cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [4/4] cxf git commit: Finished removing the WebServiceContext from the STS
Date Tue, 02 Feb 2016 16:54:18 GMT
Finished removing the WebServiceContext from the STS


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/53a46205
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/53a46205
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/53a46205

Branch: refs/heads/master
Commit: 53a46205871434d8c47ed45822e078e5ad6d2c60
Parents: 3b2f2ed
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Feb 2 16:53:53 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Feb 2 16:53:53 2016 +0000

----------------------------------------------------------------------
 .../sts/provider/SecurityTokenServiceImpl.java  | 24 +++--
 .../provider/SecurityTokenServiceProvider.java  | 24 +++--
 .../sts/provider/operation/CancelOperation.java |  6 +-
 .../sts/provider/operation/IssueOperation.java  |  6 +-
 .../operation/IssueSingleOperation.java         |  6 +-
 .../operation/KeyExchangeTokenOperation.java    |  6 +-
 .../sts/provider/operation/RenewOperation.java  |  6 +-
 .../operation/RequestCollectionOperation.java   |  6 +-
 .../provider/operation/ValidateOperation.java   |  6 +-
 .../cxf/sts/operation/AbstractOperation.java    | 36 ++++----
 .../cxf/sts/operation/TokenCancelOperation.java | 12 ++-
 .../cxf/sts/operation/TokenIssueOperation.java  | 41 +++++----
 .../cxf/sts/operation/TokenRenewOperation.java  | 27 +++---
 .../TokenRequestCollectionOperation.java        | 20 ++--
 .../sts/operation/TokenValidateOperation.java   | 17 ++--
 .../claims/mapper/JexlIssueSamlClaimsTest.java  | 10 +-
 .../cxf/sts/operation/CancelSCTUnitTest.java    |  9 +-
 .../sts/operation/IssueEncryptedUnitTest.java   | 40 ++++----
 .../sts/operation/IssueJWTClaimsUnitTest.java   | 25 +++--
 .../operation/IssueJWTOnbehalfofUnitTest.java   | 12 +--
 .../sts/operation/IssueJWTRealmUnitTest.java    | 27 +++---
 .../cxf/sts/operation/IssueJWTUnitTest.java     |  7 +-
 .../sts/operation/IssueOnbehalfofUnitTest.java  | 62 +++++--------
 .../cxf/sts/operation/IssueSCTUnitTest.java     | 19 ++--
 .../sts/operation/IssueSamlClaimsUnitTest.java  | 38 ++++----
 .../sts/operation/IssueSamlRealmUnitTest.java   | 33 ++++---
 .../cxf/sts/operation/IssueSamlUnitTest.java    | 97 ++++++++++----------
 .../apache/cxf/sts/operation/IssueUnitTest.java | 31 +++----
 .../cxf/sts/operation/RenewSamlUnitTest.java    | 31 +++----
 .../ValidateJWTTransformationTest.java          | 21 ++---
 .../cxf/sts/operation/ValidateJWTUnitTest.java  |  7 +-
 .../cxf/sts/operation/ValidateSCTUnitTest.java  |  9 +-
 .../cxf/sts/operation/ValidateSamlUnitTest.java | 13 ++-
 .../ValidateTokenTransformationUnitTest.java    | 31 +++----
 .../cxf/sts/operation/ValidateUnitTest.java     | 18 ++--
 .../ValidateUsernameTokenUnitTest.java          | 13 ++-
 .../operation/ValidateX509TokenUnitTest.java    | 13 ++-
 37 files changed, 398 insertions(+), 411 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceImpl.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceImpl.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceImpl.java
index 0490f2d..dc989a2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceImpl.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceImpl.java
@@ -19,6 +19,9 @@
 
 package org.apache.cxf.ws.security.sts.provider;
 
+import java.security.Principal;
+import java.util.Map;
+
 import javax.annotation.Resource;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPFault;
@@ -88,7 +91,7 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (validateOperation == null) {
             throwUnsupportedOperation("Validate");
         }
-        return validateOperation.validate(request, context);
+        return validateOperation.validate(request, getPrincipal(), getMessageContext());
     }
 
 
@@ -97,7 +100,7 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (requestCollectionOperation == null) {
             throwUnsupportedOperation("RequestCollection");
         }
-        return requestCollectionOperation.requestCollection(requestCollection, context);
+        return requestCollectionOperation.requestCollection(requestCollection, getPrincipal(), getMessageContext());
     }
 
     public RequestSecurityTokenResponseType keyExchangeToken(
@@ -105,7 +108,7 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (keyExchangeTokenOperation == null) {
             throwUnsupportedOperation("KeyExchangeToken");
         }
-        return keyExchangeTokenOperation.keyExchangeToken(request, context);
+        return keyExchangeTokenOperation.keyExchangeToken(request, getPrincipal(), getMessageContext());
     }
 
     public RequestSecurityTokenResponseCollectionType issue(
@@ -113,7 +116,7 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (issueOperation == null) {
             throwUnsupportedOperation("Issue");
         }
-        return issueOperation.issue(request, context);
+        return issueOperation.issue(request, getPrincipal(), getMessageContext());
     }
     
     public RequestSecurityTokenResponseType issueSingle(
@@ -121,7 +124,7 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (issueSingleOperation == null) {
             throwUnsupportedOperation("IssueSingle");
         }
-        return issueSingleOperation.issueSingle(request, context);
+        return issueSingleOperation.issueSingle(request, getPrincipal(), getMessageContext());
     }
 
     public RequestSecurityTokenResponseType cancel(
@@ -129,7 +132,7 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (cancelOperation == null) {
             throwUnsupportedOperation("Cancel");
         }
-        return cancelOperation.cancel(request, context);
+        return cancelOperation.cancel(request, getPrincipal(), getMessageContext());
     }
 
     public RequestSecurityTokenResponseType renew(
@@ -137,9 +140,16 @@ public class SecurityTokenServiceImpl implements SecurityTokenService {
         if (renewOperation == null) {
             throwUnsupportedOperation("Renew");
         }
-        return renewOperation.renew(request, context);
+        return renewOperation.renew(request, getPrincipal(), getMessageContext());
+    }
+    
+    protected Principal getPrincipal() {
+        return context.getUserPrincipal();
     }
     
