cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/2] cxf git commit: Renaming SAMLRealm so that it can apply for other token types
Date Mon, 09 Nov 2015 12:10:56 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 1dd9c4643 -> 9f5675074


Renaming SAMLRealm so that it can apply for other token types


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a7e86b34
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a7e86b34
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a7e86b34

Branch: refs/heads/master
Commit: a7e86b341fe21038428bfecbb04f40465c5cccf3
Parents: 1dd9c46
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Nov 9 11:41:35 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Nov 9 11:41:35 2015 +0000

----------------------------------------------------------------------
 .../provider/AbstractSAMLTokenProvider.java     |   4 +-
 .../sts/token/provider/SAMLTokenProvider.java   |  28 +--
 .../token/provider/jwt/JWTTokenProvider.java    |  38 ++--
 .../cxf/sts/token/realm/RealmProperties.java    | 185 +++++++++++++++++++
 .../apache/cxf/sts/token/realm/SAMLRealm.java   | 164 +---------------
 .../cxf/sts/token/renewer/SAMLTokenRenewer.java |  24 +--
 .../claims/mapper/JexlIssueSamlClaimsTest.java  |  16 +-
 .../sts/operation/IssueOnbehalfofUnitTest.java  |  16 +-
 .../sts/operation/IssueSamlClaimsUnitTest.java  |  16 +-
 .../sts/operation/IssueSamlRealmUnitTest.java   |  18 +-
 .../ValidateTokenTransformationUnitTest.java    |  16 +-
 .../token/provider/SAMLProviderRealmTest.java   |  69 ++++++-
 .../renewer/SAMLTokenRenewerRealmTest.java      |  16 +-
 .../SAMLTokenValidatorCachedRealmTest.java      |  12 +-
 .../validator/SAMLTokenValidatorRealmTest.java  |  12 +-
 .../cxf/systest/sts/realms/cxf-sts-saml1.xml    |   4 +-
 .../cxf/systest/sts/realms/cxf-sts-saml2.xml    |   2 +-
 .../systest/sts/issueunit/IssueUnitTest.java    |   4 +-
 .../sts/delegation/cxf-sts-transport.xml        |   4 +-
 .../systest/sts/deployment/cxf-transport.xml    |   4 +-
 .../sts/deployment/stax-cxf-transport.xml       |   4 +-
 .../systest/sts/issuer/cxf-sts-transport.xml    |   4 +-
 22 files changed, 378 insertions(+), 282 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/AbstractSAMLTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/AbstractSAMLTokenProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/AbstractSAMLTokenProvider.java
index ed33eb8..b5ad4cb 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/AbstractSAMLTokenProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/AbstractSAMLTokenProvider.java
@@ -29,7 +29,7 @@ import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.STSPropertiesMBean;
 import org.apache.cxf.sts.SignatureProperties;
 import org.apache.cxf.sts.request.KeyRequirements;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
@@ -43,7 +43,7 @@ public abstract class AbstractSAMLTokenProvider {
     
     protected void signToken(
         SamlAssertionWrapper assertion, 
-        SAMLRealm samlRealm,
+        RealmProperties samlRealm,
         STSPropertiesMBean stsProperties,
         KeyRequirements keyRequirements
     ) throws Exception {

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
index aafe972..3d5d762 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
@@ -20,6 +20,7 @@
 package org.apache.cxf.sts.token.provider;
 
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -36,7 +37,7 @@ import org.apache.cxf.sts.cache.CacheUtils;
 import org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider;
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.sts.request.TokenRequirements;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.wss4j.common.saml.SAMLCallback;
@@ -64,7 +65,7 @@ public class SAMLTokenProvider extends AbstractSAMLTokenProvider implements Toke
     private SubjectProvider subjectProvider = new DefaultSubjectProvider();
     private ConditionsProvider conditionsProvider = new DefaultConditionsProvider();
     private boolean signToken = true;
-    private Map<String, SAMLRealm> realmMap = new HashMap<>();
+    private Map<String, RealmProperties> realmMap = new HashMap<>();
     private SamlCustomHandler samlCustomHandler;
     
     /**
@@ -262,19 +263,22 @@ public class SAMLTokenProvider extends AbstractSAMLTokenProvider implements Toke
     }
     
     /**
-     * Set the map of realm->SAMLRealm for this token provider
-     * @param realms the map of realm->SAMLRealm for this token provider
+     * Set the map of realm->RealmProperties for this token provider
+     * @param realms the map of realm->RealmProperties for this token provider
      */
-    public void setRealmMap(Map<String, SAMLRealm> realms) {
-        this.realmMap = realms;
+    public void setRealmMap(Map<String, ? extends RealmProperties> realms) {
+        this.realmMap.clear();
+        if (realms != null) {
+            this.realmMap.putAll(realms);
+        }
     }
     
