This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch coheigea/saml-refactor-new
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
The following commit(s) were added to refs/heads/coheigea/saml-refactor-new by
this push:
new cdd4a0f64 Moving message.token into ws-security-common
cdd4a0f64 is described below
commit cdd4a0f64fdfa3e698df9d1244aa45fb1cf3003a
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Tue Jun 17 11:52:24 2025 +0100
Moving message.token into ws-security-common
---
.../integration/test/kerberos/KerberosTest.java | 2 +-
.../common}/dom/message/token/DerivedKeyToken.java | 12 +--
.../dom/message/token/KerberosSecurity.java | 33 ++++----
.../dom/message/token/SecurityContextToken.java | 20 ++---
.../dom/message/token/SignatureConfirmation.java | 16 ++--
.../wss4j/common}/dom/message/token/Timestamp.java | 25 +++---
.../common}/dom/message/token/UsernameToken.java | 88 +++++++++++-----------
.../common/dom/transform/STRTransformUtil.java | 17 +----
.../org/apache/wss4j/common/util/XMLUtils.java | 28 +++++++
.../wss4j/dom/action/AbstractDerivedAction.java | 2 +-
.../org/apache/wss4j/dom/handler/WSHandler.java | 2 +-
.../wss4j/dom/message/WSSecDerivedKeyBase.java | 4 +-
.../org/apache/wss4j/dom/message/WSSecEncrypt.java | 2 +-
.../dom/message/WSSecSecurityContextToken.java | 2 +-
.../apache/wss4j/dom/message/WSSecSignature.java | 2 +-
.../dom/message/WSSecSignatureConfirmation.java | 2 +-
.../apache/wss4j/dom/message/WSSecTimestamp.java | 2 +-
.../wss4j/dom/message/WSSecUsernameToken.java | 2 +-
.../processor/BinarySecurityTokenProcessor.java | 2 +-
.../dom/processor/DerivedKeyTokenProcessor.java | 2 +-
.../processor/SecurityContextTokenProcessor.java | 2 +-
.../processor/SignatureConfirmationProcessor.java | 2 +-
.../wss4j/dom/processor/SignatureProcessor.java | 2 +-
.../wss4j/dom/processor/TimestampProcessor.java | 2 +-
.../dom/processor/UsernameTokenProcessor.java | 2 +-
.../org/apache/wss4j/dom/str/STRParserUtil.java | 2 +-
.../wss4j/dom/str/SecurityTokenRefSTRParser.java | 4 +-
.../apache/wss4j/dom/str/SignatureSTRParser.java | 6 +-
.../org/apache/wss4j/dom/validate/Credential.java | 6 +-
.../dom/validate/JAASUsernameTokenValidator.java | 2 +-
.../wss4j/dom/validate/KerberosTokenValidator.java | 2 +-
.../wss4j/dom/validate/TimestampValidator.java | 2 +-
.../wss4j/dom/validate/UsernameTokenValidator.java | 2 +-
.../apache/wss4j/dom/handler/CustomTokenTest.java | 2 +-
.../dom/handler/SignatureConfirmationTest.java | 2 +-
.../dom/message/SecurityContextTokenTest.java | 2 +-
.../apache/wss4j/dom/message/TimestampTest.java | 2 +-
.../apache/wss4j/dom/message/UTDerivedKeyTest.java | 2 +-
.../wss4j/dom/message/UsernameTokenTest.java | 2 +-
.../dom/message/token/DerivedKeyTokenTest.java | 3 +-
.../org/apache/wss4j/dom/misc/FaultCodeTest.java | 2 +-
41 files changed, 167 insertions(+), 151 deletions(-)
diff --git
a/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java
b/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java
index 10dfe5742..ab92be3eb 100644
---
a/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java
+++
b/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java
@@ -59,7 +59,7 @@ import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.validate.KerberosTokenValidator;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/DerivedKeyToken.java
similarity index 98%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/DerivedKeyToken.java
index 37aa79b6a..3cb7f46d6 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/DerivedKeyToken.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.dom.message.token;
import java.security.Principal;
import java.util.Collections;
@@ -27,8 +27,8 @@ import java.util.Map.Entry;
import javax.xml.namespace.QName;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.derivedKey.DerivedKeyUtils;
@@ -124,7 +124,7 @@ public class DerivedKeyToken {
XMLUtils.getDirectChildElement(
element,
ConversationConstants.SECURITY_TOKEN_REFERENCE_LN,
- WSConstants.WSSE_NS
+ WSS4JConstants.WSSE_NS
);
ns = el.getNamespaceURI();
@@ -199,7 +199,7 @@ public class DerivedKeyToken {
* efficiency purposes.
