Writer;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSDataRef;
+import org.apache.wss4j.dom.WSDocInfo;
+import org.apache.wss4j.dom.WSSConfig;
+import org.apache.wss4j.dom.WSSecurityEngine;
+import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.processor.EncryptedDataProcessor;
+import org.apache.wss4j.dom.processor.Processor;
+import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
+import org.apache.xml.security.utils.Base64;
+import org.joda.time.DateTime;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class SAMLProcessorImpl implements FedizProcessor {
+
+    private static final Logger LOG = LoggerFactory.getLogger(SAMLProcessorImpl.class);
+
+    /**
+     * Default constructor
+     */
+    public SAMLProcessorImpl() {
+        super();
+    }
+
+    @Override
+    public FedizResponse processRequest(FedizRequest request,
+                                             FedizContext config)
+        throws ProcessingException {
+        
+        if (!(config.getProtocol() instanceof SAMLProtocol)) {
+            LOG.error("Unsupported protocol");
+            throw new IllegalStateException("Unsupported protocol");
+        }
+        FedizResponse response = null;
+        if (FederationConstants.ACTION_SIGNIN.equals(request.getWa())) {
+            response = this.processSignInRequest(request, config);
+        } else {
+            LOG.error("Invalid action '" + request.getWa() + "'");
+            throw new ProcessingException(TYPE.INVALID_REQUEST);
+        }
+        return response;
+    }
+    
+
+    public Document getMetaData(FedizContext config) throws ProcessingException {
+        return new MetadataWriter().getMetaData(config);
+    }
+    
+    protected FedizResponse processSignInRequest(
+            FedizRequest request, FedizContext config)
+        throws ProcessingException {
+        
+        byte[] wresult = request.getWresult().getBytes();
+
+        Document doc = null;
+        Element el = null;
+        try {
+            doc = DOMUtils.readXml(new ByteArrayInputStream(wresult));
+            el = doc.getDocumentElement();
+
+        } catch (Exception e) {
+            LOG.warn("Failed to parse wresult: " + e.getMessage());
+            throw new ProcessingException(TYPE.INVALID_REQUEST);
+        }
+
+        if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) {
+            el = DOMUtils.getFirstElement(el);
+        }
+        if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
+            LOG.warn("Unexpected root element of wresult: '" + el.getLocalName() + "'");
+            throw new ProcessingException(TYPE.INVALID_REQUEST);
+        }
+        el = DOMUtils.getFirstElement(el);
+        Element rst = null;
+        Element lifetimeElem = null;
+        String tt = null;
+
+        while (el != null) {
+            String ln = el.getLocalName();
+            if (FederationConstants.WS_TRUST_13_NS.equals(el.getNamespaceURI()) 
+                || FederationConstants.WS_TRUST_2005_02_NS.equals(el.getNamespaceURI())) {
+                if ("Lifetime".equals(ln)) {
+                    lifetimeElem = el;
+                } else if ("RequestedSecurityToken".equals(ln)) {
+                    rst = DOMUtils.getFirstElement(el);
+                } else if ("TokenType".equals(ln)) {
+                    tt = DOMUtils.getContent(el);
+                }
+            }
+            el = DOMUtils.getNextElement(el);
+        }
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("RST: " + ((rst != null) ? rst.toString() : "null"));
+            LOG.debug("Lifetime: "
+                    + ((lifetimeElem != null) ? lifetimeElem.toString()
+                            : "null"));
+            LOG.debug("Tokentype: " + ((tt != null) ? tt.toString() : "null"));
+        }
+        if (rst == null) {
+            LOG.warn("RequestedSecurityToken element not found in wresult");
+            throw new ProcessingException(TYPE.BAD_REQUEST);
+        }
+        LifeTime lifeTime = null;
+        if (lifetimeElem != null) {
+            lifeTime = processLifeTime(lifetimeElem);
+        }
+
+        if (config.isDetectExpiredTokens() && lifeTime != null) {
+            Date currentDate = new Date();
+            if (currentDate.after(lifeTime.getExpires())) {
+                LOG.warn("RSTR Lifetime expired");
+                throw new ProcessingException(TYPE.TOKEN_EXPIRED);
+            }
+            DateTime currentTime = new DateTime();
+            DateTime validFrom = new DateTime(lifeTime.created);
+            currentTime = currentTime.plusSeconds(config.getMaximumClockSkew().intValue());
+            if (validFrom.isAfter(currentTime)) {
+                LOG.debug("RSTR Lifetime not yet valid");
+                throw new ProcessingException(TYPE.TOKEN_INVALID);
+            }
+        }
+        
+        // Check to see if RST is encrypted
+        if ("EncryptedData".equals(rst.getLocalName())
+            && WSConstants.ENC_NS.equals(rst.getNamespaceURI())) {
+            Element decryptedRST = decryptEncryptedRST(rst, config);
+            if (decryptedRST != null) {
+                rst = decryptedRST;
+            }
+        }
+        
+        TokenValidatorResponse validatorResponse = null;
+        List<TokenValidator> validators = ((FederationProtocol)config.getProtocol()).getTokenValidators();
+        for (TokenValidator validator : validators) {
+            boolean canHandle = false;
+            if (tt != null) {
+                canHandle = validator.canHandleTokenType(tt);
+            } else {
+                canHandle = validator.canHandleToken(rst);
+            }
+            if (canHandle) {
+                try {
+                    TokenValidatorRequest validatorRequest = 
+                        new TokenValidatorRequest(rst, request.getCerts());
+                    validatorResponse = validator.validateAndProcessToken(validatorRequest, config);
+                } catch (ProcessingException ex) {
+                    throw ex;
+                } catch (Exception ex) {
+                    LOG.warn("Failed to validate token", ex);
+                    throw new ProcessingException(TYPE.TOKEN_INVALID);
+                }
+                break;
+            } else {
+                LOG.warn("No security token validator found for '" + tt + "'");
+                throw new ProcessingException(TYPE.BAD_REQUEST);
+            }
+        }
+
+        // Check whether token already used for signin
+        if (validatorResponse.getUniqueTokenId() != null
+                && config.isDetectReplayedTokens()) {
+            // Check whether token has already been processed once, prevent
+            // replay attack
+            if (!config.getTokenReplayCache().contains(validatorResponse.getUniqueTokenId())) {
+                // not cached
+                Date expires = null;
+                if (lifeTime != null && lifeTime.getExpires() != null) {
+                    expires = lifeTime.getExpires();
+                } else {
+                    expires = validatorResponse.getExpires();
+                }
+                if (expires != null) {
+                    Date currentTime = new Date();
+                    long ttl = expires.getTime() - currentTime.getTime();
+                    config.getTokenReplayCache().add(validatorResponse.getUniqueTokenId(), ttl / 1000L);
+                } else {
+                    config.getTokenReplayCache().add(validatorResponse.getUniqueTokenId());
+                }
+            } else {
+                LOG.error("Replay attack with token id: " + validatorResponse.getUniqueTokenId());
+                throw new ProcessingException("Replay attack with token id: "
+                        + validatorResponse.getUniqueTokenId(), TYPE.TOKEN_REPLAY);
+            }
+        }
+
+        FedizResponse fedResponse = new FedizResponse(
+                validatorResponse.getUsername(), validatorResponse.getIssuer(),
+                validatorResponse.getRoles(), validatorResponse.getClaims(),
+                validatorResponse.getAudience(),
+                (lifeTime != null) ? lifeTime.getCreated() : null,
+                        (lifeTime != null) ? lifeTime.getExpires() : null, rst,
+                            validatorResponse.getUniqueTokenId());
