This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch coheigea/saml-refactor-new
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
commit 714afbfcf6924e4165a7b0ad801a1b19b5c74a82
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Tue Jun 17 12:45:50 2025 +0100
Moving Credential into ws-security-common
---
.../wss4j/common}/dom/validate/Credential.java | 15 ++++-----
.../wss4j/common/principal/SAMLTokenPrincipal.java | 8 +----
.../common/principal/SAMLTokenPrincipalImpl.java | 38 ++++++++++++++--------
.../processor/BinarySecurityTokenProcessor.java | 2 +-
.../wss4j/dom/processor/SAMLTokenProcessor.java | 4 +--
.../processor/SecurityContextTokenProcessor.java | 2 +-
.../wss4j/dom/processor/SignatureProcessor.java | 2 +-
.../wss4j/dom/processor/TimestampProcessor.java | 2 +-
.../dom/processor/UsernameTokenProcessor.java | 2 +-
.../apache/wss4j/dom/str/SignatureSTRParser.java | 2 +-
.../dom/validate/JAASUsernameTokenValidator.java | 1 +
.../wss4j/dom/validate/KerberosTokenValidator.java | 1 +
.../apache/wss4j/dom/validate/NoOpValidator.java | 1 +
.../wss4j/dom/validate/SamlAssertionValidator.java | 3 +-
.../dom/validate/SignatureTrustValidator.java | 1 +
.../wss4j/dom/validate/TimestampValidator.java | 1 +
.../wss4j/dom/validate/UsernameTokenValidator.java | 1 +
.../org/apache/wss4j/dom/validate/Validator.java | 1 +
.../dom/common/CustomSamlAssertionValidator.java | 4 +--
.../wss4j/dom/message/token/BSTKerberosTest.java | 2 +-
.../org/apache/wss4j/dom/misc/PrincipalTest.java | 2 +-
.../apache/wss4j/dom/validate/ValidatorTest.java | 1 +
22 files changed, 54 insertions(+), 42 deletions(-)
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/validate/Credential.java
similarity index 93%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/validate/Credential.java
index c6e10fc84..bcf2cae11 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/validate/Credential.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom.validate;
+package org.apache.wss4j.common.dom.validate;
import java.security.Principal;
import java.security.PublicKey;
@@ -25,7 +25,6 @@ import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.token.BinarySecurity;
import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
import org.apache.wss4j.common.dom.message.token.Timestamp;
@@ -43,8 +42,8 @@ public class Credential {
private Timestamp timestamp;
private UsernameToken usernametoken;
private BinarySecurity binarySecurityToken;
- private SamlAssertionWrapper samlAssertion;
- private SamlAssertionWrapper transformedToken;
+ private Object samlAssertion;
+ private Object transformedToken;
private SecurityContextToken securityContextToken;
private Principal principal;
private byte[] secretKey;
@@ -168,7 +167,7 @@ public class Credential {
* Set an SamlAssertionWrapper to be validated
* @param samlAssertion an SamlAssertionWrapper to be validated
*/
- public void setSamlAssertion(SamlAssertionWrapper samlAssertion) {
+ public void setSamlAssertion(Object samlAssertion) {
this.samlAssertion = samlAssertion;
}
@@ -176,7 +175,7 @@ public class Credential {
* Get an SamlAssertionWrapper to be validated
* @return an SamlAssertionWrapper to be validated
*/
- public SamlAssertionWrapper getSamlAssertion() {
+ public Object getSamlAssertion() {
return samlAssertion;
}
@@ -184,7 +183,7 @@ public class Credential {
* Set an SamlAssertionWrapper instance which corresponds to a Transformed
Token.
* @param transformedToken a transformed SamlAssertionWrapper instance
*/
- public void setTransformedToken(SamlAssertionWrapper transformedToken) {
+ public void setTransformedToken(Object transformedToken) {
this.transformedToken = transformedToken;
}
@@ -192,7 +191,7 @@ public class Credential {
* Get an SamlAssertionWrapper instance which corresponds to a Transformed
Token.
