cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/3] cxf git commit: Security test refactor
Date Tue, 17 May 2016 15:01:21 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 1f038da1a -> 25b8c0e57


Security test refactor


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/25b8c0e5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/25b8c0e5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/25b8c0e5

Branch: refs/heads/master
Commit: 25b8c0e575f1f62a2746d2574fdea5772858fc60
Parents: 32f21e5
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue May 17 16:00:42 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue May 17 16:01:14 2016 +0100

----------------------------------------------------------------------
 .../wss4j/AbstractPolicySecurityTest.java       |   5 +-
 .../ws/security/wss4j/AbstractSecurityTest.java |  87 +++++++++--
 .../security/wss4j/SecurityActionTokenTest.java |  96 +-----------
 .../wss4j/SignatureConfirmationTest.java        |  52 ++-----
 .../ws/security/wss4j/WSS4JFaultCodeTest.java   |  80 ++--------
 .../cxf/ws/security/wss4j/WSS4JInOutTest.java   | 156 ++++---------------
 .../security/wss4j/WSS4JOutInterceptorTest.java |  82 +++-------
 .../security/wss4j/saml/DOMToStaxSamlTest.java  |  20 +--
 .../ws/security/wss4j/saml/SamlTokenTest.java   |  87 +++--------
 9 files changed, 179 insertions(+), 486 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
index 4dd9410..5702b5e 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
@@ -109,8 +109,7 @@ public abstract class AbstractPolicySecurityTest extends AbstractSecurityTest {
         final Element inPolicyElement;
 
         if (inPolicyDocument != null) {
-            inPolicyElement = this.readDocument(inPolicyDocument)
-                    .getDocumentElement();
+            inPolicyElement = this.readDocument(inPolicyDocument).getDocumentElement();
         } else {
             inPolicyElement = outPolicyElement;
         }
@@ -410,7 +409,7 @@ public abstract class AbstractPolicySecurityTest extends AbstractSecurityTest {
         SoapMessage msg = this.getSoapMessageForDom(doc, aim);
         msg.put(SecurityConstants.SIGNATURE_PROPERTIES, "outsecurity.properties");
         msg.put(SecurityConstants.ENCRYPT_PROPERTIES, "outsecurity.properties");
-        msg.put(SecurityConstants.CALLBACK_HANDLER, TestPwdCallback.class.getName());
+        msg.put(SecurityConstants.CALLBACK_HANDLER, new TestPwdCallback());
         msg.put(SecurityConstants.SIGNATURE_USERNAME, "myalias");
         msg.put(SecurityConstants.ENCRYPT_USERNAME, "myalias");
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
index 22b09b4..e5e531d 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
@@ -18,29 +18,36 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.File;
-import java.io.IOException;
 import java.io.InputStream;
+import java.util.List;
+import java.util.Map;
 
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.soap.SOAPPart;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
 import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
 
-import org.xml.sax.SAXException;
-
 import org.apache.cxf.binding.soap.Soap11;
 import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.helpers.DOMUtils.NullResolver;
 import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.ExchangeImpl;
 import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.test.AbstractCXFTest;
 import org.apache.wss4j.dom.WSConstants;
@@ -71,16 +78,6 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest {
     }
 
     /**
-     * Reads a classpath resource into a SAAJ structure.
-     * @param name the name of the classpath resource
-     */
-    protected SOAPMessage readSAAJDocument(String name) throws SAXException, IOException,
-        ParserConfigurationException, SOAPException {
-        InputStream inStream = getClass().getResourceAsStream(name);
-        return MessageFactory.newInstance().createMessage(null, inStream);
-    }
-    
-    /**
      * Creates a {@link SoapMessage} from the contents of a document.
      * @param doc the document containing the SOAP content.
      */
@@ -90,17 +87,75 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest {
         part.setContent(new DOMSource(doc));
         saajMsg.saveChanges();
 