     /**
-     * Get the map of realm->SAMLRealm for this token provider
-     * @return the map of realm->SAMLRealm for this token provider
+     * Get the map of realm->RealmProperties for this token provider
+     * @return the map of realm->RealmProperties for this token provider
      */
-    public Map<String, SAMLRealm> getRealmMap() {
-        return realmMap;
+    public Map<String, RealmProperties> getRealmMap() {
+        return Collections.unmodifiableMap(realmMap);
     }
 
     public void setSamlCustomHandler(SamlCustomHandler samlCustomHandler) {
@@ -285,7 +289,7 @@ public class SAMLTokenProvider extends AbstractSAMLTokenProvider implements Toke
         TokenProviderParameters tokenParameters, byte[] secret, Document doc
     ) throws Exception {
         String realm = tokenParameters.getRealm();
-        SAMLRealm samlRealm = null;
+        RealmProperties samlRealm = null;
         if (realm != null && realmMap.containsKey(realm)) {
             samlRealm = realmMap.get(realm);
         }
@@ -310,7 +314,7 @@ public class SAMLTokenProvider extends AbstractSAMLTokenProvider implements Toke
     }
     
     public SamlCallbackHandler createCallbackHandler(
-        TokenProviderParameters tokenParameters, byte[] secret, SAMLRealm samlRealm, Document doc
+        TokenProviderParameters tokenParameters, byte[] secret, RealmProperties samlRealm, Document doc
     ) throws Exception {
         boolean statementAdded = false;
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
index 573788b..6096649 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/JWTTokenProvider.java
@@ -20,6 +20,7 @@
 package org.apache.cxf.sts.token.provider.jwt;
 
 import java.security.KeyStore;
+import java.util.Collections;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -45,7 +46,7 @@ import org.apache.cxf.sts.request.TokenRequirements;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.Merlin;
@@ -60,7 +61,7 @@ public class JWTTokenProvider implements TokenProvider {
     private static final Logger LOG = LogUtils.getL7dLogger(JWTTokenProvider.class);
     
     private boolean signToken = true;
-    private Map<String, SAMLRealm> realmMap = new HashMap<>();
+    private Map<String, RealmProperties> realmMap = new HashMap<>();
     private JWTClaimsProvider jwtClaimsProvider = new DefaultJWTClaimsProvider();
     
     /**
@@ -165,19 +166,20 @@ public class JWTTokenProvider implements TokenProvider {
     }
     
     /**
-     * Set the map of realm->SAMLRealm for this token provider
-     * @param realms the map of realm->SAMLRealm for this token provider
+     * Set the map of realm->RealmProperties for this token provider
+     * @param realms the map of realm->RealmProperties for this token provider
      */
-    public void setRealmMap(Map<String, SAMLRealm> realms) {
-        this.realmMap = realms;
+    public void setRealmMap(Map<String, ? extends RealmProperties> realms) {
+        this.realmMap.clear();
+        this.realmMap.putAll(realms);
     }
     
     /**
-     * Get the map of realm->SAMLRealm for this token provider
-     * @return the map of realm->SAMLRealm for this token provider
+     * Get the map of realm->RealmProperties for this token provider
+     * @return the map of realm->RealmProperties for this token provider
      */
-    public Map<String, SAMLRealm> getRealmMap() {
-        return realmMap;
+    public Map<String, RealmProperties> getRealmMap() {
+        return Collections.unmodifiableMap(realmMap);
     }
 
     public JWTClaimsProvider getJwtClaimsProvider() {
@@ -190,7 +192,7 @@ public class JWTTokenProvider implements TokenProvider {
     
     private String signToken(
         JwtToken token, 
-        SAMLRealm samlRealm,
+        RealmProperties jwtRealm,
         STSPropertiesMBean stsProperties,
         TokenRequirements tokenRequirements
     ) throws Exception {
@@ -204,18 +206,18 @@ public class JWTTokenProvider implements TokenProvider {
             SignatureProperties signatureProperties = stsProperties.getSignatureProperties();
             String alias = stsProperties.getSignatureUsername();
 
