WSSecurityEngineResult#getSignedElements()

[Fred Dushin]

The WSSecurityEngineResult has a signed elements attribute on it, in the form of a java.util.Set.  However, I see this set is only populated with strings (wsu:Ids, if I'm not mistaken). E.g., here is a snippet of code in which this Set is populated: {{{     Element se = WSSecurityUtil.getElementByWsuId(elem.getOwnerDocument(), uri);     if (se == null) {         se = WSSecurityUtil.getElementByGenId(elem             .getOwnerDocument(), uri);     }     if (se == null) {         throw new WSSecurityException(             WSSecurityException.FAILED_CHECK);     }     returnElements.add(WSSecurityUtil.getIDfromReference(uri)); }}} For the purposes of strict policy enforcement, it would be desirable to have access to the "physical" element that was protected, as opposed to a reference to it (thus avoding potentially costly, and possibly unfeasible lookup) have such access in the case of confidentiality protection, as well Additionally, it would seem desirable to be able to obtain information about for whom encrypted messages were targeted.  For example, if a part was encrypted for Bob (as opposed to Claire), it might be desirable to know this, as well. Would additions to the WSSecurityEngineResult type be welcome?  They should be binary compatible, at any rate, and could greatly improve enforcement of security policy on the receiving side of a SOAP endpoint.  I would be happy to contribute any such changes.  I can also file an enhancement request in Jira, for tracking purposes, if folks are amenable to that. Thanks! Fred