cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/4] cxf git commit: Adding a new cxf-rt-security-saml module to remove OpenSAML dependencies from cxf-rt-security
Date Mon, 13 Apr 2015 12:04:50 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 71e9ada9b -> c04c27200


http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SAMLClaimsTest.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SAMLClaimsTest.java b/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SAMLClaimsTest.java
deleted file mode 100644
index 7238deb..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SAMLClaimsTest.java
+++ /dev/null
@@ -1,212 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rt.security.saml;
-
-import java.net.URI;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
-
-import org.w3c.dom.Document;
-import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.rt.security.claims.Claim;
-import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.claims.SAMLClaim;
-import org.apache.wss4j.common.saml.SAMLCallback;
-import org.apache.wss4j.common.saml.SAMLUtil;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-import org.apache.wss4j.common.saml.bean.AttributeBean;
-import org.apache.wss4j.common.saml.builder.SAML2Constants;
-import org.junit.Assert;
-
-public class SAMLClaimsTest extends Assert {
-
-    @org.junit.Test
-    public void testSAML2Claims() throws Exception {
-        AttributeBean attributeBean = new AttributeBean();
-        attributeBean.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
-        attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        attributeBean.addAttributeValue("employee");
-        
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
-        samlCallbackHandler.setAttributes(Collections.singletonList(attributeBean));
-        
-        // Create the SAML Assertion via the CallbackHandler
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        
-        Document doc = DOMUtils.newDocument();
-        samlAssertion.toDOM(doc);
-        
-        ClaimCollection claims = SAMLUtils.getClaims(samlAssertion);
-        assertEquals(claims.getDialect().toString(),
-                "http://schemas.xmlsoap.org/ws/2005/05/identity");
-        assertEquals(1, claims.size());
-        
-        // Check Claim values
-        Claim claim = claims.get(0);
-        assertEquals(claim.getClaimType(), URI.create(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT));
-        assertEquals(1, claim.getValues().size());
-        assertTrue(claim.getValues().contains("employee"));
-        
-        // Check SAMLClaim values
-        assertTrue(claim instanceof SAMLClaim);
-        assertEquals(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, ((SAMLClaim)claim).getName());
-        assertEquals(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED, ((SAMLClaim)claim).getNameFormat());
-        
-        // Check roles
-        Set<Principal> roles = 
-                SAMLUtils.parseRolesFromClaims(claims, 
-                        SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, 
-                        SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        assertEquals(1, roles.size());
-        Principal p = roles.iterator().next();
-        assertEquals("employee", p.getName());
-    }
-    
-    @org.junit.Test
-    public void testSAML2MultipleRoles() throws Exception {
-        AttributeBean attributeBean = new AttributeBean();
-        attributeBean.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
-        attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        attributeBean.addAttributeValue("employee");
-        attributeBean.addAttributeValue("boss");
-        
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
-        samlCallbackHandler.setAttributes(Collections.singletonList(attributeBean));
-        
-        // Create the SAML Assertion via the CallbackHandler
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        
-        Document doc = DOMUtils.newDocument();
-        samlAssertion.toDOM(doc);
-        
-        ClaimCollection claims = SAMLUtils.getClaims(samlAssertion);
-        assertEquals(claims.getDialect().toString(),
-                "http://schemas.xmlsoap.org/ws/2005/05/identity");
-        assertEquals(1, claims.size());
-        
-        // Check Claim values
-        Claim claim = claims.get(0);
-        assertEquals(claim.getClaimType(), URI.create(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT));
-        assertEquals(2, claim.getValues().size());
-        assertTrue(claim.getValues().contains("employee"));
-        assertTrue(claim.getValues().contains("boss"));
-        
-        // Check SAMLClaim values
-        assertTrue(claim instanceof SAMLClaim);
-        assertEquals(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, ((SAMLClaim)claim).getName());
-        assertEquals(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED, ((SAMLClaim)claim).getNameFormat());
-        
-        // Check roles
-        Set<Principal> roles = 
-                SAMLUtils.parseRolesFromClaims(claims, 
-                        SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, 
-                        SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        assertEquals(2, roles.size());
-    }
-    
-    @org.junit.Test
-    public void testSAML2MultipleClaims() throws Exception {
-        AttributeBean attributeBean = new AttributeBean();
-        attributeBean.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
-        attributeBean.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        attributeBean.addAttributeValue("employee");
-        
-        AttributeBean attributeBean2 = new AttributeBean();
-        attributeBean2.setQualifiedName(
-                "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname");
-        attributeBean2.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        attributeBean2.addAttributeValue("smith");
-        
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
-        List<AttributeBean> attributes = new ArrayList<AttributeBean>();
-        attributes.add(attributeBean);
-        attributes.add(attributeBean2);
-        samlCallbackHandler.setAttributes(attributes);
-        
-        // Create the SAML Assertion via the CallbackHandler
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        
-        Document doc = DOMUtils.newDocument();
-        samlAssertion.toDOM(doc);
-        
-        ClaimCollection claims = SAMLUtils.getClaims(samlAssertion);
-        assertEquals(claims.getDialect().toString(),
-                "http://schemas.xmlsoap.org/ws/2005/05/identity");
-        assertEquals(2, claims.size());
-        