-        // Hack to create the context map
         MessageImpl message = new MessageImpl();
-        message.getContextualProperty("XYZ");
-        
         SoapMessage msg = new SoapMessage(message);
         Exchange ex = new ExchangeImpl();
         ex.setInMessage(msg);
         msg.setContent(SOAPMessage.class, saajMsg);
+        
         return msg;
     }
     
+    protected byte[] getMessageBytes(Document doc) throws Exception {
+        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
+        StaxUtils.writeDocument(doc, byteArrayWriter, false);
+        byteArrayWriter.flush();
+        return outputStream.toByteArray();
+    }
+   
+    protected SoapMessage makeInvocation(
+        Map<String, Object> outProperties,
+        List<String> xpaths,
+        Map<String, Object> inProperties
+    ) throws Exception {
+        Document doc = readDocument("wsse-request-clean.xml");
+
+        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
+        PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
+
+        SoapMessage msg = getSoapMessageForDom(doc);
+
+        for (String key : outProperties.keySet()) {
+            msg.put(key, outProperties.get(key));
+        }
+
+        handler.handleMessage(msg);
+
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
+
+        for (String xpath : xpaths) {
+            assertValid(xpath, doc);
+        }
+
+        byte[] docbytes = getMessageBytes(doc);
+        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
+
+        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+        dbf.setValidating(false);
+        dbf.setIgnoringComments(false);
+        dbf.setIgnoringElementContentWhitespace(true);
+        dbf.setNamespaceAware(true);
+
+        DocumentBuilder db = dbf.newDocumentBuilder();
+        db.setEntityResolver(new NullResolver());
+        doc = StaxUtils.read(db, reader, false);
+
+        WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);
+
+        SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
+        ex.setInMessage(inmsg);
+        inmsg.setContent(SOAPMessage.class, saajMsg);
+
+        
+        inHandler.handleMessage(inmsg);
+
+        return inmsg;
+    }
+    
     protected static boolean checkUnrestrictedPoliciesInstalled() {
         try {
             byte[] data = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
index 28c7cf3..549e8bf 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
@@ -18,8 +18,6 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -27,23 +25,10 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
-import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
-
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.helpers.DOMUtils.NullResolver;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.ExchangeImpl;
-import org.apache.cxf.message.MessageImpl;
-import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.wss4j.common.EncryptionActionToken;
 import org.apache.wss4j.common.SignatureActionToken;
@@ -73,7 +58,7 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
         outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
         outProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
         
-        Map<String, String> inProperties = new HashMap<>();
+        Map<String, Object> inProperties = new HashMap<>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
         
@@ -102,13 +87,10 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -145,82 +127,12 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
         );
     }
     
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
-
     private List<WSHandlerResult> getResults(SoapMessage inmsg) {
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
         return handlerResults;
     }
     
-    private SoapMessage makeInvocation(
-        Map<String, Object> outProperties,
-        List<String> xpaths,
-        Map<String, String> inProperties
-    ) throws Exception {
-        Document doc = readDocument("wsse-request-clean.xml");
-
-        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
-        PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-        
-        for (String key : outProperties.keySet()) {
-            msg.put(key, outProperties.get(key));
-        }
-
-        handler.handleMessage(msg);
-
-        doc = part;
-
-        for (String xpath : xpaths) {
-            assertValid(xpath, doc);
-        }
-
-        byte[] docbytes = getMessageBytes(doc);
-        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
-
-        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
-        dbf.setValidating(false);
-        dbf.setIgnoringComments(false);
-        dbf.setIgnoringElementContentWhitespace(true);
-        dbf.setNamespaceAware(true);
-
-        DocumentBuilder db = dbf.newDocumentBuilder();
-        db.setEntityResolver(new NullResolver());
-        doc = StaxUtils.read(db, reader, false);
-
-        WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
-
-        SoapMessage inmsg = new SoapMessage(new MessageImpl());
-        ex.setInMessage(inmsg);
-        inmsg.setContent(SOAPMessage.class, saajMsg);
-
-        for (String key : inProperties.keySet()) {
-            inHandler.setProperty(key, inProperties.get(key));
-        }
-
-        inHandler.handleMessage(inmsg);
-
-        return inmsg;
-    }
-    
     // FOR DEBUGGING ONLY
     /*private*/ static String serialize(Document doc) {
         return StaxUtils.toString(doc);