+
+        return fedResponse;
+    }
+    
+    private Element decryptEncryptedRST(
+        Element encryptedRST,
+        FedizContext config
+    ) throws ProcessingException {
+
+        KeyManager decryptionKeyManager = config.getDecryptionKey();
+        if (decryptionKeyManager == null || decryptionKeyManager.getCrypto() == null) {
+            LOG.debug(
+                "We must have a decryption Crypto instance configured to decrypt encrypted tokens"
+            );
+            throw new ProcessingException(TYPE.BAD_REQUEST);
+        }
+        String keyPassword = decryptionKeyManager.getKeyPassword();
+        if (keyPassword == null) {
+            LOG.debug(
+                "We must have a decryption key password to decrypt encrypted tokens"
+            );
+            throw new ProcessingException(TYPE.BAD_REQUEST);
+        }
+        
+        EncryptedDataProcessor proc = new EncryptedDataProcessor();
+        WSDocInfo docInfo = new WSDocInfo(encryptedRST.getOwnerDocument());
+        RequestData data = new RequestData();
+        
+        // Disable WSS4J processing of the (decrypted) SAML Token
+        WSSConfig wssConfig = WSSConfig.getNewInstance();
+        wssConfig.setProcessor(WSSecurityEngine.SAML_TOKEN, new NOOpProcessor());
+        wssConfig.setProcessor(WSSecurityEngine.SAML2_TOKEN, new NOOpProcessor());
+        data.setWssConfig(wssConfig);
+        
+        data.setDecCrypto(decryptionKeyManager.getCrypto());
+        data.setCallbackHandler(new DecryptionCallbackHandler(keyPassword));
+        try {
+            List<WSSecurityEngineResult> result =
+                proc.handleToken(encryptedRST, data, docInfo);
+            if (result.size() > 0) {
+                @SuppressWarnings("unchecked")
+                List<WSDataRef> dataRefs = 
+                    (List<WSDataRef>)result.get(result.size() - 1).get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+                if (dataRefs != null && dataRefs.size() > 0) {
+                    return dataRefs.get(0).getProtectedElement();
+                }
+            }
+        } catch (WSSecurityException e) {
+            LOG.debug(e.getMessage(), e);
+            throw new ProcessingException(TYPE.TOKEN_INVALID);
+        }
+        return null;
+    }
+
+    private LifeTime processLifeTime(Element lifetimeElem) throws ProcessingException {
+        try {
+            Element createdElem = DOMUtils.getFirstChildWithName(lifetimeElem,
+                    WSConstants.WSU_NS, WSConstants.CREATED_LN);
+            DateFormat zulu = new XmlSchemaDateFormat();
+
+            Date created = zulu.parse(DOMUtils.getContent(createdElem));
+
+            Element expiresElem = DOMUtils.getFirstChildWithName(lifetimeElem,
+                    WSConstants.WSU_NS, WSConstants.EXPIRES_LN);
+            Date expires = zulu.parse(DOMUtils.getContent(expiresElem));
+
+            return new LifeTime(created, expires);
+
+        } catch (ParseException e) {
+            LOG.error("Failed to parse lifetime element in wresult: " + e.getMessage());
+            throw new ProcessingException(TYPE.BAD_REQUEST);
+        }
+    }
+
+    public class LifeTime {
+
+        private Date created;
+        private Date expires;
+
+        public LifeTime(Date created, Date expires) {
+            this.created = created;
+            this.expires = expires;
+        }
+
+        public Date getCreated() {
+            return created;
+        }
+
+        public Date getExpires() {
+            return expires;
+        }
+
+    }
+
+    @Override
+    public String createSignInRequest(HttpServletRequest request, FedizContext config)
+        throws ProcessingException {
+
+        String redirectURL = null;
+        try {
+            if (!(config.getProtocol() instanceof SAMLProtocol)) {
+                LOG.error("Unsupported protocol");
+                throw new IllegalStateException("Unsupported protocol");
+            }
+            
+            String issuerURL = resolveIssuer(request, config);
+            LOG.info("Issuer url: " + issuerURL);
+            if (issuerURL != null && issuerURL.length() > 0) {
+                redirectURL = issuerURL;
+            }
+            
+            AuthnRequestBuilder authnRequestBuilder = new DefaultAuthnRequestBuilder();
+            
+            Document doc = DOMUtils.createDocument();
+            doc.appendChild(doc.createElement("root"));
+     
+            // Create the AuthnRequest
+            AuthnRequest authnRequest = 
+                authnRequestBuilder.createAuthnRequest(
+                    "http://issuer.com", "http://issuer2.com"
+                );
+            Element authnRequestElement = OpenSAMLUtil.toDom(authnRequest, doc);
+            String authnRequestEncoded = encodeAuthnRequest(authnRequestElement);
+            
+            //SamlRequestInfo info = new SamlRequestInfo();
+            //info.setSamlRequest(authnRequestEncoded);
+            
+            String relayState = URLEncoder.encode(UUID.randomUUID().toString(), "UTF-8");
+            
+            String urlEncodedRequest = 
+                URLEncoder.encode(authnRequestEncoded, "UTF-8");
+            
+            StringBuilder sb = new StringBuilder();
+            sb.append("SAMLRequest").append('=').append(urlEncodedRequest);
+            sb.append("RelayState").append('=').append(relayState);
+            
+            /*
+            String contextCookie = createCookie(SSOConstants.RELAY_STATE,
+                                                info.getRelayState(),
+                                                info.getWebAppContext(),
+                                                info.getWebAppDomain());
+            
+            context.abortWith(Response.seeOther(ub.build())
+                           .header(HttpHeaders.CACHE_CONTROL, "no-cache, no-store")
+                           .header("Pragma", "no-cache") 
+                           .header(HttpHeaders.SET_COOKIE, contextCookie)
+                           .build());
+            */
+            
+            redirectURL = redirectURL + "?" + sb.toString();
+        } catch (Exception ex) {
+            LOG.error("Failed to create SignInRequest", ex);
+            throw new ProcessingException("Failed to create SignInRequest");
+        }        
+        return redirectURL;
+    }
+    
+    protected String encodeAuthnRequest(Element authnRequest) throws IOException {
+        String requestMessage = DOM2Writer.nodeToString(authnRequest);
+
+        byte[] deflatedBytes = CompressionUtils.deflate(requestMessage.getBytes("UTF-8"));
+
+        return Base64.encode(deflatedBytes);
+    }
+
+    @Override
+    public String createSignOutRequest(HttpServletRequest request, FedizContext config)
+        throws ProcessingException {
+
+        String redirectURL = null;
+        try {
+            if (!(config.getProtocol() instanceof FederationProtocol)) {
+                LOG.error("Unsupported protocol");
+                throw new IllegalStateException("Unsupported protocol");
+            }
+
+            String issuerURL = resolveIssuer(request, config);
+            LOG.info("Issuer url: " + issuerURL);
+            if (issuerURL != null && issuerURL.length() > 0) {
+                redirectURL = issuerURL;
+            }
+
+            StringBuilder sb = new StringBuilder();
+            sb.append(FederationConstants.PARAM_ACTION).append('=').append(FederationConstants.ACTION_SIGNOUT);
+
+            String logoutRedirectTo = config.getLogoutRedirectTo();
+            if (logoutRedirectTo != null && !logoutRedirectTo.isEmpty()) {
+
+                if (logoutRedirectTo.startsWith("/")) {
+                    logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
+                } else {
+                    logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
+                }
+
+                LOG.debug("wreply=" + logoutRedirectTo);
+
+                sb.append('&').append(FederationConstants.PARAM_REPLY).append('=');
+                sb.append(URLEncoder.encode(logoutRedirectTo, "UTF-8"));
+            }
+
+            redirectURL = redirectURL + "?" + sb.toString();
+        } catch (Exception ex) {
+            LOG.error("Failed to create SignInRequest", ex);
