cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject [6/8] cxf git commit: Fix a bunch more warnings
Date Thu, 10 Aug 2017 16:30:15 GMT
Fix a bunch more warnings


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f0797a55
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f0797a55
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f0797a55

Branch: refs/heads/master
Commit: f0797a552381467b1e10cba019c4a556e3734db1
Parents: c6ec599
Author: Daniel Kulp <dkulp@apache.org>
Authored: Wed Aug 9 18:07:04 2017 -0400
Committer: Daniel Kulp <dkulp@apache.org>
Committed: Thu Aug 10 11:17:55 2017 -0400

----------------------------------------------------------------------
 .../policy/custom/AlgorithmSuiteBuilder.java    |   4 +-
 .../policy/interceptors/STSInvoker.java         |   8 +-
 .../SecureConversationOutInterceptor.java       |   4 +-
 .../SpnegoContextTokenInInterceptor.java        |  12 +--
 .../ws/security/tokenstore/SecurityToken.java   |  12 +--
 .../ws/security/trust/AbstractSTSClient.java    |  32 +++---
 .../security/trust/DefaultSTSTokenCacher.java   |  18 ++--
 .../cxf/ws/security/trust/STSLoginModule.java   |   4 +-
 .../wss4j/AbstractTokenInterceptor.java         |  11 +-
 .../wss4j/AbstractWSS4JInterceptor.java         |   8 +-
 .../wss4j/AbstractWSS4JStaxInterceptor.java     |   3 +-
 .../wss4j/AlgorithmSuiteTranslater.java         |  10 +-
 .../wss4j/BinarySecurityTokenInterceptor.java   |   5 +-
 .../security/wss4j/CryptoCoverageChecker.java   |   4 +-
 .../ws/security/wss4j/CryptoCoverageUtil.java   |  16 +--
 .../ws/security/wss4j/SamlTokenInterceptor.java |   5 +-
 .../security/wss4j/StaxActionInInterceptor.java |   4 +-
 .../wss4j/UsernameTokenInterceptor.java         |   7 +-
 .../security/wss4j/WSS4JStaxInInterceptor.java  |   3 +-
 .../policyhandlers/AbstractBindingBuilder.java  | 103 ++++++++++---------
 .../AbstractStaxBindingHandler.java             |  27 ++---
 .../AsymmetricBindingHandler.java               |  31 +++---
 .../StaxAsymmetricBindingHandler.java           |  13 +--
 .../StaxSymmetricBindingHandler.java            |  11 +-
 .../StaxTransportBindingHandler.java            |   5 +-
 .../policyhandlers/SymmetricBindingHandler.java |  79 +++++++-------
 .../policyhandlers/TransportBindingHandler.java |  21 ++--
 .../AbstractSupportingTokenPolicyValidator.java |   3 +-
 .../AlgorithmSuitePolicyValidator.java          |   7 +-
 .../IssuedTokenPolicyValidator.java             |   9 +-
 .../X509TokenPolicyValidator.java               |   7 +-
 .../ws/security/wss4j/AbstractSecurityTest.java |  16 +--
 .../security/wss4j/DOMToStaxRoundTripTest.java  |  14 +--
 .../wss4j/StaxCryptoCoverageCheckerTest.java    |  22 ++--
 .../security/wss4j/StaxRoundTripActionTest.java |  48 ++++-----
 .../ws/security/wss4j/StaxRoundTripTest.java    |  34 +++---
 .../StaxToDOMEncryptionIdentifierTest.java      |  22 ++--
 .../security/wss4j/StaxToDOMRoundTripTest.java  |  56 +++++-----
 .../wss4j/StaxToDOMSignatureIdentifierTest.java |  12 ++-
 .../wss4j/UserNameTokenAuthorizationTest.java   |   7 +-
 .../ws/security/wss4j/WSS4JFaultCodeTest.java   |   8 +-
 .../cxf/ws/security/wss4j/WSS4JInOutTest.java   |  19 ++--
 .../security/wss4j/WSS4JOutInterceptorTest.java |  11 +-
 .../wss4j/saml/AbstractSAMLCallbackHandler.java |   5 +-
 .../org/apache/cxf/sts/SignatureProperties.java |   3 +-
 .../ClaimsAttributeStatementProvider.java       |   6 +-
 .../cxf/sts/operation/AbstractOperation.java    |  17 +--
 .../sts/rest/RESTSecurityTokenServiceImpl.java  |   8 +-
 .../cxf/sts/service/EncryptionProperties.java   |  19 ++--
 .../token/delegation/SAMLDelegationHandler.java |   4 +-
 .../ActAsAttributeStatementProvider.java        |   4 +-
 .../DefaultAttributeStatementProvider.java      |   6 +-
 .../token/provider/DefaultSubjectProvider.java  |  10 +-
 .../sts/token/provider/SAMLTokenProvider.java   |  10 +-
 .../sts/token/provider/SamlCallbackHandler.java |   6 +-
 .../sts/token/provider/SymmetricKeyHandler.java |  14 +--
 .../cxf/sts/token/renewer/SAMLTokenRenewer.java |   3 +-
 .../sts/token/validator/SAMLTokenValidator.java |   4 +-
 .../token/validator/UsernameTokenValidator.java |   4 +-
 .../sts/token/validator/X509TokenValidator.java |   5 +-
 .../claims/mapper/JexlIssueSamlClaimsTest.java  |   9 +-
 .../cxf/sts/common/CustomAttributeProvider.java |  12 +--
 .../sts/operation/IssueEncryptedUnitTest.java   |  33 +++---
 .../sts/operation/IssueJWTClaimsUnitTest.java   |  18 ++--
 .../operation/IssueJWTOnbehalfofUnitTest.java   |   8 +-
 .../sts/operation/IssueJWTRealmUnitTest.java    |   8 +-
 .../cxf/sts/operation/IssueJWTUnitTest.java     |   8 +-
 .../sts/operation/IssueOnbehalfofUnitTest.java  |  60 +++++------
 .../cxf/sts/operation/IssueSCTUnitTest.java     |  10 +-
 .../sts/operation/IssueSamlClaimsUnitTest.java  |  36 +++----
 .../sts/operation/IssueSamlRealmUnitTest.java   |  18 ++--
 .../cxf/sts/operation/IssueSamlUnitTest.java    |  61 +++++------
 .../apache/cxf/sts/operation/IssueUnitTest.java |   8 +-
 .../cxf/sts/operation/RenewSamlUnitTest.java    |  10 +-
 .../ValidateJWTTransformationTest.java          |   8 +-
 .../cxf/sts/operation/ValidateSamlUnitTest.java |   6 +-
 .../ValidateTokenTransformationUnitTest.java    |  22 ++--
 .../ValidateUsernameTokenUnitTest.java          |   4 +-
 .../operation/ValidateX509TokenUnitTest.java    |   4 +-
 .../provider/CustomAuthenticationProvider.java  |   4 +-
 .../token/provider/CustomSubjectProvider.java   |   6 +-
 .../token/provider/JWTProviderActAsTest.java    |   6 +-
 .../provider/JWTProviderOnBehalfOfTest.java     |   6 +-
 .../cxf/sts/token/provider/SAMLClaimsTest.java  |  30 +++---
 .../token/provider/SAMLProviderActAsTest.java   |  31 +++---
 .../token/provider/SAMLProviderCustomTest.java  |  34 +++---
 .../token/provider/SAMLProviderKeyTypeTest.java |  84 +++++++--------
 .../provider/SAMLProviderLifetimeTest.java      |  34 +++---
 .../provider/SAMLProviderOnBehalfOfTest.java    |  18 ++--
 .../token/provider/SAMLProviderRealmTest.java   |  18 ++--
 .../renewer/SAMLTokenRenewerLifetimeTest.java   |  12 +--
 .../token/renewer/SAMLTokenRenewerPOPTest.java  |   5 +-
 .../renewer/SAMLTokenRenewerRealmTest.java      |   6 +-
 .../sts/token/renewer/SAMLTokenRenewerTest.java |  16 +--
 .../SAMLTokenValidatorCachedRealmTest.java      |   6 +-
 .../validator/SAMLTokenValidatorRealmTest.java  |   6 +-
 .../token/validator/SAMLTokenValidatorTest.java |  26 ++---
 .../validator/UsernameTokenValidatorTest.java   |  16 +--
 .../token/validator/X509TokenValidatorTest.java |   6 +-
 .../systest/sts/batch/SimpleBatchSTSClient.java |  28 ++---
 .../CustomAttributeStatementProvider.java       |   6 +-
 .../CustomUsernameTokenProvider.java            |   4 +-
 .../systest/sts/renew/SAMLRenewUnitTest.java    |  14 +--
 .../sts/secure_conv/SCTSAMLTokenProvider.java   |  10 +-
 .../sts_sender_vouches/SVSubjectProvider.java   |   6 +-
 .../sts/delegation/SAMLDelegationTest.java      |   6 +-
 .../systest/sts/issueunit/IssueUnitTest.java    |  10 +-
 .../sts/symmetric/SymmetricBindingTest.java     |   4 +-
 .../sts/transport/TransportBindingTest.java     |   4 +-
 .../CryptoCoverageCheckerTest.java              |   4 +-
 .../apache/cxf/systest/ws/fault/FaultTest.java  |   4 +-
 .../systest/ws/fault/ModifiedRequestTest.java   |  14 +--
 .../ws/gcm/MGF256AlgorithmSuiteLoader.java      |  10 +-
 .../ws/policy/JavaFirstPolicyServiceTest.java   |   7 +-
 .../cxf/systest/ws/saml/SamlTokenTest.java      |   4 +-
 .../cxf/systest/ws/wssc/WSSCUnitTest.java       |   2 +-
 .../cxf/systest/ws/x509/SHA512PolicyLoader.java |   4 +-
 117 files changed, 890 insertions(+), 847 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
index d68f133..c69b9a1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/custom/AlgorithmSuiteBuilder.java
@@ -29,7 +29,7 @@ import org.apache.neethi.AssertionBuilderFactory;
 import org.apache.neethi.Policy;
 import org.apache.neethi.builders.AssertionBuilder;
 import org.apache.wss4j.policy.SP11Constants;
-import org.apache.wss4j.policy.SP13Constants;
+import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.SPUtils;
 import org.apache.wss4j.policy.model.AlgorithmSuite;
@@ -77,7 +77,7 @@ public class AlgorithmSuiteBuilder implements AssertionBuilder<Element> {
 