+    protected Map<String, Object> getMessageContext() {
+        return context.getMessageContext();
+    }
     
     private void throwUnsupportedOperation(String string) {
         try {

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
index 7b7c926..8c4a2cb 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
@@ -22,6 +22,7 @@ package org.apache.cxf.ws.security.sts.provider;
 import java.lang.reflect.Field;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.security.Principal;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
@@ -89,32 +90,38 @@ public class SecurityTokenServiceProvider implements Provider<Source> {
         try {
             Method m = IssueOperation.class.getDeclaredMethod("issue", 
                                                               RequestSecurityTokenType.class, 
-                                                              WebServiceContext.class);
+                                                              Principal.class,
+                                                              Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_ISSUE, m);
             
             m = CancelOperation.class.getDeclaredMethod("cancel", 
                                                        RequestSecurityTokenType.class, 
-                                                       WebServiceContext.class);
+                                                       Principal.class,
+                                                       Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_CANCEL, m);
             
             m = RenewOperation.class.getDeclaredMethod("renew", 
                                                        RequestSecurityTokenType.class, 
-                                                       WebServiceContext.class);
+                                                       Principal.class,
+                                                       Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_RENEW, m);
             
             m = ValidateOperation.class.getDeclaredMethod("validate", 
                                                        RequestSecurityTokenType.class, 
-                                                       WebServiceContext.class);
+                                                       Principal.class,
+                                                       Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_VALIDATE, m);
             
             m = KeyExchangeTokenOperation.class.getDeclaredMethod("keyExchangeToken", 
                                                        RequestSecurityTokenType.class, 
-                                                       WebServiceContext.class);
+                                                       Principal.class,
+                                                       Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_KEYEXCHANGETOKEN, m);
             
             m = RequestCollectionOperation.class.getDeclaredMethod("requestCollection", 
                                                        RequestSecurityTokenCollectionType.class, 
-                                                       WebServiceContext.class);
+                                                       Principal.class,
+                                                       Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_REQUESTCOLLECTION, m);
         } catch (Exception ex) {
             ex.printStackTrace();
@@ -169,7 +176,8 @@ public class SecurityTokenServiceProvider implements Provider<Source> {
         try {
             m = IssueSingleOperation.class.getDeclaredMethod("issueSingle", 
                     RequestSecurityTokenType.class, 
-                    WebServiceContext.class);
+                    Principal.class,
+                    Map.class);
             OPERATION_METHODS.put(WSTRUST_REQUESTTYPE_ISSUE, m);
             operationMap.put(WSTRUST_REQUESTTYPE_ISSUE, issueSingleOperation);
         } catch (Exception e) {
@@ -233,7 +241,7 @@ public class SecurityTokenServiceProvider implements Provider<Source> {
                 throw new Exception(
                         "Implementation for this operation not found.");
             }
-            obj = method.invoke(operationImpl, obj, context);
+            obj = method.invoke(operationImpl, obj, context.getUserPrincipal(), context.getMessageContext());
             if (obj == null) {
                 throw new Exception("Error in implementation class.");
             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/CancelOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/CancelOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/CancelOperation.java
index b237c77..6187ee8 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/CancelOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/CancelOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -27,6 +28,7 @@ import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
 public interface CancelOperation {
 
     RequestSecurityTokenResponseType cancel(RequestSecurityTokenType request,
-                                            WebServiceContext context);
+                                            Principal principal,
+                                            Map<String, Object> messageContext);
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueOperation.java
index 30e919a..b156f31 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -28,6 +29,7 @@ public interface IssueOperation {
 
     RequestSecurityTokenResponseCollectionType issue(
             RequestSecurityTokenType request,
-            WebServiceContext context);
+            Principal principal,
+            Map<String, Object> messageContext);
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueSingleOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueSingleOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueSingleOperation.java
index 1714e02..ba3efa6 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueSingleOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/IssueSingleOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -28,6 +29,7 @@ public interface IssueSingleOperation {
 
     RequestSecurityTokenResponseType issueSingle(
             RequestSecurityTokenType request,
-            WebServiceContext context);
+            Principal principal,
+            Map<String, Object> messageContext);
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/KeyExchangeTokenOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/KeyExchangeTokenOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/KeyExchangeTokenOperation.java
index afde2c9..f5f3330 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/KeyExchangeTokenOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/KeyExchangeTokenOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -28,6 +29,7 @@ public interface KeyExchangeTokenOperation {
 
     RequestSecurityTokenResponseType keyExchangeToken(
             RequestSecurityTokenType request,
-            WebServiceContext context);
+            Principal principal,
+            Map<String, Object> messageContext);
 
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RenewOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RenewOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RenewOperation.java
index afc4724..cc8b79d 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RenewOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RenewOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -27,6 +28,7 @@ import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
 public interface RenewOperation {
 
     RequestSecurityTokenResponseType renew(RequestSecurityTokenType request,
-                                           WebServiceContext context);
+                                           Principal principal,
+                                           Map<String, Object> messageContext);
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RequestCollectionOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RequestCollectionOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RequestCollectionOperation.java
index 7629a4e..eaccc72 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RequestCollectionOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/RequestCollectionOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
@@ -28,6 +29,7 @@ public interface RequestCollectionOperation {
 