+            throw new ProcessingException("Failed to create SignInRequest");
+        }
+        return redirectURL;
+    }
+/*
+    private String resolveSignInQuery(HttpServletRequest request, FedizContext config)
+        throws IOException, UnsupportedCallbackException, UnsupportedEncodingException {
+        Object signInQueryObj = ((FederationProtocol)config.getProtocol()).getSignInQuery();
+        String signInQuery = null;
+        if (signInQueryObj != null) {
+            if (signInQueryObj instanceof String) {
+                signInQuery = (String)signInQueryObj;
+            } else if (signInQueryObj instanceof CallbackHandler) {
+                CallbackHandler frCB = (CallbackHandler)signInQueryObj;
+                SignInQueryCallback callback = new SignInQueryCallback(request);
+                frCB.handle(new Callback[] {callback});
+                Map<String, String> signInQueryMap = callback.getSignInQueryParamMap();
+                StringBuilder sbQuery = new StringBuilder();
+                for (String key : signInQueryMap.keySet()) {
+                    if (sbQuery.length() > 0) {
+                        sbQuery.append("&");
+                    }
+                    sbQuery.append(key).append('=').
+                    append(URLEncoder.encode(signInQueryMap.get(key), "UTF-8"));
+                }
+                signInQuery = sbQuery.toString();
+               
+            }
+        }
+        return signInQuery;
+    }
+
+    private String resolveFreshness(HttpServletRequest request, FedizContext config) throws IOException,
+        UnsupportedCallbackException {
+        Object freshnessObj = ((FederationProtocol)config.getProtocol()).getFreshness();
+        String freshness = null;
+        if (freshnessObj != null) {
+            if (freshnessObj instanceof String) {
+                freshness = (String)freshnessObj;
+            } else if (freshnessObj instanceof CallbackHandler) {
+                CallbackHandler frCB = (CallbackHandler)freshnessObj;
+                FreshnessCallback callback = new FreshnessCallback(request);
+                frCB.handle(new Callback[] {callback});
+                freshness = callback.getFreshness();
+            }
+        }
+        return freshness;
+    }
+
+    private String resolveHomeRealm(HttpServletRequest request, FedizContext config) throws IOException,
+        UnsupportedCallbackException {
+        Object homeRealmObj = ((FederationProtocol)config.getProtocol()).getHomeRealm();
+        String homeRealm = null;
+        if (homeRealmObj != null) {
+            if (homeRealmObj instanceof String) {
+                homeRealm = (String)homeRealmObj;
+            } else if (homeRealmObj instanceof CallbackHandler) {
+                CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
+                HomeRealmCallback callback = new HomeRealmCallback(request);
+                hrCB.handle(new Callback[] {callback});
+                homeRealm = callback.getHomeRealm();
+            }
+        }
+        return homeRealm;
+    }
+
+    private String resolveAuthenticationType(HttpServletRequest request, FedizContext config)
+        throws IOException, UnsupportedCallbackException {
+        Object wAuthObj = ((FederationProtocol)config.getProtocol()).getAuthenticationType();
+        String wAuth = null;
+        if (wAuthObj != null) {
+            if (wAuthObj instanceof String) {
+                wAuth = (String)wAuthObj;
+            } else if (wAuthObj instanceof CallbackHandler) {
+                CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
+                WAuthCallback callback = new WAuthCallback(request);
+                wauthCB.handle(new Callback[] {callback});
+                wAuth = callback.getWauth();
+            }  
+        }
+        return wAuth;
+    }
+    
+    private String resolveRequest(HttpServletRequest request, FedizContext config)
+        throws IOException, UnsupportedCallbackException {
+        Object wReqObj = ((FederationProtocol)config.getProtocol()).getRequest();
+        String wReq = null;
+        if (wReqObj != null) {
+            if (wReqObj instanceof String) {
+                wReq = (String)wReqObj;
+            } else if (wReqObj instanceof CallbackHandler) {
+                CallbackHandler wauthCB = (CallbackHandler)wReqObj;
+                WReqCallback callback = new WReqCallback(request);
+                wauthCB.handle(new Callback[] {callback});
+                wReq = callback.getWreq();
+            }  
+        }
+        return wReq;
+    }
+*/
+    private String resolveIssuer(HttpServletRequest request, FedizContext config) throws IOException,
+        UnsupportedCallbackException {
+        Object issuerObj = config.getProtocol().getIssuer();
+        String issuerURL = null;
+        if (issuerObj instanceof String) {
+            issuerURL = (String)issuerObj;
+        } else if (issuerObj instanceof CallbackHandler) {
+            CallbackHandler issuerCB = (CallbackHandler)issuerObj;
+            IDPCallback callback = new IDPCallback(request);
+            issuerCB.handle(new Callback[] {callback});
+            issuerURL = callback.getIssuerUrl().toString();
+        }
+        return issuerURL;
+    }
+/*
+    private String resolveWTRealm(HttpServletRequest request, FedizContext config) throws IOException,
+        UnsupportedCallbackException {
+        Object wtRealmObj = ((FederationProtocol)config.getProtocol()).getRealm();
+        String wtRealm = null;
+        if (wtRealmObj != null) {
+            if (wtRealmObj instanceof String) {
+                wtRealm = (String)wtRealmObj;
+            } else if (wtRealmObj instanceof CallbackHandler) {
+                CallbackHandler hrCB = (CallbackHandler)wtRealmObj;
+                RealmCallback callback = new RealmCallback(request);
+                hrCB.handle(new Callback[] {callback});
+                wtRealm = callback.getRealm();
+            }
+        } else {
+            wtRealm = extractFullContextPath(request); //default value
+        }
+        return wtRealm;
+    }
+
+*/
+    private String extractFullContextPath(HttpServletRequest request) throws MalformedURLException {
+        String result = null;
+        String contextPath = request.getContextPath();
+        String requestUrl = request.getRequestURL().toString();
+        String requestPath = new URL(requestUrl).getPath();
+        // Cut request path of request url and add context path if not ROOT
+        if (requestPath != null && requestPath.length() > 0) {
+            int lastIndex = requestUrl.lastIndexOf(requestPath);
+            result = requestUrl.substring(0, lastIndex);
+        } else {
+            result = requestUrl;
+        }
+        if (contextPath != null && contextPath.length() > 0) {
+            // contextPath contains starting slash
+            result = result + contextPath + "/";
+        } else {
+            result = result + "/";
+        }
+        return result;
+    }
+    
+    private static class DecryptionCallbackHandler implements CallbackHandler {
+        
+        private final String password;
+        
+        public DecryptionCallbackHandler(String password) {
+            this.password = password;
+        }
+
+        @Override
+        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+            for (int i = 0; i < callbacks.length; i++) {
+                if (callbacks[i] instanceof WSPasswordCallback) {
+                    WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                    pc.setPassword(password);
+                } else {
+                    throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
+                }
+            }
+        }
+        
+    }
+
+    private static class NOOpProcessor implements Processor {
+
+        @Override
+        public List<WSSecurityEngineResult> handleToken(Element arg0, RequestData arg1, WSDocInfo arg2)
+            throws WSSecurityException {
+            return new ArrayList<WSSecurityEngineResult>();
+        }
+        
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
index 30dcf53..b643a4e 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
@@ -29,7 +29,6 @@ import java.util.Map;
 import java.util.StringTokenizer;
 