     @Override
     public QName[] getKnownElements() {
-        return new QName[]{SP13Constants.ALGORITHM_SUITE, SP11Constants.ALGORITHM_SUITE};
+        return new QName[]{SP12Constants.ALGORITHM_SUITE, SP11Constants.ALGORITHM_SUITE};
     }
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
index e68c61f..7f56164 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSInvoker.java
@@ -45,6 +45,7 @@ import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.cxf.ws.security.trust.STSUtils;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.bsp.BSPEnforcer;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.common.derivedKey.P_SHA1;
@@ -52,7 +53,6 @@ import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.token.Reference;
 import org.apache.wss4j.common.token.SecurityTokenReference;
 import org.apache.wss4j.common.util.DateUtil;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
 
@@ -292,12 +292,12 @@ abstract class STSInvoker implements Invoker {
         String namespace
     ) throws Exception {
         writer.writeStartElement(prefix, "Lifetime", namespace);
-        writer.writeNamespace("wsu", WSConstants.WSU_NS);
-        writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
+        writer.writeNamespace("wsu", WSS4JConstants.WSU_NS);
+        writer.writeStartElement("wsu", "Created", WSS4JConstants.WSU_NS);
         writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
         writer.writeEndElement();
 
-        writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
+        writer.writeStartElement("wsu", "Expires", WSS4JConstants.WSU_NS);
         writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
         writer.writeEndElement();
         writer.writeEndElement();

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
index 452f9bd..6ea42ec 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java
@@ -41,7 +41,7 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
 import org.apache.cxf.ws.security.trust.STSClient;
 import org.apache.cxf.ws.security.trust.STSUtils;
-import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.SecureConversationToken;
 import org.apache.wss4j.policy.model.Trust10;
@@ -197,7 +197,7 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptor<SoapMess
                 String tokenType = tok.getTokenType();
                 tok.setTokenType(tokenType);
                 if (tokenType == null || "".equals(tokenType)) {
-                    tok.setTokenType(WSConstants.WSC_SCT);
+                    tok.setTokenType(WSS4JConstants.WSC_SCT);
                 }
                 return tok;
             } catch (RuntimeException e) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
index 21c42d8..e2d527a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenInInterceptor.java
@@ -56,8 +56,8 @@ import org.apache.neethi.All;
 import org.apache.neethi.Assertion;
 import org.apache.neethi.ExactlyOne;
 import org.apache.neethi.Policy;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.spnego.SpnegoTokenContext;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSConfig;
 import org.apache.wss4j.dom.message.token.SecurityContextToken;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -278,7 +278,7 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
                 throw new Exception("No BinaryExchange element received");
             }
             String encoding = binaryExchange.getAttributeNS(null, "EncodingType");
-            if (!WSConstants.BASE64_ENCODING.equals(encoding)) {
+            if (!WSS4JConstants.BASE64_ENCODING.equals(encoding)) {
                 throw new Exception("Unknown encoding type: " + encoding);
             }
 
@@ -316,12 +316,12 @@ class SpnegoContextTokenInInterceptor extends AbstractPhaseInterceptor<SoapMessa
             writer.writeStartElement(prefix, "RequestedProofToken", namespace);
 
             // EncryptedKey
-            writer.writeStartElement(WSConstants.ENC_PREFIX, "EncryptedKey", WSConstants.ENC_NS);
-            writer.writeStartElement(WSConstants.ENC_PREFIX, "EncryptionMethod", WSConstants.ENC_NS);
+            writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "EncryptedKey", WSS4JConstants.ENC_NS);
+            writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "EncryptionMethod", WSS4JConstants.ENC_NS);
             writer.writeAttribute("Algorithm", namespace + "/spnego#GSS_Wrap");
             writer.writeEndElement();
-            writer.writeStartElement(WSConstants.ENC_PREFIX, "CipherData", WSConstants.ENC_NS);
-            writer.writeStartElement(WSConstants.ENC_PREFIX, "CipherValue", WSConstants.ENC_NS);
+            writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "CipherData", WSS4JConstants.ENC_NS);
+            writer.writeStartElement(WSS4JConstants.ENC_PREFIX, "CipherValue", WSS4JConstants.ENC_NS);
 
             writer.writeCharacters(Base64.getMimeEncoder().encodeToString(key));
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
index eac0b0c..7fa4a4c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
@@ -39,11 +39,11 @@ import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.staxutils.W3CDOMStreamWriter;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.token.Reference;
 import org.apache.wss4j.common.util.DOM2Writer;
 import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
 