*/
public void addWSUNamespace() {
- element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSConstants.WSU_PREFIX, WSConstants.WSU_NS);
+ element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSS4JConstants.WSU_PREFIX, WSS4JConstants.WSU_NS);
}
/**
@@ -494,7 +494,7 @@ public class DerivedKeyToken {
* DerivedKeyToken
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
@@ -504,7 +504,7 @@ public class DerivedKeyToken {
* DerivedKeyToken
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX +
":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS,
WSS4JConstants.WSU_PREFIX + ":Id", id);
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/KerberosSecurity.java
similarity index 91%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/KerberosSecurity.java
index 4b59e792a..ade6622e6 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/KerberosSecurity.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/KerberosSecurity.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.dom.message.token;
import java.io.IOException;
import java.security.Key;
@@ -35,6 +35,7 @@ import javax.security.auth.kerberos.KerberosTicket;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -43,7 +44,7 @@ import
org.apache.wss4j.common.kerberos.KerberosClientExceptionAction;
import org.apache.wss4j.common.kerberos.KerberosContext;
import org.apache.wss4j.common.kerberos.KerberosContextAndServiceNameCallback;
import org.apache.wss4j.common.token.BinarySecurity;
-import org.apache.wss4j.dom.WSConstants;
+
import org.ietf.jgss.GSSCredential;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -68,7 +69,7 @@ public class KerberosSecurity extends BinarySecurity {
public KerberosSecurity(Element elem, BSPEnforcer bspEnforcer) throws
WSSecurityException {
super(elem, bspEnforcer);
String valueType = getValueType();
- if (!WSConstants.WSS_GSS_KRB_V5_AP_REQ.equals(valueType)) {
+ if (!WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ.equals(valueType)) {
bspEnforcer.handleBSPRule(BSPRule.R6902);
}
}
@@ -87,9 +88,9 @@ public class KerberosSecurity extends BinarySecurity {
*/
public boolean isV5ApReq() {
String type = getValueType();
- return WSConstants.WSS_KRB_V5_AP_REQ.equals(type)
- || WSConstants.WSS_KRB_V5_AP_REQ1510.equals(type)
- || WSConstants.WSS_KRB_V5_AP_REQ4120.equals(type);
+ return WSS4JConstants.WSS_KRB_V5_AP_REQ.equals(type)
+ || WSS4JConstants.WSS_KRB_V5_AP_REQ1510.equals(type)
+ || WSS4JConstants.WSS_KRB_V5_AP_REQ4120.equals(type);
}
/**
@@ -97,9 +98,9 @@ public class KerberosSecurity extends BinarySecurity {
*/
public boolean isGssV5ApReq() {
String type = getValueType();
- return WSConstants.WSS_GSS_KRB_V5_AP_REQ.equals(type)
- || WSConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(type)
- || WSConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(type);
+ return WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ.equals(type)
+ || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(type)
+ || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(type);
}
/**
@@ -255,7 +256,7 @@ public class KerberosSecurity extends BinarySecurity {
LOG.debug("Successfully retrieved a service ticket");
if (getValueType().length() == 0) {
- setValueType(WSConstants.WSS_GSS_KRB_V5_AP_REQ);
+ setValueType(WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ);
}
}
@@ -297,12 +298,12 @@ public class KerberosSecurity extends BinarySecurity {
* @return true if the valueType represents a Kerberos Token
*/
public static boolean isKerberosToken(String valueType) {
- return WSConstants.WSS_KRB_V5_AP_REQ.equals(valueType)
- || WSConstants.WSS_GSS_KRB_V5_AP_REQ.equals(valueType)
- || WSConstants.WSS_KRB_V5_AP_REQ1510.equals(valueType)
- || WSConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(valueType)
- || WSConstants.WSS_KRB_V5_AP_REQ4120.equals(valueType)
- || WSConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(valueType);
+ return WSS4JConstants.WSS_KRB_V5_AP_REQ.equals(valueType)
+ || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ.equals(valueType)
+ || WSS4JConstants.WSS_KRB_V5_AP_REQ1510.equals(valueType)
+ || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(valueType)
+ || WSS4JConstants.WSS_KRB_V5_AP_REQ4120.equals(valueType)
+ || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(valueType);
}
@Override
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/SecurityContextToken.java
similarity index 93%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/SecurityContextToken.java
index 27f652ece..d4761e94c 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SecurityContextToken.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/SecurityContextToken.java
@@ -17,14 +17,14 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.dom.message.token;
import javax.xml.namespace.QName;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.XMLUtils;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.w3c.dom.Document;
@@ -49,7 +49,7 @@ public class SecurityContextToken {
*/
private Element elementInstance;
- private String tokenType = WSConstants.WSC_SCT;
+ private String tokenType = WSS4JConstants.WSC_SCT;
/**
* Constructor to create the SCT
@@ -115,9 +115,9 @@ public class SecurityContextToken {
elementIdentifier.appendChild(doc.createTextNode(uuid));
if (version == ConversationConstants.VERSION_05_02) {
- tokenType = WSConstants.WSC_SCT;
+ tokenType = WSS4JConstants.WSC_SCT;
} else {
- tokenType = WSConstants.WSC_SCT_05_12;
+ tokenType = WSS4JConstants.WSC_SCT_05_12;
}
}
@@ -150,9 +150,9 @@ public class SecurityContextToken {
// If the element is not a security context token, throw an exception
if (el.equals(ConversationConstants.SECURITY_CTX_TOKEN_QNAME_05_02)) {
- tokenType = WSConstants.WSC_SCT;
+ tokenType = WSS4JConstants.WSC_SCT;
} else if
(el.equals(ConversationConstants.SECURITY_CTX_TOKEN_QNAME_05_12)) {
- tokenType = WSConstants.WSC_SCT_05_12;
+ tokenType = WSS4JConstants.WSC_SCT_05_12;
} else {
throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN);
}
@@ -177,7 +177,7 @@ public class SecurityContextToken {
* efficiency purposes.
