cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [3/7] cxf git commit: Security test refactor
Date Tue, 17 May 2016 15:23:51 GMT
Security test refactor

# Conflicts:
#	rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4337e0b5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4337e0b5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4337e0b5

Branch: refs/heads/3.0.x-fixes
Commit: 4337e0b5372a88f9c0f0a8822a2eab17a7f95548
Parents: 052c88c
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue May 17 16:00:42 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue May 17 16:13:55 2016 +0100

----------------------------------------------------------------------
 .../wss4j/AbstractPolicySecurityTest.java       |   5 +-
 .../ws/security/wss4j/AbstractSecurityTest.java |  87 +++++++++--
 .../security/wss4j/SecurityActionTokenTest.java |  98 +-----------
 .../wss4j/SignatureConfirmationTest.java        |  51 ++----
 .../ws/security/wss4j/WSS4JFaultCodeTest.java   |  80 ++--------
 .../cxf/ws/security/wss4j/WSS4JInOutTest.java   | 155 ++++---------------
 .../security/wss4j/WSS4JOutInterceptorTest.java |  82 +++-------
 .../security/wss4j/saml/DOMToStaxSamlTest.java  |  20 +--
 .../ws/security/wss4j/saml/SamlTokenTest.java   |  87 +++--------
 9 files changed, 180 insertions(+), 485 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
index b7e06f9..7d62cfe 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
@@ -115,8 +115,7 @@ public abstract class AbstractPolicySecurityTest extends AbstractSecurityTest {
         final Element inPolicyElement;
 
         if (inPolicyDocument != null) {
-            inPolicyElement = this.readDocument(inPolicyDocument)
-                    .getDocumentElement();
+            inPolicyElement = this.readDocument(inPolicyDocument).getDocumentElement();
         } else {
             inPolicyElement = outPolicyElement;
         }
@@ -416,7 +415,7 @@ public abstract class AbstractPolicySecurityTest extends AbstractSecurityTest {
         SoapMessage msg = this.getSoapMessageForDom(doc, aim);
         msg.put(SecurityConstants.SIGNATURE_PROPERTIES, "outsecurity.properties");
         msg.put(SecurityConstants.ENCRYPT_PROPERTIES, "outsecurity.properties");
-        msg.put(SecurityConstants.CALLBACK_HANDLER, TestPwdCallback.class.getName());
+        msg.put(SecurityConstants.CALLBACK_HANDLER, new TestPwdCallback());
         msg.put(SecurityConstants.SIGNATURE_USERNAME, "myalias");
         msg.put(SecurityConstants.ENCRYPT_USERNAME, "myalias");
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
index 22b09b4..e5e531d 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
@@ -18,29 +18,36 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.File;
-import java.io.IOException;
 import java.io.InputStream;
+import java.util.List;
+import java.util.Map;
 
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.soap.SOAPPart;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
 import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
 
-import org.xml.sax.SAXException;
-
 import org.apache.cxf.binding.soap.Soap11;
 import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.helpers.DOMUtils.NullResolver;
 import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.ExchangeImpl;
 import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.test.AbstractCXFTest;
 import org.apache.wss4j.dom.WSConstants;
@@ -71,16 +78,6 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest {
     }
 
     /**
-     * Reads a classpath resource into a SAAJ structure.
-     * @param name the name of the classpath resource
-     */
-    protected SOAPMessage readSAAJDocument(String name) throws SAXException, IOException,
-        ParserConfigurationException, SOAPException {
-        InputStream inStream = getClass().getResourceAsStream(name);
-        return MessageFactory.newInstance().createMessage(null, inStream);
-    }
-    
-    /**
      * Creates a {@link SoapMessage} from the contents of a document.
      * @param doc the document containing the SOAP content.
      */
@@ -90,17 +87,75 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest {
         part.setContent(new DOMSource(doc));
         saajMsg.saveChanges();
 
-        // Hack to create the context map
         MessageImpl message = new MessageImpl();
-        message.getContextualProperty("XYZ");
-        
         SoapMessage msg = new SoapMessage(message);
         Exchange ex = new ExchangeImpl();
         ex.setInMessage(msg);
         msg.setContent(SOAPMessage.class, saajMsg);
+        
         return msg;
     }
     