 
 /**
@@ -227,14 +227,14 @@ public class SecurityToken implements Serializable {
         try {
             Element createdElem =
                 DOMUtils.getFirstChildWithName(lifetimeElem,
-                                                WSConstants.WSU_NS,
-                                                WSConstants.CREATED_LN);
+                                                WSS4JConstants.WSU_NS,
+                                                WSS4JConstants.CREATED_LN);
             this.created = ZonedDateTime.parse(DOMUtils.getContent(createdElem)).toInstant();
 
             Element expiresElem =
                 DOMUtils.getFirstChildWithName(lifetimeElem,
-                                                WSConstants.WSU_NS,
-                                                WSConstants.EXPIRES_LN);
+                                                WSS4JConstants.WSU_NS,
+                                                WSS4JConstants.EXPIRES_LN);
             this.expires = ZonedDateTime.parse(DOMUtils.getContent(expiresElem)).toInstant();
         } catch (DateTimeParseException e) {
             //shouldn't happen
@@ -454,7 +454,7 @@ public class SecurityToken implements Serializable {
         }
 
         if ("KeyInfo".equals(child.getLocalName())
-            && WSConstants.SIG_NS.equals(child.getNamespaceURI())) {
+            && WSS4JConstants.SIG_NS.equals(child.getNamespaceURI())) {
             return DOMUtils.getContent(child);
         } else if (Reference.TOKEN.getLocalPart().equals(child.getLocalName())
             && Reference.TOKEN.getNamespaceURI().equals(child.getNamespaceURI())) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 4fc227a..a1ef079 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -113,6 +113,7 @@ import org.apache.neethi.ExactlyOne;
 import org.apache.neethi.Policy;
 import org.apache.neethi.PolicyComponent;
 import org.apache.neethi.PolicyRegistry;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.CryptoType;
@@ -122,7 +123,6 @@ import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.token.Reference;
 import org.apache.wss4j.common.util.DateUtil;
 import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDocInfo;
 import org.apache.wss4j.dom.engine.WSSConfig;
 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
@@ -985,7 +985,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         W3CDOMStreamWriter writer
     ) throws XMLStreamException {
         writer.writeStartElement("wst", "BinaryExchange", namespace);
-        writer.writeAttribute("EncodingType", WSConstants.BASE64_ENCODING);
+        writer.writeAttribute("EncodingType", WSS4JConstants.BASE64_ENCODING);
         writer.writeAttribute("ValueType", namespace + "/spnego");
         writer.writeCharacters(binaryExchange);
         writer.writeEndElement();
@@ -1378,12 +1378,12 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         Instant expires = created.plusSeconds(ttl);
 
         writer.writeStartElement("wst", "Lifetime", namespace);
-        writer.writeNamespace("wsu", WSConstants.WSU_NS);
-        writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS);
+        writer.writeNamespace("wsu", WSS4JConstants.WSU_NS);
+        writer.writeStartElement("wsu", "Created", WSS4JConstants.WSU_NS);
         writer.writeCharacters(created.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
         writer.writeEndElement();
 
-        writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS);
+        writer.writeStartElement("wsu", "Expires", WSS4JConstants.WSU_NS);
         writer.writeCharacters(expires.atZone(ZoneOffset.UTC).format(DateUtil.getDateTimeFormatter(true)));
         writer.writeEndElement();
         writer.writeEndElement();
@@ -1501,7 +1501,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
                 // First check for the binary secret
                 String b64Secret = DOMUtils.getContent(child);
                 secret = Base64.getMimeDecoder().decode(b64Secret);
-            } else if (childQname.equals(new QName(WSConstants.ENC_NS, WSConstants.ENC_KEY_LN))) {
+            } else if (childQname.equals(new QName(WSS4JConstants.ENC_NS, WSS4JConstants.ENC_KEY_LN))) {
                 secret = decryptKey(child);
             } else if (childQname.equals(new QName(namespace, "ComputedKey"))) {
                 // Handle the computed key
@@ -1510,7 +1510,7 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
 
                 if (computedKeyChild != null) {
                     QName computedKeyChildQName = DOMUtils.getElementQName(computedKeyChild);
-                    if (computedKeyChildQName.equals(new QName(WSConstants.ENC_NS, WSConstants.ENC_KEY_LN))) {
+                    if (computedKeyChildQName.equals(new QName(WSS4JConstants.ENC_NS, WSS4JConstants.ENC_KEY_LN))) {
                         serviceEntr = decryptKey(computedKeyChild);
                     } else if (computedKeyChildQName.equals(new QName(namespace, "BinarySecret"))) {
                         String content = DOMUtils.getContent(computedKeyChild);
@@ -1560,11 +1560,11 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         if (encryptionAlgorithm != null && encryptionAlgorithm.endsWith("spnego#GSS_Wrap")) {
             // Get the CipherValue
             Element tmpE =
-                XMLUtils.getDirectChildElement(child, "CipherData", WSConstants.ENC_NS);
+                XMLUtils.getDirectChildElement(child, "CipherData", WSS4JConstants.ENC_NS);
             byte[] cipherValue = null;
             if (tmpE != null) {
                 tmpE =
-                    XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSConstants.ENC_NS);
+                    XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSS4JConstants.ENC_NS);
                 if (tmpE != null) {
                     String content = DOMUtils.getContent(tmpE);
                     cipherValue = Base64.getMimeDecoder().decode(content);
@@ -1658,10 +1658,10 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         String id = null;
         if (rst != null) {
             QName elName = DOMUtils.getElementQName(rst);
-            if (elName.equals(new QName(WSConstants.SAML_NS, "Assertion"))
+            if (elName.equals(new QName(WSS4JConstants.SAML_NS, "Assertion"))
                 && rst.hasAttributeNS(null, "AssertionID")) {
                 id = rst.getAttributeNS(null, "AssertionID");
-            } else if (elName.equals(new QName(WSConstants.SAML2_NS, "Assertion"))
+            } else if (elName.equals(new QName(WSS4JConstants.SAML2_NS, "Assertion"))
                 && rst.hasAttributeNS(null, "ID")) {
                 id = rst.getAttributeNS(null, "ID");
             }
@@ -1676,13 +1676,13 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
             id = this.getIDFromSTR(rur);
         }
         if ((id == null || "".equals(id)) && rst != null) {
-            id = rst.getAttributeNS(WSConstants.WSU_NS, "Id");
+            id = rst.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
             if (id == null || "".equals(id)) {
                 QName elName = DOMUtils.getElementQName(rst);
-                if (elName.equals(new QName(WSConstants.SAML2_NS, "EncryptedAssertion"))) {
+                if (elName.equals(new QName(WSS4JConstants.SAML2_NS, "EncryptedAssertion"))) {
                     Element child = DOMUtils.getFirstElement(rst);
                     if (child != null) {
-                        id = child.getAttributeNS(WSConstants.WSU_NS, "Id");
+                        id = child.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
                     }
                 }
             }
@@ -1696,8 +1696,8 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
             return null;
         }
         QName elName = DOMUtils.getElementQName(child);
-        if (elName.equals(new QName(WSConstants.SIG_NS, "KeyInfo"))
-            || elName.equals(new QName(WSConstants.WSSE_NS, "KeyIdentifier"))) {
+        if (elName.equals(new QName(WSS4JConstants.SIG_NS, "KeyInfo"))
+            || elName.equals(new QName(WSS4JConstants.WSSE_NS, "KeyIdentifier"))) {
             return DOMUtils.getContent(child);
         } else if (elName.equals(Reference.TOKEN)) {
             return child.getAttributeNS(null, "URI");