-            if (samlRealm != null) {
+            if (jwtRealm != null) {
                 // If SignatureCrypto configured in realm then
                 // callbackhandler and alias of STSPropertiesMBean is ignored
-                if (samlRealm.getSignatureCrypto() != null) {
+                if (jwtRealm.getSignatureCrypto() != null) {
                     LOG.fine("SAMLRealm signature keystore used");
-                    signatureCrypto = samlRealm.getSignatureCrypto();
-                    callbackHandler = samlRealm.getCallbackHandler();
-                    alias = samlRealm.getSignatureAlias();
+                    signatureCrypto = jwtRealm.getSignatureCrypto();
+                    callbackHandler = jwtRealm.getCallbackHandler();
+                    alias = jwtRealm.getSignatureAlias();
                 }
                 // SignatureProperties can be defined independently of SignatureCrypto
-                if (samlRealm.getSignatureProperties() != null) {
-                    signatureProperties = samlRealm.getSignatureProperties();
+                if (jwtRealm.getSignatureProperties() != null) {
+                    signatureProperties = jwtRealm.getSignatureProperties();
                 }
             }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/RealmProperties.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/RealmProperties.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/RealmProperties.java
new file mode 100644
index 0000000..3f5112f
--- /dev/null
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/RealmProperties.java
@@ -0,0 +1,185 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.token.realm;
+
+import java.util.Properties;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.rt.security.utils.SecurityUtils;
+import org.apache.cxf.sts.SignatureProperties;
+import org.apache.cxf.ws.security.sts.provider.STSException;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
+
+
+/**
+ * This class defines some properties that are associated with a realm for issuing or validating a particular token.
+ */
+public class RealmProperties {
+    
+    private static final Logger LOG = LogUtils.getL7dLogger(RealmProperties.class);
+    
+    private String issuer;
+    private String signatureAlias;
+    private Crypto signatureCrypto;
+    private SignatureProperties signatureProperties;
+    private String signaturePropertiesFile;
+    private String callbackHandlerClass;
+    private CallbackHandler callbackHandler;
+    
+    /**
+     * Get the issuer of this realm
+     * @return the issuer of this realm
+     */
+    public String getIssuer() {
+        return issuer;
+    }
+    
+    /**
+     * Set the issuer of this realm
+     * @param issuer the issuer of this realm
+     */
+    public void setIssuer(String issuer) {
+        this.issuer = issuer;
+    }
+    
+    /**
+     * Get the signature alias to use for this realm
+     * @return the signature alias to use for this realm
+     */
+    public String getSignatureAlias() {
+        return signatureAlias;
+    }
+    
+    /**
+     * Set the signature alias to use for this realm
+     * @param signatureAlias the signature alias to use for this realm
+     */
+    public void setSignatureAlias(String signatureAlias) {
+        this.signatureAlias = signatureAlias;
+    }
+    
+    /**
+     * Set the signature Crypto object
+     * @param signatureCrypto the signature Crypto object
+     */
+    public void setSignatureCrypto(Crypto signatureCrypto) {
+        this.signatureCrypto = signatureCrypto;
+    }
+    
+    /**
+     * Set the String corresponding to the signature Properties class
+     * @param signaturePropertiesFile the String corresponding to the signature properties file
+     */
+    public void setSignaturePropertiesFile(String signaturePropertiesFile) {
+        this.signaturePropertiesFile = signaturePropertiesFile;
+        if (LOG.isLoggable(Level.FINE)) {
+            LOG.fine("Setting signature properties: " + signaturePropertiesFile);
+        }
+    }
+    
+    /**
+     * Set the SignatureProperties to use.
+     * @param signatureProperties the SignatureProperties to use.
+     */
+    public void setSignatureProperties(SignatureProperties signatureProperties) {
+        this.signatureProperties = signatureProperties;
+    }
+    
+    /**
+     * Get the SignatureProperties to use.
+     * @return the SignatureProperties to use.
+     */
+    public SignatureProperties getSignatureProperties() {
+        return signatureProperties;
+    }
+    
+    
+    /**
+     * Get the signature Crypto object
+     * @return the signature Crypto object
+     */
+    public Crypto getSignatureCrypto() {
+        if (signatureCrypto == null && signaturePropertiesFile != null) {
+            Properties sigProperties = SecurityUtils.loadProperties(signaturePropertiesFile);
+            if (sigProperties == null) {
+                LOG.fine("Cannot load signature properties using: " + signaturePropertiesFile);
+                throw new STSException("Configuration error: cannot load signature properties");
+            }
+            try {
+                signatureCrypto = CryptoFactory.getInstance(sigProperties);
+            } catch (WSSecurityException ex) {
+                LOG.fine("Error in loading the signature Crypto object: " + ex.getMessage());
+                throw new STSException(ex.getMessage());
+            }
+        }
+        
+        return signatureCrypto;
+    }
+    
+    
+    /**
+     * Set the CallbackHandler object. 
+     * @param callbackHandler the CallbackHandler object. 
+     */
+    public void setCallbackHandler(CallbackHandler callbackHandler) {
+        this.callbackHandler = callbackHandler;
+        if (LOG.isLoggable(Level.FINE)) {
+            LOG.fine("Setting callbackHandler: " + callbackHandler);
+        }
+    }
+    
+    /**
+     * Set the String corresponding to the CallbackHandler class. 
+     * @param callbackHandlerClass the String corresponding to the CallbackHandler class. 
+     */
+    public void setCallbackHandlerClass(String callbackHandlerClass) {
+        this.callbackHandlerClass = callbackHandlerClass;
+        if (LOG.isLoggable(Level.FINE)) {
+            LOG.fine("Setting callbackHandlerClass: " + callbackHandlerClass);
+        }
+    }
+    
+    /**
+     * Get the CallbackHandler object.
+     * @return the CallbackHandler object.
+     */
+    public CallbackHandler getCallbackHandler() {
+        if (callbackHandler == null && callbackHandlerClass != null) {
+            try {
+                callbackHandler = SecurityUtils.getCallbackHandler(callbackHandlerClass);
+                if (callbackHandler == null) {
+                    LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
+                    throw new STSException("Configuration error: cannot load callback handler");
+                }
+            } catch (Exception ex) {
+                LOG.fine("Error in loading the callback handler object: " + ex.getMessage());
+                throw new STSException(ex.getMessage());
+            }
+        }
+        return callbackHandler;
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
index 37c4ce6..fe2be74 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/realm/SAMLRealm.java
@@ -19,168 +19,10 @@
 
 package org.apache.cxf.sts.token.realm;
 