 import org.w3c.dom.Element;
-
 import org.apache.cxf.fediz.core.Claim;
 import org.apache.cxf.fediz.core.ClaimCollection;
 import org.apache.cxf.fediz.core.ClaimTypes;
@@ -37,8 +36,8 @@ import org.apache.cxf.fediz.core.TokenValidator;
 import org.apache.cxf.fediz.core.TokenValidatorRequest;
 import org.apache.cxf.fediz.core.TokenValidatorResponse;
 import org.apache.cxf.fediz.core.config.CertificateValidationMethod;
-import org.apache.cxf.fediz.core.config.FederationContext;
-import org.apache.cxf.fediz.core.config.FederationProtocol;
+import org.apache.cxf.fediz.core.config.FedizContext;
+import org.apache.cxf.fediz.core.config.Protocol;
 import org.apache.cxf.fediz.core.config.TrustManager;
 import org.apache.cxf.fediz.core.config.TrustedIssuer;
 import org.apache.cxf.fediz.core.exception.ProcessingException;
@@ -88,7 +87,7 @@ public class SAMLTokenValidator implements TokenValidator {
     }
     
     public TokenValidatorResponse validateAndProcessToken(TokenValidatorRequest request,
-            FederationContext config) throws ProcessingException {
+            FedizContext config) throws ProcessingException {
 