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
index 4ef4ab4..37d74cb 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
@@ -33,10 +33,10 @@ import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
 
 public class DefaultSTSTokenCacher implements STSTokenCacher {
 
@@ -140,7 +140,7 @@ public class DefaultSTSTokenCacher implements STSTokenCacher {
     private static boolean isOneTimeUse(SecurityToken issuedToken) {
         Element token = issuedToken.getToken();
         if (token != null && "Assertion".equals(token.getLocalName())
-            && WSConstants.SAML2_NS.equals(token.getNamespaceURI())) {
+            && WSS4JConstants.SAML2_NS.equals(token.getNamespaceURI())) {
             try {
                 SamlAssertionWrapper assertion = new SamlAssertionWrapper(token);
 
@@ -161,26 +161,26 @@ public class DefaultSTSTokenCacher implements STSTokenCacher {
         if (token != null) {
             // For SAML tokens get the ID/AssertionID
             if ("Assertion".equals(token.getLocalName())
-                && WSConstants.SAML2_NS.equals(token.getNamespaceURI())) {
+                && WSS4JConstants.SAML2_NS.equals(token.getNamespaceURI())) {
                 return token.getAttributeNS(null, "ID");
             } else if ("Assertion".equals(token.getLocalName())
-                && WSConstants.SAML_NS.equals(token.getNamespaceURI())) {
+                && WSS4JConstants.SAML_NS.equals(token.getNamespaceURI())) {
                 return token.getAttributeNS(null, "AssertionID");
             }
 
             // For UsernameTokens get the username
-            if (WSConstants.USERNAME_TOKEN_LN.equals(token.getLocalName())
-                && WSConstants.WSSE_NS.equals(token.getNamespaceURI())) {
+            if (WSS4JConstants.USERNAME_TOKEN_LN.equals(token.getLocalName())
+                && WSS4JConstants.WSSE_NS.equals(token.getNamespaceURI())) {
                 Element usernameElement =
-                    XMLUtils.getDirectChildElement(token, WSConstants.USERNAME_LN, WSConstants.WSSE_NS);
+                    XMLUtils.getDirectChildElement(token, WSS4JConstants.USERNAME_LN, WSS4JConstants.WSSE_NS);
                 if (usernameElement != null) {
                     return XMLUtils.getElementText(usernameElement);
                 }
             }
 
             // For BinarySecurityTokens take the hash of the value
-            if (WSConstants.BINARY_TOKEN_LN.equals(token.getLocalName())
-                && WSConstants.WSSE_NS.equals(token.getNamespaceURI())) {
+            if (WSS4JConstants.BINARY_TOKEN_LN.equals(token.getLocalName())
+                && WSS4JConstants.WSSE_NS.equals(token.getNamespaceURI())) {
                 String text = XMLUtils.getElementText(token);
                 if (text != null && !"".equals(text)) {
                     try {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
index 5357f35..ce00a9f 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSLoginModule.java
@@ -61,9 +61,9 @@ import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
 import org.apache.cxf.ws.security.trust.claims.RoleClaimsCallbackHandler;
 import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.util.Loader;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.message.token.UsernameToken;
 import org.apache.wss4j.dom.validate.Credential;
@@ -347,7 +347,7 @@ public class STSLoginModule implements LoginModule {
 
         Document doc = DOMUtils.createDocument();
         UsernameToken token = new UsernameToken(false, doc,
-                                                WSConstants.PASSWORD_TEXT);
+                                                WSS4JConstants.PASSWORD_TEXT);
         token.setName(username);
         token.setPassword(password);
         return token;

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
index d957db0..3176e43 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractTokenInterceptor.java
@@ -49,6 +49,7 @@ import org.apache.cxf.ws.policy.PolicyException;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.policy.SPConstants;
@@ -154,8 +155,8 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
         for (Header h : message.getHeaders()) {
             QName n = h.getName();
             if (n.getLocalPart().equals("Security")
-                && (n.getNamespaceURI().equals(WSConstants.WSSE_NS)
-                    || n.getNamespaceURI().equals(WSConstants.WSSE11_NS))) {
+                && (n.getNamespaceURI().equals(WSS4JConstants.WSSE_NS)
+                    || n.getNamespaceURI().equals(WSS4JConstants.WSSE11_NS))) {
                 return h;
             }
         }
@@ -163,9 +164,9 @@ public abstract class AbstractTokenInterceptor extends AbstractSoapInterceptor {
             return null;
         }
         Document doc = DOMUtils.createDocument();
-        Element el = doc.createElementNS(WSConstants.WSSE_NS, "wsse:Security");
-        el.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS);
-        SoapHeader sh = new SoapHeader(new QName(WSConstants.WSSE_NS, "Security"), el);
+        Element el = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:Security");
+        el.setAttributeNS(WSS4JConstants.XMLNS_NS, "xmlns:wsse", WSS4JConstants.WSSE_NS);
+        SoapHeader sh = new SoapHeader(new QName(WSS4JConstants.WSSE_NS, "Security"), el);
         sh.setMustUnderstand(true);
         message.getHeaders().add(sh);
         return sh;

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
index 0d57a9a..e222faa 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
@@ -36,10 +36,10 @@ import org.apache.cxf.phase.PhaseInterceptor;
 import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.ConfigurationConstants;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
 
@@ -49,9 +49,9 @@ public abstract class AbstractWSS4JInterceptor extends WSHandler implements Soap
     private static final Set<QName> HEADERS = new HashSet<>();
 
     static {
-        HEADERS.add(new QName(WSConstants.WSSE_NS, "Security"));
-        HEADERS.add(new QName(WSConstants.ENC_NS, "EncryptedData"));
-        HEADERS.add(new QName(WSConstants.WSSE11_NS, "EncryptedHeader"));
+        HEADERS.add(new QName(WSS4JConstants.WSSE_NS, "Security"));
+        HEADERS.add(new QName(WSS4JConstants.ENC_NS, "EncryptedData"));
+        HEADERS.add(new QName(WSS4JConstants.WSSE11_NS, "EncryptedHeader"));
     }
 
     private Map<String, Object> properties = new ConcurrentHashMap<>();