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
index 3f2e07f..d4caa27 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
@@ -19,20 +19,16 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.util.List;
 import java.util.Set;
 
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.helpers.DOMUtils.NullResolver;
@@ -44,7 +40,6 @@ import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 
-
 /**
  * This a test of the Signature Confirmation functionality that is contained in the
  * WS-Security 1.1 specification. The requestor signs an outbound SOAP message and saves
@@ -65,16 +60,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION, "true");
@@ -88,7 +74,9 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         msg.put(org.apache.cxf.message.Message.REQUESTOR_ROLE, true);
 
         handler.handleMessage(msg);
-        doc = part;
+        
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
@@ -117,6 +105,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -147,23 +136,15 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
         msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
         
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         // assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);
@@ -187,6 +168,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -196,18 +178,4 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         inHandler.handleMessage(inmsg);
     }
     
-    
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        // XMLOutputFactory factory = XMLOutputFactory.newInstance();
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-
-        // XMLStreamWriter byteArrayWriter =
-        // factory.createXMLStreamWriter(outputStream);
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
index a554c5c..bf1f9c3 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
@@ -19,20 +19,15 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPConstants;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapFault;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.helpers.DOMUtils.NullResolver;
@@ -63,17 +58,9 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
     public void testNoSecurity() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-        doc = part;
+        SoapMessage msg = getSoapMessageForDom(doc);
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         byte[] docbytes = getMessageBytes(doc);
         XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
@@ -92,6 +79,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -123,23 +111,15 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
         msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
 
@@ -160,6 +140,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -192,22 +173,14 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
 
@@ -228,6 +201,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -254,17 +228,9 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
     public void testSignedEncryptedSOAP12Fault() throws Exception {
         Document doc = readDocument("wsse-response-fault.xml");
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-        doc = part;
+        SoapMessage msg = getSoapMessageForDom(doc);
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         byte[] docbytes = getMessageBytes(doc);
         XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
@@ -283,6 +249,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -310,17 +277,4 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         }
     }
     
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        // XMLOutputFactory factory = XMLOutputFactory.newInstance();
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-
-        // XMLStreamWriter byteArrayWriter =
-        // factory.createXMLStreamWriter(outputStream);
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
index 9a95315..31debf3 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
@@ -19,7 +19,6 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.security.Principal;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -32,14 +31,11 @@ import java.util.TreeSet;
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor;
 import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
@@ -91,13 +87,13 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testSignature() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         outProperties.put(WSHandlerConstants.USER, "myalias");
         outProperties.put("password", "myAliasPassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
         
@@ -117,14 +113,14 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testDirectReferenceSignature() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         outProperties.put(WSHandlerConstants.USER, "myalias");
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put("password", "myAliasPassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
         
@@ -145,19 +141,16 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testEncryption() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         outProperties.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
         outProperties.put(WSHandlerConstants.USER, "myalias");
         outProperties.put("password", "myAliasPassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -196,7 +189,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testEncryptedUsernameToken() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(
             WSHandlerConstants.ACTION,
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT
@@ -210,16 +203,13 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
             "{Content}{" + WSConstants.WSSE_NS + "}UsernameToken"
         );
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
             WSHandlerConstants.ACTION, 
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT
         );
         inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -251,19 +241,16 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testUsernameToken() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         outProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put("password", "alicePassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         inProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -286,16 +273,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
@@ -304,7 +282,8 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
@@ -331,6 +310,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -352,16 +332,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
@@ -370,7 +341,8 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
@@ -405,9 +377,10 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
-
+        
         inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
 
         inHandler.handleMessage(inmsg);
@@ -425,17 +398,15 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testPKIPath() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "alice.properties");
-        outProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, KeystorePasswordCallback.class.getName()
-        );
+        outProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new KeystorePasswordCallback());
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put(WSHandlerConstants.USE_SINGLE_CERTIFICATE, "false");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "cxfca.properties");
         