     RequestSecurityTokenResponseCollectionType requestCollection(
             RequestSecurityTokenCollectionType requestCollection,
-            WebServiceContext context);
+            Principal principal,
+            Map<String, Object> messageContext);
 
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/ValidateOperation.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/ValidateOperation.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/ValidateOperation.java
index 118d7ed..e35d7a5 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/ValidateOperation.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/operation/ValidateOperation.java
@@ -19,7 +19,8 @@
 
 package org.apache.cxf.ws.security.sts.provider.operation;
 
-import javax.xml.ws.WebServiceContext;
+import java.security.Principal;
+import java.util.Map;
 
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -27,6 +28,7 @@ import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
 public interface ValidateOperation {
 
     RequestSecurityTokenResponseType validate(RequestSecurityTokenType request,
-                                              WebServiceContext context);
+                                              Principal principal,
+                                              Map<String, Object> messageContext);
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
index c88471e..6133816 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
@@ -23,14 +23,13 @@ import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.xml.bind.JAXBElement;
 import javax.xml.namespace.QName;
-import javax.xml.ws.WebServiceContext;
-import javax.xml.ws.handler.MessageContext;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -169,9 +168,9 @@ public abstract class AbstractOperation {
      */
     protected RequestRequirements parseRequest(
         RequestSecurityTokenType request,
-        WebServiceContext context
+        Map<String, Object> messageContext
     ) {
-        if (context == null || context.getMessageContext() == null) {
+        if (messageContext == null) {
             throw new STSException("No message context found");
         }
         
@@ -181,7 +180,7 @@ public abstract class AbstractOperation {
         stsProperties.configureProperties();
         
         RequestParser requestParser = new RequestParser();
-        return requestParser.parseRequest(request, context.getMessageContext(), stsProperties, 
+        return requestParser.parseRequest(request, messageContext, stsProperties, 
                                           claimsManager.getClaimParsers());
     }
     
@@ -381,15 +380,16 @@ public abstract class AbstractOperation {
     }
 
     /**
-     * Create a TokenProviderParameters object given a RequestParser and WebServiceContext object
+     * Create a TokenProviderParameters object
      */
     protected TokenProviderParameters createTokenProviderParameters(
-        RequestRequirements requestRequirements, WebServiceContext context
+        RequestRequirements requestRequirements, Principal principal,
+        Map<String, Object> messageContext
     ) {
         TokenProviderParameters providerParameters = new TokenProviderParameters();
         providerParameters.setStsProperties(stsProperties);
-        providerParameters.setPrincipal(context.getUserPrincipal());
-        providerParameters.setMessageContext(context.getMessageContext());
+        providerParameters.setPrincipal(principal);
+        providerParameters.setMessageContext(messageContext);
         providerParameters.setTokenStore(getTokenStore());
         providerParameters.setEncryptToken(encryptIssuedToken);
         
@@ -408,7 +408,7 @@ public abstract class AbstractOperation {
         // Get the realm of the request
         if (stsProperties.getRealmParser() != null) {
             RealmParser realmParser = stsProperties.getRealmParser();
-            String realm = realmParser.parseRealm(context.getMessageContext());
+            String realm = realmParser.parseRealm(messageContext);
             providerParameters.setRealm(realm);
         }
         
@@ -460,7 +460,8 @@ public abstract class AbstractOperation {
     }
     
     protected TokenValidatorResponse validateReceivedToken(
-            WebServiceContext context, String realm,
+            Principal principal,
+            Map<String, Object> messageContext, String realm,
             TokenRequirements tokenRequirements, ReceivedToken token) {
         token.setState(STATE.NONE);
         
@@ -469,8 +470,8 @@ public abstract class AbstractOperation {
         
         TokenValidatorParameters validatorParameters = new TokenValidatorParameters();
         validatorParameters.setStsProperties(stsProperties);
-        validatorParameters.setPrincipal(context.getUserPrincipal());
-        validatorParameters.setMessageContext(context.getMessageContext());
+        validatorParameters.setPrincipal(principal);
+        validatorParameters.setMessageContext(messageContext);
         validatorParameters.setTokenStore(getTokenStore());
         validatorParameters.setKeyRequirements(null);
         validatorParameters.setTokenRequirements(validateRequirements);
@@ -511,13 +512,14 @@ public abstract class AbstractOperation {
     }
     
     protected void performDelegationHandling(
-        RequestRequirements requestRequirements, WebServiceContext context, ReceivedToken token,
+        RequestRequirements requestRequirements, Principal principal,
+        Map<String, Object> messageContext, ReceivedToken token,
         Principal tokenPrincipal, Set<Principal> tokenRoles
     ) {
         TokenDelegationParameters delegationParameters = new TokenDelegationParameters();
         delegationParameters.setStsProperties(stsProperties);
-        delegationParameters.setPrincipal(context.getUserPrincipal());
-        delegationParameters.setMessageContext(context.getMessageContext());
+        delegationParameters.setPrincipal(principal);
+        delegationParameters.setMessageContext(messageContext);
         delegationParameters.setTokenStore(getTokenStore());
         delegationParameters.setTokenPrincipal(tokenPrincipal);
         delegationParameters.setTokenRoles(tokenRoles);
@@ -617,7 +619,7 @@ public abstract class AbstractOperation {
     
     protected static org.apache.xml.security.stax.securityToken.SecurityToken 
     findInboundSecurityToken(SecurityEventConstants.Event event,
-                             MessageContext messageContext) throws XMLSecurityException {
+                             Map<String, Object> messageContext) throws XMLSecurityException {
         @SuppressWarnings("unchecked")
         final List<SecurityEvent> incomingEventList = 
             (List<SecurityEvent>) messageContext.get(SecurityEvent.class.getName() + ".in");