         Element token = request.getToken();
         try {          
@@ -215,12 +214,12 @@ public class SAMLTokenValidator implements TokenValidator {
         }
     }
     
-    protected List<String> parseRoles(FederationContext config, List<Claim> claims) {
+    protected List<String> parseRoles(FedizContext config, List<Claim> claims) {
         List<String> roles = null;
-        FederationProtocol fp = (FederationProtocol)config.getProtocol();
-        if (fp.getRoleURI() != null) {
-            URI roleURI = URI.create(fp.getRoleURI());
-            String delim = fp.getRoleDelimiter();
+        Protocol protocol = config.getProtocol();
+        if (protocol.getRoleURI() != null) {
+            URI roleURI = URI.create(protocol.getRoleURI());
+            String delim = protocol.getRoleDelimiter();
             for (Claim c : claims) {
                 if (roleURI.equals(c.getClaimType())) {
                     Object oValue = c.getValue();

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/main/resources/schemas/FedizConfig.xsd
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/resources/schemas/FedizConfig.xsd b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
index c9e670c..72f19f2 100644
--- a/plugins/core/src/main/resources/schemas/FedizConfig.xsd
+++ b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
@@ -94,9 +94,6 @@
 			<xs:extension base="protocolType">
 				<xs:sequence>
 					<xs:element ref="realm" />
-					<xs:element ref="issuer" />
-					<xs:element ref="roleDelimiter" />
-					<xs:element ref="roleURI" />
 					<xs:element ref="authenticationType" />
 					<xs:element ref="homeRealm" />
 					<xs:element ref="freshness" />
@@ -111,6 +108,17 @@
 			</xs:extension>
 		</xs:complexContent>
 	</xs:complexType>
+	
+	<xs:complexType name="samlProtocolType">
+		<xs:complexContent>
+			<xs:extension base="protocolType">
+				<xs:sequence>
+					<xs:element ref="realm" />
+				</xs:sequence>
+				<xs:attribute name="version" use="required" type="xs:string" />
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
 
 	<xs:element name="roleDelimiter" type="xs:string" />
 	<xs:element name="roleURI" type="xs:string" />
@@ -118,8 +126,13 @@
 	<xs:element name="applicationServiceURL" type="xs:string" />
 	
 	
-
-	<xs:complexType name="protocolType" abstract="true" />
+	<xs:complexType name="protocolType" abstract="true">
+	    <xs:sequence>
+	        <xs:element ref="roleDelimiter" />
+	        <xs:element ref="roleURI" />
+	        <xs:element ref="issuer" />
+		</xs:sequence>
+	</xs:complexType>
  
 	<xs:complexType name="CallbackType">
 		<xs:simpleContent>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
index 72ac643..f67edae 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/CustomValidator.java
@@ -20,7 +20,7 @@
 package org.apache.cxf.fediz.core;
 
 import org.w3c.dom.Element;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizContext;
 
 
 public class CustomValidator implements TokenValidator {
@@ -38,7 +38,7 @@ public class CustomValidator implements TokenValidator {
     @Override
     public TokenValidatorResponse validateAndProcessToken(
         TokenValidatorRequest request, 
-        FederationContext config
+        FedizContext config
     ) {
         return new TokenValidatorResponse(null,
                                           FederationProcessorTest.TEST_USER,

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
index dd29b80..150eb08 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationMetaDataTest.java
@@ -25,13 +25,13 @@ import java.net.URL;
 import javax.xml.transform.TransformerException;
 
 import org.w3c.dom.Document;
-
 import org.apache.cxf.fediz.common.SecurityTestUtil;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
 import org.apache.cxf.fediz.core.exception.ProcessingException;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
 import org.apache.cxf.fediz.core.util.DOMUtils;
-
 import org.junit.AfterClass;
 import org.junit.Assert;
 
@@ -46,14 +46,14 @@ public class FederationMetaDataTest {
     }
     
 
-    private FederationContext loadConfig(String context) {
+    private FedizContext loadConfig(String context) {
         try {
-            FederationConfigurator configurator = new FederationConfigurator();
+            FedizConfigurator configurator = new FedizConfigurator();
             final URL resource = Thread.currentThread().getContextClassLoader()
                     .getResource(CONFIG_FILE);
             File f = new File(resource.toURI());
             configurator.loadConfig(f);
-            return configurator.getFederationContext(context);
+            return configurator.getFedizContext(context);
         } catch (Exception e) {
             e.printStackTrace();
             return null;
@@ -64,9 +64,9 @@ public class FederationMetaDataTest {
     @org.junit.Test
     public void validateMetaDataWithAlias() throws ProcessingException {
 
-        FederationContext config = loadConfig("ROOT");
+        FedizContext config = loadConfig("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         Document doc = wfProc.getMetaData(config);
         Assert.assertNotNull(doc);
         
@@ -82,9 +82,9 @@ public class FederationMetaDataTest {
     public void validateMetaDataNoAlias() throws ProcessingException {
 
         try {
-            FederationContext config = loadConfig("ROOT_NO_KEY");
+            FedizContext config = loadConfig("ROOT_NO_KEY");
 
-            FederationProcessor wfProc = new FederationProcessorImpl();
+            FedizProcessor wfProc = new FederationProcessorImpl();
             Document doc;
            
             doc = wfProc.getMetaData(config);
@@ -99,9 +99,9 @@ public class FederationMetaDataTest {
     @org.junit.Test
     public void validateMetaDataNoSigningKey() throws ProcessingException {
 
-        FederationContext config = loadConfig("ROOT_NO_SIGNINGKEY");
+        FedizContext config = loadConfig("ROOT_NO_SIGNINGKEY");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         Document doc = wfProc.getMetaData(config);
         Assert.assertNotNull(doc);
         

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
index d4b7061..80c17e6 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
@@ -33,13 +33,12 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
-
 import org.apache.cxf.fediz.common.STSUtil;
 import org.apache.cxf.fediz.common.SecurityTestUtil;
 import org.apache.cxf.fediz.core.AbstractSAMLCallbackHandler.MultiValue;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
 import org.apache.cxf.fediz.core.config.FederationProtocol;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
 import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
 import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
 import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
@@ -51,6 +50,10 @@ import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
 import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
 import org.apache.cxf.fediz.core.exception.ProcessingException;
 import org.apache.cxf.fediz.core.exception.ProcessingException.TYPE;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
+import org.apache.cxf.fediz.core.processor.FedizRequest;
+import org.apache.cxf.fediz.core.processor.FedizResponse;
 import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -83,7 +86,7 @@ public class FederationProcessorTest {
     
     private static Crypto crypto;
     private static CallbackHandler cbPasswordHandler;
-    private static FederationConfigurator configurator;
+    private static FedizConfigurator configurator;
     