-        // Check roles
-        Set<Principal> roles = 
-                SAMLUtils.parseRolesFromClaims(claims, 
-                        SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT, 
-                        SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-        assertEquals(1, roles.size());
-        Principal p = roles.iterator().next();
-        assertEquals("employee", p.getName());
-    }
-    
-    @org.junit.Test
-    public void testSAML1Claims() throws Exception {
-        AttributeBean attributeBean = new AttributeBean();
-        attributeBean.setSimpleName("role");
-        attributeBean.setQualifiedName("http://schemas.xmlsoap.org/ws/2005/05/identity/claims");
-        attributeBean.addAttributeValue("employee");
-        
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(false);
-        samlCallbackHandler.setAttributes(Collections.singletonList(attributeBean));
-        
-        // Create the SAML Assertion via the CallbackHandler
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        
-        Document doc = DOMUtils.newDocument();
-        samlAssertion.toDOM(doc);
-        
-        ClaimCollection claims = SAMLUtils.getClaims(samlAssertion);
-        assertEquals(claims.getDialect().toString(),
-                "http://schemas.xmlsoap.org/ws/2005/05/identity");
-        assertEquals(1, claims.size());
-        
-        // Check Claim values
-        Claim claim = claims.get(0);
-        assertEquals(claim.getClaimType(), URI.create(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT));
-        assertEquals(1, claim.getValues().size());
-        assertTrue(claim.getValues().contains("employee"));
-        
-        // Check SAMLClaim values
-        assertTrue(claim instanceof SAMLClaim);
-        assertEquals("role", ((SAMLClaim)claim).getName());
-        
-        // Check roles
-        Set<Principal> roles = SAMLUtils.parseRolesFromClaims(claims, "role", null);
-        assertEquals(1, roles.size());
-        Principal p = roles.iterator().next();
-        assertEquals("employee", p.getName());
-        
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SamlCallbackHandler.java b/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SamlCallbackHandler.java
deleted file mode 100644
index 6703ac5..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/saml/SamlCallbackHandler.java
+++ /dev/null
@@ -1,99 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rt.security.saml;
-
-import java.io.IOException;
-import java.util.Collections;
-import java.util.List;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.apache.wss4j.common.saml.SAMLCallback;
-import org.apache.wss4j.common.saml.bean.AttributeBean;
-import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
-import org.apache.wss4j.common.saml.bean.SubjectBean;
-import org.apache.wss4j.common.saml.bean.Version;
-import org.apache.wss4j.common.saml.builder.SAML1Constants;
-import org.apache.wss4j.common.saml.builder.SAML2Constants;
-
-/**
- * A CallbackHandler instance to mock up a SAML Attribute Assertion.
- */
-public class SamlCallbackHandler implements CallbackHandler {
-    private boolean saml2 = true;
-    private String confirmationMethod = SAML2Constants.CONF_BEARER;
-    private List<AttributeBean> attributes;
-    
-    public SamlCallbackHandler() {
-        //
-    }
-    
-    public SamlCallbackHandler(boolean saml2) {
-        this.saml2 = saml2;
-    }
-    
-    public void setConfirmationMethod(String confirmationMethod) {
-        this.confirmationMethod = confirmationMethod;
-    }
-    
-    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
-        for (int i = 0; i < callbacks.length; i++) {
-            if (callbacks[i] instanceof SAMLCallback) {
-                SAMLCallback callback = (SAMLCallback) callbacks[i];
-                if (saml2) {
-                    callback.setSamlVersion(Version.SAML_20);
-                } else {
-                    callback.setSamlVersion(Version.SAML_11);
-                }
-
-                callback.setIssuer("sts");
-                String subjectName = "uid=sts-client,o=mock-sts.com";
-                String subjectQualifier = "www.mock-sts.com";
-                if (!saml2 && SAML2Constants.CONF_SENDER_VOUCHES.equals(confirmationMethod)) {
-                    confirmationMethod = SAML1Constants.CONF_SENDER_VOUCHES;
-                }
-                SubjectBean subjectBean = 
-                    new SubjectBean(
-                        subjectName, subjectQualifier, confirmationMethod
-                    );
-                callback.setSubject(subjectBean);
-                
-                if (attributes != null) {
-                    AttributeStatementBean attrBean = new AttributeStatementBean();
-                    attrBean.setSubject(subjectBean);
-                    attrBean.setSamlAttributes(attributes);
-                    callback.setAttributeStatementData(Collections.singletonList(attrBean));
-                }
-                
-            }
-        }
-    }
-
-    public List<AttributeBean> getAttributes() {
-        return attributes;
-    }
-
-    public void setAttributes(List<AttributeBean> attributes) {
-        this.attributes = attributes;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/DummyPDP.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/DummyPDP.java b/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/DummyPDP.java
deleted file mode 100644
index 45222b3..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/DummyPDP.java
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rt.security.xacml;
-
-import java.util.List;
-
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMResult;
-import javax.xml.transform.dom.DOMSource;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.rt.security.xacml.pdp.api.PolicyDecisionPoint;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.saml.OpenSAMLUtil;
-import org.opensaml.core.xml.XMLObjectBuilderFactory;
-import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
-import org.opensaml.xacml.XACMLObjectBuilder;
-import org.opensaml.xacml.ctx.AttributeType;
-import org.opensaml.xacml.ctx.DecisionType;
-import org.opensaml.xacml.ctx.DecisionType.DECISION;
-import org.opensaml.xacml.ctx.RequestType;
-import org.opensaml.xacml.ctx.ResponseType;
-import org.opensaml.xacml.ctx.ResultType;
-import org.opensaml.xacml.ctx.StatusCodeType;
-import org.opensaml.xacml.ctx.StatusType;
-import org.opensaml.xacml.ctx.SubjectType;
-
-/**
- * A test implementation of AbstractXACMLAuthorizingInterceptor. It just mocks up a Response
- * object based on the role of the Subject. If the role is "manager" then it permits the
- * request, otherwise it denies it.