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
index 1bec1fe..8db75c3 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
@@ -19,13 +19,14 @@
 
 package org.apache.cxf.sts.operation;
 
+import java.security.Principal;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.xml.bind.JAXBElement;
-import javax.xml.ws.WebServiceContext;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.QNameConstants;
@@ -65,20 +66,21 @@ public class TokenCancelOperation extends AbstractOperation implements CancelOpe
     }
     
     public RequestSecurityTokenResponseType cancel(
-        RequestSecurityTokenType request, WebServiceContext context
+        RequestSecurityTokenType request, Principal principal,
+        Map<String, Object> messageContext
     ) {
         long start = System.currentTimeMillis();
         TokenCancellerParameters cancellerParameters = new TokenCancellerParameters();
         
         try {
-            RequestRequirements requestRequirements = parseRequest(request, context);
+            RequestRequirements requestRequirements = parseRequest(request, messageContext);
             
             KeyRequirements keyRequirements = requestRequirements.getKeyRequirements();
             TokenRequirements tokenRequirements = requestRequirements.getTokenRequirements();
             
             cancellerParameters.setStsProperties(stsProperties);
-            cancellerParameters.setPrincipal(context.getUserPrincipal());
-            cancellerParameters.setMessageContext(context.getMessageContext());
+            cancellerParameters.setPrincipal(principal);
+            cancellerParameters.setMessageContext(messageContext);
             cancellerParameters.setTokenStore(getTokenStore());
             
             cancellerParameters.setKeyRequirements(keyRequirements);

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
index dc3ac86..a2513ef 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
@@ -28,8 +28,6 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.xml.bind.JAXBElement;
-import javax.xml.ws.WebServiceContext;
-import javax.xml.ws.handler.MessageContext;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -85,9 +83,10 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
 
     public RequestSecurityTokenResponseCollectionType issue(
             RequestSecurityTokenType request,
-            WebServiceContext context
+            Principal principal,
+            Map<String, Object> messageContext
     ) {
-        RequestSecurityTokenResponseType response = issueSingle(request, context);
+        RequestSecurityTokenResponseType response = issueSingle(request, principal, messageContext);
         RequestSecurityTokenResponseCollectionType responseCollection = 
             QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseCollectionType();
         responseCollection.getRequestSecurityTokenResponse().add(response);
@@ -96,12 +95,13 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
     
     public RequestSecurityTokenResponseCollectionType issue(
             RequestSecurityTokenCollectionType requestCollection,
-            WebServiceContext context
+            Principal principal,
+            Map<String, Object> messageContext
     ) {
         RequestSecurityTokenResponseCollectionType responseCollection = 
             QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseCollectionType();
         for (RequestSecurityTokenType request : requestCollection.getRequestSecurityToken()) {
-            RequestSecurityTokenResponseType response = issueSingle(request, context);
+            RequestSecurityTokenResponseType response = issueSingle(request, principal, messageContext);
             responseCollection.getRequestSecurityTokenResponse().add(response);
         }
         return responseCollection;
@@ -109,14 +109,15 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
 
     public RequestSecurityTokenResponseType issueSingle(
             RequestSecurityTokenType request,
-            WebServiceContext context
+            Principal principal,
+            Map<String, Object> messageContext
     ) {
         long start = System.currentTimeMillis();
         TokenProviderParameters providerParameters = new TokenProviderParameters();
         try {
-            RequestRequirements requestRequirements = parseRequest(request, context);
+            RequestRequirements requestRequirements = parseRequest(request, messageContext);
     
-            providerParameters = createTokenProviderParameters(requestRequirements, context);
+            providerParameters = createTokenProviderParameters(requestRequirements, principal, messageContext);
             providerParameters.setClaimsManager(claimsManager);
             
             String realm = providerParameters.getRealm();
@@ -125,7 +126,7 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
             String tokenType = tokenRequirements.getTokenType();
     
             if (stsProperties.getSamlRealmCodec() != null) {
-                SamlAssertionWrapper assertion = fetchSAMLAssertionFromWSSecuritySAMLToken(context);
+                SamlAssertionWrapper assertion = fetchSAMLAssertionFromWSSecuritySAMLToken(messageContext);
 
                 if (assertion != null) {
                     String wssecRealm = stsProperties.getSamlRealmCodec().getRealmFromToken(assertion);
@@ -149,14 +150,14 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
             // Validate OnBehalfOf token if present
             if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
                 ReceivedToken validateTarget = providerParameters.getTokenRequirements().getOnBehalfOf();
-                handleDelegationToken(validateTarget, providerParameters, context, 
+                handleDelegationToken(validateTarget, providerParameters, principal, messageContext, 
                                       realm, requestRequirements);
             }
             
             // See whether ActAs is allowed or not
             if (providerParameters.getTokenRequirements().getActAs() != null) {
                 ReceivedToken validateTarget = providerParameters.getTokenRequirements().getActAs();
-                handleDelegationToken(validateTarget, providerParameters, context, 
+                handleDelegationToken(validateTarget, providerParameters, principal, messageContext, 
                                       realm, requestRequirements);
             }
     