     
     @BeforeClass
@@ -105,12 +108,12 @@ public class FederationProcessorTest {
     }
     
 
-    private static FederationConfigurator getFederationConfigurator() {
+    private static FedizConfigurator getFederationConfigurator() {
         if (configurator != null) {
             return configurator;
         }
         try {
-            configurator = new FederationConfigurator();
+            configurator = new FedizConfigurator();
             final URL resource = Thread.currentThread().getContextClassLoader()
                     .getResource(CONFIG_FILE);
             File f = new File(resource.toURI());
@@ -130,14 +133,14 @@ public class FederationProcessorTest {
     public void validateRSTRWithoutToken() throws Exception {
         Document doc = STSUtil.toSOAPPart(STSUtil.SAMPLE_RSTR_COLL_MSG);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(DOM2Writer.nodeToString(doc));
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             fail("Failure expected on missing security token in RSTR");
@@ -155,14 +158,14 @@ public class FederationProcessorTest {
     public void validateRequestUnknownAction() throws Exception {
         Document doc = STSUtil.toSOAPPart(STSUtil.SAMPLE_RSTR_COLL_MSG);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa("gugus");
         wfReq.setWresult(DOM2Writer.nodeToString(doc));
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             fail("Failure expected due to invalid action");
@@ -178,14 +181,14 @@ public class FederationProcessorTest {
      */
     @org.junit.Test
     public void validateSignInInvalidWResult() throws Exception {
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult("gugus");
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             fail("Failure expected due to invalid wresult");
@@ -225,15 +228,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -268,15 +271,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true, STSUtil.SAMPLE_RSTR_MSG);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -308,15 +311,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -348,15 +351,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+        FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
         Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -388,15 +391,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+        FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
         Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -427,16 +430,16 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         ((FederationProtocol)config.getProtocol()).setRoleURI(null);
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -467,15 +470,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -508,15 +511,15 @@ public class FederationProcessorTest {
         SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true, STSUtil.SAMPLE_RSTR_2005_02_MSG);
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -549,15 +552,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -590,17 +593,17 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         FederationProtocol fp = (FederationProtocol)config.getProtocol();
         fp.setRoleDelimiter(",");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -636,16 +639,16 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         
         String rstr = createSamlToken(assertion, "mystskey", true);
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         // Load and update the config to enforce an error
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         config.getTrustedIssuers().get(0).setSubject("wrong-issuer-name");        
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             Assert.fail("Processing must fail because of untrusted issuer configured");
@@ -679,15 +682,15 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         
         String rstr = createSamlToken(assertion, "mystskey", false);
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         // Load and update the config to enforce an error
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");       
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");       
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             Assert.fail("Processing must fail because of missing signature");
@@ -721,15 +724,15 @@ public class FederationProcessorTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         Assert.assertEquals("Principal name wrong", TEST_USER,
                 wfRes.getUsername());
         Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -769,16 +772,16 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         
         String rstr = createSamlToken(assertion, "mystskey", true);
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         // Load and update the config to enforce an error
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT2");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT2");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -810,16 +813,16 @@ public class FederationProcessorTest {
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
         
         String rstr = createSamlToken(assertion, "mystskey", true);
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         // Load and update the config to enforce an error
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT3");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT3");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -856,14 +859,14 @@ public class FederationProcessorTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
 
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             fail("Failure expected on expired SAML token");
@@ -903,16 +906,16 @@ public class FederationProcessorTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         config.setMaximumClockSkew(BigInteger.valueOf(60));
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -944,20 +947,20 @@ public class FederationProcessorTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("CUSTTOK");
+        FedizContext config = getFederationConfigurator().getFedizContext("CUSTTOK");
         FederationProtocol fp = (FederationProtocol)config.getProtocol();
         List<TokenValidator> validators = fp.getTokenValidators();
         Assert.assertEquals("Two validators must be found", 2, validators.size());
         Assert.assertEquals("First validator must be custom validator",
                             CustomValidator.class.getName(), validators.get(0).getClass().getName());
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -987,15 +990,15 @@ public class FederationProcessorTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("NOCLOCKSKEW");
+        FedizContext config = getFederationConfigurator().getFedizContext("NOCLOCKSKEW");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -1028,16 +1031,16 @@ public class FederationProcessorTest {
         
         String rstr = encryptAndSignToken(assertion);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = 
-            getFederationConfigurator().getFederationContext("ROOT_DECRYPTION");
+        FedizContext config = 
+            getFederationConfigurator().getFedizContext("ROOT_DECRYPTION");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -1095,15 +1098,15 @@ public class FederationProcessorTest {
                                
         String rstr = DOM2Writer.nodeToString(doc);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = 
-            getFederationConfigurator().getFederationContext("ROOT_DECRYPTION");
+        FedizContext config = 
+            getFederationConfigurator().getFedizContext("ROOT_DECRYPTION");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
+        FedizProcessor wfProc = new FederationProcessorImpl();
         try {
             wfProc.processRequest(wfReq, config);
             fail("Failure expected on missing client certs");
@@ -1152,7 +1155,7 @@ public class FederationProcessorTest {
 
         protocol.setRoleURI("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
 
-        FederationContext fedContext = new FederationContext(config);
+        FedizContext fedContext = new FedizContext(config);
         fedContext.init();
         
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
@@ -1172,12 +1175,12 @@ public class FederationProcessorTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true, STSUtil.SAMPLE_RSTR_MSG);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
                 
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, fedContext);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, fedContext);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
index 9349057..8c6d8e5 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/SAMLTokenValidatorOldTest.java
@@ -33,8 +33,12 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.apache.cxf.fediz.common.STSUtil;
 import org.apache.cxf.fediz.common.SecurityTestUtil;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
+import org.apache.cxf.fediz.core.processor.FedizRequest;
+import org.apache.cxf.fediz.core.processor.FedizResponse;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
@@ -62,7 +66,7 @@ public class SAMLTokenValidatorOldTest {
     
     private static Crypto crypto;
     private static CallbackHandler cbPasswordHandler;
-    private static FederationConfigurator configurator;
+    private static FedizConfigurator configurator;
     
     
     @BeforeClass
@@ -84,12 +88,12 @@ public class SAMLTokenValidatorOldTest {
     }
     
 
-    private static FederationConfigurator getFederationConfigurator() {
+    private static FedizConfigurator getFederationConfigurator() {
         if (configurator != null) {
             return configurator;
         }
         try {
-            configurator = new FederationConfigurator();
+            configurator = new FedizConfigurator();
             final URL resource = Thread.currentThread().getContextClassLoader()
                     .getResource(CONFIG_FILE);
             File f = new File(resource.toURI());
@@ -128,15 +132,15 @@ public class SAMLTokenValidatorOldTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());
@@ -175,15 +179,15 @@ public class SAMLTokenValidatorOldTest {
 