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
index 68f2ec9..f9c8bd2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
@@ -59,6 +59,7 @@ import org.apache.wss4j.common.util.Loader;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
 import org.apache.wss4j.stax.setup.ConfigurationConverter;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 
 public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
     PhaseInterceptor<SoapMessage> {
@@ -68,7 +69,7 @@ public abstract class AbstractWSS4JStaxInterceptor implements SoapInterceptor,
 
     static {
         HEADERS.add(new QName(WSSConstants.NS_WSSE10, "Security"));
-        HEADERS.add(new QName(WSSConstants.NS_XMLENC, "EncryptedData"));
+        HEADERS.add(new QName(XMLSecurityConstants.NS_XMLENC, "EncryptedData"));
         HEADERS.add(new QName(WSSConstants.NS_WSSE11, "EncryptedHeader"));
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
index a56c980..595d419 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AlgorithmSuiteTranslater.java
@@ -26,9 +26,9 @@ import java.util.List;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.crypto.AlgorithmSuite;
 import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractBinding;
@@ -132,10 +132,10 @@ public final class AlgorithmSuiteTranslater {
 
             algorithmSuite.addTransformAlgorithm(cxfAlgorithmSuite.getC14n().getValue());
             algorithmSuite.addTransformAlgorithm(SPConstants.STRT10);
-            algorithmSuite.addTransformAlgorithm(WSConstants.C14N_EXCL_OMIT_COMMENTS);
-            algorithmSuite.addTransformAlgorithm(WSConstants.NS_XMLDSIG_ENVELOPED_SIGNATURE);
-            algorithmSuite.addTransformAlgorithm(WSConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS);
-            algorithmSuite.addTransformAlgorithm(WSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS);
+            algorithmSuite.addTransformAlgorithm(WSS4JConstants.C14N_EXCL_OMIT_COMMENTS);
+            algorithmSuite.addTransformAlgorithm(WSS4JConstants.NS_XMLDSIG_ENVELOPED_SIGNATURE);
+            algorithmSuite.addTransformAlgorithm(WSS4JConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS);
+            algorithmSuite.addTransformAlgorithm(WSS4JConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS);
 
             algorithmSuite.addDerivedKeyAlgorithm(SPConstants.P_SHA1);
             algorithmSuite.addDerivedKeyAlgorithm(SPConstants.P_SHA1_L128);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
index 3b3542e..3664da1 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
@@ -35,6 +35,7 @@ import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDocInfo;
@@ -65,8 +66,8 @@ public class BinarySecurityTokenInterceptor extends AbstractTokenInterceptor {
         Element el = (Element)h.getObject();
         Element child = DOMUtils.getFirstElement(el);
         while (child != null) {
-            if (WSConstants.BINARY_TOKEN_LN.equals(child.getLocalName())
-                && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
+            if (WSS4JConstants.BINARY_TOKEN_LN.equals(child.getLocalName())
+                && WSS4JConstants.WSSE_NS.equals(child.getNamespaceURI())) {
                 try {
                     List<WSSecurityEngineResult> bstResults = processToken(child, message);
                     if (bstResults != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
index 9ca26a8..ed6a90c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageChecker.java
@@ -46,6 +46,7 @@ import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope;
 import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDataRef;
@@ -148,7 +149,8 @@ public class CryptoCoverageChecker extends AbstractSoapInterceptor {
                             CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
                         if (sl != null) {
                             if (sl.size() == 1
-                                && sl.get(0).getName().equals(new QName(WSConstants.SIG_NS, WSConstants.SIG_LN))) {
+                                && sl.get(0).getName().equals(new QName(WSS4JConstants.SIG_NS,
+                                                                        WSS4JConstants.SIG_LN))) {
                                 //endorsing the signature so don't include
                                 continue;
                             }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
index eedc7e8..d91df20 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
@@ -35,8 +35,8 @@ import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.helpers.MapNamespaceContext;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSDataRef;
 
 
@@ -73,11 +73,11 @@ public final class CryptoCoverageUtil {
             Element protectedElement = signedRef.getProtectedElement();
             if (protectedElement != null
                 && ("EncryptedData".equals(protectedElement.getLocalName())
-                && WSConstants.ENC_NS.equals(protectedElement.getNamespaceURI())
-                || WSConstants.ENCRYPTED_HEADER.equals(protectedElement.getLocalName())
-                && WSConstants.WSSE11_NS.equals(protectedElement.getNamespaceURI())
-                || WSConstants.ENCRYPED_ASSERTION_LN.equals(protectedElement.getLocalName())
-                && WSConstants.SAML2_NS.equals(protectedElement.getNamespaceURI()))) {
+                && WSS4JConstants.ENC_NS.equals(protectedElement.getNamespaceURI())
+                || WSS4JConstants.ENCRYPTED_HEADER.equals(protectedElement.getLocalName())
+                && WSS4JConstants.WSSE11_NS.equals(protectedElement.getNamespaceURI())
+                || WSS4JConstants.ENCRYPED_ASSERTION_LN.equals(protectedElement.getLocalName())
+                && WSS4JConstants.SAML2_NS.equals(protectedElement.getNamespaceURI()))) {
                 for (WSDataRef encryptedRef : encryptedRefs) {
                     if (protectedElement == encryptedRef.getEncryptedElement()) {
 
@@ -140,9 +140,9 @@ public final class CryptoCoverageUtil {
     ) throws WSSecurityException {
         String requiredTransform = null;
         if (type == CoverageType.SIGNED && scope == CoverageScope.CONTENT) {
-            requiredTransform = WSConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS;
+            requiredTransform = WSS4JConstants.SWA_ATTACHMENT_CONTENT_SIG_TRANS;
         } else if (type == CoverageType.SIGNED) {
-            requiredTransform = WSConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS;
+            requiredTransform = WSS4JConstants.SWA_ATTACHMENT_COMPLETE_SIG_TRANS;
         }
 
         if (attachments != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index c2cd5ed..dd8506e 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -46,6 +46,7 @@ import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.PasswordEncryptor;
@@ -89,8 +90,8 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
         Element child = DOMUtils.getFirstElement(el);
         while (child != null) {
             if ("Assertion".equals(child.getLocalName())
-                && (WSConstants.SAML_NS.equals(child.getNamespaceURI())
-                    || WSConstants.SAML2_NS.equals(child.getNamespaceURI()))) {
+                && (WSS4JConstants.SAML_NS.equals(child.getNamespaceURI())
+                    || WSS4JConstants.SAML2_NS.equals(child.getNamespaceURI()))) {
                 try {
                     List<WSSecurityEngineResult> samlResults = processToken(child, message);
                     if (samlResults != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
index 01f25f6..a5005a5 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
@@ -91,7 +91,7 @@ public class StaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessag
                 requiredEvent = WSSecurityEventConstants.TIMESTAMP;
             } else if (WSSConstants.USERNAMETOKEN.equals(action)) {
                 requiredEvent = WSSecurityEventConstants.USERNAME_TOKEN;
-            } else if (WSSConstants.SIGNATURE.equals(action)) {
+            } else if (XMLSecurityConstants.SIGNATURE.equals(action)) {
                 requiredEvent = WSSecurityEventConstants.SignatureValue;
             } else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action)
                 || WSSConstants.SAML_TOKEN_UNSIGNED.equals(action)) {
@@ -106,7 +106,7 @@ public class StaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessag
                 throw WSS4JUtils.createSoapFault(soapMessage, soapMessage.getVersion(), ex);
             }
 