@@ -195,7 +196,7 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
                 EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
                 RequestSecurityTokenResponseType response = 
                     createResponse(
-                            encryptionProperties, tokenResponse, tokenRequirements, keyRequirements, context
+                            encryptionProperties, tokenResponse, tokenRequirements, keyRequirements
                     );
                 STSIssueSuccessEvent event = new STSIssueSuccessEvent(providerParameters,
                         System.currentTimeMillis() - start);
@@ -218,12 +219,13 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
     private void handleDelegationToken(
         ReceivedToken validateTarget,
         TokenProviderParameters providerParameters,
-        WebServiceContext context,
+        Principal principal,
+        Map<String, Object> messageContext,
         String realm,
         RequestRequirements requestRequirements
     ) {
         TokenValidatorResponse tokenResponse = validateReceivedToken(
-                context, realm, requestRequirements.getTokenRequirements(), validateTarget);
+                principal, messageContext, realm, requestRequirements.getTokenRequirements(), validateTarget);
 
         if (tokenResponse == null) {
             LOG.fine("No Token Validator has been found that can handle this token");
@@ -251,15 +253,15 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
         }
         
         // See whether OnBehalfOf/ActAs is allowed or not
-        performDelegationHandling(requestRequirements, context, validateTarget, tokenPrincipal, tokenRoles);
+        performDelegationHandling(requestRequirements, principal, messageContext, 
+                                  validateTarget, tokenPrincipal, tokenRoles);
     }
 
     private RequestSecurityTokenResponseType createResponse(
             EncryptionProperties encryptionProperties,
             TokenProviderResponse tokenResponse, 
             TokenRequirements tokenRequirements,
-            KeyRequirements keyRequirements,
-            WebServiceContext webServiceContext
+            KeyRequirements keyRequirements
     ) throws WSSecurityException {
         RequestSecurityTokenResponseType response = 
             QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseType();
@@ -392,9 +394,8 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera
      * Method to fetch SAML assertion from the WS-Security header
      */
     private static SamlAssertionWrapper fetchSAMLAssertionFromWSSecuritySAMLToken(
-        WebServiceContext wsContext
+        Map<String, Object> messageContext
     ) {
-        MessageContext messageContext = wsContext.getMessageContext();
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>) messageContext.get(WSHandlerConstants.RECV_RESULTS));
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
index c0da0a8..b73c108 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.sts.operation;
 
+import java.security.Principal;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
@@ -26,7 +27,6 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.xml.bind.JAXBElement;
-import javax.xml.ws.WebServiceContext;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.QNameConstants;
@@ -72,20 +72,21 @@ public class TokenRenewOperation extends AbstractOperation implements RenewOpera
     }
 
     public RequestSecurityTokenResponseType renew(
-        RequestSecurityTokenType request, WebServiceContext context
+        RequestSecurityTokenType request, Principal principal,
+        Map<String, Object> messageContext
     ) {
         long start = System.currentTimeMillis();
         TokenRenewerParameters renewerParameters = new TokenRenewerParameters();
         
         try {
-            RequestRequirements requestRequirements = parseRequest(request, context);
+            RequestRequirements requestRequirements = parseRequest(request, messageContext);
     
             KeyRequirements keyRequirements = requestRequirements.getKeyRequirements();
             TokenRequirements tokenRequirements = requestRequirements.getTokenRequirements();
             
             renewerParameters.setStsProperties(stsProperties);
-            renewerParameters.setPrincipal(context.getUserPrincipal());
-            renewerParameters.setMessageContext(context.getMessageContext());
+            renewerParameters.setPrincipal(principal);
+            renewerParameters.setMessageContext(messageContext);
             renewerParameters.setTokenStore(getTokenStore());
             
             renewerParameters.setKeyRequirements(keyRequirements);
@@ -105,13 +106,13 @@ public class TokenRenewOperation extends AbstractOperation implements RenewOpera
             String realm = null;
             if (stsProperties.getRealmParser() != null) {
                 RealmParser realmParser = stsProperties.getRealmParser();
-                realm = realmParser.parseRealm(context.getMessageContext());
+                realm = realmParser.parseRealm(messageContext);
             }
             renewerParameters.setRealm(realm);
             
             // Validate the request
             TokenValidatorResponse tokenResponse = validateReceivedToken(
-                    context, realm, tokenRequirements, renewTarget);
+                    principal, messageContext, realm, tokenRequirements, renewTarget);
             
             if (tokenResponse == null) {
                 LOG.fine("No Token Validator has been found that can handle this token");
@@ -138,7 +139,7 @@ public class TokenRenewOperation extends AbstractOperation implements RenewOpera
             // Renew the token
             //
             TokenRenewerResponse tokenRenewerResponse = null;
-            renewerParameters = createTokenRenewerParameters(requestRequirements, context);
+            renewerParameters = createTokenRenewerParameters(requestRequirements, principal, messageContext);
             Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
             if (additionalProperties != null) {
                 renewerParameters.setAdditionalProperties(additionalProperties);
@@ -181,7 +182,7 @@ public class TokenRenewOperation extends AbstractOperation implements RenewOpera
                 EncryptionProperties encryptionProperties = renewerParameters.getEncryptionProperties();
                 RequestSecurityTokenResponseType response = 
                     createResponse(
-                        encryptionProperties, tokenRenewerResponse, tokenRequirements, keyRequirements, context
+                        encryptionProperties, tokenRenewerResponse, tokenRequirements, keyRequirements
                     );
                 STSRenewSuccessEvent event = new STSRenewSuccessEvent(renewerParameters,
                         System.currentTimeMillis() - start);
@@ -203,8 +204,7 @@ public class TokenRenewOperation extends AbstractOperation implements RenewOpera
             EncryptionProperties encryptionProperties,
             TokenRenewerResponse tokenRenewerResponse, 
             TokenRequirements tokenRequirements,
-            KeyRequirements keyRequirements,
-            WebServiceContext webServiceContext
+            KeyRequirements keyRequirements
     ) throws WSSecurityException {
         RequestSecurityTokenResponseType response = 
             QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseType();
@@ -279,10 +279,11 @@ public class TokenRenewOperation extends AbstractOperation implements RenewOpera
     }
 
     private TokenRenewerParameters createTokenRenewerParameters(
-        RequestRequirements requestRequirements, WebServiceContext context
+        RequestRequirements requestRequirements, Principal principal,
+        Map<String, Object> messageContext
     ) {
         TokenProviderParameters providerParameters = 
-            createTokenProviderParameters(requestRequirements, context);
+            createTokenProviderParameters(requestRequirements, principal, messageContext);
         