* @return a transformed SamlAssertionWrapper instance
*/
- public SamlAssertionWrapper getTransformedToken() {
+ public Object getTransformedToken() {
return transformedToken;
}
diff --git
a/ws-security-saml/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipal.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipal.java
similarity index 87%
rename from
ws-security-saml/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipal.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipal.java
index e83601960..44b22e53b 100644
---
a/ws-security-saml/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipal.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipal.java
@@ -18,15 +18,9 @@
*/
package org.apache.wss4j.common.principal;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-
import java.security.Principal;
public interface SAMLTokenPrincipal extends Principal {
- SamlAssertionWrapper getToken();
-
- String getName();
-
- String getId();
+ Object getToken();
}
diff --git
a/ws-security-saml/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipalImpl.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipalImpl.java
similarity index 50%
rename from
ws-security-saml/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipalImpl.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipalImpl.java
index 85e9e802e..1643827e8 100644
---
a/ws-security-saml/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipalImpl.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/principal/SAMLTokenPrincipalImpl.java
@@ -19,9 +19,10 @@
package org.apache.wss4j.common.principal;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-
import java.io.Serializable;
+import java.lang.reflect.InvocationTargetException;
+
+import org.apache.wss4j.common.ext.WSSecurityException;
/**
* A principal that represents a SAML Token. It parses the Subject and returns
the Subject
@@ -31,15 +32,32 @@ public class SAMLTokenPrincipalImpl implements
Serializable, SAMLTokenPrincipal
private static final long serialVersionUID = 1L;
private String name;
- private SamlAssertionWrapper samlAssertion;
+ private Object samlAssertion;
- public SAMLTokenPrincipalImpl(SamlAssertionWrapper samlAssertion) {
+ public SAMLTokenPrincipalImpl(Object samlAssertion) throws
WSSecurityException {
this.samlAssertion = samlAssertion;
- this.name = samlAssertion.getSubjectName();
+
+ if (samlAssertion == null) {
+ throw new IllegalArgumentException("SAML Assertion cannot be
null");
+ }
+
+ // Use reflection to extract the subject name from the SAML assertion
+ try {
+ Class<?> samlAssertionWrapperClass =
Class.forName("org.apache.wss4j.common.saml.SamlAssertionWrapper");
+ if (samlAssertionWrapperClass.isInstance(samlAssertion)) {
+ Object samlWrapper =
samlAssertionWrapperClass.cast(samlAssertion);
+ this.name = (String)
samlAssertionWrapperClass.getMethod("getSubjectName").invoke(samlWrapper);
+ } else {
+ throw new IllegalArgumentException("Provided SAML Assertion is
not of the expected type");
+ }
+ } catch (ClassNotFoundException | NoSuchMethodException |
IllegalAccessException | InvocationTargetException e) {
+ throw new
WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
"invalidSAMLsecurity",
+ new Object[] {"Error extracting subject name from SAML
Assertion"});
+ }
}
@Override
- public SamlAssertionWrapper getToken() {
+ public Object getToken() {
return samlAssertion;
}
@@ -48,12 +66,4 @@ public class SAMLTokenPrincipalImpl implements Serializable,
SAMLTokenPrincipal
return this.name;
}
- @Override
- public String getId() {
- if (samlAssertion != null) {
- return samlAssertion.getId();
- }
- return null;
- }
-
}
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
index a66134392..54b25ad6c 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
@@ -36,7 +36,7 @@ import
org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.util.WSSecurityUtil;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
index c76e80301..fce6ecb13 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
@@ -49,7 +49,7 @@ import
org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor;
import org.apache.wss4j.dom.util.EncryptionUtils;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.Signature;
@@ -96,7 +96,7 @@ public class SAMLTokenProcessor implements Processor {
List<WSDataRef> dataRefs = createDataRefs(elem, samlAssertion,
xmlSignature);
Credential credential = handleSAMLToken(samlAssertion, data,
validator);
- samlAssertion = credential.getSamlAssertion();
+ samlAssertion = (SamlAssertionWrapper)credential.getSamlAssertion();
if (LOG.isDebugEnabled()) {
LOG.debug("SAML Assertion issuer " +
samlAssertion.getIssuerString());
LOG.debug(DOM2Writer.nodeToString(elem));
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
index aafa66620..d86462842 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
@@ -26,7 +26,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
index b45c57b44..c63a93da9 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
@@ -79,7 +79,7 @@ import org.apache.wss4j.common.dom.transform.STRTransformUtil;
import org.apache.wss4j.dom.util.EncryptionUtils;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.util.X509Util;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
index 6cd74759d..7e39f2d60 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
@@ -26,7 +26,7 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.common.dom.message.token.Timestamp;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
index 7418d7c1d..9a921e2ae 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
@@ -32,7 +32,7 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.common.dom.message.token.UsernameToken;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.apache.xml.security.utils.XMLUtils;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