-            if (WSSConstants.ENCRYPT.equals(action)) {
+            if (XMLSecurityConstants.ENCRYPT.equals(action)) {
                 boolean foundEncryptionPart =
                     isEventInResults(WSSecurityEventConstants.ENCRYPTED_PART, incomingSecurityEventList);
                 if (!foundEncryptionPart) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
index e41bea7..36f8f60 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
@@ -49,6 +49,7 @@ import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.bsp.BSPEnforcer;
 import org.apache.wss4j.common.cache.ReplayCache;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
@@ -94,7 +95,7 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
         Element child = DOMUtils.getFirstElement(el);
         while (child != null) {
             if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())
-                && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
+                && WSS4JConstants.WSSE_NS.equals(child.getNamespaceURI())) {
                 try {
                     boolean bspCompliant = isWsiBSPCompliant(message);
                     Principal principal = null;
@@ -428,9 +429,9 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor {
                 utBuilder.setIdAllocator(wssConfig.getIdAllocator());
                 utBuilder.setWsTimeSource(wssConfig.getCurrentTime());
                 if (token.getPasswordType() == UsernameToken.PasswordType.HashPassword) {
-                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
+                    utBuilder.setPasswordType(WSS4JConstants.PASSWORD_DIGEST);
                 } else {
-                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
+                    utBuilder.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
                 }
 
                 if (token.isCreated()) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
index 73879fe..94f9544 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
@@ -59,6 +59,7 @@ import org.apache.wss4j.stax.setup.InboundWSSec;
 import org.apache.wss4j.stax.setup.WSSec;
 import org.apache.wss4j.stax.validate.Validator;
 import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
 import org.apache.xml.security.stax.securityEvent.SecurityEventListener;
@@ -347,7 +348,7 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor {
         }
         validator = loadValidator(SecurityConstants.SIGNATURE_TOKEN_VALIDATOR, message);
         if (validator != null) {
-            properties.addValidator(WSSConstants.TAG_dsig_Signature, validator);
+            properties.addValidator(XMLSecurityConstants.TAG_dsig_Signature, validator);
         }
         validator = loadValidator(SecurityConstants.TIMESTAMP_TOKEN_VALIDATOR, message);
         if (validator != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 724d8aa..ce484d0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -83,6 +83,7 @@ import org.apache.cxf.wsdl.WSDLConstants;
 import org.apache.neethi.Assertion;
 import org.apache.wss4j.common.ConfigurationConstants;
 import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.bsp.BSPEnforcer;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -564,16 +565,16 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         sig.setStoreBytesInAttachment(storeBytesInAttachment);
         
         String tokenType = secToken.getTokenType();
-        if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
-            || WSConstants.SAML_NS.equals(tokenType)) {
-            sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
-        } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
-            || WSConstants.SAML2_NS.equals(tokenType)) {
-            sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+        if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+            || WSS4JConstants.SAML_NS.equals(tokenType)) {
+            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
+        } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+            || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
         } else if (tokenType != null) {
             sig.setCustomTokenValueType(tokenType);
         } else {
-            sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
         }
         sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
         sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
@@ -668,8 +669,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 WSSecSignature tempSig = (WSSecSignature) tempTok;
                 SecurityTokenReference secRef = tempSig.getSecurityTokenReference();
 
-                if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())
-                    || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) {
+                if (WSS4JConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())
+                    || WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) {
 
                     Element secRefElement = cloneElement(secRef.getElement());
                     addSupportingElement(secRefElement);
@@ -712,13 +713,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             } else if (tempTok instanceof WSSecurityTokenHolder) {
                 SecurityToken token = ((WSSecurityTokenHolder)tempTok).getToken();
                 String tokenType = token.getTokenType();
-                if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
-                    || WSConstants.SAML_NS.equals(tokenType)
-                    || WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
-                    || WSConstants.SAML2_NS.equals(tokenType)) {
+                if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+                    || WSS4JConstants.SAML_NS.equals(tokenType)
+                    || WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+                    || WSS4JConstants.SAML2_NS.equals(tokenType)) {
                     Document doc = token.getToken().getOwnerDocument();
-                    boolean saml1 = WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
-                        || WSConstants.SAML_NS.equals(tokenType);
+                    boolean saml1 = WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+                        || WSS4JConstants.SAML_NS.equals(tokenType);
                     String id = token.getId();
                     if (id == null || "".equals(id)) {
                         if (saml1) {
@@ -778,21 +779,21 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 new org.apache.wss4j.common.token.Reference(doc);
             ref.setURI("#" + id);
             if (saml1) {
-                ref.setValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
-                secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+                ref.setValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
+                secRefSaml.addTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
             } else {
-                secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+                secRefSaml.addTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
             }
             secRefSaml.setReference(ref);
         } else {
-            Element keyId = doc.createElementNS(WSConstants.WSSE_NS, "wsse:KeyIdentifier");
+            Element keyId = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:KeyIdentifier");
             String valueType = null;
             if (saml1) {
-                valueType = WSConstants.WSS_SAML_KI_VALUE_TYPE;
-                secRefSaml.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+                valueType = WSS4JConstants.WSS_SAML_KI_VALUE_TYPE;
+                secRefSaml.addTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
             } else {
-                valueType = WSConstants.WSS_SAML2_KI_VALUE_TYPE;
-                secRefSaml.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+                valueType = WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE;
+                secRefSaml.addTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
             }
             keyId.setAttributeNS(
                 null, "ValueType", valueType
@@ -830,9 +831,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 if (password != null) {
                     // If the password is available then build the token
                     if (token.getPasswordType() == UsernameToken.PasswordType.HashPassword) {
-                        utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
+                        utBuilder.setPasswordType(WSS4JConstants.PASSWORD_DIGEST);
                     } else {
-                        utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
+                        utBuilder.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
                     }
                     utBuilder.setUserInfo(userName, password);
                 } else {
@@ -907,10 +908,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 String localname = tokenElement.getLocalName();
                 SamlTokenType tokenType = token.getSamlTokenType();
                 if ((tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11)
-                    && WSConstants.SAML_NS.equals(namespace) && "Assertion".equals(localname)) {
+                    && WSS4JConstants.SAML_NS.equals(namespace) && "Assertion".equals(localname)) {
                     return new SamlAssertionWrapper(tokenElement);
                 } else if (tokenType == SamlTokenType.WssSamlV20Token11
-                    && WSConstants.SAML2_NS.equals(namespace) && "Assertion".equals(localname)) {
+                    && WSS4JConstants.SAML2_NS.equals(namespace) && "Assertion".equals(localname)) {
                     return new SamlAssertionWrapper(tokenElement);
                 }
             }
@@ -974,9 +975,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         }
         SecurityToken secToken = new SecurityToken(id);
         if (assertion.getSaml2() != null) {
-            secToken.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+            secToken.setTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
         } else {
-            secToken.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+            secToken.setTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
         }
         secToken.setToken(assertion.getElement());
         getTokenStore().add(secToken);
@@ -987,15 +988,15 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         String id = null;
         if (samlToken != null) {
             QName elName = DOMUtils.getElementQName(samlToken);
-            if (elName.equals(new QName(WSConstants.SAML_NS, "Assertion"))
+            if (elName.equals(new QName(WSS4JConstants.SAML_NS, "Assertion"))
                 && samlToken.hasAttributeNS(null, "AssertionID")) {
                 id = samlToken.getAttributeNS(null, "AssertionID");
-            } else if (elName.equals(new QName(WSConstants.SAML2_NS, "Assertion"))
+            } else if (elName.equals(new QName(WSS4JConstants.SAML2_NS, "Assertion"))
                 && samlToken.hasAttributeNS(null, "ID")) {
                 id = samlToken.getAttributeNS(null, "ID");
             }
             if (id == null) {
-                id = samlToken.getAttributeNS(WSConstants.WSU_NS, "Id");
+                id = samlToken.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
             }
         }
         return id;
@@ -1772,13 +1773,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             } else {
                 int type = attached ? WSConstants.CUSTOM_SYMM_SIGNING
                     : WSConstants.CUSTOM_SYMM_SIGNING_DIRECT;
-                if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
-                    || WSConstants.SAML_NS.equals(tokenType)) {
-                    sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+                if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+                    || WSS4JConstants.SAML_NS.equals(tokenType)) {
+                    sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
                     sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
-                } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
-                    || WSConstants.SAML2_NS.equals(tokenType)) {
-                    sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+                } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+                    || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+                    sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
                     sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
                 } else {
                     sig.setCustomTokenValueType(tokenType);
@@ -2007,7 +2008,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 = new SecurityTokenReference(doc);
             if (tok.getSHA1() != null) {
                 tokenRef.setKeyIdentifierEncKeySHA1(tok.getSHA1());
-                tokenRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
+                tokenRef.addTokenType(WSS4JConstants.WSS_ENC_KEY_VALUE_TYPE);
             }
             dkSign.setExternalKey(tok.getSecret(), tokenRef.getElement());
 