         TokenRenewerParameters renewerParameters = new TokenRenewerParameters();
         renewerParameters.setAppliesToAddress(providerParameters.getAppliesToAddress());

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRequestCollectionOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRequestCollectionOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRequestCollectionOperation.java
index 3f92b84..1302b14 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRequestCollectionOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRequestCollectionOperation.java
@@ -19,13 +19,14 @@
 
 package org.apache.cxf.sts.operation;
 
+import java.security.Principal;
 import java.util.List;
+import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.xml.bind.JAXBElement;
 import javax.xml.namespace.QName;
-import javax.xml.ws.WebServiceContext;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.QNameConstants;
@@ -66,7 +67,8 @@ public class TokenRequestCollectionOperation extends AbstractOperation
 
     public RequestSecurityTokenResponseCollectionType requestCollection(
         RequestSecurityTokenCollectionType requestCollection,
-        WebServiceContext context) {
+        Principal principal,
+        Map<String, Object> messageContext) {
         RequestSecurityTokenResponseCollectionType responseCollection = 
             QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponseCollectionType();
         
@@ -95,7 +97,8 @@ public class TokenRequestCollectionOperation extends AbstractOperation
                 }
             }
             
-            RequestSecurityTokenResponseType response = handleRequest(request, context, requestType);
+            RequestSecurityTokenResponseType response = 
+                handleRequest(request, principal, messageContext, requestType);
             responseCollection.getRequestSecurityTokenResponse().add(response);
         }
         return responseCollection;
@@ -103,7 +106,8 @@ public class TokenRequestCollectionOperation extends AbstractOperation
     
     public RequestSecurityTokenResponseType handleRequest(
             RequestSecurityTokenType request,
-            WebServiceContext context,
+            Principal principal,
+            Map<String, Object> messageContext,
             String requestType
     ) {
         if (WSTRUST_REQUESTTYPE_BATCH_ISSUE.equals(requestType)) {
@@ -113,7 +117,7 @@ public class TokenRequestCollectionOperation extends AbstractOperation
                     "Error in requesting a token", STSException.REQUEST_FAILED
                 );
             }
-            return issueSingleOperation.issueSingle(request, context);
+            return issueSingleOperation.issueSingle(request, principal, messageContext);
         } else if (WSTRUST_REQUESTTYPE_BATCH_VALIDATE.equals(requestType)) {
             if (validateOperation == null) {
                 LOG.log(Level.WARNING, "ValidateOperation is null");
@@ -121,7 +125,7 @@ public class TokenRequestCollectionOperation extends AbstractOperation
                     "Error in requesting a token", STSException.REQUEST_FAILED
                 );
             }
-            return validateOperation.validate(request, context);
+            return validateOperation.validate(request, principal, messageContext);
         } else if (WSTRUST_REQUESTTYPE_BATCH_CANCEL.equals(requestType)) {
             if (cancelOperation == null) {
                 LOG.log(Level.WARNING, "CancelOperation is null");
@@ -129,7 +133,7 @@ public class TokenRequestCollectionOperation extends AbstractOperation
                     "Error in requesting a token", STSException.REQUEST_FAILED
                 );
             }
-            return cancelOperation.cancel(request, context);
+            return cancelOperation.cancel(request, principal, messageContext);
         } else if (WSTRUST_REQUESTTYPE_BATCH_RENEW.equals(requestType)) {
             if (renewOperation == null) {
                 LOG.log(Level.WARNING, "RenewOperation is null");
@@ -137,7 +141,7 @@ public class TokenRequestCollectionOperation extends AbstractOperation
                     "Error in requesting a token", STSException.REQUEST_FAILED
                 );
             }
-            return renewOperation.renew(request, context);
+            return renewOperation.renew(request, principal, messageContext);
         } else {
             LOG.log(Level.WARNING, "Unknown operation requested");
             throw new STSException(

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
index 49cfb74..c029809 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
@@ -19,12 +19,12 @@
 
 package org.apache.cxf.sts.operation;
 
+import java.security.Principal;
 import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.xml.bind.JAXBElement;
-import javax.xml.ws.WebServiceContext;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -65,19 +65,20 @@ public class TokenValidateOperation extends AbstractOperation implements Validat
    
     public RequestSecurityTokenResponseType validate(
         RequestSecurityTokenType request, 
-        WebServiceContext context
+        Principal principal,
+        Map<String, Object> messageContext
     ) {
         long start = System.currentTimeMillis();
         TokenValidatorParameters validatorParameters = new TokenValidatorParameters();
         
         try {
-            RequestRequirements requestRequirements = parseRequest(request, context);
+            RequestRequirements requestRequirements = parseRequest(request, messageContext);
             
             TokenRequirements tokenRequirements = requestRequirements.getTokenRequirements();
             
             validatorParameters.setStsProperties(stsProperties);
-            validatorParameters.setPrincipal(context.getUserPrincipal());
-            validatorParameters.setMessageContext(context.getMessageContext());
+            validatorParameters.setPrincipal(principal);
+            validatorParameters.setMessageContext(messageContext);
             validatorParameters.setTokenStore(getTokenStore());
             