-import java.util.Properties;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.security.auth.callback.CallbackHandler;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.rt.security.utils.SecurityUtils;
-import org.apache.cxf.sts.SignatureProperties;
-import org.apache.cxf.ws.security.sts.provider.STSException;
-import org.apache.wss4j.common.crypto.Crypto;
-import org.apache.wss4j.common.crypto.CryptoFactory;
-import org.apache.wss4j.common.ext.WSSecurityException;
-
-
 /**
- * This class defines some properties that are associated with a realm for the SAMLTokenProvider and
- * SAMLTokenValidator.
+ * Use RealmProperties intead
  */
-public class SAMLRealm {
-    
-    private static final Logger LOG = LogUtils.getL7dLogger(SAMLRealm.class);
-    
-    private String issuer;
-    private String signatureAlias;
-    private Crypto signatureCrypto;
-    private SignatureProperties signatureProperties;
-    private String signaturePropertiesFile;
-    private String callbackHandlerClass;
-    private CallbackHandler callbackHandler;
-    
-    /**
-     * Get the issuer of this SAML realm
-     * @return the issuer of this SAML realm
-     */
-    public String getIssuer() {
-        return issuer;
-    }
-    
-    /**
-     * Set the issuer of this SAML realm
-     * @param issuer the issuer of this SAML realm
-     */
-    public void setIssuer(String issuer) {
-        this.issuer = issuer;
-    }
-    
-    /**
-     * Get the signature alias to use for this SAML realm
-     * @return the signature alias to use for this SAML realm
-     */
-    public String getSignatureAlias() {
-        return signatureAlias;
-    }
-    
-    /**
-     * Set the signature alias to use for this SAML realm
-     * @param signatureAlias the signature alias to use for this SAML realm
-     */
-    public void setSignatureAlias(String signatureAlias) {
-        this.signatureAlias = signatureAlias;
-    }
-    
-    /**
-     * Set the signature Crypto object
-     * @param signatureCrypto the signature Crypto object
-     */
-    public void setSignatureCrypto(Crypto signatureCrypto) {
-        this.signatureCrypto = signatureCrypto;
-    }
-    
-    /**
-     * Set the String corresponding to the signature Properties class
-     * @param signaturePropertiesFile the String corresponding to the signature properties file
-     */
-    public void setSignaturePropertiesFile(String signaturePropertiesFile) {
-        this.signaturePropertiesFile = signaturePropertiesFile;
-        if (LOG.isLoggable(Level.FINE)) {
-            LOG.fine("Setting signature properties: " + signaturePropertiesFile);
-        }
-    }
-    
-    /**
-     * Set the SignatureProperties to use.
-     * @param signatureProperties the SignatureProperties to use.
-     */
-    public void setSignatureProperties(SignatureProperties signatureProperties) {
-        this.signatureProperties = signatureProperties;
-    }
-    
-    /**
-     * Get the SignatureProperties to use.
-     * @return the SignatureProperties to use.
-     */
-    public SignatureProperties getSignatureProperties() {
-        return signatureProperties;
-    }
-    
-    
-    /**
-     * Get the signature Crypto object
-     * @return the signature Crypto object
-     */
-    public Crypto getSignatureCrypto() {
-        if (signatureCrypto == null && signaturePropertiesFile != null) {
-            Properties sigProperties = SecurityUtils.loadProperties(signaturePropertiesFile);
-            if (sigProperties == null) {
-                LOG.fine("Cannot load signature properties using: " + signaturePropertiesFile);
-                throw new STSException("Configuration error: cannot load signature properties");
-            }
-            try {
-                signatureCrypto = CryptoFactory.getInstance(sigProperties);
-            } catch (WSSecurityException ex) {
-                LOG.fine("Error in loading the signature Crypto object: " + ex.getMessage());
-                throw new STSException(ex.getMessage());
-            }
-        }
-        
-        return signatureCrypto;
-    }
-    
-    
-    /**
-     * Set the CallbackHandler object. 
-     * @param callbackHandler the CallbackHandler object. 
-     */
-    public void setCallbackHandler(CallbackHandler callbackHandler) {
-        this.callbackHandler = callbackHandler;
-        if (LOG.isLoggable(Level.FINE)) {
-            LOG.fine("Setting callbackHandler: " + callbackHandler);
-        }
-    }
-    
-    /**
-     * Set the String corresponding to the CallbackHandler class. 
-     * @param callbackHandlerClass the String corresponding to the CallbackHandler class. 
-     */
-    public void setCallbackHandlerClass(String callbackHandlerClass) {
-        this.callbackHandlerClass = callbackHandlerClass;
-        if (LOG.isLoggable(Level.FINE)) {
-            LOG.fine("Setting callbackHandlerClass: " + callbackHandlerClass);
-        }
-    }
-    
-    /**
-     * Get the CallbackHandler object.
-     * @return the CallbackHandler object.
-     */
-    public CallbackHandler getCallbackHandler() {
-        if (callbackHandler == null && callbackHandlerClass != null) {
-            try {
-                callbackHandler = SecurityUtils.getCallbackHandler(callbackHandlerClass);
-                if (callbackHandler == null) {
-                    LOG.fine("Cannot load CallbackHandler using: " + callbackHandlerClass);
-                    throw new STSException("Configuration error: cannot load callback handler");
-                }
-            } catch (Exception ex) {
-                LOG.fine("Error in loading the callback handler object: " + ex.getMessage());
-                throw new STSException(ex.getMessage());
-            }
-        }
-        return callbackHandler;
-    }
+@Deprecated
+public class SAMLRealm extends RealmProperties {
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
index 13df377..5075946 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
@@ -23,6 +23,7 @@ import java.security.Principal;
 import java.security.cert.Certificate;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -47,7 +48,7 @@ import org.apache.cxf.sts.token.provider.AbstractSAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.ConditionsProvider;
 import org.apache.cxf.sts.token.provider.DefaultConditionsProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
@@ -85,7 +86,7 @@ public class SAMLTokenRenewer extends AbstractSAMLTokenProvider implements Token
     private static final Logger LOG = LogUtils.getL7dLogger(SAMLTokenRenewer.class);
     private boolean signToken = true;
     private ConditionsProvider conditionsProvider = new DefaultConditionsProvider();
-    private Map<String, SAMLRealm> realmMap = new HashMap<>();
+    private Map<String, RealmProperties> realmMap = new HashMap<>();
     private long maxExpiry = DEFAULT_MAX_EXPIRY;
     // boolean to enable/disable the check of proof of possession
     private boolean verifyProofOfPossession = true;
@@ -265,19 +266,20 @@ public class SAMLTokenRenewer extends AbstractSAMLTokenProvider implements Token
     }
     