@@ -2022,10 +2023,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
         dkSign.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
         if (tok.getSHA1() != null) {
             //Set the value type of the reference
-            dkSign.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
-                + WSConstants.ENC_KEY_VALUE_TYPE);
+            dkSign.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#"
+                + WSS4JConstants.ENC_KEY_VALUE_TYPE);
         } else if (policyToken instanceof UsernameToken) {
-            dkSign.setCustomValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
+            dkSign.setCustomValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
         }
 
         dkSign.prepare();
@@ -2072,7 +2073,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             if (isRequestor()) {
                 // TODO Add support for SAML2 here
                 sig.setCustomTokenValueType(
-                    WSConstants.SOAPMESSAGE_NS11 + "#" + WSConstants.ENC_KEY_VALUE_TYPE
+                    WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.ENC_KEY_VALUE_TYPE
                 );
                 sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
             } else {
@@ -2083,18 +2084,18 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
 
         } else {
             String tokenType = tok.getTokenType();
-            if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
-                || WSConstants.SAML_NS.equals(tokenType)) {
-                sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
-            } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
-                || WSConstants.SAML2_NS.equals(tokenType)) {
-                sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+            if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+                || WSS4JConstants.SAML_NS.equals(tokenType)) {
+                sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
+            } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+                || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+                sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
             } else if (tokenType != null) {
                 sig.setCustomTokenValueType(tokenType);
             } else if (policyToken instanceof UsernameToken) {
-                sig.setCustomTokenValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
+                sig.setCustomTokenValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
             } else {
-                sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+                sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
             }
             sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
index fa6859f..0860627 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
@@ -48,6 +48,7 @@ import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.PolicyUtils;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SAMLCallback;
@@ -55,7 +56,6 @@ import org.apache.wss4j.common.saml.bean.KeyInfoBean;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
 import org.apache.wss4j.common.saml.bean.Version;
 import org.apache.wss4j.common.util.KeyUtils;
-import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.SPConstants.IncludeTokenType;
 import org.apache.wss4j.policy.model.AbstractBinding;
@@ -94,6 +94,7 @@ import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.OutboundSecurityContext;
 import org.apache.xml.security.stax.ext.SecurePart;
 import org.apache.xml.security.stax.ext.SecurePart.Modifier;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
 import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
@@ -245,11 +246,11 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
                 kerberosSecurityTokenProvider.getId());
 
         if (encrypting) {
-            outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
+            outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
                     kerberosSecurityTokenProvider.getId());
         }
         if (endorsing) {
-            outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
+            outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
                     kerberosSecurityTokenProvider.getId());
         }
 
@@ -350,7 +351,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
                                 samlCallback.setAssertionElement(el);
                                 samlCallback.setSubject(subjectBean);
 
-                                if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
+                                if (WSS4JConstants.SAML_NS.equals(el.getNamespaceURI())) {
                                     samlCallback.setSamlVersion(Version.SAML_11);
                                 } else {
                                     samlCallback.setSamlVersion(Version.SAML_20);
@@ -363,7 +364,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
                 properties.setSamlCallbackHandler(callbackHandler);
 
                 QName qname = WSSConstants.TAG_SAML2_ASSERTION;
-                if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
+                if (WSS4JConstants.SAML_NS.equals(el.getNamespaceURI())) {
                     qname = WSSConstants.TAG_SAML_ASSERTION;
                 }
 