*/
public void addWSUNamespace() {
- element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSConstants.WSU_PREFIX, WSConstants.WSU_NS);
+ element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSS4JConstants.WSU_PREFIX, WSS4JConstants.WSU_NS);
}
/**
@@ -266,7 +266,7 @@ public class SecurityContextToken {
* SecurityContextToken
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
@@ -276,7 +276,7 @@ public class SecurityContextToken {
* SecurityContextToken
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX +
":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS,
WSS4JConstants.WSU_PREFIX + ":Id", id);
}
@Override
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/SignatureConfirmation.java
similarity index 87%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/SignatureConfirmation.java
index faebfce67..c0e6a96bb 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/SignatureConfirmation.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/SignatureConfirmation.java
@@ -17,11 +17,11 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.dom.message.token;
import java.util.Arrays;
-import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -73,10 +73,10 @@ public class SignatureConfirmation {
public SignatureConfirmation(Document doc, byte[] signVal) {
element =
doc.createElementNS(
- WSConstants.WSSE11_NS,
- WSConstants.WSSE11_PREFIX + ":" +
WSConstants.SIGNATURE_CONFIRMATION_LN
+ WSS4JConstants.WSSE11_NS,
+ WSS4JConstants.WSSE11_PREFIX + ":" +
WSS4JConstants.SIGNATURE_CONFIRMATION_LN
);
- XMLUtils.setNamespace(element, WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE11_NS,
WSS4JConstants.WSSE11_PREFIX);
if (signVal != null) {
String sv =
org.apache.xml.security.utils.XMLUtils.encodeToString(signVal);
element.setAttributeNS(null, SC_VALUE_ATTR, sv);
@@ -88,7 +88,7 @@ public class SignatureConfirmation {
* efficiency purposes.
*/
public void addWSUNamespace() {
- element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSConstants.WSU_PREFIX, WSConstants.WSU_NS);
+ element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSS4JConstants.WSU_PREFIX, WSS4JConstants.WSU_NS);
}
/**
@@ -114,7 +114,7 @@ public class SignatureConfirmation {
* @param id
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX +
":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS,
WSS4JConstants.WSU_PREFIX + ":Id", id);
}
/**
@@ -122,7 +122,7 @@ public class SignatureConfirmation {
* @return the WSU ID
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/Timestamp.java
similarity index 91%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/Timestamp.java
index 8fd219129..e32edf1f1 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/Timestamp.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/Timestamp.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.dom.message.token;
import java.time.Instant;
import java.time.ZoneOffset;
@@ -26,6 +26,7 @@ import java.time.format.DateTimeFormatter;
import java.time.format.DateTimeParseException;
import java.time.temporal.ChronoField;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -34,7 +35,7 @@ import org.apache.wss4j.common.util.DateUtil;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
+
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -71,8 +72,8 @@ public class Timestamp {
) {
if (Node.ELEMENT_NODE == currentChild.getNodeType()) {
Element currentChildElement = (Element) currentChild;
- if (WSConstants.CREATED_LN.equals(currentChild.getLocalName())
- &&
WSConstants.WSU_NS.equals(currentChild.getNamespaceURI())) {
+ if
(WSS4JConstants.CREATED_LN.equals(currentChild.getLocalName())
+ &&
WSS4JConstants.WSU_NS.equals(currentChild.getNamespaceURI())) {
if (createdString == null) {
String valueType =
currentChildElement.getAttributeNS(null, "ValueType");
if (valueType != null && valueType.length() != 0) {
@@ -84,8 +85,8 @@ public class Timestamp {
// Test for multiple Created elements
bspEnforcer.handleBSPRule(BSPRule.R3203);
}
- } else if
(WSConstants.EXPIRES_LN.equals(currentChild.getLocalName())
- &&
WSConstants.WSU_NS.equals(currentChild.getNamespaceURI())) {
+ } else if
(WSS4JConstants.EXPIRES_LN.equals(currentChild.getLocalName())
+ &&
WSS4JConstants.WSU_NS.equals(currentChild.getNamespaceURI())) {
if (createdString == null) {
// Created must appear before Expires
bspEnforcer.handleBSPRule(BSPRule.R3221);
@@ -177,12 +178,12 @@ public class Timestamp {
element =
doc.createElementNS(
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":" +
WSConstants.TIMESTAMP_TOKEN_LN
+ WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX + ":" +
WSS4JConstants.TIMESTAMP_TOKEN_LN
);
Element elementCreated =
doc.createElementNS(
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":" +
WSConstants.CREATED_LN
+ WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX + ":" +
WSS4JConstants.CREATED_LN
);
created = timeSource.now();
@@ -195,7 +196,7 @@ public class Timestamp {
Element elementExpires =
doc.createElementNS(
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":" +
WSConstants.EXPIRES_LN
+ WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX + ":" +
WSS4JConstants.EXPIRES_LN
);
elementExpires.appendChild(doc.createTextNode(expires.atZone(ZoneOffset.UTC).format(formatter)));
element.appendChild(elementExpires);
@@ -207,7 +208,7 @@ public class Timestamp {
* efficiency purposes.