     /**
-     * Set the map of realm->SAMLRealm for this token provider
-     * @param realms the map of realm->SAMLRealm for this token provider
+     * Set the map of realm->RealmProperties for this token provider
+     * @param realms the map of realm->RealmProperties for this token provider
      */
-    public void setRealmMap(Map<String, SAMLRealm> realms) {
-        this.realmMap = realms;
+    public void setRealmMap(Map<String, ? extends RealmProperties> realms) {
+        this.realmMap.clear();
+        this.realmMap.putAll(realms);
     }
     
     /**
-     * Get the map of realm->SAMLRealm for this token provider
-     * @return the map of realm->SAMLRealm for this token provider
+     * Get the map of realm->RealmProperties for this token provider
+     * @return the map of realm->RealmProperties for this token provider
      */
-    public Map<String, SAMLRealm> getRealmMap() {
-        return realmMap;
+    public Map<String, RealmProperties> getRealmMap() {
+        return Collections.unmodifiableMap(realmMap);
     }
     
     private void validateAssertion(
@@ -426,7 +428,7 @@ public class SAMLTokenRenewer extends AbstractSAMLTokenProvider implements Token
         if (signToken) {
             STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
             String realm = tokenParameters.getRealm();
-            SAMLRealm samlRealm = null;
+            RealmProperties samlRealm = null;
             if (realm != null && realmMap.containsKey(realm)) {
                 samlRealm = realmMap.get(realm);
             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
index f43ba17..219f3f9 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
@@ -64,8 +64,8 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
 import org.apache.cxf.sts.token.validator.TokenValidator;
@@ -124,7 +124,7 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
     public void testIssueSaml2TokenOnBehalfOfSaml2DifferentRealmFederateClaims() throws Exception {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
-        Map<String, SAMLRealm> realms = createSamlRealms();
+        Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
         List<TokenProvider> providerList = new ArrayList<TokenProvider>();
@@ -203,7 +203,7 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
         assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
     }
 
-    private RequestSecurityTokenType createRequest(Map<String, SAMLRealm> realms, Crypto crypto)
+    private RequestSecurityTokenType createRequest(Map<String, RealmProperties> realms, Crypto crypto)
         throws WSSecurityException {
         RequestSecurityTokenType request = new RequestSecurityTokenType();
         JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class,
@@ -299,13 +299,13 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
         return claimType;
     }
 
-    private Map<String, SAMLRealm> createSamlRealms() {
+    private Map<String, RealmProperties> createSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;
@@ -315,7 +315,7 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
      * Mock up an SAML assertion element
      */
     private Element createSAMLAssertion(String tokenType, Crypto crypto, String signatureUsername,
-        CallbackHandler callbackHandler, Map<String, SAMLRealm> realms) throws WSSecurityException {
+        CallbackHandler callbackHandler, Map<String, RealmProperties> realms) throws WSSecurityException {
 
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
index 6a2354d..65380cd 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
@@ -33,6 +33,7 @@ import javax.xml.namespace.QName;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
+
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
@@ -63,7 +64,7 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
 import org.apache.cxf.sts.token.validator.TokenValidator;
@@ -88,7 +89,6 @@ import org.apache.wss4j.common.saml.builder.SAML2Constants;
 import org.apache.wss4j.common.util.DOM2Writer;
 import org.apache.wss4j.dom.WSConstants;
 
-
 /**
  * Some unit tests for the issue operation.
  */
@@ -920,7 +920,7 @@ public class IssueOnbehalfofUnitTest extends org.junit.Assert {
         stsProperties.setIdentityMapper(new CustomIdentityMapper());
         issueOperation.setStsProperties(stsProperties);
         
-        Map<String, SAMLRealm> realms = createSamlRealms();
+        Map<String, RealmProperties> realms = createSamlRealms();
         
         // Mock up a request
         RequestSecurityTokenType request = new RequestSecurityTokenType();
@@ -1224,7 +1224,7 @@ public class IssueOnbehalfofUnitTest extends org.junit.Assert {
      */
     private Element createSAMLAssertion(
             String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler,
-            Map<String, SAMLRealm> realms, String keyType
+            Map<String, RealmProperties> realms, String keyType
     ) throws WSSecurityException {
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
@@ -1315,13 +1315,13 @@ public class IssueOnbehalfofUnitTest extends org.junit.Assert {
         return tokenType;
     }
 
-    private Map<String, SAMLRealm> createSamlRealms() {
+    private Map<String, RealmProperties> createSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
index acd061a..6eb6db6 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
@@ -66,8 +66,8 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
 import org.apache.cxf.sts.token.validator.TokenValidator;
@@ -421,7 +421,7 @@ public class IssueSamlClaimsUnitTest extends org.junit.Assert {
         throws Exception {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
         
-        Map<String, SAMLRealm> realms = createSamlRealms();
+        Map<String, RealmProperties> realms = createSamlRealms();
         
         // Add Token Provider
         List<TokenProvider> providerList = new ArrayList<TokenProvider>();
@@ -569,7 +569,7 @@ public class IssueSamlClaimsUnitTest extends org.junit.Assert {
             boolean useGlobalIdentityMapper) throws WSSecurityException {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
         