@@ -450,9 +451,9 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
 
         outboundSecurityContext.registerSecurityTokenProvider(
                 encryptedKeySecurityTokenProvider.getId(), encryptedKeySecurityTokenProvider);
-        outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
+        outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
                 encryptedKeySecurityTokenProvider.getId());
-        outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
+        outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
                 encryptedKeySecurityTokenProvider.getId());
         outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN,
                 encryptedKeySecurityTokenProvider.getId());
@@ -679,7 +680,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
                         new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element);
                     encryptedTokensList.add(part);
                 }
-                ret.put(token, new SecurePart(WSSConstants.TAG_dsig_Signature, Modifier.Element));
+                ret.put(token, new SecurePart(XMLSecurityConstants.TAG_dsig_Signature, Modifier.Element));
             } else if (token instanceof SamlToken) {
                 SecurePart securePart = addSamlToken((SamlToken)token, signed, endorse);
                 if (securePart != null) {
@@ -990,8 +991,8 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
         if (properties.getActions() != null) {
             List<WSSConstants.Action> actionList = properties.getActions();
             if (actionList.contains(WSSConstants.SAML_TOKEN_SIGNED)
-                && actionList.contains(WSSConstants.SIGNATURE)) {
-                actionList.remove(WSSConstants.SIGNATURE);
+                && actionList.contains(XMLSecurityConstants.SIGNATURE)) {
+                actionList.remove(XMLSecurityConstants.SIGNATURE);
             }
         }
     }
@@ -1001,9 +1002,9 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
         if (properties.getActions() != null) {
             List<WSSConstants.Action> actionList = properties.getActions();
             boolean sigConf = actionList.contains(WSSConstants.SIGNATURE_CONFIRMATION);
-            if (sigConf && actionList.contains(WSSConstants.SIGNATURE)) {
+            if (sigConf && actionList.contains(XMLSecurityConstants.SIGNATURE)) {
                 actionList.remove(WSSConstants.SIGNATURE_CONFIRMATION);
-                actionList.add(actionList.indexOf(WSSConstants.SIGNATURE) + 1,
+                actionList.add(actionList.indexOf(XMLSecurityConstants.SIGNATURE) + 1,
                                WSSConstants.SIGNATURE_CONFIRMATION);
             } else if (sigConf && actionList.contains(WSSConstants.SIGNATURE_WITH_DERIVED_KEY)) {
                 actionList.remove(WSSConstants.SIGNATURE_CONFIRMATION);
@@ -1029,7 +1030,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa
     protected void putCustomTokenAfterSignature() {
         if (properties.getActions() != null) {
             List<WSSConstants.Action> actionList = properties.getActions();
-            if ((actionList.contains(WSSConstants.SIGNATURE)
+            if ((actionList.contains(XMLSecurityConstants.SIGNATURE)
                 || actionList.contains(WSSConstants.SIGNATURE_WITH_DERIVED_KEY)
                 || actionList.contains(WSSConstants.SIGNATURE_WITH_KERBEROS_TOKEN))
                 && actionList.contains(WSSConstants.CUSTOM_TOKEN)) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 2c678f8..824cc59 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -48,6 +48,7 @@ import org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler;
 import org.apache.cxf.ws.security.wss4j.StaxSerializer;
 import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
 import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.WSS4JConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.derivedKey.ConversationConstants;
 import org.apache.wss4j.common.ext.WSSecurityException;
@@ -422,8 +423,8 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
             try {
                 // Encrypt, get hold of the ref list and add it
                 Element secondRefList = saaj.getSOAPPart()
-                    .createElementNS(WSConstants.ENC_NS,
-                                     WSConstants.ENC_PREFIX + ":ReferenceList");
+                    .createElementNS(WSS4JConstants.ENC_NS,
+                                     WSS4JConstants.ENC_PREFIX + ":ReferenceList");
                 if (lastEncryptedKeyElement != null) {
                     insertAfter(secondRefList, lastEncryptedKeyElement);
                 } else {
@@ -466,14 +467,14 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                 if (!isRequestor() && securityToken != null
                     && recToken.getToken() instanceof SamlToken) {
                     String tokenType = securityToken.getTokenType();
-                    if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
-                        || WSConstants.SAML_NS.equals(tokenType)) {
-                        encr.setCustomEKTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+                    if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
+                        || WSS4JConstants.SAML_NS.equals(tokenType)) {
+                        encr.setCustomEKTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
                         encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
                         encr.setCustomEKTokenId(securityToken.getId());
-                    } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
-                        || WSConstants.SAML2_NS.equals(tokenType)) {
-                        encr.setCustomEKTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+                    } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
+                        || WSS4JConstants.SAML2_NS.equals(tokenType)) {
+                        encr.setCustomEKTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
                         encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
                         encr.setCustomEKTokenId(securityToken.getId());
                     } else {
@@ -577,8 +578,8 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
 
             dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
             dkEncr.getParts().addAll(encrParts);
-            dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
-                + WSConstants.ENC_KEY_VALUE_TYPE);
+            dkEncr.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#"
+                + WSS4JConstants.ENC_KEY_VALUE_TYPE);
             AlgorithmSuiteType algType = algorithmSuite.getAlgorithmSuiteType();
             dkEncr.setSymmetricEncAlgorithm(algType.getEncryption());
             dkEncr.setDerivedKeyLength(algType.getEncryptionDerivedKeyLength() / 8);
@@ -665,8 +666,8 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
             AlgorithmSuiteType algType = abinding.getAlgorithmSuite().getAlgorithmSuiteType();
             dkSign.setDigestAlgorithm(algType.getDigest());
             dkSign.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
-            dkSign.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
-                    + WSConstants.ENC_KEY_VALUE_TYPE);
+            dkSign.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#"
+                    + WSS4JConstants.ENC_KEY_VALUE_TYPE);
 
             boolean includePrefixes =
                 MessageUtils.getContextualBoolean(
@@ -682,7 +683,7 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                         new QName(abinding.getName().getNamespaceURI(), SPConstants.PROTECT_TOKENS));
                     if (bstElement != null) {
                         WSEncryptionPart bstPart =
-                            new WSEncryptionPart(bstElement.getAttributeNS(WSConstants.WSU_NS, "Id"));
+                            new WSEncryptionPart(bstElement.getAttributeNS(WSS4JConstants.WSU_NS, "Id"));
                         bstPart.setElement(bstElement);
                         sigParts.add(bstPart);
                     } else {
@@ -829,9 +830,9 @@ public class AsymmetricBindingHandler extends AbstractBindingBuilder {
                     SamlAssertionWrapper samlAssertion =
                         (SamlAssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                     if (samlAssertion.getSamlVersion() == SAMLVersion.VERSION_20) {
-                        tempTok.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+                        tempTok.setTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
                     } else {
-                        tempTok.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+                        tempTok.setTokenType(WSS4JConstants.WSS_SAML_TOKEN_TYPE);
                     }
 
                     message.put(SecurityConstants.TOKEN, tempTok);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f0797a55/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
index f138a1a..c738a2a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
@@ -58,6 +58,7 @@ import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.stax.ext.OutboundSecurityContext;
 import org.apache.xml.security.stax.ext.SecurePart;
 import org.apache.xml.security.stax.ext.SecurePart.Modifier;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 
 /**
  *
@@ -134,7 +135,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
 
                     if (sigTok != null) {
                         storeSecurityToken(initiatorToken, sigTok);
-                        outboundSecurityContext.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+                        outboundSecurityContext.remove(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
                     }
 
                     // Set up CallbackHandler which wraps the configured Handler
@@ -187,7 +188,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
             //Check for signature protection
             if (abinding.isEncryptSignature()) {
                 SecurePart part =
-                    new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element);
+                    new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
                 enc.add(part);
                 if (signatureConfirmationAdded) {
                     SecurePart securePart =
@@ -261,7 +262,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
 
                     if (sigTok != null) {
                         storeSecurityToken(initiatorToken, sigTok);
-                        outboundSecurityContext.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+                        outboundSecurityContext.remove(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
                     }
 
                     // Set up CallbackHandler which wraps the configured Handler
@@ -299,7 +300,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
                 //Check for signature protection
                 if (abinding.isEncryptSignature()) {
                     SecurePart part =
-                        new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element);
+                        new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
                     encrParts.add(part);
                     if (signatureConfirmationAdded) {
                         SecurePart securePart =
@@ -356,7 +357,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
 
             // Action
             WSSSecurityProperties properties = getProperties();
-            WSSConstants.Action actionToPerform = WSSConstants.ENCRYPT;
+            WSSConstants.Action actionToPerform = XMLSecurityConstants.ENCRYPT;
             if (recToken.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
                 actionToPerform = WSSConstants.ENCRYPT_WITH_DERIVED_KEY;
             }
@@ -414,7 +415,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler {
 
         // Action
         WSSSecurityProperties properties = getProperties();
-        WSSConstants.Action actionToPerform = WSSConstants.SIGNATURE;
+        WSSConstants.Action actionToPerform = XMLSecurityConstants.SIGNATURE;
         if (wrapper.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
             actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
         }


Mime
View raw message