*/
public void addWSUNamespace() {
- element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSConstants.WSU_PREFIX, WSConstants.WSU_NS);
+ element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSS4JConstants.WSU_PREFIX, WSS4JConstants.WSU_NS);
}
/**
@@ -260,14 +261,14 @@ public class Timestamp {
* @param id
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX +
":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS,
WSS4JConstants.WSU_PREFIX + ":Id", id);
}
/**
* @return the value of the wsu:Id attribute
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/UsernameToken.java
similarity index 88%
rename from
ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
rename to
ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/UsernameToken.java
index a008bd902..bc888af6b 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/message/token/UsernameToken.java
@@ -17,7 +17,7 @@
* under the License.
*/
-package org.apache.wss4j.dom.message.token;
+package org.apache.wss4j.common.dom.message.token;
import java.security.Principal;
import java.time.Instant;
@@ -30,6 +30,7 @@ import java.util.List;
import javax.xml.namespace.QName;
+import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -40,8 +41,7 @@ import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
+
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -54,11 +54,11 @@ import org.w3c.dom.Text;
* Enhanced to support passwordless usernametokens as allowed by spec.
*/
public class UsernameToken {
- public static final String BASE64_ENCODING = WSConstants.SOAPMESSAGE_NS +
"#Base64Binary";
+ public static final String BASE64_ENCODING = WSS4JConstants.SOAPMESSAGE_NS
+ "#Base64Binary";
public static final String PASSWORD_TYPE = "passwordType";
public static final int DEFAULT_ITERATION = 1000;
public static final QName TOKEN =
- new QName(WSConstants.WSSE_NS, WSConstants.USERNAME_TOKEN_LN);
+ new QName(WSS4JConstants.WSSE_NS, WSS4JConstants.USERNAME_TOKEN_LN);
private static final org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(UsernameToken.class);
@@ -103,27 +103,27 @@ public class UsernameToken {
}
elementUsername =
XMLUtils.getDirectChildElement(
- element, WSConstants.USERNAME_LN, WSConstants.WSSE_NS
+ element, WSS4JConstants.USERNAME_LN, WSS4JConstants.WSSE_NS
);
elementPassword =
XMLUtils.getDirectChildElement(
- element, WSConstants.PASSWORD_LN, WSConstants.WSSE_NS
+ element, WSS4JConstants.PASSWORD_LN, WSS4JConstants.WSSE_NS
);
elementNonce =
XMLUtils.getDirectChildElement(
- element, WSConstants.NONCE_LN, WSConstants.WSSE_NS
+ element, WSS4JConstants.NONCE_LN, WSS4JConstants.WSSE_NS
);
elementCreated =
XMLUtils.getDirectChildElement(
- element, WSConstants.CREATED_LN, WSConstants.WSU_NS
+ element, WSS4JConstants.CREATED_LN, WSS4JConstants.WSU_NS
);
elementSalt =
XMLUtils.getDirectChildElement(
- element, WSConstants.SALT_LN, WSConstants.WSSE11_NS
+ element, WSS4JConstants.SALT_LN, WSS4JConstants.WSSE11_NS
);
elementIteration =
XMLUtils.getDirectChildElement(
- element, WSConstants.ITERATION_LN, WSConstants.WSSE11_NS
+ element, WSS4JConstants.ITERATION_LN, WSS4JConstants.WSSE11_NS
);
if (elementUsername == null) {
throw new WSSecurityException(
@@ -169,15 +169,15 @@ public class UsernameToken {
}
if (elementPassword != null) {
- if (elementPassword.hasAttributeNS(null,
WSConstants.PASSWORD_TYPE_ATTR)) {
- passwordType = elementPassword.getAttributeNS(null,
WSConstants.PASSWORD_TYPE_ATTR);
+ if (elementPassword.hasAttributeNS(null,
WSS4JConstants.PASSWORD_TYPE_ATTR)) {
+ passwordType = elementPassword.getAttributeNS(null,
WSS4JConstants.PASSWORD_TYPE_ATTR);
} else if (elementPassword.hasAttributeNS(
- WSConstants.WSSE_NS, WSConstants.PASSWORD_TYPE_ATTR)
+ WSS4JConstants.WSSE_NS, WSS4JConstants.PASSWORD_TYPE_ATTR)
) {
if (allowNamespaceQualifiedPasswordTypes) {
passwordType =
elementPassword.getAttributeNS(
- WSConstants.WSSE_NS, WSConstants.PASSWORD_TYPE_ATTR
+ WSS4JConstants.WSSE_NS,
WSS4JConstants.PASSWORD_TYPE_ATTR
);
} else {
throw new WSSecurityException(
@@ -189,7 +189,7 @@ public class UsernameToken {
}
}
- if (WSConstants.PASSWORD_DIGEST.equals(passwordType)) {
+ if (WSS4JConstants.PASSWORD_DIGEST.equals(passwordType)) {
hashed = true;
if (elementNonce == null || elementCreated == null) {
throw new WSSecurityException(
@@ -215,12 +215,12 @@ public class UsernameToken {
/**
* Constructs a <code>UsernameToken</code> object according to the defined
* parameters. <p/> This constructs set the password encoding to
- * {@link WSConstants#PASSWORD_DIGEST}
+ * {@link WSS4JConstants#PASSWORD_DIGEST}
*
* @param doc the SOAP envelope as <code>Document</code>
*/
public UsernameToken(boolean milliseconds, Document doc) {