- */
-public class DummyPDP implements PolicyDecisionPoint {
-
-    public Source evaluate(Source requestSource) {
-        RequestType request = requestSourceToRequestType(requestSource); 
-        String role = getSubjectRole(request);
-        DECISION decision = "manager".equals(role) ? DecisionType.DECISION.Permit : DecisionType.DECISION.Deny;        
-        ResponseType response = createResponse(decision);
-        return responseType2Source(response);
-    }
-    
-    private RequestType requestSourceToRequestType(Source requestSource) {
-        try {
-            Transformer trans = TransformerFactory.newInstance().newTransformer();
-            DOMResult res = new DOMResult();
-            trans.transform(requestSource, res);
-            Node nd = res.getNode();
-            if (nd instanceof Document) {
-                nd = ((Document)nd).getDocumentElement();
-            }
-            return (RequestType)OpenSAMLUtil.fromDom((Element)nd);
-        } catch (Exception e) {
-            throw new RuntimeException("Error converting pdp response to ResponseType", e);
-        }
-    }
-    
-    private Source responseType2Source(ResponseType response) {
-        Document doc = DOMUtils.createDocument();
-        Element responseElement;
-        try {
-            responseElement = OpenSAMLUtil.toDom(response, doc);
-        } catch (WSSecurityException e) {
-            throw new RuntimeException("Error converting PDP RequestType to Dom", e);
-        }
-        return new DOMSource(responseElement);
-    }
-
-    private ResponseType createResponse(DECISION decision) {
-        XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
-        
-        @SuppressWarnings("unchecked")
-        XACMLObjectBuilder<ResponseType> responseTypeBuilder = 
-            (XACMLObjectBuilder<ResponseType>)
-            builderFactory.getBuilder(ResponseType.DEFAULT_ELEMENT_NAME);
-        
-        @SuppressWarnings("unchecked")
-        XACMLObjectBuilder<ResultType> resultTypeBuilder = 
-            (XACMLObjectBuilder<ResultType>)
-            builderFactory.getBuilder(ResultType.DEFAULT_ELEMENT_NAME);
-        
-        @SuppressWarnings("unchecked")
-        XACMLObjectBuilder<DecisionType> decisionTypeBuilder =
-            (XACMLObjectBuilder<DecisionType>)
-            builderFactory.getBuilder(DecisionType.DEFAULT_ELEMENT_NAME);
-        
-        @SuppressWarnings("unchecked")
-        XACMLObjectBuilder<StatusType> statusTypeBuilder = 
-            (XACMLObjectBuilder<StatusType>)
-            builderFactory.getBuilder(StatusType.DEFAULT_ELEMENT_NAME);
-        
-        @SuppressWarnings("unchecked")
-        XACMLObjectBuilder<StatusCodeType> statusCodeTypeBuilder =
-            (XACMLObjectBuilder<StatusCodeType>)
-            builderFactory.getBuilder(StatusCodeType.DEFAULT_ELEMENT_NAME);
-            
-        ResultType result = resultTypeBuilder.buildObject();
-
-        DecisionType decisionType = decisionTypeBuilder.buildObject();
-        decisionType.setDecision(decision);
-        result.setDecision(decisionType);
-        
-        StatusType status = statusTypeBuilder.buildObject();
-        StatusCodeType statusCode = statusCodeTypeBuilder.buildObject();
-        statusCode.setValue("urn:oasis:names:tc:xacml:1.0:status:ok");
-        status.setStatusCode(statusCode);
-        result.setStatus(status);
-        
-        ResponseType response = responseTypeBuilder.buildObject();
-        response.getResults().add(result);
-        return response;
-    }
-
-    private String getSubjectRole(RequestType request) {
-        List<SubjectType> subjects = request.getSubjects();
-        if (subjects != null) {
-            for (SubjectType subject : subjects) {
-                List<AttributeType> attributes = subject.getAttributes();
-                if (attributes != null) {
-                    for (AttributeType attribute : attributes) {
-                        if (XACMLConstants.SUBJECT_ROLE.equals(attribute.getAttributeId())) {
-                            return attribute.getAttributeValues().get(0).getValue();
-                        }
-                    }
-                }
-            }
-        }
-        return null;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/RequestComponentBuilderTest.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/RequestComponentBuilderTest.java b/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/RequestComponentBuilderTest.java
deleted file mode 100644
index 1b4c84b..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/RequestComponentBuilderTest.java
+++ /dev/null
@@ -1,222 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rt.security.xacml;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import org.apache.wss4j.common.saml.OpenSAMLUtil;
-import org.joda.time.DateTime;
-import org.opensaml.xacml.ctx.ActionType;
-import org.opensaml.xacml.ctx.AttributeType;
-import org.opensaml.xacml.ctx.AttributeValueType;
-import org.opensaml.xacml.ctx.EnvironmentType;
-import org.opensaml.xacml.ctx.RequestType;
-import org.opensaml.xacml.ctx.ResourceType;
-import org.opensaml.xacml.ctx.SubjectType;
-
-
-/**
- * Some unit tests to create a XACML Request using the RequestComponentBuilder.