@@ -456,7 +427,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testUsernameTokenSignature() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(
             WSHandlerConstants.ACTION, 
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE);
@@ -470,7 +441,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
             "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
         );
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
             WSHandlerConstants.ACTION, 
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE
@@ -490,15 +461,6 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         makeInvocation(outProperties, xpaths, inProperties);
     }
     
-    
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
-
     /**
      * @return      a processor map suitable for custom processing of
      *              signatures (in this case, the actual processor is
@@ -523,68 +485,6 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         return handlerResults;
     }
     
-    private SoapMessage makeInvocation(
-        Map<String, String> outProperties,
-        List<String> xpaths,
-        Map<String, String> inProperties
-    ) throws Exception {
-        Document doc = readDocument("wsse-request-clean.xml");
-
-        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
-        PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-
-        for (String key : outProperties.keySet()) {
-            msg.put(key, outProperties.get(key));
-        }
-
-        handler.handleMessage(msg);
-
-        doc = part;
-
-        for (String xpath : xpaths) {
-            assertValid(xpath, doc);
-        }
-
-        byte[] docbytes = getMessageBytes(doc);
-        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
-
-        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
-        dbf.setValidating(false);
-        dbf.setIgnoringComments(false);
-        dbf.setIgnoringElementContentWhitespace(true);
-        dbf.setNamespaceAware(true);
-
-        DocumentBuilder db = dbf.newDocumentBuilder();
-        db.setEntityResolver(new NullResolver());
-        doc = StaxUtils.read(db, reader, false);
-
-        WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
-
-        SoapMessage inmsg = new SoapMessage(new MessageImpl());
-        ex.setInMessage(inmsg);
-        inmsg.setContent(SOAPMessage.class, saajMsg);
-
-        for (String key : inProperties.keySet()) {
-            inHandler.setProperty(key, inProperties.get(key));
-        }
-
-        inHandler.handleMessage(inmsg);
-
-        return inmsg;
-    }
-    
     // FOR DEBUGGING ONLY
     /*private*/ static String serialize(Document doc) {
         return StaxUtils.toString(doc);

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
index 5e5b184..bcb0d95 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
@@ -22,14 +22,11 @@ import java.util.HashMap;
 import java.util.Map;
 
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapFault;
 import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.ExchangeImpl;
-import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.ext.WSSecurityException;
@@ -44,17 +41,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
     
     @Test
     public void testUsernameTokenText() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "username");
@@ -62,7 +54,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -72,17 +64,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         
     @Test
     public void testUsernameTokenDigest() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "username");
@@ -90,7 +77,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -100,17 +87,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
     @Test
     public void testEncrypt() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-        
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
@@ -119,24 +101,19 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//s:Body/xenc:EncryptedData", doc);
     }
     
     @Test
     public void testSignature() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "myAlias");
@@ -144,24 +121,19 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
     }
 
     @Test
     public void testTimestamp() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-        
         ohandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
         ohandler.setProperty(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "myalias");
@@ -169,23 +141,18 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsu:Timestamp", doc);
     }
     
     @Test
     public void testOverrideCustomAction() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
         
         CountingUsernameTokenAction action = new CountingUsernameTokenAction();
         Map<Object, Object> customActions = new HashMap<Object, Object>(1);
@@ -199,7 +166,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -225,17 +192,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
     