+    protected byte[] getMessageBytes(Document doc) throws Exception {
+        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
+        StaxUtils.writeDocument(doc, byteArrayWriter, false);
+        byteArrayWriter.flush();
+        return outputStream.toByteArray();
+    }
+   
+    protected SoapMessage makeInvocation(
+        Map<String, Object> outProperties,
+        List<String> xpaths,
+        Map<String, Object> inProperties
+    ) throws Exception {
+        Document doc = readDocument("wsse-request-clean.xml");
+
+        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
+        PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
+
+        SoapMessage msg = getSoapMessageForDom(doc);
+
+        for (String key : outProperties.keySet()) {
+            msg.put(key, outProperties.get(key));
+        }
+
+        handler.handleMessage(msg);
+
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
+
+        for (String xpath : xpaths) {
+            assertValid(xpath, doc);
+        }
+
+        byte[] docbytes = getMessageBytes(doc);
+        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
+
+        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+        dbf.setValidating(false);
+        dbf.setIgnoringComments(false);
+        dbf.setIgnoringElementContentWhitespace(true);
+        dbf.setNamespaceAware(true);
+
+        DocumentBuilder db = dbf.newDocumentBuilder();
+        db.setEntityResolver(new NullResolver());
+        doc = StaxUtils.read(db, reader, false);
+
+        WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);
+
+        SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
+        ex.setInMessage(inmsg);
+        inmsg.setContent(SOAPMessage.class, saajMsg);
+
+        
+        inHandler.handleMessage(inmsg);
+
+        return inmsg;
+    }
+    
     protected static boolean checkUnrestrictedPoliciesInstalled() {
         try {
             byte[] data = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
index 43d9dd3..3789956 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
@@ -18,8 +18,6 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -27,23 +25,10 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
-import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
-
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.helpers.DOMUtils.NullResolver;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.ExchangeImpl;
-import org.apache.cxf.message.MessageImpl;
-import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.wss4j.common.EncryptionActionToken;
 import org.apache.wss4j.common.SignatureActionToken;
@@ -74,7 +59,11 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
         outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
         outProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
         
+<<<<<<< HEAD
         Map<String, String> inProperties = new HashMap<String, String>();
+=======
+        Map<String, Object> inProperties = new HashMap<>();
+>>>>>>> c4c48d0... Security test refactor
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
         
@@ -103,13 +92,10 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -146,82 +132,12 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
         );
     }
     
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
-
     private List<WSHandlerResult> getResults(SoapMessage inmsg) {
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
         return handlerResults;
     }
     
-    private SoapMessage makeInvocation(
-        Map<String, Object> outProperties,
-        List<String> xpaths,
-        Map<String, String> inProperties
-    ) throws Exception {
-        Document doc = readDocument("wsse-request-clean.xml");
-
-        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
-        PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-        
-        for (String key : outProperties.keySet()) {
-            msg.put(key, outProperties.get(key));
-        }
-
-        handler.handleMessage(msg);
-
-        doc = part;
-
-        for (String xpath : xpaths) {
-            assertValid(xpath, doc);
-        }
-
-        byte[] docbytes = getMessageBytes(doc);
-        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
-
-        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
-        dbf.setValidating(false);
-        dbf.setIgnoringComments(false);
-        dbf.setIgnoringElementContentWhitespace(true);
-        dbf.setNamespaceAware(true);
-
-        DocumentBuilder db = dbf.newDocumentBuilder();
-        db.setEntityResolver(new NullResolver());
-        doc = StaxUtils.read(db, reader, false);
-
-        WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
-
-        SoapMessage inmsg = new SoapMessage(new MessageImpl());
-        ex.setInMessage(inmsg);
-        inmsg.setContent(SOAPMessage.class, saajMsg);
-
-        for (String key : inProperties.keySet()) {
-            inHandler.setProperty(key, inProperties.get(key));
-        }
-
-        inHandler.handleMessage(inmsg);
-
-        return inmsg;
-    }
-    
     // FOR DEBUGGING ONLY
     /*private*/ static String serialize(Document doc) {
         return StaxUtils.toString(doc);

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
index 02418a5..626ab4a 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
@@ -19,17 +19,12 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.util.List;
 
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
 
@@ -45,7 +40,6 @@ import org.apache.wss4j.dom.WSSecurityEngineResult;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 
-
 /**
  * This a test of the Signature Confirmation functionality that is contained in the
  * WS-Security 1.1 specification. The requestor signs an outbound SOAP message and saves
@@ -66,16 +60,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION, "true");
@@ -89,7 +74,9 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         msg.put(org.apache.cxf.message.Message.REQUESTOR_ROLE, true);
 
         handler.handleMessage(msg);
-        doc = part;
+        
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
@@ -118,6 +105,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -152,23 +140,15 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
         msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
         