- */
-public class RequestComponentBuilderTest extends org.junit.Assert {
-    
-    private DocumentBuilder docBuilder;
-    static {
-        OpenSAMLUtil.initSamlEngine();
-    }
-    
-    public RequestComponentBuilderTest() throws ParserConfigurationException {
-        DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
-        docBuilderFactory.setNamespaceAware(true);
-        docBuilder = docBuilderFactory.newDocumentBuilder();
-    }
-
-    @org.junit.Test
-    public void testCreateXACMLRequest() throws Exception {
-        Document doc = docBuilder.newDocument();
-        
-        // Subject
-        AttributeValueType subjectIdAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "alice-user@apache.org"
-            );
-        AttributeType subjectIdAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.SUBJECT_ID,
-                    XACMLConstants.RFC_822_NAME,
-                    null,
-                    Collections.singletonList(subjectIdAttributeValue)
-            );
-        
-        AttributeValueType subjectGroupAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "manager"
-            );
-        AttributeType subjectGroupAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.SUBJECT_ROLE,
-                    XACMLConstants.XS_ANY_URI,
-                    "admin-user@apache.org",
-                    Collections.singletonList(subjectGroupAttributeValue)
-            );
-        List<AttributeType> attributes = new ArrayList<AttributeType>();
-        attributes.add(subjectIdAttribute);
-        attributes.add(subjectGroupAttribute);
-        SubjectType subject = RequestComponentBuilder.createSubjectType(attributes, null);
-        
-        // Resource
-        AttributeValueType resourceAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "{http://www.example.org/contract/DoubleIt}DoubleIt"
-            );
-        AttributeType resourceAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.RESOURCE_ID,
-                    XACMLConstants.XS_STRING,
-                    null,
-                    Collections.singletonList(resourceAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(resourceAttribute);
-        ResourceType resource = RequestComponentBuilder.createResourceType(attributes, null);
-        
-        // Action
-        AttributeValueType actionAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "execute"
-            );
-        AttributeType actionAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.ACTION_ID,
-                    XACMLConstants.XS_STRING,
-                    null,
-                    Collections.singletonList(actionAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(actionAttribute);
-        ActionType action = RequestComponentBuilder.createActionType(attributes);
-        
-        // Request
-        RequestType request = 
-            RequestComponentBuilder.createRequestType(
-                    Collections.singletonList(subject), 
-                    Collections.singletonList(resource), 
-                    action, 
-                    null
-            );
-        
-        Element policyElement = OpenSAMLUtil.toDom(request, doc);
-        // String outputString = DOM2Writer.nodeToString(policyElement);
-        assertNotNull(policyElement);
-    }
-    
-    @org.junit.Test
-    public void testEnvironment() throws Exception {
-        Document doc = docBuilder.newDocument();
-        
-        // Subject
-        AttributeValueType subjectIdAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "alice-user@apache.org"
-            );
-        AttributeType subjectIdAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.SUBJECT_ID,
-                    XACMLConstants.RFC_822_NAME,
-                    null,
-                    Collections.singletonList(subjectIdAttributeValue)
-            );
-        
-        List<AttributeType> attributes = new ArrayList<AttributeType>();
-        attributes.add(subjectIdAttribute);
-        SubjectType subject = RequestComponentBuilder.createSubjectType(attributes, null);
-        
-        // Resource
-        AttributeValueType resourceAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "{http://www.example.org/contract/DoubleIt}DoubleIt"
-            );
-        AttributeType resourceAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.RESOURCE_ID,
-                    XACMLConstants.XS_STRING,
-                    null,
-                    Collections.singletonList(resourceAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(resourceAttribute);
-        ResourceType resource = RequestComponentBuilder.createResourceType(attributes, null);
-        
-        // Action
-        AttributeValueType actionAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "execute"
-            );
-        AttributeType actionAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.ACTION_ID,
-                    XACMLConstants.XS_STRING,
-                    null,
-                    Collections.singletonList(actionAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(actionAttribute);
-        ActionType action = RequestComponentBuilder.createActionType(attributes);
-        
-        // Environment
-        DateTime dateTime = new DateTime();
-        AttributeValueType environmentAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(dateTime.toString());
-        AttributeType environmentAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.CURRENT_DATETIME,
-                    XACMLConstants.XS_DATETIME,
-                    null,
-                    Collections.singletonList(environmentAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(environmentAttribute);
-        EnvironmentType environmentType = 
-             RequestComponentBuilder.createEnvironmentType(attributes);
-        
-        // Request
-        RequestType request = 
-            RequestComponentBuilder.createRequestType(
-                    Collections.singletonList(subject), 
-                    Collections.singletonList(resource), 
-                    action, 
-                    environmentType
-            );
-        
-        Element policyElement = OpenSAMLUtil.toDom(request, doc);
-        // String outputString = DOM2Writer.nodeToString(policyElement);
-        assertNotNull(policyElement);
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/SamlRequestComponentBuilderTest.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/SamlRequestComponentBuilderTest.java b/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/SamlRequestComponentBuilderTest.java
deleted file mode 100644
index be485f3..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/SamlRequestComponentBuilderTest.java
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rt.security.xacml;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import org.apache.wss4j.common.saml.OpenSAMLUtil;
-import org.opensaml.xacml.ctx.ActionType;
-import org.opensaml.xacml.ctx.AttributeType;
-import org.opensaml.xacml.ctx.AttributeValueType;
-import org.opensaml.xacml.ctx.RequestType;
-import org.opensaml.xacml.ctx.ResourceType;
-import org.opensaml.xacml.ctx.SubjectType;
-import org.opensaml.xacml.profile.saml.SAMLProfileConstants;
-import org.opensaml.xacml.profile.saml.XACMLAuthzDecisionQueryType;
-
-
-/**
- * Some unit tests for creating a SAML XACML Request.