- this(milliseconds, doc, WSConstants.PASSWORD_DIGEST);
+ this(milliseconds, doc, WSS4JConstants.PASSWORD_DIGEST);
}
/**
@@ -229,9 +229,9 @@ public class UsernameToken {
*
* @param doc the SOAP envelope as <code>Document</code>
* @param pwType the required password encoding, either
- * {@link WSConstants#PASSWORD_DIGEST} or
- * {@link WSConstants#PASSWORD_TEXT} or
- * {@link WSConstants#PW_NONE} <code>null</code> if no
+ * {@link WSS4JConstants#PASSWORD_DIGEST} or
+ * {@link WSS4JConstants#PASSWORD_TEXT} or
+ * {@link WSS4JConstants#PW_NONE} <code>null</code> if no
* password required
*/
public UsernameToken(boolean milliseconds, Document doc, String pwType) {
@@ -240,21 +240,21 @@ public class UsernameToken {
public UsernameToken(boolean milliseconds, Document doc, WSTimeSource
timeSource, String pwType) {
element =
- doc.createElementNS(WSConstants.WSSE_NS, "wsse:" +
WSConstants.USERNAME_TOKEN_LN);
+ doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:" +
WSS4JConstants.USERNAME_TOKEN_LN);
elementUsername =
- doc.createElementNS(WSConstants.WSSE_NS, "wsse:" +
WSConstants.USERNAME_LN);
+ doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:" +
WSS4JConstants.USERNAME_LN);
elementUsername.appendChild(doc.createTextNode(""));
element.appendChild(elementUsername);
if (pwType != null) {
elementPassword =
- doc.createElementNS(WSConstants.WSSE_NS, "wsse:" +
WSConstants.PASSWORD_LN);
+ doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:" +
WSS4JConstants.PASSWORD_LN);
elementPassword.appendChild(doc.createTextNode(""));
element.appendChild(elementPassword);
passwordType = pwType;
- if (passwordType.equals(WSConstants.PASSWORD_DIGEST)) {
+ if (passwordType.equals(WSS4JConstants.PASSWORD_DIGEST)) {
addNonce(doc);
addCreated(milliseconds, timeSource, doc);
} else {
@@ -268,7 +268,7 @@ public class UsernameToken {
* efficiency purposes.
*/
public void addWSSENamespace() {
- XMLUtils.setNamespace(element, WSConstants.WSSE_NS,
WSConstants.WSSE_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE_NS,
WSS4JConstants.WSSE_PREFIX);
}
/**
@@ -276,7 +276,7 @@ public class UsernameToken {
* efficiency purposes.
*/
public void addWSUNamespace() {
- element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSConstants.WSU_PREFIX, WSConstants.WSU_NS);
+ element.setAttributeNS(XMLUtils.XMLNS_NS, "xmlns:" +
WSS4JConstants.WSU_PREFIX, WSS4JConstants.WSU_NS);
}
/**
@@ -293,7 +293,7 @@ public class UsernameToken {
LOG.debug(ex.getMessage(), ex);
return;
}
- elementNonce = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" +
WSConstants.NONCE_LN);
+ elementNonce = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:" +
WSS4JConstants.NONCE_LN);
elementNonce.appendChild(doc.createTextNode(org.apache.xml.security.utils.XMLUtils.encodeToString(nonceValue)));
elementNonce.setAttributeNS(null, "EncodingType", BASE64_ENCODING);
element.appendChild(elementNonce);
@@ -315,7 +315,7 @@ public class UsernameToken {
}
elementCreated =
doc.createElementNS(
- WSConstants.WSU_NS, WSConstants.WSU_PREFIX + ":" +
WSConstants.CREATED_LN
+ WSS4JConstants.WSU_NS, WSS4JConstants.WSU_PREFIX + ":" +
WSS4JConstants.CREATED_LN
);
Instant currentTime = timeSource.now();
@@ -333,9 +333,9 @@ public class UsernameToken {
public void addSalt(Document doc, byte[] saltValue) {
elementSalt =
doc.createElementNS(
- WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX + ":" +
WSConstants.SALT_LN
+ WSS4JConstants.WSSE11_NS, WSS4JConstants.WSSE11_PREFIX + ":" +
WSS4JConstants.SALT_LN
);
- XMLUtils.setNamespace(element, WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE11_NS,
WSS4JConstants.WSSE11_PREFIX);
elementSalt.appendChild(doc.createTextNode(org.apache.xml.security.utils.XMLUtils.encodeToString(saltValue)));
element.appendChild(elementSalt);
}
@@ -347,9 +347,9 @@ public class UsernameToken {
String text = "" + iteration;
elementIteration =
doc.createElementNS(
- WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX + ":" +
WSConstants.ITERATION_LN
+ WSS4JConstants.WSSE11_NS, WSS4JConstants.WSSE11_PREFIX + ":" +
WSS4JConstants.ITERATION_LN
);
- XMLUtils.setNamespace(element, WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX);
+ XMLUtils.setNamespace(element, WSS4JConstants.WSSE11_NS,
WSS4JConstants.WSSE11_PREFIX);
elementIteration.appendChild(doc.createTextNode(text));
element.appendChild(elementIteration);
this.iteration = iteration;
@@ -452,7 +452,7 @@ public class UsernameToken {
/**
* Get the hashed indicator. If the indicator is <code>true> the password
of the
- * <code>UsernameToken</code> was encoded using {@link
WSConstants#PASSWORD_DIGEST}
+ * <code>UsernameToken</code> was encoded using {@link
WSS4JConstants#PASSWORD_DIGEST}
*
* @return the hashed indicator.