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         // assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);
@@ -192,6 +172,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -201,18 +182,4 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
         inHandler.handleMessage(inmsg);
     }
     
-    
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        // XMLOutputFactory factory = XMLOutputFactory.newInstance();
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-
-        // XMLStreamWriter byteArrayWriter =
-        // factory.createXMLStreamWriter(outputStream);
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
index a554c5c..bf1f9c3 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
@@ -19,20 +19,15 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPConstants;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapFault;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.helpers.DOMUtils.NullResolver;
@@ -63,17 +58,9 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
     public void testNoSecurity() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-        doc = part;
+        SoapMessage msg = getSoapMessageForDom(doc);
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         byte[] docbytes = getMessageBytes(doc);
         XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
@@ -92,6 +79,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -123,23 +111,15 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
         msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
 
@@ -160,6 +140,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -192,22 +173,14 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
 
@@ -228,6 +201,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -254,17 +228,9 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
     public void testSignedEncryptedSOAP12Fault() throws Exception {
         Document doc = readDocument("wsse-response-fault.xml");
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-        doc = part;
+        SoapMessage msg = getSoapMessageForDom(doc);
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         byte[] docbytes = getMessageBytes(doc);
         XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
@@ -283,6 +249,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -310,17 +277,4 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
         }
     }
     
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        // XMLOutputFactory factory = XMLOutputFactory.newInstance();
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-
-        // XMLStreamWriter byteArrayWriter =
-        // factory.createXMLStreamWriter(outputStream);
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
index eaa9307..8f91fe0 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
@@ -19,7 +19,6 @@
 package org.apache.cxf.ws.security.wss4j;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.security.Principal;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -32,12 +31,8 @@ import java.util.TreeSet;
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
 
@@ -93,13 +88,13 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testSignature() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         outProperties.put(WSHandlerConstants.USER, "myalias");
         outProperties.put("password", "myAliasPassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
         
@@ -119,14 +114,14 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testDirectReferenceSignature() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         outProperties.put(WSHandlerConstants.USER, "myalias");
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put("password", "myAliasPassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
         
@@ -147,19 +142,16 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testEncryption() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         outProperties.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
         outProperties.put(WSHandlerConstants.USER, "myalias");
         outProperties.put("password", "myAliasPassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -198,7 +190,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testEncryptedUsernameToken() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(
             WSHandlerConstants.ACTION,
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT
@@ -212,16 +204,13 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
             "{Content}{" + WSConstants.WSSE_NS + "}UsernameToken"
         );
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
             WSHandlerConstants.ACTION, 
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT
         );
         inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -252,19 +241,16 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testUsernameToken() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         outProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put("password", "alicePassword");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         inProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
-        inProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
-        );
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback()); 
         
         List<String> xpaths = new ArrayList<String>();
         xpaths.add("//wsse:Security");
@@ -287,16 +273,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
@@ -305,7 +282,8 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
@@ -332,6 +310,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -351,16 +330,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-        
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
@@ -369,7 +339,8 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
         
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
@@ -404,9 +375,10 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
 
         SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
-
+        
         inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
 
         inHandler.handleMessage(inmsg);
@@ -422,17 +394,15 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testPKIPath() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "alice.properties");
-        outProperties.put(
-            WSHandlerConstants.PW_CALLBACK_CLASS, KeystorePasswordCallback.class.getName()
-        );
+        outProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new KeystorePasswordCallback());
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put(WSHandlerConstants.USE_SINGLE_CERTIFICATE, "false");
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "cxfca.properties");
         
@@ -453,7 +423,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
     
     @Test
     public void testUsernameTokenSignature() throws Exception {
-        Map<String, String> outProperties = new HashMap<String, String>();
+        Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(
             WSHandlerConstants.ACTION, 
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE);
@@ -467,7 +437,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
             "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
         );
         
-        Map<String, String> inProperties = new HashMap<String, String>();
+        Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
             WSHandlerConstants.ACTION, 
             WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE
@@ -487,15 +457,6 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         makeInvocation(outProperties, xpaths, inProperties);
     }
     
-    
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
-
     /**
      * @return      a processor map suitable for custom processing of
      *              signatures (in this case, the actual processor is
@@ -520,68 +481,6 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
         return handlerResults;
     }
     