- */
-public class SamlRequestComponentBuilderTest extends org.junit.Assert {
-    
-    private DocumentBuilder docBuilder;
-    static {
-        OpenSAMLUtil.initSamlEngine();
-    }
-    
-    public SamlRequestComponentBuilderTest() throws ParserConfigurationException {
-        DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
-        docBuilderFactory.setNamespaceAware(true);
-        docBuilder = docBuilderFactory.newDocumentBuilder();
-    }
-
-    @org.junit.Test
-    public void testCreateXACMLSamlAuthzQueryRequest() throws Exception {
-        Document doc = docBuilder.newDocument();
-        
-        //
-        // Create XACML request
-        //
-        
-        // Subject
-        AttributeValueType subjectIdAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "alice-user@apache.org"
-            );
-        AttributeType subjectIdAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.SUBJECT_ID,
-                    XACMLConstants.RFC_822_NAME,
-                    null,
-                    Collections.singletonList(subjectIdAttributeValue)
-            );
-        
-        AttributeValueType subjectGroupAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "manager"
-            );
-        AttributeType subjectGroupAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.SUBJECT_ROLE,
-                    XACMLConstants.XS_ANY_URI,
-                    "admin-user@apache.org",
-                    Collections.singletonList(subjectGroupAttributeValue)
-            );
-        List<AttributeType> attributes = new ArrayList<AttributeType>();
-        attributes.add(subjectIdAttribute);
-        attributes.add(subjectGroupAttribute);
-        SubjectType subject = RequestComponentBuilder.createSubjectType(attributes, null);
-        
-        // Resource
-        AttributeValueType resourceAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "{http://www.example.org/contract/DoubleIt}DoubleIt"
-            );
-        AttributeType resourceAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.RESOURCE_ID,
-                    XACMLConstants.XS_STRING,
-                    null,
-                    Collections.singletonList(resourceAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(resourceAttribute);
-        ResourceType resource = RequestComponentBuilder.createResourceType(attributes, null);
-        
-        // Action
-        AttributeValueType actionAttributeValue = 
-            RequestComponentBuilder.createAttributeValueType(
-                    "execute"
-            );
-        AttributeType actionAttribute = 
-            RequestComponentBuilder.createAttributeType(
-                    XACMLConstants.ACTION_ID,
-                    XACMLConstants.XS_STRING,
-                    null,
-                    Collections.singletonList(actionAttributeValue)
-            );
-        attributes.clear();
-        attributes.add(actionAttribute);
-        ActionType action = RequestComponentBuilder.createActionType(attributes);
-        
-        // Request
-        RequestType request = 
-            RequestComponentBuilder.createRequestType(
-                    Collections.singletonList(subject), 
-                    Collections.singletonList(resource), 
-                    action, 
-                    null
-            );
-        
-        //
-        // Create SAML wrapper
-        //
-        
-        XACMLAuthzDecisionQueryType authzQuery = 
-            SamlRequestComponentBuilder.createAuthzDecisionQuery(
-                    "Issuer", request, SAMLProfileConstants.SAML20XACML20P_NS
-            );
-        
-        Element policyElement = OpenSAMLUtil.toDom(authzQuery, doc);
-        // String outputString = DOM2Writer.nodeToString(policyElement);
-        assertNotNull(policyElement);
-    }
-    
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLAuthorizingInterceptorTest.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLAuthorizingInterceptorTest.java b/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLAuthorizingInterceptorTest.java
deleted file mode 100644
index ce231c5..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLAuthorizingInterceptorTest.java
+++ /dev/null
@@ -1,127 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rt.security.xacml;
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-import javax.xml.namespace.QName;
-
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageImpl;
-import org.apache.cxf.rt.security.xacml.pdp.api.PolicyDecisionPoint;
-import org.apache.cxf.security.LoginSecurityContext;
-import org.apache.cxf.security.SecurityContext;
-
-
-/**
- * Some unit tests to test the AbstractXACMLAuthorizingInterceptor.