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+        FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
         Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -218,15 +222,15 @@ public class SAMLTokenValidatorOldTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("CUSTOMROLEURI");
+        FedizContext config = getFederationConfigurator().getFedizContext("CUSTOMROLEURI");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER, wfRes.getUsername());
         Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
@@ -262,15 +266,15 @@ public class SAMLTokenValidatorOldTest {
         
         String rstr = createSamlToken(assertion, "mystskey", true);
         
-        FederationRequest wfReq = new FederationRequest();
+        FedizRequest wfReq = new FedizRequest();
         wfReq.setWa(FederationConstants.ACTION_SIGNIN);
         wfReq.setWresult(rstr);
         
         configurator = null;
-        FederationContext config = getFederationConfigurator().getFederationContext("ROOT");
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         
-        FederationProcessor wfProc = new FederationProcessorImpl();
-        FederationResponse wfRes = wfProc.processRequest(wfReq, config);
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
         
         Assert.assertEquals("Principal name wrong", TEST_USER,
                             wfRes.getUsername());

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
index 05b6e0e..382c953 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
@@ -217,10 +217,10 @@ public class CallbackHandlerTest {
         jaxbContext.createMarshaller().marshal(configOut, writer);
         StringReader reader = new StringReader(writer.toString());
         
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         configurator.loadConfig(reader);
         
-        FederationContext ctx = configurator.getFederationContext(CONFIG_NAME);
+        FedizContext ctx = configurator.getFedizContext(CONFIG_NAME);
         
         FederationProtocol fp = (FederationProtocol)ctx.getProtocol();
         
@@ -285,10 +285,10 @@ public class CallbackHandlerTest {
         jaxbContext.createMarshaller().marshal(configOut, writer);
         StringReader reader = new StringReader(writer.toString());
         
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         configurator.loadConfig(reader);
         
-        FederationContext ctx = configurator.getFederationContext(CONFIG_NAME);
+        FedizContext ctx = configurator.getFedizContext(CONFIG_NAME);
         
         FederationProtocol fp = (FederationProtocol)ctx.getProtocol();
         

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
index eb0bb7e..6e4fc61 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
@@ -231,7 +231,7 @@ public class FedizConfigurationTest {
         jaxbContext.createMarshaller().marshal(configOut, writer);
         StringReader reader = new StringReader(writer.toString());
         
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         configurator.loadConfig(reader);
 
         File f = new File(CONFIG_FILE);
@@ -239,7 +239,7 @@ public class FedizConfigurationTest {
 
         configurator.saveConfiguration(f);
         
-        configurator = new FederationConfigurator();
+        configurator = new FedizConfigurator();
         f = new File(CONFIG_FILE);
         configurator.loadConfig(f);
     }
@@ -250,7 +250,7 @@ public class FedizConfigurationTest {
         final JAXBContext jaxbContext = JAXBContext
                 .newInstance(FedizConfig.class);
 
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         FedizConfig configOut = createConfiguration();
         StringWriter writer = new StringWriter();
         jaxbContext.createMarshaller().marshal(configOut, writer);
@@ -302,10 +302,10 @@ public class FedizConfigurationTest {
         jaxbContext.createMarshaller().marshal(config, writer);
         StringReader reader = new StringReader(writer.toString());
         
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         configurator.loadConfig(reader);
 
-        FederationContext fedContext = configurator.getFederationContext(CONFIG_NAME);
+        FedizContext fedContext = configurator.getFedizContext(CONFIG_NAME);
         Assert.assertNotNull(fedContext);
         
         return fedContext.getTokenReplayCache();

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
index e68c0e9..7a7f604 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
@@ -216,7 +216,7 @@ public class FedizConfigurationWriterTest {
         final JAXBContext jaxbContext = JAXBContext
                 .newInstance(FedizConfig.class);
 
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         FedizConfig configOut = createConfiguration();
         StringWriter writer = new StringWriter();
         jaxbContext.createMarshaller().marshal(configOut, writer);
@@ -228,7 +228,7 @@ public class FedizConfigurationWriterTest {
 
         configurator.saveConfiguration(f);
         
-        configurator = new FederationConfigurator();
+        configurator = new FedizConfigurator();
         f = new File(CONFIG_FILE);
         configurator.loadConfig(f);
     }
@@ -243,7 +243,7 @@ public class FedizConfigurationWriterTest {
          * Test JAXB part
          */
 
-        FederationConfigurator configurator = new FederationConfigurator();
+        FedizConfigurator configurator = new FedizConfigurator();
         FedizConfig configOut = createConfiguration();
         StringWriter writer = new StringWriter();
         jaxbContext.createMarshaller().marshal(configOut, writer);
@@ -263,7 +263,7 @@ public class FedizConfigurationWriterTest {
         /**
          * Check Runtime configuration
          */
-        FederationContext fedContext = configurator.getFederationContext(CONFIG_NAME);
+        FedizContext fedContext = configurator.getFedizContext(CONFIG_NAME);
         Protocol protocol = fedContext.getProtocol();
         Assert.assertTrue(protocol instanceof FederationProtocol);
         FederationProtocol fedProtocol = (FederationProtocol) protocol;