-        Map<String, SAMLRealm> realms = createSamlRealms();
+        Map<String, RealmProperties> realms = createSamlRealms();
         
         // Add Token Provider
         List<TokenProvider> providerList = new ArrayList<TokenProvider>();
@@ -826,13 +826,13 @@ public class IssueSamlClaimsUnitTest extends org.junit.Assert {
         return claimValue;
     }
     
-    private Map<String, SAMLRealm> createSamlRealms() {
+    private Map<String, RealmProperties> createSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;
@@ -843,7 +843,7 @@ public class IssueSamlClaimsUnitTest extends org.junit.Assert {
      */
     private Element createSAMLAssertion(
             String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler,
-            Map<String, SAMLRealm> realms
+            Map<String, RealmProperties> realms
     ) throws WSSecurityException {
         
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
index 6667227..f8badb0 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
@@ -46,7 +46,7 @@ import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
@@ -332,8 +332,8 @@ public class IssueSamlRealmUnitTest extends org.junit.Assert {
         issueOperation.setStsProperties(stsProperties);
         
         // Set signature properties in SAMLRealm B
-        Map<String, SAMLRealm> samlRealms = provider.getRealmMap();
-        SAMLRealm realm = samlRealms.get("B");
+        Map<String, RealmProperties> samlRealms = provider.getRealmMap();
+        RealmProperties realm = samlRealms.get("B");
         realm.setSignatureCrypto(crypto);
         realm.setCallbackHandler(new PasswordCallbackHandler());
         
@@ -431,8 +431,8 @@ public class IssueSamlRealmUnitTest extends org.junit.Assert {
         issueOperation.setStsProperties(stsProperties);
         
         // Set signature properties in SAMLRealm B
-        Map<String, SAMLRealm> samlRealms = provider.getRealmMap();
-        SAMLRealm realm = samlRealms.get("B");
+        Map<String, RealmProperties> samlRealms = provider.getRealmMap();
+        RealmProperties realm = samlRealms.get("B");
         realm.setSignatureCrypto(CryptoFactory.getInstance(getEncryptionPropertiesPKCS12()));
         realm.setCallbackHandler(new PasswordCallbackHandler());
         
@@ -485,12 +485,12 @@ public class IssueSamlRealmUnitTest extends org.junit.Assert {
     /**
      * Create some SAML Realms
      */
-    private Map<String, SAMLRealm> createRealms() {
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+    private Map<String, RealmProperties> createRealms() {
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
index 857ea55..8ff98c5 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
@@ -61,8 +61,8 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
 import org.apache.cxf.sts.token.validator.TokenValidator;
@@ -325,7 +325,7 @@ public class ValidateTokenTransformationUnitTest extends org.junit.Assert {
     public void testValidateSaml2TokenOnBehalfOfSaml2DifferentRealmFederateClaims() throws Exception {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
         
-        Map<String, SAMLRealm> realms = createSamlRealms();
+        Map<String, RealmProperties> realms = createSamlRealms();
         
         // Add Token Provider
         List<TokenProvider> providerList = new ArrayList<TokenProvider>();
@@ -549,7 +549,7 @@ public class ValidateTokenTransformationUnitTest extends org.junit.Assert {
             boolean useGlobalIdentityMapper) throws WSSecurityException {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
         
-        Map<String, SAMLRealm> realms = createSamlRealms();
+        Map<String, RealmProperties> realms = createSamlRealms();
         
         // Add Token Provider
         List<TokenProvider> providerList = new ArrayList<TokenProvider>();
@@ -715,13 +715,13 @@ public class ValidateTokenTransformationUnitTest extends org.junit.Assert {
         return stsProperties;
     }
     
-    private Map<String, SAMLRealm> createSamlRealms() {
+    private Map<String, RealmProperties> createSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;
@@ -836,7 +836,7 @@ public class ValidateTokenTransformationUnitTest extends org.junit.Assert {
      */
     private Element createSAMLAssertion(
             String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler,
-            Map<String, SAMLRealm> realms
+            Map<String, RealmProperties> realms
     ) throws WSSecurityException {
         
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
index 2ef1669..81a763c 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderRealmTest.java
@@ -33,7 +33,7 @@ import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.sts.request.TokenRequirements;
 import org.apache.cxf.sts.service.EncryptionProperties;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.ext.WSSecurityException;
@@ -57,11 +57,72 @@ public class SAMLProviderRealmTest extends org.junit.Assert {
         providerParameters.setRealm("A");
         