- */
-public class XACMLAuthorizingInterceptorTest extends org.junit.Assert {
-    
-    static {
-        org.apache.wss4j.common.saml.OpenSAMLUtil.initSamlEngine();
-    }
-
-    @SuppressWarnings("deprecation")
-    @org.junit.Test
-    public void testPermit() throws Exception {
-        // Mock up a Security Context
-        SecurityContext sc = createSecurityContext("alice", "manager");
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURI = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URI, resourceURI);
-        msg.put(SecurityContext.class, sc);
-        
-        PolicyDecisionPoint pdp = new DummyPDP();
-        XACMLAuthorizingInterceptor authorizingInterceptor = new XACMLAuthorizingInterceptor(pdp);
-        authorizingInterceptor.handleMessage(msg);
-    }
-    
-    @SuppressWarnings("deprecation")
-    @org.junit.Test
-    public void testDeny() throws Exception {
-        // Mock up a Security Context
-        SecurityContext sc = createSecurityContext("alice", "boss");
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURI = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URI, resourceURI);
-        msg.put(SecurityContext.class, sc);
-        
-        PolicyDecisionPoint pdp = new DummyPDP();
-        XACMLAuthorizingInterceptor authorizingInterceptor = new XACMLAuthorizingInterceptor(pdp);
-        
-        try {
-            authorizingInterceptor.handleMessage(msg);
-            fail("Failure expected on deny");
-        } catch (Exception ex) {
-            // Failure expected
-        }
-    }
-    
-    private SecurityContext createSecurityContext(final String user, final String role) {
-        return new LoginSecurityContext() {
-
-            @Override
-            public Principal getUserPrincipal() {
-                return new Principal() {
-                    public String getName() {
-                        return user;
-                    }
-                };
-            }
-
-            @Override
-            public boolean isUserInRole(String role) {
-                return false;
-            }
-
-            @Override
-            public Subject getSubject() {
-                return null;
-            }
-
-            @Override
-            public Set<Principal> getUserRoles() {
-                Set<Principal> principals = new HashSet<Principal>();
-                principals.add(new Principal() {
-                    public String getName() {
-                        return role;
-                    }
-                });
-                return principals;
-            }
-            
-        };
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLRequestBuilderTest.java
----------------------------------------------------------------------
diff --git a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLRequestBuilderTest.java b/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLRequestBuilderTest.java
deleted file mode 100644
index 29ab5d5..0000000
--- a/rt/security/src/test/java/org/apache/cxf/rt/security/xacml/XACMLRequestBuilderTest.java
+++ /dev/null
@@ -1,307 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rt.security.xacml;
-
-import java.security.Principal;
-import java.util.Collections;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageImpl;
-import org.opensaml.xacml.ctx.AttributeType;
-import org.opensaml.xacml.ctx.RequestType;
-import org.opensaml.xacml.ctx.ResourceType;
-
-
-/**
- * Some unit tests to create a XACML Request via the XACMLRequestBuilder interface.
- */
-public class XACMLRequestBuilderTest extends org.junit.Assert {
-    
-    static {
-        org.apache.wss4j.common.saml.OpenSAMLUtil.initSamlEngine();
-    }
-
-    @org.junit.Test
-    public void testXACMLRequestBuilder() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URI, resourceURL);
-        
-        XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-    }
-
-    
-    @org.junit.Test
-    public void testAction() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URI, resourceURL);
-        
-        DefaultXACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request); 
-        
-        String action = 
-            request.getAction().getAttributes().get(0).getAttributeValues().get(0).getValue();
-        assertEquals("execute", action);
-        
-        builder.setAction("write");
-        request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request); 
-        
-        action = 
-            request.getAction().getAttributes().get(0).getAttributeValues().get(0).getValue();
-        assertEquals("write", action);
-    }
-    
-    @org.junit.Test
-    public void testEnvironment() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URL, resourceURL);
-        
-        XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-        assertFalse(request.getEnvironment().getAttributes().isEmpty());
-        
-        ((DefaultXACMLRequestBuilder)builder).setSendDateTime(false);
-        request = builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-        assertTrue(request.getEnvironment().getAttributes().isEmpty());
-    }
-    
-    @org.junit.Test
-    public void testSOAPResource() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URL, resourceURL);
-        
-        XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-        
-        List<ResourceType> resources = request.getResources();
-        assertNotNull(resources);
-        assertEquals(1, resources.size());
-        
-        ResourceType resource = resources.get(0);
-        assertEquals(4, resource.getAttributes().size());
-        
-        boolean resourceIdSatisfied = false;
-        boolean soapServiceSatisfied = false;
-        boolean soapOperationSatisfied = false;
-        boolean resourceURISatisfied = false;
-        for (AttributeType attribute : resource.getAttributes()) {
-            String attributeValue = attribute.getAttributeValues().get(0).getValue();
-            if (XACMLConstants.RESOURCE_ID.equals(attribute.getAttributeId())
-                && "{http://www.example.org/contract/DoubleIt}DoubleItService#DoubleIt".equals(
-                    attributeValue)) {
-                resourceIdSatisfied = true;
-            } else if (XACMLConstants.RESOURCE_WSDL_SERVICE_ID.equals(attribute.getAttributeId())
-                && service.equals(attributeValue)) {