*/
@@ -557,7 +557,7 @@ public class UsernameToken {
* token
*/
public String getID() {
- return element.getAttributeNS(WSConstants.WSU_NS, "Id");
+ return element.getAttributeNS(WSS4JConstants.WSU_NS, "Id");
}
/**
@@ -568,7 +568,7 @@ public class UsernameToken {
* username token
*/
public void setID(String id) {
- element.setAttributeNS(WSConstants.WSU_NS, WSConstants.WSU_PREFIX +
":Id", id);
+ element.setAttributeNS(WSS4JConstants.WSU_NS,
WSS4JConstants.WSU_PREFIX + ":Id", id);
}
/**
@@ -739,8 +739,8 @@ public class UsernameToken {
*/
private void checkBSPCompliance(BSPEnforcer bspEnforcer) throws
WSSecurityException {
List<Element> passwordElements =
- WSSecurityUtil.getDirectChildElements(
- element, WSConstants.PASSWORD_LN, WSConstants.WSSE_NS
+ XMLUtils.getDirectChildElements(
+ element, WSS4JConstants.PASSWORD_LN, WSS4JConstants.WSSE_NS
);
// We can only have one password element
if (passwordElements.size() > 1) {
@@ -751,7 +751,7 @@ public class UsernameToken {
// We must have a password type
if (passwordElements.size() == 1) {
Element passwordChild = passwordElements.get(0);
- String type = passwordChild.getAttributeNS(null,
WSConstants.PASSWORD_TYPE_ATTR);
+ String type = passwordChild.getAttributeNS(null,
WSS4JConstants.PASSWORD_TYPE_ATTR);
if (type == null || type.length() == 0) {
LOG.debug("The Username Token password does not have a Type
attribute");
bspEnforcer.handleBSPRule(BSPRule.R4201);
@@ -759,8 +759,8 @@ public class UsernameToken {
}
List<Element> createdElements =
- WSSecurityUtil.getDirectChildElements(
- element, WSConstants.CREATED_LN, WSConstants.WSU_NS
+ XMLUtils.getDirectChildElements(
+ element, WSS4JConstants.CREATED_LN, WSS4JConstants.WSU_NS
);
// We can only have one created element
if (createdElements.size() > 1) {
@@ -769,8 +769,8 @@ public class UsernameToken {
}
List<Element> nonceElements =
- WSSecurityUtil.getDirectChildElements(
- element, WSConstants.NONCE_LN, WSConstants.WSSE_NS
+ XMLUtils.getDirectChildElements(
+ element, WSS4JConstants.NONCE_LN, WSS4JConstants.WSSE_NS
);
// We can only have one nonce element
if (nonceElements.size() > 1) {
@@ -784,7 +784,7 @@ public class UsernameToken {
// Encoding Type must be equal to Base64Binary
if (encodingType == null || encodingType.length() == 0) {
bspEnforcer.handleBSPRule(BSPRule.R4220);
- } else if (!WSConstants.BASE64_ENCODING.equals(encodingType)) {
+ } else if (!WSS4JConstants.BASE64_ENCODING.equals(encodingType)) {
LOG.debug("The Username Token's nonce element has a bad
encoding type");
bspEnforcer.handleBSPRule(BSPRule.R4221);
}
diff --git
a/ws-security-common/src/main/java/org/apache/wss4j/common/dom/transform/STRTransformUtil.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/transform/STRTransformUtil.java
index 10fcaeb7d..4f2c32d72 100644
---
a/ws-security-common/src/main/java/org/apache/wss4j/common/dom/transform/STRTransformUtil.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/dom/transform/STRTransformUtil.java
@@ -35,7 +35,7 @@ import org.apache.wss4j.common.WSS4JConstants;
import org.apache.wss4j.common.dom.WSDocInfo;
import org.apache.wss4j.common.dom.callback.CallbackLookup;
import org.apache.wss4j.common.dom.callback.DOMCallbackLookup;
-
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Text;
@@ -242,7 +242,7 @@ public final class STRTransformUtil {
|| WSS4JConstants.WSC_SCT_05_12.equals(type)
|| WSS4JConstants.WSS_SAML_KI_VALUE_TYPE.equals(type)
|| WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE.equals(type)
- || isKerberosToken(type))) {
+ || KerberosSecurity.isKerberosToken(type))) {
//try to find a custom token
WSPasswordCallback pwcb =
new WSPasswordCallback(id, WSPasswordCallback.CUSTOM_TOKEN);
@@ -260,17 +260,4 @@ public final class STRTransformUtil {
return null;
}
- /**
- * Return true if the valueType represents a Kerberos Token
- * @param valueType the valueType of the token
- * @return true if the valueType represents a Kerberos Token
- */
- private static boolean isKerberosToken(String valueType) {
- return WSS4JConstants.WSS_KRB_V5_AP_REQ.equals(valueType)
- || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ.equals(valueType)
- || WSS4JConstants.WSS_KRB_V5_AP_REQ1510.equals(valueType)
- || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ1510.equals(valueType)
- || WSS4JConstants.WSS_KRB_V5_AP_REQ4120.equals(valueType)
- || WSS4JConstants.WSS_GSS_KRB_V5_AP_REQ4120.equals(valueType);
- }
}
diff --git
a/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
b/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
index 40296dcce..ad9bb5e03 100644
---
a/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
+++
b/ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
@@ -181,6 +181,34 @@ public final class XMLUtils {
return null;
}
+ /**
+ * Gets all direct children with specified localname and namespace. <p/>
+ *
+ * @param fNode the node where to start the search
+ * @param localName local name of the children to get
+ * @param namespace the namespace of the children to get
+ * @return the list of nodes or <code>null</code> if not such nodes are
found
+ */
+ public static List<Element> getDirectChildElements(
+ Node fNode,
+ String localName,
+ String namespace
+ ) {
+ List<Element> children = new ArrayList<>();
+ for (
+ Node currentChild = fNode.getFirstChild();
+ currentChild != null;
+ currentChild = currentChild.getNextSibling()
+ ) {
+ if (Node.ELEMENT_NODE == currentChild.getNodeType()
+ && localName.equals(currentChild.getLocalName())
+ && namespace.equals(currentChild.getNamespaceURI())) {
+ children.add((Element)currentChild);
+ }
+ }
+ return children;
+ }
+
/**
* Return the text content of an Element, or null if no such text content
exists
*/
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/AbstractDerivedAction.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/AbstractDerivedAction.java
index f2d65be4c..d5dedc33f 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/AbstractDerivedAction.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/AbstractDerivedAction.java
@@ -34,7 +34,7 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.message.WSSecDerivedKeyBase;
import org.apache.wss4j.dom.message.WSSecEncryptedKey;
-import org.apache.wss4j.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
import org.apache.xml.security.stax.impl.util.IDGenerator;