             //validatorParameters.setKeyRequirements(keyRequirements);
@@ -101,12 +102,12 @@ public class TokenValidateOperation extends AbstractOperation implements Validat
             String realm = null;
             if (stsProperties.getRealmParser() != null) {
                 RealmParser realmParser = stsProperties.getRealmParser();
-                realm = realmParser.parseRealm(context.getMessageContext());
+                realm = realmParser.parseRealm(messageContext);
             }
             validatorParameters.setRealm(realm);
             
             TokenValidatorResponse tokenResponse = validateReceivedToken(
-                    context, realm, tokenRequirements, validateTarget);
+                    principal, messageContext, realm, tokenRequirements, validateTarget);
             
             if (tokenResponse == null) {
                 LOG.fine("No Token Validator has been found that can handle this token");
@@ -123,7 +124,7 @@ public class TokenValidateOperation extends AbstractOperation implements Validat
             if (tokenResponse.getToken().getState() == STATE.VALID 
                 && !STSConstants.STATUS.equals(tokenType)) {
                 TokenProviderParameters providerParameters = 
-                     createTokenProviderParameters(requestRequirements, context);
+                     createTokenProviderParameters(requestRequirements, principal, messageContext);
                 
                 processValidToken(providerParameters, validateTarget, tokenResponse);
                 

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
index f81927b..a4c47ce 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
@@ -20,6 +20,7 @@ package org.apache.cxf.sts.claims.mapper;
 
 import java.io.IOException;
 import java.net.URI;
+import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -35,7 +36,6 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.rt.security.claims.Claim;
@@ -100,8 +100,9 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
      * @return
      */
     private List<RequestSecurityTokenResponseType> issueToken(TokenIssueOperation issueOperation,
-        RequestSecurityTokenType request, WebServiceContextImpl webServiceContext) {
-        RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, webServiceContext);
+        RequestSecurityTokenType request, Principal principal, Map<String, Object> messageContext) {
+        RequestSecurityTokenResponseCollectionType response = 
+            issueOperation.issue(request, principal, messageContext);
         List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
         return securityTokenResponse;
@@ -173,10 +174,9 @@ public class JexlIssueSamlClaimsTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "https");
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
 
         List<RequestSecurityTokenResponseType> securityTokenResponseList = issueToken(issueOperation, request,
-                                                                                      webServiceContext);
+                                                                                      null, msgCtx);
         RequestSecurityTokenResponseType securityTokenResponse = securityTokenResponseList.get(0);
 
         // Test the generated token.

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
index ce23cee..04900ca 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
@@ -29,7 +29,6 @@ import javax.xml.namespace.QName;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.security.SecurityContext;
@@ -115,20 +114,20 @@ public class CancelSCTUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+        Principal principal = new CustomTokenPrincipal("alice");
         msgCtx.put(
             SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
+            createSecurityContext(principal)
         );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Cancel a token
         RequestSecurityTokenResponseType response = 
-            cancelOperation.cancel(request, webServiceContext);
+            cancelOperation.cancel(request, principal, msgCtx);
         assertTrue(validateResponse(response));
         
         // Now try to cancel again
         try {
-            cancelOperation.cancel(request, webServiceContext);
+            cancelOperation.cancel(request, principal, msgCtx);
         } catch (STSException ex) {
             // expected
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
index c399543..a8ef79a 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
@@ -29,7 +29,6 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.sts.QNameConstants;
@@ -103,11 +102,10 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -155,11 +153,10 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token - as no encryption name has been specified the token will not be encrypted
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -168,7 +165,7 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         service.setEncryptionProperties(encryptionProperties);
         
         // Issue a (encrypted) token
-        response = issueOperation.issue(request, webServiceContext);
+        response = issueOperation.issue(request, null, msgCtx);
         securityTokenResponse = response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
     }
@@ -215,18 +212,17 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token - this should use a (new) default encryption algorithm as configured
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
         
         encryptionProperties.setEncryptionAlgorithm(WSConstants.KEYTRANSPORT_RSA15);
         try {
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
             fail("Failure expected on a bad encryption algorithm");
         } catch (STSException ex) {
             // expected
@@ -278,11 +274,10 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -297,7 +292,7 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
             );
         request.getAny().add(encryptionAlgorithmType);
         try {
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
             fail("Failure expected on a bad encryption algorithm");
         } catch (STSException ex) {
             // expected
@@ -357,18 +352,17 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token - this should use a (new) default key-wrap algorithm as configured
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
         
         encryptionProperties.setKeyWrapAlgorithm(WSConstants.AES_128);
         try {
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
             fail("Failure expected on a bad key-wrap algorithm");
         } catch (STSException ex) {
             // expected
@@ -431,11 +425,10 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -451,7 +444,7 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
             );
         request.getAny().add(encryptionAlgorithmType);
         try {
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
             fail("Failure expected on a bad key-wrap algorithm");
         } catch (STSException ex) {
             // expected
@@ -502,27 +495,26 @@ public class IssueEncryptedUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token - use various KeyIdentifiers
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
         
         encryptionProperties.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
-        issueOperation.issue(request, webServiceContext);
+        issueOperation.issue(request, null, msgCtx);
         
         encryptionProperties.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
-        issueOperation.issue(request, webServiceContext);
+        issueOperation.issue(request, null, msgCtx);
         
         encryptionProperties.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
-        issueOperation.issue(request, webServiceContext);
+        issueOperation.issue(request, null, msgCtx);
         
         try {
             encryptionProperties.setKeyIdentifierType(WSConstants.BST);
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
             fail("Failure expected on a bad key identifier");
         } catch (STSException ex) {
             // expected

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
index 3dd8372..677b163 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
@@ -34,7 +34,6 @@ import javax.xml.namespace.QName;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
@@ -131,10 +130,11 @@ public class IssueJWTClaimsUnitTest extends org.junit.Assert {
         request.getAny().add(secondaryParameters);
         request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
         