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
+        samlRealm.setIssuer("B-Issuer");
+        samlRealms.put("B", samlRealm);
+        ((SAMLTokenProvider)samlTokenProvider).setRealmMap(samlRealms);
+        
+        // Realm "A"
+        assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML_TOKEN_TYPE, "A"));
+        TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
+        assertTrue(providerResponse != null);
+        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
+        
+        Element token = (Element)providerResponse.getToken();
+        String tokenString = DOM2Writer.nodeToString(token);
+        assertTrue(tokenString.contains(providerResponse.getTokenId()));
+        assertTrue(tokenString.contains("A-Issuer"));
+        assertFalse(tokenString.contains("B-Issuer"));
+        assertFalse(tokenString.contains("STS"));
+        
+        // Realm "B"
+        providerParameters.setRealm("B");
+        assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML_TOKEN_TYPE, "B"));
+        providerResponse = samlTokenProvider.createToken(providerParameters);
+        assertTrue(providerResponse != null);
+        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
+        
+        token = (Element)providerResponse.getToken();
+        tokenString = DOM2Writer.nodeToString(token);
+        assertTrue(tokenString.contains(providerResponse.getTokenId()));
+        assertFalse(tokenString.contains("A-Issuer"));
+        assertTrue(tokenString.contains("B-Issuer"));
+        assertFalse(tokenString.contains("STS"));
+        
+        // Default Realm
+        providerParameters.setRealm(null);
+        assertTrue(samlTokenProvider.canHandleToken(WSConstants.WSS_SAML_TOKEN_TYPE, null));
+        providerResponse = samlTokenProvider.createToken(providerParameters);
+        assertTrue(providerResponse != null);
+        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
+        
+        token = (Element)providerResponse.getToken();
+        tokenString = DOM2Writer.nodeToString(token);
+        assertTrue(tokenString.contains(providerResponse.getTokenId()));
+        assertFalse(tokenString.contains("A-Issuer"));
+        assertFalse(tokenString.contains("B-Issuer"));
+        assertTrue(tokenString.contains("STS"));
+    }
+    
+    @SuppressWarnings("deprecation")
+    @org.junit.Test
+    public void testRealmsUsingOldRealmClass() throws Exception {
+        TokenProvider samlTokenProvider = new SAMLTokenProvider();
+        TokenProviderParameters providerParameters = 
+            createProviderParameters(WSConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
+        providerParameters.setRealm("A");
+        
+        // Create Realms
+        Map<String, org.apache.cxf.sts.token.realm.SAMLRealm> samlRealms = 
+            new HashMap<String, org.apache.cxf.sts.token.realm.SAMLRealm>();
+        org.apache.cxf.sts.token.realm.SAMLRealm samlRealm = new org.apache.cxf.sts.token.realm.SAMLRealm();
+        samlRealm.setIssuer("A-Issuer");
+        samlRealms.put("A", samlRealm);
+        samlRealm = new org.apache.cxf.sts.token.realm.SAMLRealm();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         ((SAMLTokenProvider)samlTokenProvider).setRealmMap(samlRealms);

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
index afee371..6dd4ca8 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerRealmTest.java
@@ -47,7 +47,7 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.SAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
@@ -128,7 +128,7 @@ public class SAMLTokenRenewerRealmTest extends org.junit.Assert {
         TokenRenewer samlTokenRenewer = new SAMLTokenRenewer();
         samlTokenRenewer.setVerifyProofOfPossession(false);
         samlTokenRenewer.setAllowRenewalAfterExpiry(true);
-        Map<String, SAMLRealm> samlRealms = getSamlRealms();
+        Map<String, RealmProperties> samlRealms = getSamlRealms();
         ((SAMLTokenRenewer)samlTokenRenewer).setRealmMap(samlRealms);
         String realm = validatorResponse.getTokenRealm();
         assertTrue(samlTokenRenewer.canHandleToken(validatorResponse.getToken(), realm));
@@ -201,7 +201,7 @@ public class SAMLTokenRenewerRealmTest extends org.junit.Assert {
         TokenRenewer samlTokenRenewer = new SAMLTokenRenewer();
         samlTokenRenewer.setVerifyProofOfPossession(false);
         samlTokenRenewer.setAllowRenewalAfterExpiry(true);
-        Map<String, SAMLRealm> samlRealms = getSamlRealms();
+        Map<String, RealmProperties> samlRealms = getSamlRealms();
         ((SAMLTokenRenewer)samlTokenRenewer).setRealmMap(samlRealms);
         String realm = validatorResponse.getTokenRealm();
         assertTrue(samlTokenRenewer.canHandleToken(validatorResponse.getToken(), realm));
@@ -287,7 +287,7 @@ public class SAMLTokenRenewerRealmTest extends org.junit.Assert {
         }
         
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = getSamlRealms();
+        Map<String, RealmProperties> samlRealms = getSamlRealms();
         ((SAMLTokenProvider)samlTokenProvider).setRealmMap(samlRealms);
         
         TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
@@ -297,13 +297,13 @@ public class SAMLTokenRenewerRealmTest extends org.junit.Assert {
         return (Element)providerResponse.getToken();
     }
     
-    private Map<String, SAMLRealm> getSamlRealms() {
+    private Map<String, RealmProperties> getSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
index c12f1c7..94d4b2d 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorCachedRealmTest.java
@@ -44,7 +44,7 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.SAMLRealmCodec;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.wss4j.common.crypto.Crypto;
@@ -179,7 +179,7 @@ public class SAMLTokenValidatorCachedRealmTest extends org.junit.Assert {
         providerParameters.setRealm(realm);
         
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = getSamlRealms();
+        Map<String, RealmProperties> samlRealms = getSamlRealms();
         ((SAMLTokenProvider)samlTokenProvider).setRealmMap(samlRealms);
         
         TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
@@ -189,13 +189,13 @@ public class SAMLTokenValidatorCachedRealmTest extends org.junit.Assert {
         return (Element)providerResponse.getToken();
     }
     
-    private Map<String, SAMLRealm> getSamlRealms() {
+    private Map<String, RealmProperties> getSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorRealmTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorRealmTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorRealmTest.java
index 08e2551..cab5fa7 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorRealmTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorRealmTest.java
@@ -43,7 +43,7 @@ import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.SAMLRealmCodec;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -188,7 +188,7 @@ public class SAMLTokenValidatorRealmTest extends org.junit.Assert {
         providerParameters.setRealm(realm);
         