public abstract class AbstractDerivedAction {
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
index a6214cae8..f8f8edc0d 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
@@ -46,7 +46,7 @@ import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.Loader;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.message.token.SignatureConfirmation;
+import org.apache.wss4j.common.dom.message.token.SignatureConfirmation;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.encryption.params.KeyDerivationParameters;
import org.w3c.dom.Document;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
index 04d8e4990..51f77ae1b 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDerivedKeyBase.java
@@ -37,8 +37,8 @@ import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.message.token.DerivedKeyToken;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.DerivedKeyToken;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
index 0f45de6a2..eba4842f9 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
@@ -36,7 +36,7 @@ import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.FIPSUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.encryption.Serializer;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
index 75f33af7e..54885fc1c 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSecurityContextToken.java
@@ -25,7 +25,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.dom.engine.WSSConfig;
-import org.apache.wss4j.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
index 60a960a46..5cf77f8cd 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
@@ -62,7 +62,7 @@ import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.WSDocInfo;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.wss4j.common.dom.transform.STRTransform;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.w3c.dom.Document;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
index 861ee1847..590611c60 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureConfirmation.java
@@ -21,7 +21,7 @@ package org.apache.wss4j.dom.message;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.message.token.SignatureConfirmation;
+import org.apache.wss4j.common.dom.message.token.SignatureConfirmation;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
index 96c1a412f..eba097040 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecTimestamp.java
@@ -26,7 +26,7 @@ import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
/**
* Builds a WS Timestamp and inserts it into the SOAP Envelope. Refer to the WS
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
index c1fbaae72..6465f8f40 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecUsernameToken.java
@@ -27,7 +27,7 @@ import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.common.util.WSCurrentTimeSource;
import org.apache.wss4j.common.util.WSTimeSource;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
index fac2759fd..a66134392 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/BinarySecurityTokenProcessor.java
@@ -34,7 +34,7 @@ import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
index 5abe994e6..b02091507 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/DerivedKeyTokenProcessor.java
@@ -29,7 +29,7 @@ import org.apache.wss4j.common.crypto.AlgorithmSuite;
import org.apache.wss4j.common.crypto.AlgorithmSuiteValidator;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.DerivedKeyToken;
+import org.apache.wss4j.common.dom.message.token.DerivedKeyToken;
import org.apache.wss4j.dom.str.DerivedKeyTokenSTRParser;
import org.apache.wss4j.dom.str.STRParser;
import org.apache.wss4j.dom.str.STRParserParameters;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
index 901534584..aafa66620 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java
@@ -25,7 +25,7 @@ import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
index 248b2346e..78d89635f 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureConfirmationProcessor.java
@@ -23,7 +23,7 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.SignatureConfirmation;
+import org.apache.wss4j.common.dom.message.token.SignatureConfirmation;
import org.w3c.dom.Element;
import java.util.List;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
index 1ca301577..b45c57b44 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
@@ -67,7 +67,7 @@ import org.apache.wss4j.common.WSDataRef;
import org.apache.wss4j.common.dom.WSDocInfo;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
import org.apache.wss4j.dom.str.STRParser;
import org.apache.wss4j.dom.str.STRParser.REFERENCE_TYPE;
import org.apache.wss4j.dom.str.STRParserParameters;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
index 84abaaba6..6cd74759d 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/TimestampProcessor.java
@@ -25,7 +25,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
index d94312cbe..7418d7c1d 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/UsernameTokenProcessor.java
@@ -31,7 +31,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.Validator;
import org.apache.xml.security.utils.XMLUtils;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
index 455df0af9..9170e4289 100644
--- a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
+++ b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/STRParserUtil.java
@@ -40,7 +40,7 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.WSDocInfo;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
import org.apache.wss4j.dom.processor.Processor;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
index a89e03ea7..c3edb1624 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SecurityTokenRefSTRParser.java
@@ -39,8 +39,8 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.WSDocInfo;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.DerivedKeyToken;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.DerivedKeyToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.processor.Processor;
import org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
index c9462ef9e..533b0ee53 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/str/SignatureSTRParser.java
@@ -46,9 +46,9 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.dom.WSDocInfo;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.DerivedKeyToken;
-import org.apache.wss4j.dom.message.token.SecurityContextToken;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.DerivedKeyToken;