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
----------------------------------------------------------------------
diff --git a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
index 24bdddb..635d375 100644
--- a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
+++ b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationAuthenticator.java
@@ -34,13 +34,13 @@ import javax.servlet.http.HttpSession;
 import javax.xml.bind.JAXBException;
 
 import org.apache.cxf.fediz.core.FederationConstants;
-import org.apache.cxf.fediz.core.FederationProcessor;
-import org.apache.cxf.fediz.core.FederationProcessorImpl;
-import org.apache.cxf.fediz.core.FederationRequest;
-import org.apache.cxf.fediz.core.FederationResponse;
-import org.apache.cxf.fediz.core.config.FederationConfigurator;
-import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.FedizConfigurator;
+import org.apache.cxf.fediz.core.config.FedizContext;
 import org.apache.cxf.fediz.core.exception.ProcessingException;
+import org.apache.cxf.fediz.core.processor.FederationProcessorImpl;
+import org.apache.cxf.fediz.core.processor.FedizProcessor;
+import org.apache.cxf.fediz.core.processor.FedizRequest;
+import org.apache.cxf.fediz.core.processor.FedizResponse;
 import org.eclipse.jetty.http.HttpMethods;
 import org.eclipse.jetty.http.MimeTypes;
 import org.eclipse.jetty.security.ServerAuthException;
@@ -83,7 +83,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
     private static final String SECURITY_TOKEN_ATTR = "org.apache.fediz.SECURITY_TOKEN";
        
     private String configFile;
-    private FederationConfigurator configurator;
+    private FedizConfigurator configurator;
     private String encoding = "UTF-8";
 
     public FederationAuthenticator() {
@@ -106,7 +106,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
                     f = new File(jettyHome.concat(File.separator + getConfigFile()));
                 }
             }
-            configurator = new FederationConfigurator();
+            configurator = new FedizConfigurator();
             configurator.loadConfig(f);
             LOG.debug("Fediz configuration read from " + f.getAbsolutePath());
         } catch (JAXBException e) {
@@ -170,7 +170,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
             // Handle a request for authentication.
             if (wa != null) {
 
-                FederationResponse wfRes = null;
+                FedizResponse wfRes = null;
                 if (wa.equals(FederationConstants.ACTION_SIGNIN)) {
                     if (LOG.isDebugEnabled()) {
                         LOG.debug("SignIn request found");
@@ -184,7 +184,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
                         return Authentication.SEND_FAILURE;
                     } else {
                         
-                        FederationRequest wfReq = new FederationRequest();
+                        FedizRequest wfReq = new FedizRequest();
                         wfReq.setWa(wa);
                         wfReq.setWresult(wresult);
                         
@@ -198,7 +198,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
                         if (contextName == null || contextName.isEmpty()) {
                             contextName = "/";
                         }
-                        FederationContext fedConfig = getContextConfiguration(contextName);
+                        FedizContext fedConfig = getContextConfiguration(contextName);
                         
                         FederationLoginService fedLoginService = (FederationLoginService)this._loginService;
                         UserIdentity user = fedLoginService.login(null, wfReq, fedConfig);
@@ -287,13 +287,13 @@ public class FederationAuthenticator extends LoginAuthenticator {
                     if (contextName == null || contextName.isEmpty()) {
                         contextName = "/";
                     }
-                    FederationContext fedConfig = getContextConfiguration(contextName);
+                    FedizContext fedConfig = getContextConfiguration(contextName);
 
                     String logoutUrl = fedConfig.getLogoutURL();
                     if (logoutUrl != null && !logoutUrl.isEmpty() && uri.equals(contextName + logoutUrl)) {
                         session.invalidate();
 
-                        FederationProcessor wfProc = new FederationProcessorImpl();
+                        FedizProcessor wfProc = new FederationProcessorImpl();
                         signOutRedirectToIssuer(request, response, wfProc);
 
                         return Authentication.SEND_CONTINUE;
@@ -359,7 +359,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
                 }
             }
             
-            FederationProcessor wfProc = new FederationProcessorImpl();
+            FedizProcessor wfProc = new FederationProcessorImpl();
             signInRedirectToIssuer(request, response, wfProc);
 
             return Authentication.SEND_CONTINUE;
@@ -394,7 +394,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
      *             {@link HttpServletResponse#sendError(int, String)} throws an
      *             {@link IOException}
      */
-    protected void signInRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FederationProcessor processor)
+    protected void signInRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FedizProcessor processor)
         throws IOException {
 
         //Not supported in jetty 7.6
@@ -403,7 +403,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
         if (contextName == null || contextName.isEmpty()) {
             contextName = "/";
         }
-        FederationContext fedCtx = this.configurator.getFederationContext(contextName);
+        FedizContext fedCtx = this.configurator.getFedizContext(contextName);
         String redirectURL = null;
         try {
             redirectURL = processor.createSignInRequest(request, fedCtx);
@@ -422,7 +422,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
         
     }
 
-    protected void signOutRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FederationProcessor processor)
+    protected void signOutRedirectToIssuer(HttpServletRequest request, HttpServletResponse response, FedizProcessor processor)
             throws IOException {
 
         //Not supported in jetty 7.6
@@ -431,7 +431,7 @@ public class FederationAuthenticator extends LoginAuthenticator {
         if (contextName == null || contextName.isEmpty()) {
             contextName = "/";
         }
-        FederationContext fedCtx = this.configurator.getFederationContext(contextName);
+        FedizContext fedCtx = this.configurator.getFedizContext(contextName);
         String redirectURL = null;
         try {
             redirectURL = processor.createSignOutRequest(request, fedCtx);
@@ -449,11 +449,11 @@ public class FederationAuthenticator extends LoginAuthenticator {
         }
     }
     
-    private FederationContext getContextConfiguration(String contextName) {
+    private FedizContext getContextConfiguration(String contextName) {
         if (configurator == null) {
             throw new IllegalStateException("No Fediz configuration available");
         }
-        FederationContext config = configurator.getFederationContext(contextName);
+        FedizContext config = configurator.getFedizContext(contextName);
         if (config == null) {
             throw new IllegalStateException("No Fediz configuration for context :" + contextName);
         }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/08af52b6/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
----------------------------------------------------------------------
diff --git a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
index 18110cf..c1c53c8 100644
--- a/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
+++ b/plugins/jetty/src/main/java/org/apache/cxf/fediz/jetty/FederationIdentityService.java
@@ -80,7 +80,7 @@ public class FederationIdentityService implements IdentityService {
         
         try {
             FederationUserPrincipal fup = (FederationUserPrincipal)userPrincipal;
-            return new FederationUserIdentity(subject, userPrincipal, roles, fup.getFederationResponse());
+            return new FederationUserIdentity(subject, userPrincipal, roles, fup.getFedizResponse());
         } catch (ClassCastException ex) {
             LOG.warn("Principal must be instance of FederationUserPrincipal");
             throw new IllegalStateException("Principal must be instance of FederationUserPrincipal");


Mime
View raw message