-                soapServiceSatisfied = true;
-            } else if (XACMLConstants.RESOURCE_WSDL_OPERATION_ID.equals(attribute.getAttributeId())
-                && operation.equals(attributeValue)) {
-                soapOperationSatisfied = true;
-            } else if (XACMLConstants.RESOURCE_WSDL_ENDPOINT.equals(attribute.getAttributeId())
-                && resourceURL.equals(attributeValue)) {
-                resourceURISatisfied = true;
-            }
-        }
-        
-        assertTrue(resourceIdSatisfied && soapServiceSatisfied && soapOperationSatisfied
-                   && resourceURISatisfied);
-    }
-    
-    @org.junit.Test
-    public void testSOAPResourceDifferentNamespace() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
-        MessageImpl msg = new MessageImpl();
-        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
-        String service = "{http://www.example.org/contract/DoubleItService}DoubleItService";
-        msg.put(Message.WSDL_SERVICE, QName.valueOf(service));
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URL, resourceURL);
-        
-        XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-        
-        List<ResourceType> resources = request.getResources();
-        assertNotNull(resources);
-        assertEquals(1, resources.size());
-        
-        ResourceType resource = resources.get(0);
-        assertEquals(4, resource.getAttributes().size());
-        
-        boolean resourceIdSatisfied = false;
-        boolean soapServiceSatisfied = false;
-        boolean soapOperationSatisfied = false;
-        boolean resourceURISatisfied = false;
-        String expectedResourceId = 
-            service + "#" + operation;
-        for (AttributeType attribute : resource.getAttributes()) {
-            String attributeValue = attribute.getAttributeValues().get(0).getValue();
-            if (XACMLConstants.RESOURCE_ID.equals(attribute.getAttributeId())
-                && expectedResourceId.equals(attributeValue)) {
-                resourceIdSatisfied = true;
-            } else if (XACMLConstants.RESOURCE_WSDL_SERVICE_ID.equals(attribute.getAttributeId())
-                && service.equals(attributeValue)) {
-                soapServiceSatisfied = true;
-            } else if (XACMLConstants.RESOURCE_WSDL_OPERATION_ID.equals(attribute.getAttributeId())
-                && operation.equals(attributeValue)) {
-                soapOperationSatisfied = true;
-            } else if (XACMLConstants.RESOURCE_WSDL_ENDPOINT.equals(attribute.getAttributeId())
-                && resourceURL.equals(attributeValue)) {
-                resourceURISatisfied = true;
-            }
-        }
-        
-        assertTrue(resourceIdSatisfied && soapServiceSatisfied && soapOperationSatisfied
-                   && resourceURISatisfied);
-    }
-    
-    @org.junit.Test
-    public void testRESTResource() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        MessageImpl msg = new MessageImpl();
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URL, resourceURL);
-        
-        XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-        
-        List<ResourceType> resources = request.getResources();
-        assertNotNull(resources);
-        assertEquals(1, resources.size());
-        
-        ResourceType resource = resources.get(0);
-        assertEquals(1, resource.getAttributes().size());
-        
-        for (AttributeType attribute : resource.getAttributes()) {
-            String attributeValue = attribute.getAttributeValues().get(0).getValue();
-            assertEquals(attributeValue, resourceURL);
-        }
-    }
-    
-    @org.junit.Test
-    public void testRESTResourceTruncatedURI() throws Exception {
-        // Mock up a request
-        Principal principal = new Principal() {
-            public String getName() {
-                return "alice";
-            }
-        };
-        
-        MessageImpl msg = new MessageImpl();
-        String resourceURL = "https://localhost:8080/doubleit";
-        msg.put(Message.REQUEST_URL, resourceURL);
-        String resourceURI = "/doubleit";
-        msg.put(Message.REQUEST_URI, resourceURI);
-        
-        XACMLRequestBuilder builder = new DefaultXACMLRequestBuilder();
-        ((DefaultXACMLRequestBuilder)builder).setSendFullRequestURL(false);
-        RequestType request = 
-            builder.createRequest(principal, Collections.singletonList("manager"), msg);
-        assertNotNull(request);
-        
-        List<ResourceType> resources = request.getResources();
-        assertNotNull(resources);
-        assertEquals(1, resources.size());
-        
-        ResourceType resource = resources.get(0);
-        assertEquals(1, resource.getAttributes().size());
-        
-        for (AttributeType attribute : resource.getAttributes()) {
-            String attributeValue = attribute.getAttributeValues().get(0).getValue();
-            assertEquals(attributeValue, resourceURI);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/ws/security/pom.xml
----------------------------------------------------------------------
diff --git a/rt/ws/security/pom.xml b/rt/ws/security/pom.xml
index ed2ab38..e1f2b9c 100644
--- a/rt/ws/security/pom.xml
+++ b/rt/ws/security/pom.xml
@@ -49,7 +49,7 @@
         </dependency>
         <dependency>
             <groupId>org.apache.cxf</groupId>
-            <artifactId>cxf-rt-security</artifactId>
+            <artifactId>cxf-rt-security-saml</artifactId>
             <version>${project.version}</version>
         </dependency>
         <dependency>

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AuthPolicyValidatingInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AuthPolicyValidatingInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AuthPolicyValidatingInterceptor.java
index 5ea8ec8..061febd 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AuthPolicyValidatingInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AuthPolicyValidatingInterceptor.java
@@ -24,7 +24,6 @@ import java.util.Set;
 import java.util.logging.Logger;
 
 import org.w3c.dom.Document;
-
 import org.apache.cxf.common.i18n.BundleUtils;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
@@ -34,8 +33,8 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.saml.SAMLSecurityContext;
-import org.apache.cxf.rt.security.saml.SAMLUtils;