index 533b0ee53..20898bed2 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
@@ -105,7 +105,7 @@ public class SignatureSTRParser implements STRParser {
*/
private Principal createPrincipalFromSAML(
SamlAssertionWrapper samlAssertion, STRParserResult parserResult
- ) {
+ ) throws WSSecurityException {
SAMLTokenPrincipalImpl samlPrincipal = new
SAMLTokenPrincipalImpl(samlAssertion);
String confirmMethod = null;
List<String> methods = samlAssertion.getConfirmationMethods();
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
index 53a9d9abe..224829d68 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
@@ -26,6 +26,7 @@ import javax.security.auth.login.LoginException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.NamePasswordCallbackHandler;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.common.dom.message.token.UsernameToken;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
index e7f135a46..b4827d5c5 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
@@ -29,6 +29,7 @@ import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.ext.WSSecurityException.ErrorCode;
import org.apache.wss4j.common.kerberos.KerberosServiceContext;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/NoOpValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/NoOpValidator.java
index 9984a5119..38cce8bc8 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/NoOpValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/NoOpValidator.java
@@ -20,6 +20,7 @@
package org.apache.wss4j.dom.validate;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
index 9303cd36a..a36b66ebc 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
@@ -23,6 +23,7 @@ import java.time.Instant;
import java.util.List;
import org.apache.wss4j.common.cache.ReplayCache;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.OpenSAMLUtil;
import org.apache.wss4j.common.saml.SAMLKeyInfo;
@@ -99,7 +100,7 @@ public class SamlAssertionValidator extends
SignatureTrustValidator {
if (credential == null || credential.getSamlAssertion() == null) {
throw new
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
}
- SamlAssertionWrapper samlAssertion = credential.getSamlAssertion();
+ SamlAssertionWrapper samlAssertion =
(SamlAssertionWrapper)credential.getSamlAssertion();
// Check the Subject Confirmation requirements
verifySubjectConfirmationMethod(samlAssertion);
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
index 8f15004a0..83fd79c2f 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
@@ -25,6 +25,7 @@ import java.util.Collection;
import java.util.regex.Pattern;
import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
index 955d0cbaf..d5343dac2 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
@@ -20,6 +20,7 @@
package org.apache.wss4j.dom.validate;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.common.dom.message.token.Timestamp;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
index 3fd0fb0ac..41c4574a8 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
@@ -27,6 +27,7 @@ import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.UsernameTokenUtil;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Validator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Validator.java
index eeebb6158..9aadbaebd 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Validator.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Validator.java
@@ -20,6 +20,7 @@
package org.apache.wss4j.dom.validate;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomSamlAssertionValidator.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomSamlAssertionValidator.java
index c2920c7e2..70b376c1f 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomSamlAssertionValidator.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomSamlAssertionValidator.java
@@ -22,7 +22,7 @@ package org.apache.wss4j.dom.common;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.SamlAssertionValidator;
public class CustomSamlAssertionValidator extends SamlAssertionValidator {
@@ -34,7 +34,7 @@ public class CustomSamlAssertionValidator extends
SamlAssertionValidator {
//
// Do some custom validation on the assertion
//
- SamlAssertionWrapper samlAssertion = credential.getSamlAssertion();
+ SamlAssertionWrapper samlAssertion =
(SamlAssertionWrapper)credential.getSamlAssertion();
if (!"www.example.com".equals(samlAssertion.getIssuerString())) {
throw new
WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
"invalidSAMLsecurity");
}
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
index 40b3acb0e..d6f99fbf7 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
@@ -39,7 +39,7 @@ import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecTimestamp;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.junit.jupiter.api.Test;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
index ff4554f1f..219a0beca 100644
--- a/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
+++ b/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/PrincipalTest.java
@@ -52,7 +52,7 @@ import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSAMLToken;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
-import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.junit.jupiter.api.Test;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
index b4fa3a848..a68d59bfb 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/validate/ValidatorTest.java
@@ -47,6 +47,7 @@ import
org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.common.dom.message.WSSecHeader;
+import org.apache.wss4j.common.dom.validate.Credential;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.message.WSSecTimestamp;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