+import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.apache.wss4j.dom.processor.Processor;
import org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor;
import org.w3c.dom.Element;
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
index dd911ac5a..c6e10fc84 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/Credential.java
@@ -27,9 +27,9 @@ import javax.security.auth.Subject;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.token.BinarySecurity;
-import org.apache.wss4j.dom.message.token.SecurityContextToken;
-import org.apache.wss4j.dom.message.token.Timestamp;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
/**
* This class stores various Credential types that can be validated and/or
returned by a
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
index abb916f00..53a9d9abe 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/JAASUsernameTokenValidator.java
@@ -28,7 +28,7 @@ import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.common.NamePasswordCallbackHandler;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
/**
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
index 1d7e5d915..e7f135a46 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/KerberosTokenValidator.java
@@ -37,7 +37,7 @@ import org.apache.wss4j.common.kerberos.KerberosTokenDecoder;
import org.apache.wss4j.common.kerberos.KerberosTokenDecoderException;
import org.apache.wss4j.common.token.BinarySecurity;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
+import org.apache.wss4j.common.dom.message.token.KerberosSecurity;
/**
*/
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
index 45ee6652c..955d0cbaf 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
@@ -22,7 +22,7 @@ package org.apache.wss4j.dom.validate;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
/**
* This class validates a processed Timestamp, extracted from the Credential
passed to
diff --git
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
index 90a14a281..3fd0fb0ac 100644
---
a/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
+++
b/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
@@ -31,7 +31,7 @@ import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.util.UsernameTokenUtil;
import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.apache.xml.security.utils.XMLUtils;
/**
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CustomTokenTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CustomTokenTest.java
index 4bc2dae61..1cb0ab66e 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CustomTokenTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CustomTokenTest.java
@@ -38,7 +38,7 @@ import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.engine.WSSecurityEngine;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.message.WSSecTimestamp;
-import org.apache.wss4j.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureConfirmationTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureConfirmationTest.java
index 092447dea..5f64f64b8 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureConfirmationTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureConfirmationTest.java
@@ -38,7 +38,7 @@ import org.apache.wss4j.dom.common.SAML2CallbackHandler;
import org.apache.wss4j.dom.engine.WSSecurityEngine;
import org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.common.dom.message.WSSecHeader;
-import org.apache.wss4j.dom.message.token.SignatureConfirmation;
+import org.apache.wss4j.common.dom.message.token.SignatureConfirmation;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SecurityContextTokenTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SecurityContextTokenTest.java
index dce655710..166bb30e5 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SecurityContextTokenTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SecurityContextTokenTest.java
@@ -33,7 +33,7 @@ import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.derivedKey.ConversationConstants;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.message.token.SecurityContextToken;
+import org.apache.wss4j.common.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Test;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java
index 62ee49c96..d60d1c797 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java
@@ -42,7 +42,7 @@ import
org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.message.token.Timestamp;
+import org.apache.wss4j.common.dom.message.token.Timestamp;
import org.apache.wss4j.dom.validate.NoOpValidator;
import org.junit.jupiter.api.Test;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
index deb6cc7b2..5b385b89e 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTDerivedKeyTest.java
@@ -43,7 +43,7 @@ import
org.apache.wss4j.common.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
index e51abc036..7d19d0904 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
@@ -48,7 +48,7 @@ import org.apache.wss4j.dom.handler.HandlerAction;
import org.apache.wss4j.dom.handler.RequestData;
import org.apache.wss4j.dom.handler.WSHandlerConstants;
import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/DerivedKeyTokenTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/DerivedKeyTokenTest.java
index 723997990..0c46421ba 100644
---
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/DerivedKeyTokenTest.java
+++
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/DerivedKeyTokenTest.java
@@ -20,8 +20,7 @@
package org.apache.wss4j.dom.message.token;
import org.apache.wss4j.common.bsp.BSPEnforcer;
-
-
+import org.apache.wss4j.common.dom.message.token.DerivedKeyToken;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
diff --git
a/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
b/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
index 1423b1824..6d8154e18 100644
--- a/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
+++ b/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
@@ -44,7 +44,7 @@ import org.apache.wss4j.dom.message.WSSecEncrypt;
import org.apache.wss4j.common.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecTimestamp;
import org.apache.wss4j.dom.message.WSSecUsernameToken;
-import org.apache.wss4j.dom.message.token.UsernameToken;
+import org.apache.wss4j.common.dom.message.token.UsernameToken;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