-    private SoapMessage makeInvocation(
-        Map<String, String> outProperties,
-        List<String> xpaths,
-        Map<String, String> inProperties
-    ) throws Exception {
-        Document doc = readDocument("wsse-request-clean.xml");
-
-        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
-        PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
-
-        for (String key : outProperties.keySet()) {
-            msg.put(key, outProperties.get(key));
-        }
-
-        handler.handleMessage(msg);
-
-        doc = part;
-
-        for (String xpath : xpaths) {
-            assertValid(xpath, doc);
-        }
-
-        byte[] docbytes = getMessageBytes(doc);
-        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
-
-        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
-        dbf.setValidating(false);
-        dbf.setIgnoringComments(false);
-        dbf.setIgnoringElementContentWhitespace(true);
-        dbf.setNamespaceAware(true);
-
-        DocumentBuilder db = dbf.newDocumentBuilder();
-        db.setEntityResolver(new NullResolver());
-        doc = StaxUtils.read(db, reader, false);
-
-        WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
-
-        SoapMessage inmsg = new SoapMessage(new MessageImpl());
-        ex.setInMessage(inmsg);
-        inmsg.setContent(SOAPMessage.class, saajMsg);
-
-        for (String key : inProperties.keySet()) {
-            inHandler.setProperty(key, inProperties.get(key));
-        }
-
-        inHandler.handleMessage(inmsg);
-
-        return inmsg;
-    }
-    
     // FOR DEBUGGING ONLY
     /*private*/ static String serialize(Document doc) {
         return StaxUtils.toString(doc);

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
index 5e5b184..bcb0d95 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
@@ -22,14 +22,11 @@ import java.util.HashMap;
 import java.util.Map;
 
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 
 import org.w3c.dom.Document;
+
 import org.apache.cxf.binding.soap.SoapFault;
 import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.ExchangeImpl;
-import org.apache.cxf.message.MessageImpl;
 import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.ext.WSSecurityException;
@@ -44,17 +41,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
     
     @Test
     public void testUsernameTokenText() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "username");
@@ -62,7 +54,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -72,17 +64,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         
     @Test
     public void testUsernameTokenDigest() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "username");
@@ -90,7 +77,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -100,17 +87,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
     @Test
     public void testEncrypt() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-        
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
@@ -119,24 +101,19 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//s:Body/xenc:EncryptedData", doc);
     }
     
     @Test
     public void testSignature() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-
         msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
         msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "myAlias");
@@ -144,24 +121,19 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/ds:Signature", doc);
     }
 
     @Test
     public void testTimestamp() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-        
         ohandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
         ohandler.setProperty(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
         msg.put(WSHandlerConstants.USER, "myalias");
@@ -169,23 +141,18 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsu:Timestamp", doc);
     }
     
     @Test
     public void testOverrideCustomAction() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
         
         CountingUsernameTokenAction action = new CountingUsernameTokenAction();
         Map<Object, Object> customActions = new HashMap<Object, Object>(1);
@@ -199,7 +166,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -225,17 +192,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
     
     @Test
     public void testAddCustomAction() throws Exception {
-        SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+        Document doc = readDocument("wsse-request-clean.xml");
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        msg.setContent(SOAPMessage.class, saaj);
-        
         CountingUsernameTokenAction action = new CountingUsernameTokenAction();
         Map<Object, Object> customActions = new HashMap<Object, Object>(1);
         customActions.put(12345, action);
@@ -248,7 +210,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
         msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
         handler.handleMessage(msg);
 
-        SOAPPart doc = saaj.getSOAPPart();
+        doc = msg.getContent(SOAPMessage.class).getSOAPPart();
         assertValid("//wsse:Security", doc);
         assertValid("//wsse:Security/wsse:UsernameToken", doc);
         assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
index 39cd72a..d6b14a9 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
@@ -100,10 +100,8 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
+
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");
         properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
@@ -165,10 +163,8 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
+
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");
         properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
@@ -209,9 +205,7 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");
@@ -261,9 +255,7 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        properties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         properties.put(WSHandlerConstants.USER, "alice");

http://git-wip-us.apache.org/repos/asf/cxf/blob/4337e0b5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
index 1e021ea..a70fe51 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
@@ -19,8 +19,8 @@
 package org.apache.cxf.ws.security.wss4j.saml;
 
 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -28,12 +28,8 @@ import java.util.Map;
 import javax.xml.namespace.QName;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
 import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
 
 import org.w3c.dom.Document;
 