-        WebServiceContextImpl webServiceContext = setupMessageContext();
+        Map<String, Object> messageContext = setupMessageContext();
         
         List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request,
-                webServiceContext);
+                                                                                  new CustomTokenPrincipal("alice"),
+                                                                                  messageContext);
         
         // Test the generated token.
         Element token = null;
@@ -165,9 +165,9 @@ public class IssueJWTClaimsUnitTest extends org.junit.Assert {
      * @return
      */
     private List<RequestSecurityTokenResponseType> issueToken(TokenIssueOperation issueOperation,
-            RequestSecurityTokenType request, WebServiceContextImpl webServiceContext) {
+            RequestSecurityTokenType request, Principal principal, Map<String, Object> msgCtx) {
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -177,14 +177,14 @@ public class IssueJWTClaimsUnitTest extends org.junit.Assert {
     /**
      * @return
      */
-    private WebServiceContextImpl setupMessageContext() {
+    private Map<String, Object> setupMessageContext() {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put(
             SecurityContext.class.getName(), 
             createSecurityContext(new CustomTokenPrincipal("alice"))
         );
-        return new WebServiceContextImpl(msgCtx);
+        return msgCtx;
     }
 
     /**
@@ -258,10 +258,11 @@ public class IssueJWTClaimsUnitTest extends org.junit.Assert {
         
         request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
         
-        WebServiceContextImpl webServiceContext = setupMessageContext();
+        Map<String, Object> messageContext = setupMessageContext();
         
         List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request,
-                webServiceContext);
+                                                                                  new CustomTokenPrincipal("alice"),
+                                                                                  messageContext);
         
         // Test the generated token.
         Element token = null;
@@ -384,10 +385,9 @@ public class IssueJWTClaimsUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "https");
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         List<RequestSecurityTokenResponseType> securityTokenResponseList = issueToken(issueOperation,
-                request, webServiceContext);       
+                request, new CustomTokenPrincipal("alice"), msgCtx);       
         
         // Test the generated token.
         Element token = null;
@@ -537,10 +537,9 @@ public class IssueJWTClaimsUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "https");
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         List<RequestSecurityTokenResponseType> securityTokenResponseList = issueToken(issueOperation,
-                request, webServiceContext);       
+                request, new CustomTokenPrincipal("alice"), msgCtx);       
         
         // Test the generated token.
         Element token = null;

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
index 4f16544..ff5842d 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
@@ -33,7 +33,6 @@ import javax.xml.namespace.QName;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
@@ -150,11 +149,10 @@ public class IssueJWTOnbehalfofUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
 
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -236,13 +234,12 @@ public class IssueJWTOnbehalfofUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
 
         // Issue a token
         
         // This should fail as the default DelegationHandler does not allow UsernameTokens
         try {
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
             fail("Failure expected as UsernameTokens are not accepted for OnBehalfOf by default");
         } catch (STSException ex) {
             // expected
@@ -252,7 +249,7 @@ public class IssueJWTOnbehalfofUnitTest extends org.junit.Assert {
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
         
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -349,12 +346,11 @@ public class IssueJWTOnbehalfofUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "https");
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         tokenProvider.setRealmMap(realms);
         
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, null, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
index 4608396..5c009a1 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
@@ -33,7 +33,6 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
@@ -117,15 +116,15 @@ public class IssueJWTRealmUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "ldap");
+        Principal principal = new CustomTokenPrincipal("alice");
         msgCtx.put(
             SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
+            createSecurityContext(principal)
         );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -192,15 +191,15 @@ public class IssueJWTRealmUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "https");
+        Principal principal = new CustomTokenPrincipal("alice");
         msgCtx.put(
             SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
+            createSecurityContext(principal)
         );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -267,15 +266,15 @@ public class IssueJWTRealmUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "unknown");
+        Principal principal = new CustomTokenPrincipal("alice");
         msgCtx.put(
             SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
+            createSecurityContext(principal)
         );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());
@@ -351,16 +350,16 @@ public class IssueJWTRealmUnitTest extends org.junit.Assert {
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
         msgCtx.put("url", "https");
+        Principal principal = new CustomTokenPrincipal("alice");
         msgCtx.put(
             SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
+            createSecurityContext(principal)
         );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token - this will fail as the RealmProperties configuration is inconsistent
         // no signature alias defined
         try {
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
             fail("Failure expected on no encryption name");
         } catch (STSException ex) {
             // expected
@@ -370,7 +369,7 @@ public class IssueJWTRealmUnitTest extends org.junit.Assert {
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());

http://git-wip-us.apache.org/repos/asf/cxf/blob/53a46205/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
index 5cd7a3c..2f29d3f 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
@@ -31,7 +31,6 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.helpers.DOMUtils;
-import org.apache.cxf.jaxws.context.WebServiceContextImpl;
 import org.apache.cxf.jaxws.context.WrappedMessageContext;
 import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
@@ -114,15 +113,15 @@ public class IssueJWTUnitTest extends org.junit.Assert {
         // Mock up message context
         MessageImpl msg = new MessageImpl();
         WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+        Principal principal = new CustomTokenPrincipal("alice");
         msgCtx.put(
             SecurityContext.class.getName(), 
-            createSecurityContext(new CustomTokenPrincipal("alice"))
+            createSecurityContext(principal)
         );
-        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
         
         // Issue a token
         RequestSecurityTokenResponseCollectionType response = 
-            issueOperation.issue(request, webServiceContext);
+            issueOperation.issue(request, principal, msgCtx);
         List<RequestSecurityTokenResponseType> securityTokenResponse = 
             response.getRequestSecurityTokenResponse();
         assertTrue(!securityTokenResponse.isEmpty());


Mime
View raw message