+import org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
index ec4e816..0410e49 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
@@ -40,7 +40,6 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
-
 import org.w3c.dom.Document;
 import org.apache.cxf.Bus;
 import org.apache.cxf.BusException;
@@ -54,7 +53,7 @@ import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.saml.SAMLUtils;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.EHCacheTokenStore;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
index 12d8299..9f7d7b1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
@@ -33,8 +33,8 @@ import org.apache.cxf.interceptor.security.RolePrefixSecurityContextImpl;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.saml.SAMLSecurityContext;
-import org.apache.cxf.rt.security.saml.SAMLUtils;
+import org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index e7eb8e1..345e237 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -39,8 +39,8 @@ import org.apache.cxf.interceptor.security.DefaultSecurityContext;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.saml.SAMLSecurityContext;
-import org.apache.cxf.rt.security.saml.SAMLUtils;
+import org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
 import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.ws.policy.AssertionInfo;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index af43f97..111c93f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -45,7 +45,6 @@ import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
-
 import org.apache.cxf.binding.soap.SoapFault;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.SoapVersion;
@@ -61,8 +60,8 @@ import org.apache.cxf.interceptor.security.RolePrefixSecurityContextImpl;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.saml.SAMLSecurityContext;
-import org.apache.cxf.rt.security.saml.SAMLUtils;
+import org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
 import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.security.transport.TLSSessionInfo;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/DefaultSAMLRoleParser.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/DefaultSAMLRoleParser.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/DefaultSAMLRoleParser.java
index b76cce9..21a94f9 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/DefaultSAMLRoleParser.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/DefaultSAMLRoleParser.java
@@ -24,8 +24,8 @@ import java.util.Set;
 import javax.security.auth.Subject;
 
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.rt.security.saml.SAMLSecurityContext;
-import org.apache.cxf.rt.security.saml.SAMLUtils;
+import org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext;
+import org.apache.cxf.rt.security.saml.utils.SAMLUtils;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 
 /**

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
index 4e22422..cd5d734 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
@@ -31,7 +31,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.rt.security.claims.SAMLClaim;
+import org.apache.cxf.rt.security.saml.claims.SAMLClaim;
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.bean.ActionBean;
 import org.apache.wss4j.common.saml.bean.AttributeBean;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
index 9e35949..2d03211 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
@@ -31,7 +31,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.rt.security.claims.SAMLClaim;
+import org.apache.cxf.rt.security.saml.claims.SAMLClaim;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
index 2cc75f2..d178cb7 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
@@ -34,7 +34,7 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.rs.security.common.CryptoLoader;
 import org.apache.cxf.rs.security.common.SecurityUtils;
-import org.apache.cxf.rt.security.claims.SAMLClaim;
+import org.apache.cxf.rt.security.saml.claims.SAMLClaim;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.saml.SAMLCallback;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
index 4e27b22..d149db1 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
@@ -31,8 +31,8 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.rt.security.xacml.XACMLConstants;
-import org.apache.cxf.rt.security.xacml.pdp.api.PolicyDecisionPoint;
+import org.apache.cxf.rt.security.saml.xacml.XACMLConstants;
+import org.apache.cxf.rt.security.saml.xacml.pdp.api.PolicyDecisionPoint;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.OpenSAMLUtil;
 import org.opensaml.core.xml.XMLObjectBuilderFactory;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
index 14a803a..3b74a14 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
@@ -230,7 +230,7 @@
         </jaxws:features>
     </jaxws:endpoint>
     <bean class="org.apache.cxf.systest.ws.saml.PolicyDecisionPointMockImpl" id="MockPDP" />
-    <bean class="org.apache.cxf.rt.security.xacml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
+    <bean class="org.apache.cxf.rt.security.saml.xacml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
         <constructor-arg ref="MockPDP"/>
     </bean>
     <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="Saml2TokenOverSymmetricPEP" address="http://localhost:${testutil.ports.Server}/DoubleItSaml2PEP" serviceName="s:DoubleItService" endpointName="s:DoubleItSaml2PEPPort" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl">

http://git-wip-us.apache.org/repos/asf/cxf/blob/c04c2720/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
index ce0eb3f..7dd9388 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
@@ -253,7 +253,7 @@
         </jaxws:features>
     </jaxws:endpoint>
     <bean class="org.apache.cxf.systest.ws.saml.PolicyDecisionPointMockImpl" id="MockPDP" />
-    <bean class="org.apache.cxf.rt.security.xacml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
+    <bean class="org.apache.cxf.rt.security.saml.xacml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
         <constructor-arg ref="MockPDP"/>
     </bean>
     <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="Saml2TokenOverSymmetricPEP" address="http://localhost:${testutil.ports.StaxServer}/DoubleItSaml2PEP" serviceName="s:DoubleItService" endpointName="s:DoubleItSaml2PEPPort" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl">


Mime
View raw message