     @Test
     public void testAddCustomAction() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-        
         CountingUsernameTokenAction action = new CountingUsernameTokenAction();
         Map<Object, Object> customActions = new HashMap<Object, Object>(1);
         customActions.put(12345, action);
@@ -248,7 +210,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
index bd6d2e8..50b85dc 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
@@ -100,10 +100,8 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
+
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");
         properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
@@ -165,10 +163,8 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
+
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");
         properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
@@ -209,9 +205,7 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");
@@ -261,9 +255,7 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");

http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
index 038ef65..1425a34 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
@@ -19,8 +19,8 @@
 package org.apache.cxf.ws.security.wss4j.saml;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -28,12 +28,8 @@ import java.util.Map;
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
 
@@ -88,10 +84,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     private SecurityContext testSaml1Token(boolean allowUnsignedPrincipal) throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
@@ -130,10 +123,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     public void testSaml1TokenSignedSenderVouches() throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put("password", "password");
@@ -176,10 +166,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     public void testSaml2Token() throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
@@ -213,10 +200,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     public void testSaml2TokenSignedSenderVouches() throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put("password", "password");
@@ -270,9 +254,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -291,14 +273,14 @@ public class SamlTokenTest extends AbstractSecurityTest {
         xpaths.add("//wsse:Security/saml1:Assertion");
         
         try {
-            makeInvocation(outProperties, xpaths, inProperties);
+            makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
             fail("Failure expected in SAML Validator");
         } catch (Fault ex) {
             // expected
         }
         validator.setRequireSenderVouches(false);
 
-        Message message = makeInvocation(outProperties, xpaths, inProperties);
+        Message message = makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
         
@@ -328,9 +310,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -349,7 +329,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         xpaths.add("//wsse:Security/saml2:Assertion");
         
         try {
-            makeInvocation(outProperties, xpaths, inProperties);
+            makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
             fail("Failure expected in SAML Validator");
         } catch (Fault ex) {
             // expected
@@ -357,14 +337,14 @@ public class SamlTokenTest extends AbstractSecurityTest {
         validator.setRequireSenderVouches(false);
         
         try {
-            makeInvocation(outProperties, xpaths, inProperties);
+            makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
             fail("Failure expected in SAML Validator");
         } catch (Fault ex) {
             // expected
         }
         validator.setRequireSAML1Assertion(false);
 
-        Message message = makeInvocation(outProperties, xpaths, inProperties);
+        Message message = makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
         
@@ -397,9 +377,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         callbackHandler.setStatement(Statement.ATTR);
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
         
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -457,9 +435,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         callbackHandler.setStatement(Statement.ATTR);
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
         
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -516,9 +492,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         callbackHandler.setStatement(Statement.ATTR);
         callbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
         
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -561,14 +535,6 @@ public class SamlTokenTest extends AbstractSecurityTest {
     private SoapMessage makeInvocation(
         Map<String, Object> outProperties,
         List<String> xpaths,
-        Map<String, Object> inProperties
-    ) throws Exception {
-        return makeInvocation(outProperties, xpaths, inProperties, new HashMap<String, String>());
-    }
-    
-    private SoapMessage makeInvocation(
-        Map<String, Object> outProperties,
-        List<String> xpaths,
         Map<String, Object> inProperties,
         Map<String, String> inMessageProperties
     ) throws Exception {
@@ -577,16 +543,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         for (String key : outProperties.keySet()) {
             msg.put(key, outProperties.get(key));
@@ -594,7 +551,8 @@ public class SamlTokenTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
 
         for (String xpath : xpaths) {
             assertValid(xpath, doc);
@@ -621,6 +579,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         for (String inMessageProperty : inMessageProperties.keySet()) {
             inmsg.put(inMessageProperty, inMessageProperties.get(inMessageProperty));
         }
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -629,14 +588,6 @@ public class SamlTokenTest extends AbstractSecurityTest {
         return inmsg;
     }
     
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
-
     // FOR DEBUGGING ONLY
     /*private*/ static String serialize(Document doc) throws Exception {
         return StaxUtils.toString(doc);


Mime
View raw message