@@ -90,10 +86,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     private SecurityContext testSaml1Token(boolean allowUnsignedPrincipal) throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
@@ -132,10 +125,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     public void testSaml1TokenSignedSenderVouches() throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put("password", "password");
@@ -178,10 +168,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     public void testSaml2Token() throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
@@ -215,10 +202,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
     public void testSaml2TokenSignedSenderVouches() throws Exception {
         Map<String, Object> outProperties = new HashMap<String, Object>();
         outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_CLASS, 
-            "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
         outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
         outProperties.put(WSHandlerConstants.USER, "alice");
         outProperties.put("password", "password");
@@ -272,9 +256,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -293,14 +275,14 @@ public class SamlTokenTest extends AbstractSecurityTest {
         xpaths.add("//wsse:Security/saml1:Assertion");
         
         try {
-            makeInvocation(outProperties, xpaths, inProperties);
+            makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
             fail("Failure expected in SAML Validator");
         } catch (Fault ex) {
             // expected
         }
         validator.setRequireSenderVouches(false);
 
-        Message message = makeInvocation(outProperties, xpaths, inProperties);
+        Message message = makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
         
@@ -331,9 +313,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
         callbackHandler.setSignAssertion(true);
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -352,7 +332,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         xpaths.add("//wsse:Security/saml2:Assertion");
         
         try {
-            makeInvocation(outProperties, xpaths, inProperties);
+            makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
             fail("Failure expected in SAML Validator");
         } catch (Fault ex) {
             // expected
@@ -360,14 +340,14 @@ public class SamlTokenTest extends AbstractSecurityTest {
         validator.setRequireSenderVouches(false);
         
         try {
-            makeInvocation(outProperties, xpaths, inProperties);
+            makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
             fail("Failure expected in SAML Validator");
         } catch (Fault ex) {
             // expected
         }
         validator.setRequireSAML1Assertion(false);
 
-        Message message = makeInvocation(outProperties, xpaths, inProperties);
+        Message message = makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
         final List<WSHandlerResult> handlerResults = 
             CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
         
@@ -401,9 +381,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         callbackHandler.setStatement(Statement.ATTR);
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
         
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -461,9 +439,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         callbackHandler.setStatement(Statement.ATTR);
         callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
         
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -520,9 +496,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         callbackHandler.setStatement(Statement.ATTR);
         callbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
         
-        outProperties.put(
-            WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
-        );
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
         
         Map<String, Object> inProperties = new HashMap<String, Object>();
         inProperties.put(
@@ -565,14 +539,6 @@ public class SamlTokenTest extends AbstractSecurityTest {
     private SoapMessage makeInvocation(
         Map<String, Object> outProperties,
         List<String> xpaths,
-        Map<String, Object> inProperties
-    ) throws Exception {
-        return makeInvocation(outProperties, xpaths, inProperties, new HashMap<String, String>());
-    }
-    
-    private SoapMessage makeInvocation(
-        Map<String, Object> outProperties,
-        List<String> xpaths,
         Map<String, Object> inProperties,
         Map<String, String> inMessageProperties
     ) throws Exception {
@@ -581,16 +547,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
         PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
 
-        SoapMessage msg = new SoapMessage(new MessageImpl());
-        Exchange ex = new ExchangeImpl();
-        ex.setInMessage(msg);
-
-        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
-        SOAPPart part = saajMsg.getSOAPPart();
-        part.setContent(new DOMSource(doc));
-        saajMsg.saveChanges();
-
-        msg.setContent(SOAPMessage.class, saajMsg);
+        SoapMessage msg = getSoapMessageForDom(doc);
 
         for (String key : outProperties.keySet()) {
             msg.put(key, outProperties.get(key));
@@ -598,7 +555,8 @@ public class SamlTokenTest extends AbstractSecurityTest {
 
         handler.handleMessage(msg);
 
-        doc = part;
+        SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+        doc = saajMsg.getSOAPPart();
 
         for (String xpath : xpaths) {
             assertValid(xpath, doc);
@@ -625,6 +583,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
         for (String inMessageProperty : inMessageProperties.keySet()) {
             inmsg.put(inMessageProperty, inMessageProperties.get(inMessageProperty));
         }
+        Exchange ex = new ExchangeImpl();
         ex.setInMessage(inmsg);
         inmsg.setContent(SOAPMessage.class, saajMsg);
 
@@ -633,14 +592,6 @@ public class SamlTokenTest extends AbstractSecurityTest {
         return inmsg;
     }
     
-    private byte[] getMessageBytes(Document doc) throws Exception {
-        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-        XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-        StaxUtils.writeDocument(doc, byteArrayWriter, false);
-        byteArrayWriter.flush();
-        return outputStream.toByteArray();
-    }
-
     // FOR DEBUGGING ONLY
     /*private*/ static String serialize(Document doc) throws Exception {
         return StaxUtils.toString(doc);


Mime
View raw message