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = getSamlRealms();
+        Map<String, RealmProperties> samlRealms = getSamlRealms();
         ((SAMLTokenProvider)samlTokenProvider).setRealmMap(samlRealms);
         
         TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
@@ -198,13 +198,13 @@ public class SAMLTokenValidatorRealmTest extends org.junit.Assert {
         return (Element)providerResponse.getToken();
     }
     
-    private Map<String, SAMLRealm> getSamlRealms() {
+    private Map<String, RealmProperties> getSamlRealms() {
         // Create Realms
-        Map<String, SAMLRealm> samlRealms = new HashMap<String, SAMLRealm>();
-        SAMLRealm samlRealm = new SAMLRealm();
+        Map<String, RealmProperties> samlRealms = new HashMap<String, RealmProperties>();
+        RealmProperties samlRealm = new RealmProperties();
         samlRealm.setIssuer("A-Issuer");
         samlRealms.put("A", samlRealm);
-        samlRealm = new SAMLRealm();
+        samlRealm = new RealmProperties();
         samlRealm.setIssuer("B-Issuer");
         samlRealms.put("B", samlRealm);
         return samlRealms;

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml1.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml1.xml b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml1.xml
index 2f6a46b..3775534 100644
--- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml1.xml
+++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml1.xml
@@ -44,11 +44,11 @@
     <util:list id="transportTokenValidators">
         <ref bean="transportSAMLValidator"/>
     </util:list>
-    <bean id="realmA" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmA" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="A-Issuer"/>
         <property name="signatureAlias" value="myclientkey"/>
     </bean>
-    <bean id="realmC" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmC" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="C-Issuer"/>
         <property name="signatureAlias" value="myservicekey"/>
     </bean>

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml2.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml2.xml b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml2.xml
index 0cd889e..4447d9f 100644
--- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml2.xml
+++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/realms/cxf-sts-saml2.xml
@@ -44,7 +44,7 @@
     <util:list id="transportTokenValidators">
         <ref bean="transportSAMLValidator"/>
     </util:list>
-    <bean id="realmB" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmB" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="B-Issuer"/>
     </bean>
     <util:map id="realms">

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issueunit/IssueUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issueunit/IssueUnitTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issueunit/IssueUnitTest.java
index d3ea738..fc770a8 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issueunit/IssueUnitTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/issueunit/IssueUnitTest.java
@@ -45,7 +45,7 @@ import org.apache.cxf.sts.service.EncryptionProperties;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
-import org.apache.cxf.sts.token.realm.SAMLRealm;
+import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.systest.sts.common.CommonCallbackHandler;
 import org.apache.cxf.systest.sts.common.SecurityTestUtil;
 import org.apache.cxf.systest.sts.deployment.STSServer;
@@ -554,7 +554,7 @@ public class IssueUnitTest extends AbstractBusClientServerTestBase {
      */
     private Element createSAMLAssertion(
         String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler,
-        Map<String, SAMLRealm> realms, String user, String issuer
+        Map<String, RealmProperties> realms, String user, String issuer
     ) throws WSSecurityException {
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/delegation/cxf-sts-transport.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/delegation/cxf-sts-transport.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/delegation/cxf-sts-transport.xml
index d18ac2e..6ed9b6b 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/delegation/cxf-sts-transport.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/delegation/cxf-sts-transport.xml
@@ -83,10 +83,10 @@
         <value>https://localhost:(\d)*/doubleit/services/doubleittransport.*
         </value>
     </util:list>
-    <bean id="realmA" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmA" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="a-issuer"/>
     </bean>
-    <bean id="realmB" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmB" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="b-issuer"/>
     </bean>
     <util:map id="realms">

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-transport.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-transport.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-transport.xml
index 0c45652..d5201cc 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-transport.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/cxf-transport.xml
@@ -96,10 +96,10 @@
         <value>https://localhost:(\d)*/doubleit/services/doubleittransport.*
         </value>
     </util:list>
-    <bean id="realmA" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmA" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="a-issuer"/>
     </bean>
-    <bean id="realmB" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmB" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="b-issuer"/>
     </bean>
     <util:map id="realms">

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml
index 8972213..9f05ebb 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml
@@ -84,10 +84,10 @@
         <value>https://localhost:(\d)*/doubleit/services/doubleittransport.*
         </value>
     </util:list>
-    <bean id="realmA" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmA" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="a-issuer"/>
     </bean>
-    <bean id="realmB" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmB" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="b-issuer"/>
     </bean>
     <util:map id="realms">

http://git-wip-us.apache.org/repos/asf/cxf/blob/a7e86b34/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/issuer/cxf-sts-transport.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/issuer/cxf-sts-transport.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/issuer/cxf-sts-transport.xml
index 99229cd..762ee45 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/issuer/cxf-sts-transport.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/issuer/cxf-sts-transport.xml
@@ -84,10 +84,10 @@
         <value>https://localhost:(\d)*/doubleit/services/doubleittransport.*
         </value>
     </util:list>
-    <bean id="realmA" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmA" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="a-issuer"/>
     </bean>
-    <bean id="realmB" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+    <bean id="realmB" class="org.apache.cxf.sts.token.realm.RealmProperties">
         <property name="issuer" value="b-issuer"/>
     </bean>
     <util:map id="realms">


Mime
View raw message